Ransomware Hive : arrestation d’un suspect à Paris | LeMagIT
Un ressortant russe résidant à Chypre, âgé d’une quarantaine d’années, a été interpellé la semaine dernière à Paris, soupçonné de liens avec la franchise de rançongiciel Hive.
AlphV’s bid to report its victim to the SEC could backfire
The ransomware group AlphV reported a victim to the SEC for failing to report a cybersecurity incident, placing government regulators in a precarious position.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2F7WB4KO3VURIJFCMNGZMZOWFTHU.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Ukraine's top mobile operator hit by biggest cyberattack of war so far | Reuters
Ukraine's biggest mobile network operator was hit on Tuesday by what appeared to be the largest cyberattack of the war with Russia so far, knocking out mobile and internet services for millions and the air raid alert system in parts of Kyiv region.
pfSense Security: Sensing Code Vulnerabilities with SonarCloud
Our Clean Code solution SonarCloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarCloud found them and how it can keep your code clean.
One in four apps remain exposed to Log4Shell
Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation. Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.
Kelvin Security hacking group leader arrested in Spain
The Spanish police have arrested one of the alleged leaders of the 'Kelvin Security' hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020. #Arrest #Computer #Data #Hacktivism #InfoSec #Kelvin #Police #Security #Spain #Theft
Sophos backports RCE fix after attacks on unsupported firewalls
Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks.
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin
A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.
AI Act, come funziona lo stop al riconoscimento biometrico della prima legge europea sull'intelligenza artificiale | Wired Italia
Sono previste tre eccezioni per le forze dell'ordine, con una lista di 16 crimini per le cui indagini può essere ammesso. Serve un'autorizzazione dall'autorità giudiziaria, ma si può partire senza e richiederla in 24 ore
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.
US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack | TechCrunch
Hackers accessed the personal and health data of 2.5 million patients — and employees — during a May ransomware attack.
L’AI Act européen adopté après des négociations marathon | ICTjournal
Les négociateurs du Parlement et du Conseil européens sont parvenus à un accord concernant la réglementation de l'intelligence artificielle. L'approche basée sur les risques, à la base du projet, est confirmée. Des compromis sont censés garantir la protection contre les risques liés à l’IA, tout en encourageant l’innovation.
The EU Just Passed Sweeping New Rules to Regulate AI
The European Union agreed on terms of the AI Act, a major new set of rules that will govern the building and use of AI and have major implications for Google, OpenAI, and others racing to develop AI systems.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23935560%2Facastro_STK103__03.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Amazon sues group that fakes returns so people can get free MacBooks - The Verge
Amazon sues REKK, which allegedly helped shoppers get other expensive items for free by hacking and bribing fulfillment center employees to approve fake returns.
Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol
Bluetooth Trackers Exploited for Geolocation in Organised CrimeBluetooth trackers, commonly used for locating personal items and vehicles, have become an unexpected tool in organised crime, according to recent findings reported by Europol in an Early Warning Notification. Typically designed for purposes such as finding lost keys or preventing vehicle theft, Bluetooth trackers are now being leveraged by criminals for geo-locating...
23andMe changes terms of service amid legal fallout from data breach
Days after a data breach allowed hackers to steal 6.9 million 23andMe users' personal details, the genetic testing company changed its terms of service to prevent customers from formally suing the firm or pursuing class-action lawsuits against it. Why it matters: It's unclear if 23andMe is attempting to retroactively shield itself from lawsuits alleging it acted negligently.
Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware
Russian national Vladimir Dunaev found guilty for developing TrickBot malware, facing up to 35 years in prison.
Inside Job: How a Hacker Helped Cocaine Traffickers Infiltrate Europe’s Biggest Ports
Europe’s commercial ports are top entry points for cocaine flooding in at record rates. The work of a Dutch hacker, who was hired by drug traffickers to penetrate port IT networks, reveals how this...
Ransomware : un mois de novembre hors-norme
Globalement, le mois écoulé se distingue par un niveau inédit de la menace observable, et incohérent avec la saisonnalité historiquement constatée. Mais cela ne vaut pas pour la France.
Using AI to Automatically Jailbreak GPT-4 and Other LLMs in Under a Minute
It’s been one year since the launch of ChatGPT, and since that time, the market has seen astonishing advancement of large language models (LLMs). Despite the pace of development continuing to outpace model security, enterprises are beginning to deploy LLM-powered applications. Many rely on guardrails implemented by model developers to prevent LLMs from responding to sensitive prompts. However, even with the considerable time and effort spent by the likes of OpenAI, Google, and Meta, these guardrails are not resilient enough to protect enterprises and their users today. Concerns surrounding model risk, biases, and potential adversarial exploits have come to the forefront.
Scanning Danger: Unmasking the Threats of Quishing
In this blog, we explore the modus operandi of threat actors utilizing QR code attacks, by examining recent and widespread quishing campaigns detected by Trellix.
Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks
Qualcomm has disclosed details about three high-severity security vulnerabilities that were exploited in limited, targeted attacks in October 2023.
ASSET Research Group: 5Ghoul
In this vulnerability disclosure report, we discuss details of 5Ghoul – a family of implementation-level 5G vulnerabilities. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek. Consequently, many 5G-capable commercial products such as smartphones, Customer-premises Equipment (CPE) routers and USB modems are potentially impacted due to the employment of vulnerable 5G modems in such products. In total, we have found 12 new vulnerabilities (14 total), out of which 10 affect 5G modems from Qualcomm and MediaTek. More importantly, three of these ten vulnerabilities are confirmed to have high severity. We also wrote a scraper to send crafted queries to https://www.kimovil.com/en/ and to have an estimate on the number of smartphone models affected due to these vulnerabilities. We found over 710 smartphone models that are currently in the market to be affected. We emphasize that the actual number of affected models might be more, as firmware code is often shared across different modem versions. In this disclosure report, we also demonstrate the exploitation of 5Ghoul vulnerabilities to drop and freeze 5G connection on smartphones and CPE routers. We also show downgrade attacks across multiple smartphones that result in downgrading the 5G connection to 4G.
Fighting Ursa Aka APT28: Illuminating a Covert Campaign
In three campaigns over the past 20 months, Russian APT Fighting Ursa has targeted over 30 organizations of likely strategic intelligence value using CVE-2023-23397.
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns | CISA
The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in the UK, and other geographical areas of interest, for information-gathering activity. The UK National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), the US Cyber National Mission Force (CNMF), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ) assess that Star Blizzard is almost certainly subordinate to the Russian Federal Security Service (FSB) Centre 18.
UK names FSB unit behind hack-and-leak campaigns, summons Russian ambassador
The British government accused a unit of Russia’s Federal Security Service (FSB) on Thursday of using cyberattacks in a “sustained but unsuccessful” campaign to undermine democratic institutions in the country.
Rhysida ransomware gang claimed China Energy hack
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
PLC Hacking - More Commonplace Than You Might Think
Wasn't certain where to drop this but... woke up to a coworker texting me the attached photo. Luckily they renamed the PLC to "GAZA" and didn't actually do too much damage.
Researchers discover dozens of new bugs affecting Sierra Wireless routers
The company’s AirLink cellular routers are often used in critical infrastructure sectors, such as government and emergency services.