Search cyberveille.decio.ch

Found 6141 bookmarks

Custom sorting

Exclusive: Northrop Grumman working with Musk's SpaceX on U.S. spy satellite system | Reuters

Aerospace and defense company Northrop Grumman is working with SpaceX, the space venture of billionaire entrepreneur Elon Musk, on a classified spy satellite project already capturing high-resolution imagery of the Earth, according to people familiar with the program.

#reuters #EN #2024 #SpaceX #Northrop-Grumman #satellite #spy #spy-satellite

·reuters.com·Apr 18, 2024

Exclusive: Northrop Grumman working with Musk's SpaceX on U.S. spy satellite system | Reuters

Students turning to cyberfraud as huge phishing

LabHost enabled users to set up websites designed to trick victims into revealing personal information – with 70,000 allegedly duped in the UK

#theguardian #EN #2024 #LabHost #phishing #students #fraud #UK #police #infiltrated

·theguardian.com·Apr 18, 2024

Students turning to cyberfraud as huge phishing

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.

#microsoft #EN #2024 #OpenMetadata #Kubernetes #CVE-2024-28255 #CVE-2024-28847 #CVE-2024-28253 #CVE-2024-2884 #CVE-2024-28254

·microsoft.com·Apr 18, 2024

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm

APT44 is a threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations.

#Mandiant #EN #2024 #APT44 #Threat-Intelligence #Sandworm #Russia #google #attribution #FROZENBARENTS

·cloud.google.com·Apr 18, 2024

Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities | WIRED

Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.

#wired #EN #2024 #infrastructure #hackers #russia #critical #cyberwar #cyberattacks #ukraine

·wired.com·Apr 18, 2024

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities | WIRED

Over 500 people targeted by Pegasus spyware in Poland, officials say

Prosecutor General Adam Bodnar says an investigation into Pegasus use by current and former government officials has expanded to hundreds more people than initially reported.

#therecord #EN #2024 #spyware #Pegasus #Poland

·therecord.media·Apr 17, 2024

Over 500 people targeted by Pegasus spyware in Poland, officials say

Ivanti warns of critical flaws in its Avalanche MDM solution

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.

#bleepingcomputer #EN #2024 #Ivanti #Ivanti-Avalanche #Mobile-Device-Management #Remote-Command-Execution #CVE-2024-24996 #CVE-2024-29204

·bleepingcomputer.com·Apr 17, 2024

Ivanti warns of critical flaws in its Avalanche MDM solution

Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer

What happened Proofpoint identified TA547 targeting German organizations with an email campaign delivering Rhadamanthys malware. This is the first time researchers observed TA547 use Rhadamanthys,...

#proofpoint #EN #2024 #LLM #chatgpt #analysis #TA547 #Rhadamanthys #Stealer

·proofpoint.com·Apr 17, 2024

Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer

Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)

Welcome to April 2024, again. We’re back, again. Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device. We’ve seen all the commentary around the certification process of these devices for certain .GOVs - we’re not here to comment on that, but sounds humorous.

#watchtowr #EN #2024 #CVE-2024-3400 #SSLVPN #Paloalto #GlobalProtect #analysis

·labs.watchtowr.com·Apr 17, 2024

Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)

DDoS threat report for 2024 Q1

2024 started with a bang. Cloudflare’s autonomous systems mitigated over 4.5 million DDoS attacks in the first quarter of the year — a 50% increase compared to the previous year.

#cloudflare #EN #2024 #DDoS #attacks #report

·blog.cloudflare.com·Apr 17, 2024

DDoS threat report for 2024 Q1

The US Government Has a Microsoft Problem

Microsoft has stumbled through a series of major cybersecurity failures over the past few years. Experts say the US government’s reliance on its systems means the company continues to get a free pass.

#wired #EN #2024 #microsoft #cybersecurity #us-government #china #russia #US #problem

·wired.com·Apr 16, 2024

The US Government Has a Microsoft Problem

Change Healthcare stolen patient data leaked by ransomware gang

This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.

#techcrunch #EN #2024 #change-healthcare #data-breach #data-leack #patient

·techcrunch.com·Apr 16, 2024

Change Healthcare stolen patient data leaked by ransomware gang

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

XZ Utils cyberattack likely not an isolated incident

#openjsf #EN #2024 #OpenSSF #Social-engineering #XZ #open-source

·openjsf.org·Apr 16, 2024

Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects

Leaked LockBit builder in a real-life incident response case | Securelist

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.

#securelist #EN #2024 #builder #Data-Encryption #Incident-response #LockBit #Malware #Malware-Technologies #Ransomware #Targeted-attacks #Trojan

·securelist.com·Apr 16, 2024

Leaked LockBit builder in a real-life incident response case | Securelist

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering  | Proofpoint US

Key takeaways  TA427 regularly engages in benign conversation starter campaigns to establish contact with targets for long-term exchanges of information on topics of strategic importance to the No...

#proofpoint #EN #2024 #DMARC #Abuse #TA427 #analysis #North-Korea

·proofpoint.com·Apr 16, 2024

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering  | Proofpoint US

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

CISA publicly released an emergency directive issued to federal agencies earlier this month, detailing how a breach at Microsoft could have affected the government.

#therecord #EN #2024 #CISA #Microsoft #Breach #government #email

·therecord.media·Apr 15, 2024

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

Automating Pikabot’s String Deobfuscation

ThreatLabz created an IDA plugin to automate the deobfuscation of Pikabot’s strings.

#zscaler #EN #2024 #research #Pikabot #deobfuscation

·zscaler.com·Apr 15, 2024

Automating Pikabot’s String Deobfuscation

World-first “Cybercrime Index” ranks countries by cybercrime threat

Following three years of intensive research, an international team of researchers have compiled the first ever ‘World Cybercrime Index’, which identifies the globe’s key cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.

#University-of-Oxford #EN #2024 #UK #World-Cybercrime-Index #research #ranking

·ox.ac.uk·Apr 15, 2024

World-first “Cybercrime Index” ranks countries by cybercrime threat

Vulnerabilities Identified in LG WebOS

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.

#bitdefender #EN #2024 #LG #WebOS #TV #iot #vulnerability #CVE-2023-6317 #CVE-2023-6318 #CVE-2023-6319 #CVE-2023-6320

·bitdefender.com·Apr 10, 2024

Vulnerabilities Identified in LG WebOS

Ransomware Diaries: Volume 1

The LockBit ransomware gang is one of the most notorious organized cybercrime syndicates that exists today. The gang is behind attacks targeting private-sector corporations and other high-profile industries worldwide. News and media outlets have documented many LockBit attacks, while security vendors offer technical assessments explaining how each occurred. Although these provide insight into the attacks, I wanted to know more about the human side of the operation to learn about the insights, motivations, and behaviors of the individuals on the other side of the keyboard. To prepare for this project, I spent months developing several online personas and established their credibility over time to gain access to the gang’s operation.

#analyst1 #EN #2023 #LockBit #ransomware #Insights

·analyst1.com·Jan 21, 2023

Ransomware Diaries: Volume 1

Accidentally Crashing a Botnet

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.

#akamai #EN #2022 #Security-Research #Research #Bot-Attacks #DDOS #Cyber-Security #Kmsdbot #botnet #SIRT #cryptomining #crash #malware

·akamai.com·Jan 15, 2023

Accidentally Crashing a Botnet

Schools hit by cyber attack and documents leaked

Confidential details including child passport scans and SEN data is published online, the BBC finds.

#bbc #EN #2023 #ViceSociety #vice-society #schools #UK #leak #ransomware #attack #education

·bbc.com·Jan 6, 2023

Schools hit by cyber attack and documents leaked

Shc Linux Malware Installing CoinMiner

The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.

#asec #2023 #EN #Shell #Script #Compiler #analysis #Linux #Malware #CoinMiner #Shc

·asec.ahnlab.com·Jan 4, 2023

Shc Linux Malware Installing CoinMiner

Cyber attacks set to become ‘uninsurable’, says Zurich chief

The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.

#ft #Financial-Times #archive #2022 #EN #chief #executive #insurance #cyber-attacks #uninsurable #Zurich

·archive.ph·Dec 30, 2022

Cyber attacks set to become ‘uninsurable’, says Zurich chief

Twitter in data-protection probe after '400 million' user details up for sale

A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.

#BBC #EN #2022 #hacker #data-protection #Twitter #sale #watchdog

·bbc.co.uk·Dec 29, 2022

Twitter in data-protection probe after '400 million' user details up for sale

Darknet markets generate millions in revenue selling stolen personal data

A handful of markets were responsible for trafficking most of the data.

#arstechnica #EN #2022 #Darknet #markets #data #stolen-data-supply-chain

·arstechnica.com·Dec 3, 2022

Darknet markets generate millions in revenue selling stolen personal data

Vanuatu: Hackers strand Pacific island government for over a week

Vanuatu - an island courted by the US and China - has been stranded offline for over a week.

#BBC #EN #2022 #Vanuatu #ransomware #government

·bbc.com·Nov 21, 2022

Vanuatu: Hackers strand Pacific island government for over a week

LockBit ransomware suspect nabbed in Canada, faces charges in the US

Automation features make LockBit one of the more destructive pieces of ransomware. Federal prosecutors on Thursday charged a dual Russian and Canadian national for his alleged participation in a global campaign to spread ransomware known as LockBit. Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, was taken into custody in late October by authorities in Ontario, officials at Interpol said. He is now in custody in Canada awaiting extradition to the US.

#arstechnica #EN #2022 #LockBit #Canada #member #arrest

·arstechnica.com·Nov 13, 2022

LockBit ransomware suspect nabbed in Canada, faces charges in the US

Crimson Kingsnake: BEC Group Impersonates…

Recently, we identified a new BEC group leveraging blind third-party impersonation tactics to swindle companies around the world. The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals into quickly paying bogus invoices.

#abnormalsecurity #EN #2022 #BEC #invoices #Crimson-Kingsnake #impersonation #scam

·abnormalsecurity.com·Nov 3, 2022

Crimson Kingsnake: BEC Group Impersonates…

How Vice Society got away with a global ransomware spree | Ars Technica

Vice Society has a superpower that’s allowed it to quietly thrive: Mediocrity.

#arstechnica #EN #2022 #vice-society #mediocrity #opinion #school

·arstechnica.com·Oct 22, 2022

How Vice Society got away with a global ransomware spree | Ars Technica