cyberveille.decio.ch

5334 bookmarks

Custom sorting

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.

#uscert #csirt #CISA #EN #CVE-2022-22620

·cisa.gov·Feb 11, 2022

CISA Adds One Known Exploited Vulnerability to Catalog

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

The Shadowserver Foundation identifies thousands of Ivanti VPN instances likely impacted by a recent remote code execution flaw.

#securityweek #EN #2024 #Shadowserver #Ivanti #VPN #CVE-2024-21894 #vulnerable

·securityweek.com·Apr 14, 2024

Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability

XZ Utils backdoor

This page is short for now but it will get updated as I learn more about the incident. Most likely it will be during the first week of April 2024. The Git repositories of XZ projects are on git.tukaani.org. xz.tukaani.org DNS name (CNAME) has been removed. The XZ projects currently don’t have a home page. This will be fixed in a few days.

#tukaani #EN #2024 #XZ #backdoor #linux

·tukaani.org·Mar 30, 2024

XZ Utils backdoor

Les attaques informatiques contre les ENT continuent dans le Nord ...

La semaine dernière, des menaces d'attentats ont été envoyés aux élèves, aux personnels et aux familles suite au piratage de l'environnement numérique de travail de la région Ile de France. Cette fois, c'est l'académie de Lille qui est touchée, et ce dans un contexte sécuritaire inquiétant.

#zdnet.fr #FR #2024 #Phishing #Cybercriminalité #ETN #écoles #Éducation #piratage #terrorisme

·zdnet.fr·Mar 30, 2024

Les attaques informatiques contre les ENT continuent dans le Nord ...

PHP Obfuscator with Backdoor

An online tool offers a service to obfuscate PHP code, but it also silently inserts a backdoor into the code that allows any other PHP code to be executed!

#andreadraghetti #EN #2024 #php #obfuscation #backdoor #online

·andreadraghetti.it·Mar 30, 2024

PHP Obfuscator with Backdoor

Easy privilege escalation exploit lands for Linux kernels

CVE-2024-1086 turns the page tables on system admins

#theregister #EN #2024 #CVE-2024-1086 #Local-Privilege-Escalation #Linux #PoC #Kernel

·theregister.com·Mar 29, 2024

Easy privilege escalation exploit lands for Linux kernels

Urgent security alert for Fedora 41 and Fedora Rawhide users

Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.

#redhat #EN #2024 #xz #backdoor #linux

·redhat.com·Mar 29, 2024

Urgent security alert for Fedora 41 and Fedora Rawhide users

Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid

A cybercrime group has published information stolen from NHS Dumfries and Galloway.

#therecord.media #EN #2024 #Scotland #NHS #helath #Ransomware #published #data-breach

·therecord.media·Mar 29, 2024

Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid

AI bots hallucinate software packages and devs download them

Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned. If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.

#theregister #EN #2024 #AI #bots #Hallucinations #Supply-chain-attack

·theregister.com·Mar 29, 2024

AI bots hallucinate software packages and devs download them

Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery

#resecurity #EN #2024 #Raspberry-Pi #GEOBOX #analysis #tool #Fraud #Anonymization

·resecurity.com·Mar 29, 2024

Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery

Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords

A vulnerability has been discovered in the 'util-linux' library that could allow unprivileged users to put arbitrary text on other users' terminals using the 'wall' command.

#bleepingcomputer #EN #2024 #Clipboard-Hijacker #Library #Linux #Passwords #Terminal #WallEscape

·bleepingcomputer.com·Mar 28, 2024

Decade-old Linux ‘wall’ bug helps make fake SUDO prompts, steal passwords

PyPI halted new users and projects while it fended off supply-chain attack

Automation is making attacks on open source code repositories harder to fight.

#arstechnica #EN #2024 #PyPI #Automation #malicious #packages #attack

·arstechnica.com·Mar 28, 2024

PyPI halted new users and projects while it fended off supply-chain attack

Jeffrey Epstein's Island Visitors Exposed by Data Broker

A WIRED investigation uncovered coordinates collected by a controversial data broker that reveal sensitive information about visitors to an island once owned by Epstein, the notorious sex offender.

#wired #EN #2024 #privacy #crime #data-privacy #data-broker

·wired.com·Mar 28, 2024

Jeffrey Epstein's Island Visitors Exposed by Data Broker

Diving Deeper into AI Package Hallucinations

Lass Security's recent research on AI Package Hallucinations extends the attack technique to GPT-3.5-Turbo, GPT-4, Gemini Pro (Bard), and Coral (Cohere).

#lasso #EN #2024 #AI #Package #Hallucinations #GPT-4 #Bard #Cohere #analysis #LLM

·lasso.security·Mar 28, 2024

Diving Deeper into AI Package Hallucinations

Lighter Ransomware Locks Users Out of System

Overview This week, the Sonicwall Capture Labs threat research team analyzed a ransomware calling itself Lighter Ransomware. Upon execution, it opens up a window with a countdown timer instructing the victim to reach out immediately […]

#SonicWall #EN #2024 #Ransomware #Locks #lighter-ransomware

·blog.sonicwall.com·Mar 28, 2024

Lighter Ransomware Locks Users Out of System

US offers $10 million bounty for info on 'Blackcat' hackers who hit UnitedHealth

The U.S. State Department on Wednesday offered up to $10 million for information on the "Blackcat" ransomware gang who hit the UnitedHealth Group's tech unit and snarled insurance payments across America. "The ALPHV Blackcat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States and worldwide," the department said in a statement announcing the reward offer.

#reuters #EN #2024 #US #bounty #ALPHV #Blackcat

·reuters.com·Mar 28, 2024

US offers $10 million bounty for info on 'Blackcat' hackers who hit UnitedHealth

As Threats in Space Mount, U.S. Lags in Protecting Key Services

The United States and China are locked in a new race, in space and on Earth, over a fundamental resource: time itself. And the United States is losing. Global positioning satellites serve as clocks in the sky, and their signals have become fundamental to the global economy — as essential for telecommunications, 911 services and financial exchanges as they are for drivers and lost pedestrians.

#nytimes #EN #2024 #threat #satellites #US #China #space

·nytimes.com·Mar 28, 2024

As Threats in Space Mount, U.S. Lags in Protecting Key Services

Stealing Clouds

Reuters shows how Chinese hackers invaded myriad global companies, exposing entrenched weaknesses in Western cyber defenses.

#reuters #EN #2019 #Cloud-Hopper #US #China

·reuters.com·Mar 28, 2024

Stealing Clouds

Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians

Defendants Operated as Part of the APT31 Hacking Group in Support of China’s Ministry of State Security’s Transnational Repression, Economic Espionage and Foreign Intelligence Objectives

#justice.gov #EN #2024 #APT31 #China #US #Charged #Espionage

·justice.gov·Mar 28, 2024

Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians

Out of the shadows - ’darcula’ iMessage and RCS smishing attacks target USPS and global postal services

Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phish ...

#netcraft #EN #2024 #Phishing-as-a-Service #Darcula #PhasS #iMessage #RCS #USPS

·netcraft.com·Mar 28, 2024

Out of the shadows - ’darcula’ iMessage and RCS smishing attacks target USPS and global postal services

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Researchers say it's the first known in-the-wild attack targeting AI workloads.

#arstechnica #EN #2024 #Ray #AI #framework #attack #ongoing #servers

·arstechnica.com·Mar 27, 2024

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.

#pwning #EN #2024 #KernelCTF #Mitigation #nf_tables #Linux #exploitation #CVE-2024-1086

·pwning.tech·Mar 27, 2024

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

Finland confirms APT31 hackers behind 2021 parliament breach

The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.

#bleepingcomputer #EN #2024 #APT31 #China #Finland #Security #InfoSec #Computer-Security

·bleepingcomputer.com·Mar 27, 2024

Finland confirms APT31 hackers behind 2021 parliament breach

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.

#bleepingcomputer #EN #2024 #Google #Google-TAG #Mandiant #Spyware #Zero-Day #2023

·bleepingcomputer.com·Mar 27, 2024

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…

#krebsonsecurity #EN #2024 #MFA-fatigue #attack #Apple #MFA-bombing #password

·krebsonsecurity.com·Mar 27, 2024

Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security

BlueSpy - Spying on Bluetooth conversations

BlueSpy is a proof of concept for exploiting vulnerabilities in Bluetooth headsets and eavesdropping on private conversations

#tarlogic #EN #2024 #BlueSpy #Bluetooth #PoC #vulnerabilities #eavesdropping

·tarlogic.com·Mar 26, 2024

BlueSpy - Spying on Bluetooth conversations

Des citoyens traquent les pédocriminels sur les réseaux sociaux avec des faux profils d'enfants

La Team Moore est un collectif citoyen qui pourchasse les pédocriminels sur les réseaux sociaux en créant de faux profils d'enfants. Depuis quelques mois, il est également actif en Suisse. Deux hommes ont déjà été dénoncés aux polices cantonales.

#rts #CH #FR #Team-Moore #pédocriminels #citoyens #justice #faux-profils #Suisse

·rts.ch·Mar 26, 2024

Des citoyens traquent les pédocriminels sur les réseaux sociaux avec des faux profils d'enfants

U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (TOEP).

#thehackernews #EN #2024 #sanctions #US #cryptocurrency #Russia #exchanges #Bitpapa

·thehackernews.com·Mar 26, 2024

U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions

New ZenHammer memory attack impacts AMD Zen CPUs

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.

#bleepingcomputer #EN #2024 #AMD #CPU #Hardware #Memory #RAM #Rowhammer #ZenHammer

·bleepingcomputer.com·Mar 26, 2024

New ZenHammer memory attack impacts AMD Zen CPUs

Why X86 Needs To Die

As I'm sure many of you know, x86 architecture has been around for quite some time. It has its roots in Intel's early 8086 processor, the first in the family. Indeed, even the original 8086 inherits a...

#hackaday #EN #2024 #X86

·hackaday.com·Mar 26, 2024

Why X86 Needs To Die