Quotidien Hebdomadaire Mensuel

Hebdomadaire Shaarli

Tous les liens d'un semaine sur une page.

Semaine 08 (February 19, 2024)

LockBit ransomware returns, restores servers after police disruption

The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector.

U.S. and U.K. Disrupt LockBit Ransomware Variant | United States Department of Justice

The Department of Justice joined the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group, one of the most active ransomware groups in the world that has targeted over 2,000 victims, received more than $120 million in ransom payments, and made ransom demands totaling hundreds of millions of dollars.

How your sensitive data can be sold after a data broker goes bankrupt

Sensitive location data could be sold off to the highest bidder.

Ransomware Operation LockBit Reestablishes Dark Web Leak Site

Russian-speaking ransomware operation LockBit reestablished a dark web leak site Saturday afternoon, posting a lengthy screed apparently authored by its leader, who

Hackers Leak 2.5M Private Plane Owners' Data Linked to LA Intl. Airport Breach

The data breach shows why organisations must enhance cybersecurity measures in the face of growing threats from skilled hackers like IntelBroker.

Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data

Avast, the cybersecurity software company, is facing a $16.5 million fine from the FTC after its privacy extensions and antivirus software harvested and sold user data.

Jamf says 9% of smartphone have fallen for phishing attacks

In a report going over the state of malware in 2024, device management firm Jamf says that 9% of mobile users were caught by phishing, while 20% of companies were at risk because of bad smartphone configurations.

ChatGPT «devient fou», OpenAI s’explique

Durant plusieurs heures, ChatGPT a présenté un comportement inattendu, générant des réponses illogiques et des créa

Multiple XSS flaws in Joomla can lead to remote code execution

Joomla maintainers have addressed multiple flaws in the popular content management system (CMS) that can lead to execute arbitrary code

Scattered Spider laying new eggs

Discover the techniques, tactics (TTPs) used by Scattered Spider intrusion set, including social engineering and targeted phishing campaigns.

Suisse: Le Team a été hackée, ce qu'on sait sur le ransomware

Un groupe de hackers russe a volé près de 200 Go de données à une entreprise de placement suisse et les a divulgués sur le darknet.

Internet Society veut empêcher Microsoft d'héberger les données de santé des Français

Un ONG dépose un recours auprès du Conseil d'État pour empêcher Microsoft d'héberger les données de santé des Français.

ConnectWise ScreenConnect: Authentication Bypass Deep Dive

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

A first analysis of the i-Soon data leak

Data from a Chinese cybersecurity vendor that works for the Chinese government exposed a range of hacking tools and services.

Apple iOS 17.4: iMessage Gets Post-Quantum Encryption in New Update

Useful quantum computers aren’t a reality—yet. But in one of the biggest deployments of post-quantum encryption so far, Apple is bringing the technology to iMessage.
#apple #computing #encryption #privacy #quantum #security

European Parliament finds spyware on defense committee members’ phones

Officials handling security and defense issues were the target of phone hacking, internal email says.

Anatsa Banking Trojan Resurfaces, Targets European Banks

ThreatFabric said the campaign has evolved since last year, employing sophisticated methods and mainly targeting Samsung devices

Plus de 2000 serveurs Exchange suisses vulnérables à une faille

Environ 97’000 serveurs Exchange dans le monde sont potentiellement concernés par une faille permettant d'effe

Police arrests LockBit ransomware members, release decryptor in global crackdown

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation.

Law enforcement disrupt world’s biggest ransomware operation

LockBit is widely recognised as the world’s most prolific and harmful ransomware, causing billions of euros worth of damage.This international sweep follows a complex investigation led by the UK National Crime Agency in the framework of an international taskforce known as ‘Operation Cronos’, coordinated at European level by Europol and Eurojust.The months-long operation has resulted in the compromise of LockBit’s...

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month.

Ransomware Experts See Problems With Banning Ransom Payments

As the damage caused by ransomware and profits flowing to attackers reaches record levels, a panel of cybersecurity and policy experts reviewed what it might take

LockBit ransomware gang disrupted by international law enforcement operation

LockBit — the most prolific ransomware group in the world — had its website seized Monday as part of an international law enforcement operation that involved the U.K.’s National Crime Agency, the FBI, Europol and several international police agencies.

Several Ukrainian media outlets attacked by Russian hackers

Russian hackers attacked several popular Ukrainian media outlets over the weekend, posting fake news related to the war.

How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution | by Mukund Bhuva

I began my search for opportunities and stumbled upon a list of eligible websites for bug hunting at https://gist.github.com/R0X4R/81e6c50c091a20b060afe5c259b58cfa. This list became my starting…

LockBit ransomware disrupted by global police operation

Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos.

Lockbit cybercrime gang disrupted by international police operation

Lockbit, a notorious cybercrime gang that holds its victims' data to ransom, has been disrupted in a rare international law enforcement operation by Britain’s National Crime Agency and the U.S. Federal Bureau of Investigation, according to a post on the gang’s extortion website on Monday.

GitHub leak exposes Chinese offensive cyber operations – researchers

The leaked documents supposedly discuss spyware developed by I-Soon, a Chinese infosec company, that’s targeting social media platforms, telecommunications companies, and other organizations worldwide. Researchers suspect the operations are orchestrated by the Chinese government.

Unknown individuals allegedly leaked a trove of Chinese government documents on GitHub. The documents reveal how China conducts offensive cyber operations with spyware developed by I-Soon, Taiwanese threat intelligence researcher Azaka Sekai claims.

Serious Vulnerability in the Internet Infrastructure Fundamental design flaw in DNSSEC discovered

he National Research Center for Applied Cybersecurity ATHENE has uncovered a critical flaw in the design of DNSSEC, the Security Extensions of DNS (Domain Name System). DNS is one of the fundamental building blocks of the Internet. The design flaw has devastating consequences for essentially all DNSSEC-validating DNS implementations and public DNS providers, such as Google and Cloudflare. The ATHENE team, led by Prof. Dr. Haya Schulmann from Goethe University Frankfurt, developed “KeyTrap”, a new class of attacks: with just a single DNS packet hackers could stall all widely used DNS implementations and public DNS providers. Exploitation of this attack would have severe consequences for any application using the Internet including unavailability of technologies such as web-browsing, e-mail, and instant messaging. With KeyTrap, an attacker could completely disable large parts of the worldwide Internet. The researchers worked with all relevant vendors and major public DNS providers over several months, resulting in a number of vendor-specific patches, the last ones published on Tuesday, February 13. It is highly recommended for all providers of DNS services to apply these patches immediately to mitigate this critical vulnerability.