Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 41
815 résultats taggé 2022  ✕
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them. https://doublepulsar.com/2022-zero-day-was-used-to-raid-fortigate-firewall-configs-somebody-just-released-them-a7a74e0b0c7f
16/01/2025 10:18:21
QRCode
archive.org

Back in 2022, Fortinet warned that somebody had a zero day vulnerability and was using it to exploit Fortigate firewalls https://www.fortinet.com/blog/psirt-blogs/update-regarding-cve-2022-40684

Today, Belsen Group publicly released Fortigate firewall configs from just over 15k unique devices:

doublepulsar EN 2025 2022 cve-2022-40684 Fortigate dump
Rogue RDP – Revisiting Initial Access Methods https://www.blackhillsinfosec.com/rogue-rdp-revisiting-initial-access-methods/
23/10/2024 11:37:28
QRCode
archive.org
thumbnail

MThe Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]

blackhillsinfosec EN 2022 Rogue RDP Initial-Access
Russia Steps Up a Covert Sabotage Campaign Aimed at Europe https://www.nytimes.com/2024/05/26/us/politics/russia-sabotage-campaign-ukraine.html
26/05/2024 13:33:39
QRCode
archive.org

Russian military intelligence, the G.R.U., is behind arson attacks aimed at undermining support for Ukraine’s war effort, security officials say.

nytimes EN 2024 Russia Ukraine EU Arson Vandalism Sabotage 2022 Russian NATO England Politics G.R.U US Europe Estonia GRU Russia-Ukraine-war
178,000 SonicWall firewalls are vulnerable to old DoS bugs https://www.theregister.com/2024/01/16/more_than_178000_sonicwall_firewalls/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
22/01/2024 11:21:46
QRCode
archive.org
thumbnail

Majority of public-facing devices still unpatched against critical vulns from as far back as 2022

theregister EN 2024 2022 CVE-2022-22274 CVE-2023-0656 SonicWall DoS
FBI: Play ransomware gang has attacked 300 orgs since 2022 https://therecord.media/play-ransomware-targets-hundreds
18/12/2023 22:51:46
QRCode
archive.org
thumbnail

Since it appeared in July 2022, Play ransomware has launched devastating attacks on municipalities and critical infrastructure, agencies said.

therecord EN 2023 Play ransomware FBI report municipalities infrastructure 2022
2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard https://securityandtechnology.org/blog/2022-global-ransomware-incident-map/
01/11/2023 13:15:39
QRCode
archive.org
thumbnail

According to ecrime.ch data, confirmed ransomware incidents occurred in 105 countries, originating from 58 ransomware groups.  This number is relatively consistent with last year’s data, in which we calculated that incidents impacted organizations in 109 countries and documented at least 60 distinct ransomware families.  Though the overall statistics remain relatively consistent from last year to this year, there is more to the story: new trends in the ecosystem include the shifting dynamics of ransomware groups, the rise of the education sector as a key target, and the trends in geographic distribution of attacks.

securityandtechnology EN 2023 2022 Global Ransomware Incident Map ecrime
Security advisory: malicious crate rustdecimal https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html
28/08/2023 06:42:31
QRCode
archive.org
thumbnail

The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin

rust-lang EN 2022 malicious crate rustdecimal
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace https://www.mandiant.com/resources/blog/zero-days-exploited-2022
22/03/2023 08:02:20
QRCode
archive.org
thumbnail
  • Mandiant tracked 55 zero-day vulnerabilities that we judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost triple the number from 2020.
  • Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years.
  • We identified four zero-day vulnerabilities exploited by financially motivated threat actors. 75% of these instances appear to be linked to ransomware operations.
  • Products from Microsoft, Google, and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with previous years. The most exploited product types were operating systems (OS) (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (6).
mandiant EN 2022 2023 zero-day zero-days vulnerabilities exploited review
Welcome to Goot Camp: Tracking the Evolution of GOOTLOADER Operations https://www.mandiant.com/resources/blog/tracking-evolution-gootloader-operations
31/01/2023 22:54:57
QRCode
archive.org
thumbnail

We have been seeing notable changes to TTPs used in GOOTLOADER operations since 2022.

mandiant EN 2023 GOOTLOADER 2022 TTPs Operations
Google Ads Exploited to Spread Malware https://heimdalsecurity.com/blog/google-ads-exploited-to-spread-malware/
18/01/2023 13:34:43
QRCode
archive.org
thumbnail

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

heimdalsecurity EN 2022 googleads abuse Malware Exploited
“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets https://labs.guard.io/masquerads-googles-ad-words-massively-abused-by-threat-actors-targeting-organizations-gpus-42ae73ee8a1e
18/01/2023 13:31:41
QRCode
archive.org

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

labs.guard.io EN 2022 googleads technique advertisement abuse malware distribution
How Finland Is Teaching a Generation to Spot Misinformation https://www.nytimes.com/2023/01/10/world/europe/finland-misinformation-classes.html
16/01/2023 06:34:18
QRCode
archive.org

How Finland Is Teaching a Generation to Spot Misinformation
The Nordic country is testing new ways to teach students about propaganda. Here’s what other countries can learn from its success.

nytimes EN 2022 Finland Teaching Misinformation propaganda education
Watch: Ukraine Army Video Tells Russians How to Surrender to a Drone https://www.businessinsider.com/ukraine-army-video-tells-russians-how-to-surrender-to-drone-2022-12?r=US&IR=T
15/01/2023 16:18:39
QRCode
archive.org
thumbnail
  • Ukraine has released an instruction video for Russian soldiers on surrendering to a drone.
  • It's part of the "I Want to Live" hotline, which entices Russians to stop fighting in Ukraine.
  • The video suggests that surrendering via drone may become increasingly common.
businessinsider EN 2022 drones war Army instruction drone russia-ukraine-war surrendering
Accidentally Crashing a Botnet https://www.akamai.com/blog/security-research/kmsdbot-part-two-crashing-a-botnet
15/01/2023 16:15:38
QRCode
archive.org
thumbnail

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.

akamai EN 2022 Security-Research Research Bot-Attacks DDOS Bot-Attacks Cyber-Security Research Security-Research Kmsdbot botnet SIRT cryptomining crash malware
The OWASSRF + TabShell exploit chain https://blog.viettelcybersecurity.com/tabshell-owassrf/
09/01/2023 23:56:01
QRCode
archive.org
thumbnail

We see that one of our vulnerabilities is exploited in the wild Link. So we decided to public the detail analysis of our two bug chains. Any customer has enough information to mitigate these bugs. The vendor also released all patches a week ago. This blog post shares the detail

viettelcybersecurity EN 2022 Exchange TabShell exploit chain OWASSRF vulnerabilities
I scanned every package on PyPi and found 57 live AWS keys https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/
07/01/2023 22:21:04
QRCode
archive.org

After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on Python package index. After scanning every release published to PyPi I found 57 valid access keys from organisations like:

Amazon themselves 😅
Intel
Stanford, Portland and Louisiana University
The Australian Government
General Atomics fusion department
Terradata
Delta Lake
And Top Glove, the worlds largest glove manufacturer 🧤

tomforb EN 2022 leak scan AWS keys PyPi
New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection https://minerva-labs.com/blog/new-catb-ransomware-employs-2-year-old-dll-hijacking-technique-to-evade-detection/
04/01/2023 18:06:41
QRCode
archive.org
thumbnail

We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora Ransomware. The assumed connection to the Pandora Ransomware was due to some similarities between the CatB and Pandora ransom notes. However, the similarities pretty much end there. The CatB ransomware implements several anti-VM techniques to verify execution on a “real machine”, followed by a malicious DLL drop and DLL hijacking to evade detection.

minerva-labs EN 2022 CatB analysis DLL Hijacking Ransomware
Piratage Adecco : des données personnelles et bancaires (IBAN) dans la nature https://www.nextinpact.com/article/70680/piratage-adecco-donnees-personnelles-et-bancaires-iban-dans-nature
04/01/2023 13:41:56
QRCode
archive.org
thumbnail

Suite à un piratage, Adecco a lancé début novembre une enquête. La société donne de plus amples informations : « certaines de vos données personnelles présentes dans un de nos systèmes d’informations (noms, prénoms, adresses email...

nextinpact 2022 FR Adecco IBAN leak piratage enquête
More than 200 U.S. institutions hit with ransomware in 2022: report https://therecord.media/more-than-200-u-s-institutions-hit-with-ransomware-in-2022-report/
04/01/2023 07:15:59
QRCode
archive.org

More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.

The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.

therecord EN 2023 annual report ransomware 2022 governments universities school
The Mac Malware of 2022 👾 https://objective-see.org/blog/blog_0x71.html
02/01/2023 19:48:36
QRCode
archive.org
thumbnail

A comprehensive analysis of the year's new malware

objective-see 2022 EN malware macos analysis
page 1 / 41
4258 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio