cyberveille.decio.ch

cyberveille.decio.ch

7248 bookmarks
Custom sorting
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Welcome to April 2024, again. We’re back, again. Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device. We’ve seen all the commentary around the certification process of these devices for certain .GOVs - we’re not here to comment on that, but sounds humorous.
·labs.watchtowr.com·
Palo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400)
Réunion en ligne avec un faux chef (technique de deep fake) : fraude au CEO 2.0
Réunion en ligne avec un faux chef (technique de deep fake) : fraude au CEO 2.0
09.04.2024 - Le service financier d’une entreprise reçoit de son patron une demande de paiement soi-disant urgente. Le CEO explique que si le responsable financier n’effectue pas le paiement dans les plus brefs délais, cela aura de graves conséquences pour l’entreprise, car une commande importante sera perdue. Ensuite, le chef n’est étrangement plus joignable pour répondre à d’autres questions. Tel est le scénario typique d’une fraude au CEO. La plupart du temps, ces attaques ne sont pas très sophistiquées et sont faciles à détecter. L’intelligence artificielle et le deep fake ne s’arrêtent toutefois pas à cette méthode d’escroquerie plutôt simple, comme le montre un exemple récent signalé à l’OFCS.
·ncsc.admin.ch·
Réunion en ligne avec un faux chef (technique de deep fake) : fraude au CEO 2.0
World-first “Cybercrime Index” ranks countries by cybercrime threat
World-first “Cybercrime Index” ranks countries by cybercrime threat
Following three years of intensive research, an international team of researchers have compiled the first ever ‘World Cybercrime Index’, which identifies the globe’s key cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.
·ox.ac.uk·
World-first “Cybercrime Index” ranks countries by cybercrime threat
Vulnerabilities Identified in LG WebOS
Vulnerabilities Identified in LG WebOS
As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.
·bitdefender.com·
Vulnerabilities Identified in LG WebOS
Ransomware Diaries: Volume 1
Ransomware Diaries: Volume 1
The LockBit ransomware gang is one of the most notorious organized cybercrime syndicates that exists today. The gang is behind attacks targeting private-sector corporations and other high-profile industries worldwide. News and media outlets have documented many LockBit attacks, while security vendors offer technical assessments explaining how each occurred. Although these provide insight into the attacks, I wanted to know more about the human side of the operation to learn about the insights, motivations, and behaviors of the individuals on the other side of the keyboard. To prepare for this project, I spent months developing several online personas and established their credibility over time to gain access to the gang’s operation.
·analyst1.com·
Ransomware Diaries: Volume 1
Shc Linux Malware Installing CoinMiner
Shc Linux Malware Installing CoinMiner
The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.
·asec.ahnlab.com·
Shc Linux Malware Installing CoinMiner
LockBit ransomware suspect nabbed in Canada, faces charges in the US
LockBit ransomware suspect nabbed in Canada, faces charges in the US
Automation features make LockBit one of the more destructive pieces of ransomware. Federal prosecutors on Thursday charged a dual Russian and Canadian national for his alleged participation in a global campaign to spread ransomware known as LockBit. Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, was taken into custody in late October by authorities in Ontario, officials at Interpol said. He is now in custody in Canada awaiting extradition to the US.
·arstechnica.com·
LockBit ransomware suspect nabbed in Canada, faces charges in the US
Crimson Kingsnake: BEC Group Impersonates…
Crimson Kingsnake: BEC Group Impersonates…
Recently, we identified a new BEC group leveraging blind third-party impersonation tactics to swindle companies around the world. The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals into quickly paying bogus invoices.
·abnormalsecurity.com·
Crimson Kingsnake: BEC Group Impersonates…