cyberveille.decio.ch

5334 bookmarks

Custom sorting

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy

Read the full strategy here Today, the Biden-Harris Administration released the National Cybersecurity Strategy to secure the full benefits of a safe and secure digital ecosystem for all Americans. In this decisive decade, the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security… PDF document

#whitehouse #EN #2023 #statement #National #Cybersecurity #Strategy #US

·whitehouse.gov·Mar 3, 2023

FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy

How cybercriminals attack young gamers

What cyberthreats target young gamers? An overview of the most well-spread child threats in virtual gaming worlds.

·kaspersky.com·Mar 3, 2023

How cybercriminals attack young gamers

BlackLotus UEFI bootkit: Myth confirmed

ESET researchers are the first to publish an analysis of BlackLotus, the first in-the-wild UEFI bootkit capable of bypassing UEFI Secure Boot.

#welivesecurity #EN #2023 #bootkit #UEFI #IoCs

·welivesecurity.com·Mar 2, 2023

BlackLotus UEFI bootkit: Myth confirmed

West ill-prepared to deal with evolving cyber threats, report concludes

Hacking and disinformation operation has continued to expand its activity, despite separate interventions in several European countries PDF

#cardiff.ac #EN #2023 #report #Ghostwriter #campaign

·cardiff.ac.uk·Mar 1, 2023

West ill-prepared to deal with evolving cyber threats, report concludes

TCG TPM2.0 implementations vulnerable to memory corruption

Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and trigger these vulnerabilities. This allows either read-only access to sensitive data or overwriting of normally protected data that is only available to the TPM (e.g., cryptographic keys).

#cert.org #2023 #EN #TPM #TPM2.0 #TCG #memory #buffer #Buffer-Overflow

·kb.cert.org·Mar 1, 2023

TCG TPM2.0 implementations vulnerable to memory corruption

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems.

#trendmicro #malware #cyber-crime #apt #IronTiger #SysUpdate #analysis

·trendmicro.com·Mar 1, 2023

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

A cryptominer that uses the Invisible Internet protocol, Honkbox variants could still be evading some detection solutions.

#SentinelOne #EN #2023 #cryptominer #Honkbox #macos #analysis

·sentinelone.com·Mar 1, 2023

Hunting for Honkbox | Multistage macOS Cryptominer May Still Be Hiding

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

Lumma Stealer sellers use the name “LummaC” on an underground forum called XSS, which is based in Russia. The seller has been actively promoting the malware since April 2022. In August of that year…

#s2wblog #EN #2023 #LummaC #Stealer #analysis

·medium.com·Mar 1, 2023

Lumma Stealer targets YouTubers via Spear-phishing Email | by S2W | S2W BLOG | Feb, 2023 | Medium

Intrusion dans les systèmes d'information de la Ville de Lille : le point sur la situation

A cette heure, le diagnostic technique est toujours en cours pour déterminer l'origine et la gravité de l'intrusion. L'ensemble des services publics est maintenu, à l'Hôtel de Ville, dans les mairies de quartiers et l'ensemble de nos équipements avec un fonctionnement adapté. Selon les informations dont nous disposons à ce stade, aucune difficulté n'a été constatée sur les données stockées sur le système et les serveurs.

#lille #FR #2023 #Intrusion

·lille.fr·Mar 1, 2023

Intrusion dans les systèmes d'information de la Ville de Lille : le point sur la situation

U.S. Marshals Service hack compromises sensitive info

The U.S. Marshals Service suffered a security breach, with sensitive data taken from one of its systems just over a week ago.

#nbcnews #2023 #EN #US #Marshals #breach #ransomware

·nbcnews.com·Feb 28, 2023

U.S. Marshals Service hack compromises sensitive info

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

#krebsonsecurity #EN #2023 #T-Mobile #Hackers #Claim

·krebsonsecurity.com·Feb 28, 2023

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Russia’s further invasion of Ukraine in February 2022 was a watershed moment, and unique in that a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country. Leaders will draw lessons from this conflict for years, but one is already clear: the ability to deliver cyber defense assistance must be a key national security capability.

#aspeninstitute #EN #2023 #Ukraine #russia-ukraine-war #CyberDefense #assistance

·aspeninstitute.org·Feb 28, 2023

The Cyber Defense Assistance Imperative – Lessons from Ukraine

Danish parliament urges to remove TikTok over cybersecurity

COPENHAGEN, Denmark (AP) — The Danish parliament on Tuesday urged lawmakers and employees with the 179-member assembly against having TikTok on work phones as a cybersecurity measure, saying “there is a risk of espionage.”

#apnews #EN #2023 #Denmark #tiktok #ban

·apnews.com·Feb 28, 2023

Danish parliament urges to remove TikTok over cybersecurity

LastPass breach update: The few additional bits of information

LastPass breach was aided by lax security policy, allowing accessing critical data from a home computer. Also, companies implementing federated login are also affected by the breach, despite LastPass originally denying it.

#palant.info #EN #2023 #breach #LastPass

·palant.info·Feb 28, 2023

LastPass breach update: The few additional bits of information

Canada bans TikTok on government devices

#bbc #en #2023 #tiktok #ban #canada

·bbc.com·Feb 28, 2023

Canada bans TikTok on government devices

Man stole nearly $18K in electricity in crypto mining operation

Nadeam Nahas, 39, of Norwell, MA is facing charges of allegedly running a secret cryptocurrency mining operation out of a crawlspace at a middle school.

#dailymail #EN #2023 #Massachusetts #school #cryptocurrency #cryptomining #stealing #electricity

·dailymail.co.uk·Feb 27, 2023

Man stole nearly $18K in electricity in crypto mining operation

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

Jamf Threat Labs has spotted a family of Mac malware, XMRig, that spreads through pirated versions of Final Cut Pro, Photoshop and Logic Pro X.

#computerworld #EN #2023 #apple #macos #jamf #XMRig #malware #pirated #FinalCutPro

·computerworld.com·Feb 27, 2023

Hard-to-spot Mac crypto-mining threat, XMRig, hits Pirate Bay

PureCrypter targets government entities through Discord - Blog | Menlo Security

Menlo Labs has uncovered an unknown threat actor leveraging an evasive threat campaign distributed via Discord featuring the PureCrypter downloader and targeting government entities.

#menlosecurity #EN #2023 #PureCrypter #government #Discord #downloader #analysis

·menlosecurity.com·Feb 27, 2023

PureCrypter targets government entities through Discord - Blog | Menlo Security

Stanford University discloses data breach affecting PhD applicants

Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023.

#bleepingcomputer #EN #2023 #Data-Breach #Stanford #University #breach

·bleepingcomputer.com·Feb 27, 2023

Stanford University discloses data breach affecting PhD applicants

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966

Numerous threat actors were detected abusing a critical CVE-2022-47966 RCE vulnerability affecting products from ManageEngine. Read our advisory.

#bitdefender #EN #2023 #CVE-2022-47966 #RCE #vulnerability #ManageEngine #advisory

·businessinsights.bitdefender.com·Feb 27, 2023

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966

TA569: SocGholish and Beyond

TA569 leverages many types of injections, traffic distribution systems (TDS), and payloads including, but not limited to, SocGholish. * In addition to serving as an initial access broker, these additional injects imply TA569 may be running a pay-per-install (PPI) service * TA569 may remove injections from compromised websites only to later re-add them to the same websites. * There are multiple opportunities for defense against TA569: educating users about the activity, using Proofpoint’s Emerging Threats ruleset to block the payload domains, and blocking .js files from executing in anything but a text editor.

#proofpoint #EN #2023 #SocGholish #threat-insight #TA569 #analysis

·proofpoint.com·Feb 27, 2023

TA569: SocGholish and Beyond

EXFILTRATOR-22 - An Emerging Post-Exploitation Framework

Executive Summary The CYFIRMA Research team has provided a preliminary analysis of a new post- exploitation framework called EXFILTRATOR-22 a.k.a....

#cyfirma #EN #2023 #EXFILTRATOR-22 #analysis #post-exploitation #framework

·cyfirma.com·Feb 27, 2023

EXFILTRATOR-22 - An Emerging Post-Exploitation Framework

Cryptomonnaie: arrestation de deux Français suspectés d’avoir piraté la plateforme Platypus

Les deux hommes interpellés mercredi en région parisienne, des frères de 18 et 20 ans, ont causé pour 9,5 millions de dollars de préjudice à la société américaine de finance décentralisée.

#lematin #FR #2023 #Cryptomonnaie #Platypus #Français #interpellés #piraté #cryptomonnaie

·lematin.ch·Feb 27, 2023

Cryptomonnaie: arrestation de deux Français suspectés d’avoir piraté la plateforme Platypus

OneNote Embedded file abuse

In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns. I first observed this OneNote abuse in the media via Didier’s post. This was later also mentioned in Xavier’s ISC diary and on the podcast. Later, in the beginning of February, the hacker news covered this as well.

#nviso #EN #2023 #OneNote #abuse #technical #report

·blog.nviso.eu·Feb 27, 2023

OneNote Embedded file abuse

When Low-Tech Hacks Cause High-Impact Breaches

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's…

#krebsonsecurity #EN #2023 #GoDaddy #Hacks #intruders #employee #malware

·krebsonsecurity.com·Feb 27, 2023

When Low-Tech Hacks Cause High-Impact Breaches

Suspect in major data theft case linked to Dutch-subsidized cybersecurity org

One of three hackers recently arrested for large-scale data theft was active for cyber security organization DIVD, sources told NOS. DIVD is a government-subsidized association of Dutch security experts that researches unsafe computer systems.

#nltimes #EN #2023 #DIVD #arrsted #hackers #Dutch #NL

·nltimes.nl·Feb 26, 2023

Suspect in major data theft case linked to Dutch-subsidized cybersecurity org

Dole Experiences Cybersecurity Incident

Charlotte, NC – February 22, 2023– Dole plc (DOLE:NYSE) announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.

#dole #2023 #En #incident #Security-Incident #ransomware

·dole.com·Feb 25, 2023

Dole Experiences Cybersecurity Incident

A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus

The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.

#cyberscoop #EN #2023 #russia-ukraine-war #cyber-effort #unprecedented #Ukraine #cyberwar

·cyberscoop.com·Feb 25, 2023

A year after Russia's invasion, the scope of cyberwar in Ukraine comes into focus

Beware of macOS cryptojacking malware.

You may have heard about the cryptojacking malware on macOS. Read about a new one spotted by Jamf Threat Labs.

#jamf #EN #2023 #macOS #cryptojacking #malware

·jamf.com·Feb 24, 2023

Beware of macOS cryptojacking malware.

Valve bans 40,000 Dota 2 cheaters through ‘honeypot’ patch

Valve fixed an exploit cheaters were used, and used that patch to catch them in the act. More than 40,000 people were banned for using the third-party cheat.

#polygon #2023 #EN #Valve #cheaters #Dota #anticheat

·polygon.com·Feb 24, 2023

Valve bans 40,000 Dota 2 cheaters through ‘honeypot’ patch