Search cyberveille.decio.ch

Found 6043 bookmarks

Custom sorting

Hacktivist Response to Telegram CEO Arrest

Telegram is vital to hacktivist groups and their operations. They would have limited platforms to operate on without Telegram, they try X but are often shut-down and they would likely get drowned out if they tried to operate on underground forums.

#cyberknow #EN #2024 #opdurov #Telegram #hacktivists

·cyberknow.substack.com·Aug 29, 2024

Hacktivist Response to Telegram CEO Arrest

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers.

#securelist #EN #2024 #HZRat #Apple #MacOS #Backdoor #Instant-Messengers #Malware #Malware-Descriptions #shell #Trojan

·securelist.com·Aug 28, 2024

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Telegram CEO’s brother also wanted by French authorities

Arrest warrants for Pavel and Nikolai Durov were issued months earlier than previously known.

#politico #EN #2024 #France #Telegram #Durov #arrest #brother #authorities

·politico.eu·Aug 28, 2024

Telegram CEO’s brother also wanted by French authorities

Unprecedented 3.15 Billion Packet Rate DDoS Attack Mitigated by Global Secure Layer

On August 25th 2024, Global Secure Layer mitigated the largest packet rate DDoS attack recorded against our platform

#globalsecurelayer #EN #2024 #DDoS #Attack #Minecraft

·globalsecurelayer.com·Aug 28, 2024

Unprecedented 3.15 Billion Packet Rate DDoS Attack Mitigated by Global Secure Layer

Threat Actors Retaliate After Durov’s Arrest

Threat Actors Retaliate After Durov’s Arrest Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber underground world.Stay informed about emerging cyber threats, such as unauthorized access to databases and sensitive information leaks, affecting global companies and organizations.Learn about the latest cyber incidents, including DDoS attacks and malware threats targeting cryptocurrency wallets and financial institutions.

#dailydarkweb #EN #2024 #Telegram #France #DDoS #Durov

·dailydarkweb.net·Aug 27, 2024

Threat Actors Retaliate After Durov’s Arrest

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S.…

#krebsonsecurity #EN #2024 #Versa-Director #zero-day #vulnerability #Volt-Typhoon

·krebsonsecurity.com·Aug 27, 2024

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Paris court explains why it's arrested Telegram founder, Pavel Durov

When Pavel Durov, founder and CEO of messaging app Telegram, was arrested on August 24, French authorities did not respond to requests for comment. The

#techcrunch #EN #2024 #Durov #Telegram #France

·techcrunch.com·Aug 27, 2024

Paris court explains why it's arrested Telegram founder, Pavel Durov

Malicious Plugin

Pidgin is a universal chat client, allowing you to consolidate all your different messaging apps into a single tool.

#pidgin #EN #2024 #Malicious #Plugin #keylogger

·pidgin.im·Aug 26, 2024

Malicious Plugin

17-Year-old Student Exposes Germany's 'Secret' Pirate Site Blocklist

A 17-year-old student has launched a dedicated portal to exposing Germany's 'secret' pirate site blocklist to the public.

#torrentfreak #EN #2024 #Germany #secret #blocklist #ISP

·torrentfreak.com·Aug 26, 2024

17-Year-old Student Exposes Germany's 'Secret' Pirate Site Blocklist

WordPress Websites Used to Distribute ClearFake Trojan Malware

Learn about the ClearFake Trojan malware distributed via WordPress sites, its tactics, and how to safeguard your online experience.

#sucuri #EN #2024 #WordPress #ClearFake #Trojan #malware

·blog.sucuri.net·Aug 26, 2024

WordPress Websites Used to Distribute ClearFake Trojan Malware

Is Telegram really an encrypted messaging app? – A Few Thoughts on Cryptographic Engineering

This blog is reserved for more serious things, and ordinarily I wouldn't spend time on questions like the above. But much as I'd like to spend my time writing about exciting topics, sometimes the world requires a bit of what Brad Delong calls "Intellectual Garbage Pickup," namely: correcting wrong, or mostly-wrong ideas that spread unchecked…

#cryptographyengineering #EN #2024 #Telegram #encrypted

·blog.cryptographyengineering.com·Aug 26, 2024

Is Telegram really an encrypted messaging app? – A Few Thoughts on Cryptographic Engineering

Telegram says CEO has ‘nothing to hide’ after being arrested in France

The messaging app says “it is absurd to claim that a platform or its owner are responsible for abuse of that platform” after CEO Pavel Durov was arrested by French authorities.

#theverge #EN #2024 #CEO #Telegram #arrested #France #nothing-to-hide

·theverge.com·Aug 26, 2024

Telegram says CEO has ‘nothing to hide’ after being arrested in France

The gift that keeps on giving: A new opportunistic Log4j campaign

In this post, we analyze a new opportunistic exploitation campaign based on the Log4j vulnerability.

#datadoghq #EN #2024 #Log4j #campaign #vulnerability #CVE-2021-44228

·securitylabs.datadoghq.com·Aug 26, 2024

The gift that keeps on giving: A new opportunistic Log4j campaign

BlackSuit Ransomware

In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor leveraged various tools, including Sharphound, Rubeus, SystemBC, Get-DataInfo.ps1, Cobalt Strike, and ADFind, along with built-in system tools. Command and control traffic was proxied through CloudFlare to conceal their Cobalt Strike server. Fifteen days after initial access, BlackSuit ransomware was deployed by copying files over SMB to admin shares and executing them through RDP sessions. Three rules were added to our private ruleset related to this case.

#thedfirreport #EN #2024 #BlackSuit #Ransomware

·thedfirreport.com·Aug 26, 2024

BlackSuit Ransomware

MacOS X Malware Development

In today’s post, We’ll explore the process of designing and developing malware for macOS, which is a Unix-based operating system. We’ll use a classic approach to understanding Apple’s internals. To follow along, you should have a basic understanding of exploitation, as well as knowledge of C and Python programming, and some familiarity with low-level assembly language. While the topics may be advanced, I’ll do my best to present them smoothly.

#0xf00sec #EN #2024 #MacOS #Malware #Development #process #Python #technique

·0xf00sec.github.io·Aug 25, 2024

MacOS X Malware Development

OpenSSH Backdoors

Imagine this: an OpenSSH backdoor is discovered, maintainers rush to push out a fixed release package, security researchers trade technical details on mailing lists to analyze the backdoor code. Speculation abounds on the attribution and motives of the attacker, and the tech media pounces on the story. A near miss of epic proportions, a blow to the fabric of trust underlying open source development, a stark reminder of the risks of supply-chain attacks. Equal measures brilliant and devious.

#blog.isosceles.com #EN #2024 #openssh #backdoor #analysis #supply-chain

·blog.isosceles.com·Aug 25, 2024

OpenSSH Backdoors

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules

Stroz Friedberg identified a stealthy malware, dubbed “sedexp,” utilizing Linux udev rules to achieve persistence and evade detection. This advanced threat, active since 2022, hides in plain sight while providing attackers with reverse shell capabilities and advanced concealment tactics.

#aon #EN #2024 #sedexp #Linux #Malware #udev #Rules

·aon.com·Aug 25, 2024

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules

Microsoft Copilot Studio Vulnerability Led to Information Disclosure

A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports. The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.

#securityweek #EN #2024 #Microsoft #Copilot #Studio #Vulnerability #information #disclosure #bug #CVE-2024-38206

·securityweek.com·Aug 24, 2024

Microsoft Copilot Studio Vulnerability Led to Information Disclosure

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

French security services firm Quarkslab has made an eye-popping discovery: a significant backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading chip manufacturer in China.

#securityweek #EN #2024 #RFID #cards #cloned #Quarkslab #backdoor #Shanghai #Fudan #Microelectronics #Group

·securityweek.com·Aug 24, 2024

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Cloud attack tool has been repurposed by multiple threat actors to push SMS spam and smishing campaigns through major SaaS providers.

