cyberveille.decio.ch

5334 bookmarks

Custom sorting

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites. The vulnerability, which was fully patched in January in version 2.10.2, offers unauthenticated attackers the ability to add malicious JavaScript to a website, potentially allowing ...Read More

#wordfence #EN #2023 #Beautiful-Cookie-Consent-Banner #plugin #WordPress #XSS #Campaign

·wordfence.com·May 25, 2023

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023.

Barracuda Networks's Status Page - Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023..

#Barracuda #EN #2023 #Status #CVE-2023-2868 #ESG #Email #Security #Gateway #appliance

·status.barracuda.com·May 25, 2023

Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023.

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Chinese state-sponsored actor Volt Typhoon is using stealthy techniques to target US critical infrastructure, conduct espionage, and dwell in compromised environments.

#microsoft #EN #2023 #Critical-infrastructure #Volt-Typhoon #stealthy #China #US #espionage #living-off-the-land

·microsoft.com·May 25, 2023

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques

Malvertising via brand impersonation is back again

Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix.

#malwarebytes #EN #2023 #brand #impersonation #GoogleAds

·malwarebytes.com·May 24, 2023

Malvertising via brand impersonation is back again

German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack

Rheinmetall confirmed on Monday that the Black Basta ransomware group was behind a cyberattack it detected last month.

#therecord #EN #2023 #Rheinmetall #ransomware #BlackBasta

·therecord.media·May 24, 2023

German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack

IT employee impersonates ransomware gang to extort employer

A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer.

#bleepingcomputer #EN #2023 #Court-Case #UK #Employee #Insider-Threat #Legal #Police #Ransomware #Rogue

·bleepingcomputer.com·May 24, 2023

IT employee impersonates ransomware gang to extort employer

ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery

Plugins can return malicious content and hijack your AI.

#embracethered #EN #2023 #ChatGPT #Data #Exfiltration #Cross #Plugin #Request #Forgery

·embracethered.com·May 23, 2023

ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery

Apple fixes three new zero-days exploited to hack iPhones, Macs

Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads.

#bleepingcomputer #EN #2023 #Apple #iOS #iPhone #Mac #macOS #WebKit #Zero-Day

·bleepingcomputer.com·May 23, 2023

Apple fixes three new zero-days exploited to hack iPhones, Macs

File Archiver In The Browser

This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain.

#mrd0x #EN #2023 #.zip #tld #domain #phishing #technique

·mrd0x.com·May 23, 2023

File Archiver In The Browser

What if we had the SockPuppet vulnerability in iOS 16?

The next post in our XNU memory safety series examines how our hardened kernel allocator performs in the real world against a previously patched but powerful UAF software vulnerability. In this detailed analysis, we find out what might happen if SockPuppet were to meet kalloc_type in iOS 16.

#security.apple #EN #2023 #SockPuppet #iOS #research

·security.apple.com·May 23, 2023

What if we had the SockPuppet vulnerability in iOS 16?

Don't @ Me: URL Obfuscation Through Schema Abuse

Attackers are distributing malware using a technique that abuses the URL schema.

#mandiant #EN #2023 #Obfuscation #URL #Schema #Smokeloader

·mandiant.com·May 23, 2023

Don't @ Me: URL Obfuscation Through Schema Abuse

BlackCat Ransomware Deploys New Signed Kernel Driver

In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase.

#trendmicro #EN #2023 #ransomware #research #BlackCat #Kernel #Driver

·trendmicro.com·May 22, 2023

BlackCat Ransomware Deploys New Signed Kernel Driver

Up to 100 cases taken over HSE cyberattack, judge told

European court to decide key liability issues over data breach but question mark hangs over HSE liability for ‘non-material’ damage such as stress

#irishtimes #EN #2023 #EU #DataBreach #liability #legal

·irishtimes.com·May 22, 2023

Up to 100 cases taken over HSE cyberattack, judge told

Beijing Bans Micron as Supplier to Big Chinese Firms, Citing National Security

Cyberspace Administration says chip maker failed review, in a move that seems aimed at hitting back at U.S. chip ban

#wsj #EN #2023 #US #China #ban #Micron

·wsj.com·May 22, 2023

Beijing Bans Micron as Supplier to Big Chinese Firms, Citing National Security

Apple Restricts Employee Use of ChatGPT, Joining Other Companies Wary of Leaks

The iPhone maker is concerned workers could release confidential data as it develops its own similar technology.

#wsj #2023 #Apple #ChatGPT #Restricts #Leak #confidential

·archive.ph·May 21, 2023

Apple Restricts Employee Use of ChatGPT, Joining Other Companies Wary of Leaks

Popular Android TV boxes sold on Amazon are laced with malware

The malware-infected AllWinner and RockChip-powered Android TV models are still available to purchase on Amazon.

#techcrunch #EN #2023 #amazon #android-tv #malware #rockchip #Android #IoT #AllWinner #Amazon

·techcrunch.com·May 21, 2023

MalasLocker ransomware targets Zimbra servers, demands charity donation

A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of demanding a ransom payment, the threat actors claim to require a donation to charity to provide an encryptor and prevent data leaking.

#bleepingcomputer #Age-Encryption #AgeLocker #Charity #Email #MalasLocker #QNAP #Ransomware #Zimbra

·bleepingcomputer.com·May 21, 2023

MalasLocker ransomware targets Zimbra servers, demands charity donation

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

#trendmicro #EN #2023 #malware #cyber-crime #LemonGroup #Preinfected #Guerrilla #Android #mobile #mobile-device #IoT #AndroidOS_Guerilla

·trendmicro.com·May 21, 2023

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

Visualizing QakBot Infrastructure

This blog post seeks to draw out some high-level trends and anomalies based on our ongoing tracking of QakBot command and control (C2) infrastructure. By looking at the data with a broader scope, we hope to supplement other research into this particular threat family, which in general focuses on specific infrastructure elements; e.g., daily alerting on active C2 servers.

#team-cymru #EN #2023 #QakBot #Infrastructure #research #C2

·team-cymru.com·May 18, 2023

Visualizing QakBot Infrastructure

“FleeceGPT” mobile apps target AI-curious to rake in cash

Interest in OpenAI’s latest version of its interactive language model has spurred a new wave of scam apps looking to cash in on the hype

#sophos #EN #2023 #Fleeceware #ChatGPT #scam #apps

·news.sophos.com·May 17, 2023

“FleeceGPT” mobile apps target AI-curious to rake in cash

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

A vulnerability (CVE-2023-32784) in KeePass can be exploited to retrieve the master password from the software's memory.

#helpnetsecurity #EN #2023 #CVE-2023-32784 #password #KeePass #retrieve

·helpnetsecurity.com·May 17, 2023

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

GitHub - vdohney/keepass-password-dumper

The vulnerability was assigned CVE-2023-32784. It should be fixed in KeePass 2.54, which should come out in ~July 2023. Thanks again to Dominik Reichl for his fast response and creative fix!

#vdohney #EN #2023 #PoC #KeePass #dumper #password #CVE-2023-32784

·github.com·May 17, 2023

GitHub - vdohney/keepass-password-dumper

Discord discloses data breach after support agent got hacked

Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.

#bleepingcomputer #EN #2023 #Customer-Support #Data-Breach #Discord

·bleepingcomputer.com·May 17, 2023

Discord discloses data breach after support agent got hacked

SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack

Attacker activity in Microsoft Azure that we attribute to a financially motivated threat actor.

#mandiant #EN #2023 #Azure #Azure-Serial-Console #UNC3944

·mandiant.com·May 17, 2023

SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack

Piratage et médias suisses, la justice entre en action

Comme d’autres médias, «Le Temps» a été sommé par CH Media et la NZZ, via leurs avocats, de ne publier aucune information confidentielle liée à la cyberattaque subie. En Suisse alémanique, deux médias ont dû modifier des articles en ligne

#letemps #FR #2023 #NZZ #Cybersécurité #Médias #avocats #legal #disclose

·letemps.ch·May 16, 2023

Piratage et médias suisses, la justice entre en action

Malicious VSCode extensions with more than 45K downloads steal PII and enable backdoors - Check Point Blog

Highlights: CloudGuard Spectrals detected malicious extensions on the VSCode marketplace Users installing these extensions were enabling attackers to

#checkpoint #EN #2023 #VSCode #extensions #malicious

·blog.checkpoint.com·May 16, 2023

Malicious VSCode extensions with more than 45K downloads steal PII and enable backdoors - Check Point Blog

Review and analysis of fake Trezor cryptowallet

Fake hardware cryptowallet, and how bitcoins were stolen from it.

#kaspersky #EN #2023 #hardware-wallet #trezor #fake #scam #hardware #wallet

·kaspersky.com·May 15, 2023

Review and analysis of fake Trezor cryptowallet

FBI confirms access to Breached cybercrime forum database

Today, the FBI confirmed they have access to the database of the notorious BreachForums (aka Breached) hacking forum after the U.S. Justice Department also officially announced the arrest of its…

#@spixnet.gmbh #EN #2023 #Breached #FBI #confirmed #database #Pompompurin

·medium.com·May 15, 2023

FBI confirms access to Breached cybercrime forum database

Securonix Threat Labs Security Advisory: Latest Update: Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads

An unusual attack/phishing campaign delivering malware while using meme-filled code and complex obfuscation methods continues dropping Xworm payloads for the last few months and is still ongoing today.

#securonix #EN #2023 #XWorm #Payloads #MEME4CHAN #Phishing #Meme-Filled

·securonix.com·May 15, 2023

Securonix Threat Labs Security Advisory: Latest Update: Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks.

#securityweek #EN #2023 #WordPress #Ferrari #vulnerability

·securityweek.com·May 15, 2023

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers