cyberveille.decio.ch

cyberveille.decio.ch

5334 bookmarks
Custom sorting
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.
#cloudflare#EN#2023#DDoS#mitigated#hyper-volumetric#HTTP
·blog.cloudflare.com·
Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack
Apple sued for promising privacy, failing at it
Apple sued for promising privacy, failing at it
What's allowed for Cupertino is verboten for everyone else Apple has again been sued for promising privacy and allegedly failing to provide it. The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.
#theregister#EN#2023#Apple#privacy#complaint#iPhone#share#profit
·theregister.com·
Apple sued for promising privacy, failing at it
Uncle Sow: Dark Caracal in Latin America
Uncle Sow: Dark Caracal in Latin America
In 2018, EFF along with researchers from Lookout Security published a report describing the Advanced Persistent Threat (APT) we dubbed "Dark Caracal." Now we have uncovered a new Dark Caracal campaign operating since March of 2022, with hundreds of infections across more than a dozen countries. In this report we will present evidence that the cyber mercenary group Dark Caracal is still active and continues to be focused on Latin America, as was reported last year. We have discovered that Dark Caracal, using the Bandook spyware, is currently infecting over 700 computers in Central and South America, primarily in The Dominican Republic and Venezuela.
#eff#EN#2023#DarkCaracal#APT#LatinAmerica#Venezuela#campaign#research
·eff.org·
Uncle Sow: Dark Caracal in Latin America
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
n late November 2022, a few days after ETH Alumni launched their new feature “Who is who” which allows them to look up and connect to other members, I came across a severe access control vulnerability. Without any authorization over the internet, it allowed extracting at least 35418 member profiles, including full name, postal address, nationality, title, graduation field, study start year, gender, profile picture and hashed passwords.
#andreaskuster#EN#2023#ETHZ#Zurich#bugbounty#blog#vulnerability#disclosure#CH
·andreaskuster.ch·
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
Investigating Intrusions From Intriguing Exploits
Investigating Intrusions From Intriguing Exploits
On 02 February 2023, an alert triggered in a Huntress-protected environment. At first glance, the alert itself was fairly generic - a combination of certutil using the urlcache flag to retrieve a remote resource and follow-on scheduled task creation - but further analysis revealed a more interesting set of circumstances. By investigating the event in question and pursuing root cause analysis (RCA), Huntress was able to link this intrusion to a recently-announced vulnerability as well as to a long-running post-exploitation framework linked to prominent ransomware groups.
#huntress#EN#2023#investigation#triage#SOC#certutil#urlcache#GoAnywhere#analysis
·huntress.com·
Investigating Intrusions From Intriguing Exploits
UZH -University of Zurich - Cyberattack on the University of Zurich
UZH -University of Zurich - Cyberattack on the University of Zurich
The University of Zurich is currently the target of a serious cyberattack. The perpetrators appear to be acting in a very professional manner and are part of a current accumulation of attacks on educational and health institutions. Several attacks have been carried out on universities in German-speaking countries in recent weeks, resulting in suspension of their IT services for extended periods of time. The attacks are usually carried out by compromising several individual accounts and systems.
#uzh#CH#EN#2023#Cyberattack#annonce#Zurich#University
·uzh.ch·
UZH -University of Zurich - Cyberattack on the University of Zurich
Une campagne de phishing fictive pour sensibiliser 25 PME romandes à la cybersécurité
Une campagne de phishing fictive pour sensibiliser 25 PME romandes à la cybersécurité
La première édition de «Trust4SMEs» s’est conclue en présence des 25 PME lémaniques qui y ont participé à ce programme d’accompagnement en cybersécurité. Focalisée sur la sensibilisation des utilisateurs, la matinée a aussi révélé les résultats d’une campagne de phishing inoffensive envoyée à quelque 2'500 employés des PME.
#ictjournal#FR#CHG#EPFL#sensibilisation#PME#Trust4SMEs
·ictjournal.ch·
Une campagne de phishing fictive pour sensibiliser 25 PME romandes à la cybersécurité
Incendie OVH : une première décision de condamnation
Incendie OVH : une première décision de condamnation
Le tribunal juge qu’en stockant les 3 réplications de sauvegarde au même endroit que le serveur principal, OVH engage sa responsabilité contractuelle au titre du contrat de sauvegarde. Une ligne est en train de se dessiner dans la jurisprudence OVH : d’un côté les sociétés qui avaient pris soin de souscrire, en supplément, un contrat de sauvegarde et peuvent revendiquer une indemnisation, et d’un autre côté celles qui n’avaient pas pris cette précaution et n’ont que leurs yeux pour pleurer.
