Search cyberveille.decio.ch

Found 5714 bookmarks

Newest

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

#welivesecurity #ESET #2023 #EN #WinterVivern #APT #zero-day #XSS #vulnerability #Roundcube

·welivesecurity.com·Oct 27, 2023

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

StripedFly: Perennially flying under the radar

Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was quite astonishing.

#securelist #EN #2023 #stripedfly #NSA #Data-theft #Encryption #EternalBlue #Linux #Malware-Descriptions #Malware-Technologies #Miner #Targeted-attacks #TOR

·securelist.com·Oct 26, 2023

StripedFly: Perennially flying under the radar

Triangulation: validators, post-compromise activity and modules | Securelist

In this report Kaspersky shares insights into the validation components used in Operation Triangulation, TriangleDB implant post-compromise activity, as well as details of some additional modules.

#securelist #EN #2023 #iOS #Apple #macOS #APT #Malware #Malware-Description #analysis #spyware #Triangulation

·securelist.com·Oct 26, 2023

Triangulation: validators, post-compromise activity and modules | Securelist

VMSA-2023-0023

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities

#vmware #EN #2023 #vulnerability #VMSA-2023-0023 #CVE-2023-34048 #advisory

·vmware.com·Oct 25, 2023

VMSA-2023-0023

iLeakage

We present iLeakage, a transient execution side channel targeting the Safari web browser present on Macs, iPads and iPhones. iLeakage shows that the Spectre attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery. We show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution. In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets, such as Gmail inbox content. Finally, we demonstrate the recovery of passwords, in case these are autofilled by credential managers.

#ileakage #EN #2023 #macos #Safari #Side-Channel #ios #Spectre #speculative

·ileakage.com·Oct 25, 2023

iLeakage

Hackers can force iOS and macOS browsers to divulge passwords and much more

iLeakage is practical and requires minimal resources. A patch isn't (yet) available.

#arstechnica #EN #2023 #ileakage #macos #ios #speculative

·arstechnica.com·Oct 25, 2023

Hackers can force iOS and macOS browsers to divulge passwords and much more

Partout, les passkeys remplacent les mots de passe. Au tour des entreprises?

Apple, Microsoft, Google, Amazon, les géants de la technologie adoptent tous les passkeys comme alternative aux mots de passe. Le système a aussi de quoi séduire les entreprises, tant pour sa sécurité que pour sa simplicité, gage de moins d’appels au support technique pour réinitialiser un mot de passe.

#ictjournal #FR #2023 #passkeys #entreprises

·ictjournal.ch·Oct 25, 2023

Partout, les passkeys remplacent les mots de passe. Au tour des entreprises?

Now Android and Windows devices aren't safe from Flipper Zero either | ZDNET

The Bluetooth spam feature that was initially used to inundate, and even crash, iPhones has now been expanded to cover Android and Windows devices.

#zdnet #EN #203 #flipperzero #ble #spam #Android #Bluetooth

·zdnet.com·Oct 25, 2023

Now Android and Windows devices aren't safe from Flipper Zero either | ZDNET

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability.

#bleepingcomputer #EN #2023 #Citrix #Netscaler #Warning #CVE-2023-4966 #ADC #GAteway

·bleepingcomputer.com·Oct 25, 2023

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

CVE-2023-4966: NetScaler Critical Security Update Now Available

CVE-2023-4966 affects NetScaler ADC and NetScaler Gateway and, if exploited, could result in unauthorized data disclosure. Learn more.

#NetScaler #EN #2023 #CVE-2023-4966 #ADC

·netscaler.com·Oct 25, 2023

CVE-2023-4966: NetScaler Critical Security Update Now Available

Battling a new DarkGate malware campaign with Malwarebytes MDR

First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however, researchers at Trusec found evidence of a campaign using external Teams messages to deliver the DarkGate Loader.

#malwarebytes #EN #2023 #DarkGate #malware

·malwarebytes.com·Oct 24, 2023

Battling a new DarkGate malware campaign with Malwarebytes MDR

Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

It's time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned "unauthenticated buffer-related vulnerabilities" and two CVEs. These issues affected Citrix NetScaler ADC and NetScaler Gateway.

#assetnote #EN #2023 #CVE-2023-4966 #session #token #Citrix

·assetnote.io·Oct 24, 2023

Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

Another plastic surgery practice appears to have been hit — this time by Hunters International

On October 17, the FBI issued a Public Service Announcement, Cybercriminals are Targeting Plastic Surgery Offices and Patients. Five days later, DataBreaches learned that there had been another attack on a plastic surgery practice where patient data had allegedly been stolen and is in danger of being leaked publicly. It would not be surprising if the FBI knew about the attack and that it was the impetus for the newly released PSA.

#databreaches #EN #2023 #analysis #plastic-surgery #data-breaches #Hunters-International

·databreaches.net·Oct 24, 2023

Another plastic surgery practice appears to have been hit — this time by Hunters International

Tracking Unauthorized Access to Okta's Support System

Okta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system. The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.

#okta #EN #2023 #incident

·sec.okta.com·Oct 24, 2023

Tracking Unauthorized Access to Okta's Support System

Okta incident and 1Password | 1Password

We detected suspicious activity on our Okta instance that we use to manage our employee-facing apps. We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.

#1password #EN #2023 #okta #incident

·blog.1password.com·Oct 24, 2023

Okta incident and 1Password | 1Password

1Password Detects Suspicious Activity Following Okta Support Breach

1password detected suspicious activity following the Okta support system breach. After investigation, they determined no user data was accessed.

#thehackernews #EN #2023 #1Password #Okta #investigation

·thehackernews.com·Oct 24, 2023

1Password Detects Suspicious Activity Following Okta Support Breach

Spain police dismantled a cybercriminal group who stole data of 4 million individuals

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over 4M individuals.

#securityaffairs #EN #2023 #police #arrest #cybercriminal #group #stolen #data

·securityaffairs.com·Oct 24, 2023

Spain police dismantled a cybercriminal group who stole data of 4 million individuals

Okta stock falls after company says client files accessed by hackers via support system

Cybersecurity firm Okta said an unidentified hacker had accessed the company's support system and viewed client files.

#cnbc #EN #2023 #Okta #stock #Business #hack

·cnbc.com·Oct 21, 2023

Okta stock falls after company says client files accessed by hackers via support system

How Cloudflare mitigated yet another Okta compromise

On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response.

#cloudflare #EN #2023 #Okta #Cloudflare

·blog.cloudflare.com·Oct 21, 2023

How Cloudflare mitigated yet another Okta compromise

CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations

Cluster25 analyzed an attack by APT28/FancyBear exploiting the WinRAR vulnerability CVE-2023-38831

#cluster25 #EN #2023 #analysis #CVE-2023-38831 #Exploited #Pro-Russia #WinRAR

·blog.cluster25.duskrise.com·Oct 21, 2023

CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations

Measures taken following the unprecedented cyber-attack on the ICC

Five weeks ago, the International Criminal Court detected a serious cyber security incident, thanks to the alert mechanism provided by its monitoring system. The ICC has made various and serious efforts to address this attack. The Court deems it is its responsibility to continue to inform about these efforts and to provide the relevant additional information on the attack itself.

#ICC #CPI #EN #2023 #International-Criminal-Court #Cour-Pénale-Internationale #lesson-learned #forensic #mesures #cyber-attack

·icc-cpi.int·Oct 21, 2023

Measures taken following the unprecedented cyber-attack on the ICC

Switzerland’s e-voting system has predictable implementation blunder

Last year, I published a 5-part series about Switzerland’s e-voting system. Like any internet voting system, it has inherent security

#freedom-to-tinker #EN #2023 #e-vote #swiss #Switzerland #predictable #implementation #blunder

·freedom-to-tinker.com·Oct 21, 2023

Switzerland’s e-voting system has predictable implementation blunder

Know the Protocol! - How to Prevent Undetected Vote Manipulation on the Verified Swiss Post E-Voting System

I’m a Swiss voter living abroad, and like all Swiss expats from Basel-Stadt, St.Gallen or Thurgau, I’ve been invited to vote over the internet in this year’s national election. Switzerland’s e-voting system is supposed to have safeguards to protect the election against malicious actors, however as a computer scientist, I have found a flaw in the practical implementation of one of those safeguards.

#andreaskuster #EN #2023 #swiss #vote #expats #e-voting #system #Manipulation

·andreaskuster.ch·Oct 21, 2023

Know the Protocol! - How to Prevent Undetected Vote Manipulation on the Verified Swiss Post E-Voting System

Several websites of Belgian institutions disrupted yesterday by DDoS attack

Several websites of Belgian institutions (such as those of the Royal Palace, the Chancellery of the Prime Minister and the Senate) experienced some disruption late Thursday afternoon.

#belgium #EN #2023 #ccb #Belgian #institutions #disrupted #DDoS #NoName

·ccb.belgium.be·Oct 21, 2023

Several websites of Belgian institutions disrupted yesterday by DDoS attack

Big Data, un outil d’influence en période électorale

Grâce à l’usage du Big Data et des algorithmes dans les campagnes électorales et de votation, il devient possible d’influencer le comportement des électeurs et le résultat d’un suffrage. Cela soulève la question du droit à l’autodétermination des individus mais aussi des peuples.

#swissprivacy #FR #BigData #algorithmes #votation #influence #autodétermination

·swissprivacy.law·Oct 21, 2023

Big Data, un outil d’influence en période électorale

Un cybercriminel russe membre du gang Ragnar Locker arrêté en France

Un membre russe du gang de hackers Ragnar Locker a été arrêté en France. Ce collectif de cybercriminels est responsable de nombreuses cyberattaques par

#numerama #FR #2023 #ragnar #cybercriminel #russe #Locker #France #ransomware #arrêté

·numerama.com·Oct 21, 2023

Un cybercriminel russe membre du gang Ragnar Locker arrêté en France

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.

#bleepingcomputer #EN #2023 #Cisco #IOS-XE #Zero-Day #CVE-2023-20273

·bleepingcomputer.com·Oct 21, 2023

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

D-Link confirms data breach after employee phishing attack

Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month.

#bleepingcomputer #EN #2023 #D-Link #Data-Breach #Phishing #BreachForums

·bleepingcomputer.com·Oct 21, 2023

D-Link confirms data breach after employee phishing attack

Ragnar Locker ransomware gang taken down by international police swoop

This action, coordinated at international level by Europol and Eurojust, targeted the Ragnar Locker ransomware group. The group were responsible for numerous high-profile attacks against critical infrastructure across the world. In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain and Latvia. The “key target” of this malicious ransomware strain was arrested in Paris,...

#europol #EN #2023 #Ragnar #Locker #ransomware #Takedown

·europol.europa.eu·Oct 21, 2023

Ragnar Locker ransomware gang taken down by international police swoop

Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.

#darkreading #EN #2023 #RCE #SolarWinds #CVE-2023-35181 #CVE-2023-35183

·darkreading.com·Oct 21, 2023

Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover