Search cyberveille.decio.ch

Found 1407 bookmarks

Custom sorting

A Member of SiegedSec Group Arrested by FBI

A key member of the notorious hacker group SiegedSec was arrested today by federal authorities. The arrest came just hours after the hacker published a provocative manifesto titled “The Conscience of a Catgirl.” The document offers sharp criticisms of governments, corporations, and the state of modern surveillance, right before the hacker was taken into custody.

#dailydarkweb #EN #2024 #busted #SiegedSec #FBI #judische

·dailydarkweb.net·Sep 28, 2024

A Member of SiegedSec Group Arrested by FBI

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the embarrassing July outage that caused widespread disruption on Windows systems around the world.

#securityweek #EN #2024 #CrowdStrike #revamped #testing #incident #validation #System #Crashes

·securityweek.com·Sep 28, 2024

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.

#talosintelligence #EN #2024 #vulnerability #report #OpenPLC #CVE-2024-34026

·talosintelligence.com·Sep 28, 2024

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

10 security bugs put fuel storage tanks at risk of attacks

Tens of thousands of fuel storage tanks in critical infrastructure facilities remain vulnerable to zero-day attacks due to buggy Automatic Tank Gauge systems from multiple vendors, say infosec researchers. Automatic Tank Gauges (ATGs) are used to monitor fuel levels in storage tanks and ensure that the tanks don't leak. The ten CVEs disclosed today were found in products from several different vendors: Dover Fueling Solutions (DFS), OPW Fuel Management Systems (owned by DFS), Franklin Fueling Systems, and OMNTEC.

#theregister #EN #2024 #CVE-2024-45066 #CVE-2024-43693 #ATG #fuel #storage #tanks #SFS #OMNTEC

·theregister.com·Sep 28, 2024

10 security bugs put fuel storage tanks at risk of attacks

NIST proposes barring some of the most nonsensical password rules

The National Institute of Standards and Technology (NIST), the federal body that sets technology standards for governmental agencies, standards organizations, and private companies, has proposed barring some of the most vexing and nonsensical password requirements. Chief among them: mandatory resets, required or restricted use of certain characters, and the use of security questions.

#arstechnica #EN #2024 #NIST #password #rules #best-practices #standard

·arstechnica.com·Sep 28, 2024

NIST proposes barring some of the most nonsensical password rules

China-linked APT group Salt Typhoon compromised some US ISPs

China-linked threat actors compromised some U.S. internet service providers as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying out disruptive cyberattacks. The Wall Street Journal reported that experts are investigating into the security breached to determine if the attackers gained access to Cisco Systems routers, which are core network components of the ISP infrastructures.

#securityaffairs #EN #2024 #China-linked #APT #Salt-Typhoon #US #ISP #compromised #Cisco

·securityaffairs.com·Sep 27, 2024

China-linked APT group Salt Typhoon compromised some US ISPs

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email.

#talosintelligence #EN #2024 #spam #unsolicited #email #Techniques #hird-party #infrastructure

·blog.talosintelligence.com·Sep 27, 2024

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

Rhadamanthys Stealer v0.7.0: A Rising Threat in the Cybercrime Ecosystem

Insikt Group’s analysis of Rhadamanthys Stealer v0.7.0 reveals its growing capabilities, including AI-powered seed phrase extraction and MSI installer evasion tactics.

#recordedfuture #EN #2024 #research #Rhadamanthys #Stealer

·recordedfuture.com·Sep 27, 2024

Rhadamanthys Stealer v0.7.0: A Rising Threat in the Cybercrime Ecosystem

Hacker plants false memories in ChatGPT to steal user data in perpetuity

Emails, documents, and other untrusted content can plant malicious memories.

#arstechnica #EN #2024 #ChatGPT #exploit #malicious #memories #attack

·arstechnica.com·Sep 26, 2024

Hacker plants false memories in ChatGPT to steal user data in perpetuity

Dozens of Fortune 100 companies have unwittingly hired North Korean IT workers, according to report

Google said it has been contacted by several major U.S. companies recently who discovered that they unknowingly hired North Koreans using fake identities for remote IT roles.

#therecord.media #EN #2024 #UNC5267 #North-Korea #workers #supply-chain

·therecord.media·Sep 26, 2024

Dozens of Fortune 100 companies have unwittingly hired North Korean IT workers, according to report

Behind the CAPTCHA: A Clever Gateway of Malware

McAfee Labs recently observed an infection chain where fake CAPTCHA pages are being leveraged to distribute malware, specifically Lumma Stealer. We are observing a campaign targeting multiple countries. Below is a map showing the geolocation of devices accessing fake CAPTCHA URLs, highlighting the global distribution of the attack.

#mcafee #EN #2024 #CAPTCHA #Gateway #Malware #LummaStealer #campaign #fake

·mcafee.com·Sep 25, 2024

Behind the CAPTCHA: A Clever Gateway of Malware

Critical Ivanti vTM auth bypass bug now exploited in attacks

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

#bleepingcomputer #EN #2024 #Authentication-Bypass #Bypass #CISA #Exploit #Ivanti #PoC

·bleepingcomputer.com·Sep 24, 2024

Critical Ivanti vTM auth bypass bug now exploited in attacks

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware

Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants. Kryptina evolved from a free tool on public forums to being actively used in enterprise attacks, particularly under the Mallox ransomware family. In May 2024, a Mallox affiliate leaked staging server data, revealing that their Linux ransomware was based on a modified version of Kryptina. The affiliate made superficial changes to source code and documentation, stripping Kryptina branding but retaining core functionality. The adoption of Kryptina by Mallox affiliates exemplifies the commoditization of ransomware tools, complicating malware tracking as affiliates blend different codebases into new variants. * This original research was presented by the author at LABScon 2024 in Scottsdale, Arizona.

#sentinelone #EN #2024 #Kryptina #RaaS #Mallox #Ransomware #analysis #LABScon2024

·sentinelone.com·Sep 24, 2024

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware

US intelligence agencies confirm Russia is pushing fake videos of Kamala Harris

The U.S. intelligence community on Monday said Russia is responsible for recent videos shared on social media that sought to denigrate Vice President Kamala Harris, including one that tried to implicate her in a hit-and-run accident. Spy agencies also assess that Russian influence actors were responsible for altering videos of the vice president's speeches — behavior consistent with Moscow’s broader efforts to boost former President Donald Trump’s candidacy and disparage Harris and the Democratic Party, an official with the Office of the Director of National Intelligence said during a press briefing.

#therecord.media #EN #2024 #US #Russia #deepfake #presidential-campaign #influence

·therecord.media·Sep 24, 2024

US intelligence agencies confirm Russia is pushing fake videos of Kamala Harris

Staying a Step Ahead: Mitigating the DPRK IT Worker Threat

North Korea's IT workforce presents a persistent and escalating cyber threat.

#Mandiant #EN #2024 #fake #workforce #DPRK #North-Korea #UNC5267

·cloud.google.com·Sep 24, 2024

Staying a Step Ahead: Mitigating the DPRK IT Worker Threat

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company

Back in May, I started tracking Handala, a hacktivist branded group expressing pro-Palestine views:

#doublepulsar #EN #2024 #Handala #hacktivist #Palestine #Israel #data-breach #data-leak #vidisco

·doublepulsar.com·Sep 23, 2024

Iran linked hacker group Handala Hack Team claim pager explosions linked to Israeli battery company

Telegram Changes Policy, Says It Will Provide User Data to Authorities

In an update to its privacy policy, Telegram says it will now share IP addresses and phone numbers to authorities in response to valid orders. The change is a dramatic switch for the social network app, which has become a hotbed for criminals.

#404media #EN #2024 #Telegram #privacy #policy #Authorities

·404media.co·Sep 23, 2024

Telegram Changes Policy, Says It Will Provide User Data to Authorities

Rental Car Vendor's Security Flaw Exposed Damage Claims Reports

Legitimate emails with bad practices and an insecure website add insult to injury.

#adversis #EN #2024 #Rental #Car #Damage #data-leak #hertz

·adversis.io·Sep 23, 2024

Rental Car Vendor's Security Flaw Exposed Damage Claims Reports

China urges netizens to be vigilant against Taiwanese cyberattacks

The hacking group's X account shared videos comparing Xi Jinping to an emperor and others commemorating the 1989 Tiananmen Square demonstrations.

#japantimes #EN #2024 #Taiwan #hacking #China #cyberattacks

·japantimes.co.jp·Sep 23, 2024

China urges netizens to be vigilant against Taiwanese cyberattacks

Microsoft ends development of Windows Server Update Services (WSUS)

Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel.

#bleepingcomputer #EN #2024 #Deprecated #Deprecation #Windows #Windows-Server-Update-Services #WSUS #Microsoft

·bleepingcomputer.com·Sep 22, 2024

Microsoft ends development of Windows Server Update Services (WSUS)

Germany seizes 47 crypto exchanges tied to ‘underground economy’

German authorities sent a loud and clear message to criminal users of the exchanges: We found their servers and have your data — see you soon.

