Search cyberveille.decio.ch

Found 3149 bookmarks

Custom sorting

Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk

Nozomi Networks Labs has disclosed an unpatched vulnerability affecting the DNS of popular C standard libraries potentially in use by millions of IoT devices: uClibc and uClibc-ng.

#Nozomi #EN #2022 #C #uClibc #uClibc-ng #vulnerability #ICS-VU-638779

·nozominetworks.com·May 4, 2022

Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk

UNC3524: Eye Spy on Your Email

We introduce UNC3524, a newly discovered suspected espionage threat actor targeting corporate emails.

#Mandiant #EN #2022 #Email #espionage #corporate #emails #QUIETEXIT

·mandiant.com·May 3, 2022

UNC3524: Eye Spy on Your Email

Google Online Security Blog: The Package Analysis Project: Scalable detection of malicious open source packages

Despite open source software’s essential role in all software built today, it’s far too easy for bad actors to circulate malicious packages that attack the systems and users running that software. Unlike mobile app stores that can scan for and reject malicious contributions, package repositories have limited resources to review the thousands of daily updates and must maintain an open model where anyone can freely contribute. As a result, malicious packages like ua-parser-js, and node-ipc are regularly uploaded to popular repositories despite their best efforts, with sometimes devastating consequences for users.

#google #2022 #EN #opensource #Package #Analysis #Project #malicious #packages

·security.googleblog.com·May 3, 2022

Google Online Security Blog: The Package Analysis Project: Scalable detection of malicious open source packages

Spanish prime minister’s phone ‘targeted with Pegasus spyware’

The Spanish government has said the mobile phones of the prime minister, Pedro Sánchez, and the defence minister, Margarita Robles, were both infected last year with the Pegasus spyware that its manufacturers claim is available only to state agencies.

#theguardian #en #2022 #pegasus #minister #Spain #spy

·theguardian.com·May 3, 2022

Spanish prime minister’s phone ‘targeted with Pegasus spyware’

Russia’s cyber warfare against Ukraine more nuanced than expected

Russia’s approach to cyber warfare against Ukraine has proved more subtle so far than many expected. This week’s Microsoft report on the operations reveals that Moscow-backed hackers have launched more than 200 cyberattacks against Ukraine, including nearly 40 destructive ones that targeted the country’s government organizations and critical sectors. Cyber experts say the analysis suggests…

#thehill #EN #2022 #cyberwarfare #Russia #Ukraine #nuanced

·thehill.com·May 2, 2022

Russia’s cyber warfare against Ukraine more nuanced than expected

Introducing Package Analysis: Scanning open source packages for malicious behavior

Today we’re pleased to announce the initial prototype version of the Package Analysis project, an OpenSSF project addressing the challenge of identifying malicious packages in popular open source repositories. In just one month of analysis, the project identified more than 200 malicious packages uploaded to PyPI and npm.

#openssf #EN #2022 #Analysis #Scan #opensource #packages #Package #behavior

·openssf.org·May 2, 2022

Introducing Package Analysis: Scanning open source packages for malicious behavior

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities

The pictures show neatly trimmed fiber optic cables dug up from underground behind what appears to be a well-hidden grate. The apparent simplicity of the sabotage is all the more harrowing in light of how extensively it disrupted Internet service in France, experts said.

#cyberscoop #2022 #en #fiber #optical #cable #attack #French

·cyberscoop.com·May 1, 2022

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities

2021 Top Routinely Exploited Vulnerabilities | CISA

This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),

#cisa #uscert #csirt #cert #U.-S.-Computer-Emergency-Readiness #top #2021 #top2021 #EN #2022 #Vulnerabilities

·cisa.gov·Apr 28, 2022

2021 Top Routinely Exploited Vulnerabilities | CISA

Jamf Threat Labs identifies Safari vulnerability (CVE-2022-22616) allowing for Gatekeeper bypass

The identified vulnerability allows bypassing of Gatekeeper security and app notorization, has been patched by Apple.

#jamf #2022 #EN #Safari #CVE-2022-22616 #Gatekeeper #Apple #macOS

·jamf.com·Apr 28, 2022

Jamf Threat Labs identifies Safari vulnerability (CVE-2022-22616) allowing for Gatekeeper bypass

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

#GitHub #EN #2022 #no-fix #vulnerability #Windows #LDAP #domain #signing #KrbRelayUp #privilege #escalation

·github.com·Apr 27, 2022

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.

#Nimbuspwn #microsoft #EN #2022 #CVE-2022-29799 #CVE-2022-29800 #vulnerability #Linux #D-Bus #TOCTOU #networkd-dispatcher

·microsoft.com·Apr 27, 2022

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Kaspersky DDoS report, Q1 2022

Against the backdrop of the conflict between Russia and Ukraine, the number of DDoS attacks in Q1 2022 increased by 4.5 times against Q1 2021. A significant proportion of them were by hacktivists.

#securelist #Kaspersky #Botnets #Cybercrime #DDoS-attacks #Internet-of-Things #2022 #EN #report #DDoS

·securelist.com·Apr 26, 2022

Kaspersky DDoS report, Q1 2022

Zero Tolerance: More Zero-Days Exploited in 2021 Than Ever Before

We identified 80 zero-days exploited in the wild in 2021, more than we've seen in any year.

#mandiant #2022 #EN #0-days #Review #year

·mandiant.com·Apr 24, 2022

Zero Tolerance: More Zero-Days Exploited in 2021 Than Ever Before

LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave

Operators of the LemonDuck botnet are targeting Docker instances in a cryptocurrency mining campaign.

#ZDNet #EN #2022 #lemonduck #docker #bonnet #cryptocurrency

·zdnet.com·Apr 24, 2022

LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave

Securing Cloudflare Using Cloudflare

When a new security threat arises — a publicly exploited vulnerability (like log4j) or the shift from corporate-controlled environments to remote work or a potential threat actor — it is the Security team’s job to respond to protect Cloudflare’s network, customers, and employees. And as security threats evolve, so should our defense system. Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would?

#cloudflare #2022 #EN #FIDO2 #access #control #management

·blog.cloudflare.com·Apr 24, 2022

Securing Cloudflare Using Cloudflare

CVE-2022-21449: Psychic Signatures in Java

The long-running BBC sci-fi show Doctor Who has a recurring plot device where the Doctor manages to get out of trouble by showing an identity card which is actually completely blank. Of course, this being Doctor Who, the card is really made out of a special "psychic paper", which causes the person looking at it…

#CVE-2022-21449 #neilmadden #EN #2022 #cryptobug #ECDSA

·neilmadden.blog·Apr 20, 2022

CVE-2022-21449: Psychic Signatures in Java

The More You Know, The More You Know You Don’t Know

A Year in Review of 0-days Used In-the-Wild in 2021

#googleprojectzero #EN #2022 #2021 #0-day #0-days #Review #Year

·googleprojectzero.blogspot.com·Apr 20, 2022

The More You Know, The More You Know You Don’t Know

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.

#citizenlab #CatalanGate #EN #2022 #Pagasus #Catalan #spyware #EU

·citizenlab.ca·Apr 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Increased Enterprise Use of iOS, Mac Means More Malware

As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and

#Apple #iOS #macOS #MDM #malware-threats #bankinfosecurity #EN #2022 #entreprise

·bankinfosecurity.com·Apr 16, 2022

Increased Enterprise Use of iOS, Mac Means More Malware

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild

It takes only a second to crack the handful of weak keys. Are there more out there?

#CVE-2022-26320 #arstechnica #2022 #EN #RSA #crack #keys #SafeZone

·arstechnica.com·Apr 15, 2022

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild

Microsoft Zero-Days, Wormable Bugs Spark Concern

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

#CVE-2022-26809 #EN #2022 #threatpost #Vulnerabilities #Patch-Tuesday #zero-day #CVE-2022-26904 #Windows #RPC

·threatpost.com·Apr 13, 2022

Microsoft Zero-Days, Wormable Bugs Spark Concern

Russia’s Sandworm hackers attempted a third blackout in Ukraine

The attack was the first in five years to use Sandworm's Industroyer malware.

#Sandworm #Industroyer #arstechnica #2022 #EN #cyberwar #Ukraine #blackout #malware #ICS

·arstechnica.com·Apr 13, 2022

Russia’s Sandworm hackers attempted a third blackout in Ukraine

RaidForums hacking forum seized by police, owner arrested

The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries.

#bleepingcomputer #2022 #EN #Arrest #DOJ #Europol #FBI #RaidForums

·bleepingcomputer.com·Apr 13, 2022

RaidForums hacking forum seized by police, owner arrested

Git security vulnerability announced

GitHub is unaffected by the vulnerabilities, but users should be aware of them and upgrade their local installation of Git.

#Git #github #2022 #EN #CVE-2022-24765 #CVE-2022-24767 #vulnerability

·github.blog·Apr 13, 2022

Git security vulnerability announced

The U.S. is using declassified intel to fight an info war with Russia, even when the intel isn't rock solid

The Biden administration has broken with precedent by using declassified intelligence in an information war against Russia — even intel that isn’t rock solid.

#nbcnews #EN #2022 #US #strategy #declassified #intel #infowar #cyberwarfare

·nbcnews.com·Apr 12, 2022

The U.S. is using declassified intel to fight an info war with Russia, even when the intel isn't rock solid

Industroyer2: Industroyer reloaded

ESET researchers have responded to a cyber-incident that affected an energy provider in Ukraine and involved ICS-capable malware called Industroyer2.

#welivesecurity #Industroyer2 #Industroyer #EN #2022 #Ukraine #cyberwar #ICS #research

·welivesecurity.com·Apr 12, 2022

Industroyer2: Industroyer reloaded

CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware

Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai botnet malware. The exploitation allows threat actors to download the Mirai sample to the “/tmp” folder and execute them after permission change using “chmod”. We began seeing malicious activities at the start of April 2022. We also found the malware file server with other variants of the sample for different CPU architectures.

#CVE-2022-22965 #trendmicro #EN #2022 #Spring4Shell #Vulnerability #SpringFramework #Tomcat

·trendmicro.com·Apr 12, 2022

CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware

Spionaggio cyber alla Commissione europea

Gli smartphone di almeno cinque funzionari di Bruxelles e del commissario alla Giustizia Reynders sono stati tenuti sotto controllo tra febbraio e settembre 2021 con software dell'azienda isrealiana Pegaus, contro cui Reynders aveva chiesto l'apertura di un'indagine

#wiredit #IT #2022 #privacy #europa #sorveglianza #Pegasus #EU

·wired.it·Apr 11, 2022

Spionaggio cyber alla Commissione europea

Police Records Show Women Are Being Stalked With Apple AirTags Across the Country

Motherboard obtained reports of stalking, harassment, and abuse using AirTags, targeting victims of intimate partner violence.

#vice #2022 #EN #AirTags #stalking #harassment #Women #Apple #police

·vice.com·Apr 10, 2022

Police Records Show Women Are Being Stalked With Apple AirTags Across the Country