Serious security breach hits EU police agency
Disappearance of sensitive files of top law enforcement officials has sparked a crisis at Europol.
cyberveille.decio.ch
Les clients Apple victimes de push bombing pour réinitialiser leur identifiant
C’est un matraquage en règle pour obtenir les identifiants Apple ID auquel ont du faire face certains clients de la marque à la pomme. En effet, une vague de phishing de type « push bombing » ou de « fatigue MFA » a sévi récemment assure le site Krebs on Security. Ces techniques consistent, pour les attaquants, à envoyer de manière répétée des notifications d'authentification à deux acteurs (MFA) sur les terminaux Apple.
AT&T confirms data for 73 million customers leaked on hacker forum
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them.
AT&T says leaked data set impacts about 73 million current, former account holders
Telecom company AT&T(T.N), opens new tab said on Saturday that it is investigating a data set released on the "dark web" about two weeks ago, and said that its preliminary analysis shows it has impacted approximately 7.6 million current account holders and 65.4 million former account holders. The company said the data set appears to be from 2019 or earlier. AT&T said it does not have evidence of unauthorized access to its systems resulting from the incident.
The Darkside of TheMoon
Executive Summary The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and
EU bans anonymous crypto payments to hosted wallets
In a recent regulatory development, the European Union (EU) has voted to ban cryptocurrency payments to "hosted wallets" using unidentified self-custody crypto wallets.
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.
Details and Lessons Learned From the Ransomware Attack on the British Library
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
Suisse: Caméras de surveillance de l’armée jugées trop vulnérables
Obsolètes, des caméras sont des «proies faciles pour les pirates», conclut un audit interne qui affirme que l’armée néglige sa sécurité informatique.
Ransomware Diaries: Volume 1
The LockBit ransomware gang is one of the most notorious organized cybercrime syndicates that exists today. The gang is behind attacks targeting private-sector corporations and other high-profile industries worldwide. News and media outlets have documented many LockBit attacks, while security vendors offer technical assessments explaining how each occurred. Although these provide insight into the attacks, I wanted to know more about the human side of the operation to learn about the insights, motivations, and behaviors of the individuals on the other side of the keyboard. To prepare for this project, I spent months developing several online personas and established their credibility over time to gain access to the gang’s operation.
Accidentally Crashing a Botnet
As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.
Schools hit by cyber attack and documents leaked
Confidential details including child passport scans and SEN data is published online, the BBC finds.
Shc Linux Malware Installing CoinMiner
The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.
Cyber attacks set to become ‘uninsurable’, says Zurich chief
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Twitter in data-protection probe after '400 million' user details up for sale
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
Darknet markets generate millions in revenue selling stolen personal data
A handful of markets were responsible for trafficking most of the data.
Suisse: Une cyberattaque bloque la comptabilité de milliers de sociétés
Victime du piratage de son hébergeur cloud, le logiciel de gestion d'entreprise Winbiz ne peut pas être utilisé depuis lundi. Le retour à la normale prendra du temps.
Vanuatu: Hackers strand Pacific island government for over a week
Vanuatu - an island courted by the US and China - has been stranded offline for over a week.
LockBit ransomware suspect nabbed in Canada, faces charges in the US
Automation features make LockBit one of the more destructive pieces of ransomware. Federal prosecutors on Thursday charged a dual Russian and Canadian national for his alleged participation in a global campaign to spread ransomware known as LockBit. Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, was taken into custody in late October by authorities in Ontario, officials at Interpol said. He is now in custody in Canada awaiting extradition to the US.
Crimson Kingsnake: BEC Group Impersonates…
Recently, we identified a new BEC group leveraging blind third-party impersonation tactics to swindle companies around the world. The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals into quickly paying bogus invoices.
How Vice Society got away with a global ransomware spree | Ars Technica
Vice Society has a superpower that’s allowed it to quietly thrive: Mediocrity.
CVE-2022-41352
On September 25, 2022, CVE-2022-41352 was filed for Zimbra Collaboration Suite. The vulnerability is a remote code execution flaw that arises from unsafe usage…
Man arrested for alleged data breach SMS scam
A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.
How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000
For 2nd time in 4 years, Amazon loses control of its IP space in BGP hijacking.
Breach of software maker used to backdoor as many as 200,000 servers
Hack of FishPig distribution server used to install Rekoobe on customer systems.
Tech tool offers police ‘mass surveillance on a budget’
Local law enforcement agencies from suburban Southern California to rural North Carolina have been using an obscure cellphone tracking tool, at times without search warrants, that gives them the power to follow people’s movements months back in time, according to public records and internal emails obtained by The Associated Press.
CVE-2022-27925
On May 10, 2022, Zimbra released versions 9.0.0 patch 24 and 8.8.15 patch 31 to address multiple vulnerabilities in Zimbra Collaboration Suite, including CVE-2…
NHS IT supplier held to ransom by hackers
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
CISA warns of Windows and UnRAR flaws exploited in the wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.