DDoS attack volume rises, peak power reaches 1.7 Tbps
The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore.
cyberveille.decio.ch
Geopolitical Tensions Drive Explosion in DDoS Attacks
Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions
SolarWinds fixes critical RCE bug affecting all Web Help Desk versions
A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today.
Zabbix Server Vulnerability Lets Attacker Execute Arbitrary Code
A critical security vulnerability, identified as CVE-2024-22116, has been patched in Zabbix, a popular monitoring solution.
Ransomware attackers introduce new EDR killer to their arsenal
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments
We recount an extensive cloud extortion campaign leveraging exposed .env files of at least 110k domains to compromise organizations' AWS environments.
Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says
Recent scrutiny of the Russia-linked Doppelgänger influence operation has disrupted how it behaves, according to the BayLfV, an agency of the Bavarian state government.
White House working on cyber insurance policy proposal for ‘catastrophic’ incidents
At the Black Hat cybersecurity conference on Thursday, National Cyber Director Harry Coker, Jr. said his office is working with the Department of Treasury’s federal insurance office as well as officials at the Cybersecurity and Infrastructure Security Agency (CISA) on the effort.
Gafgyt Malware Variant Exploits GPU Power and Cloud Native Environments
Aqua Nautilus researchers discovered a new variant of Gafgyt targeting machines with weak SSH passwords.
The Hidden Treasures of Crash Reports
Sadly, nobody really loves crash reports, but I’m here to change that! This research, a crash course on crash reports, will highlight how these often overlooked files are an invaluable source of information, capable of revealing malware infections, exploitation attempts, or even buggy (exploitable?) system code. Such insights are critical for defense and offense, empowering us to either protect or exploit macOS systems.
Troy Hunt: Inside the "3 Billion People" National Public Data Breach
I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Usually, it's easy to articulate a data breach; a service people provide their information to had someone snag it through an act of unauthorised access and publish a discrete corpus of information that can be attributed back to that source. But in the case of National Public Data, we're talking about a data aggregator most people had never heard of where a "threat actor" has published various partial sets of data with no clear way to attribute it back to the source. And they're already the subject of a class action, to add yet another variable into the mix. I've been collating information related to this incident over the last couple of months, so let me talk about what's known about the incident, what data is circulating and what remains a bit of a mystery.
A Single Iranian Hacker Group Targeted Both Presidential Campaigns
APT42, which is believed to work for Iran’s Revolutionary Guard Corps, targeted about a dozen people associated with both Trump’s and Biden’s campaigns this spring, according to Google’s Threat Analysis Group.
Want to Win a Bike Race? Hack Your Rival’s Wireless Shifters | WIRED
Please don’t, actually. But do update your Shimano Di2 shifters’ software to prevent a new radio-based form of cycling sabotage. #bicycles #cyberattacks #cybersecurity #cycling #fitness #hacks #security
Inside the FBI's Dashboard for Wiretapping the World
Never-before-published screenshots of an internal FBI tool show how the agency monitored millions of messages from the secretly backdoored messaging app Anom.
Le transfert de données Suisse-USA à nouveau facilité
Après le Safe Harbor puis le Privacy Shield, voici le Swiss-US Data Privacy Framework.
Extension Trojan Malware Campaign
Malwares make no distinction between corporate and personal devices. Therefore, past perceptions of different levels of antivirus for businesses and households must be challenged. ReasonLabs is the first endpoint protection based on a multilayered machine-learning engine, that provides enterprise-grade security for all your personal devices.
Russia-linked phishing campaigns ensnare civil society and NGOs
Russia-linked phishing campaigns are targeting civil society and NGOs operating in the region and abroad, according to a new investigation by Access Now and the Citizen Lab.
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system.
CVE-2024-39825 and CVE-2024-39818: High-Risk Zoom Flaws Require Urgent Updates
Among the most critical are CVE-2024-39825 and CVE-2024-39818, both with a CVSS score of 8.5, indicating a high level of severity
CVE-2024-23897 Enabled Ransomware Attack on Indian Banks
CVE-2024-23897 is an unauthenticated arbitary file read vulnerability in Jenkins CLI used by RansomEXX to target small Indian banks.
Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers
Security researchers have detailed and published a PoC exploit code for a critical vulnerability, designated as CVE-2024-38077 (CVSS 9.8)
Suspected head of prolific cybercrime groups arrested and extradited - National Crime Agency
The National Crime Agency leads the UK's fight to cut serious and organised crime.
Compromising Microsoft's AI Healthcare Chatbot Service
Tenable finds privilege-escalation issues in Azure Health Bot via an SSRF, which allowed access to cross-tenant resources.
Don’t get Mad, get wise
The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for
Exploiting pfsense Remote Code Execution – CVE-2022-31814
Greetings everyone, In this write-up, we will be exploring the interesting exploitation that has been done against the pfsense CVE-2022-31814. What is pfsense? pfSense software is a FreeBSD-based operating system designed to install and configure a firewall that can be easily configured via the web interface and installed on any PC. With all of the
NIST's Post-Quantum Cryptography Standards Are Here - IEEE Spectrum
Today, the National Institute of Standards and Technology (NIST) announced the first standardization of three cryptography schemes that are immune against the threat of quantum computers, known as post-quantum cryptography (PQC) schemes. With these standards in hand, NIST is encouraging computer system administrators to begin transitioning as soon as possible.
60 Hurts per Second – How We Got Access to Enough Solar Power to Run the United States
- Bitdefender researchers have identified a series of vulnerabilities in PV plant management platforms operated by Solarman and Deye. This platform is responsible for coordinating production operations of millions of solar installations worldwide generating a whopping output of approximately 195 GW of solar power (20% of the global solar production) If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing blackouts. * These vulnerabilities have been communicated to the affected vendors and fixed.
Technical Exploits of HID's iClass SE Discovered, To Be Revealed at DEF CON 32
Researchers have "reverse-engineered" HID's iCLASS SE platform and will be "revealing some cryptographic keys to the kingdom."
Feds seize Radar/Dispossessor ransomware gang servers in US and Europe
The agency said at least 43 companies have been attacked by the group in the U.S., South America, India, Europe, the United Arab Emirates, and elsewhere.
CrowdStrike Exec Shows Up to Accept 'Most Epic Fail' Award in Person
CrowdStrike President Michael Sentonas appears at DEF CON's annual Pwnie Awards to accept the 'award' because 'we got this horribly wrong [and] it's super important to own it.'