cyberveille.decio.ch

5334 bookmarks

Custom sorting

Les arnaques aux QR codes se multiplient depuis quelques mois

Les QR codes sont devenus d'incontournables moyens de paiement en Suisse. Très pratiques, ils sont néanmoins faillibles et les arnaques fleurissent, en particulier en matière de parkings. La prudence est de mise.

#rts #FR #2023 #QRCode #Suisse #arnaque

·rts.ch·Dec 28, 2023

Les arnaques aux QR codes se multiplient depuis quelques mois

This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy

Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.

#wired #EN #2023 #ios #apple #cryptography #privacy #AirTag

·wired.com·Dec 28, 2023

This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy

Operation Triangulation: The last (hardware) mystery

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.

#securelist #EN #2023 #Apple #Malware #Reverse-engineering #Targeted-attacks #Triangulation #0-days #iPhone

·securelist.com·Dec 27, 2023

Operation Triangulation: The last (hardware) mystery

The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work

Millions of articles from The New York Times were used to train chatbots that now compete with it, the lawsuit said.

#nytimes #EN #2023 #chatgpt #legal #sued #openai #Mcrosoft #Copyright #chatbots

·nytimes.com·Dec 27, 2023

The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work

The Disturbing Impact of the Cyberattack at the British Library

The library has been incapacitated since October, and the effects have spread beyond researchers and book lovers.

#newyorker #EN #2023 #British #Library #uk #impact

·newyorker.com·Dec 26, 2023

The Disturbing Impact of the Cyberattack at the British Library

GTA 5 source code reportedly leaked online a year after RockStar hack

The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data.

#bleepingcomputer #EN #2023 #Cyberattack #Grand-Theft-Auto-V #GTA-5 #GTA-6 #Lapsus$#Rockstar-Games #Source-Code #leak

·bleepingcomputer.com·Dec 25, 2023

GTA 5 source code reportedly leaked online a year after RockStar hack

Ubisoft says it's investigating reports of a new security breach

Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online. Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora. Ubisoft told BleepingComputer that they are investigating an alleged data security incident after security research collective VX-Underground shared screenshots of what appears to be the company's internal services.

#bleepingcomputer #EN #2023 #ubisoft #incident #Screenshots #vx-underground

·bleepingcomputer.com·Dec 25, 2023

Ubisoft says it's investigating reports of a new security breach

Personal Information Exploit on OpenAI’s ChatGPT Raise Privacy Concerns

Last month, I received an alarming email from someone I did not know: Rui Zhu, a Ph.D. candidate at Indiana University Bloomington. Mr. Zhu had my email address, he explained, because GPT-3.5 Turbo, one of the latest and most robust large language models (L.L.M.) from OpenAI, had delivered it to him.

#nytimes #en #2023 #exploit #LLM #AI #privacy #chatgpt

·nytimes.com·Dec 24, 2023

Personal Information Exploit on OpenAI’s ChatGPT Raise Privacy Concerns

Cyberattaque contre l’Iran : qui sont ces mystérieux hackers qui perturbent le pays ?

Une cyberattaque d’ampleur a paralysé des dizaines de milliers de stations services en Iran. Derrière l’attaque, de nombreuses hypothèses circulent sur l’origine de ces pirates.

#numerama #FR #2023 #cyberattaque #Iran #Predatory-Sparrow

·numerama.com·Dec 24, 2023

Cyberattaque contre l’Iran : qui sont ces mystérieux hackers qui perturbent le pays ?

Google Search Overwhelmed By Massive Spam Attack

Google is apparently struggling to contain a spam attack that's been ongoing for days. Google’s search results have been hit by a spam attack for the past few days in what can only be described as completely out of control. Many domains are ranking for hundreds of thousands of keywords each, an indication that the scale of this attack could easily reach into the millions of keyword phrases.

#searchenginejournal #EN #2023 #spam #attack #search #results #keywords #algorithm

·searchenginejournal.com·Dec 23, 2023

Google Search Overwhelmed By Massive Spam Attack

Crypto drainer steals $59 million from 63k people in Twitter ad push

Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.

#bleepingcomputer #EN #2023 #CryptoCurrency #Drainer #Financial-Theft #Google-Ads #Malvertising #MS-Drainer #Phishing #Twitter

·bleepingcomputer.com·Dec 23, 2023

Crypto drainer steals $59 million from 63k people in Twitter ad push

The ticking time bomb of Microsoft Exchange Server 2013

I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied.

#doublepulsar #EN #2023 #analysis #ransomware #Microsoft-Exchange #Exchange-Server2013 #risk

·medium.com·Dec 23, 2023

The ticking time bomb of Microsoft Exchange Server 2013

Inmate, Staff Information Stolen in Rhode Island Prison Data Breach

he Donald W. Wyatt Detention Facility says the data of 2,000 inmates, staff, and vendors was stolen in a cyberattack.

#securityweek #EN #2023 #Data-Breach #Detention #Facility #US #Inmate #Staff #Rhode-Island #Prison

·securityweek.com·Dec 23, 2023

Inmate, Staff Information Stolen in Rhode Island Prison Data Breach

Android Banking Trojan Chameleon can now bypass any Biometric Authentication

ThreatFabric discovers a new variant of the Chameleon banking trojan distributed via Zombinder with features to bypass any biometric authentication.

#threatfabric #EN #2023 #Android #Banking #Trojan #Chameleon #analysis

·threatfabric.com·Dec 22, 2023

Android Banking Trojan Chameleon can now bypass any Biometric Authentication

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...

#proofpoint #EN #2023 #BattleRoyal #DarkGate #RAT #fake #fake-updates #RogueRaticate

·proofpoint.com·Dec 22, 2023

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.

