Search cyberveille.decio.ch

Found 2835 bookmarks

Custom sorting

Gimmick MacOS Malware Spreads Through Customized Files, Enables MacOS CodeSign Bypass - CloudSEK

We discovered that Gimmick MacOS malware communicates only through their C2 server hosted on Google Drive. The malware was discovered in the first week of May and it has been actively targeting macOS devices

#Cloudsek #EN #2022 #malware #macOS #Gimmick #C2

·cloudsek.com·May 27, 2022

Gimmick MacOS Malware Spreads Through Customized Files, Enables MacOS CodeSign Bypass - CloudSEK

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises ESXi servers. We discuss our initial findings in this report.

#Trendmicro #EN #2022 #endpoints #ransomware #research #ESXi #Linux #cheerscrypt

·trendmicro.com·May 27, 2022

New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

Large-scale Analysis of DNS-based Tracking Evasion - broad data leaks included?

User tracking technologies are ubiquitous on the web. In recent times web browsers try to fight abuses. This led to an arms race where new tracking and anti-tracking measures are being developed. The use of one of such evasion techniques, the CNAME cloaking technique is recently quickly gaining popularity. Our evidence indicates that the use of the CNAME scheme threatens web security and privacy systematically and in general

#lukaszolejnik #EN #2022 #research #privacy #web-browser #web #w3c #consent #data-breach #gdpr #dns #cname #cloacking

·blog.lukaszolejnik.com·May 27, 2022

Large-scale Analysis of DNS-based Tracking Evasion - broad data leaks included?

Exclusive: Russian hackers are linked to new Brexit leak website, Google says

A new website that published leaked emails from several leading proponents of Britain's exit from the European Union is tied to Russian hackers, according to a Google cybersecurity official and the former head of UK foreign intelligence.

#Reuters #EN #2022 #Brexit #exclusive #russian #Google #UK #Russia #EU #leaks #intelligence

·reuters.com·May 26, 2022

Exclusive: Russian hackers are linked to new Brexit leak website, Google says

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

The Pro-Russia Hacker Group Killnet recently targeted European institutions, while Anonymous hackers are already claiming to have leaked its data.

#hackread #EN #2022 #Anonymous #russia-ukraine-war #Pro-Russia #Killnet

·hackread.com·May 26, 2022

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code.

#thehackernews #EN #2022 #XMPP #Zoom #CVE-2022-22784 #CVE-2022-22785 #CVE-2022-22786 #CVE-2022-22787

·thehackernews.com·May 25, 2022

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables

This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.

#PyPI #ctx #PHP #supplychain #attack #sonatype #EN #2022 #exfiltration #steal #Supply-chain-security

·blog.sonatype.com·May 25, 2022

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables

Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)

This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.

#CVE-2022-23121 #nccgroup #EN #2022 #Netatalk #WesternDigital #vulnerability #AppleDouble

·research.nccgroup.com·May 24, 2022

Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog

Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware's capabilities and key infection signs.

#microsoft-security-blog #2022 #EN #Linux #XorDdos #botnet #malware #stealthy

·microsoft.com·May 23, 2022

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware

Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.

#sentinelone #EN #2022 #supply-chain #Supply-chain-security #Rust #CrateDepression #malicious #dependency

·sentinelone.com·May 23, 2022

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

#GoogleTAG #EN #2022 #Android #0-day #0day #cytrox #CVE-2021-1048 #chrome

·blog.google·May 22, 2022

Protecting Android users from 0-Day attacks

The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine

New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.

#mandiant #EN #2022 #Information #Operations #russia-ukraine-war #research #IO #activities #cyberwar

·mandiant.com·May 21, 2022

The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine

Canada bans Huawei and ZTE from 5G networks over security concerns

The Government of Canada announced its intention to ban the use of Huawei and ZTE telecommunications equipment and services across the country's 5G and 4G networks.

#bleepingcomputer #EN #2022 #5G #Ban #Canada #Huawei #Telecommunications #ZTE

·bleepingcomputer.com·May 21, 2022

Canada bans Huawei and ZTE from 5G networks over security concerns

Policy Statement – Securing Canada’s Telecommunications System

The Government of Canada has serious concerns about suppliers such as Huawei and ZTE who could be compelled to comply with extrajudicial directions from foreign governments in ways that would conflict with Canadian laws or would be detrimental to Canadian interests.

#EN #2022 #Telecommunications-policy #Huawei #ZTE #Canada #Telecommunications #5G

·canada.ca·May 21, 2022

Policy Statement – Securing Canada’s Telecommunications System

Fears grow for smaller nations after ransomware attack on Costa Rica escalates

The Russia-linked ransomware gang demanded $20 million in ransom — and the overthrow of Costa Rica's elected government. Where does that leave smaller, equally vulnerable nation states?

#cyberattacks #techcrunch #EN #2022 #data-breaches #emsisoft #encryption #healthcare #Conti #law-enforcement #president #ransomware #Costarica

·techcrunch.com·May 21, 2022

Fears grow for smaller nations after ransomware attack on Costa Rica escalates

President Rodrigo Chaves says Costa Rica is at war with Conti hackers

The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries. Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.

#BBC #EN #2022 #Conti #War #Costarica #ransomware #cybercriminals

·bbc.com·May 20, 2022

President Rodrigo Chaves says Costa Rica is at war with Conti hackers

Exploiting an Unbounded memcpy in Parallels Desktop

This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...

#ret2 #EN #2022 #macOS #Parallels #Pwn2Own #escape #exploit #VM #vulnerability #research #reverseengineering #binary-exploitation #program-analysis

·blog.ret2.io·May 20, 2022

Exploiting an Unbounded memcpy in Parallels Desktop

KillNet: Pro-Russian Hacktivists.

The following is a closer look at one of the most active Pro-Russian ‘hacktivist’ groups currently operating during the Ukraine-Russia war…

#cyberknow #EN #2022 #Pro-Russian #russia-ukraine-war #KillNet

·cyberknow.medium.com·May 20, 2022

KillNet: Pro-Russian Hacktivists.

Killnet Cyber Attacks Against Italy and NATO Countries

The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco

#Killnet #Mirai #DDoS #attacks #Italy #sysdig #EN #2022 #NATO

·sysdig.com·May 20, 2022

Killnet Cyber Attacks Against Italy and NATO Countries

New 'Smart' Cheese Rinds Help Fight Parmesan Fraud

Parmigiano Reggiano has used tracking codes for two decades, but now they are going high tech.

#foodandwine #EN #2022 #food-and-wine #food #wine #Parmigiano #Reggiano #Trackers #micro-transponder

·foodandwine.com·May 19, 2022

New 'Smart' Cheese Rinds Help Fight Parmesan Fraud

Data Marketplace Selling Info About Who Uses Period Tracking Apps

The data could be a potential first step to identifying the users of a specific app in a post-abortion rights America.

#vice #EN #2022 #abortion #US #tracking #privacy #Narrative #Motherboard #period

·vice.com·May 19, 2022

Data Marketplace Selling Info About Who Uses Period Tracking Apps

Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes

On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in the Jupiter and JupiterX Premium themes and the required JupiterX Core companion plugin for WordPress, which included a critical privilege escalation vulnerability that allowed any user to become an administrator. The plugin developers quickly replied ...Read More

#Wordfence #2022 #EN #JupiterX #Wordpress #theme #Privilege #CVE-2022-1654 #CVE-2022-1656 #CVE-2022-1657 #CVE-2022-1658 #CVE-2022-1659

·wordfence.com·May 18, 2022

Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes

Researchers devise iPhone malware that runs even when device is turned off

Research is largely theoretical but exposes an overlooked security issue.

#arstechnica #EN #2022 #iPhone #study #malware #Bluetooth #Darmstadt #university

·arstechnica.com·May 18, 2022

Researchers devise iPhone malware that runs even when device is turned off

CVE-2022-22675: AppleAVD Overflow in AVC_RBSP::parseHRD | 0-days In-the-Wild

Information about 0-days exploited in-the-wild!

#CVE-2022-22675 #googleprojectzero #EN #2022 #0-days #iOS #macOS

·googleprojectzero.github.io·May 17, 2022

CVE-2022-22675: AppleAVD Overflow in AVC_RBSP::parseHRD | 0-days In-the-Wild

Multi-factor Authentication to Generate $27 Billion Globally for Mobile Operators in 2022, Juniper Research Study Finds

A new study by Juniper Research has found operators will generate $27 billion from the termination of SMS messages related to multi-factor authentication in 2022; an increase from $25 billion in 2021. The research predicts this 5% growth will be driven by increased pressure on digital service providers to offer secure authentication that reduces risk of data breaches and protects user identity. Multi-factor authentication combines multiple credentials to verify a user or transaction. This includes sending an SMS that contains a one‑time password or code to a user’s unique phone number.

#businesswire #Juniper #EN #2022 #Multi-factor #MFA #SMS #Research #Study #Authentication #Mobile

·businesswire.com·May 17, 2022

Multi-factor Authentication to Generate $27 Billion Globally for Mobile Operators in 2022, Juniper Research Study Finds

Web ad firms scrape email addresses before you know it

Tracking, marketing, and analytics firms have been exfiltrating the email addresses of internet users from web forms prior to submission and without user consent, according to security researchers.

#theregister #2022 #EN #scrape #email #analytics #marketing #Tracking #privacy #exfiltrating #research

·theregister.com·May 17, 2022

Web ad firms scrape email addresses before you know it

Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission

Web users enter their email addresses into online forms for a variety of reasons, including signing in or signing up for a service or subscribing to a newsletter. While enabling such functionality, email addresses typed into forms can also be collected by third-party scripts even when users change their minds and leave the site without submitting the form.

#usenix #form #EN #2022 #exfiltration #submission #Study #privacy

·usenix.org·May 17, 2022

Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission

US links Thanos and Jigsaw ransomware to 55-year-old doctor

The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals.