Search cyberveille.decio.ch

Found 4945 bookmarks

Custom sorting

Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups

Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).

#talosintelligence #Iranian #EN #2022 #APT #research #MuddyWater #Turkey #SloughRAT #RAT

·blog.talosintelligence.com·Mar 10, 2022

Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups

CVE-2022-26143: TP240PhoneHome Reflection/Amplification DDoS Attack Vector

A new reflection/amplification distributed denial of service (DDoS) vector with a record-breaking potential amplification ratio of 4,294,967,296:1 has been abused by attackers in the wild to launch multiple high-impact DDoS attacks.

#CVE-2022-26143 #Akamai #reflection #amplification #DDoS #attacks #EN #2022

·akamai.com·Mar 9, 2022

CVE-2022-26143: TP240PhoneHome Reflection/Amplification DDoS Attack Vector

New method that amplifies DDoSes by 4 billion-fold. What could go wrong?

New method also stretches out DDoS durations to 14 hours.

#DDoS #arstechnica #EN #2022 #amplification

·arstechnica.com·Mar 9, 2022

New method that amplifies DDoSes by 4 billion-fold. What could go wrong?

NSA Releases Network Infrastructure Security Guidance

The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network. PDF Document

#uscert #csirt #CISA #NSA #Guidance #Network #howto #bestpractices #2022 #EN

·cisa.gov·Mar 9, 2022

NSA Releases Network Infrastructure Security Guidance

An update on the threat landscape

Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.

#google #threat #analysis #2022 #EN #Ukraine #TAG #GoogleTAG #informations #APT28 #UNC1151 #Ghostwriter #FancyBear #MustangPanda

·blog.google·Mar 8, 2022

An update on the threat landscape

Samsung confirms hackers stole Galaxy devices source code

Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.

#bleepingcomputer #Lapsus$#Samsung #Galaxy #EN #2022 #confidential #DataBreach #sourcecode

·bleepingcomputer.com·Mar 7, 2022

Samsung confirms hackers stole Galaxy devices source code

The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.

#CVE-2022-0847 #dirtypipe #Linux #Kernel #arbitrary #privilege #escalation #vulnerability #EN #2022

·dirtypipe.cm4all.com·Mar 7, 2022

The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation

Hackers leak 190GB of alleged Samsung data, source code

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.

#DataBreach #DataLeak #Lapsus$#Samsung #bleepingcomputer #2022 #EN #confidential

·bleepingcomputer.com·Mar 6, 2022

Hackers leak 190GB of alleged Samsung data, source code

Cybercriminals who breached Nvidia issue one of the most unusual demands ever

Chipmaker has until Friday to comply or see its crown-jewel source code released.

#Nvidia #2022 #EN #ransom #demands #code #arstechnica

·arstechnica.com·Mar 6, 2022

Cybercriminals who breached Nvidia issue one of the most unusual demands ever

Malware now using stolen NVIDIA code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.

#bleepingcomputer #Nvidia #certificates #malware #EN #2022 #code #signing

·bleepingcomputer.com·Mar 6, 2022

Malware now using stolen NVIDIA code signing certificates

Phishing attacks target countries aiding Ukrainian refugees

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.

#Belarus #Europe #Ghostwriter #Malware #Phishing #TA445 #Ukraine #UNC1151 #bleepingcomputer #EN #2022 #refugees

·bleepingcomputer.com·Mar 2, 2022

Phishing attacks target countries aiding Ukrainian refugees

Destructive Malware Targeting Organizations in Ukraine

Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable.

#uscert #csirt #cert #CISA #EN #2022 #alert #WhisperGate #HermeticWiper #malware

·cisa.gov·Mar 1, 2022

Destructive Malware Targeting Organizations in Ukraine

Ukrainian Researcher Leaks Conti Ransomware Gang Data

A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the

#Ukraine #bankinfosecurity #Conti #ransomware #dataleak #EN #2022 #gang #chat #logs

·bankinfosecurity.com·Mar 1, 2022

Ukrainian Researcher Leaks Conti Ransomware Gang Data

Crypto Donations to Ukraine Jumps to $20M

FTX’s Sam Bankman-Fried, Chain.com CEO Deepak Thapliyal made significant donations to the humanitarian effort.

#coindesk #2022 #EN #donations #Ukraine #crypto #cyberwar

·coindesk.com·Feb 28, 2022

Crypto Donations to Ukraine Jumps to $20M

2022 Russia-Ukraine war — Cyber group tracker

A tracker to collate cyber groups engaged in cyber activities during the Russia-Ukraine war 2022.

#Medium #Cyberknow #2022 #EN #tracker #gangs #cyberwar #engaged #Russia #Ukraine

·cyberknow.medium.com·Feb 28, 2022

2022 Russia-Ukraine war — Cyber group tracker

Hacktivists Plot Attacks on Russia With Ukraine Government's Urging

Hackers are coming to Ukraine’s aid in an effort to target Russian government websites and officials with disruptive counterattacks, according to six people involved in the activity.

#bloomberg #EN #2022 #Cyberwar #hackivists #Ukraine #volunteers #organization

·bloomberg.com·Feb 27, 2022

Hacktivists Plot Attacks on Russia With Ukraine Government's Urging

Conti ransomware group announces support of Russia, threatens retaliatory attacks

An infamous ransomware group with potential ties to Russian intelligence and known for attacking health care providers and hundreds of other targets posted a warning Friday saying it was “officially announcing a full support of Russian government.”

#cyberscoop #Conti #attribution #intelligence #Russia #gang #EN #2022 #announce

·cyberscoop.com·Feb 26, 2022

Conti ransomware group announces support of Russia, threatens retaliatory attacks

TrickBot malware operation shuts down, devs move to BazarBackdoor

The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families.

#BazarBackdoor #Conti #Malware #Ransomware #TrickBot #2002 #EN #bleepingcomputer

·bleepingcomputer.com·Feb 26, 2022

TrickBot malware operation shuts down, devs move to BazarBackdoor

Ukraine links phishing targeting military to Belarusian hackers

The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.

#bleepingcomputer #Belarus #EN #2022 #cyberwar #Military #Phishing #Ukraine #CERT-UA #UNC1151

·bleepingcomputer.com·Feb 25, 2022

Ukraine links phishing targeting military to Belarusian hackers

Aquarium Leaks. Inside the GRU’s Psychological Warfare Program

In this exclusive and groundbreaking report, Free Russia Foundation has translated and published five documents from the GRU, Russia’s military intelligence agency. The documents, obtained and analyzed by Free Russia Foundation’s Director of Special Investigations Michael Weiss, details the...

#4freerussia #EN #2022 #GRU #Leak #report #Warfare #Aquarium #Program

·4freerussia.org·Feb 25, 2022

Aquarium Leaks. Inside the GRU’s Psychological Warfare Program

New data-wiping malware used in destructive attacks on Ukraine

Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.

#bleepingcomputer #HermeticWiper #Russia #Ukraine #cyberwar #2022 #EN #datawiping

·bleepingcomputer.com·Feb 25, 2022

New data-wiping malware used in destructive attacks on Ukraine

Horde Webmail 5.2.22 - Account Takeover via Email

We recently discovered a code vulnerability in Horde Webmail that can be used by attackers to take over email accounts by sending a malicious email.

#Horde #Webmail #Takeover #openoffice #preview #EN #2022 #sonarsource

·blog.sonarsource.com·Feb 22, 2022

Horde Webmail 5.2.22 - Account Takeover via Email

Pegasus spyware scandal uncovered by fake image file on an iPhone

The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.

#appleinsider #Pegasus #Spyware #NSO #EN #2022 #iphone

·appleinsider.com·Feb 20, 2022

Pegasus spyware scandal uncovered by fake image file on an iPhone

Cyberattack targets Vodafone Portugal, disrupts services

Vodafone Portugal, one of the country’s leading telecommunications companies, said Tuesday it had been hacked though no confidential customer data was compromised

#apnews #EN #2022 #Vodafone #Portugal #attack #cyberattack #mobile

·apnews.com·Feb 19, 2022

Cyberattack targets Vodafone Portugal, disrupts services

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.

#Bloomberg #EN #2022 #zeroclick #spyware #NSO #governement #spy #privacy #attack

·bloombergquint.com·Feb 19, 2022

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

VMware Horizon servers are under active exploit by Iranian state hackers

Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday.

#arstechnica #log4shell #EN #2022 #TunnelVision #Iranian #VMware #Horizon #CVE-2021-44228

·arstechnica.com·Feb 18, 2022

VMware Horizon servers are under active exploit by Iranian state hackers

Twitter cans 2FA service provider over surveillance claims

Twitter is changing its 2FA service provider after allegations emerged that it sold access to its networks to surveillance companies.

#malwarebytes #2FA #Mitto #Twitter #surveillance #EN #2022

·blog.malwarebytes.com·Feb 17, 2022

Twitter cans 2FA service provider over surveillance claims

Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica

DDoS temporarily take out sites as Ukraine stares down Russian soldiers at its border.

#DDoS #2022 #EN #Ukraine #arstechnica

·arstechnica.com·Feb 16, 2022

Flood of malicious junk traffic makes Ukrainian websites unreachable | Ars Technica

Apple's AirTag uncovers a secret German intelligence agency

A researcher has sent one of Apple's AirTags to a mysterious "federal authority" in Germany to locate its true offices — and to help prove that it's really part of an intelligence agency.

#Apple #appleinsider #EN #AirTags #intelligence #Germany #Wittmann

·appleinsider.com·Feb 15, 2022

Apple's AirTag uncovers a secret German intelligence agency

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key