#thehackernews #EN #2023 #Kingdom-Market #down #law #enforcement #darkweb #police #operation

·thehackernews.com·Dec 22, 2023

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla

#thehackernews #EN #2023 #malware #Agent-Tesla #CVE-2017-11882 #phishing #email #MSExcel #Excel #vulnerability

·thehackernews.com·Dec 21, 2023

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa

MuddyC2Go framework and custom keylogger used in attack campaign. Iranian espionage group Seedworm (aka Muddywater) has been targeting organizations operating in the telecommunications sector in Egypt, Sudan, and Tanzania. Seedworm has been active since at least 2017, and has targeted organizations in many countries, though it is most strongly associated with attacks on organizations in the Middle East. It has been publicly stated that Seedworm is a cyberespionage group that is believed to be a subordinate part of Iran’s Ministry of Intelligence and Security (MOIS).

#symantec-enterprise-blogs #EN #2023 #Seedworm #Irtan #APT #Muddywater #MuddyC2Go #framework #keylogger

·symantec-enterprise-blogs.security.com·Dec 21, 2023

Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa

Russian Water Utility Cyberattack Impacts 6000 Systems

At least 6000 computer systems have been impacted by the Ukrainian Blackjack-led Russian water utility cyberattack.

#thecyberexpress #EN #2023 #Russia-Ukraine-war #cyberattack #water #Critical-infrastructure #Ukraine #Blackjack

·thecyberexpress.com·Dec 21, 2023

Russian Water Utility Cyberattack Impacts 6000 Systems

Lapsus$: GTA 6 hacker handed indefinite hospital order

Judge says hacker remains a high risk through his skills and motivation to carry out cyber crime.

#bbc #EN #2023 #Lapsus$#sentenced #autism

·bbc.com·Dec 21, 2023

Lapsus$: GTA 6 hacker handed indefinite hospital order

USD 300 million seized and 3,500 suspects arrested in international financial crime operation

Operation HAECHI IV emphasizes the key role of INTERPOL in enabling police worldwide to address the growing complexity of cyber-enabled scams

#interpol #EN #2023 #Financial-Crime #Cybercrime #Organized-Crime #HAECHI #HAECHI-IV #scams #police #operation #arrested

·interpol.int·Dec 21, 2023

USD 300 million seized and 3,500 suspects arrested in international financial crime operation

Healthcare software provider data breach impacts 2.7 million

ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack.

#bleepingcomputer #EN #2023 #Data-Breach #ESO-Solutions #Healthcare #Hospital #Ransomware

·bleepingcomputer.com·Dec 21, 2023

Healthcare software provider data breach impacts 2.7 million

SSH protects the world’s most sensitive networks. It just got a lot weaker

Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels.

#arstechnica #EN #2023 #Terrapin #SSH #downgrade #attack

·arstechnica.com·Dec 20, 2023

SSH protects the world’s most sensitive networks. It just got a lot weaker

Snikt! Rhysida dumps more than a terabyte of Insomniac Games’ internal data

The Rhysida ransomware gang publishes 98 per cent of leaked data minutes after the ransom deadline passes – Wolverine game files included.

#cyberdaily #EN #2023 #Rhysida #ransomware #Insomniac #Games #data-breach

·cyberdaily.au·Dec 20, 2023

Snikt! Rhysida dumps more than a terabyte of Insomniac Games’ internal data

Qakbot's Back, But Don't Y'all Panic: A Southern Tech Talk

Qakbot, a versatile malware threat, returned after a takedown in August. The new campaign targets the hospitality industry with IRS-themed phishing emails containing malicious PDFs. Microsoft identified the attack, offering two IP addresses for blocking and a way to detect the malware's digital signature.

#itssecurityyall #EN #2023 #Qakbot #return #malware #hospitality #IRS-themed

·itssecurityyall.substack.com·Dec 20, 2023

Qakbot's Back, But Don't Y'all Panic: A Southern Tech Talk

Unveiling VISS: a revolutionary approach to vulnerability impact scoring

Our open-source vulnerability impact scoring system is now available and enhances incident response capabilities. Here's how VISS is unique.

#zoom #EN #2023 #VISS #vulnerability #impact #scoring

·zoom.com·Dec 20, 2023

Unveiling VISS: a revolutionary approach to vulnerability impact scoring

Web injections are back on the rise: 40+ banks affected by new malware campaign

DanaBot is a sophisticated banking trojan targeting financial institutions and their customers. Now, a new global campaign has put more users at risk.

#securityintelligence #EN #2023 #DanaBot #banking #trojan #malware

·securityintelligence.com·Dec 20, 2023

Web injections are back on the rise: 40+ banks affected by new malware campaign

Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.

#bleepingcomputer #EN #2023 #Cyberattack #Encryption #Man-In-The-Middle-Attack #SSH #Terrapin #Vulnerability

·bleepingcomputer.com·Dec 20, 2023

Terrapin attacks can downgrade security of OpenSSH connections

Xfinity waited to patch critical Citrix Bleed 0-day. Now it’s paying the price

Data for almost 36 million customers now in the hands of unknown hackers.

#arstechnica #EN #2023 #Citrix-Bleed #0-day #Xfinity #data-breach

·arstechnica.com·Dec 20, 2023

Xfinity waited to patch critical Citrix Bleed 0-day. Now it’s paying the price

Ransomware : Alphv/BlackCat, touché et presque coulé ?

Le site vitrine de la franchise Alphv/BlackCat affiche désormais un message indiquant qu’il a été saisi par les autorités. Mais une vitrine alternative est en ligne, mais le coup est très sérieux.

#lemagit #FR #2023 #Alphv #BlackCat #Alphv-BlackCat #Ransomware #vitrine

·lemagit.fr·Dec 19, 2023

Ransomware : Alphv/BlackCat, touché et presque coulé ?