cyberveille.decio.ch

7898 bookmarks

Custom sorting

ICANN moves to retire Soviet-era .SU country domain name - Domain Name Wire

Domain system overseer plans to retire .su in 2030. ICANN has notified the operator of the legacy Soviet Union country code domain, .su, of its plans to retire the domain in five years, Domain Name Wire has learned. The .su namespace, which remains open for new registrations and currently has around 100,000 domain names, is […]

#domainnamewire #EN #2025 #TDL #.su #country #ICANN #2030 #Soviet-Union

·domainnamewire.com·Mar 14, 2025

ICANN moves to retire Soviet-era .SU country domain name - Domain Name Wire

Exclusive: Hackers claim cyber attack on Trump winery, golf courses

Threat actors have claimed a cyber attack on two businesses owned by US President Donald Trump, allegedly bringing down their websites.

#cyberdaily #EN #2025 #Trump #winery #golf #DieNet #DDoS

·cyberdaily.au·Mar 14, 2025

Exclusive: Hackers claim cyber attack on Trump winery, golf courses

NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption

The new algorithm will serve as a backup for the general encryption needed to protect data from quantum computers developed in the future

#NIST #EN #2025 #algorithm #Post-Quantum #Encryption

·nist.gov·Mar 14, 2025

NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption

ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims

Discover how the ClickFix social engineering attack exploits human psychology to bypass security. Learn how hackers use this tactic and how to protect against it.

#group-ib #EN #2025 #ClickFix #Social #Engineering #Manipulation #analysis

·group-ib.com·Mar 13, 2025

ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims

North Korean government hackers snuck spyware on Android app store | TechCrunch

Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy.

#techcrunch #EN #2025 #Lookout #North-Korea #KoSpy #spyware #Android

·techcrunch.com·Mar 12, 2025

North Korean government hackers snuck spyware on Android app store | TechCrunch

Lookout Discovers North Korean APT37 Mobile Spyware | Threat Intel

Lookout researchers have discovered a novel Android surveillance tool dubber KoSpy. It is attributed to APT 37 aka ScarCruft

#lookout #EN #2025 #APT37 #Mobile #Spyware #Android #KoSpy #ScarCruft

·lookout.com·Mar 12, 2025

Lookout Discovers North Korean APT37 Mobile Spyware | Threat Intel

Rapport menaces et incidents - CERT-FR

Dans cette quatrième édition du panorama de la menace, l’Agence nationale de la sécurité des systèmes d’information (ANSSI) revient sur les grandes tendances de la menace informatique ainsi que sur les éléments et incidents marquants dont elle a eu connaissance en 2024. Dans la continuité des années précédentes, l’ANSSI estime aujourd’hui que les attaquants liés à l’écosystème cybercriminel ou réputés liés à la Chine et la Russie constituent les trois principales menaces tant pour les systèmes d’information les plus critiques que pour l’écosystème national de manière systémique. L’année 2024 aura également été marquée par l’organisation des Jeux Olympiques et Paralympiques de Paris ainsi que par le nombre et l’impact des vulnérabilités affectant les équipements de sécurité situés en bordure de SI.

#CERT-FR #FR #2025 #Rapport #menaces #2024 #ANSSI #Paris

·cert.ssi.gouv.fr·Mar 12, 2025

Rapport menaces et incidents - CERT-FR

DOGE axes CISA ‘red team’ staffers amid ongoing federal cuts | TechCrunch

Affected staff say more than 100 employees working to protect U.S. government networks were ‘axed’ with no prior warning

#techcrunch #EN #2025 #DOGE #US #redteam #CISA #staffers

·techcrunch.com·Mar 12, 2025

DOGE axes CISA ‘red team’ staffers amid ongoing federal cuts | TechCrunch

Medusa Ransomware Activity Continues to Increase

Attacks using this ransomware have displayed consistent TTPs and grown steadily since 2023.

#security.com #EN #2025 #Symantec #ransomware #TTPs #Medusa #analysis

·security.com·Mar 12, 2025

Medusa Ransomware Activity Continues to Increase

GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577)

‍GreyNoise data confirms that exploitation of CVE-2024-4577 extends far beyond initial reports. Attack attempts have been observed across multiple regions, with notable spikes in the United States, Singapore, Japan, and other countries throughout January 2025.

#greynoise #EN #2025 #CVE-2024-4577 #PHP-CGI #Exploitation

·greynoise.io·Mar 12, 2025

GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577)

Google paid $12 million in bug bounties last year to security researchers

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024.

#bleepingcomputer #EN #2025 #Bug-Bounty #Bug-Bounty-Program #Google #Vulnerability-Rewards-Program

·bleepingcomputer.com·Mar 11, 2025

Google paid $12 million in bug bounties last year to security researchers

Swiss critical sector faces new 24-hour cyberattack reporting rule

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery.

#bleepingcomputer #EN #2025 #Cyber-Incident #Cybersecurity #Law #Legal #Switzerland

·bleepingcomputer.com·Mar 11, 2025

Swiss critical sector faces new 24-hour cyberattack reporting rule

ENQUETE. "TrackingFiles" : comment la vie privée de militaires, de diplomates et du personnel politique français est exposée par les données de géolocalisation

En collaboration avec "L'Œil du 20 heures", franceinfo a enquêté sur des données de géolocalisation de millions de téléphones en France, permettant d'identifier la vie privée de salariés de l'armée, de la DGSE, de lieux de pouvoir ou d'autres sites sensibles.

#francetvinfo #FR #2025 #TrackingFiles #privacy #enquête #géolocalisation #data-broker #France #militaires

·francetvinfo.fr·Mar 8, 2025

ENQUETE. "TrackingFiles" : comment la vie privée de militaires, de diplomates et du personnel politique français est exposée par les données de géolocalisation

Undocumented "backdoor" found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented

#bleepingcomputer #EN #2025 #Espressif #Backdoor #Bluetooth #Chips #ESP32 #Hardware #China

·bleepingcomputer.com·Mar 8, 2025

Undocumented "backdoor" found in Bluetooth chip used by a billion devices

DPRK IT Fraud Network Uses GitHub to Target Global Companies

DPRK IT workers exploit GitHub to pose as Asian developers, securing remote jobs to fund missile and nuclear programs.

#nisos.com #EN #2025 #DPRK #North-Korea #GitHub #developers #jobs #fake #Personas

·nisos.com·Mar 8, 2025

DPRK IT Fraud Network Uses GitHub to Target Global Companies

North Korean Fake IT Workers Leverage GitHub to Build Personas

Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US

#infosecurity-magazine #EN #2025 #GitHub #North-Korea #Personas

·infosecurity-magazine.com·Mar 8, 2025

North Korean Fake IT Workers Leverage GitHub to Build Personas

Data breach at Japanese telecom giant NTT hits 18,000 companies

Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.

#bleepingcomputer #EN #2025 #Customer-Data #Data-Breach #Japan #NTT

·bleepingcomputer.com·Mar 7, 2025

Data breach at Japanese telecom giant NTT hits 18,000 companies

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

While analyzing threats targeting WordPress frameworks, we found an attack where a single 3rd party JavaScript file was used to inject four separate backdoors into 1,000 compromised websites using cdn.csyndication[.]com/.

#c/side #EN #2025 #client-side #web #development #WordPress #backdoors #JavaScript #cdn.csyndication.com

·cside.dev·Mar 7, 2025

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

Silk Typhoon targeting IT supply chain

Silk Typhoon is a Chinese state actor focused on espionage campaigns targeting a wide range of industries in the US and throughout the world. In recent months, Silk Typhoon has shifted to performing IT supply chain attacks to gain access to targets. In this blog, we provide an overview of the threat actor along with insight into their recent activity as well as their longstanding tactics, techniques, and procedures (TTPs), including a persistent interest in the exploitation of zero-day vulnerabilities in various public-facing appliances and moving from on-premises to cloud environments.

#microsoft #EN #2025 #SilkTyphoon #China #supply-chain #APT27 #CVE-2025-0282

·microsoft.com·Mar 7, 2025

Silk Typhoon targeting IT supply chain

District of Columbia | Chinese Nationals with Ties to the PRC Government and “APT27” Charged in a Computer Hacking Campaign for Profit, Targeting Numerous U.S. Companies, Institutions, and Municipalities | United States Department of Justice

A federal judge in Washington, D.C., today, unsealed two separate indictments that allege Chinese nationals Yin Kecheng, 38, (尹可成) a/k/a “YKC” (“YIN”) and Zhou Shuai, 45, (周帅) a/k/a “Coldface” (“ZHOU”) violated various federal statutes by participating in years-long, sophisticated computer hacking conspiracies that successfully targeted a wide variety of U.S.-based victims

#justice.gov #EN #2025 #PRC #indictment #APT27 #hacking #US #China

·justice.gov·Mar 7, 2025

Blog: Zen and the Art of Microcode Hacking

This blog post covers the full details of EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.

#bughunters.google.com #EN #2025 #Zen #Hacking #AMD #microcode #signature #vulnerability

·bughunters.google.com·Mar 6, 2025

Blog: Zen and the Art of Microcode Hacking

Cisco warns of Webex for BroadWorks flaw exposing credentials

Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely.

