Search cyberveille.decio.ch

Found 91 bookmarks

Custom sorting

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.

#thehackernews #EN #2024 #Microsoft #MidnightBlizzard #lesson-learned #password-spray

·thehackernews.com·Mar 30, 2024

Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (TOEP).

#thehackernews #EN #2024 #sanctions #US #cryptocurrency #Russia #exchanges #Bitpapa

·thehackernews.com·Mar 26, 2024

U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production," IBM X-Force said in a report published last week.

#thehackernews #EN #2024 #APT28 #Russia-linked #Widespread #Phishing #Scheme

·thehackernews.com·Mar 18, 2024

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware-as-a-service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government said.

#thehackernews #EN #2024 #Phobos #Ransomware #CISA #US #Critical-infrastructure

·thehackernews.com·Mar 6, 2024

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.

#thehackernews #malware #attacks #subdomains #brands #Guardio #Labs

·thehackernews.com·Mar 3, 2024

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub

Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub.

#thehackernews #EN #2024 #NPM #Packages #Malicious #SSH #Keys #warbeast2000 #kodiak2k

·thehackernews.com·Jan 28, 2024

Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Over 7,100 WordPress sites have been hit by the 'Balada Injector' malware, which exploits sites using a vulnerable version of the Popup Builder plugin

#thehackernews #2024 #EN #Balada #WP #plugin #WordPress #malware #Injector #infected

·thehackernews.com·Jan 20, 2024

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.

#thehackernews #en #2024 #Microsoft #APT29 #Russia #theft #mail #executives #attack #MidnightBlizzard

·thehackernews.com·Jan 20, 2024

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Critical security flaw found in Opera Browsers. MyFlow sync feature lets attackers take over your Windows and macOS systems.

#thehackernews #2024 #EN #Critical #Opera #Browsers #MyFlow #vulnerability

·thehackernews.com·Jan 15, 2024

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer

Beware of YouTube videos offering cracked software! They might be a gateway to the Lumma malware, stealing your sensitive information

#thehackernews #EN #2024 #Lumma #Stealer #vulnerability

·thehackernews.com·Jan 15, 2024

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Turkish hackers targeting poorly secured MS SQL servers across the U.S., European Union, and Latin America.

#thehackernews #EN #2024 #Turkey #MSSQL #exploitation

·thehackernews.com·Jan 15, 2024

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

Cloud Atlas spear-phishing attacks hit an agro-industrial enterprise and a state-owned research company.

#thehackernews #EN #2023 #CloudAtlas #spear-phishing #agro-industrial #state-owned #Russia

·thehackernews.com·Dec 31, 2023

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

Chinese threat actors exploited a new zero-day vulnerability in Barracuda's Email Security Gateway (ESG) appliances.

#thehackernews #EN #2023 #0-day #network #hacker #vulnerability #ESG #CVE-2023-7102 #appliance #Barracuda

·thehackernews.com·Dec 30, 2023

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.

#thehackernews #EN #2023 #Kingdom-Market #down #law #enforcement #darkweb #police #operation

·thehackernews.com·Dec 22, 2023

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla

#thehackernews #EN #2023 #malware #Agent-Tesla #CVE-2017-11882 #phishing #email #MSExcel #Excel #vulnerability

·thehackernews.com·Dec 21, 2023

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.

#thehackernews #EN #2023 #Apple #Security #Updates #November2023 #iOS #macOS #tvOS #watchOS #patch #CVE-2023-45866

·thehackernews.com·Dec 12, 2023

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware

Russian national Vladimir Dunaev found guilty for developing TrickBot malware, facing up to 35 years in prison.

#thehackernews #EN #2023 #TrickBot #Dunaev #Malware #Guilty

·thehackernews.com·Dec 9, 2023

Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Qualcomm has disclosed details about three high-severity security vulnerabilities that were exploited in limited, targeted attacks in October 2023.

#thehackernews #EN #2023 #Qualcomm #Chip #Vulnerabilities #Targeted #CVE-2023-33063 #CVE-2023-33106 #CVE-2023-33107

·thehackernews.com·Dec 8, 2023

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution.

#thehackernews #EN #2023 #Atlassian #RCE #flaws #Jira #Confluence

·thehackernews.com·Dec 6, 2023

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection

The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN.

#thehackernews #EN #2023 #North-Korea #macOS #malware #KANDYKORN

·thehackernews.com·Dec 2, 2023

N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.

#thehackernews #EN #2023 #Play #ransomware #RaaS

·thehackernews.com·Nov 29, 2023

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

FIRST announces CVSS v4.0, the latest version of the Common Vulnerability Scoring System. Discover how this update addresses critical vulnerabilities.

#thehackernews #EN #2023 #CVSS #CVSS4.0 #Vulnerability #Scoring #System

·thehackernews.com·Nov 2, 2023

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

1Password Detects Suspicious Activity Following Okta Support Breach

1password detected suspicious activity following the Okta support system breach. After investigation, they determined no user data was accessed.

#thehackernews #EN #2023 #1Password #Okta #investigation

·thehackernews.com·Oct 24, 2023

1Password Detects Suspicious Activity Following Okta Support Breach

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.

#thehackernews #EN #2023 #0-day #0-days #Predator #Egypt #Apple #CitizenLab #CVE-2023-41991 #CVE-2023-41992 #CVE-2023-41993

·thehackernews.com·Sep 23, 2023

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode

Cybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and maintain access to an Apple device even when the victim believes it is offline. The method "tricks the victim into thinking their device's Airplane Mode works when in reality the attacker (following successful device exploit) has planted an artificial Airplane Mode which edits the UI to display Airplane Mode icon and cuts internet connection to all apps except the attacker application," Jamf Threat Labs researchers Hu Ke and Nir Avraham said in a report shared with The Hacker News.

#thehackernews #EN #2023 #iOS #apple #airplanemode #exploit

·thehackernews.com·Aug 19, 2023

New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks

A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.

#thehackernews #EN #2023 #WormGPT #AI #ChatGPT #cybercrime #automate #phishing #attacks

·thehackernews.com·Jul 15, 2023

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application.

#thehackernews #EN #2023 #BlackCat #Ransomware #Disguised #WinSCP #Malvertising

·thehackernews.com·Jul 5, 2023

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

he maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.

#thehackernews #EN #2022 #Ping #Vulnerability #FreeBSD #CVE-2022-23093

·thehackernews.com·Dec 6, 2022

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks

Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505. "The group frequently changes its malware attack strategies in response to global cybercrime trends," Swiss cybersecurity firm PRODAFT said in a report shared with The Hacker News. "It opportunistically adopts new technologies in order to gain leverage over victims before the wider cybersecurity industry catches on."

#thehackernews #EN #2022 #PRODAFT #TeslaGun #ServHelper #Backdoor #Analysis

·thehackernews.com·Sep 6, 2022

TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code.

#thehackernews #EN #2022 #XMPP #Zoom #CVE-2022-22784 #CVE-2022-22785 #CVE-2022-22786 #CVE-2022-22787

·thehackernews.com·May 25, 2022

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message