cyberveille.decio.ch

FortiGuardLabs examines a botnet known as Zerobot written in the Go language targeting IoT vulnerabilities. Read our blog to learn about how it evolves, including self-replication, attacks for different protocols, and self-propagation as well as its behavior once inside an infected device.

Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year.

Auditionnée par le Parlement européen, la directrice du Centre national espagnol s’est contentée de rappeler le cadre juridique, selon les eurodéputés.

he maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.

Deux semaines après la cyberattaque dont a été victime son hébergeur Infopro, Winbiz n’a pas complètement rétabli l’accès à son logiciel cloud

Unit 42 researchers examine several malware samples that incorporate Cobalt Strike components, and discuss some of the ways that we catch these samples by analyzing artifacts from the deltas in process memory at key points of execution. We will also discuss the evasion tactics used by these threats, and other issues that make their analysis problematic.

Insikt Group® reports on the tactics, techniques, and procedures (TTPs) used by TAG-56 in their recent targeting of a DC-based think tank.

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment. 

The President of the Republic announced the sending of the 'first diplomatic telegram encrypted using post-quantum cryptography' to the French embassy in Washington. We explain its importance for the future of confidential communications.

As demand for malicious proxy services continues, new players have entered the market. Black Proxies is marketed to other cybercriminals for their reliability, scope, and overwhelming number of IP addresses.

In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently addressed as CVE-2022-21661 ( ZDI-22-020

The rising adoption of connected medical devices is accelerating cyberattacks, according to Capterra’s Medical IoT Survey.

Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read more on our blog.

Thousands of small to medium size businesses are suffering as Rackspace have suffered a security incident on their Hosted Exchange service. Yesterday, 2nd December 2022, Rackspace announced an outage to their Hosted Exchange Server:

Adoptée dans la foulée de son homologue genevoise, la loi sur l’information vaudoise a fêté ses 20 ans cette année. Si la plupart des demandes émanent de citoyens, le principe de transparence reste encore méconnu