#bleepingcomputer #EN #2025 #Credentials #Computer #Cisco #WebEx #Broadworks

·bleepingcomputer.com·Mar 4, 2025

Cisco warns of Webex for BroadWorks flaw exposing credentials

Havoc: SharePoint with Microsoft Graph API turns into FUD C2

ForitGuard Lab reveals a modified Havoc deployed by a ClickFix phishing campaign. The threat actor hides each stage behind SharePoint and also uses it as a C2.

#FortiGuard-Labs-Threat-Research #EN #2025 #C2-server #ClickFix #SharePoint #campaign

·fortinet.com·Mar 4, 2025

Havoc: SharePoint with Microsoft Graph API turns into FUD C2

New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran

A newly discovered global cyber threat is rapidly expanding, infecting tens of thousands of internet-connected devices to launch powerful cyberattacks.

#greynoise #EN #2025 #analysis #botnet #internet-connected #devices #to #Iran

·greynoise.io·Mar 3, 2025

New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran

Des cybercriminels s'en prennent à Cistec, fournisseur suisse de système clinique | ICTjournal

Cistec, fournisseur suisse de système d'information d'information clinique, d'une attaque par ransom

#ictjournal #FR #CH #2025 #Cistec #SIH #ransomware

·ictjournal.ch·Mar 3, 2025

Des cybercriminels s'en prennent à Cistec, fournisseur suisse de système clinique | ICTjournal

Guerre en Ukraine : trois années d’opérations informationnelles russes

Ce rapport présente sous la forme d’une synthèse les principaux modes opératoires informationnels observés depuis trois ans, dont la majeure partie est apparue en corollaire de la guerre d’agression menée par la Russie en Ukraine.

#sgdsn.gouv.fr #FR #2025 #rapport #opérations #informationnelles #Russie #Ukraine

·sgdsn.gouv.fr·Mar 3, 2025

Guerre en Ukraine : trois années d’opérations informationnelles russes

Doppelgänger: New disinformation campaigns spreading on social media through Russian networks

This report presents: The intrusion set commonly known as Doppelgänger continues to spread disinformation narratives on social medias such as X, through bot accounts specifically made for such campaigns. As for its previous campaigns, Doppelgänger pushes its anti-western narrative on pages spoofing the medias of the targeted countries, such as France, Germany, Italy, Ukraine, and Israel. The disinformation campaign aims to manipulate public opinion by exploiting sensitive issues and exacerbating social and geopolitical divisions. The linguistic characteristics of the articles suggest that some of them were translated from Russian or edited by Russian natives, reinforcing the hypothesis that they are of Russian origin. In order to bypass both manual and automatic moderation on social media platforms, Doppelgänger continues to leverage Kehr[.]io, a redirection provider advertised on Russian speaking underground forums. This service hosts its infrastructure on IPs announced by English companies managed by Ukrainian and Belarusian individuals that we could connect with a high level of confidence to bulletproof network hosting solutions. * The disinformation campaigns remain ongoing.

#intrinsec #EN #2025 #Doppelgänger #Russia #disifnormation #campaigns

·intrinsec.com·Mar 3, 2025

Doppelgänger: New disinformation campaigns spreading on social media through Russian networks

Astrill VPN: Silent Push Publicly Releases New IPs on VPN Service Heavily Used by North Korean Threat Actors

Silent Push reveals Astrill VPN is still being heavily used by NK Lazarus Group threat actors to hide their IP addresses during attacks

#silentpush #EN205 #Astrill #VPN #Lazarus #North-Korea

·silentpush.com·Mar 3, 2025

Astrill VPN: Silent Push Publicly Releases New IPs on VPN Service Heavily Used by North Korean Threat Actors

360XSS: Mass Website Exploitation via Virtual Tour Framework for SEO Poisoning

360XSS - Hackers are exploiting a reflected XSS vulnerability in the "Krpano" VR library across hundreds of websites for SEO poisoning.

#olegzay.com #EN #2025 #360XSS #reflected-XSS #VR #library #SEO-poisoning

·olegzay.com·Mar 3, 2025

360XSS: Mass Website Exploitation via Virtual Tour Framework for SEO Poisoning

Commission launches new cybersecurity blueprint to enhance EU cyber crisis coordination | Shaping Europe’s digital future

The Commission has presented a proposal to ensure an effective and efficient response to large-scale cyber incidents.

#digital-strategy.ec.europa.eu #EN #2025 #policy #blueprint #strategy #cybersecurity #incidents

·digital-strategy.ec.europa.eu·Mar 3, 2025

Commission launches new cybersecurity blueprint to enhance EU cyber crisis coordination | Shaping Europe’s digital future