cyberveille.decio.ch

cyberveille.decio.ch

7248 bookmarks
Custom sorting
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()
The Qualys Threat Research Unit (TRU) has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment. Before diving into the specific details of the vulnerabilities discovered by the Qualys Threat Research Unit in the GNU C Library, it’s crucial to understand these findings’ broader impact and importance. The GNU C Library, or glibc, is an essential component of virtually every Linux-based system, serving as the core interface between applications and the Linux kernel. The recent discovery of these vulnerabilities is not just a technical concern but a matter of widespread security implications.
·blog.qualys.com·
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()
GGerman police seizes $2.17 billion in bitcoin in 'most extensive' action ever
GGerman police seizes $2.17 billion in bitcoin in 'most extensive' action ever
German police have confiscated 50,000 bitcoin worth $2.17 billion in the country's 'most extensive' cryptocurrency seizure ever, it said in a statement on Tuesday. "This is the most extensive seizure of bitcoins by law enforcement authorities in the Federal Republic of Germany to date," police in the city of Dresden said. The investigation was supported by the Federal Criminal Police Office (BKA), the FBI and a Munich-based forensic IT expert company, it said.
·reuters.com·
GGerman police seizes $2.17 billion in bitcoin in 'most extensive' action ever
Hundreds of network operators’ credentials found circulating in Dark Web
Hundreds of network operators’ credentials found circulating in Dark Web
Following a recent and highly disruptive cyberattack on telecom carrier Orange España the cybersecurity community needs to rethink its approach to safeguarding the digital identity of staff involved in network engineering and IT infrastructure management. Orange España is the second-largest mobile operator in Spain. In early January, an attacker going by the alias ‘Snow’ hijacked Orange España’s RIPE Network Coordination Centre (NCC) account. RIPE is Europe’s regional Internet registry. After this initial breach, Snow sabotaged the telecommunications firm’s border gateway protocol (BGP) and resource public key infrastructure (RPKI) configurations.
·resecurity.com·
Hundreds of network operators’ credentials found circulating in Dark Web
Exclusive: US disabled Chinese hacking network targeting critical infrastructure
Exclusive: US disabled Chinese hacking network targeting critical infrastructure
The U.S. government in recent months launched an operation to fight a pervasive Chinese hacking operation that successfully compromised thousands of internet-connected devices, according to two Western security officials and one person familiar with the matter. The Justice Department and Federal Bureau of Investigation sought and received legal authorization to remotely disable aspects of the Chinese hacking campaign, the sources told Reuters.
·reuters.com·
Exclusive: US disabled Chinese hacking network targeting critical infrastructure
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines
Malicious code hiding in seemingly innocent PyPI packages steals your passwords, crypto & more #attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
·thehackernews.com·
Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines
Ransomware Cases Increased Greatly in 2023
Ransomware Cases Increased Greatly in 2023
As we move further into 2024, we must be cautious (maybe even fearful!) of ransomware cases increasing even more than in previous years. Though governments around the world are taking more interest in the worldwide threat, we can see from the increase of cases that our actions have not been enough to thwart the ransomware threat. As new groups continue to form, former groups continue to evolve into new brands, and the big players continue to ramp up their efforts, we must remain vigilant and focus on our preparation and early detection capabilities.
·sans.org·
Ransomware Cases Increased Greatly in 2023
Midnight Blizzard: Guidance for responders on nation-state attack
Midnight Blizzard: Guidance for responders on nation-state attack
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.
·microsoft.com·
Midnight Blizzard: Guidance for responders on nation-state attack
23andMe data breach: Hackers stole raw genotype data, health reports
23andMe data breach: Hackers stole raw genotype data, health reports
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. #23andMe #Breach #Computer #Credential #DNA #Data #Genetics #Health #InfoSec #Leak #Security #Stuffing
·bleepingcomputer.com·
23andMe data breach: Hackers stole raw genotype data, health reports
SEC says X account hack was due to SIM swapping
SEC says X account hack was due to SIM swapping
An “unauthorized party” hijacked the cell phone number of the person running the SEC’s X account before taking over the social media feed and posting messages. In a statement on Monday, an SEC spokesperson explained that two days after the January 9 account takeover, the government agency spoke to its telecom carrier and discovered that someone “obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
·therecord.media·
SEC says X account hack was due to SIM swapping