In May, hackers published fake news on the website of the Polish Press Agency claiming the country’s authorities had announced a partial mobilization of 200,000 men to be sent to fight in a war in Ukraine.

Discover key insights into the recently disclosed Cisco NX-OS software CLI vulnerability (CVE-2024-20399) affecting numerous Cisco Nexus devices.

• E.V.A Information Security researchers uncovered several vulnerabilities in the CocoaPods dependency manager that allows any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and MacOS applications. These vulnerabilities have since been patched.
• Such an attack on the mobile app ecosystem could infect almost every Apple device, leaving thousands of organizations vulnerable to catastrophic financial and reputational damage. One of the vulnerabilities could also enable zero day attacks against the most advanced and secure organizations’ infrastructure.
• Developers and DevOps teams that have used CocoaPods in recent years should verify the integrity of open source dependencies used in their application code.
• Dependency managers are an often-overlooked aspect of software supply chain security. Security leaders should explore ways to increase governance and oversight over the use these tools.

TeamViewer says that a recently discovered breach appears to be limited to its internal corporate IT network. The software company has attributed it to a hacking operation associated with Russian intelligence.

Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker
#Demon #Halcyon #Identifies #LukaLocker #New #Operator #Ransomware #Volcano

See the results of our investigation into the phishing campaign encountered by our company and get information to defend against it. 

Here are some key findings:

• We found around 72 phishing domains pretending to be real or fake companies. These domains created believable websites that tricked people into sharing their login details.
• The attack was sophisticated, using advanced techniques like direct human interaction to deceive targets.
• We analyzed several fake websites and reverse-engineered their web-facing application.
• At the end of the post, you will find a list of IOCs that can be used for improving your organization’s security.

Fintech-friendly Evolve Bank disclosed a data breach, saying it may have impacted customers and partners.

Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.

Tech giant Cloudflare urged customers to remove a popular open source library used to support older browsers after reports emerged this week that the tool is being used to distribute malware.

The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux…

The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center.

28.06.2024 - Le soir du 27 juin 2024, des cybercriminels ont lancé une campagne de « malspam » à grande échelle contre des citoyennes et citoyens de Suisse alémanique. Par le biais d’un e-mail dont l’expéditeur présumé est AGOV, ils tentent d’infecter les appareils des utilisatrices et utilisateurs de macOS avec un maliciel (malware en anglais) du nom de « Poseidon Stealer ».

Researchers unveil SnailLoad, a new side-channel attack exploiting network latency to infer web activity remotely, achieving up to 98% accuracy in vid

The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.

The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 websites.. The Polyfill service claims that it has been 

As social networks and porn sites move towards a verified identity model, the actions of one cybersecurity researcher show that ID verification services themselves could get hacked too.

Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed.

LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents.

LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers.

A handful cryptographers were asked for feedback on the architecture of the European Identity Wallet (the Architecture Reference Framwork (ARF), currently at version 1.4.0). We seized the opportunity to write a short report to urge Europe to reconsider the design, and to base it on the use of anonymous (aka attribute-based) credentials.

Anonymous credentials were designed specifically to achieve authentication and identification that are both secure and privacy-preserving. As a result, they fully meet the requirements put forth in the eiDAS 2.0 regulation. (The current design does not.) Moreover, they are by now a mature technology. In particular we recommend to use the BBS family of anonymous credentials, which are efficient and mathematically proven secure.

The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.