Search cyberveille.decio.ch

Found 126 bookmarks

Custom sorting

23andMe data breach: Hackers stole raw genotype data, health reports

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. #23andMe #Breach #Computer #Credential #DNA #Data #Genetics #Health #InfoSec #Leak #Security #Stuffing

#bleepingcomputer #EN #2024 #Stuffing #Credential #InfoSec #Data #Genetics #Leak #DNA #Breach #Security #Computer #23andMe #Health

·bleepingcomputer.com·Jan 26, 2024

23andMe data breach: Hackers stole raw genotype data, health reports

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.

#bleepingcomputer #EN #2024 #Account-Takeover #Alert #Exposed #GitLab #Password-Reset #Security #Vulnerability

·bleepingcomputer.com·Jan 24, 2024

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

MacOS info-stealers quickly evolve to evade XProtect detection

Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.

#bleepingcomputer #EN #2024 #Information #Malware #Security #Apple #Evasion #Stealer #Info #XProtect #InfoSec #Computer #macOS

·bleepingcomputer.com·Jan 17, 2024

MacOS info-stealers quickly evolve to evade XProtect detection

Lockbit ransomware disrupts emergency care at German hospitals

German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network.

#bleepingcomputer #EN #2023 #Hospital #Computer #Ransomware #InfoSec #3.0 #Healthcare #Germany #Security #LockBit

·bleepingcomputer.com·Dec 30, 2023

Lockbit ransomware disrupts emergency care at German hospitals

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

#Bleepingcomputer #EN #2022 #Malware #Microsoft #Raspberry-Robin #raspberryrobin #USB #Windows #Worm #Security #Detection

·bleepingcomputer.com·Jul 3, 2022

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Supply chain attack targeting Ledger crypto wallet leaves users hacked

Hackers pushed out a malicious version of a software library made by crypto company Ledger, which powers several web3 applications.

#techcrunch #EN #2023 #crypto #security #cryptocurrency #ledger #Supply-chain-attack

·techcrunch.com·Dec 15, 2023

Supply chain attack targeting Ledger crypto wallet leaves users hacked

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.

#thehackernews #EN #2023 #Apple #Security #Updates #November2023 #iOS #macOS #tvOS #watchOS #patch #CVE-2023-45866

·thehackernews.com·Dec 12, 2023

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Windows 10 gets three more years of security updates, if you can afford them | Ars Technica

Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure. As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.

#arstechnica #EN #2023 #win10 #ESU #support #end-of-support #Extended #Security #Updates #Windows #Windows10 #Microsoft

·arstechnica.com·Dec 6, 2023

Windows 10 gets three more years of security updates, if you can afford them | Ars Technica

Lumma Stealer malware now uses trigonometry to evade detection

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.

#bleepingcomputer #EN #2023 #Anti-VM #Info-Stealer #Information-stealing-malware #Lumma #LummaC2 #Malware #Malware-as-a-Service #Security #detection

·bleepingcomputer.com·Nov 20, 2023

Lumma Stealer malware now uses trigonometry to evade detection

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

#Bleepingcomputer #EN #2022 #Malware #Microsoft #Raspberry-Robin #raspberryrobin #USB #Windows #Worm #Security #Detection

·bleepingcomputer.com·Jul 3, 2022

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Google’s new Titan Security Keys let you store passkeys

Google has sold its own line of Titan Security Keys for several years now, and new USB-C and USB-A models with NFC let you store passkeys...

#9to5google #EN #Google #2023 #Titan #Security #Keys #passkeys

·9to5google.com·Nov 16, 2023

Google’s new Titan Security Keys let you store passkeys

Discord will switch to temporary file links to block malware delivery

Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware.

#bleepingcomputer #EN #2023 #Delivery #Computer #CDN #Security #InfoSec #Hyperlink #DMALocker #Content #Discord #Network

·bleepingcomputer.com·Nov 6, 2023

Discord will switch to temporary file links to block malware delivery

Massive cybercrime URL shortening service uncovered via DNS data

A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.

#bleepingcomputer #EN #2023 #Shortener #URL #NameSilo #Prolific #Computer #usTLD #DNS #Security #InfoSec #Puma #TLD

·bleepingcomputer.com·Nov 1, 2023

Massive cybercrime URL shortening service uncovered via DNS data

Atlassian warns of critical Confluence flaw leading to data loss

Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation.

#bleepingcomputer #EN #2023 #Atlassian #Loss #Security #Data #Confluence

·bleepingcomputer.com·Oct 31, 2023

Atlassian warns of critical Confluence flaw leading to data loss

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.

#wired #EN #2023 #23andme #genetics #security #Ashkenazi #Jews

·wired.com·Oct 9, 2023

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

Active North Korean campaign targeting security researchers

Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.

#Google #EN #2023 #threat-analysis-group #North-Korea #security #researchers #Symbols

·blog.google·Sep 11, 2023

Active North Korean campaign targeting security researchers

North Korea-backed hackers target security researchers with 0-day

Google researchers say currently unfixed vulnerability affects a popular software package.

