Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Hier - March 18, 2024

Cyberattaque contre Franz Carl Weber: données d'employés publiées sur le darknet (update)

Des cybercriminels ont attaqué le vendeur de jouets Franz Carl Weber.

IT helpdeskers increasingly targeted by cybercriminals

Wave of Okta attacks mark what researchers are calling the biggest security trend of the year

Elon Musk's SpaceX builds spy satellite network for U.S. intelligence

SpaceX’s dominance in the satellite internet market has given Musk enormous power in matters of war and geopolitics

What a Cluster: Local Volumes Vulnerability in Kubernetes
  • Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2.

  • The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster.

  • This vulnerability can lead to full takeover on all Windows nodes in a cluster.

  • This vulnerability can be exploited on default installations of Kubernetes (earlier than version 1.28.4), and was tested against both on-prem deployments and Azure Kubernetes Service.

  • In this blog post, we provide a proof-of-concept YAML file as well as an Open Policy Agent (OPA) rule for blocking this vulnerability.

'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors

Like Spectre, the new exploit could give attackers a way to access sensitive information from system memory, and take other malicious actions.

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.

"The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production," IBM X-Force said in a report published last week.

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents covering several topics. Learn more about this continuing threat.