#sentinelone #EN #python #script #Cloud-attack-tool #SMS #spam #SaaS #Xeon-Sender

·sentinelone.com·Aug 24, 2024

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Finding Malware: Unveiling NUMOZYLOD with Google Security Operations

Welcome to the Finding Malware Series The “Finding Malware,“ blog series is authored to empower the Google Security Operations community to

#googlecloudcommunity #EN #2024 #NUMOZYLOD #analysis #malvertising

·googlecloudcommunity.com·Aug 24, 2024

Finding Malware: Unveiling NUMOZYLOD with Google Security Operations

TodoSwift Disguises Malware Download Behind Bitcoin PDF

A new piece of malware that we're calling TodoSwift downloads its malicious payload alongside a seemingly legitimate piece of content about cryptocurrency.

#kandji #EN #2024 #TodoSwift #Malware #Bitcoin #PDF

·kandji.io·Aug 24, 2024

TodoSwift Disguises Malware Download Behind Bitcoin PDF

Cthulhu Stealer malware aimed to take macOS user data

Researchers have discovered another data-seizing macOS malware, with "Cthulhu Stealer" sold to online criminals for just $500 a month.

#appleinsider #EN #2024 #Cthulhu-Stealer #MaaS #macos

·appleinsider.com·Aug 24, 2024

Cthulhu Stealer malware aimed to take macOS user data

From the Depths: Analyzing the Cthulhu Stealer Malware for macOS

Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer”.

#cadosecurity #EN #2024 #Cthulhu-Stealer #macos #analysis #MaaS #malware-as-a-service

·cadosecurity.com·Aug 24, 2024

From the Depths: Analyzing the Cthulhu Stealer Malware for macOS

FIN7: The Truth Doesn't Need to be so STARK

First and foremost, our thanks go to the threat research team at Silent Push and the security team at Stark Industries Solutions (referred to as “Stark” from this point forwards) for their enthusiastic cooperation in the ‘behind the scenes’ efforts of this blog post.IntroductionIn our opening statement, we also introduce the subject of this post: the cross-team and cross-organization collaborative efforts of Silent Push, Stark, and Team Cymru in taking action against a common and well-known adve

#team-cymru #EN #2024 #FIN7 #Stark-Industries-Solutions #STARK #PostLtd #SmartApe #investigation

·team-cymru.com·Aug 24, 2024

FIN7: The Truth Doesn't Need to be so STARK

Qilin ransomware caught stealing credentials stored in Google Chrome

Familiar ransomware develops an appetite for passwords to third-party sites

#sophos #EN #2024 #ransomware #Qilin #Chrome #passwords

·news.sophos.com·Aug 23, 2024

Qilin ransomware caught stealing credentials stored in Google Chrome

NGate Android malware relays NFC traffic to steal cash

ESET Research uncovers Android malware that relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM.

#ESET #welivesecurity #EN #2024 #Android #malware #NFC #ATM

·welivesecurity.com·Aug 23, 2024

NGate Android malware relays NFC traffic to steal cash

No one’s ready for this

With AI photo editing getting easy and convincing, the world isn’t prepared for an era where photographs aren’t to be trusted.

#theverge #EN #2024 #photo-editing #AI #fake #trust #images

·theverge.com·Aug 23, 2024

No one’s ready for this

Security Advisory CVE-2024-40766

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

#sonicwall #EN #2024 #Advisory #CVE-2024-40766

·psirt.global.sonicwall.com·Aug 22, 2024

Security Advisory CVE-2024-40766

SolarWinds Trust Center Security Advisories | CVE-2024-28987

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.

#solarwinds #EN #2024 #CVE-2024-28987 #hardcoded #credential #Advisorie #WHD #WebHelpDesk

·solarwinds.com·Aug 22, 2024

SolarWinds Trust Center Security Advisories | CVE-2024-28987