Quotidien - March 19, 2025

Secure Annex - Enterprise Browser Extension Security & Management Platform

An investigation into buying access to browsers through extensions

21:07

secureannex, EN, 2025, investigation, Browser, Extension, buying, extensions

Infostealers fueled cyberattacks and snagged 2.1B credentials last year | CyberScoop

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

21:05

cyberscoop, EN, 2025, Infostealers, cyberattacks, Flashpoint, report

Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits

21:04

infosecurity-magazine, EN, 2025, Flashpoint, Exposed, Data-Breach, 2024, Report

Apple's Passwords app was vulnerable to phishing attacks for nearly three months after launch

In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app called...

21:02

9to5mac, EN, 2025, iOS, apple, passwords, http, app, vulnerable, phishing, Keychain

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping....

Strike 4.11 introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs, and a DNS over HTTPS (DoH) Beacon.

20:36

cobaltstrike, EN, 2025, feature, sleep-mode, Sleepmask, process-injection

Facial Recognition Injection Attacks - An Overview

Facial Recognition Injection Attacks involve injecting tampered video feeds or deepfakes into facial recognition systems to bypass security. Current attack types include Virtual Video Injections, Hardware-based Video Injections, Device Emulation and Function Hooking.

09:35

scip, EN, 2025, Facial, Recognition, Injection, Attacks, Complexity, Deepfake

Quotidien Shaarli

March 19, 2025