cyberveille.decio.ch

7248 bookmarks

Custom sorting

La Croix-Rouge italienne touchée par une fuite massive de données, le CICR enquête

La Croix-Rouge italienne touchée par une fuite massive de données, le CICR enquête Un volume très important de données a été volé à la Croix-Rouge italienne. En 2022 déjà, des informations sensibles avaient été subtilisées au CICR. Lors de sa grande conférence d’octobre, l’organisation humanitaire va insister sur l'importance de protéger les données humanitaires

#letemps #CH #FR #Croix-Rouge #italienne #fuite #data-leak #darkweb

·letemps.ch·Jun 19, 2024

La Croix-Rouge italienne touchée par une fuite massive de données, le CICR enquête

UK Hospital Hackers Say They’ve Demanded $50 Million in Ransom - Bloomberg

A cohort of Russian-speaking hackers is demanding $50 million from a UK lab-services provider to end a ransomware attack that has paralyzed services at London hospitals for weeks, according to a representative for the group. #Britain #Cancer #Ciaran #Europe #Government #Great #HEALTH #Kingdom #London #Martin #NATIONAL #Regulation #SERVICE #United #business #cybersecni #cybersecurity #technology

#Cancer #Europe #Ciaran #Britain #Great #Martin #HEALTH #Regulation #SERVICE #Government #business #cybersecurity #NATIONAL #cybersecni #Kingdom #technology #United #London

·bloomberg.com·Jun 19, 2024

UK Hospital Hackers Say They’ve Demanded $50 Million in Ransom - Bloomberg

ChatGPT-4, Mistral, other AI chatbots spread Russian propaganda

A NewsGuard audit found that chatbots spewed misinformation from American fugitive John Mark Dougan. #AI #Axios #ChatGPT #Google #Illustrations #License #Microsoft #Misinformation #OpenAI #Visuals #genAI #generative #or

#Google #Illustrations #OpenAI #or #Misinformation #AI #Axios #Visuals #Microsoft #License #genAI #generative #ChatGPT

·axios.com·Jun 19, 2024

ChatGPT-4, Mistral, other AI chatbots spread Russian propaganda

SolarMarker Impersonates Job Employment Website, Indeed,…

Learn more about SolarMarker impersonating a job employment website, Indeed, and get security recommendations from our Threat Response Unit (TRU) to…

#esentire #2024 #SolarMarker #Impersonates #Job #Employment #Website

·esentire.com·Jun 19, 2024

SolarMarker Impersonates Job Employment Website, Indeed,…

All households in Scottish region to get alert about hackers publishing stolen medical data

The residents of Dumfries and Galloway are being warned their data was likely compromised in a February ransomware attack on the National Health Service (NHS).

#therecord.media #EN #2024 #NHS #Scotland #dataleak #medical #data #ransomware

·therecord.media·Jun 19, 2024

All households in Scottish region to get alert about hackers publishing stolen medical data

UNC3944 Targets SaaS Applications

UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of "0ktapus," "Octo Tempest," "Scatter Swine," and "Scattered Spider" and has been observed adapting its tactics to include data theft from software-as-a-service (SaaS) applications to attacker-owned cloud storage objects (using cloud synchronization tools), persistence mechanisms against virtualization platforms, and lateral movement via SaaS permissions abuse. Active since at least May 2022, UNC3944 has leveraged underground communities like Telegram to acquire tools, services, and support to enhance their operations.

#Mandiant #EN #2024 #UNC3944 #SaaS #Applications #Scattered-Spider #TTPs

·cloud.google.com·Jun 19, 2024

UNC3944 Targets SaaS Applications

Attacco hacker all'Asst Rhodense, due settimane per il ripristino dei sistemi. Disservizi anche in altri ospedali per problemi al data center di Aria | Corriere.it

L'Agenzia per la cybersicurezza nazionale al lavoro. Ancora bloccati esami e interventi non urgenti

#milano.corriere.it #IT #attacco #hacker #asst #rhodense #due #ospedali #salute #Milano

·milano.corriere.it·Jun 19, 2024

Attacco hacker all'Asst Rhodense, due settimane per il ripristino dei sistemi. Disservizi anche in altri ospedali per problemi al data center di Aria | Corriere.it

Comment une nébuleuse, "The Comm", a engendré l’un des gangs les plus craints du moment, Scattered Spider

Enfin une bonne nouvelle à propos de Scattered Spider, ce gang de cybercriminels actif depuis le printemps 2022 ? La presse espagnole vient d’annoncer l’arrestation d’un Anglais présenté comme l’un des leaders de ce groupe informel de pirates informatiques. Le jeune homme de 22 ans s'apprêtait à s’envoler vers l’Italie quand il a été arrêté à Palma de Majorque, dans l’archipel des Baléares.

#usine-digitale #FR #2024 #Scattered-Spider #Lapsus$#ALPHV/BlackCat #alliance #gang #The-Comm

·usine-digitale.fr·Jun 19, 2024

Comment une nébuleuse, "The Comm", a engendré l’un des gangs les plus craints du moment, Scattered Spider

Security bug allows anyone to spoof Microsoft employee emails

A researcher has found a way to impersonate Microsoft corporate email accounts, which could make phishing attacks harder to spot.

#techcrunch #EN #2024 #microsoft #researcher #bug #email #phishing

·techcrunch.com·Jun 19, 2024

Security bug allows anyone to spoof Microsoft employee emails

Suspected 'Scattered Spider' hacker, 22, reportedly arrested in Spain

Spanish newspaper Murcia Today reported that a British man was detained at Palma Airport as he prepared to board a flight to Italy.

#therecord.media #EN #2024 #busted #arrested #Scattered-Spider #member

·therecord.media·Jun 18, 2024

Suspected 'Scattered Spider' hacker, 22, reportedly arrested in Spain

Les résultats et les suites de l’enquête administrative dans l’affaire Xplain

L'affaire Xplain a mis en évidence toutes les difficultés liées à la gestion d'un projet informatique complexe mené entre différents acteurs publics et privés. Plusieurs leçons ont pu être tirées pouvant certainement s'appliquer à d'autres situations comparables, quels que soient les acteurs concernés. Tour d'horizon des erreurs commises et des mesures ayant été prises

#swissprivacy #CH #FR #leal #Xplain #résultats #leçons

·swissprivacy.law·Jun 17, 2024

Les résultats et les suites de l’enquête administrative dans l’affaire Xplain

New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now

Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.

#forbes #EN #2024 #Wi-Fi #Wi-Fi-Attack #CVE-2024-30078 #Windows-Wi-Fi-Attack #Windows-Security #Patch-Tuesday #Windows-Wi-Fi-vulnerability

·forbes.com·Jun 17, 2024

New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.

#wired #EN #2024 #ShinyHunters #Ticketmaster #Snowflake #Russia

·wired.com·Jun 17, 2024

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

Newly discovered: BadSpace backdoor delivered by high-ranking websites

Threat actors deliver fake software updates on websites for popular browsers: Sites with a high search engine ranking are at an increased risk.

#gdatasoftware #EN #2024 #analysis #BadSpace #backdoor #high-ranking #websites

·gdatasoftware.com·Jun 17, 2024

Newly discovered: BadSpace backdoor delivered by high-ranking websites

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack

Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.

#propublica #EN #2024 #Microsoft #problem #critical #flaw #losing #government #business #SolarWinds

·propublica.org·Jun 17, 2024

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack

New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

A new speculative execution attack named

#bleepingcomputer #EN #2024 #ARM #Hardware #Memory #Processor #Speculative-Execution #TIKTAG

·bleepingcomputer.com·Jun 17, 2024

New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0

#thehackernews #EN #2024 #ARM #CVE-2024-4610 #Mali #GPU #Kernel #Drivers #ero-Day #Vulnerability

·thehackernews.com·Jun 15, 2024

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Black Basta ransomware gang linked to Windows zero-day attacks

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.

#bleepingcomputer #en #2024 #Actively-Exploited #Black-Basta #Ransomware #Vulnerability #Zero-Day #CVE-2024-26169

·bleepingcomputer.com·Jun 15, 2024

Black Basta ransomware gang linked to Windows zero-day attacks

The mystery of an alleged data broker’s data breach

The breached data appears partly legitimate — if imperfect — but also widely available for sale by data brokers.

#techcrunch #EN #2024 #data-broker #breach #mistery

·techcrunch.com·Jun 15, 2024

The mystery of an alleged data broker’s data breach

New York Times warns freelancers of GitHub repo data breach

The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.

#bleepingcomputer #EN #2024 #Breach #Data-Breach #GitHub #Hack #The-New-York-Times

·bleepingcomputer.com·Jun 15, 2024

New York Times warns freelancers of GitHub repo data breach

entagon ran secret anti-vax campaign to undermine China during pandemic

The U.S. military launched a clandestine program amid the COVID crisis to discredit China’s Sinovac inoculation – payback for Beijing’s efforts to blame Washington for the pandemic. One target: the Filipino public. Health experts say the gambit was indefensible and put innocent lives at risk.

#reuters #EN #2024 #disinformation #US #CHina #pandemic #Philippines #campaign #Covid-19 #antivax

·reuters.com·Jun 15, 2024

entagon ran secret anti-vax campaign to undermine China during pandemic

Former head of NSA joins OpenAI board

OpenAI has appointed Paul M. Nakasone, a retired general of the US Army and a former head of the National Security Agency, to its board of directors.

#theverge #2024 #EN #OpenAI #NSA #Nakasone

·theverge.com·Jun 15, 2024

Former head of NSA joins OpenAI board

Microsoft fixes hack-me-via-Wi-Fi Windows security hole • The Register

Redmond splats dozens of bugs as does Adobe while Arm drivers and PHP under active attack

#theregister #en #2024 #june-patch-tusday #patch-tuesday #CVE-2023-50868 #CVE-2024-30078 #WiFI

·theregister.com·Jun 15, 2024

Microsoft fixes hack-me-via-Wi-Fi Windows security hole • The Register

Breaking: Meta halts AI rollout in Europe after ‘request’ from Irish data protection authorities

Facebook and Instagram's parent company Meta is pausing its plans to roll our artificial intelligence tools in Europe, following a request from Ireland's Data Protection Commission (DPC), the firm said in a Friday (14 June) blogpost.

#euractiv #EN #2024 #Facebook #AI #DPC #EU #data-protection #Meta

·euractiv.com·Jun 14, 2024

Breaking: Meta halts AI rollout in Europe after ‘request’ from Irish data protection authorities

Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol

The servers supported multiple media outlets linked to Islamic State. They were used to disseminate worldwide propaganda and messages capable of inciting terrorism in at least thirty languages. Eurojust and Europol coordinated and supported the joint operations.This week’s joint operations are part of ongoing efforts and constant vigilance to tackle online terrorist propaganda and communications, including through social media. They...

#europol #EN #2024 #outlets #terrorist #takedown #Islamic-State

·europol.europa.eu·Jun 14, 2024

Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol

Here’s what to know about Adobe’s Terms of Use updates

We recently rolled out a re-acceptance of our Terms of Use which has led to concerns about what these terms are and what they mean to our customers. This has caused us to reflect on the language we use in our Terms, and the opportunity we have to be clearer and address the concerns raised by the community. Over the next few days, we will speak to our customers with a plan to roll out updated changes by June 18, 2024.

·blog.adobe.com·Jun 14, 2024

Here’s what to know about Adobe’s Terms of Use updates

Ukrainian cyber specialists attack Russian airports, several flights delayed - source

Specialists with the Ukrainian Defense Ministry's Main Intelligence Directorate (HUR) carried out a cyberattack on the websites of Russian government agencies and Russian airports on "Russia Day," with a number of flights being delayed. — Ukrinform.

#ukrinform #EN #2024 #HUR #Russia-Ukraine-war #cyberattack #airports #Ukraine

·ukrinform.net·Jun 14, 2024

Ukrainian cyber specialists attack Russian airports, several flights delayed - source

Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups

Recently KILLNET creator; ‘KillMilk’, announced that they were building a global team of operators from the darknet and special services members, with financially motivated destructive capabilities. Their operation went full circle from offering services to hackers and competing businessmen, to taking orders from private and state persons, along with defending the interests of the Russian Federation. This report focuses on analyzing KILLNET, Subgroups, capabilities, and recent development in the group’s motive.

#cyfirma #EN #2024 #KILLNET #Hacktivism #Russia #KillMilk #private

·cyfirma.com·Jun 14, 2024

Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups

Multiple flaws in Fortinet FortiOS fixed

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue.

#securityaffairs #EN #2024 #Multiple #flaws #Fortinet #FortiOS #CVE-2024-23110

·securityaffairs.com·Jun 14, 2024

Multiple flaws in Fortinet FortiOS fixed

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’

Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product. visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS.

#securityweek #EN #2024 #CVE-2024-27812 #visionOS #Apple #Spatial #Computing #Hack

·securityweek.com·Jun 13, 2024

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’