Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 77
1528 résultats taggé EN  ✕
Routers have been rooted by Chinese spies US and Japan warn https://www.theregister.com/2023/09/27/us_japan_routers/
30/09/2023 00:51:22
QRCode
archive.org
thumbnail

BlackTech crew looking to steal sensitive data traffic

theregister EN 2023 Routers US Japan China BlackTech firmware
NSA chief announces new AI Security Center, 'focal point' for AI use by government, defense industry https://breakingdefense.com/2023/09/nsa-stands-up-ai-security-center-as-focal-point-for-guiding-ai-use-by-government-defense-industry/
30/09/2023 00:15:23
QRCode
archive.org
thumbnail

"We must build a robust understanding of AI vulnerabilities, foreign intelligence threats to these AI systems and ways to counter the threat in order to have AI security," Gen. Paul Nakasone said. "We must also ensure that malicious foreign actors can't steal America’s innovative AI capabilities to do so.”

breakingdefense EN 2023 AI NSA hub vulnerabilities intelligence Nakasone US
Vulnerability in popular ‘libwebp’ code more widespread than expected https://therecord.media/libwebp-vulnerability-more-widespread-than-expected
28/09/2023 21:11:47
QRCode
archive.org
thumbnail

Initial alerts about a bug in the obscure but widely used libwebp library have expanded into concerns that it affects not only web browsers like Chrome, but also many other common pieces of software.

therecord EN 2023 libwebp vulnerability CVE-2023-4863
CVE-2023-42793 https://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793/rapid7-analysis
27/09/2023 19:28:40
QRCode
archive.org
thumbnail

CVE-2023-42793 is a critical authentication bypass published on September 19, 2023 that affects on-premises instances of JetBrains TeamCity, a CI/CD server. Th…

attackerkb EN 2023 JetBrains TeamCity CI/CD CVE-2023-42793 Authentication-Bypass exploitation
New GPU Side-Channel Attack Allows Malicious Websites to Steal Data https://www.securityweek.com/new-gpu-side-channel-attack-allows-malicious-websites-to-steal-data/
27/09/2023 19:25:15
QRCode
archive.org
thumbnail

GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.

securityweek EN 2023 GPU.zip Side-Channel Attack
GPU.zip https://www.hertzbleed.com/gpu.zip/
27/09/2023 19:23:47
QRCode
archive.org

On the Side-Channel Implications of Hardware-Based Graphical Data Compression

hertzbleed EN 2023 vulnerability Side-Channel Graphical-Data-Compression GPU.zip
Sony Investigating After Hackers Offer to Sell Stolen Data https://www.securityweek.com/sony-investigating-after-hackers-offer-to-sell-stolen-data/
27/09/2023 19:21:17
QRCode
archive.org
thumbnail

Sony has launched an investigation after a ransomware group claimed to have compromised all systems and offered to sell stolen data.

securityweek EN 2023 Sony Stolen Data investigation RansomedVC
Decade of newborn child registry data stolen in MOVEit mass-hack https://techcrunch.com/2023/09/25/decade-of-newborn-child-registry-data-stolen-in-moveit-mass-hack/
26/09/2023 15:09:08
QRCode
archive.org
thumbnail

The breach affecting more than 3.4 million people — including newborns and children — is one of the biggest MOVEit-related hacks of the year.

techcrunch EN 2023 canada cyberattack Clop data-leak moveit moveit-mass-hacks
From ScreenConnect to Hive Ransomware in 61 hours https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/
25/09/2023 08:51:07
QRCode
archive.org
thumbnail

In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More

thedfirreport EN 2023 ScreenConnect report Hive Ransomware
PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/
23/09/2023 23:27:02
QRCode
archive.org
thumbnail

Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox's Predator spyware via links sent on SMS and WhatsApp after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections. As Egypt is a known customer of Cytrox's Predator spyware, and the spyware was delivered via network injection from a device located physically inside Egypt, we attribute the attack to the Egyptian government with high confidence.

