L'Actu de la presse spécialisée
Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars
The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site. Clarion Japan is the Japanese subsidiary […]
The post Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars appeared first on Security Affairs.
https://securityaffairs.com/151299/data-breach/alphv-ransomware-hacked-clarion.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Six Tips to Ensure a Strong Patch Management Strategy
By Ashley Leonard, CEO and Founder, Syxsense The proliferation of software applications and updates across the market today has put pressure on enterprise security teams to implement strong patch management […]
The post Six Tips to Ensure a Strong Patch Management Strategy appeared first on Cyber Defense Magazine.
https://www.cyberdefensemagazine.com/six-tips-to-ensure-a-strong-patch-management-strategy/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set […]
The post Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition appeared first on Security Affairs.
https://securityaffairs.com/151293/breaking-news/security-affairs-newsletter-round-438-by-pierluigi-paganini-international-edition.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
iOS 17: iPhone Users Report Worrying Privacy Settings Change After Update
Have you updated your iPhone to iOS 17? You should check your privacy settings as they could reveal an unwanted and surprising change.
https://www.forbes.com/sites/daveywinder/2023/09/24/ios-17-iphone-users-report-worrying-privacy-settings-change-after-update/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
EDRaser - Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. Automated Mode In automated mode, EDRaser scans the C class of a given address space of IPs for vulnerable systems and attacks them automatically. The attacks in auto mode are: Remote deletion of webserver logs. SysLog deletion (on Linux). Local deletion of Windows Application event logs. Remote deletion of Windows event logs. VMX + VMDK deletion To use EDRaser in automated mode, follow these steps: python edraser.py --auto Manual Mode In manual mode, you can select specific attacks to launch against a targeted system, giving you greater control. Note that some attacks, such as VMX deletion,...
http://www.kitploit.com/2023/09/edraser-tool-for-remotely-deleting.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Popular Thesaurus Website Used in Sneaky Cryptojacking Scheme
By Waqas
KEY FINDINGS Cybersecurity researchers at Group-IB unearthed a covert cryptojacking campaign concealed within a popular online thesaurus boasting…
This is a post from HackRead.com Read the original post: Popular Thesaurus Website Used in Sneaky Cryptojacking Scheme
https://www.hackread.com/thesaurus-website-sneaky-cryptojacking-scheme/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
National Student Clearinghouse data breach impacted approximately 900 US schools
U.S. educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The National Student Clearinghouse (NSC) is a nonprofit organization based in the United States that provides educational verification and reporting services to educational institutions, employers, and other organizations The organization has disclosed a data breach that impacted approximately […]
The post National Student Clearinghouse data breach impacted approximately 900 US schools appeared first on Security Affairs.
https://securityaffairs.com/151281/data-breach/national-student-clearinghouse-data-breach.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Most Important Network Penetration Testing Checklist
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering Open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator to close unused ports, additional services, Hide or customize banners, troubleshoot services, and to calibrate firewall rules. You should test in all ways to guarantee there is no […]
The post Most Important Network Penetration Testing Checklist appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/network-penetration-testing-checklist-examples/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
L'Actu de la presse
Govt Issues Update On Cyber-Incident - Bernews
Update On Govt Systems Following Cyber-Attack · Audio: Minister Roban On Cyber-Attack · Privacy Commissioner Highlights Cybersecurity · Cybersecurity ...
https://bernews.com/2023/09/update-cyber-incident-government-bermuda/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
NH Business: Cyberattacks and breaches in New Hampshire - WMUR
... CYBER ATTACK BREACHES IN THE NEW HAMPSHIRE AGAIN DURHAM POLICE DEPARTMENT RANSOMWARE PETERBOROUGH PHISHING. THAT'S .3 MILLION OF PHISHING KEENE ...
https://www.wmur.com/article/nh-business-cyberattacks-and-breaches-in-new-hampshire/45287206
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Merchant payment system offline for 90 minutes, causes delays for BC Ferries - Powell River Peak
Toronto-based Moneris issued a statement saying there was nothing to suggest the outage was related to a cyber attack. Complaints about outages ...
https://www.prpeak.com/highlights/bc-ferries-delays-expected-as-payment-processing-system-goes-down-7590305
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Bernews "Good News" Sunday Spotlight, September 24, 2023 - YouTube
Deputy Premier Walter Roban On Cyber Attack, September 22 2023. bernewsdotcom New 446 views · 13:30 · Go to channel. Curve Coming with New Tropical ...
https://www.youtube.com/watch%3Fv%3DDIyAxVznEQk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Cybersecurity Expert Shares Information About Cyberattacks Like MGM's - The Blast
They were talking about security incidences that have led to loss of life.” MGM Cyber Attack VegasStarfish – TikTok ... Cyber Attack, Las Vegas, MGM ...
https://theblast.com/538543/cybersecurity-expert-shares-information-about-cyberattacks-like-mgms/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Q: What are the benefits of shared server e-commerce hosting? | by Dale Clifford - Medium
Regularly back up your website's data to prevent data loss in case of a server failure or cyber attack. Examples. Let's say you're starting an ...
https://medium.com/internetstack/q-what-are-the-benefits-of-shared-server-e-commerce-hosting-9db95f45dbee
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Ransomware attacks to hacked emails—rising cyber insurance claims are hurting firms
Whether you live in India or overseas, you can take a paid subscription by clicking here. Support Our Journalism. Tags; cyber attack · hacking ...
https://theprint.in/tech/ransomware-attacks-to-hacked-emails-rising-cyber-insurance-claims-are-hurting-firms/1775508/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Las Vegas still holds great, bargain-filled football parties - Honolulu Star-Advertiser
Las Vegas Advisor: Las Vegas casinos suffer debilitating cyber attack · Honolulu Star-Advertiser logo. Copyright © 2023 StarAdvertiser.com. All ...
https://www.staradvertiser.com/2023/09/24/travel/las-vegas-advisor/las-vegas-advisor-las-vegas-still-holds-great-bargain-filled-football-parties/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Man taken to hospital after suspected American XL bully dog attack in park | Ham & High
... cyber attack · Sir Michael Caine makes rare public appearance with walking stick at age 90 · 'Wonderful and caring' man killed in M25 car crash ...
https://www.hamhigh.co.uk/news/national/23809487.man-taken-hospital-suspected-american-xl-bully-dog-attack-park/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
SC: Experts to check 2023 Bar exams, not AI - CNN Philippines
PhilHealth shuts down system to contain cyber attack. 800. CNN. International Edition ICOn. U.S. · International · Indonesia. © 2015 Nine Media Corp.
http://www.cnnphilippines.com/news/2023/9/23/bar-exams-AI.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Young Lebanese Diana Abi Nader sings Syriac rite before Pope Francis in Marseille
China-based hackers launch cyber attack on Taiwan, according to Microsoft.
https://www.lbcgroup.tv/news/varietytech/724499/young-lebanese-diana-abi-nader-sings-syriac-rite-b/en
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Here's how to keep phone frauds at bay - Daily Nation
In May 2019, WhatsApp admitted to intercepting and stopping “a highly sophisticated cyber-attack that exploited our video calling system in order ...
https://nation.africa/kenya/news/here-s-how-to-keep-phone-frauds-at-bay-4378628
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
L'Actu de la veille (Presse spécialisée)
Kaspersky Reveals Alarming IoT Threats and Dark Web DDoS Boom
By Waqas
Kaspersky Unveils Alarming IoT Vulnerabilities and Dark Web's Thriving DDoS Economy.
This is a post from HackRead.com Read the original post: Kaspersky Reveals Alarming IoT Threats and Dark Web DDoS Boom
https://www.hackread.com/iot-vulnerabilities-dark-web-ddos-economy/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Leveraging AI in Cybersecurity: Transforming Threat Detection, Prevention, and Beyond
In an era of accelerating digital transformation, emerging challenges cast a shadow over technological advancements. Among them, cybersecurity threats are …
https://hakin9.org/leveraging-ai-in-cybersecurity-transforming-threat-detection-prevention-and-beyond/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Government of Bermuda blames Russian threat actors for the cyber attack
The Government of Bermuda believes that the recent cyberattack against its IT infrastructure was launched by Russian threat actors. This week a cyber attack hit the Government of Bermuda causing the interruption of internet/email and phone services. The attack impacted all the government departments. “The Department of Information and Digital Technology (IDT) is working quickly […]
The post Government of Bermuda blames Russian threat actors for the cyber attack appeared first on Security Affairs.
https://securityaffairs.com/151273/hacking/government-of-bermuda-cyberattack.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Evasive Gelsemium hackers spotted in attack against Asian govt
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]
https://www.bleepingcomputer.com/news/security/evasive-gelsemium-hackers-spotted-in-attack-against-asian-govt/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Three Ways to Protect the Data Powering Summer Vacations
By Amit Shaked, CEO and Co-Founder, Laminar The travel industry is in the midst of rapid recovery following the COVID-19 pandemic. In 2022, there were over 747 million passengers who […]
The post Three Ways to Protect the Data Powering Summer Vacations appeared first on Cyber Defense Magazine.
https://www.cyberdefensemagazine.com/three-ways-to-protect-the-data-powering-summer-vacations/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
National Student Clearinghouse data breach impacts 890 schools
U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States. [...]
https://www.bleepingcomputer.com/news/security/national-student-clearinghouse-data-breach-impacts-890-schools/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
HTMLSmuggler - HTML Smuggling Generator And Obfuscator For Your Red Team Operations
The full explanation what is HTML Smuggling may be found here. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems, by disguising malicious payloads within seemingly harmless HTML and JavaScript code. By exploiting the dynamic nature of web applications, attackers can deliver malicious content to a user's browser without triggering security alerts or being detected by traditional security mechanisms. Thanks to this technique, the download of a malicious file is not displayed in any way in modern IDS solutions. The main goal of HTMLSmuggler tool is creating an independent javascript library with embedded malicious user-defined payload. This library may be integrated into your phishing sites/email html attachments/etc....
http://www.kitploit.com/2023/09/htmlsmuggler-html-smuggling-generator.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Air Canada discloses data breach of employee and 'certain records'
Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers "briefly" obtained limited access to its internal systems. The incident resulted in the theft of a limited amount of personal information of some of its employees and "certain records." [...]
https://www.bleepingcomputer.com/news/security/air-canada-discloses-data-breach-of-employee-and-certain-records/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign.
"Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said in a new report shared with The Hacker News.
"This combination
https://thehackernews.com/2023/09/deadglyph-new-advanced-backdoor-with.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
City of Dallas has set a budget of .5 million to mitigate the May Royal ransomware attack
The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas, Texas. To prevent the threat from spreading within the network, the City shut down the impacted IT systems. The […]
The post City of Dallas has set a budget of .5 million to mitigate the May Royal ransomware attack appeared first on Security Affairs.
https://securityaffairs.com/151264/data-breach/city-of-dallas-royal-ransomware-attack-may.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Top PIM Practices For Enhancing Cybersecurity In Retail
In the ever-evolving landscape of retail, where eCommerce has become a cornerstone of business operations, the significance of cybersecurity cannot be overstated. As consumers increasingly turn to online shopping, retail businesses must prioritize safeguarding sensitive data, especially when it comes to managing product information. Product Information Management (PIM) solutions have emerged as invaluable tools for […]
The post Top PIM Practices For Enhancing Cybersecurity In Retail appeared first on Cyber Security News.
https://cybersecuritynews.com/top-pim-practices-for-enhancing-cybersecurity-in-retail/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
New Critical Security Warning For iPhone, iPad, Watch, Mac—Attacks Underway
Citizen Lab, alongside Google's Threat Analysis Group, has uncovered a no-click zero-day exploit chain impacting iPhones, iPads, Apple Watch and Macs.
https://www.forbes.com/sites/daveywinder/2023/09/23/ios-1701-critical-security-update-warning-for-all-iphone-users/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.
"The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the
https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Zero-Day iOS Exploit Chain Infects Devices with Predator Spyware
By Waqas
Former Egyptian MP targeted with predator spyware ahead of 2024 presidential run - Therefore, Update your macOS Ventura, iOS, and iPadOS devices NOW, as Apple has released emergency updates to address the flaws.
This is a post from HackRead.com Read the original post: Zero-Day iOS Exploit Chain Infects Devices with Predator Spyware
https://www.hackread.com/zero-day-ios-exploit-chain-predator-spyware/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
L'Actu à J-2 (Presse spécialisée)
LastPass: ‘Horse Gone Barn Bolted' is Strong Password
The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.
https://krebsonsecurity.com/2023/09/lastpass-horse-gone-barn-bolted-is-strong-password/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware
Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Researchers from the Citizen Lab and Google’s Threat Analysis Group (TAG) revealed that the three Apple zero-days addressed this week were used as part of an exploit to install Cytrox Predator spyware. Apple this week […]
The post Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware appeared first on Security Affairs.
https://securityaffairs.com/151218/mobile-2/apple-chrome-zero-days-predator-spyware.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
ESET's cutting-edge threat research at LABScon – Week in security with Tony Anscombe
Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups
https://www.welivesecurity.com/en/videos/esets-cutting-edge-threat-research-labscon-week-security-tony-anscombe/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Stealth Falcon preying over Middle Eastern skies with Deadglyph
ESET researchers have discovered Deadglyph, a sophisticated backdoor used by the infamous Stealth Falcon group for espionage in the Middle East
https://www.welivesecurity.com/en/eset-research/stealth-falcon-preying-middle-eastern-skies-deadglyph/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Dallas says Royal ransomware breached its network using stolen account
The City of Dallas, Texas, said this week that the Royal ransomware attack that forced it to shut down all IT systems in May started with a stolen account. [...]
https://www.bleepingcomputer.com/news/security/dallas-says-royal-ransomware-breached-its-network-using-stolen-account/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
90GB of Data Posted on Hacker Forum Linked to T-Mobile Glitch
By Waqas
Another day, another data security incident at T-Mobile – Because why not! A cybersecurity year without a T-Mobile…
This is a post from HackRead.com Read the original post: 90GB of Data Posted on Hacker Forum Linked to T-Mobile Glitch
https://www.hackread.com/t-mobile-glitch-90gb-data-hacker-forum/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Nigerian man pleads guilty to attempted million BEC email heist
Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire fraud and money laundering through business email compromise (BEC). [...]
https://www.bleepingcomputer.com/news/security/nigerian-man-pleads-guilty-to-attempted-6-million-bec-email-heist/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Recently patched Apple, Chrome zero-days exploited in spyware attacks
Security researchers with the Citizen Lab and Google's Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox's Predator spyware. [...]
https://www.bleepingcomputer.com/news/security/recently-patched-apple-chrome-zero-days-exploited-in-spyware-attacks/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog
US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the high-severity flaw CVE-2023-41179 (CVSS score 7.2) affecting Trend Micro Apex One and Worry-Free Business Security to its Known Exploited Vulnerabilities Catalog. Trend Micro this week has released security updates to patch […]
The post CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.
https://securityaffairs.com/151211/hacking/cisa-adds-trend-micro-apex-one-rce-to-known-exploited-vulnerabilities-catalog.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Emergency update! Apple patches three zero-days
Categories: Exploits and vulnerabilitiesCategories: NewsTags: Apple
Tags: emergency
Tags: update
Tags: CVE-2023-41991
Tags: CVE-2023-41992
Tags: CVE-2023-41993
Apple has released patches for three zero-day vulnerabilities that may have been actively exploited.
(Read more...)
The post Emergency update! Apple patches three zero-days appeared first on Malwarebytes Labs.
https://www.malwarebytes.com/blog/news/2023/09/emergency-update-apple-patches-three-actively-exploited-zero-days
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Government of Bermuda links cyberattack to Russian hackers
The Government of British overseas territory Bermuda has linked a cyberattack affecting all its departments' IT systems since Thursday to hackers based out of Russia. [...]
https://www.bleepingcomputer.com/news/security/government-of-bermuda-links-cyberattack-to-russian-hackers/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Crypto firm Nansen asks users to reset passwords after vendor breach
Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider. [...]
https://www.bleepingcomputer.com/news/security/crypto-firm-nansen-asks-users-to-reset-passwords-after-vendor-breach/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
T-Mobile spills billing information to other customers
Categories: NewsCategories: PersonalTags: T-Mobile
Tags: billing details
Tags: data breach
Tags: glitch
T-Mobile customers recently found other subscribers' information on their online dashboards.
(Read more...)
The post T-Mobile spills billing information to other customers appeared first on Malwarebytes Labs.
https://www.malwarebytes.com/blog/news/2023/09/t-mobile-spills-billing-information-to-other-customers
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Gelsemium APT Group Uses “Rare” Backdoor in Southeast Asian Attack
By Waqas
Elusive APT Group ‘Gelsemium’ Emerges in Rare Southeast Asian Attack, Unveils Unique Tactics. KEY FINDINGS Cybersecurity researchers at…
This is a post from HackRead.com Read the original post: Gelsemium APT Group Uses “Rare” Backdoor in Southeast Asian Attack
https://www.hackread.com/gelsemium-apt-group-rare-backdoor-southeast-asia/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
T-Mobile denies new data breach rumors, points to authorized retailer
T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly containing T-Mobile employees' data. [...]
https://www.bleepingcomputer.com/news/security/t-mobile-denies-new-data-breach-rumors-points-to-authorized-retailer/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico.
"The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering its 2FA code to their bank accounts or into entering their payment card number,"
https://thehackernews.com/2023/09/new-variant-of-banking-trojan-bbtok.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
FEATURE: The Past, Present, and Future of Cybersecurity
Hacking in the Hamptons, Sponsored by Evolution Equity Partners – David Braue Melbourne, Australia – Sep. 22, 2023 Sometimes, it takes that little something special for the name of a place to take on an evocative meaning of its own. This transformation long ago turned
The post FEATURE: The Past, Present, and Future of Cybersecurity appeared first on Cybercrime Magazine.
https://cybersecurityventures.com/the-past-present-and-future-of-cybersecurity/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Cryptojacking Campaign Infected Online Thesaurus With Over 5 Million Visitors
Students, authors, and anybody else wishing to improve their vocabulary and language abilities frequently utilize Thesaurus, one of the well-known platforms with 5 million monthly visitors. Cybersecurity analysts at Group-IB recently found a cryptojacking scheme on a popular Thesaurus site, infecting visitors with malware to mine cryptocurrency and potentially deploy more harmful software. Group-IB’s 24/7 […]
The post Cryptojacking Campaign Infected Online Thesaurus With Over 5 Million Visitors appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/cryptojacking-campaign-thesaurus/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
The Journey to Secure Access Service Edge (SASE)
“The wise adapt themselves to circumstances, as water moulds itself to the pitcher.” – Chinese Proverb. The way we work, socialise, and consume information has changed exponentially over the last few years. This has been driven owing to global macro and micro events, such as world health emergencies or the continued march of technological innovation. […]
The post The Journey to Secure Access Service Edge (SASE) appeared first on IT Security Guru.
https://www.itsecurityguru.org/2023/09/22/the-journey-to-secure-access-service-edge-sase/?utm_source=rss&utm_medium=rss&utm_campaign=the-journey-to-secure-access-service-edge-sase
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
3 New Apple Zero-day Vulnerabilities Patched in Emergency Update
Three new vulnerabilities have been discovered in multiple Apple products, including iPhone (iOS), iPadOS, watchOS, Safari, macOS and multiple versions of these products. These vulnerabilities have been confirmed as a Zero-Day by Apple. In response to these findings, Apple has released multiple security advisories addressing these vulnerabilities. CVE IDs have been assigned for these vulnerabilities, […]
The post 3 New Apple Zero-day Vulnerabilities Patched in Emergency Update appeared first on Cyber Security News.
https://cybersecuritynews.com/3-new-apple-zero-day-vulnerabilities/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Signal Upgrades Its E2E Encryption With Quantum Resistance
After serving users with one of the most resilient end-to-end encryption protocols for communication, Signal…
Signal Upgrades Its E2E Encryption With Quantum Resistance on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.
https://latesthackingnews.com/2023/09/22/signal-upgrades-its-e2e-encryption-with-quantum-resistance/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Information of Air Canada employees exposed in recent cyberattack
Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. Air Canada, the flag carrier and largest airline of Canada, announced that threat actors had access to the personal information of some employees during a recent cyberattack. “An […]
The post Information of Air Canada employees exposed in recent cyberattack appeared first on Security Affairs.
https://securityaffairs.com/151202/data-breach/air-canada-data-breach-2.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
Threat activity targeting a Southeast Asian government could provide insight into the workings of APT Gelsemium. We examine the rare TTPs we observed in two attacks.
The post Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government appeared first on Unit 42.
https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda
APT Stately Taurus (aka Mustang Panda) conducted cyber espionage against a Southeast Asian government, including data exfiltration from compromised networks.
The post Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda appeared first on Unit 42.
https://unit42.paloaltonetworks.com/stately-taurus-attacks-se-asian-government/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus
We analyze waves of attacks on a Southeast Asian government linked to Alloy Taurus. By exploiting exchange servers, the attackers established a foothold for long-term espionage.
The post Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus appeared first on Unit 42.
https://unit42.paloaltonetworks.com/alloy-taurus-targets-se-asian-government/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Triple Tactics
How APIs are being Targeted with Trinity Attacks By Andy Mills, VP EMEA, Cequence Security Application Programming Interfaces (APIs) are growing twice as fast as traditional web traffic but their […]
The post Triple Tactics appeared first on Cyber Defense Magazine.
https://www.cyberdefensemagazine.com/triple-tactics/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government
We investigate espionage attacks on a Southeast Asian government. Initially considered a single actor, it was in fact three separate threat actor clusters. Each cluster displayed unique tools and tactics.
The post Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government appeared first on Unit 42.
https://unit42.paloaltonetworks.com/analysis-of-three-attack-clusters-in-se-asia/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Sandman APT targets telcos with LuaDream backdoor
A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. A joint research conducted by SentinelLabs and QGroup GmbH revealed that a previously undetected APT group, dubbed Sandman, is targeting telecommunication service providers in the Middle East, Western Europe, and South Asia. The APT group is […]
The post Sandman APT targets telcos with LuaDream backdoor appeared first on Security Affairs.
https://securityaffairs.com/151191/apt/sandman-apt-targets-telco.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Fortifying Customer Connections: Cybersecurity in Client-Centric Tech
By Owais Sultan
In today’s rapidly evolving digital landscape, businesses are increasingly embracing client-centric strategies to cater to the ever-changing needs…
This is a post from HackRead.com Read the original post: Fortifying Customer Connections: Cybersecurity in Client-Centric Tech
https://www.hackread.com/fortifying-customer-cybersecurity-client-centric/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Hotel hackers redirect guests to fake Booking.com to steal cards
Security researchers discovered a multi-step information stealing campaign where hackers breach the systems of hotels, booking sites, and travel agencies and then use their access to go after financial data belonging to customers. [...]
https://www.bleepingcomputer.com/news/security/hotel-hackers-redirect-guests-to-fake-bookingcom-to-steal-cards/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Dynmx - Signature-based Detection Of Malware Features Based On Windows API Call Sequences
dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces (so called function logs) originating from malware sandboxes. Hence, the data basis for the detection approach are not the malware samples themselves which are analyzed statically but data that is generated during a dynamic analysis of the malware sample in a malware sandbox. Currently, dynmx supports function logs of the following malware sandboxes: VMRay (function log, text-based and XML format) CAPEv2 (report.json file) Cuckoo (report.json file) The detection approach is described in detail in the master thesis Signature-Based Detection of Behavioural Malware Features...
http://www.kitploit.com/2023/09/dynmx-signature-based-detection-of.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Beware of Sophisticated Phishing Campaigns That Attack Hotel Guests
Phishing is a common cyberattack technique that involves tricking users into clicking on malicious links, downloading malicious attachments, or entering sensitive information on fake websites. Phishing can affect anyone who uses the internet, but some groups are more vulnerable than others. One such group is hotel guests, who may be targeted by a sophisticated phishing […]
The post Beware of Sophisticated Phishing Campaigns That Attack Hotel Guests appeared first on Cyber Security News.
https://cybersecuritynews.com/sophisticated-phishing-campaigns/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Thorough, independent tests are a vital resource for analyzing provider's capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation.
This testing is critical for evaluating vendors because it's virtually impossible to evaluate cybersecurity vendors based on their own
https://thehackernews.com/2023/09/how-to-interpret-2023-mitre-att.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Iranian Nation-State Actor OilRig Targets Israeli Organizations
Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022.
The campaigns, dubbed Outer Space and Juicy Mix, entailed the use of two previously documented first-stage backdoors called Solar and Mango, which were deployed to collect sensitive information from major browsers and the Windows Credential
https://thehackernews.com/2023/09/iranian-nation-state-actor-oilrig.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Gold Melody Attacking Organizations With Burp Extension, Mimikatz, and Other Tools
The financially motivated GOLD MELODY threat group has been active at least since 2017, attacking organizations by taking advantage of flaws in unpatched internet-facing servers. A threat group serves as an initial access broker (IAB) by selling access to organizations that have been compromised to other cybercriminals for their gain. “The victimology suggests opportunistic attacks […]
The post Gold Melody Attacking Organizations With Burp Extension, Mimikatz, and Other Tools appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/gold-melody-threat-group/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Experts warn of a 600X increase in P2Pinfect traffic
The experts warn of a surge in P2PInfect botnet activity since late August 2023, they are witnessing a 600x jump between September 12 and 19, 2023. In July 2023, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running […]
The post Experts warn of a 600X increase in P2Pinfect traffic appeared first on Security Affairs.
https://securityaffairs.com/151182/malware/p2pinfect-botnet-surge.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution.
The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes -
CVE-2022-25647 (CVSS score: 7.5) - A deserialization
https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
New BBTok Banking Malware Generates Victim-Specific Payload
Banking malware is a malicious program that is mainly designed and used by threat actors to steal the following sensitive financial information from victims’ computers or mobile devices:- These malware variants can be highly sophisticated, employing the following advanced techniques:- Cybersecurity analysts at Check Point Research recently found an active BBTok banker campaign in Latin […]
The post New BBTok Banking Malware Generates Victim-Specific Payload appeared first on Cyber Security News.
https://cybersecuritynews.com/bbtok-banking-malware/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
How Enterprises Use SOAR to Track MSSP SLAs
Large enterprises often outsource some of their security needs to Managed Security Service Providers (MSSPs). When alert volumes are high…Continue reading on InfoSec Write-ups »
https://infosecwriteups.com/how-enterprises-use-soar-to-track-mssp-slas-4038aa629ee4?source=rss----7b722bfd1b8d---4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16.
The list of security vulnerabilities is as follows -
CVE-2023-41991 - A certificate validation issue in the Security framework that could allow a
https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
USN-6360-2: FLAC vulnerability
USN-6360-1 fixed a vulnerability in FLAC. This update provides the
corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and
Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that FLAC incorrectly handled encoding certain files. A
remote attacker could use this issue to cause FLAC to crash, resulting in a
denial of service, or possibly execute arbitrary code.
https://ubuntu.com/security/notices/USN-6360-2
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
L'Actu des jours précédents
Metasploit Weekly Wrap-Up
Pumpkin Spice Modules
Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module targeting Apache NiFi as well as a new and improved library to interact
https://blog.rapid7.com/2023/09/01/metasploit-weekly-wrap-up-25/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
NIST CSF vs. Other Cybersecurity Frameworks
Originally published by Schellman. With the new SEC Cybersecurity Disclosure Rule requiring both the reporting of material cybersecurity events and the annual disclosure of cybersecurity programs for public companies, those affected are taking a closer look at cybersecurity frameworks that—while previously considered optional or “nice to have”— could help their organization meet the new regulatory requirements. One in particular—the National Institute of Standards and Technology (NIST) Cybers...
https://cloudsecurityalliance.org/articles/nist-csf-vs-other-cybersecurity-frameworks/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Why This Moment In Cybersecurity Needs Hackers To Protect All Software
https://www.hackerone.com/ceo/why-moment-cybersecurity-needs-hackers-protect-all-software
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
The GitHub Security Lab's journey to disclosing 500 CVEs in open source projects
The GitHub Security Lab audits open source projects for security vulnerabilities and helps maintainers fix them. Recently, we passed the milestone of 500 CVEs disclosed. Let's take a trip down memory lane with a review of some noteworthy CVEs!
The post The GitHub Security Lab's journey to disclosing 500 CVEs in open source projects appeared first on The GitHub Blog.
https://github.blog/2023-09-21-the-github-security-labs-journey-to-disclosing-500-cves-in-open-source-projects/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Fal.Con 2023: CrowdStrike Surges Ahead With Groundbreaking Innovations
CrowdStrike hosted its Fal.Con 2023 conference this week in Las Vegas and announced a number of innovations for its platform—including its generative AI model, "Charlotte."
https://www.forbes.com/sites/tonybradley/2023/09/21/falcon-2023-crowdstrike-surges-ahead-with-groundbreaking-innovations/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent.
Notably, the intrusions leverage a just-in-time (JIT) compiler for the Lua programming language known as LuaJIT as a vehicle to deploy a novel implant called LuaDream.
"The activities we
https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
‘Sandman' hackers backdoor telcos with new LuaDream malware
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.' [...]
https://www.bleepingcomputer.com/news/security/sandman-hackers-backdoor-telcos-with-new-luadream-malware/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
BBTok Malware Returns, Targeting Over 40 Banks in Brazil and Mexico
By Deeba Ahmed
New BBTok Banking Trojan Variant Emerges in Latin America: Check Point Research.
This is a post from HackRead.com Read the original post: BBTok Malware Returns, Targeting Over 40 Banks in Brazil and Mexico
https://www.hackread.com/bbtok-malware-target-brazil-mexico-banks/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
GitHub passkeys generally available for passwordless sign-ins
GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for all users. [...]
https://www.bleepingcomputer.com/news/security/github-passkeys-generally-available-for-passwordless-sign-ins/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
OilRig's Outer Space and Juicy Mix: Same ol' rig, new drill pipes
ESET researchers document OilRig's Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
https://www.welivesecurity.com/en/eset-research/oilrigs-outer-space-juicy-mix-same-ol-rig-new-drill-pipes/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
SAST vs. DAST: Enhancing application security
As the threat landscape continues to evolve, organizations face a formidable challenge: ensure the security of their software applications.
https://blog.sonatype.com/comparing-static-application-security-testing-sast-and-dynamic-application-security-testing-dast
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Proton CAPTCHA: New Privacy-First CAPTCHA Defense Against Bots
By Waqas
Meet new Proton CAPTCHA from Proton AG, a custom-built CAPTCHA system designed to thwart bots and spammers. Proton…
This is a post from HackRead.com Read the original post: Proton CAPTCHA: New Privacy-First CAPTCHA Defense Against Bots
https://www.hackread.com/proton-captcha-privacy-captcha-defense-bots/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Cisco Announced Acquisition of Splunk for a whopping B Mega Deal
Cisco is one of the largest and most successful tech companies in the world, with a market capitalization of 5 billion. Its net income of .6 billion in the last fiscal year further solidifies its position as a top leader in the industry. In 2012, Splunk, which was established in 2003, went public. For the […]
The post Cisco Announced Acquisition of Splunk for a whopping B Mega Deal appeared first on Cyber Security News.
https://cybersecuritynews.com/cisco-and-splunk/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
USN-6395-1: GNOME Shell vulnerability
Mickael Karatekin discovered that GNOME Shell incorrectly allowed the
screenshot tool to view open windows when a session was locked. A local
attacker could possibly use this issue to obtain sensitive information.
https://ubuntu.com/security/notices/USN-6395-1
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
The PaperCutNG Mobility Print 1.0.3512 application has been identified to have a cross-site request forgery vulnerability that leads to sophisticated phishing attacks. This vulnerability exists because the application lacks CSRF defenses such as anti-CSRF tokens, header origin validation, same-site cookies, etc. The Cross-Site Request Forgery (CSRF) attack pushes authenticated users to send requests to Web applications […]
The post Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks appeared first on Cyber Security News.
https://cybersecuritynews.com/papercut-print-manager-flaw/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Passkeys are generally available
All GitHub.com users can now register a passkey to sign in without a password.
The post Passkeys are generally available appeared first on The GitHub Blog.
https://github.blog/2023-09-21-passkeys-are-generally-available/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Scaling Rust Adoption Through Training
Posted by Martin Geisler, Android team
Android 14 is the third major Android release with Rust support. We are already seeing a number of benefits:
Productivity: Developers quickly feel productive writing Rust. They report important indicators of development velocity, such as confidence in the code quality and ease of code review.
Security: There has been a reduction in memory safety vulnerabilities as we shift more development to memory safe languages.
These positive early results provided an enticing motivation to increase the speed and scope of Rust adoption. We hoped to accomplish this by investing heavily in training to expand from the early adopters.
Scaling up from Early Adopters
Early adopters are often willing to accept more risk to try out a new technology. They know...
http://security.googleblog.com/2023/09/scaling-rust-adoption-through-training.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
USN-6394-1: Python vulnerability
It was discovered that Python incorrectly handled certain scripts.
An attacker could possibly use this issue to execute arbitrary code
or cause a crash.
https://ubuntu.com/security/notices/USN-6394-1
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database
MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for these vulnerabilities ranges between 6.1 (Medium) and 8.8 (High). Progress-owned MOVEit transfer was popularly exploited by threat actors who attacked several organizations as part of a ransomware campaign. The organizations previously […]
The post MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/moveit-transfer-sql-injection/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Publishers Spotlight: Nisos: Your Managed Intelligence Partner
Nisos is the Managed Intelligence™ team you need to consider working with to solve your most complex security challenges. They deliver smarter defense and more effective responses against advanced cyber […]
The post Publishers Spotlight: Nisos: Your Managed Intelligence Partner appeared first on Cyber Defense Magazine.
https://www.cyberdefensemagazine.com/publishers-spotlight-nisos-your-managed-intelligence-partner/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
New Microsoft security tools to protect families and businesses
Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.
The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2023/09/21/new-microsoft-security-tools-to-protect-families-and-businesses/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
ApexSMS - 23,246,481 breached accounts
In May 2019, news broke of a massive SMS spam operation known as "ApexSMS" which was discovered after a MongoDB instance of the same name was found exposed without a password. The incident leaked over 80M records with 23M unique email addresses alongside names, phone numbers and carriers, geographic locations (state and country), genders and IP addresses.
https://haveibeenpwned.com/PwnedWebsites#ApexSMS
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Atos Unify Vulnerabilities Let Attacker Execute Remote Code
Two vulnerabilities have been identified on three Atos Unify OpenScape products, SBC, Branch, and BCF, which are associated with Missing authentication and Authenticated Remote code execution. One of the vulnerabilities allows threat actors to execute arbitrary operating system commands as root users, while the other allows them to access and execute various configuration scripts. However, […]
The post Atos Unify Vulnerabilities Let Attacker Execute Remote Code appeared first on Cyber Security News.
https://cybersecuritynews.com/atos-unify-vulnerabilities/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
LUCR-3 Attacking Fortune 2000 Companies Using Victims' Own Tools & Apps
A new financially motivated threat group named “LUCR-3” has been discovered targeting organizations to steal intellectual property for extortion. This threat actor surpasses Scatter Spider, Oktapus, UNC3944, and Storm-0875. LUCR-3 is targeting Fortune 2000 companies in various sectors, which include Software, Retail, Hospitality, Manufacturing, and Telecoms. The threat actor uses existing identities for initial access […]
The post LUCR-3 Attacking Fortune 2000 Companies Using Victims’ Own Tools & Apps appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/lucr-3-attacking-fortune-2000-companies/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
USN-6391-2: CUPS vulnerability
USN-6391-1 fixed a vulnerability in CUPS. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that CUPS incorrectly parsed certain Postscript objects.
If a user or automated system were tricked into printing a specially
crafted document, a remote attacker could use this issue to cause CUPS to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
https://ubuntu.com/security/notices/USN-6391-2
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
USN-6393-1: ImageMagick vulnerability
It was discovered that ImageMagick did not properly handle memory when
processing the -help option. An attacker could potentially use this
issue to cause a crash.
https://ubuntu.com/security/notices/USN-6393-1
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
MGM Resorts' Systems Restored After 10-Days Following Ransomware Attack
In a sigh of relief for both the company and its guests, MGM Resorts announced today that its systems are fully restored after a 10-day ransomware-related outage that had disrupted operations across their hotels and casinos. Just over a week ago, MGM Resorts faced a significant cyber challenge when the ALPHV/BlackCat ransomware group claimed responsibility […]
The post MGM Resorts’ Systems Restored After 10-Days Following Ransomware Attack appeared first on Cyber Security News.
https://cybersecuritynews.com/mgm-resorts-systems-restored/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Is QakBot Malware Officially Dead?
Only a few malware families can claim to have persisted for nearly twenty years, and QakBot (also referred to as QBot) stands among them as one of the most enduring. Since its first appearance in 2008, it has been deployed in numerous attacks, causing significant financial losses of hundreds of millions of dollars. However, it […]
The post Is QakBot Malware Officially Dead? appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/qakbot/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Criminals are Bypassing Authentication with Stolen Session Cookies
By Trevor Hilligoss, Director of Security Research, SpyCloud The last 12 months revealed a concerning trend in credential exposure. According to SpyCloud’s 2023 Identity Exposure Report, nearly half of the 721.5 […]
The post Criminals are Bypassing Authentication with Stolen Session Cookies appeared first on Cyber Defense Magazine.
https://www.cyberdefensemagazine.com/criminals-are-bypassing-authentication-with-stolen-session-cookies/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Most organizations want security vendor consolidation
Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. […]
The post Most organizations want security vendor consolidation appeared first on Security Intelligence.
https://securityintelligence.com/articles/most-organizations-want-security-vendor-consolidation/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023.
"This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware's developers are operating at an extremely high development cadence," Cado Security researcher Matt Muir
https://thehackernews.com/2023/09/researchers-raise-red-flag-on-p2pinfect.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Rumble Slams ‘Disturbing' Request From U.K. Lawmakers Over Russell Brand's Content
The U.K. government is questioning social media companies about whether Russell Brand is able to monetize his content on their sites, sparking accusations of overreach.
https://www.forbes.com/sites/emmawoollacott/2023/09/21/rumble-slams-disturbing-request-from-uk-government-over-russell-brands-content/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Siemens ALM 0-Day Vulnerabilities Posed Full Remote Takeover Risk
By Waqas
Tel Aviv-based firm OTORIO's cybersecurity research team identified and reported these vulnerabilities.
This is a post from HackRead.com Read the original post: Siemens ALM 0-Day Vulnerabilities Posed Full Remote Takeover Risk
https://www.hackread.com/siemens-alm-0-day-vulnerabilities-takeover/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Sekiryu - Comprehensive Toolkit For Ghidra Headless
This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide range of scripts that can be executed both inside and alongside Ghidra, enabling users to perform tasks such as Vulnerability Hunting, Pseudo-code Commenting with ChatGPT and Reporting with Data Visualization on the analyzed codebase. It allows user to load and save their own script and interract with the built-in API of the script. Key Features Headless Mode Automation: The toolkit enables users to seamlessly launch and run Ghidra in Headless mode, allowing for automated and batch processing of code analysis tasks. Script Repository/Management: The toolkit includes a repository of pre-built scripts...
http://www.kitploit.com/2023/09/sekiryu-comprehensive-toolkit-for.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
System Admin Pleads Guilty for Selling Pirated Business Phone Software Licenses
For taking part in a large international scheme to earn millions of dollars by selling pirated business telephone system software licenses, a computer system admin and his spouse pled guilty. Software licenses with a retail value of over million are said to have been sold as a result of the whole operation. The U.S. Department […]
The post System Admin Pleads Guilty for Selling Pirated Business Phone Software Licenses appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/system-admin-pleads-guilty/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Trend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code
If you use Trend Micro Apex One, you should know that the third-party Antivirus uninstaller feature may have a security hole. This flaw could make it possible for random code to be run. Even though the National Vulnerability Database (NVD) hasn’t proven how bad the problem is yet, you should be careful and take the […]
The post Trend Micro Zero-day Vulnerability Let Attackers Run Arbitrary Code appeared first on GBHackers - Latest Cyber Security News | Hacker News.
https://gbhackers.com/trend-micro-zero-day-vulnerability/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
The Rise of the Malicious App
Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft 365. Security concerns center on the permission scopes that are granted to the third party apps, and the potential
https://thehackernews.com/2023/09/the-rise-of-malicious-app.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
WatchGuard acquires CyGlass for AI-powered network anomaly detection
WatchGuard® Technologies, provider of unified cybersecurity, today announced the acquisition of CyGlass Technology Services, a provider of cloud and network-centric threat detection and response solutions that help organisations see risks, stop threats, and prove compliance. CyGlass’s cloud-native platform utilises advanced artificial intelligence (AI) and machine learning (ML) capabilities to deliver enterprise-class cyber defence across hybrid […]
The post WatchGuard acquires CyGlass for AI-powered network anomaly detection appeared first on IT Security Guru.
https://www.itsecurityguru.org/2023/09/21/watchguard-acquires-cyglass-for-ai-powered-network-anomaly-detection/?utm_source=rss&utm_medium=rss&utm_campaign=watchguard-acquires-cyglass-for-ai-powered-network-anomaly-detection
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Overview of IoT threats in 2023
IoT threats: how devices get hacked, what malware is uploaded, and what services are on offer on the dark web in 2023.
https://securelist.com/iot-threat-report-2023/110644/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.
In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on
https://thehackernews.com/2023/09/china-accuses-us-of-decade-long-cyber.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware.
SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant).
"This financially motivated
https://thehackernews.com/2023/09/cyber-group-gold-melody-selling.html
Partager : LinkedIn / Twitter / Facebook / View / View (lite)
Will U.K. Online Safety Bill Break Encryption For Mass Surveillance?
This covers child sexual exploitation and abuse content; terrorism content; hate content; communications offences such as malicious communications, harassment and cybe...
https://www.forbes.com/sites/stewartroom/2023/09/21/will-uk-online-safety-bill-break-encryption-for-mass-surveillance/
Partager : LinkedIn / Twitter / Facebook / View / View (lite)