Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 7
139 résultats taggé Security  ✕
CISA extends funding to ensure 'no lapse in critical CVE services' https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/
16/04/2025 15:35:19
QRCode
archive.org
thumbnail

CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.
#CISA #CVE #Computer #Foundation #InfoSec #MITRE #Security

Security MITRE CVE InfoSec Foundation CISA Computer
Europcar GitLab breach exposes data of up to 200,000 customers https://www.bleepingcomputer.com/news/security/europcar-gitlab-breach-exposes-data-of-up-to-200-000-customers/
07/04/2025 06:40:01
QRCode
archive.org
thumbnail

A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users.
#Android #Breach #Code #Computer #Data #Europcar #GitLab #InfoSec #Security #Source #iOS

Android Code Europcar GitLab Data Security iOS Breach Computer Source InfoSec
Someone is trying to recruit security researchers in bizarre hacking campaign  | TechCrunch https://techcrunch.com/2025/04/01/someone-is-trying-to-recruit-security-researchers-in-bizarre-hacking-campaign/
06/04/2025 11:33:18
QRCode
archive.org
thumbnail

Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month?

Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what looks like a series of fake accounts with avatars displaying photos of attractive women and sliding into the direct messages of several cybersecurity professionals and researchers on X in the last couple of weeks.

techcrunch EN 2025 recruit security researchers bizarre job offer cybersecurity fake professionals
TCCing is Believing https://objective-see.org/blog/blog_0x7F.html
31/03/2025 19:31:21
QRCode
archive.org
thumbnail

Apple finally adds TCC events to Endpoint Security!
Since the majority of macOS malware circumvents TCC through explicit user approval, it would be incredibly helpful for any security tool to detect this — and possibly override the user’s risky decision. Until now the best (only?) option was to ingest log messages generated by the TCC subsystem. This approach was implemented in a tool dubbed Kronos, written by Calum Hall Luke Roberts (now, of Phorion fame). Unfortunately, as they note, this approach did have it drawbacks:

objective-see EN 2025 macos Apple TCC events Endpoint Security subsystem
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/
16/03/2025 20:04:30
QRCode
archive.org
thumbnail

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake
#Computer #GitHub #InfoSec #Issue #OAuth #Phishing #Repository #Security

InfoSec Phishing GitHub Repository Computer OAuth Issue Security
Orange Group confirms breach after hacker leaks company documents https://www.bleepingcomputer.com/news/security/orange-group-confirms-breach-after-hacker-leaks-company-documents/
26/02/2025 13:56:16
QRCode
archive.org
thumbnail

A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider.
#Breach #Computer #Data #Email #Extortion #InfoSec #Jira #Leak #Orange #Ransom #S.A. #Security

Extortion Leak Security InfoSec Orange Breach Ransom Data Computer Email S.A Jira
CISA and FBI: Ghost ransomware breached orgs in 70 countries https://www.bleepingcomputer.com/news/security/cisa-and-fbi-ghost-ransomware-breached-orgs-in-70-countries/
21/02/2025 07:23:21
QRCode
archive.org
thumbnail

CISA and the FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations.
#CISA #Computer #Cring #Critical #FBI #Ghost #InfoSec #Infrastructure #Ransomware #Security

bleepingcomputer EN 2025 Ghost Ransomware Critical-Infrastructure Cring CISA FBI
Microsoft spots XCSSET macOS malware variant used for crypto theft https://www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/
18/02/2025 15:37:22
QRCode
archive.org
thumbnail

A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app.

bleepingcomputer EN 2025 Apple Malware Supply-Chain-Attack Xcode XCSSET Security
BSI analysis shows: Nextcloud server stored passwords in plain text | heise online https://www.heise.de/en/news/BSI-analysis-shows-Nextcloud-server-stored-passwords-in-plain-text-10273259.html
07/02/2025 13:32:56
QRCode
archive.org
thumbnail

A code analysis by the BSI shows that two-factor authentication could be bypassed in Nextcloud Server. Passwords were also stored in plain text.

heise EN 2025 BSI Cloud-Computing Cloud-Dienste Nextcloud Open-Source Security Sicherheitslücken Software
Hackers spoof Microsoft ADFS login pages to steal credentials https://www.bleepingcomputer.com/news/security/hackers-spoof-microsoft-adfs-login-pages-to-steal-credentials/
05/02/2025 19:57:15
QRCode
archive.org
thumbnail

A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections.
#ADFS #Account #Computer #InfoSec #Lateral #MFA #Microsoft #Notification #Phishing #Push #Security #Takeover

