cyberveille.decio.ch

7248 bookmarks

Custom sorting

Researchers found multiple flaws in ChatGPT plugins

Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ChatGPT plugins are additional tools or extensions that can be integrated with ChatGPT to extend its functionalities or enhance specific aspects of the user experience. These plugins may include new natural language processing features, search capabilities, integrations with other services or platforms, text analysis tools, and more. Essentially, plugins allow users to customize and tailor the ChatGPT experience to their specific needs.

#securityaffairs #EN #2024 #flows #ChatGPT #plugins #researchers

·securityaffairs.com·Mar 14, 2024

Researchers found multiple flaws in ChatGPT plugins

Secret Backdoor Codes in Safe Locks

Senator Ron Wyden has found that the DoD banned the use of such locks for U.S. government systems, but deliberately kept information about the backdoors from the public.

#404media #EN #2024 #Safe #backdoor #US #DoD #Safe-Locks

·404media.co·Mar 13, 2024

Secret Backdoor Codes in Safe Locks

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware.

#talosintelligence #EN #2024 #GhostSec #ransomware #GhostLocker

·blog.talosintelligence.com·Mar 13, 2024

GhostSec’s joint ransomware operation and evolution of their arsenal

World’s first major act to regulate AI passed by European lawmakers

The European Union Parliament on Wednesday approved the world's first major set of regulatory ground rules to govern the mediatized artificial intelligence at the forefront of tech investment.

#cnbc #EN #2024 #legal #EU #AI #regulation

·cnbc.com·Mar 13, 2024

World’s first major act to regulate AI passed by European lawmakers

LockBit ransomware affiliate gets four years in jail, to pay $860k

Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to four years in prison by an Ontario court for his involvement in the LockBit ransomware operation. #Canada #Case #Computer #Court #InfoSec #Legal #LockBit #Prison #Ransomware #Security

#bleepingcomputer #EN #2024 #Prison #LockBit #Court #Ransomware #Case #Legal #Canada

·bleepingcomputer.com·Mar 13, 2024

LockBit ransomware affiliate gets four years in jail, to pay $860k

Threat actors leverage document publishing sites for ongoing credential and session token theft

Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks.

#talosintelligence #EN #phishing #legitimate #digital-document #Publuu #Marq #FlipSnack #Issuu #RelayTo

·blog.talosintelligence.com·Mar 13, 2024

Threat actors leverage document publishing sites for ongoing credential and session token theft

JetBrains vulnerability exploitation highlights debate over 'silent patching'

Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities.

#therecord.media #EN #2024 #JetBrains #vulnerability #exploitation #silent-patching

·therecord.media·Mar 13, 2024

JetBrains vulnerability exploitation highlights debate over 'silent patching'

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from…

#krebsonsecurity #EN #2024 #Incognito #Darknet #Market #Mass-Extorts #Buyers

·krebsonsecurity.com·Mar 12, 2024

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Plusieurs ministères visés par des attaques informatiques depuis dimanche, annonce Matignon

Si ces attaques, qui ont commencé dimanche soir, ont été d’une « intensité inédite », les services du premier ministre ont précisé lundi que leur impact avait été « réduit ». Elles ont été revendiquées par Anonymous Sudan, qui regroupe des militants prorusses.

#lemonde #FR #2024 #France #DDoS #Anonymous #Anonymous-Sudan #prorusses

·lemonde.fr·Mar 12, 2024

Plusieurs ministères visés par des attaques informatiques depuis dimanche, annonce Matignon

La Commission se félicite de l'accord politique obtenu sur le règlement relatif à la cybersolidarité

La Commission se félicite de l'accord politique auquel le Parlement européen et le Conseil sont parvenus la nuit dernière concernant le règlement sur la cybersolidarité, proposé par la Commission en avril 2023. Le règlement sur la cybersolidarité renforcera la solidarité au niveau de l'UE afin de mieux détecter les menaces et incidents de cybersécurité, de mieux s'y préparer et de mieux y réagir. Cet accord intervient à un moment crucial pour la cybersécurité de l'UE, étant donné que le paysage des cybermenaces dans l'UE continue d'être affecté par les événements géopolitiques.

#europa #EU #2024 #FR #cybersolidarité #accord #politique #cyber-bouclier #règlement

·ec.europa.eu·Mar 12, 2024

La Commission se félicite de l'accord politique obtenu sur le règlement relatif à la cybersolidarité

Cyber Solidarity Act : qui va constituer le « bouclier cyber » européen ?

Le Cyber Solidarity Act ouvre la voie à une infrastructure paneuropéenne de SOC. Quels acteurs - français, notamment - se sont positionnés ?

#silicon #FR #cyber-solidarity-act #cybersécurité #EU #SOC #infrastructure #défense #cyber-bouclier

·silicon.fr·Mar 12, 2024

Cyber Solidarity Act : qui va constituer le « bouclier cyber » européen ?

Exploiting CVE-2024-21378 – Remote Code Execution in Microsoft Outlook

Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.

#netspi #EN #2024 #CVE-2024-21378 #RCE #vulnerability #Outlook

·netspi.com·Mar 11, 2024

Exploiting CVE-2024-21378 – Remote Code Execution in Microsoft Outlook

Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities

Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published. Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ. Analysis of the actor’s recent Ivanti Connect Secure VPN campaign revealed a novel Linux version of a malware called NerbianRAT, in addition to WARPWIRE, a JavaScript credential stealer. * The actor’s arsenal also includes MiniNerbian, a small Linux backdoor, and remote monitoring and management (RMM) tools for Windows like ScreenConnect and AnyDesk.

#checkpoint #EN #2024 #Magnet-Goblin #1-day #vulnerability #Linux #NerbianRAT

·research.checkpoint.com·Mar 11, 2024

Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities

EU Commission breached data protection rules using Microsoft 365, EU watchdog found – Euractiv

The European Commission violated data protection rules in its use of Microsoft 365, leading to the imposition of corrective measures by the European Data Protection Supervisor (EDPS), the watchdog announced on Monday (11 March).

#euractiv #EU-Commission #violated #data-protection #legal #EDPS #watchdog

·euractiv.com·Mar 11, 2024

EU Commission breached data protection rules using Microsoft 365, EU watchdog found – Euractiv

CISA forced to take two systems offline last month after Ivanti compromise

Hackers breached the systems of the Cybersecurity and Infrastructure Security Agency (CISA) in February through vulnerabilities in Ivanti products, officials said.

#therecord.media #EN #2024 #CISA #Ivanti #Gateway #comprimised #offline #CVE-2023-46805 #CVE-2024-21887 #CVE-2024-21893

·therecord.media·Mar 8, 2024

CISA forced to take two systems offline last month after Ivanti compromise

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Microsoft says the ongoing hacking is part of the Russian government's efforts to figure out what information Microsoft has on its hackers.

#techcrunch #EN #2024 #cyberattack #hacking #microsoft #MidnightBlizzard

·techcrunch.com·Mar 8, 2024

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard

#Microsoft #EN #2024 #incident #update #Midnight #MidnightBlizzard

·msrc.microsoft.com·Mar 8, 2024

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard | MSRC Blog | Microsoft Security Response Center

Switzerland: Play ransomware leaked 65,000 government documents

The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.

#bleepingcomputer #EN #2024 #Breach #Data #Ransomware #Switzerland #PLAY #Government #Xplain

·bleepingcomputer.com·Mar 7, 2024

Switzerland: Play ransomware leaked 65,000 government documents

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars

An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

#bleepingcomputer #EN #2024 #Automotive #Car #Flipper-Zero #Phishing #Tesla

·bleepingcomputer.com·Mar 7, 2024

Flipper Zero WiFi phishing attack can unlock and steal Tesla cars

The Anatomy of an ALPHA SPIDER Ransomware Attack

Read this blog on the anatomy of an ALPHA SPIDER ransomware attack to better understand how they operate and how to better protect your business.

#crowdstrike #EN #2024 #Analysis #ALPHA #SPIDER #ransomware

·crowdstrike.com·Mar 7, 2024

The Anatomy of an ALPHA SPIDER Ransomware Attack

Microsoft AI engineer says Copilot Designer creates disturbing images

Shane Jones, who’s worked at Microsoft for six years, has been testing the company’s AI image generator in his free time and told CNBC he is disturbed by his findings. He’s warned Microsoft of the sexual and violent content that the product, Copilot Designer, is creating, but said the company isn’t taking appropriate action. On Wednesday, Jones escalated the matter, sending letters to FTC Chair Lina Khan and to Microsoft’s board, which were viewed by CNBC.

#cnbc #EN #2024 #Microsoft #AI #engineer #Copilot #Designer #creates #disturbing #images

·cnbc.com·Mar 7, 2024

Microsoft AI engineer says Copilot Designer creates disturbing images

US sanctions founder of spyware maker Intellexa for targeting Americans | TechCrunch

The U.S. government announced Tuesday sanctions against the founder of the notorious spyware company Intellexa and one of his business partners. This is

#techcrunch #EN #2024 #cytrox #intellexa #predator #sanctions #spyware #surveillance

·techcrunch.com·Mar 6, 2024

US sanctions founder of spyware maker Intellexa for targeting Americans | TechCrunch

Duvel says it has "more than enough" beer after ransomware attack

Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities

#bleepingcomputer #EN #2024 #Beer #Belgium #Duvel #Ransomware #Service-Disruption

·bleepingcomputer.com·Mar 6, 2024

Duvel says it has "more than enough" beer after ransomware attack

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.

#trendmicro #EN #2024 #Multistage #RA #Ransomware #Anti-AV #TTPs #GPO

·trendmicro.com·Mar 6, 2024

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.

#cisa #EN #2024 #Phobos #Ransomware #Critical-infrastructure #StopRansomware:

·cisa.gov·Mar 6, 2024

CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware-as-a-service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government said.

#thehackernews #EN #2024 #Phobos #Ransomware #CISA #US #Critical-infrastructure

·thehackernews.com·Mar 6, 2024

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

It’ll be back: Attackers still abusing Terminator tool and variants

First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions

#sophos #EN #Terminator #EDR-killer #Zemana #driver

·news.sophos.com·Mar 6, 2024

It’ll be back: Attackers still abusing Terminator tool and variants

ACEMAGIC Addresses Virus Incident: Proactive Measures and Solutions

Learn more about ACEMAGIC Mini PC's swift resolution to the virus incident, along with robust future security measures. Your safety is our top priority.

#acemagic #EN #2024 #PC #malaware #incident #Virus

·acemagic.com·Mar 6, 2024

ACEMAGIC Addresses Virus Incident: Proactive Measures and Solutions

RATs Distributed Through Skype, Zoom, & Google Meet Lures

Threat actors are creating and using fake Skype, Zoom, and Google Meet pages to spread RATs.

#zscaler #EN #2024 #fake #Skype #Zoom #meet #RAT #Lures

·zscaler.com·Mar 6, 2024

RATs Distributed Through Skype, Zoom, & Google Meet Lures

Rapid7 flames JetBrains over vulnerability disclosure

Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server. Rapid7 says it reported the two TeamCity vulnerabilities in mid-February, claiming JetBrains soon after suggested releasing patches for the flaws before publicly disclosing them. Such a move is typically seen as a no-no by the infosec community, which favors transparency, but there's apparently a time and a place for these things.

#theregister #EN #2024 #Rapid7 #flames #JetBrains

·theregister.com·Mar 6, 2024

Rapid7 flames JetBrains over vulnerability disclosure