Cybersecurity firm Okta said an unidentified hacker had accessed the company's support system and viewed client files.
On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response.
Cluster25 analyzed an attack by APT28/FancyBear exploiting the WinRAR vulnerability CVE-2023-38831
Five weeks ago, the International Criminal Court detected a serious cyber security incident, thanks to the alert mechanism provided by its monitoring system. The ICC has made various and serious efforts to address this attack. The Court deems it is its responsibility to continue to inform about these efforts and to provide the relevant additional information on the attack itself.
Last year, I published a 5-part series about Switzerland’s e-voting system. Like any internet voting system, it has inherent security
I’m a Swiss voter living abroad, and like all Swiss expats from Basel-Stadt, St.Gallen or Thurgau, I’ve been invited to vote over the internet in this year’s national election. Switzerland’s e-voting system is supposed to have safeguards to protect the election against malicious actors, however as a computer scientist, I have found a flaw in the practical implementation of one of those safeguards.
Several websites of Belgian institutions (such as those of the Royal Palace, the Chancellery of the Prime Minister and the Senate) experienced some disruption late Thursday afternoon.
Grâce à l’usage du Big Data et des algorithmes dans les campagnes électorales et de votation, il devient possible d’influencer le comportement des électeurs et le résultat d’un suffrage. Cela soulève la question du droit à l’autodétermination des individus mais aussi des peuples.
Un membre russe du gang de hackers Ragnar Locker a été arrêté en France. Ce collectif de cybercriminels est responsable de nombreuses cyberattaques par
Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month.
This action, coordinated at international level by Europol and Eurojust, targeted the Ragnar Locker ransomware group. The group were responsible for numerous high-profile attacks against critical infrastructure across the world. In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain and Latvia. The “key target” of this malicious ransomware strain was arrested in Paris,...
SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.
Crooks broke into the ClassPad server and swiped online learning database
Japanese electronics giant Casio said miscreants broke into its ClassPad server and stole a database with personal information belonging to customers in 149 countries.
ClassPad is Casio's education web app, and in a Wednesday statement on its website, the firm said an intruder breached a ClassPad server and swiped hundreds of thousands of "items" belonging to individuals and organizations around the globe.
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation.
Musk's mega-app-in-waiting goes from chopping headlines to profile URLs
An ethical hacker has exploited a bug in the way X truncates URLs to take over a CIA Telegram channel used to receive intelligence.
Kevin McSheehan, who uses the online handle "Pad," spotted the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile.
Team82 has uncovered the use of a weak random number generator in Synology’s DiskStation Manager (DSM) Linux-based operating system running on the company’s network-attached storage (NAS) products
The insecure Math.random() method was used to generate the password of the admin password for the NAS device itself.
Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account.
The vulnerability, tracked as CVE-2023-2729, has been addressed by Synology. Synology’s advisory is here.
In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain.
We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the deployment of malware and ransomware.
In this blog post, we look at a malvertising campaign that seems to have flown under the radar entirely for at least several months. It is unique in its way to fingerprint users and distribute time sensitive payloads.
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.
Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet or untrusted networks.
La Ville de Lausanne a sollicité un crédit d’investissement de 2,24 millions de francs pour poursuivre ses efforts
Le projet «Odyssée» consiste à remplacer trois applications obsolètes utilisées par les polices vaudoises.
Cybersecurity in healthcare is a very real threat with the potential to severely disrupt patient care, place extra burden on an already strained system, and result in significant financial losses for a hospital or healthcare network. In October 2020, on the backdrop of the ongoing COVID-19 pandemic, our institution experienced one of the most significant cyberattacks on a healthcare system to date, lasting for nearly 40 days. By sharing our experience in radiology, and specifically in breast imaging, including the downtime procedures we relied upon and the lessons that we learned emerging from this cyberattack, we hope to help future victims of a healthcare cyberattack successfully weather such an experience.
L'un des projets informatiques les plus importants des polices vaudoises est la victime collatérale d’une importante fuite de données, survenue chez la société Xplain, son principal partenaire, a appris le pôle enquête de la RTS. La collaboration avec cette entreprise bernoise est aujourd’hui sur la sellette.
The SMB 1/2/3 protocols allow clients to connect to named
pipes via the IPC$ (Inter-Process Communication) share
for the process of inter-process communication between
SMB clients and servers.
