cyberveille.decio.ch

cyberveille.decio.ch

7248 bookmarks
Custom sorting
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
28.06.2024 - Le soir du 27 juin 2024, des cybercriminels ont lancé une campagne de « malspam » à grande échelle contre des citoyennes et citoyens de Suisse alémanique. Par le biais d’un e-mail dont l’expéditeur présumé est AGOV, ils tentent d’infecter les appareils des utilisatrices et utilisateurs de macOS avec un maliciel (malware en anglais) du nom de « Poseidon Stealer ».
·ncsc.admin.ch·
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
CVE-2024-5261 | LibreOffice - Free and private office suite - Based on OpenOffice - Compatible with Microsoft
CVE-2024-5261 | LibreOffice - Free and private office suite - Based on OpenOffice - Compatible with Microsoft
LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents. LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers.
·libreoffice.org·
CVE-2024-5261 | LibreOffice - Free and private office suite - Based on OpenOffice - Compatible with Microsoft
Cryptographers’ Feedback on the EU Identity Wallet
Cryptographers’ Feedback on the EU Identity Wallet
A handful cryptographers were asked for feedback on the architecture of the European Identity Wallet (the Architecture Reference Framwork (ARF), currently at version 1.4.0). We seized the opportunity to write a short report to urge Europe to reconsider the design, and to base it on the use of anonymous (aka attribute-based) credentials. Anonymous credentials were designed specifically to achieve authentication and identification that are both secure and privacy-preserving. As a result, they fully meet the requirements put forth in the eiDAS 2.0 regulation. (The current design does not.) Moreover, they are by now a mature technology. In particular we recommend to use the BBS family of anonymous credentials, which are efficient and mathematically proven secure.
·blog.xot.nl·
Cryptographers’ Feedback on the EU Identity Wallet
Indonesia president orders audit of data centres after cyberattack
Indonesia president orders audit of data centres after cyberattack
Indonesian President Joko Widodo ordered on Friday an audit of government data centres after officials said the bulk of data affected by a recent ransomware cyberattack was not backed up, exposing the country's vulnerability to such attacks. Last week's cyberattack, the worst in Indonesia in recent years, has disrupted multiple government services including immigration and operations at major airports.
·reuters.com·
Indonesia president orders audit of data centres after cyberattack
South Korean telecom company attacks torrent users with malware — over 600,000 customers report missing files, strange folders, and disabled PCs
South Korean telecom company attacks torrent users with malware — over 600,000 customers report missing files, strange folders, and disabled PCs
Korean telecom company KT Corporation sent malware to its subscribers who use Webhard's Grid Service peer-to-peer sharing program to hide their files and stop them from using the service.
·tomshardware.com·
South Korean telecom company attacks torrent users with malware — over 600,000 customers report missing files, strange folders, and disabled PCs
The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
·dirtypipe.cm4all.com·
The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)
Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)
Progress un-embargoed an authentication bypass vulnerability in Progress MOVEit Transfer. Many sysadmins may remember last year’s CVE-2023-34362, a cataclysmic vulnerability in Progress MOVEit Transfer that sent ripples through the industry, claiming such high-profile victims as the BBC and FBI. Sensitive data was leaked, and sensitive data was destroyed, as the cl0p ransomware gang leveraged 0days to steal data - and ultimately leaving a trail of mayhem.
·labs.watchtowr.com·
Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer (CVE-2024-5806)
Microsoft employee accidentally publishes PlayReady code
Microsoft employee accidentally publishes PlayReady code
[German]A Microsoft software developer has accidentally shared internal PlayReady source code with the public (a developer forum). The data leak of 4 GByte is sufficient to compile the required DLL from the source code. This could be a real boon for people who want to reverse engineering or crack PlayReady. What is PlayReady? PlayReady is...
·borncity.com·
Microsoft employee accidentally publishes PlayReady code
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware
Summary Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The issue involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could lead […]
·eclypsium.com·
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware