Une récente enquête a montré les immenses capacités des trackers GPS et Bluetooth pour pister et retrouver des objets. Ils mesurent à peine quelques centimètres et sont d’une efficacité redoutable.
Des trackers ont été récemment au cœur d’une enquête sur le leader de la vente de vêtement en ligne Zalando. Trois médias allemands ont glissé des appareils de ce type dans des habits renvoyés après une commande. Le but était de voir dans quels pays voyageaient ensuite les vêtements
The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely first show up for sale. The forum's…
In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033 and three other vulnerabilities that have yet to be assigned CVE-IDs) allowed for Internet-to-baseband remote code execution. Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.
You may need to turn off Wi-Fi calling and VoLTE for a bit.
Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.
A suspected Chinese actor used a zero-day vulnerability in FortiOS and custom malware for espionage.
Learn more about the BatLoader malware, how we detected the attack, and recommendations from our Threat Response Unit (TRU) to protect your business from…
For March 2023 Patch Tuesday Microsoft has fixed 2 vulnerabilities actively exploited in the wild (CVE-2023-23397, CVE-2023-24880).
With victims refusing to pay, cybercriminal gangs are now releasing stolen photos of cancer patients and sensitive student records.
Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.
The group is blackmailing Ring on its site: "There's always an option to let us leak your data," they posted.
Canada's domestic food production system may actually be one of the most glaring cracks in Canada's national defences.
...
Attacking agricultural infrastructure has proven to be an effective part of the Russian playbook so far in its invasion of Ukraine. In June 2022, EU trade counsellor Maud Labat said Moscow has figured out how to wield food as a “geopolitical weapon.”
The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.
An employee of cyberweapon manufacturer, NSO Group, tried to sell advanced malware to unauthorized parties for $50-Million, according to an Israeli indictment unsealed last week against the individual in question. About two years ago, Herzliya-based NSO Group developed a powerful cyberweapon called Pegasus, which operated as malware that exploited three previously unknown vulnerabilities in iPhones […]
New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.
The state cybersecurity watchdog issued an official warning and labelled the Chinese application TokTok as a threat, following in the footsteps of the US, the European Commission and Canada.
