BlackCat ransomware hits Azure Storage with Sphynx encryptor
The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage.
cyberveille.decio.ch
Ransomware flingers hit Manchester cops in the supply chain • The Register
The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked. According to the Manchester Evening News the stolen data included the names and pictures of police officers held by the supplier for use on thousands of ID badges.
TikTok fined €345M by Irish DPC for violating children’s privacy
The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children.
When MFA isn't actually MFA
Due to a recent Google change, MFA isn't truly MFA.
How Google Authenticator made one company’s network breach much, much worse
Google's app for generating MFA codes syncs to user accounts by default. Who knew?
Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes
Akamai researchers discover a critical vulnerability in Kubernetes that can lead to remote code execution.
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.
Argent russe: la place financière suisse rattrapée par une fuite de données
Un ancien ministre de Vladimir Poutine et la famille du patron d'une entreprise publique russe, impliquée dans l'effort de guerre, se retrouvent dans les données inédites repérées par la RTS. Des liens avec la place financière suisse sont mis en lumière. Ces révélations proviennent des documents confidentiels de la société de gestion de fortune zurichoise Finaport. Tout commence en janvier 2023 lorsque l'entreprise, sponsor officiel de l'Open de tennis de Zoug, est victime d'un piratage, comme le révélait le site Watson.
macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks
The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.
CVE-2023-38146: Arbitrary Code Execution via Windows Themes
This is a fun bug I found while poking around at weird Windows file formats. It's a kind of classic Windows style vulnerability featuring broken signing, sketchy DLL loads, file races, cab files, and Mark-of-the-Web silliness. It was also my first experience submitting to the MSRC Windows bug bounty since leaving Microsoft in April of 2022.
Trojanized Free Download Manager found to contain a Linux backdoor
Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years.
Threat actor leaks sensitive data belonging to Airbus
The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airbus announced that it is investigating a data leak after cybersecurity firm Hudson Rock reported that a hacker posted information on thousands of the company’s vendors to the dark web.
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.
Critical WebP bug: many apps, not just browsers, under threat
The heap buffer overflow (CVE-2023-4863) vulnerability in the WebP Codec is being actively exploited in the wild.
With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe? | Ars Technica
With 70 zero-days uncovered so far this year, 2023 is on track to set a new record.
PSA: Ongoing Webex malvertising campaign drops BatLoader
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search.
Attacker combines phone, email lures into believable, complex attack chain
A social engineering phone call lends authenticity to the attacker’s malicious email
Ransomware crew hits Save The Children, steals 7TB of data
Cybercrime crew BianLian says it has broken into the IT systems of a top nonprofit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data. As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang's description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FERXLSAZCHFP3RDULRLS5A7EU5E.jpg?width=92&height=69&ar=&mode=crop&format=avif&dpr=2)
Microsoft to defend customers on AI copyright challenges
Microsoft will pay legal damages on behalf of customers using its artificial intelligence (AI) products if they are sued for copyright infringement for the output generated by such systems, the company said on Thursday.
ChatGPT fails in languages like Tamil and Bengali
Outside of English, ChatGPT makes up words, fails logic tests, and can't do basic information retrieval.
KNVB paid ransom to prevent cyber criminals from publishing footballers' passports
The Dutch football association KNVB paid the ransom demanded by cyber criminals in a ransomware attack in April. The hackers stole Dutch and other football players’ passports, ID cards, home addresses, and salary slips and threatened to publish the data if the football association didn’t pay the ransom, the KNVB said on Tuesday.
Cybersecurity issue prompts computer shutdowns at MGM Resorts properties across US
Casino and hotel giant MGM Resorts International says a cybersecurity issue led to the shutdown of computer systems at its properties across the U.S.
TikTok : une analyse technique helvétique des risques de sécurité
Suite aux interdictions d’utilisation de TikTok à du personnel de l’UE, le nouvel Institut national suisse pour les tests de cybersécurité a publié les résultats de ses tests techniques sur l’application, recommandant de considérer son utilisation avec précaution.
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts
Facebook’s Messenger platform has been heavily abused in the past month to spread endless messages with malicious attachments from a swarm of fake and hijacked personal accounts. These threat actors are targeting millions of business accounts on Facebook’s platform — from highly-rated marketplace sellers to large corporations, with fake business inquiries, achieving a staggering “success rate” with approximately 1 out of 70 infected!
Active North Korean campaign targeting security researchers
Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.
North Korea-backed hackers target security researchers with 0-day
Google researchers say currently unfixed vulnerability affects a popular software package.
Mozilla Report Finds That New Cars Give Out Lots of Your Info
Bad news: your car is a spy. Every major car brand's new internet-connected models flunked privacy and security tests conducted by Mozilla.
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious…
The International Criminal Court Will Now Prosecute Cyberwar Crimes
FOR YEARS, SOME cybersecurity defenders and advocates have called for a kind of Geneva Convention for cyberwar, new international laws that would create clear consequences for anyone hacking civilian critical infrastructure, like power grids, banks, and hospitals. Now the lead prosecutor of the International Criminal Court at the Hague has made it clear that he intends to enforce those consequences—no new Geneva Convention required. Instead, he has explicitly stated for the first time that the Hague will investigate and prosecute any hacking crimes that violate existing international law, just as it does for war crimes committed in the physical world.
Last Week on My Mac: How quickly can Apple release a security update?
We seldom get much insight into how long Apple takes to release an urgent update to macOS, but last week must have seen one of the quickest in recent times. By my reckoning, Apple’s engineers accomplished that in 6-10 days, across four of its operating systems, and with two distinct vulnerabilities.