cyberveille.decio.ch

6938 bookmarks

Custom sorting

PuTTY vulnerability vuln-p521-bias

Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. (PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.)

#chiark.greenend.org.uk #PuTTY #vulnerability #CVE-2024-31497

·chiark.greenend.org.uk·Apr 16, 2024

PuTTY vulnerability vuln-p521-bias

Leaked LockBit builder in a real-life incident response case | Securelist

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.

#securelist #EN #2024 #builder #Data-Encryption #Incident-response #LockBit #Malware #Malware-Technologies #Ransomware #Targeted-attacks #Trojan

·securelist.com·Apr 16, 2024

Leaked LockBit builder in a real-life incident response case | Securelist

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering  | Proofpoint US

Key takeaways  TA427 regularly engages in benign conversation starter campaigns to establish contact with targets for long-term exchanges of information on topics of strategic importance to the No...

#proofpoint #EN #2024 #DMARC #Abuse #TA427 #analysis #North-Korea

·proofpoint.com·Apr 16, 2024

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering  | Proofpoint US

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

CISA publicly released an emergency directive issued to federal agencies earlier this month, detailing how a breach at Microsoft could have affected the government.

#therecord #EN #2024 #CISA #Microsoft #Breach #government #email

·therecord.media·Apr 15, 2024

CISA: Email from federal agencies possibly accessed in Russian breach of Microsoft

Automating Pikabot’s String Deobfuscation

ThreatLabz created an IDA plugin to automate the deobfuscation of Pikabot’s strings.

#zscaler #EN #2024 #research #Pikabot #deobfuscation

·zscaler.com·Apr 15, 2024

Automating Pikabot’s String Deobfuscation

World-first “Cybercrime Index” ranks countries by cybercrime threat

Following three years of intensive research, an international team of researchers have compiled the first ever ‘World Cybercrime Index’, which identifies the globe’s key cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.

#University-of-Oxford #EN #2024 #UK #World-Cybercrime-Index #research #ranking

·ox.ac.uk·Apr 15, 2024

World-first “Cybercrime Index” ranks countries by cybercrime threat

Vulnerabilities Identified in LG WebOS

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.

#bitdefender #EN #2024 #LG #WebOS #TV #iot #vulnerability #CVE-2023-6317 #CVE-2023-6318 #CVE-2023-6319 #CVE-2023-6320

·bitdefender.com·Apr 10, 2024

Vulnerabilities Identified in LG WebOS

Suisse: Caméras de surveillance de l’armée jugées trop vulnérables

Obsolètes, des caméras sont des «proies faciles pour les pirates», conclut un audit interne qui affirme que l’armée néglige sa sécurité informatique.

#20min #FR #CH #2023 #IoT #armée #camera #webcam #audit #vulnérables

·20min.ch·Jan 24, 2023

Suisse: Caméras de surveillance de l’armée jugées trop vulnérables

Ransomware Diaries: Volume 1

The LockBit ransomware gang is one of the most notorious organized cybercrime syndicates that exists today. The gang is behind attacks targeting private-sector corporations and other high-profile industries worldwide. News and media outlets have documented many LockBit attacks, while security vendors offer technical assessments explaining how each occurred. Although these provide insight into the attacks, I wanted to know more about the human side of the operation to learn about the insights, motivations, and behaviors of the individuals on the other side of the keyboard. To prepare for this project, I spent months developing several online personas and established their credibility over time to gain access to the gang’s operation.

#analyst1 #EN #2023 #LockBit #ransomware #Insights

·analyst1.com·Jan 21, 2023

Ransomware Diaries: Volume 1

Accidentally Crashing a Botnet

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.

#akamai #EN #2022 #Security-Research #Research #Bot-Attacks #DDOS #Cyber-Security #Kmsdbot #botnet #SIRT #cryptomining #crash #malware

·akamai.com·Jan 15, 2023

Accidentally Crashing a Botnet

Schools hit by cyber attack and documents leaked

Confidential details including child passport scans and SEN data is published online, the BBC finds.

#bbc #EN #2023 #ViceSociety #vice-society #schools #UK #leak #ransomware #attack #education

·bbc.com·Jan 6, 2023

Schools hit by cyber attack and documents leaked

Shc Linux Malware Installing CoinMiner

The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.

#asec #2023 #EN #Shell #Script #Compiler #analysis #Linux #Malware #CoinMiner #Shc

·asec.ahnlab.com·Jan 4, 2023

Shc Linux Malware Installing CoinMiner

Cyber attacks set to become ‘uninsurable’, says Zurich chief

The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.

#ft #Financial-Times #archive #2022 #EN #chief #executive #insurance #cyber-attacks #uninsurable #Zurich

·archive.ph·Dec 30, 2022

Cyber attacks set to become ‘uninsurable’, says Zurich chief

Twitter in data-protection probe after '400 million' user details up for sale

A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.

#BBC #EN #2022 #hacker #data-protection #Twitter #sale #watchdog

·bbc.co.uk·Dec 29, 2022

Twitter in data-protection probe after '400 million' user details up for sale

Darknet markets generate millions in revenue selling stolen personal data

A handful of markets were responsible for trafficking most of the data.

#arstechnica #EN #2022 #Darknet #markets #data #stolen-data-supply-chain

·arstechnica.com·Dec 3, 2022

Darknet markets generate millions in revenue selling stolen personal data

Suisse: Une cyberattaque bloque la comptabilité de milliers de sociétés

Victime du piratage de son hébergeur cloud, le logiciel de gestion d'entreprise Winbiz ne peut pas être utilisé depuis lundi. Le retour à la normale prendra du temps.

#20min #FR #CH #2022 #Winbiz #inforpro #piratage #cloud #hébergeur

·20min.ch·Nov 24, 2022

Suisse: Une cyberattaque bloque la comptabilité de milliers de sociétés

Vanuatu: Hackers strand Pacific island government for over a week

Vanuatu - an island courted by the US and China - has been stranded offline for over a week.

#BBC #EN #2022 #Vanuatu #ransomware #government

·bbc.com·Nov 21, 2022

Vanuatu: Hackers strand Pacific island government for over a week

LockBit ransomware suspect nabbed in Canada, faces charges in the US

Automation features make LockBit one of the more destructive pieces of ransomware. Federal prosecutors on Thursday charged a dual Russian and Canadian national for his alleged participation in a global campaign to spread ransomware known as LockBit. Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, was taken into custody in late October by authorities in Ontario, officials at Interpol said. He is now in custody in Canada awaiting extradition to the US.

#arstechnica #EN #2022 #LockBit #Canada #member #arrest

·arstechnica.com·Nov 13, 2022

LockBit ransomware suspect nabbed in Canada, faces charges in the US

Crimson Kingsnake: BEC Group Impersonates…

Recently, we identified a new BEC group leveraging blind third-party impersonation tactics to swindle companies around the world. The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals into quickly paying bogus invoices.

#abnormalsecurity #EN #2022 #BEC #invoices #Crimson-Kingsnake #impersonation #scam

·abnormalsecurity.com·Nov 3, 2022

Crimson Kingsnake: BEC Group Impersonates…

How Vice Society got away with a global ransomware spree | Ars Technica

Vice Society has a superpower that’s allowed it to quietly thrive: Mediocrity.

#arstechnica #EN #2022 #vice-society #mediocrity #opinion #school

·arstechnica.com·Oct 22, 2022

How Vice Society got away with a global ransomware spree | Ars Technica

CVE-2022-41352

On September 25, 2022, CVE-2022-41352 was filed for Zimbra Collaboration Suite. The vulnerability is a remote code execution flaw that arises from unsafe usage…

#attackerkb #EN #2022 #CVE-2022-41352 #Zimbra #vulnerability

·attackerkb.com·Oct 7, 2022

CVE-2022-41352

Man arrested for alleged data breach SMS scam

A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.

#afp.gov.au #blackmail #scam #Optus #leak #EN #2022

·afp.gov.au·Oct 6, 2022

Man arrested for alleged data breach SMS scam

How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000

For 2nd time in 4 years, Amazon loses control of its IP space in BGP hijacking.

#arstechnica #EN #2022 #BGP #cryptocurrency #hijacking #Amazon

·arstechnica.com·Oct 5, 2022

How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000

Breach of software maker used to backdoor as many as 200,000 servers

Hack of FishPig distribution server used to install Rekoobe on customer systems.

#arstechnica #EN #2022 #FishPig #Rekoobe

·arstechnica.com·Sep 14, 2022

Breach of software maker used to backdoor as many as 200,000 servers

Tech tool offers police ‘mass surveillance on a budget’

Local law enforcement agencies from suburban Southern California to rural North Carolina have been using an obscure cellphone tracking tool, at times without search warrants, that gives them the power to follow people’s movements months back in time, according to public records and internal emails obtained by The Associated Press.

#ApNews #EN #2022 #AP-Investigations #Technology #Police #California #Arkansas #Weekend-Reads #North-Carolina #privacy #Government-surveillance #Law-enforcement-agencies #Criminal-investigations

·apnews.com·Sep 3, 2022

Tech tool offers police ‘mass surveillance on a budget’

CVE-2022-27925

On May 10, 2022, Zimbra released versions 9.0.0 patch 24 and 8.8.15 patch 31 to address multiple vulnerabilities in Zimbra Collaboration Suite, including CVE-2…

#AttackerKB #Analysis #CVE-2022-27925 #EN #2022 #Zimbra

·attackerkb.com·Aug 20, 2022

CVE-2022-27925

NHS IT supplier held to ransom by hackers

Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.

#BBC #EN #2022 #NHS #UK #Ransomware #healthcare

·bbc.com·Aug 14, 2022

NHS IT supplier held to ransom by hackers

Phishers who breached Twilio and targeted Cloudflare could easily get you, too

Unusually resourced threat actor has targeted multiple companies in recent days.

#arstechnica #EN #2022 #Twilio #cloudflare #phishing #threat

·arstechnica.com·Aug 14, 2022

Phishers who breached Twilio and targeted Cloudflare could easily get you, too

CISA warns of Windows and UnRAR flaws exploited in the wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.

#bleepingcomputer #EN #2022 #CISA #DogWalk #UnRAR #CVE-2022-34713 #MSDT #CVE-2022-30333

·bleepingcomputer.com·Aug 12, 2022

CISA warns of Windows and UnRAR flaws exploited in the wild

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco