Cyberveille
by Decio
Nuage de tags
Mur d'images
Quotidien
Rechercher
Flux RSS
Flux RSS
Daily Feed
Weekly Feed
Monthly Feed
tags
search
The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine
Canada bans Huawei and ZTE from 5G networks over security concerns
Malicious PyPI package opens backdoors on Windows, Linux, and Macs
Fears grow for smaller nations after ransomware attack on Costa Rica escalates
President Rodrigo Chaves says Costa Rica is at war with Conti hackers
Exploiting an Unbounded memcpy in Parallels Desktop
KillNet: Pro-Russian Hacktivists.
Killnet Cyber Attacks Against Italy and NATO Countries
New 'Smart' Cheese Rinds Help Fight Parmesan Fraud
Data Marketplace Selling Info About Who Uses Period Tracking Apps
Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes
Researchers devise iPhone malware that runs even when device is turned off
La vulnérabilité PetitPotam persiste malgré le patch tuesday
Eternity, poche centinaia di dollari per un ransomware o un malware per furto dati
Multi-factor Authentication to Generate $27 Billion Globally for Mobile Operators in 2022, Juniper Research Study Finds
Web ad firms scrape email addresses before you know it
US links Thanos and Jigsaw ransomware to 55-year-old doctor
A closer look at Eternity Malware
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
EU lands new law to fight off hackers in critical sectors
The Linux Foundation and Open Source Software Security Foundation (OpenSSF) Gather Industry and Government Leaders for Open Source Software Security Summit II
Zyxel silently patches command-injection vulnerability with 9.8 severity rating
Known macOS Vulnerabilities Led Researcher to Root Out New Flaws
Patch tuesday mai 2022 : 74 failles corrigées dont 1 exploitée
CVE-2022-26925 : Patchez vos machines Windows sans attendre
Russia hacked an American satellite company one hour before the Ukraine invasion
npm Supply Chain Attack Targeting Germany-Based Companies
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Costa Rica declares national emergency after Conti ransomware attacks
L’Europe de la cyberdéfense
Dissecting Saintstealer
Russian TVs, search engines hacked on Victory Day with antiwar message
Apple, Google, and Microsoft commit to expanded support for FIDO standard
Vulnerability Analysis - CVE-2022-1388
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win
MacOS Two-machine Kernel Debugging
Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation
Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins
How Data Brokers Sell Access to the Backbone of the Internet
Update on cyber activity in Eastern Europe
Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
UNC3524: Eye Spy on Your Email
Google Online Security Blog: The Package Analysis Project: Scalable detection of malicious open source packages
Spanish prime minister’s phone ‘targeted with Pegasus spyware’
Russia’s cyber warfare against Ukraine more nuanced than expected
Russian troops in Melitopol plunder $5M farm vehicles from Ukraine -- to find they've been remotely disabled
How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities
OverWatch Insights: Reviewing a New Intrusion Targeting Mac Systems
What does APT Activity Look Like on MacOS?
Jamf Threat Labs identifies Safari vulnerability (CVE-2022-22616) allowing for Gatekeeper bypass
Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn
Kaspersky DDoS report, Q1 2022
Zero Tolerance: More Zero-Days Exploited in 2021 Than Ever Before
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
CVE-2022-21449: Psychic Signatures in Java
The More You Know, The More You Know You Don’t Know
Pegasus spyware found on 5 French cabinet members' phones
CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Increased Enterprise Use of iOS, Mac Means More Malware
Researcher uses 379-year-old algorithm to crack crypto keys found in the wild
Microsoft Zero-Days, Wormable Bugs Spark Concern
Russia’s Sandworm hackers attempted a third blackout in Ukraine
RaidForums hacking forum seized by police, owner arrested
Git security vulnerability announced
The U.S. is using declassified intel to fight an info war with Russia, even when the intel isn't rock solid
Industroyer2: Industroyer reloaded
CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
Spionaggio cyber alla Commissione europea
Police Records Show Women Are Being Stalked With Apple AirTags Across the Country
FBI Disrupts Cyclops Blink Botnet Used by Russian Intelligence Directorate
DoS attacks hit Finnish websites during Zelenskyy address • The Register
Svizzera, covo di spie russe
AcidRain | A Modem Wiper Rains Down on Europe
U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks - The New York Times
Chinese hackers abuse VLC Media Player to launch malware loader
MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639
Hackers breach MailChimp's internal tools to target crypto customers
Explaining Spring4Shell: The Internet security disaster that wasn’t
Faille Spring4shell, encore un cauchemar pour les entreprises
En Russie, des informations sur la police secrète fuitent à cause d'une appli de livraison
Lapsus$: Two UK teenagers charged with hacking for gang
Apple releases macOS 12.3.1, iOS 15.4.1, watchOS 8.5.1 and more - The Mac Security Blog
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
QNAP warns severe OpenSSL bug affects most of its NAS devices
Putin's hackers gained full access to Hungary's foreign ministry networks, the Orbán government has been unable to stop them
Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
Lapsus$ and SolarWinds hackers both use the same old trick to bypass MFA
New Lapsus$ Hack Documents Make Okta’s Response Look More Bizarre
Sophos patches critical remote code execution vulnerability in Firewall
When Nokia Pulled Out of Russia, a Vast Surveillance System Remained
Fake sites stealing Steam credentials
Chrome Releases: Stable Channel Update for Desktop
Behold, a password phishing site that can trick even savvy users
Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS
Lapsus$: when kiddies play in the big league
Piratage Okta : 375 des clients concernés par l'attaque de Lapsus$
Updated Okta Statement on LAPSUS$
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
Anonymous Takes Anti-Putin Battle To Russian People With Printer Attack To Disrupt Kremlin's Propaganda
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
Piratage d'Okta : l'entreprise admet enquêter, LAPSUS$ revendique
Protestware : l’open source n’échappe pas au conflit russo-ukrainien
Activists are targeting Russians with open-source "protestware"
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers
Exposing initial access broker with ties to Conti
Gas Is Too Expensive; Let’s Make It Cheap!
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica
OpenSSL plombé par une importante faille de sécurité
L’Ukraine reconnaît « une énorme perte de communication » après la cyberattaque contre le satellite KA-SAT
PROPHET SPIDER Exploits Citrix ShareFile
Cyber-attaques en Suisse sur des particuliers? «On ne peut rien exclure»
Raccoon Stealer: “Trash panda” abuses Telegram
Cyber Security Incident Pushes Ubisoft to Issue Internal Password Reset
Exclusive: U.S. spy agency probes sabotage of satellite internet during Russian invasion, sources say | Reuters
Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices
EU and UK launch antitrust investigation into Google and Meta’s adtech dealings - The Verge
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Guerre en Ukraine : les utilisateurs du réseau satellitaire Viasat victimes d’une cyberattaque
New method that amplifies DDoSes by 4 billion-fold. What could go wrong?
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says
China-backed APT41 compromised ‘at least’ six US state governments
An update on the threat landscape
Samsung confirms hackers stole Galaxy devices source code
Hackers leak 190GB of alleged Samsung data, source code
Cybercriminals who breached Nvidia issue one of the most unusual demands ever
Malware now using stolen NVIDIA code signing certificates
Crypto Bug in Samsung Galaxy Devices: Breaking Trusted Execution Environments (TEEs)
New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?
Scam E-Mail Impersonating Red CrossScam E-Mail Impersonating Red Cross
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
L'Anssi sème le doute sur l'usage des solutions Kaspersky
Cyber Realism in a Time of War
Phishing attacks target countries aiding Ukrainian refugees
Toyota suspends domestic factory operations after suspected cyber attack
Ukrainian cyber resistance group targets Russian power grid, railways
Face à un incident de cybersécurité, Nvidia soupçonné d'avoir répliqué - ZDNet
Nvidia Confirms Company Data Was Stolen in Hack
IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine
Cybersécurité : l’Union européenne va aider l’Ukraine face à la Russie
Ukrainian Researcher Leaks Conti Ransomware Gang Data
Cyberattaque contre l’Université de Neuchâtel: des données volées publiées sur le darkweb (update)
The Next Web
Crypto Donations to Ukraine Jumps to $20M
Chinese Cybersecurity Company Doxes Apparent NSA Hacking Operation
Google follows YouTube in cutting off ad revenue to Russian state media
2022 Russia-Ukraine war — Cyber group tracker
STORMOUS ransomware si schiera senza dirlo, contro l'Ucraina - (in)sicurezza digitale
Twitter and Facebook restricted in Russia amid conflict with Ukraine
Facebook, Twitter remove disinformation accounts targeting Ukrainians
Ukraine border control hit with wiper cyberattack, slowing refugee crossing
Anonymous: the hacker collective that has declared cyberwar on Russia | Ukraine
Nvidia allegedly hacked its hackers, stole its data back
Ukraine takes the resistance to cyberspace, assembling an “IT army” to hack sites from Russia and its allies, calls on tech leaders to get involved
New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store
Anonymous hacktivists, ransomware groups get involved in Ukraine-Russia conflict
US microchip powerhouse Nvidia hit by cyber attack
Conti ransomware group announces support of Russia, threatens retaliatory attacks
Attacchi informatici, c'è un nuovo malware di uno dei più importanti gruppi di cybercriminali russi
TrickBot malware operation shuts down, devs move to BazarBackdoor
Ukraine links phishing targeting military to Belarusian hackers
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
Ukraine: Disk-wiping Attacks Precede Russian Invasion
EXCLUSIVE Ukraine calls on hacker underground to defend against Russia
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine
New data-wiping malware used in destructive attacks on Ukraine
The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Find You: Building a stealth AirTag clone | Positive Security
Un ex-officier de la CIA sur l’Ukraine: «Jamais les Etats-Unis n’ont divulgué autant d’informations sensibles et aussi vite»
Chinese cyber-attackers 'targeted Taiwanese financial firms'
Horde Webmail 5.2.22 - Account Takeover via Email
Behind the stalkerware network spilling the private phone data of hundreds of thousands
The US is unmasking Russian hackers faster than ever
Comment le leader mondial des data centers a contré l’attaque par rançongiciel de NetWalker
Risque de cybersécurité – RUAG doit être plus vigilante sur ses données sensibles
Une faille vulnérabilise le gestionnaire de paquets Snap pour Linux
Cosa sappiamo di sLoad e perchè è così elusivo? –
Pegasus spyware scandal uncovered by fake image file on an iPhone
Who Is Behind QAnon? Linguistic Detectives Find Fingerprints
Cyberattack targets Vodafone Portugal, disrupts services
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
Une cyberattaque met à genou l’Université de Neuchâtel
Kazakhstan's Internet Shutdowns Could Be a Warning for Ukraine
VMware Horizon servers are under active exploit by Iranian state hackers
The Elite Hackers of the FSB
Passware parvient à trouver le mot de passe des Mac T2 par force brute
Twitter cans 2FA service provider over surveillance claims
Red Cross traces hack back to unpatched Zoho vulnerability
Assurances cyber : vers une « jurisprudence NotPetya » ?
Merck’s $1.4 Billion Insurance Win Splits Cyber From ‘Act of War’
Chrome Zero-Day Under Active Attack: Patch ASAP | Threatpost
New Emotet Infection Method
Russian hackers have obtained sensitive defense information technology by targeting US contractors, according to CISA
Meta to Pay $90 Million to Settle Facebook Data Privacy Lawsuit
Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica
Cyber-attack on ICRC: What we know
Vaud – Etudiant débouté en raison de son inactivité en ligne
Cyberattack takes Ukraine military, bank websites offline
Apple's AirTag uncovers a secret German intelligence agency
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
Linux-Targeted Malware Increases by 35% in 2021
EDPS Preliminary Remarks on Modern Spyware
KlaySwap crypto users lose funds after BGP hijack
Twitter Tells U.S. Senator It’s Cutting Ties to Swiss Tech Firm
Twitter, Google, WhatsApp, Telegram... pourquoi la double authentification n'est finalement pas si sécurisée
De nombreuses sociétés suisses touchées par le piratage affectant le monde des télécoms
Charting TA2541's Flight
Minaccia Malware prende di mira il settore dell'aviazione e dell'industria aerospaziale
Dropping Files on a Domain Controller Using CVE-2021-43893
PrivateLoader to Anubis Loader. By: Jason Reaves and Joshua Platt
PrivateLoader: The first step in many malware schemes
Safari Flaws Exposed Webcams, Online Accounts, and More
Webcam Hacking (again) - Safari UXSS
Objective-See's Blog
Analyzing a watering hole campaign using macOS exploits
Watering hole deploys new macOS malware, DazzleSpy, in Asia
SysJoker : un malware pour macOS, Windows et Linux qui opère discrètement depuis des mois
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
New SysJoker Backdoor Targets Windows, Linux, and macOS
SysJoker analyzing the first (macOS) malware of 2022!
Google Docs Comment Exploit Allows for Distribution of Phishing and Malware
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
iPhone flaw exploited by second Israeli spy firm-sources
Israelis didn’t care about NSO and Pegasus – until this scandal
Le piratage d'une société américaine a des conséquences en Suisse
Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution
Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review
ModifiedElephant APT and a Decade of Fabricating Evidence
Swisscom, Sunrise et Salt touchés par un piratage aux Etats-Unis
North Korea Hacked Him. So He Took Down Its Internet
I Used Apple AirTags, Tiles and a GPS Tracker to Watch My Husband’s Every Move - The New York Times
Emsisoft Decryptor for Maze / Sekhmet / Egregor - Emsisoft: Free Ransomware Decryption Tools
[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code
Decryptor released for Maze, Egregor, and Sekhmet ransomware strains | ZDNet
Exposed documents reveal how the powerful clean up their digital past using a reputation laundering firm
Les 200 mots de passe les plus populaires en 2021
Why is the Zoom app listening on my microphone...
Who Needs to Exploit Vulnerabilities When You Have Macros?
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
Helping users stay safe: Blocking internet macros by default in Office
A walk through Project Zero metrics
Mettez à jour iOS ! WebKit contient une vulnérabilité dangereuse
Nouvelle version de Safari 15.3 sur Big Sur et Catalina pour combler une faille importante | MacGeneration