#arstechnica #EN #2023 #North-Korea #security #researchers #0-day #popular #software

·arstechnica.com·Sep 11, 2023

North Korea-backed hackers target security researchers with 0-day

Last Week on My Mac: How quickly can Apple release a security update?

We seldom get much insight into how long Apple takes to release an urgent update to macOS, but last week must have seen one of the quickest in recent times. By my reckoning, Apple’s engineers accomplished that in 6-10 days, across four of its operating systems, and with two distinct vulnerabilities.

#eclecticlight #EN #2023 #Apple #security #update #macos #release

·eclecticlight.co·Sep 10, 2023

Last Week on My Mac: How quickly can Apple release a security update?

TSMC confirms data breach after LockBit cyberattack on third-party supplier

One of the world's biggest chipmakers confirmed a data breach after the LockBit ransomware gang targeted one of its third-party providers.

#techcrunch #EN #2023 #security #data-breach #LockBit #ransomware #TSMC #chipmaker

·techcrunch.com·Jul 1, 2023

TSMC confirms data breach after LockBit cyberattack on third-party supplier

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

#Bleepingcomputer #EN #2022 #Malware #Microsoft #Raspberry-Robin #raspberryrobin #USB #Windows #Worm #Security #Detection

·bleepingcomputer.com·Jul 3, 2022

Microsoft finds Raspberry Robin worm in hundreds of Windows networks

A simple bug exposed access to thousands of smart security alarm systems

The vulnerability — now fixed — was discovered in a cloud-based system that allows customers to remotely manage their security alarm systems.

#techcrunch #EN #2023 #security #cybersecurity #home-security-systems #smart #alarm #systems #IoT #vulnerability

·techcrunch.com·Jun 17, 2023

A simple bug exposed access to thousands of smart security alarm systems

Suspected LockBit ransomware affiliate arrested, charged in US

Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit ransomware on the networks of victims in the United States and abroad.

#bleepingcomputer #EN #2023 #Affiliates #LockBit #Ransomware #Security #arrested

·bleepingcomputer.com·Jun 15, 2023

Suspected LockBit ransomware affiliate arrested, charged in US

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

#wired #EN #2023 #security #malware #vulnerabilities #hacking #Gigabyte #Motherboards

·wired.com·May 31, 2023

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED

Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023.

Barracuda Networks's Status Page - Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023..

#Barracuda #EN #2023 #Status #CVE-2023-2868 #ESG #Email #Security #Gateway #appliance

·status.barracuda.com·May 25, 2023

Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023.

infosec company owned completely by 4chan user

yesterday evening an anonymous 4chan user dumped a leak on the /g/ technology board, claiming to have completely owned risk visualization company optimeyes:

#nyancrimew #4chan #optimeyes #EN #2023 #security #infosec #jenkins #analysis #maia-arson-crimew

·maia.crimew.gay·May 12, 2023

infosec company owned completely by 4chan user

Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch

Researchers found malware developed by QuaDream, a little-known government spyware maker, which was used against journalists and politicians.

#techcrunch #EN #2023 #security #apple #cybersecurity #hackers #hacking #ios #iphone #spyware #zero-days

·techcrunch.com·Apr 11, 2023

Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch

Stopping cybercriminals from abusing security tools

Microsoft’s Digital Crimes Unit (DCU), cybersecurity software company Fortra™ and Health Information Sharing and Analysis Center (Health-ISAC) are taking technical and legal action to disrupt cracked, legacy copies of Cobalt Strike and abused Microsoft software, which have been used by cybercriminals to distribute malware, including ransomware. This is a change in the way DCU has...

#microsoft #EN #2023 #CobaltStrike #Fortra #ISAC #security #tools #abusing #statement

·blogs.microsoft.com·Apr 6, 2023

Stopping cybercriminals from abusing security tools

3CX Security Alert for Electron Windows App

A security issue arose on Update 7, version numbers 18.12.407 & 18.12.416 only for our Electron Windows App. Check this post for more info.

#3CX #EN #official #statement #security

·3cx.com·Mar 30, 2023

3CX Security Alert for Electron Windows App

Ransomware Attacks Have Entered a ‘Heinous’ New Phase

With victims refusing to pay, cybercriminal gangs are now releasing stolen photos of cancer patients and sensitive student records.

#wired #EN #2023 #ransomware #security #crime #malware #Heinous

·wired.com·Mar 14, 2023

Ransomware Attacks Have Entered a ‘Heinous’ New Phase

Czech cybersecurity office labels TikTok a security threat

The state cybersecurity watchdog issued an official warning and labelled the Chinese application TokTok as a threat, following in the footsteps of the US, the European Commission and Canada.

#euractiv #EN #2023 #TikTok #security #threat #Czech #warning

·euractiv.com·Mar 13, 2023

Czech cybersecurity office labels TikTok a security threat