CitizenLab EN 2023 spyware Egypt Predator CVE-2023-41991 CVE-2023-41992 CVE-2023-41993
0-days exploited by commercial surveillance vendor in Egypt https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/
23/09/2023 23:19:50
QRCode
archive.org
thumbnail

Last week Google’s Threat Analysis Group (TAG), in partnership with The Citizen Lab, discovered an in-the-wild 0-day exploit chain for iPhones. Developed by the commercial surveillance vendor, Intellexa, this exploit chain is used to install its Predator spyware surreptitiously onto a device.

In response, yesterday, Apple patched the bugs in iOS 16.7 and iOS 17.0.1 as CVE-2023-41991, CVE-2023-41992, CVE-2023-41993. This quick patching from Apple helps to better protect users and we encourage all iOS users to install them as soon as possible.

Google EN 2023 TAG Apple Android CitizenLab Predator spyware Intellexa CVE-2023-41993 CVE-2023-41991 CVE-2023-41992 Exploit Chain 0-days
All thanks to ‘Big Yellow Taxi’: How State discovered Chinese hackers reading its emails https://www.politico.com/news/2023/09/15/digital-tripwire-helped-state-uncover-chinese-hack-00115973
23/09/2023 20:03:27
QRCode
archive.org
thumbnail

A recent Chinese-linked hack of U.S. government emails detected in June may have gone unnoticed for much longer were it not for an enterprising government IT analyst.

A State Department cybersecurity expert spearheaded an effort to implant a custom warning mechanism into the agency’s network more than two years ago in anticipation of future hacks, the officials said, shedding new light on how they spotted the breach, top State Department officials told POLITICO.

politico EN 2023 Big-Yellow-Taxi US China blueteam canary
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html
23/09/2023 10:30:59
QRCode
archive.org
thumbnail

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.

"The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.

thehackernews EN 2023 0-day 0-days Predator Egypt Apple CitizenLab CVE-2023-41991 CVE-2023-41992 CVE-2023-41993
Apple emergency updates fix 3 new zero-days exploited in attacks https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/
22/09/2023 00:05:09
QRCode
archive.org
thumbnail

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year.

bleepingcomputer Apple iPhone Mac EN 2023 0-day CVE-2023-41993 CVE-2023-41991
International Criminal Court hit with a cyber attack https://securityaffairs.com/151115/hacking/international-criminal-court-cyber-attack.html
21/09/2023 09:18:14
QRCode
archive.org
thumbnail

A cyberattack hit the International Criminal Court (ICC) disclosed a cyberattack this week, its systems were compromised last week.

securityaffairs EN 2023 International Criminal Court ICC cyberattack
US-Canada water commission confirms 'cybersecurity incident" https://www.theregister.com/2023/09/15/ijc_noescape_ransomware/
20/09/2023 16:42:07
QRCode
archive.org
thumbnail

NoEscape promises 'colossal wave of problems' if IJC doesn't pay up

The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization.

theregister EN 2023 IJC ransommware NoEscape US-Canada border water Critical-infrastructure
[CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access https://seclists.org/oss-sec/2023/q3/192
19/09/2023 21:02:46
QRCode
archive.org
thumbnail

I recently found an integer overflow in the Linux kernel, which leads
to the kernel allocating skb_shared_info in the userspace, which is
exploitable in systems without SMAP protection since skb_shared_info
contains references to function pointers.

seclists EN 2023 CVE-2023-42752 integer overflow Linux kernel
Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat/
19/09/2023 20:59:11
QRCode
archive.org
thumbnail

A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code.

unit42 EN 2023 PoC fake CVE-2023-40477 VenomRAT malicious
38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
19/09/2023 16:30:43
QRCode
archive.org
thumbnail

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token

wiz EN 2023 GitHub Microsoft leak
Leaked Microsoft documents hint at new Doom and Dishonored games https://www.engadget.com/leaked-microsoft-documents-hint-at-new-doom-and-dishonored-games-122130396.html
19/09/2023 16:07:13
QRCode
archive.org
thumbnail

Bethesda's roadmap for the fiscal years starting in 2020 and ending in 2024 has made its way online as part of the documents leaked from the FTC v. Microsoft case.

engadget EN 2023 Bethesda Microsoft Microsoft-Gaming Leak Unredacted
page 1 / 77
1765 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio