Search cyberveille.decio.ch

Found 41 bookmarks

Custom sorting

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro.

#thehackernews #EN #2024 #GitHub #FileZilla #AMOS #impersonating #software #1Password #fake

·thehackernews.com·May 25, 2024

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Our research reveals that personal repositories often expose sensitive corporate data, leading to severe security breaches

#aquasec #EN #2024 #GitHub #Repos #Exposed #Redhat #Microsoft #tokens

·aquasec.com·May 16, 2024

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Over 170K users hit by poisoned Python package ruse

Supply chain attack targeted GitHub community of Top.gg Discord server

#theregister #EN #2024 #Top.gg #GitHub #Supply-chain-attack #Python

·theregister.com·Mar 25, 2024

Over 170K users hit by poisoned Python package ruse

GitHub besieged by millions of malicious repositories in ongoing attack | Ars Technica

GitHub keeps removing malware-laced repositories, but thousands remain.

#arstechnica #EN #2024 #github #malicious #repositories #attack

·arstechnica.com·Mar 1, 2024

GitHub besieged by millions of malicious repositories in ongoing attack | Ars Technica

GitHub leak exposes Chinese offensive cyber operations – researchers

The leaked documents supposedly discuss spyware developed by I-Soon, a Chinese infosec company, that’s targeting social media platforms, telecommunications companies, and other organizations worldwide. Researchers suspect the operations are orchestrated by the Chinese government. Unknown individuals allegedly leaked a trove of Chinese government documents on GitHub. The documents reveal how China conducts offensive cyber operations with spyware developed by I-Soon, Taiwanese threat intelligence researcher Azaka Sekai claims.

#cybernews #EN #2024 #leaked #China #researchers #GitHub #spyware #I-Soon

·cybernews.com·Feb 19, 2024

GitHub leak exposes Chinese offensive cyber operations – researchers

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Binance Code and Internal Passwords Exposed on GitHub for Months

A takedown request said the GitHub account was “hosting and distributing leaks of internal code which poses significant risk to BINANCE.”

#404media #EN #2024 #Binance #Code #GitHub #Exposed

·404media.co·Jan 31, 2024

Binance Code and Internal Passwords Exposed on GitHub for Months

Public SSH keys can leak your private infrastructure

This article describes a minor security flaw in the SSH authentication protocol that can lead to unexpected private infrastructure disclosure. It also provides a PoC written in Python.

#rushter #EN #2019 #SSH #keys #github #leak

·rushter.com·Jan 30, 2024

Public SSH keys can leak your private infrastructure

How a mistakenly published password exposed Mercedes-Benz source code

Mercedes accidentally exposed a trove of sensitive data after a leaked security key gave “unrestricted access” to company’s source code.

#techcrunch #EN #2024 #Mercedes #exposed #password #Mercedes-Benz #Source-Code #GitHub

·techcrunch.com·Jan 29, 2024

How a mistakenly published password exposed Mercedes-Benz source code

smith (CVE-2023-32434)

This write-up presents an exploit for a vulnerability in the XNU kernel: Assigned CVE-2023-32434. Fixed in iOS 16.5.1 and macOS 13.4.1. Reachable from the WebContent sandbox and might have been actively exploited. *Note that this CVE fixed multiple integer overflows, so it is unclear whether or not the integer overflow used in my exploit was also used in-the-wild. Moreover, if it was, it might not have been exploited in the same way. The exploit has been successfully tested on: iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max) macOS 13.1 and 13.4 (MacBook Air M2 2022) All code snippets shown below are from xnu-8792.81.2.

#Poulin-Bélanger #EN #2023 #exploit #analysis #vulnerability #github #macos #ios #CVE-2023-32434

·github.com·Jan 3, 2024

smith (CVE-2023-32434)

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)

CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.

#github #EN #2023 #CVE-2023-43641 #libcue #GNOME

·github.blog·Oct 13, 2023

Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)

38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog

Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token

#wiz #EN #2023 #GitHub #Microsoft #leak

·wiz.io·Sep 19, 2023

38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog

Microsoft AI Employee Accidentally Leaks 38TB of Data

A software repository on GitHub dedicated to supplying open-source code and AI models for image recognition was left open to manipulation by bad actors thanks to an insecure URL.

#pcmag #EN #2023 #DataLeak #GitHub #Microsoft #38TB

·pcmag.com·Sep 18, 2023

Microsoft AI Employee Accidentally Leaks 38TB of Data

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware. Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.

#securityweek #EN #2023 #BlackLotus #UEFI #Bootkit #Source #Code #Leaked #GitHub

·securityweek.com·Jul 15, 2023

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

VulnCheck discovers a network of fake security researcher accounts promoting hidden malware.

#vulncheck #EN #2023 #fake #researcher #malware #GitHub #Repositories #Implant

·vulncheck.com·Jun 15, 2023

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

Action needed for GitHub Desktop and Atom users

Update to the latest version of Desktop and previous version of Atom before February 2.

#GitHub #EN #2023 #breach #Update #repositories

·github.blog·Feb 1, 2023

Action needed for GitHub Desktop and Atom users

Pro-Russia hackers use Telegram, GitHub to attack Czech presidential election

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

#therecord #EN #2023 #Telegram #GitHub #Pro-Russia #Czech #election #DDOSIA #Sentinelone

·therecord.media·Jan 15, 2023

Pro-Russia hackers use Telegram, GitHub to attack Czech presidential election

zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.

Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. Works on iOS 16.1.2 and below (tested on iOS 16.1) on unjailbroken devices.

#zhuowei #EN #GitHub #PoC #iOS #CVE-2022-46689 #unjailbroken #ComicSans

·github.com·Dec 30, 2022

zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.

Okta's source code stolen after GitHub repositories hacked

In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code.

#bleepingcomputer #en #2022 #GitHub #Okta #Source-Code #Theft

·bleepingcomputer.com·Dec 21, 2022

Okta's source code stolen after GitHub repositories hacked

Attacking Apple's Neural Engine

WeightBufs is a kernel r/w exploit for all Apple devices with Neural Engine support. Bugs and Exploit by @simo36, you can read my presentation slides at POC for more details about the vulnerabilities and the exploitation techniques.

#0x36 #EN #2022 #WeightBufs #GitHub #Apple #ios #macos #exploit #NeuralEngine #exploitation #CVE-2022-32845 #CVE-2022-32948 #CVE-2022-42805 #CVE-2022-32899

·github.com·Nov 12, 2022

Attacking Apple's Neural Engine

How we handled a recent phishing incident that targeted Dropbox

We were recently the target of a phishing campaign that successfully accessed some of the code we store in GitHub. No one’s content, passwords, or payment information was accessed, and the issue was quickly resolved. Our core apps and infrastructure were also unaffected, as access to this code is even more limited and strictly controlled. We believe the risk to customers is minimal. Because we take our commitment to security, privacy, and transparency seriously, we have notified those affected and are sharing more here.

#dropbox #EN #2022 #incident #phishing #GitHub

·dropbox.tech·Nov 2, 2022

How we handled a recent phishing incident that targeted Dropbox

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).