Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

October 24, 2023

Battling a new DarkGate malware campaign with Malwarebytes MDR

First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however, researchers at Trusec found evidence of a campaign using external Teams messages to deliver the DarkGate Loader.

19:33
malwarebytes, EN, 2023, DarkGate, malware
Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

It's time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned "unauthenticated buffer-related vulnerabilities" and two CVEs. These issues affected Citrix NetScaler ADC and NetScaler Gateway.

15:21
assetnote, EN, 2023, CVE-2023-4966, session, token, Citrix
Another plastic surgery practice appears to have been hit — this time by Hunters International

On October 17, the FBI issued a Public Service Announcement, Cybercriminals are Targeting Plastic Surgery Offices and Patients. Five days later, DataBreaches learned that there had been another attack on a plastic surgery practice where patient data had allegedly been stolen and is in danger of being leaked publicly. It would not be surprising if the FBI knew about the attack and that it was the impetus for the newly released PSA.

13:48
databreaches, EN, 2023, analysis, plastic-surgery, data-breaches, Hunters-International
Tracking Unauthorized Access to Okta's Support System

Okta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system.

The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.

10:06
okta, EN, 2023, incident
Okta incident and 1Password | 1Password

We detected suspicious activity on our Okta instance that we use to manage our employee-facing apps. We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.

10:05
1password, EN, 2023, okta, incident
1Password Detects Suspicious Activity Following Okta Support Breach

1password detected suspicious activity following the Okta support system breach. After investigation, they determined no user data was accessed.

09:42
thehackernews, EN, 2023, 1Password, Okta, investigation
Spain police dismantled a cybercriminal group who stole data of 4 million individuals

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over 4M individuals.

07:45
securityaffairs, EN, 2023, police, arrest, cybercriminal, group, stolen, data