Computer MFA Phishing Microsoft InfoSec Account Lateral ADFS Takeover Notification Security Push
Subaru Starlink flaw let hackers hijack cars in US and Canada https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/
25/01/2025 17:48:53
QRCode
archive.org
thumbnail

Security researchers have discovered an arbitrary account takeover flaw in Subaru's Starlink service that could let attackers track, control, and hijack vehicles in the United States, Canada, and Japan using just a license plate.
#Account #Canada #Car #Computer #Hacking #InfoSec #Japan #Security #Starlink #Subaru #Takeover #USA

Takeover Starlink Subaru Japan Canada Account Security Computer InfoSec USA Hacking Car
Government and university websites targeted in ScriptAPI[.]dev client-side attack - c/side https://cside.dev/blog/government-and-university-websites-targeted-in-scriptapi-dev-client-side-attack
24/01/2025 09:20:53
QRCode
archive.org
thumbnail

Yesterday we discovered another client-side JavaScript attack targeting +500 websites, including governments and universities. The injected scripts create hidden links in the Document Object Model (DOM), pointing to external websites, a programming interface for web documents.

cside.dev EN 2025 skimmer cyber DSS client-side PCI policies c/side website javascript card development web attack browser chain breaches content manager vulnerability data magecart supply client/side credit security tag v4 script formjacking
Ransomware abuses Amazon AWS feature to encrypt S3 buckets https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/
13/01/2025 20:12:07
QRCode
archive.org
thumbnail

A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key.

bleepingcomputer EN 2025 Encryption Ransomware Computer S3 Amazon AES Security AWS
Microsoft: macOS bug lets hackers install malicious kernel drivers https://www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/
13/01/2025 19:43:30
QRCode
archive.org
thumbnail

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
#Apple #Computer #InfoSec #Integrity #Microsoft #Protection #SIP #Security #System #Vulnerability #macOS

bleepingcomputer EN 2024 CVE-2024-44243 System macOS Apple Security Integrity SIP
Malicious ads push Lumma infostealer via fake CAPTCHA pages https://www.bleepingcomputer.com/news/security/malicious-ads-push-lumma-infostealer-via-fake-captcha-pages/
22/12/2024 20:47:10
QRCode
archive.org
thumbnail

A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot.

bleepingcomputer EN 2024 Captcha ClickFix Information-Stealer Lumma Malvertising Malware PowerShell Security InfoSec Computer-Security
Ascension: Health data of 5.6 million stolen in ransomware attack https://www.bleepingcomputer.com/news/security/ascension-health-data-of-56-million-stolen-in-ransomware-attack/
20/12/2024 13:09:00
QRCode
archive.org
thumbnail

​Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.

bleepingcomputer EN 2024 Ascension Data-Breach Healthcare Ransomware Security InfoSec Computer-Security
Stop Calling Online Scams ‘Pig Butchering,’ Interpol Warns https://www.wired.com/story/interpol-pig-butchering-scams-rename/
18/12/2024 06:48:42
QRCode
archive.org
thumbnail

Experts say the catchall term for online fraud furthers harm against victims and could dissuade people from reporting attempts to bilk them out of their money.

wired en 2024 china crime hacks security cryptocurrency PigButchering name Interpol victim shaming
What a new threat report says about Mac malware in 2024 https://appleinsider.com/articles/24/12/04/what-a-new-threat-report-says-about-mac-malware-in-2024
09/12/2024 14:02:09
QRCode
archive.org
thumbnail

Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.

appleinsider EN 2024 Apple macOS AI-driven Mac security malware-as-a-service
AWS launches an incident response service to combat cybersecurity threats | TechCrunch https://techcrunch.com/2024/12/01/aws-launches-an-incident-response-service-to-combat-cybersecurity-threats/
02/12/2024 23:15:22
QRCode
archive.org
thumbnail

Amazon has launched AWS Security Incident Response, a service to help triage and respond to cybersecurity threats.

techcrunch EN 2024 Amazon AWS Security Incident Response service launch
Microsoft 365 Admin portal abused to send sextortion emails https://www.bleepingcomputer.com/news/security/microsoft-365-admin-portal-abused-to-send-sextortion-emails/
20/11/2024 21:47:56
QRCode
archive.org
thumbnail

The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms.

bleepingcomputer EN 2024 Email Extortion Mail-Filters Microsoft-365 Microsoft-365-Admin-Portal Sextortion Security InfoSec Computer-Security
page 1 / 7
4259 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio