Search cyberveille.decio.ch

Found 4945 bookmarks

Custom sorting

TCG TPM2.0 implementations vulnerable to memory corruption

Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and trigger these vulnerabilities. This allows either read-only access to sensitive data or overwriting of normally protected data that is only available to the TPM (e.g., cryptographic keys).

#cert.org #2023 #EN #TPM #TPM2.0 #TCG #memory #buffer #Buffer-Overflow

·kb.cert.org·Mar 1, 2023

TCG TPM2.0 implementations vulnerable to memory corruption

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

A cryptominer that uses the Invisible Internet protocol, Honkbox variants could still be evading some detection solutions.

#SentinelOne #EN #2023 #cryptominer #Honkbox #macos #analysis

·sentinelone.com·Mar 1, 2023

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

Lumma Stealer sellers use the name “LummaC” on an underground forum called XSS, which is based in Russia. The seller has been actively promoting the malware since April 2022. In August of that year…

#s2wblog #EN #2023 #LummaC #Stealer #analysis

·medium.com·Mar 1, 2023

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

U.S. Marshals Service hack compromises sensitive info

The U.S. Marshals Service suffered a security breach, with sensitive data taken from one of its systems just over a week ago.

#nbcnews #2023 #EN #US #Marshals #breach #ransomware

·nbcnews.com·Feb 28, 2023

U.S. Marshals Service hack compromises sensitive info

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

#krebsonsecurity #EN #2023 #T-Mobile #Hackers #Claim

·krebsonsecurity.com·Feb 28, 2023

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Russia’s further invasion of Ukraine in February 2022 was a watershed moment, and unique in that a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country. Leaders will draw lessons from this conflict for years, but one is already clear: the ability to deliver cyber defense assistance must be a key national security capability.

#aspeninstitute #EN #2023 #Ukraine #russia-ukraine-war #CyberDefense #assistance

·aspeninstitute.org·Feb 28, 2023

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Danish parliament urges to remove TikTok over cybersecurity

COPENHAGEN, Denmark (AP) — The Danish parliament on Tuesday urged lawmakers and employees with the 179-member assembly against having TikTok on work phones as a cybersecurity measure, saying “there is a risk of espionage.”

#apnews #EN #2023 #Denmark #tiktok #ban

·apnews.com·Feb 28, 2023

Danish parliament urges to remove TikTok over cybersecurity

LastPass breach update: The few additional bits of information

LastPass breach was aided by lax security policy, allowing accessing critical data from a home computer. Also, companies implementing federated login are also affected by the breach, despite LastPass originally denying it.

#palant.info #EN #2023 #breach #LastPass

·palant.info·Feb 28, 2023

LastPass breach update: The few additional bits of information

Canada bans TikTok on government devices

#bbc #en #2023 #tiktok #ban #canada

·bbc.com·Feb 28, 2023

Canada bans TikTok on government devices

Man stole nearly $18K in electricity in crypto mining operation

Nadeam Nahas, 39, of Norwell, MA is facing charges of allegedly running a secret cryptocurrency mining operation out of a crawlspace at a middle school.

#dailymail #EN #2023 #Massachusetts #school #cryptocurrency #cryptomining #stealing #electricity

·dailymail.co.uk·Feb 27, 2023

Man stole nearly $18K in electricity in crypto mining operation

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

Jamf Threat Labs has spotted a family of Mac malware, XMRig, that spreads through pirated versions of Final Cut Pro, Photoshop and Logic Pro X.

#computerworld #EN #2023 #apple #macos #jamf #XMRig #malware #pirated #FinalCutPro

·computerworld.com·Feb 27, 2023

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

PureCrypter targets government entities through Discord - Blog | Menlo Security

Menlo Labs has uncovered an unknown threat actor leveraging an evasive threat campaign distributed via Discord featuring the PureCrypter downloader and targeting government entities.

#menlosecurity #EN #2023 #PureCrypter #government #Discord #downloader #analysis

·menlosecurity.com·Feb 27, 2023

PureCrypter targets government entities through Discord - Blog | Menlo Security

Stanford University discloses data breach affecting PhD applicants

Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023.

#bleepingcomputer #EN #2023 #Data-Breach #Stanford #University #breach

·bleepingcomputer.com·Feb 27, 2023

Stanford University discloses data breach affecting PhD applicants

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966

Numerous threat actors were detected abusing a critical CVE-2022-47966 RCE vulnerability affecting products from ManageEngine. Read our advisory.

#bitdefender #EN #2023 #CVE-2022-47966 #RCE #vulnerability #ManageEngine #advisory

·businessinsights.bitdefender.com·Feb 27, 2023

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966

TA569: SocGholish and Beyond

TA569 leverages many types of injections, traffic distribution systems (TDS), and payloads including, but not limited to, SocGholish. * In addition to serving as an initial access broker, these additional injects imply TA569 may be running a pay-per-install (PPI) service * TA569 may remove injections from compromised websites only to later re-add them to the same websites. * There are multiple opportunities for defense against TA569: educating users about the activity, using Proofpoint’s Emerging Threats ruleset to block the payload domains, and blocking .js files from executing in anything but a text editor.

#proofpoint #EN #2023 #SocGholish #threat-insight #TA569 #analysis

·proofpoint.com·Feb 27, 2023

TA569: SocGholish and Beyond

EXFILTRATOR-22 - An Emerging Post-Exploitation Framework

Executive Summary The CYFIRMA Research team has provided a preliminary analysis of a new post- exploitation framework called EXFILTRATOR-22 a.k.a....

#cyfirma #EN #2023 #EXFILTRATOR-22 #analysis #post-exploitation #framework

·cyfirma.com·Feb 27, 2023

EXFILTRATOR-22 - An Emerging Post-Exploitation Framework

OneNote Embedded file abuse

In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns. I first observed this OneNote abuse in the media via Didier’s post. This was later also mentioned in Xavier’s ISC diary and on the podcast. Later, in the beginning of February, the hacker news covered this as well.

#nviso #EN #2023 #OneNote #abuse #technical #report

·blog.nviso.eu·Feb 27, 2023

OneNote Embedded file abuse

When Low-Tech Hacks Cause High-Impact Breaches

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's…

#krebsonsecurity #EN #2023 #GoDaddy #Hacks #intruders #employee #malware

·krebsonsecurity.com·Feb 27, 2023

When Low-Tech Hacks Cause High-Impact Breaches

Suspect in major data theft case linked to Dutch-subsidized cybersecurity org

One of three hackers recently arrested for large-scale data theft was active for cyber security organization DIVD, sources told NOS. DIVD is a government-subsidized association of Dutch security experts that researches unsafe computer systems.

#nltimes #EN #2023 #DIVD #arrsted #hackers #Dutch #NL

·nltimes.nl·Feb 26, 2023

Suspect in major data theft case linked to Dutch-subsidized cybersecurity org

Dole Experiences Cybersecurity Incident

Charlotte, NC – February 22, 2023– Dole plc (DOLE:NYSE) announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.

#dole #2023 #En #incident #Security-Incident #ransomware

·dole.com·Feb 25, 2023

Dole Experiences Cybersecurity Incident

A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus

The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.

#cyberscoop #EN #2023 #russia-ukraine-war #cyber-effort #unprecedented #Ukraine #cyberwar

·cyberscoop.com·Feb 25, 2023

A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus

Beware of macOS cryptojacking malware.

You may have heard about the cryptojacking malware on macOS. Read about a new one spotted by Jamf Threat Labs.

#jamf #EN #2023 #macOS #cryptojacking #malware

·jamf.com·Feb 24, 2023

Beware of macOS cryptojacking malware.

Valve bans 40,000 Dota 2 cheaters through ‘honeypot’ patch

Valve fixed an exploit cheaters were used, and used that patch to catch them in the act. More than 40,000 people were banned for using the third-party cheat.

#polygon #2023 #EN #Valve #cheaters #Dota #anticheat

·polygon.com·Feb 24, 2023

Valve bans 40,000 Dota 2 cheaters through ‘honeypot’ patch

"Fobo" Trojan distributed as ChatGPT client for Windows

Attackers are distributing malware disguised as a ChatGPT desktop client for Windows offering “precreated accounts”

#kaspersky #EN #2023 #threats #ChatGPT #artificial-intelligence #AI #fraud #scam #OpenAI #chatbot #Trojan-stealer #TrojanPSW

·kaspersky.com·Feb 23, 2023

"Fobo" Trojan distributed as ChatGPT client for Windows

The Growing Threat of ChatGPT-Based Phishing Attacks

Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.

#Cyble #2023 #EN #ChatGPT #ChatGPT-Based #Phishing #Attacks

·blog.cyble.com·Feb 23, 2023

The Growing Threat of ChatGPT-Based Phishing Attacks

Google Delivers Record-Breaking $12M in Bug Bounties

Google's Android and Chrome Vulnerability Reward Programs (VRPs) in particular saw hundreds of valid reports and payouts for security vulnerabilities discovered by ethical hackers.

#darkreading #2023 #EN #BugBounties #Google #Record-Breaking #Bounties

·darkreading.com·Feb 22, 2023

Google Delivers Record-Breaking $12M in Bug Bounties

Activision's Data Breach Contains Employee Information, Call of Duty and More, Report

Insider Gaming has been able to obtain the entirety of the gaming giant Activision’s data breach initially reported by vx-underground and confirmed the data contains plans for Modern Warfare 2’s upcoming DLCs, Call of Duty 2023 (Codenamed Jupiter) and Call of Duty 2024 (Codenamed Cerberus), as well as sensitive employee information.

#metacurity #EN #2023 #Activision #breach #DataBreach #Report

·metacurity.substack.com·Feb 22, 2023

Activision's Data Breach Contains Employee Information, Call of Duty and More, Report

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user. (advisory https://www.fortiguard.com/psirt?date=02-2023)

#horizon3 #EN #2023 #PoC #Fortinet #FortiNAC #CVE-2022-39952 #Deep-Dive #IoCs

·horizon3.ai·Feb 22, 2023

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs

Sensitive US military emails spill online

A security researcher told TechCrunch that a government server was exposing military emails to the internet because no password was set.

#techcrunch #EN #2023 #US #military #data-breaches #national-security #u.s.-military #leak

·techcrunch.com·Feb 21, 2023

Sensitive US military emails spill online

Cyber Attacks on Data Center Organizations

Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. The initial early-warning threat notification about this activity was sent around September 2021 with further updates during 2022 and January, 2023. Recent cyber-attacks on cloud service providers (CSPs) and managed services providers (MSPs) saw bad actors attempt to leverage a weakness in their cybersecurity supply chain with the goal of stealing sensitive data from their target enterprises and government organizations. Data centers are meaningful targets for attackers and an important element of the enterprise supply chain.

#resecurity #2023 #EN #datacenters #attacks #leak #breached

·resecurity.com·Feb 21, 2023

Cyber Attacks on Data Center Organizations