#droit-technologie#FR#2023#OVH#incendie#décision#responsabilité#legal#légale
·droit-technologie.org·
Incendie OVH : une première décision de condamnation
Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study
Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study
A recent study shows that top-of-the-line Android phones sold in China are a total privacy nightmare.
#gizmodo#EN#2023#Android#Information-privacy#Privacy-concerns-with-social-networking-services#Privacy#Surveillance#Human-rights#OnePlus#Internet-privacy#Xiamoi#Smartphones#Oppo-Realme#Computing#Terms-of-service#Operating-systems#Baidu#Digital-technology#Gizmodo
·gizmodo.com·
Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study
AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP
AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP
The “news broadcasters” appear stunningly real, but they are AI-generated deepfakes in first-of-their-kind propaganda videos that a research report published Tuesday attributed to Chinese state-aligned actors. The fake anchors — for a fictious news outlet called Wolf News — were created by artificial intelligence software and appeared in footage on social media that seemed to […]
#hongkongfp#EN#2023#broadcasters#China#fake#WolfNews#AI-generated#deepfakes
·hongkongfp.com·
AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP
Britain and US make major move against ransomware gangs by sanctioning seven individuals - The Record from Recorded Future News
Britain and US make major move against ransomware gangs by sanctioning seven individuals - The Record from Recorded Future News
The United Kingdom and United States on Thursday sanctioned seven people connected to what officials have told The Record is a single network behind the Conti and Ryuk ransomware gangs as well as the Trickbot banking trojan. The sanctions are described as the first major move of a “new campaign of concerted action” between Britain and the United States, and insiders say that further actions should be expected later this year.
#therecord#EN#2023#UK#US#Trickbot#sanctions#Conti#Ryuk#ransomware
·therecord.media·
Britain and US make major move against ransomware gangs by sanctioning seven individuals - The Record from Recorded Future News
A Backdoor with Smart Screenshot Capability
A Backdoor with Smart Screenshot Capability
Today, everything is “smart” or “intelligent”. We have smartphones, smart cars, smart doorbells, etc. Being "smart" means performing actions depending on the context, the environment, or user actions. For a while, backdoors and trojans have implemented screenshot capabilities. From an attacker’s point of view, it’s interesting to “see” what’s displayed on the victim’s computer.
#sans#EN#2023#python#backdoor#Screenshot
·isc.sans.edu·
A Backdoor with Smart Screenshot Capability
2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking
2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking
Every year, we publish our estimates of illicit cryptocurrency activity to demonstrate the power of blockchains’ transparency – these kinds of estimates aren’t possible in traditional finance – and to teach investigators and compliance professionals about the latest trends in cryptocurrency-related crime that they need to know about. What could those estimates look like in a year like 2022? Last year was one of the most tumultuous in cryptocurrency history, with several large firms imploding, including Celsius, Three Arrows Capital, FTX, and others — some amid allegations of fraud.
#chainalysis#2023#EN#Cryptocurrency#Volumes#Report
·blog.chainalysis.com·
2023 Crypto Crime Trends: Illicit Cryptocurrency Volumes Reach All-Time Highs Amid Surge in Sanctions Designations and Hacking
Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations - ASEC BLOG
Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations - ASEC BLOG
Sliver is an open-source penetration testing tool developed in the Go programming language. Cobalt Strike and Metasploit are major examples of penetration testing tools used by many threat actors, and various attack cases involving these tools have been covered here on the ASEC blog. Recently, there have been cases of threat actors using Sliver in addition to Cobalt Strike and Metasploit. The ASEC (AhnLab Security Emergency response Center) analysis team is monitoring attacks against systems with either unpatched vulnerabilities or misconfigured settings. During this process, we have recently discovered a Sliver backdoor being installed through what is presumed to be vulnerability exploitation on certain software. Not only did threat actors use the Sliver backdoor, but they also used the BYOVD (Bring Your Own Vulnerable Driver) malware to incapacitate security products and install reverse shells.
#asec.ahnlab#EN#2023#Sliver#Sunlogin#analysis
·asec.ahnlab.com·
Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations - ASEC BLOG
Onenote Malware: Classification and Personal Notes
Onenote Malware: Classification and Personal Notes
During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side - so nothing really relevant to write on - the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it…
#marcoramilli#EN#2023#OneNote#abused#technical#Malware
·marcoramilli.com·
Onenote Malware: Classification and Personal Notes
Detecting OneNote Abuse
Detecting OneNote Abuse
OneNote is a software part of the Office suite, commonly used within most organisations for note-keeping, task management and more. In the last year, OneNote gained more attention from a security perspective, mostly thanks to the research paper published by Emeric Nasi.
#withsecure#2023#EN#Attack-detection#OneNote#Office#LNK
·labs.withsecure.com·
Detecting OneNote Abuse