New data-wiping malware used in destructive attacks on Ukraine
Cybersecurity firms have found a new data wiper used in destructive attacks today against Ukrainian networks just as Russia moves troops into regions of Ukraine.
Second data wiper attack hits Ukraine computer networks
Two cybersecurity firms with a strong business presence in Ukraine—ESET and Broadcom’s Symantec—have reported tonight that computer networks in the country have been hit with a new data-wiping attack. The attack is taking place as Russian military troops have crossed the border and invaded Ukraine’s territory in what Russian President Putin has described as a “peacekeeping” mission.
The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Bvp47 - a Top-tier Backdoor of US NSA Equation Group PDF Document
Find You: Building a stealth AirTag clone | Positive Security
We built an AirTag clone capable of silently and continuously tracking someone. The device accomplishes this by sending just one beacon per generated public key, thereby staying invisible to tracking notifications for iOS users and Apple’s Tracker Detect Android app.
Un ex-officier de la CIA sur l’Ukraine: «Jamais les Etats-Unis n’ont divulgué autant d’informations sensibles et aussi vite»
Un ex-officier de la CIA évoque les risques et avantages de la stratégie américaine de divulguer des informations brutes du Renseignement pour faire pression sur la Russie
Chinese cyber-attackers 'targeted Taiwanese financial firms'
Operation Cache Panda went after software used by majority of industry players
Horde Webmail 5.2.22 - Account Takeover via Email
We recently discovered a code vulnerability in Horde Webmail that can be used by attackers to take over email accounts by sending a malicious email.
Behind the stalkerware network spilling the private phone data of hundreds of thousands
It's not just one spyware app exposing people's phone data, but an entire fleet of Android spyware apps that share the same security vulnerability.
The US is unmasking Russian hackers faster than ever
The White House rapidly gathered evidence and blamed Russia for a cyberattack against Ukraine, the latest sign that cyber attribution is an increasingly crucial tool in the American arsenal.
Comment le leader mondial des data centers a contré l’attaque par rançongiciel de NetWalker
Michael Montoya, Chief Information Security Officer de la société Equinix, a dévoilé les coulisses de la gestion de crise suite à la découverte de l’attaque par rançongiciel de NetWalker en septembre 2020.
Risque de cybersécurité – RUAG doit être plus vigilante sur ses données sensibles
La commission de gestion du National estime que des données pourraient se retrouver en main de tiers en cas de vente d’unités de l’entreprise.
Une faille vulnérabilise le gestionnaire de paquets Snap pour Linux
Découverte dans le gestionnaire de paquets Snap pour systèmes Linux développé par Canonical, une faille expose les utilisateurs à de l'escalade de privilèges. Un risque qui peut déboucher jusqu'à de l'accès root.
Oh Snap! More Lemmings (Local Privilege Escalation in snap-confine)
We recently audited snap-confine (a SUID-root program that is installed by default on Ubuntu) and discovered two vulnerabilities (two Local Privilege Escalations, from any user to root): CVE-2021-44730 and CVE-2021-44731.
Cosa sappiamo di sLoad e perchè è così elusivo? –
Cosa sappiamo di sLoad e perchè è così elusivo?
Boosting your Organisation's Cyber Resilience - Joint Publication
ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to adopt a minimum set of cybersecurity best practices PDF Document
Pegasus spyware scandal uncovered by fake image file on an iPhone
The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.
Who Is Behind QAnon? Linguistic Detectives Find Fingerprints
Using machine learning, separate teams of computer scientists identified the same two men as likely authors of messages that fueled the viral movement.
Cyberattack targets Vodafone Portugal, disrupts services
Vodafone Portugal, one of the country’s leading telecommunications companies, said Tuesday it had been hacked though no confidential customer data was compromised
‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them
As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.
Une cyberattaque met à genou l’Université de Neuchâtel
L’institution a été victime jeudi soir de ce qui semble être un rançongiciel. Ses services informatiques travaillent d’arrache-pied pour restaurer ses systèmes avant la rentrée de lundi
Kazakhstan's Internet Shutdowns Could Be a Warning for Ukraine
Control of the internet is increasingly part of any modern conflict.
VMware Horizon servers are under active exploit by Iranian state hackers
Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday.
The Elite Hackers of the FSB
For almost two decades, hackers with Snake have been forcing their way into government networks. They are considered one of the most dangerous hacker groups in the world. Who they work for, though, has always been a matter of pure speculation. But reporters with the German public broadcasters BR and WDR have discovered some clues, and they all lead to the Russian secret service FSB.
Passware parvient à trouver le mot de passe des Mac T2 par force brute
La société Passware, qui s'est fait une spécialité des solutions de déverrouillage des Mac et des PC par force brute, est parvenue à « craquer » la puce T2. Mais attention, le processus nécessite de 10 heures à… plusieurs milliers d'années, en fonction du mot de passe et de sa longueur. Mais cela reste possible grâce à une vulnérabilité exploitée par l'entreprise, dont les clients sont principalement les forces de l'ordre mais aussi des entreprises.
Twitter cans 2FA service provider over surveillance claims
Twitter is changing its 2FA service provider after allegations emerged that it sold access to its networks to surveillance companies.
Red Cross traces hack back to unpatched Zoho vulnerability
The Red Cross said the attack began on November 9 and involved an authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus.
Cyberattaque : la Croix-Rouge confirme l’exploitation d’une vulnérabilité non corrigée
Le comité international de la Croix-Rouge vient de confirmer que la cyberattaque dont il a été victime courant janvier a commencé par l’exploitation d’une vulnérabilité critique affectant un serveur Zoho ManageEngine, pour laquelle le correctif n’avait pas été appliqué.
Assurances cyber : vers une « jurisprudence NotPetya » ?
Aux États-Unis, un groupe pharmaceutique victime de NotPetya l'a emporté en première instance face à plusieurs de ses (ré)assureurs. Retour sur l'affaire.
New ‘cyber war’ exclusion language raises concerns
Marsh analysis, insights, and ideas, regarding new cyber insurance policy exclusion language related to war, cyber war, cyber operations, and catastrophic risk.
Merck’s $1.4 Billion Insurance Win Splits Cyber From ‘Act of War’
Merck & Co.‘s victory in a legal dispute with insurers over coverage for $1.4 billion in losses from malware known as NotPetya is expected to force insurance policies to more clearly confront responsibility for the fallout from nation-state cyberattacks.