Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 41
809 résultats taggé 2022  ✕
Security advisory: malicious crate rustdecimal https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html
28/08/2023 06:42:31
QRCode
archive.org
thumbnail

The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin

rust-lang EN 2022 malicious crate rustdecimal
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace https://www.mandiant.com/resources/blog/zero-days-exploited-2022
22/03/2023 08:02:20
QRCode
archive.org
thumbnail
  • Mandiant tracked 55 zero-day vulnerabilities that we judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost triple the number from 2020.
  • Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years.
  • We identified four zero-day vulnerabilities exploited by financially motivated threat actors. 75% of these instances appear to be linked to ransomware operations.
  • Products from Microsoft, Google, and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with previous years. The most exploited product types were operating systems (OS) (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (6).
mandiant EN 2022 2023 zero-day zero-days vulnerabilities exploited review
Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations
31/01/2023 22:54:57
QRCode
archive.org
thumbnail

We have been seeing notable changes to TTPs used in GOOTLOADER operations since 2022.

mandiant EN 2023 GOOTLOADER 2022 TTPs Operations
Google Ads Exploited to Spread Malware https://heimdalsecurity.com/blog/google-ads-exploited-to-spread-malware/
18/01/2023 13:34:43
QRCode
archive.org
thumbnail

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

heimdalsecurity EN 2022 googleads abuse Malware Exploited
“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets https://labs.guard.io/masquerads-googles-ad-words-massively-abused-by-threat-actors-targeting-organizations-gpus-42ae73ee8a1e
18/01/2023 13:31:41
QRCode
archive.org

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

labs.guard.io EN 2022 googleads technique advertisement abuse malware distribution
How Finland Is Teaching a Generation to Spot Misinformation https://www.nytimes.com/2023/01/10/world/europe/finland-misinformation-classes.html
16/01/2023 06:34:18
QRCode
archive.org

How Finland Is Teaching a Generation to Spot Misinformation
The Nordic country is testing new ways to teach students about propaganda. Here’s what other countries can learn from its success.

nytimes EN 2022 Finland Teaching Misinformation propaganda education
Watch: Ukraine Army Video Tells Russians How to Surrender to a Drone https://www.businessinsider.com/ukraine-army-video-tells-russians-how-to-surrender-to-drone-2022-12?r=US&IR=T
15/01/2023 16:18:39
QRCode
archive.org
thumbnail
  • Ukraine has released an instruction video for Russian soldiers on surrendering to a drone.
  • It's part of the "I Want to Live" hotline, which entices Russians to stop fighting in Ukraine.
  • The video suggests that surrendering via drone may become increasingly common.
businessinsider EN 2022 drones war Army instruction drone russia-ukraine-war surrendering
Accidentally Crashing a Botnet https://www.akamai.com/blog/security-research/kmsdbot-part-two-crashing-a-botnet
15/01/2023 16:15:38
QRCode
archive.org
thumbnail

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.

akamai EN 2022 Security-Research Research Bot-Attacks DDOS Bot-Attacks Cyber-Security Research Security-Research Kmsdbot botnet SIRT cryptomining crash malware
The OWASSRF + TabShell exploit chain https://blog.viettelcybersecurity.com/tabshell-owassrf/
09/01/2023 23:56:01
QRCode
archive.org
thumbnail

We see that one of our vulnerabilities is exploited in the wild Link. So we decided to public the detail analysis of our two bug chains. Any customer has enough information to mitigate these bugs. The vendor also released all patches a week ago. This blog post shares the detail

viettelcybersecurity EN 2022 Exchange TabShell exploit chain OWASSRF vulnerabilities
I scanned every package on PyPi and found 57 live AWS keys https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/
07/01/2023 22:21:04
QRCode
archive.org

After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on Python package index. After scanning every release published to PyPi I found 57 valid access keys from organisations like:

Amazon themselves 😅
Intel
Stanford, Portland and Louisiana University
The Australian Government
General Atomics fusion department
Terradata
Delta Lake
And Top Glove, the worlds largest glove manufacturer 🧤

tomforb EN 2022 leak scan AWS keys PyPi
New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection https://minerva-labs.com/blog/new-catb-ransomware-employs-2-year-old-dll-hijacking-technique-to-evade-detection/
04/01/2023 18:06:41
QRCode
archive.org
thumbnail

We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora Ransomware. The assumed connection to the Pandora Ransomware was due to some similarities between the CatB and Pandora ransom notes. However, the similarities pretty much end there. The CatB ransomware implements several anti-VM techniques to verify execution on a “real machine”, followed by a malicious DLL drop and DLL hijacking to evade detection.

minerva-labs EN 2022 CatB analysis DLL Hijacking Ransomware
Piratage Adecco : des données personnelles et bancaires (IBAN) dans la nature https://www.nextinpact.com/article/70680/piratage-adecco-donnees-personnelles-et-bancaires-iban-dans-nature
04/01/2023 13:41:56
QRCode
archive.org
thumbnail

Suite à un piratage, Adecco a lancé début novembre une enquête. La société donne de plus amples informations : « certaines de vos données personnelles présentes dans un de nos systèmes d’informations (noms, prénoms, adresses email...

nextinpact 2022 FR Adecco IBAN leak piratage enquête
More than 200 U.S. institutions hit with ransomware in 2022: report https://therecord.media/more-than-200-u-s-institutions-hit-with-ransomware-in-2022-report/
04/01/2023 07:15:59
QRCode
archive.org

More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.

The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.

therecord EN 2023 annual report ransomware 2022 governments universities school
The Mac Malware of 2022 👾 https://objective-see.org/blog/blog_0x71.html
02/01/2023 19:48:36
QRCode
archive.org
thumbnail

A comprehensive analysis of the year's new malware

objective-see 2022 EN malware macos analysis
Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022. https://pytorch.org/blog/compromised-nightly-dependency/
02/01/2023 11:38:36
QRCode
archive.org
thumbnail

If you installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than Dec 30th 2022).

$ pip3 uninstall -y torch torchvision torchaudio torchtriton
$ pip3 cache purge
PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the Python Package Index (PyPI) code repository and ran a malicious binary. This is what is known as a supply chain attack and directly affects dependencies for packages that are hosted on public package indices.

PyTorch EN 2022 Linux pip Compromised dependency Supply-chain-security
U.S. targeted adversary cyber infrastructure to safeguard midterm vote https://www.reuters.com/world/us/us-targeted-adversary-cyber-infrastructure-safeguard-midterm-vote-2022-12-19/
02/01/2023 11:38:04
QRCode
archive.org
thumbnail

The U.S. military's Cyber Command hunted down foreign adversaries overseas ahead of this year's mid-term elections, taking down their infrastructure before they could strike, the head of U.S. Cyber Command said.

U.S. Army General Paul Nakasone said the cyber effort to secure the vote began before the Nov. 8 vote and carried through until the elections were certified.

"We did conduct operations persistently to make sure that our foreign adversaries couldn't utilize infrastructure to impact us," Nakasone, who is also the director of the U.S. National Security Agency, told reporters.

reuters EN 2022 safeguard midterm vote cyber infrastructure operations US
Russian cyberattacks - Special Services - Gov.pl website https://www.gov.pl/web/special-services/russian-cyberattacks
30/12/2022 23:35:51
QRCode
archive.org
thumbnail

With the ongoing war in Ukraine, in the Polish cyberspace, there are more and more occurrences classified as computer incidents, including attacks perpetrated by Russian hackers. This is a response of the Russian Federation to the Poland’s support provided to Ukraine and an attempt to destabilise the situation in our country.

Gov.pl EN 2022 official Ukraine russia-ukraine-war Polish attacks
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information https://blog.cyble.com/2022/12/23/new-youtube-bots-malware-spotted-stealing-users-sensitive-information/
30/12/2022 11:55:50
QRCode
archive.org
thumbnail

New YouTube Bot Malware Spotted Stealing User’s Sensitive Information

Cyble EN 2022 Malware Bot YouTube stealer analysis
Pure coder offers multiple malware for sale in Darkweb forums https://blog.cyble.com/2022/12/27/pure-coder-offers-multiple-malware-for-sale-in-darkweb-forums/
30/12/2022 11:54:35
QRCode
archive.org
thumbnail

Italians Users Targeted By PureLogs Stealer Through Spam Campaigns

Cyble EN 2022 Pure malware Darkweb PureLogs analysis
This ‘Dystopian’ Cyber Firm Could Have Saved Mossad Assassins From Exposure https://www.haaretz.com/israel-news/security-aviation/2022-12-26/ty-article-magazine/.premium/this-dystopian-cyber-firm-could-have-saved-mossad-assassins-from-exposure/00000185-0bc6-d26d-a1b7-dbd739100000
30/12/2022 11:50:06
QRCode
archive.org

Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies

haaretz EN 2022 privacy spy Toka Israeli Dystopian Mossad
page 1 / 41
1765 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio