Search cyberveille.decio.ch

Found 530 bookmarks

Custom sorting

Costa Rica declares national emergency after Conti ransomware attacks

The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. The declaration was signed into law by Chaves on Sunday, May 8th, same day as the economist and former Minister of Finance effectively became the country's 49th and current president.

#bleepingcomputer #EN #2022 #Conti #ransomware #leak #Costarica #emergency

·bleepingcomputer.com·May 10, 2022

Costa Rica declares national emergency after Conti ransomware attacks

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

#Breach #GitHub #OAuth #Warning #bleepingcomputer #EN #2022

·bleepingcomputer.com·Apr 18, 2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

RaidForums hacking forum seized by police, owner arrested

The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries.

#bleepingcomputer #2022 #EN #Arrest #DOJ #Europol #FBI #RaidForums

·bleepingcomputer.com·Apr 13, 2022

RaidForums hacking forum seized by police, owner arrested

Chinese hackers abuse VLC Media Player to launch malware loader

Security researchers have uncovered a long-running malicious campaign from hackers associated with the Chinese government who are using VLC Media Player to launch a custom malware loader.

#APT10 #Backdoor #China #Cicada #Microsoft-Exchange #VLC #VLC-Media-Player #EN #2022 #bleepingcomputer

·bleepingcomputer.com·Apr 6, 2022

Chinese hackers abuse VLC Media Player to launch malware loader

Hackers breach MailChimp's internal tools to target crypto customers

Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.

#bleepingcomputer #EN #2022 #MailChimp #Phishing #Social-Engineering #Trezor

·bleepingcomputer.com·Apr 5, 2022

Hackers breach MailChimp's internal tools to target crypto customers

QNAP warns severe OpenSSL bug affects most of its NAS devices

Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

#QNAP #bleepingcomputer #EN #2022 #OpenSSL #bug #CVE-2022-0778 #NAS

·bleepingcomputer.com·Mar 31, 2022

QNAP warns severe OpenSSL bug affects most of its NAS devices

Samsung confirms hackers stole Galaxy devices source code

Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.

#bleepingcomputer #Lapsus$#Samsung #Galaxy #EN #2022 #confidential #DataBreach #sourcecode

·bleepingcomputer.com·Mar 7, 2022

Samsung confirms hackers stole Galaxy devices source code

Hackers leak 190GB of alleged Samsung data, source code

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.

#DataBreach #DataLeak #Lapsus$#Samsung #bleepingcomputer #2022 #EN #confidential

·bleepingcomputer.com·Mar 6, 2022

Hackers leak 190GB of alleged Samsung data, source code

Malware now using stolen NVIDIA code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.

#bleepingcomputer #Nvidia #certificates #malware #EN #2022 #code #signing

·bleepingcomputer.com·Mar 6, 2022

Malware now using stolen NVIDIA code signing certificates

Phishing attacks target countries aiding Ukrainian refugees

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.

#Belarus #Europe #Ghostwriter #Malware #Phishing #TA445 #Ukraine #UNC1151 #bleepingcomputer #EN #2022 #refugees

·bleepingcomputer.com·Mar 2, 2022

Phishing attacks target countries aiding Ukrainian refugees

TrickBot malware operation shuts down, devs move to BazarBackdoor

The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families.

#BazarBackdoor #Conti #Malware #Ransomware #TrickBot #2002 #EN #bleepingcomputer

·bleepingcomputer.com·Feb 26, 2022

TrickBot malware operation shuts down, devs move to BazarBackdoor

Ukraine links phishing targeting military to Belarusian hackers

The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.

#bleepingcomputer #Belarus #EN #2022 #cyberwar #Military #Phishing #Ukraine #CERT-UA #UNC1151

·bleepingcomputer.com·Feb 25, 2022

Ukraine links phishing targeting military to Belarusian hackers

New data-wiping malware used in destructive attacks on Ukraine

Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.

#bleepingcomputer #HermeticWiper #Russia #Ukraine #cyberwar #2022 #EN #datawiping

·bleepingcomputer.com·Feb 25, 2022

New data-wiping malware used in destructive attacks on Ukraine

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

#DeadBolt #NAS #QNAP #Ransomware #EN #bleepingcomputer #0-day #2022

·bleepingcomputer.com·Feb 15, 2022

New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key

[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code

Hello, Its developer. It was decided to release keys to the public for Egregor, Maze, Sekhmet ransomware families. also there is a little bit harmless source code of polymorphic x86/x64 modular EPO file infector m0yv detected in the wild as Win64/Expiro virus, but it is not expiro actually, but AV engines detect it like this, so no single thing in common with...

#leak #Maze #Egregor #Sekhmet #keys #decryptor #EN #forum #bleepingcomputer

·bleepingcomputer.com·Feb 13, 2022

[LEAK] Maze + Egregor + Sekhmet keys along with m0yv (expiro) source code

Google Project Zero: Vendors are now quicker at fixing zero-days

Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year.

#googleprojectzero #EN #0-day #metrics #bleepingcomputer

·bleepingcomputer.com·Feb 11, 2022

Google Project Zero: Vendors are now quicker at fixing zero-days

Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords

A vulnerability has been discovered in the 'util-linux' library that could allow unprivileged users to put arbitrary text on other users' terminals using the 'wall' command.

#bleepingcomputer #EN #2024 #Clipboard-Hijacker #Library #Linux #Passwords #Terminal #WallEscape

·bleepingcomputer.com·Mar 28, 2024

Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords

Finland confirms APT31 hackers behind 2021 parliament breach

The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.

#bleepingcomputer #EN #2024 #APT31 #China #Finland #Security #InfoSec #Computer-Security

·bleepingcomputer.com·Mar 27, 2024

Finland confirms APT31 hackers behind 2021 parliament breach

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.

#bleepingcomputer #EN #2024 #Google #Google-TAG #Mandiant #Spyware #Zero-Day #2023

·bleepingcomputer.com·Mar 27, 2024

Google: Spyware vendors behind 50% of zero-days exploited in 2023

New ZenHammer memory attack impacts AMD Zen CPUs

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.

#bleepingcomputer #EN #2024 #AMD #CPU #Hardware #Memory #RAM #Rowhammer #ZenHammer

·bleepingcomputer.com·Mar 26, 2024

New ZenHammer memory attack impacts AMD Zen CPUs

Darknet marketplace Nemesis Market seized by German police

The German police have seized infrastructure for the darknet Nemesis Market cybercrime marketplace in Germany and Lithuania, disrupting the site's operation.

#bleepingcomputer #EN #2024 #Nemesis #Germany #Seizure #Darknet #Takedown #BKA #Market

·bleepingcomputer.com·Mar 22, 2024

Darknet marketplace Nemesis Market seized by German police

Exploit released for Fortinet RCE bug used in attacks, patch now

Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.

#bleepingcomputer #EN #2024 #Actively-Exploited #Exploit #Fortinet #PoC #Proof-of-Concept #RCE #Remote-Code-Execution #SQL-Injection #CVE-2023-48788

·bleepingcomputer.com·Mar 21, 2024

Exploit released for Fortinet RCE bug used in attacks, patch now

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car.

#bleepingcomputer #EN #2024 #Competition #Exploit #Hacking #Linux #Pwn2Own #Tesla #Windows #Windows-11 #Zero-Day

·bleepingcomputer.com·Mar 21, 2024

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

Ivanti fixes critical Standalone Sentry bug reported by NATO

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

#bleepingcomputer #EN #2024 #Ivanti #NATO #Vulnerability #Security #InfoSec #Computer-Security

·bleepingcomputer.com·Mar 20, 2024

Ivanti fixes critical Standalone Sentry bug reported by NATO

Misconfigured Firebase instances leaked 19 million plaintext passwords

Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.

#bleepingcomputer #EN #2024 #Data-Leak #Database #Firebase #Misconfiguration #Passwords #Plaintext-Password #User-Record

·bleepingcomputer.com·Mar 20, 2024

Misconfigured Firebase instances leaked 19 million plaintext passwords

Google Chrome gets real-time phishing protection later this month

Google will roll out a Safe Browsing update later this month that will provide real-time malware and phishing protection to all Chrome users, without compromising their browsing privacy. The company launched Safe Browsing in 2005 to defend users against web phishing attacks and has since upgraded it to block malicious domains that push malware, unwanted software, and various social engineering schemes.

#bleepingcomputer #EN #2024 #solution #Browsing #Phishing #Enhanced #Chrome #Google #Safe #Privacy #Safe-Browsing #browser

·bleepingcomputer.com·Mar 14, 2024

Google Chrome gets real-time phishing protection later this month

LockBit ransomware affiliate gets four years in jail, to pay $860k

Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to four years in prison by an Ontario court for his involvement in the LockBit ransomware operation. #Canada #Case #Computer #Court #InfoSec #Legal #LockBit #Prison #Ransomware #Security

#bleepingcomputer #EN #2024 #Prison #LockBit #Court #Ransomware #Case #Legal #Canada

·bleepingcomputer.com·Mar 13, 2024

LockBit ransomware affiliate gets four years in jail, to pay $860k

Switzerland: Play ransomware leaked 65,000 government documents

The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.

#bleepingcomputer #EN #2024 #Breach #Data #Ransomware #Switzerland #PLAY #Government #Xplain

·bleepingcomputer.com·Mar 7, 2024

Switzerland: Play ransomware leaked 65,000 government documents

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars

An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

#bleepingcomputer #EN #2024 #Automotive #Car #Flipper-Zero #Phishing #Tesla

·bleepingcomputer.com·Mar 7, 2024

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars

Duvel says it has "more than enough" beer after ransomware attack

Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities

#bleepingcomputer #EN #2024 #Beer #Belgium #Duvel #Ransomware #Service-Disruption

·bleepingcomputer.com·Mar 6, 2024

Duvel says it has "more than enough" beer after ransomware attack