Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

April 4, 2024

Kobold letters

Anyone who has had to deal with HTML emails on a technical level has probably reached the point where they wanted to quit their job or just set fire to all the mail clients due to their inconsistent implementations. But HTML emails are not just a source of frustration, they can also be a serious security risk.

20:29
lutrasecurity, email, EN, 2024, HTML, Kobold-letters
Security Flaw in WP-Members Plugin Leads to Script Injection

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

19:04
securityweek, EN, 2024, plugin, WP, Wordpress, WP-Members, Injection, vulnerability
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways.

19:02
bleepingcomputer, EN, 2024, Connect-Secure, Denial-of-Service, DoS, Ivanti, Policy-Secure, RCE, Remote-Code-Execution, Security, InfoSec, Computer-Security
Google sues alleged China crypto app racketeers: Report

Google’s parent company, Alphabet, has filed a lawsuit against two people based in China for using the company’s platform for scam cryptocurrency apps that amassed over 100,000 downloads.

Alphabet claims that scammers used its platforms, Google Play and YouTube, to upload and advertise fraudulent crypto apps.

18:59
cointelegraph, EN, 2024, China, crypto-scammers, Alphabet, lawsuit, pig-butchering
IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

The IntelBroker hacker and their affiliates have leaked a trove of sensitive records, which they claim jeopardize the United States national security.

18:53
hackread, EN, 2024, IntelBroker, Leaks, US, Contractor, Acuity
North Korea’s Post-Infection Python Payloads – One Night in Norfolk

Throughout the past few months, several publications have written about a North Korean threat actor group’s use of NPM packages to deploy malware to developers and other unsuspecting victims. This blog post provides additional details regarding the second and third-stage malware in these attacks, which these publications have only covered in limited detail.

13:29
norfolkinfosec, EN, 2024, NPM, packages, Phlyum, malware, North-Korea, phyton, payloads
A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his methods.

13:28
wired, EN, 2024, P4x, North-Korea, Vigilante, military, attack
Ukrainian cybersecurity official reveals structure of Russian hacker groups

Russian hacker groups are military units with code names that are part of the Main Intelligence Directorate of the General Staff and the Federal Security Service of the Russian Federation. — Ukrinform.

13:27
ukrinform, EN, 2024, Russia-Ukraine-war, Russia, code-names, structure, hacker-groups
Sicurezza informatica e digitalizzazione dei servizi, 5 comuni si alleano

Bellinzona, Chiasso, Mendrisio, Locarno e Lugano condivideranno risorse e competenze

13:25
tio, IT, CH, Svizzera, comuni, alleanza, digitalizzazione, sicurezza-informatica, Locarno, Lugano, Bellinzona, Chiasso, Mendrisio
Exclusive: Hackers stole Russian prisoner database to avenge death of Navalny

Within hours of opposition leader Alexey Navalny’s death in February in a Russian prison, a group of anti-Kremlin hackers went looking for revenge.

13:24
cnn, 2024, EN, anti-Kremlin, hackers, stole, prisoner, database, Russia, Data-Breach