Found 5714 bookmarks
Newest
Des pirates informatiques russes ont publié un document sensible de la Confédération
Des pirates informatiques russes ont publié un document sensible de la Confédération
Des pirates informatiques russes ont publié un document interne de la Confédération concernant une possible livraison indirecte de chars Piranha à l'Ukraine. Le Secrétariat d'Etat à l'économie (Seco) a confirmé l'authenticité du document à Keystone-ATS.
#rfj#FR#CH#Confédération#Seco#Ukraine#Joker#leak
·rfj.ch·
Des pirates informatiques russes ont publié un document sensible de la Confédération
Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
A US cybersecurity advisory panel will investigate risks in cloud computing, including Microsoft Corp.’s role in a recent breach of government officials’ email accounts by suspected Chinese hackers, according to two people familiar with the matter. The Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on risks to cloud computing infrastructure broadly, including identity and authentication management, and will examine all relevant cloud service providers, according to a Department of Homeland Security official. The issue was brought into focus by the breach of Microsoft’s email systems, the official said. Both people asked not to be named so they could discuss sensitive information.
#Bloomberg#EN#2023#Microsoft#cloud#investigate#US#Email#Breach#Inquiry
·archive.ph·
Microsoft’s Role in Email Breach by Suspected Chinese Hackers Part of US Inquiry
MoustachedBouncer: Espionage against foreign diplomats in Belarus
MoustachedBouncer: Espionage against foreign diplomats in Belarus
MoustachedBouncer is a cyberespionage group discovered by ESET Research and first publicly disclosed in this blogpost. The group has been active since at least 2014 and only targets foreign embassies in Belarus. Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets. The group uses two separate toolsets that we have named NightClub and Disco.
#welivesecurity#EN#2023#MoustachedBouncer#cyberespionage#AitM#Belarus
·welivesecurity.com·
MoustachedBouncer: Espionage against foreign diplomats in Belarus
“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping
“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping
  • We analyzed Tencent’s Sogou Input Method, which, with over 450 million monthly active users, is the most popular Chinese input method in China. Analyzing the Windows, Android, and iOS versions of the software, we discovered troubling vulnerabilities in Sogou Input Method’s custom-designed “EncryptWall” encryption system and in how it encrypts sensitive data. We found that network transmissions containing sensitive data such as those containing users’ keystrokes are decipherable by a network eavesdropper, revealing what users are typing as they type. We disclosed these vulnerabilities to Sogou developers, who released fixed versions of the affected software as of July 20, 2023 (Windows version 13.7, Android version 11.26, and iOS version 11.25). These findings underscore the importance for software developers in China to use well-supported encryption implementations such as TLS instead of attempting to custom design their own.
#citizenlab#EN#2023#Sogou#Keyboard#encryption#eavesdropping
·citizenlab.ca·
“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping
Researchers watched 100 hours of hackers hacking honeypot computers
Researchers watched 100 hours of hackers hacking honeypot computers
Imagine being able to sit behind a hacker and observe them take control of a computer and play around with it. That’s pretty much what two security researchers did thanks to a large network of computers set up as a honeypot for hackers. The researchers deployed several Windows servers deliberately exposed on the internet, set up with Remote Desktop Protocol, or RDP, meaning that hackers could remotely control the compromised servers as if they were regular users, being able to type and click around.
#techcrunch#EN#2023#honeypots#hackers#hacking#researchers#research#honeypot
·techcrunch.com·
Researchers watched 100 hours of hackers hacking honeypot computers
Don’t you (forget NLP): Prompt injection with control characters in ChatGPT
Don’t you (forget NLP): Prompt injection with control characters in ChatGPT
Like many companies, Dropbox has been experimenting with large language models (LLMs) as a potential backend for product and research initiatives. As interest in leveraging LLMs has increased in recent months, the Dropbox Security team has been advising on measures to harden internal Dropbox infrastructure for secure usage in accordance with our AI principles. In particular, we’ve been working to mitigate abuse of potential LLM-powered products and features via user-controlled input.
#dropbox#EN#2023#ChatGPT#LLMs#prompt-injection
·dropbox.tech·
Don’t you (forget NLP): Prompt injection with control characters in ChatGPT
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
#microsoft#EN#2023#research#Social-engineering#NOBELIUM#MidnightBlizzard#Teams
·microsoft.com·
Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Reptile Malware Targeting Linux Systems
Reptile Malware Targeting Linux Systems
Reptile is an open-source kernel module rootkit that targets Linux systems and is publicly available on GitHub. [1] Rootkits are malware that possess the capability to conceal themselves or other malware. They primarily target files, processes, and network communications for their concealment. Reptile’s concealment capabilities include not only its own kernel module but also files, directories, file contents, processes, and network traffic. Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse...
#ASEC#EN#2023#Reptile#open-source#kernel#module#rootkit#Linux
·asec.ahnlab.com·
Reptile Malware Targeting Linux Systems
Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform
Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform
A researcher at Tenable has discovered an issue that enables limited, unauthorized access to cross-tenant applications and sensitive data (including but not limited to authentication secrets). Background The issue occurred as a result of insufficient access control to Azure Function hosts, which are launched as part of the creation and operation of custom connectors in Microsoft’s Power Platform (Power Apps, Power Automation).
#tenable#2023#EN#cross-tenant#Cloud#Microsoft-Power#Platform
·tenable.com·
Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform
Malicious Batch File (*.bat) Disguised as a Document Viewer Being Distributed (Kimsuky)
Malicious Batch File (*.bat) Disguised as a Document Viewer Being Distributed (Kimsuky)
AhnLab Security Emergency response Center (ASEC) has confirmed the distribution of malware in the form of a batch file (*.bat). This malware is designed to download various scripts based on the anti-malware process, including AhnLab products, installed in the user’s environment. Based on the function names used by the malware and the downloaded URL parameters, it is suspected to have been distributed by the Kimsuky group.
#asec.ahnlab#malware#analysis#batch#file#.bat#Kimsuky#Document#Viewer
·asec.ahnlab.com·
Malicious Batch File (*.bat) Disguised as a Document Viewer Being Distributed (Kimsuky)
Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack
Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack
Hackers exploited a ‘zero-day’ flaw in Ivanti software to breach 12 ministries in Norway Norway’s security officials warned around 20 critical infrastructure companies, other businesses and public agencies in the country they might also be vulnerable to a cyberattack disclosed Monday that hit 12 government ministries.
#wsj#EN#2023#zero-day#Ivanti#Norway
·wsj.com·
Critical Infrastructure Companies Warned to Watch for Ongoing Cyberattack