Les deux hommes interpellés mercredi en région parisienne, des frères de 18 et 20 ans, ont causé pour 9,5 millions de dollars de préjudice à la société américaine de finance décentralisée.

In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns. I first observed this OneNote abuse in the media via Didier’s post. This was later also mentioned in Xavier’s ISC diary and on the podcast. Later, in the beginning of February, the hacker news covered this as well.

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's…

One of three hackers recently arrested for large-scale data theft was active for cyber security organization DIVD, sources told NOS. DIVD is a government-subsidized association of Dutch security experts that researches unsafe computer systems.

Charlotte, NC – February 22, 2023– Dole plc (DOLE:NYSE) announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.

The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.

You may have heard about the cryptojacking malware on macOS. Read about a new one spotted by Jamf Threat Labs.

Valve fixed an exploit cheaters were used, and used that patch to catch them in the act. More than 40,000 people were banned for using the third-party cheat.

Attackers are distributing malware disguised as a ChatGPT desktop client for Windows offering “precreated accounts”

Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.

Google's Android and Chrome Vulnerability Reward Programs (VRPs) in particular saw hundreds of valid reports and payouts for security vulnerabilities discovered by ethical hackers.

Insider Gaming has been able to obtain the entirety of the gaming giant Activision’s data breach initially reported by vx-underground and confirmed the data contains plans for Modern Warfare 2’s upcoming DLCs, Call of Duty 2023 (Codenamed Jupiter) and Call of Duty 2024 (Codenamed Cerberus), as well as sensitive employee information.

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user. (advisory https://www.fortiguard.com/psirt?date=02-2023)

A security researcher told TechCrunch that a government server was exposing military emails to the internet because no password was set.

Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. The initial early-warning threat notification about this activity was sent around September 2021 with further updates during 2022 and January, 2023. Recent cyber-attacks on cloud service providers (CSPs) and managed services providers (MSPs) saw bad actors attempt to leverage a weakness in their cybersecurity supply chain with the goal of stealing sensitive data from their target enterprises and government organizations. Data centers are meaningful targets for attackers and an important element of the enterprise supply chain.