Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
39 résultats taggé report  ✕
From ScreenConnect to Hive Ransomware in 61 hours https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/
25/09/2023 08:51:07
QRCode
archive.org
thumbnail

In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More

thedfirreport EN 2023 ScreenConnect report Hive Ransomware
Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders – Sophos News https://news.sophos.com/en-us/2023/08/23/active-adversary-for-tech-leaders/
25/08/2023 08:34:38
QRCode
archive.org
thumbnail
  • Compromised credentials are a gift that keeps on giving (your stuff away)
  • MFA is your mature, sensible friend
  • Dwell time is sinking faster than RMS Titanic
  • Criminals don’t take time off; neither can you*
  • Active Directory servers: The ultimate attacker tool
  • RDP: High time to decline the risk
  • Missing telemetry just makes things harder
sophos EN 2023 report adversary
Cryptojacking: Understanding and defending against cloud compute resource abuse https://www.microsoft.com/en-us/security/blog/2023/07/25/cryptojacking-understanding-and-defending-against-cloud-compute-resource-abuse/
26/07/2023 13:19:50
QRCode
archive.org
thumbnail

Cloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse.

microsoft en 2023 report cryptojacking cloud defending
DDoS threat report for 2023 Q2 https://blog.cloudflare.com/ddos-threat-report-2023-q2/
21/07/2023 15:15:49
QRCode
archive.org
thumbnail

Q2 2023 saw an unprecedented escalation in DDoS attack sophistication. Pro-Russian hacktivists REvil, Killnet and Anonymous Sudan joined forces to attack Western sites. Mitel vulnerability exploits surged by a whopping 532%, and attacks on crypto rocketed up by 600%. Read the full story...

Cloudflare EN 2023 DDoS threat report Q2 REvil Killnet
The five-day job: A BlackByte ransomware intrusion case study https://www.microsoft.com/en-us/security/blog/2023/07/06/the-five-day-job-a-blackbyte-ransomware-intrusion-case-study/
08/07/2023 11:31:41
QRCode
archive.org
thumbnail

In a recent investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.

microsoft EN 2023 BlackByte ransomware attack report
Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator https://www.trendmicro.com/en_us/research/23/f/malvertising-used-as-entry-vector-for-blackcat-actors-also-lever.html
03/07/2023 08:56:21
QRCode
archive.org
thumbnail

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

trendmicro EN 2023 malware endpoints BlackCat WinSCP report SpyBoy GoogleAds
Cyber Extortion activity reached the highest volume ever recorded in Q1 2023 after a decline of 8% in 2022, reveals new Orange Cyberdefense report https://newsroom.orange.com/cyberextortion/?lang=en
11/06/2023 14:28:05
QRCode
archive.org
  • The shift previously observed in the geographical location of cyber extortion (Cy-X) victims continues to accelerate, moving from the United States (-21%), and Canada (-28%) to Southeast Asia region (+42%), the Nordics (+40%) & Latin America (+32%).
  • Whilst Manufacturing continues to be the biggest industry impacted, the number of victims decreased (-39%), with a shift towards the Utilities sector (+51%), Educational Services (+41%) and Finance and Insurance Sectors (+11%).
  • Businesses in 96 different countries were impacted by Cy-X in 2022, equating to nearly half (49%) the countries in the world. Since 2020 Orange Cyberdefense has recorded victims in over 70% of all countries worldwide
  • Over 2,100 organizations in the world were publicly shamed as a victim of Cy-X in 2022, across an almost even distribution of business sizes.
orange.com EN 2023 Cy-X CyberExtortion Orange Cyberdefense report
Attackers Use Containers for Profit via TrafficStealer https://www.trendmicro.com/en_us/research/23/d/attackers-use-containers-for-profit-via-trafficstealer.html
26/04/2023 21:29:42
QRCode
archive.org
thumbnail

We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.

trendmicro EN 2023 cloud report Containers TrafficStealer docker
Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land https://unit42.paloaltonetworks.com/vice-society-ransomware-powershell/
14/04/2023 21:50:12
QRCode
archive.org
thumbnail

The Vice Society ransomware gang exfiltrated victim network data using a custom Microsoft PowerShell script. We dissect how each function of it works.

unit42 EN 2023 report analysis ViceSociety PowerShell
Mac Malware MacStealer Spreads as Fake P2E Apps https://www.trendmicro.com/en_us/research/23/c/mac-malware-macstealer-spreads-as-fake-p2-e-apps.html
05/04/2023 21:03:16
QRCode
archive.org
thumbnail

We detected Mac malware MacStealer spreading via websites, social media, and messaging platforms Twitter, Discord, and Telegram. Cybercriminals lure victims to download it by plagiarizing legitimate play-to-earn (P2E) apps’ images and offering jobs as beta testers.

trendmicro EN 2023 MacStealer malware macos report Telegram Twitter P2E Mac
Creal: New Stealer Targeting Cryptocurrency Users Via Phishing Sites https://blog.cyble.com/2023/03/29/creal-new-stealer-targeting-cryptocurrency-users-via-phishing-sites/
01/04/2023 10:37:28
QRCode
archive.org
thumbnail

Open-Source Stealer Widely Abused by Threat Actors
The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.

cyble 2023 EN report InfoStealer Creal
West ill-prepared to deal with evolving cyber threats, report concludes https://www.cardiff.ac.uk/news/view/2699454-west-ill-prepared-to-deal-with-evolving-cyber-threats,-report-concludes
01/03/2023 21:38:48
QRCode
archive.org
thumbnail

Hacking and disinformation operation has continued to expand its activity, despite separate interventions in several European countries
PDF

cardiff.ac EN 2023 report Ghostwriter campaign
OneNote Embedded file abuse https://blog.nviso.eu/2023/02/27/onenote-embedded-file-abuse/
27/02/2023 13:41:35
QRCode
archive.org
thumbnail

In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns.
I first observed this OneNote abuse in the media via Didier’s post. This was later also mentioned in Xavier’s ISC diary and on the podcast. Later, in the beginning of February, the hacker news covered this as well.

nviso EN 2023 OneNote abuse technical report
Activision's Data Breach Contains Employee Information, Call of Duty and More, Report https://metacurity.substack.com/p/activisions-data-breach-contains
22/02/2023 19:29:27
QRCode
archive.org
thumbnail

Insider Gaming has been able to obtain the entirety of the gaming giant Activision’s data breach initially reported by vx-underground and confirmed the data contains plans for Modern Warfare 2’s upcoming DLCs, Call of Duty 2023 (Codenamed Jupiter) and Call of Duty 2024 (Codenamed Cerberus), as well as sensitive employee information.

metacurity EN 2023 Activision breach DataBreach Report
Fog of war: how the Ukraine conflict transformed the cyber threat landscape https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/
20/02/2023 20:46:11
QRCode
archive.org
thumbnail

One year after the Russian invasion of Ukraine, we’re sharing insights into changes in the cyber threat landscape triggered by the war.

google threat-analysis-group russia-ukraine-war EN 2023 threats landscape report
Killnet Threat to Health and Public Sectors https://www.radware.com/security/ddos-threats-attacks/threat-advisories-attack-reports/infinity-forum/
12/02/2023 13:23:30
QRCode
archive.org
thumbnail

Infinity Team, a collaboration between Killnet and Deanon Club, has established its own forum and marketplace called Infinity

radware EN 2023 Killnet InfinityTeam DeanonClub forum marketplace Infinity report
2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking https://blog.chainalysis.com/reports/2023-crypto-crime-report-introduction/
09/02/2023 10:43:04
QRCode
archive.org
thumbnail

Every year, we publish our estimates of illicit cryptocurrency activity to demonstrate the power of blockchains’ transparency – these kinds of estimates aren’t possible in traditional finance – and to teach investigators and compliance professionals about the latest trends in cryptocurrency-related crime that they need to know about. What could those estimates look like in a year like 2022? Last year was one of the most tumultuous in cryptocurrency history, with several large firms imploding, including Celsius, Three Arrows Capital, FTX, and others — some amid allegations of fraud.

chainalysis 2023 EN Cryptocurrency Volumes Report
No Pineapple! –DPRK Targeting of Medical Research and Technology Sector https://labs.withsecure.com/publications/no-pineapple-dprk-targeting-of-medical-research-and-technology-sector
02/02/2023 15:16:56
QRCode
archive.org
thumbnail

During Q4 2022, WithSecure™ detected and responded to a cyber attack conducted by a threat actor that WithSecure™ have attributed with high confidence to an intrusion set referred to as Lazarus Group. Attribution with high confidence was based off of overlapping techniques tactics and procedures as well as an operational security mistake by the threat actor. Amongst technical indications, the incident observed by WithSecure™ also contains characteristics of recent campaigns attributed to Lazarus Group by other researchers.

WithSecure 2023 EN Case-study Report Lazarus attack
More than 200 U.S. institutions hit with ransomware in 2022: report https://therecord.media/more-than-200-u-s-institutions-hit-with-ransomware-in-2022-report/
04/01/2023 07:15:59
QRCode
archive.org

More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.

The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.

therecord EN 2023 annual report ransomware 2022 governments universities school
Cost of data breaches to surpass US$5mn per incident in 2023 https://technologymagazine.com/articles/cost-of-data-breaches-to-surpass-us-5mn-per-incident-in-2023
28/12/2022 11:31:16
QRCode
archive.org
thumbnail

Acronis’ end-of-year cyberthreats report found that the proportion of phishing attacks has risen by 1.3x, accounting for 76% of all cyber attacks

technologymagazine 2022 EN Acronis end-of-year report phishing
page 1 / 2
2000 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio