Recherche : [exfiltration]

Argent russe: la place financière suisse rattrapée par une fuite de données https://www.rts.ch/info/economie/14313737-argent-russe-la-place-financiere-suisse-rattrapee-par-une-fuite-de-donnees.html

14/09/2023 14:58:16

Un ancien ministre de Vladimir Poutine et la famille du patron d'une entreprise publique russe, impliquée dans l'effort de guerre, se retrouvent dans les données inédites repérées par la RTS. Des liens avec la place financière suisse sont mis en lumière.
Ces révélations proviennent des documents confidentiels de la société de gestion de fortune zurichoise Finaport. Tout commence en janvier 2023 lorsque l'entreprise, sponsor officiel de l'Open de tennis de Zoug, est victime d'un piratage, comme le révélait le site Watson.

Ransomware crew hits Save The Children, steals 7TB of data https://www.theregister.com/2023/09/11/bianlian_save_the_children/

13/09/2023 14:14:35

Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.

As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.

Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads https://www.bitdefender.com/blog/businessinsights/unpacking-rdstealer-an-exfiltration-malware-targeting-rdp-workloads/

20/06/2023 15:14:28

In June 2023, Bitdefender Labs published a research paper about espionage operation in East Asia. This operation was ongoing since at least the beginning of 2022, showing a high level of sophistication typically associated with state-sponsored groups. Despite trying various methods, we have been unable to attribute these attacks to a specific threat actor, but the target aligns with the interest of China-based threat actors.

ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery https://embracethered.com/blog/posts/2023/chatgpt-webpilot-data-exfil-via-markdown-injection/

23/05/2023 22:30:12

Plugins can return malicious content and hijack your AI.

Notice of Recent Security Incident https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

22/12/2022 23:25:58

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.

SentinelSneak: Malicious PyPI module poses as security software development kit https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk

21/12/2022 00:05:00

A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables https://blog.sonatype.com/pypi-package-ctx-compromised-are-you-at-risk

25/05/2022 06:59:04

This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.

Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission https://www.usenix.org/conference/usenixsecurity22/presentation/senol

17/05/2022 07:49:07

Web users enter their email addresses into online forms for a variety of reasons, including signing in or signing up for a service or subscribing to a newsletter. While enabling such functionality, email addresses typed into forms can also be collected by third-party scripts even when users change their minds and leave the site without submitting the form.

Liens par page

Filtres