Found 3150 bookmarks
Custom sorting
Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data
Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data
The “Augury” platform includes highly sensitive network data that Team Cymru, a private company, is selling to the military. “It’s everything. There’s nothing else to capture except the smell of electricity,” one cybersecurity expert said.
·vice.com·
Revealed: US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data
Chromium Blog: Announcing the Launch of the Chrome Root Program
Chromium Blog: Announcing the Launch of the Chrome Root Program
In 2020, we announced we were in the early phases of establishing the Chrome Root Program and launching the Chrome Root Store. The Chrome Root Program ultimately determines which website certificates are trusted by default in Chrome, and enables more consistent and reliable website certificate validation across platforms. This post shares an update on our progress and how these changes help us better protect Chrome’s users.
·blog.chromium.org·
Chromium Blog: Announcing the Launch of the Chrome Root Program
Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva
Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva
On June 27, 2022, Imperva mitigated a single attack with over 25.3 billion requests, setting a new record for Imperva’s application DDoS mitigation solution. While attacks with over one million requests per second (RPS) aren’t new, we’ve previously only seen them last for several seconds to a few minutes. On June 27, Imperva successfully mitigated a strong attack that lasted more than four hours and peaked at 3.9 million RPS.
·imperva.com·
Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva
Affaire Pegasus: l'Union européenne se penche sur le dossier suisse - rts.ch - Monde
Affaire Pegasus: l'Union européenne se penche sur le dossier suisse - rts.ch - Monde
Le Haut Commissariat aux droits de l’homme des Nations unies a publié vendredi un nouveau rapport extrêmement alarmant sur les menaces des nouvelles technologies de surveillance quant au respect de la vie privée et des droits humains. Les usages dénoncés font largement écho à la situation en Suisse.
·rts.ch·
Affaire Pegasus: l'Union européenne se penche sur le dossier suisse - rts.ch - Monde
Six months into Breached: The legacy of RaidForums?
Six months into Breached: The legacy of RaidForums?
On March 14, 2022, a new English-language cybercrime forum called Breached (also known as BreachForums) launched, as a response to the closure and seizure of the popular RaidForums. Breached was launched with the same design by the threat actor “pompompurin” as “an alternative to RaidForums,” offering large-scale database leaks, login credentials, adult content, and hacking tools.
·ke-la.com·
Six months into Breached: The legacy of RaidForums?
Ermittlungserfolg gegen Ransomware-Gruppierung
Ermittlungserfolg gegen Ransomware-Gruppierung
In the context of an internationally coordinated operation against a ransomware group, the Zurich Public Prosecutor’s Office is leading criminal proceedings against an accused person. At the same time, cyber investigators of the Zurich Cantonal Police have been intensively analysing the data storage devices seized from that person in the past months. This analysis has revealed numerous private keys. They enable the aggrieved companies to recover their encrypted data.
·zh.ch·
Ermittlungserfolg gegen Ransomware-Gruppierung
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.
·worthdoingbadly.com·
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)
Webworm: Espionage Attackers Testing and Using Older Modified RATs
Webworm: Espionage Attackers Testing and Using Older Modified RATs
The attackers are working on a number of malware threats, some of which have been used in attacks while others are in pre-deployment or testing stages. Symantec, by Broadcom Software, has gained insight into the current activities of a group we call Webworm. The group has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. At least one of the indicators of compromise (IOCs) observed by Symantec was used in an attack against an IT service provider operating in multiple Asian countries, while others appear to be in pre-deployment or testing stages.
·symantec-enterprise-blogs.security.com·
Webworm: Espionage Attackers Testing and Using Older Modified RATs
RedLine spreads through ads for cheats and cracks on YouTube
RedLine spreads through ads for cheats and cracks on YouTube
An unusual malicious bundle (a collection of malicious programs distributed in the form of a single installation file, self-extracting archive or other file with installer-type functionality) recently caught our eye. Its main payload is the widespread RedLine stealer. Discovered in March 2020, RedLine is currently one of the most common Trojans used to steal passwords and credentials from browsers, FTP clients and desktop messengers. It is openly available on underground hacker forums for just a few hundred dollars, a relatively small price tag for malware.
·securelist.com·
RedLine spreads through ads for cheats and cracks on YouTube