cyberveille.decio.ch

7248 bookmarks

Custom sorting

OCC Notifies Congress of Incident Involving Email System

The Office of the Comptroller of the Currency (OCC) today notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. This finding is the result of internal and independent third-party reviews of OCC emails and email attachments that were subject to unauthorized access. On February 11, 2025, the OCC learned of unusual interactions between a system administrative account in its office automation environment and OCC user mailboxes. On February 12, the OCC confirmed the activity was unauthorized and immediately activated its incident response protocols which include initiating an independent third-party incident assessment and reporting the incident to the Cybersecurity and Infrastructure Security Agency. On February 12, the OCC disabled the compromised administrative accounts and confirmed that the unauthorized access had been terminated. The OCC provided public notice of the incident on February 26.

#occ.gov #EN #2025 #US #OCC #Currency #Email #System #mailboxes #hacked #release

·occ.gov·Apr 13, 2025

OCC Notifies Congress of Incident Involving Email System

1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative - SecurityWeek

Medical testing services provider Laboratory Services Cooperative (LSC) is notifying 1.6 million individuals that their personal information was stolen in an October 2024 data breach. As part of the cyberattack, which was identified on October 27, a threat actor accessed LSC’s network and accessed and exfiltrated certain files containing patient and employee information.

#securityweek #EN #2025 #Medical #Laboratory #Services #Cooperative #LSC #Data-Leak #health

·securityweek.com·Apr 13, 2025

1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative - SecurityWeek

Hackers breach Morocco's social security database in unprecedented cyberattack

The hackers who posted the documents on Telegram said the attack was in response to alleged Moroccan 'harassment' of Algeria on social media platforms, pledging additional cyberattacks if Algerian sites were targeted.

#euronews #EN #2025 #Algeria #Morocco #Western-Sahara #Telegram #Data-Leak #Social-Security-Number

·euronews.com·Apr 13, 2025

Hackers breach Morocco's social security database in unprecedented cyberattack

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S. officials that it carried out cyberattacks on U.S. infrastructure, linked to the Volt Typhoon campaign.

#securityaffairs #EN #2025 #Volt-Typhoon #China #US #admitted #WSJ #Geneva-Summit

·securityaffairs.com·Apr 13, 2025

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Germany suspects Russian cyber attack on research group

German intelligence services have said they are investigating a suspected Russian cyberattack against a Berlin-based research network.

#DW #EN #2025 #Germany #Russia #Cyberattack #DGO #APT29

·dw.com·Apr 11, 2025

Germany suspects Russian cyber attack on research group

Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment

Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment. Tensions between Algeria and Morocco are spilling over into the realm of cyber warfare. The Algerian hacker group JabaRoot DZ has claimed responsibility for an unprecedented series of intrusions into the computer systems of several

#yabiladi #EN #2025 #Algeria #Data-Leak #Morocco #CNSS #Ministry #JabaRootDZ

·en.yabiladi.com·Apr 11, 2025

Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment

The Rise of Slopsquatting: How AI Hallucinations Are Fueling a New Class of Supply Chain Attacks

Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize.

#Slopsquatting #EN #2025 #Supply-Chain-Attack

·socket.dev·Apr 11, 2025

The Rise of Slopsquatting: How AI Hallucinations Are Fueling a New Class of Supply Chain Attacks

OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters

Company didn’t notice its chatbot was being abused for (at least) 4 months.

#arstechnica #EN #2025 #OpenAI #chatbot #spammers #Akirabot

·arstechnica.com·Apr 11, 2025

OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale

AkiraBot uses OpenAI to generate custom outreach messages to spam chat widgets and website contact forms at scale.

#SentinelOne #EN #2025 #AI-Powered #Bot #Bypasses #CAPTCHA #AkiraBot #Spam #SEO

·sentinelone.com·Apr 11, 2025

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale

Police detains Smokeloader malware customers, seizes servers

In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet's customers and detained at least five individuals.

#bleepingcomputer #EN #2025Botnet #Europol #Operation-Endgame #Smokeloader

·bleepingcomputer.com·Apr 10, 2025

Police detains Smokeloader malware customers, seizes servers

CVE-2025-22457

On April 3, 2025, Ivanti published an advisory for CVE-2025-22457, an unauthenticated remote code execution vulnerability due to a stack based buffer overflow.…

#attackerkb #EN #2025 #CVE-2025-22457 #RCE #Ivanti

·attackerkb.com·Apr 10, 2025

CVE-2025-22457

Popular French retailers confirm hackers stole customer data

Targets of the cyberattacks include electronics and home appliances store Boulanger and the retailer Cultura.

#therecord.media #EN #2025 #Data-Leak #Boulanger #France

·therecord.media·Apr 10, 2025

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the internal operations of Black Basta.

#trustwave #EN #2025 #BlackBasta #leak #analysis

·trustwave.com·Apr 9, 2025

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

A miner and the ClipBanker Trojan being distributed via SourceForge | Securelist

Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques.

#securelist #EN #2025 #officepackage #ClipBanker #Cryptocurrencies #Malware #Malware-Descriptions #Malware-Technologies #Microsoft-Office #Miner #Piracy #SourceForge #Trojan

·securelist.com·Apr 9, 2025

A miner and the ClipBanker Trojan being distributed via SourceForge | Securelist

NCSC issues warning over Chinese Moonshine and BadBazaar spyware

Two spyware variants – Moonshine and BadBazaar – are being used to target the mobile devices of persons of interest to Chinese intelligence, including individuals in the Taiwanese, Tibetan and Uyghur communities.

#computerweekly #EN #UK #2025 #NCSC #spyware #warning #Moonshine #BadBazaar #Skype #WhatsApp

·computerweekly.com·Apr 9, 2025

NCSC issues warning over Chinese Moonshine and BadBazaar spyware

Don't open that file in WhatsApp for Windows just yet

A bug in WhatsApp for Windows can be exploited to execute malicious code by anyone crafty enough to persuade a user to open a rigged attachment - and, to be fair, it doesn't take much craft to pull that off. The spoofing flaw, tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6, and stems from a bug in how the app handles file attachments.

#theregister #EN #2025 #WhatsApp #Windows #CVE-2025-30401 #client

·theregister.com·Apr 9, 2025

Don't open that file in WhatsApp for Windows just yet

SMS Pumping: How Criminals Turn Your Messaging Service into Their Cash Machine

A fraudster develops or uses an automated bot or low-skilled workforce to trigger actions such as fake account creation, OTP requests, or password resets. These bots or human bots mimic real user activity, often bypassing security measures through direct API calls. These actions trigger SMS messages, which are sent to phone numbers controlled by the fraudster, creating inflated traffic. The fraudster collaborates with a “rogue party,” often a corrupt telecom provider or intermediary with access to SMS routing infrastructure. The rogue party intercepts the inflated SMS traffic, typically avoiding message delivery to reduce costs. Instead, they route the traffic to numbers they control. The rogue party earns revenue by collecting funds from the inflated SMS traffic, benefiting from volume-based pricing or other arrangements.

#group-ib #EN #2025 #SMS #Pumping #Messaging #SMS-pumping

·group-ib.com·Apr 9, 2025

SMS Pumping: How Criminals Turn Your Messaging Service into Their Cash Machine

Anatomy of an LLM RCE

As large language models (LLMs) become more advanced and are granted additional capabilities by developers, security risks increase dramatically. Manipulated LLMs are no longer just a risk of...

#cyberark #EN #2025 #LLM #RCE #analysis #AI

·cyberark.com·Apr 9, 2025

Anatomy of an LLM RCE

EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research.

#bleepingcomputer #EN #2025 #Cybercrime #EncryptHub #Hacker #Microsoft #Threat-Actor #White-Hat-Hacker #Zero-Day

·bleepingcomputer.com·Apr 8, 2025

EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher

La Suisse signe la Convention du Conseil de l’Europe sur l’intelligence artificielle

Le conseiller fédéral Albert Rösti signera aujourd’hui à Strasbourg la Convention-cadre du Conseil de l’Europe sur l’intelligence artificielle. Par cet acte, la Suisse rejoint les États signataires d’un premier instrument juridiquement contraignant au niveau international visant à encadrer le développement et l’utilisation de l’IA dans le respect des droits fondamentaux

#swissprivacy.law #FR #CH #2025 #Convention #Conseil #Europe #IA #intelligence #artificielle #Suisse #acte

·swissprivacy.law·Apr 8, 2025

La Suisse signe la Convention du Conseil de l’Europe sur l’intelligence artificielle

Russia arrests CEO of tech company linked to Doppelgänger disinformation campaign

Two other employees at the St. Petersburg-based hosting provider Azea Group were arrested. The company has alleged links to state-sponsored disinformation campaigns and cybercriminal infrastructure.

#therecord.media #EN #2025 #Doppelgänger #Azea #Russia #arrested

·therecord.media·Apr 7, 2025

Russia arrests CEO of tech company linked to Doppelgänger disinformation campaign

Carding tool abusing WooCommerce API downloaded 34K times on PyPI

A newly discovered malicious PyPi package named 'disgrasya' that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source package platform.

#bleepingcomputer #EN #2025 #Carding #Credit-Card #Packages #PyPI #Python #WooCommerce

·bleepingcomputer.com·Apr 7, 2025

Carding tool abusing WooCommerce API downloaded 34K times on PyPI

Someone hacked ransomware gang Everest’s leak site

"Don't do crime," the ransomware gang's dark web leak site reads.

#techcrunch #EN #2025 #hacked #ransomware #Everest #leak-site

·techcrunch.com·Apr 7, 2025

Someone hacked ransomware gang Everest’s leak site

British Army and Royal Navy hit by cyberattacks from pro-Russian and pro-Palestinian hackers | The Standard

The group, known as the Holy League, is said to be made up of around 90 hacktivist collectives united by opposition to Western liberal values

#standard #EN #2025 #Russian #Cyberattack #Ukraine #British #GCHQ #cyberattacks #Holy-League

·standard.co.uk·Apr 7, 2025

British Army and Royal Navy hit by cyberattacks from pro-Russian and pro-Palestinian hackers | The Standard

Conseil fédéral: des données privées exposées en ligne

Des informations confidentielles concernant des membres du Conseil fédéral suisse et de hauts responsables de la sécurité sont accessibles au public.

#20min #FR #CH #Suisse #Conseil #fédéral #informations #confidentielles

·20min.ch·Apr 7, 2025

Conseil fédéral: des données privées exposées en ligne

IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX

We share actionable mitigation and detection strategies against IngressNightmare so you can protect against possible exploitation in runtime.

#sentinelone #EN #2025 #IngressNightmare #ritical #Unauthenticated #RCE #Kubernetes #Vulnerabilities

·sentinelone.com·Apr 7, 2025

IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX

Google Online Security Blog: Google announces Sec-Gemini v1, a new experimental cybersecurity model

Today, we’re announcing Sec-Gemini v1, a new experimental AI model focused on advancing cybersecurity AI frontiers. As outlined a year ago, defenders face the daunting task of securing against all cyber threats, while attackers need to successfully find and exploit only a single vulnerability. This fundamental asymmetry has made securing systems extremely difficult, time consuming and error prone. AI-powered cybersecurity workflows have the potential to help shift the balance back to the defenders by force multiplying cybersecurity professionals like never before.

#security.googleblog #EN #2025 #Sec-Gemini #IA #announce #experimental #cybersecurity #model

·security.googleblog.com·Apr 7, 2025

Google Online Security Blog: Google announces Sec-Gemini v1, a new experimental cybersecurity model

One Time Pwnage: SEAL Releases Advisory On SLOVENLY COMET

A new threat actor is exploiting privileged access in the SMS supply chain to intercept OTP codes and other messages.

#securityalliance #EN #2025 #SMS #supply-chain #Argentina #OTP #SLOVENLY-COMET

·securityalliance.org·Apr 7, 2025

One Time Pwnage: SEAL Releases Advisory On SLOVENLY COMET

Europcar GitLab breach exposes data of up to 200,000 customers

A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users. #Android #Breach #Code #Computer #Data #Europcar #GitLab #InfoSec #Security #Source #iOS

#Android #Code #Europcar #GitLab #Data #Security #iOS #Breach #Computer #Source #InfoSec

·bleepingcomputer.com·Apr 7, 2025

Europcar GitLab breach exposes data of up to 200,000 customers

Someone is trying to recruit security researchers in bizarre hacking campaign  | TechCrunch

Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month? Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what looks like a series of fake accounts with avatars displaying photos of attractive women and sliding into the direct messages of several cybersecurity professionals and researchers on X in the last couple of weeks.

#techcrunch #EN #2025 #recruit #security #researchers #bizarre #job #offer #cybersecurity #fake #professionals

·techcrunch.com·Apr 6, 2025

Someone is trying to recruit security researchers in bizarre hacking campaign  | TechCrunch