Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver
On the first day of Pwn2Own Vancouver 2024, contestants demoed Windows 11, Tesla, and Ubuntu Linux zero-day vulnerabilities and exploit chains to win $732,500 and a Tesla Model 3 car.
cyberveille.decio.ch
Ivanti fixes critical Standalone Sentry bug reported by NATO
Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.
AceCryptor malware has surged in Europe, researchers say
Researchers at ESET say they spotted thousands of new infections with AceCryptor, which allows malware to slip into systems without being detected by anti-virus software.
Microsoft Copilot for Security: General Availability details
Microsoft Copilot for Security will be generally available on April 1st. Read this blog to learn about new productivity research, product capabilities,..
Loop DoS: New Denial-of-Service attack targets application-layer protocols
A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.
Cyberattaque contre France Travail : trois personnes mises en examen et incarcérées après le vol massif de données
Les suspects, âgés de 21, 22 et 23 ans, ont été arrêtés dimanche. L'attaque qu'ils sont soupçonnés d'avoir menée concerne potentiellement les données de 43 millions d'inscrits.
Top 5 Russian-Speaking Dark Web Forums
...Among these, russian-speaking dark web forums hold a unique position due to their extensive user base and the intricate of their operations.
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited in the wild. In this post we detail the steps we took to identify the patched vulnerability and produce a working exploit.
Tech Giant Linked to France’s Cybersecurity Tumbles in Value
The French government said it would seek “a national solution” to protect Atos, a debt-burdened company that serves nuclear programs and the military.
Misconfigured Firebase instances leaked 19 million plaintext passwords
Three cybersecurity researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.
CEO of Data Privacy Company Onerep.com Founded Dozens of People-Search Firms
The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and…
New Attack Techniques Bypassing ML Security
Threat actors are exercising new attack techniques to bypass machine learning security controls.
Finland, Germany, Ireland, Japan, Poland, South Korea added to US-led spyware agreement
The signees, which already included about a dozen other nations, agree to establish “robust guardrails and procedures" around spyware, while preventing the export of technology that will be used for malicious cyber activity.
Interesting Multi-Stage StopCrypt Ransomware Variant Propagating in the Wild
Overview The SonicWall Capture Labs threat research team recently observed an interesting variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing multi-stage shellcodes before launching a final payload that contains the file […]
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | Trend Micro (US)
Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.
Researchers spot updated version of malware that hit Viasat
Russian hackers have added new capabilities to the malware used to disable satellite modems at the outset of the invasion of Ukraine.
Cyberattaque contre Franz Carl Weber: données d'employés publiées sur le darknet (update)
Des cybercriminels ont attaqué le vendeur de jouets Franz Carl Weber.
IT helpdeskers increasingly targeted by cybercriminals
Wave of Okta attacks mark what researchers are calling the biggest security trend of the year
Elon Musk's SpaceX builds spy satellite network for U.S. intelligence
SpaceX’s dominance in the satellite internet market has given Musk enormous power in matters of war and geopolitics
What a Cluster: Local Volumes Vulnerability in Kubernetes
- Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2. The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster. This vulnerability can lead to full takeover on all Windows nodes in a cluster. This vulnerability can be exploited on default installations of Kubernetes (earlier than version 1.28.4), and was tested against both on-prem deployments and Azure Kubernetes Service. In this blog post, we provide a proof-of-concept YAML file as well as an Open Policy Agent (OPA) rule for blocking this vulnerability.
'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors
Like Spectre, the new exploit could give attackers a way to access sensitive information from system memory, and take other malicious actions.
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production," IBM X-Force said in a report published last week.
Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns
X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents covering several topics. Learn more about this continuing threat.
National Vulnerability Database: Opaque changes and unanswered questions
Anchore engineers are investigating why as of February 15, 2024, NIST has almost completely stopped updating NVD with analysis for CVE IDs.
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million. The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.
Why hackers are targeting young public school students
Districts store all kinds of sensitive student data, which means the consequences of a school cyberattack can follow pupils well into adulthood. And it's not just their credit that's at risk.
Loi sur l’IA
La loi sur l’IA est le tout premier cadre juridique en matière d’IA, qui traite des risques liés à l’IA et positionne l’Europe pour qu’elle joue un rôle de premier plan à l’échelle mondiale.
Linux Foundation Launches Tazama: A Revolutionary Open Source Solution for Real-Time Fraud Management
Tazama is the first open source platform for financial monitoring and fraud detection.
Microsoft publie son outil interne de test de sécu d'IA générative
PyRIT peut générer des milliers de messages malveillants pour tester un modèle d'IA générative, et même évaluer sa réponse.
France Travail : la CNIL enquête sur la fuite de données et donne des conseils pour se protéger
Quelles données personnelles sont concernées ? Le 8 mars, France Travail (anciennement Pôle emploi) et Cap emploi ont informé la CNIL avoir été victime d’une intrusion dans leurs systèmes d’information. Cette attaque aurait potentiellement permis l’extraction de données de 43 millions d’usagers. Ce nombre, à confirmer, concerne les personnes actuellement inscrites sur la liste des demandeurs d'emploi ou qui l’ont été au cours des 20 dernières années, ainsi que des personnes ayant un espace candidat sur francetravail.fr.