#cointelegraph #EN #2024 #Germany #seized #crypto-exchanges #underground-economy

·cointelegraph.com·Sep 21, 2024

Germany seizes 47 crypto exchanges tied to ‘underground economy’

Problems in the Parking Lot: Threat Actors Use IRL Quishing to Target Travelers

At least two threat groups identified, one of which Netcraft can link to customs tax and postal scams carried out earlier this year. Up to 10,000 potential victims identified visiting this group’s phishing websites between June 19 and August 23. At least 2,000 form submissions, indicating how much personal data has been extracted from victims, including payment information. * Evidence suggesting the group is running activity across Europe, including France, Germany, Italy, and Switzerland.

#netcraft #EN #2024 #Quishing #PayByPhone #parking #QRCode

·netcraft.com·Sep 21, 2024

Problems in the Parking Lot: Threat Actors Use IRL Quishing to Target Travelers

Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol

Investigators reported 483 000 victims worldwide, who had attempted to regain access to their phones and been phished in the process. The victims are mainly Spanish-speaking nationals from European, North American and South American countries.The successful operation took place thanks to international cooperation between law enforcement and judiciary authorities from Spain, Argentina, Chile, Colombia, Ecuador and Peru.The action week took...

#europol #EN #2024 #phishing #busted #operacion-kaerb #seized #spain

·europol.europa.eu·Sep 21, 2024

Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

Affected chipsets: MT6890, MT7915, MT7916, MT7981, MT7986, MT7622 * Affected software: SDK version 7.4.0.1 and before (for MT7915) / SDK version 7.6.7.0 and before (for MT7916, MT7981 and MT7986) / OpenWrt 19.07, 21.02

#coffinsec #EN #2024 #CVE-2024-20017 #wappd #MediaTek #exploit #PoC

·blog.coffinsec.com·Sep 21, 2024

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

Ukraine bans official use of Telegram app over fears of Russian spying

Restrictions apply only to official devices, not personal phones Telegram heavily used in Ukraine and Russia since 2022 invasion Budanov: Issue of Telegram is a matter of national security

#reuters #EN #2024 #Telegram #ban #Ukraine #Russia-Ukraine-war

·reuters.com·Sep 21, 2024

Ukraine bans official use of Telegram app over fears of Russian spying

GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10

Learn more about GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10 for GitLab Community Edition (CE) and Enterprise Edition (EE).

#gitlab #EN #2024 #patch #advisory #CVE-2024-45409 #SAML #critical

·about.gitlab.com·Sep 20, 2024

GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10

Enterprise ServiceNow Knowledge Bases at Risk

Read the blog to learn about ServiceNow’s Knowledge Base data exposure risks and how to mitigate these issues.

#appomni #EN #2024 #ServiceNow #dataleak #Misconfiguration

·appomni.com·Sep 20, 2024

Enterprise ServiceNow Knowledge Bases at Risk

Thousands of orgs at risk of ServiceNow KB data leaks

Security researchers say that thousands of companies are potentially leaking secrets from their internal knowledge base (KB) articles via ServiceNow misconfigurations. Aaron Costello and Dan Meged, of the AppOmni and Adaptive Shield security shops respectively, separately published their findings this week, concluding that pages set to "private" could still be read by tinkering with a ServiceNow customer's KB widgets. These widgets are essentially containers of information used to construct the pages in KB articles. These can include page elements that allow users to leave feedback on articles, either through star ratings or comments, for example.

#theregister #EN #2024 #ServiceNow #KB #data-leak

·theregister.com·Sep 20, 2024

Thousands of orgs at risk of ServiceNow KB data leaks

New Criminal Complaint Over Pegasus Spyware Hacking of journalists and activists in the UK  

Four victims of Pegasus spyware in the UK have this week filed a criminal complaint with the Metropolitan Police.

#glanlaw #EN #2024 #Pegasus #spyware #UK #Criminal #Complaint

·glanlaw.org·Sep 20, 2024

New Criminal Complaint Over Pegasus Spyware Hacking of journalists and activists in the UK  

Is Tor still safe to use?

This blog post is a response to an investigative news report about a large-scale law-enforcement attack that managed to de-anonymize a user of an old version of the long-retired app Ricochet. This blog post aims to provide insight into what we know so far. Nothing that the Tor Project has learned about this incident suggests that Tor Browser was attacked or exploited. Tor users can continue to use Tor Browser to access the web securely and anonymously.

#torproject #EN #2024 #Ricochet #Germany #police #sniffing #law-enforcement #de-anonymize

·blog.torproject.org·Sep 20, 2024

Is Tor still safe to use?