cyberveille.decio.ch

We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).

Apple has launched its recent major security updates to the whole world.

This is the second breach to hit Mailchimp in six months. It also appears to be almost identical to a previous incident.

The charges were part of an intensifying effort by federal law enforcement agencies, in conjunction with European partners, to combat international cryptocurrency schemes and illegal transactions.

The arrest comes as the U.S. ramps up efforts to crack down on attempts by cybercriminals to use cryptocurrency to evade sanctions.

Sophos took immediate steps to remediate CVE-2022-3236 – an unauthenticated and remote code execution vulnerability affecting the Sophos Firewall Webadmin and User Portal HTTP interfaces – with an automated hotfix sent out in September 2022. Through its advisory published on September 23, 2022, it also alerted users who don't receive automatic hotfixes to apply the update themselves. The advisory stated the vulnerability had previously been used against "a small set of specific organizations, primarily in the South Asia region." In December, Sophos released v19.5 GA GA with an official fix. Key Takeaways * As there are no public proof-of-concept exploits for CVE-2022-3236, we created our own to determine its potential for mass exploitation. * We scanned internet-facing Sophos Firewalls and found more than 4,000 firewalls that were too old to receive a hotfix. * We encourage Sophos Firewall administrators to look through their logs to determine if they see indications of exploit attempts. Two files to focus on include /logs/csc.log and /log/validationError.log. * Internet-facing firewalls appear to largely be eligible for hotfixes and the default authentication captcha likely prevented mass exploitation.

Samples of four malicious software downloaded and run on macOS 13.1. Could it detect and block them effectively? Or do you need 3rd party protection?

Stay ahead of the game with our review on macOS malware threats. Learn about the top techniques used by threat actors to deliver malware and how to build more resilient defenses.

Malicious Google Ad -- Fake Notepad++ Page -- Aurora Stealer malware

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

NFT influencer @NFT_GOD downloaded malware through Google Ads while attempting to download OBS, an open-source video streaming software.

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

Les clés USB font partie du paysage informatique depuis longtemps et sont utilisées pour stocker des données ou les transférer d'un ordinateur à un autre. De nombreuses personnes ignorent toutefois que ces clés peuvent également servir d'outil de piratage.

The FortiGuard Labs team discovered an attack embedded in three PyPI packages called ‘colorslib’, ‘httpslib’, and “libhttps”. Read our blog to learn more.

The Vice Society ransomware gang has claimed responsibility for the November 2022 cyberattack that forced the University of Duisburg-Essen (UDE) to reconstruct its IT infrastructure, a process that's still ongoing.