Search cyberveille.decio.ch

Found 1498 bookmarks

Custom sorting

CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.

#cisa #US #2023 #Advisory #Improve #Monitoring #Hardening

·cisa.gov·Mar 9, 2023

CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA

SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft

The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL.

#sysdig #EN #2023 #SCARLETEEL #cloud #Kubernetes #Terraform #AWS #Data-Theft

·sysdig.com·Mar 9, 2023

SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft

Alerte sur des tentatives de piratage de comptes bancaires en Suisse

Le Centre national pour la cybersécurité lance un avertissement: les cybercriminels ont accès à des comptes bancaires, malgré des mesures de protection élevées, en incitant les victimes à leur fournir des informations. Raiffeisen est notamment concernée

#letemps #CH #2023 #phishing #tempsréel

·letemps.ch·Mar 9, 2023

Alerte sur des tentatives de piratage de comptes bancaires en Suisse

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

A ransomware gang has posted photos of Lehigh Valley Health Network cancer patients on the dark web after the health network refused to pay a ransom last month following a cyberattack.

#lehighvalleylive #EN #2023 #Health #patient #hospital #photos #ransomware #gang #ALPHV #BlackCat

·lehighvalleylive.com·Mar 8, 2023

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

New HiatusRAT router malware covertly spies on victims - Lumen

Lumen Black Lotus Labs identified a new campaign involving compromised routers. HiatusRAT allows threat actors to remotely interact with the system.

#lumen #EN #2023 #routers #HiatusRAT

·blog.lumen.com·Mar 8, 2023

New HiatusRAT router malware covertly spies on victims - Lumen

A Noteworthy Threat: How Cybercriminals are Abusing OneNote

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files.

#trustwave #EN #2023 #Microsoft #OneNote #phishing #malicious #analysis

·trustwave.com·Mar 8, 2023

A Noteworthy Threat: How Cybercriminals are Abusing OneNote

CVE-2023-27532

Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

#veeam #EN #2023 #advisory #vulnerability #Backup

·veeam.com·Mar 8, 2023

CVE-2023-27532

Acer Breached, Hacker Selling Access to 160GB of Stolen Data

The hacker claims the stolen data includes confidential presentations from Acer, along with software files for the company's PC products. Acer says consumer data was not breached.

#pcmag #EN #2023 #Acer #leak #Stolen #Data #confidential #presentations

·pcmag.com·Mar 8, 2023

Acer Breached, Hacker Selling Access to 160GB of Stolen Data

Sony's Legal Attack on Quad9, Censorship, and Freedom of Speech

A potentially precedent-setting legal case involving Sony Music and Quad9 may endanger internet freedom of speech and allow unchecked content censorship.

#quad9 #EN #2023 #Sony #censorship #public-dns #dns #privacy #security #Censorship #legal #Freedom

·quad9.net·Mar 8, 2023

Sony's Legal Attack on Quad9, Censorship, and Freedom of Speech

Meta’s LLaMA Leaked to the Public, Thanks To 4chan

LLaMA, Meta’s latest family of large language models, has been leaked along with its weights and is now available to download through torrents

#analyticsindiamag #EN #2023 #4chan #LLaMA #leak #Meta #AI #torrents

·analyticsindiamag.com·Mar 8, 2023

Meta’s LLaMA Leaked to the Public, Thanks To 4chan

Sudoedit can edit arbitrary files

A flaw in exists in sudo’s -e option (aka sudoedit) that allows a malicious user with sudoedit privileges to edit arbitrary files. Sudo versions affected: Sudo versions 1.8.0 through 1.9.12p1 inclusive are affected. Versions of sudo prior to 1.8.0 construct the argument vector differently and are not affected. CVE ID: This vulnerability has been assigned CVE-2023-22809 in the Common Vulnerabilities and Exposures database. Details: When invoked as sudo -e or sudoedit, sudo can be used to edit privileged files while running the editor as an unprivileged user.

#sudo #EN #2023 #Sudoedit #arbitrary #CVE-2023-22809

·sudo.ws·Mar 7, 2023

Sudoedit can edit arbitrary files

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly available.

#helpnetsecurity #EN #2023 #PoC #CVE-2023-21716 #RCE #vulnerability

·helpnetsecurity.com·Mar 7, 2023

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

Germany and Ukraine hit two high-value ransomware targets

This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against organisations and critical infrastructure and industries. Based on the BitPaymer ransomware and part of the Dridex malware family, DoppelPaymer used a unique tool capable of compromising defence mechanisms by terminating the security-related process of the attacked systems. The DoppelPaymer attacks were enabled by the prolific EMOTET...

#europol #EN #2023 #DoppelPaymer #ransomware #BitPaymer #Dridex #raid #J-CAT

·europol.europa.eu·Mar 6, 2023

Germany and Ukraine hit two high-value ransomware targets

We Found 28,000 Apps Sending Data to TikTok. A Ban Won't Help.

TikTok’s software development kits could undermine Joe Biden's order to stop internet traffic flowing from federal employees' phones to TikTok within 30 days.

#gizmodo #en #2023 #TikTok #ban #data #China #advertising

·gizmodo.com·Mar 5, 2023

We Found 28,000 Apps Sending Data to TikTok. A Ban Won't Help.

PyPi Packages Deliver Python Remote Access Tools

While researching initial attack vectors, the Kroll Cyber Threat Intelligence team identified a fully featured information stealer and remote access tool in the python package index that could lead to an intensified threat landscape. Read more.

#kroll #EN #2023 #pypi-packages #pypi-malware #python-remote-access-tool #supplychain

·kroll.com·Mar 3, 2023

PyPi Packages Deliver Python Remote Access Tools

Credit Suisse breach spills info of high-net-worth clients

Credit Suisse is telling its clients that sensitive personal information including social security identification and contact details has been compromised.

#nypost #2023 #EN #Business #banks #credit-suisse #hacking #leak #VIP #PII

·nypost.com·Mar 3, 2023

Credit Suisse breach spills info of high-net-worth clients

Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity

Markets have imposed “inadequate costs” on companies that build vulnerable technology, it says.

#wsj #EN #2023 #National #strategy #US #Biden #Software #Liable #liability #Insecurity

·wsj.com·Mar 3, 2023

Biden National Cyber Strategy Seeks to Hold Software Firms Liable for Insecurity

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy

Read the full strategy here Today, the Biden-Harris Administration released the National Cybersecurity Strategy to secure the full benefits of a safe and secure digital ecosystem for all Americans. In this decisive decade, the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security… PDF document

#whitehouse #EN #2023 #statement #National #Cybersecurity #Strategy #US

·whitehouse.gov·Mar 3, 2023

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy

How cybercriminals attack young gamers

What cyberthreats target young gamers? An overview of the most well-spread child threats in virtual gaming worlds.

·kaspersky.com·Mar 3, 2023

How cybercriminals attack young gamers

BlackLotus UEFI bootkit: Myth confirmed

ESET researchers are the first to publish an analysis of BlackLotus, the first in-the-wild UEFI bootkit capable of bypassing UEFI Secure Boot.

#welivesecurity #EN #2023 #bootkit #UEFI #IoCs

·welivesecurity.com·Mar 2, 2023

BlackLotus UEFI bootkit: Myth confirmed

West ill-prepared to deal with evolving cyber threats, report concludes

Hacking and disinformation operation has continued to expand its activity, despite separate interventions in several European countries PDF

#cardiff.ac #EN #2023 #report #Ghostwriter #campaign

·cardiff.ac.uk·Mar 1, 2023

West ill-prepared to deal with evolving cyber threats, report concludes

TCG TPM2.0 implementations vulnerable to memory corruption

Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and trigger these vulnerabilities. This allows either read-only access to sensitive data or overwriting of normally protected data that is only available to the TPM (e.g., cryptographic keys).

#cert.org #2023 #EN #TPM #TPM2.0 #TCG #memory #buffer #Buffer-Overflow

·kb.cert.org·Mar 1, 2023

TCG TPM2.0 implementations vulnerable to memory corruption

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

A cryptominer that uses the Invisible Internet protocol, Honkbox variants could still be evading some detection solutions.

#SentinelOne #EN #2023 #cryptominer #Honkbox #macos #analysis

·sentinelone.com·Mar 1, 2023

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

Lumma Stealer sellers use the name “LummaC” on an underground forum called XSS, which is based in Russia. The seller has been actively promoting the malware since April 2022. In August of that year…

#s2wblog #EN #2023 #LummaC #Stealer #analysis

·medium.com·Mar 1, 2023

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

Intrusion dans les systèmes d'information de la Ville de Lille : le point sur la situation

A cette heure, le diagnostic technique est toujours en cours pour déterminer l'origine et la gravité de l'intrusion. L'ensemble des services publics est maintenu, à l'Hôtel de Ville, dans les mairies de quartiers et l'ensemble de nos équipements avec un fonctionnement adapté. Selon les informations dont nous disposons à ce stade, aucune difficulté n'a été constatée sur les données stockées sur le système et les serveurs.

#lille #FR #2023 #Intrusion

·lille.fr·Mar 1, 2023

Intrusion dans les systèmes d'information de la Ville de Lille : le point sur la situation

U.S. Marshals Service hack compromises sensitive info

The U.S. Marshals Service suffered a security breach, with sensitive data taken from one of its systems just over a week ago.

#nbcnews #2023 #EN #US #Marshals #breach #ransomware

·nbcnews.com·Feb 28, 2023

U.S. Marshals Service hack compromises sensitive info

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

#krebsonsecurity #EN #2023 #T-Mobile #Hackers #Claim

·krebsonsecurity.com·Feb 28, 2023

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Russia’s further invasion of Ukraine in February 2022 was a watershed moment, and unique in that a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country. Leaders will draw lessons from this conflict for years, but one is already clear: the ability to deliver cyber defense assistance must be a key national security capability.

#aspeninstitute #EN #2023 #Ukraine #russia-ukraine-war #CyberDefense #assistance

·aspeninstitute.org·Feb 28, 2023

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Danish parliament urges to remove TikTok over cybersecurity

COPENHAGEN, Denmark (AP) — The Danish parliament on Tuesday urged lawmakers and employees with the 179-member assembly against having TikTok on work phones as a cybersecurity measure, saying “there is a risk of espionage.”

#apnews #EN #2023 #Denmark #tiktok #ban

·apnews.com·Feb 28, 2023

Danish parliament urges to remove TikTok over cybersecurity

LastPass breach update: The few additional bits of information

LastPass breach was aided by lax security policy, allowing accessing critical data from a home computer. Also, companies implementing federated login are also affected by the breach, despite LastPass originally denying it.

#palant.info #EN #2023 #breach #LastPass

·palant.info·Feb 28, 2023

LastPass breach update: The few additional bits of information