How a fake job offer took down the world’s most popular crypto game
An engineer’s interest in joining what turned out to be a fictitious company led to March’s $540 million Axie Infinity hack.
cyberveille.decio.ch
How a fake job offer took down the world’s most popular crypto game
An engineer’s interest in joining what turned out to be a fictitious company led to March’s $540 million Axie Infinity hack.
How a fake job offer took down the world’s most popular crypto game
An engineer’s interest in joining what turned out to be a fictitious company led to March’s $540 million Axie Infinity hack.
Why the Equation Group (EQGRP) is NOT the NSA | xorl %eax, %eax
I had covered this topic in my 2021 talk “In nation-state actor’s shoes” but after my recent blog post I saw again people referring to the EQGRP as the NSA which is not entirely c…
Why the Equation Group (EQGRP) is NOT the NSA | xorl %eax, %eax
I had covered this topic in my 2021 talk “In nation-state actor’s shoes” but after my recent blog post I saw again people referring to the EQGRP as the NSA which is not entirely c…
Why the Equation Group (EQGRP) is NOT the NSA | xorl %eax, %eax
I had covered this topic in my 2021 talk “In nation-state actor’s shoes” but after my recent blog post I saw again people referring to the EQGRP as the NSA which is not entirely c…
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine
Mykhailo Fedorov, de l’ombre à la cyberguerre
A Lugano, le plus jeune ministre de Volodymyr Zelensky a révélé une nouvelle facette de l’Ukraine aux yeux du monde: celle d’un pays digital qui se bat contre l’invasion russe grâce à une e-armée, aussi
Mykhailo Fedorov, de l’ombre à la cyberguerre
A Lugano, le plus jeune ministre de Volodymyr Zelensky a révélé une nouvelle facette de l’Ukraine aux yeux du monde: celle d’un pays digital qui se bat contre l’invasion russe grâce à une e-armée, aussi
Mykhailo Fedorov, de l’ombre à la cyberguerre
A Lugano, le plus jeune ministre de Volodymyr Zelensky a révélé une nouvelle facette de l’Ukraine aux yeux du monde: celle d’un pays digital qui se bat contre l’invasion russe grâce à une e-armée, aussi
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
Unit 42 continuously hunts for new and unique malware samples that match known advanced persistent threat (APT) patterns and tactics. On May 19, one such sample was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
Unit 42 continuously hunts for new and unique malware samples that match known advanced persistent threat (APT) patterns and tactics. On May 19, one such sample was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
Unit 42 continuously hunts for new and unique malware samples that match known advanced persistent threat (APT) patterns and tactics. On May 19, one such sample was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.
Heap memory corruption with RSA private key operation (CVE-2022-2274)
Severity: High The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation.
Heap memory corruption with RSA private key operation (CVE-2022-2274)
Severity: High The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation.
Heap memory corruption with RSA private key operation (CVE-2022-2274)
Severity: High The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation.
Iranian hackers leak info of over 300,000 Israelis from tourism sites
Iranian hacker group Sharp Boys obtained personal data from over 20 Israeli tourism sites.
Iranian hackers leak info of over 300,000 Israelis from tourism sites
Iranian hacker group Sharp Boys obtained personal data from over 20 Israeli tourism sites.
Iranian hackers leak info of over 300,000 Israelis from tourism sites
Iranian hacker group Sharp Boys obtained personal data from over 20 Israeli tourism sites.
Dutch university wins big after Bitcoin ransom returned
Maastricht University has doubled its money thanks to a ransomware attack three years ago. The university plans to help struggling students with its new funds.
Dutch university wins big after Bitcoin ransom returned
Maastricht University has doubled its money thanks to a ransomware attack three years ago. The university plans to help struggling students with its new funds.
Dutch university wins big after Bitcoin ransom returned
Maastricht University has doubled its money thanks to a ransomware attack three years ago. The university plans to help struggling students with its new funds.
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze's CoreTrust and DriverKit bugs
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze's CoreTrust and DriverKit bugs
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze's CoreTrust and DriverKit bugs
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.