chirp @minus@nanao.cybtex.fr

Фігуранти використовували фейкові акаунти у соцмережах для проведення інформаційно-психологічних операцій агресора, виправдання дій окупантів, розповсюдження протиправного контенту, поширення персональних даних і шахрайства тощо. #ukraine #cyber #police #threats #warfare #telecom #socialnetwork #disinformation #influence #network [ https://cyberpolice.gov.ua/news/kiberpolicziya-vykryla-organizatoriv-botoferm-yaki-poshyryuvaly-vorozhu-propagandu-ta-zajmalysya-internet-shaxrajstvamy-7156/ ] #informatique

« Many new red teamers come from traditional pentest backgrounds [...] The mindset shift is not necessarily easy » #threats [ https://www.trustedsec.com/blog/walking-the-tightrope-maximizing-information-gathering-while-avoiding-detection-for-red-teams/ ] #informatique

Hexacon (hexacon.fr) Offensive #security (and nothing else) conference in the heart of 🇫🇷 Paris. 13-14th October 2023 - « party will take place on the 14th of October, in the Espace Maubert, on the 3rd floor of the conference room. Come enjoy the open bar in a cosy and intimate atmosphere. French wines, Champagne, cocktails and fine food will make you spend a delightful evening between the two (2) days of conferences. What better opportunity to socialize and meet the crème de la crème of the offensive security commmunity? » #france #threats #informatique

« In this blog post, we will share how Mandiant's Red Team researches & exploits Zero-Day vulnerabilities in third-party #Windows Installers, what #software developers should do to reduce risk of exploitation, and introduce a new tool to simplify enumeration of cached Microsoft Software Installer » #vuln [ https://www.mandiant.com/resources/blog/privileges-third-party-windows-installers ] #informatique

« Open-source tool to bypass #windows and #linux passwords from bootable USB » #tools #software [ https://github.com/Fadi002/unshackle ] #informatique

Multiple vulnerabilities ( CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 ) have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) #vuln #threats #citrix #software [ https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 ] #informatique

Un homme de 26 ans, soupçonné d'avoir récupéré des données personnelles de ±2800 salariés du journal Le Monde (lemonde.fr) et d'avoir tenté de les revendre sur l'internet clandestin, a été interpellé à 🇫🇷 Villiers-Saint-Frédéric il y a une semaine. Le mis en cause a indiqué avoir eu accès (de manière frauduleuse) au système de gestion des activités socioculturelles du Comité d'Entreprise du groupe. Son jugement est fixé au 15 novembre 2023. #france #police #justice #press #digital #workers #databreach #threats #online #employees #services #web #journalism #news #tactics #business #papers #newspaper #systems #journal #careers [ https://www.francetvinfo.fr/internet/securite-sur-internet/cyberattaques/yvelines-soupconne-d-avoir-vole-les-donnees-personnelles-de-2-800-salaries-du-groupe-le-monde-un-homme-de-26-ans-sera-juge-le-15-novembre_5955959.html ] #informatique

Hundreds of individuals working for #defense and #intelligence agencies globally have had their names and email addresses accidentally exposed by an employee at #Google's #malware scanning platform VirusTotal (virustotal.com) #workers #databreach #threats #online #employees #services [ https://therecord.media/virustotal-user-email-addresses-leaked-google-military-intelligence ] #informatique

« LibreOffice is Free Software and is made available free of charge. Your donation, which is purely optional, supports our worldwide community. If you like the #software, please consider a donation. » [ https://www.libreoffice.org/donate ] #informatique

LibreOffice v7.5.5 #software [ https://blog.documentfoundation.org/blog/2023/07/20/libreoffice-7-5-5-community-available-for-download/ ] #informatique

« This newly uncovered ssh-agent vulnerability underlines the continuous need for rigorous security measures & immediate response. Even robust systems can harbor hidden vulnerabilities, as demonstrated by the shortcomings of the ssh-agent. » #vuln #software [ https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt ] #informatique

[ CVE-2023-38408 ] RCE in OpenSSH's forwarded ssh-agent #vuln #software [ https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent ] #informatique

« Where is this traffic now? » 🤫 https://infosec.exchange/ [ https://www.cyentia.com/the-death-of-infosec-twitter/ ] #informatique

« Now a third plastic surgery practice has nude patient photos leaked » - Earlier, DataBreaches reported that two (2) plastic surgery practices in California had both suffered #cyber attacks. One attack was by #BlackCat on Beverly Hills Plastic Surgery. The other attack was by an unnamed group or individual on Gary Motykie, MD. #sextortion [ https://www.databreaches.net/now-a-third-plastic-surgery-practice-has-nude-patient-photos-leaked/ ] #informatique

« The threat is real, the threat is growing and we can't talk enough about it. » ( Sami Khoury ) #canada #ransomware #online #business #threats [ https://globalnews.ca/news/9842276/ransomware-attacks-canada/ ] #informatique

« #Google is implementing a pilot program where certain employees will have limited access to the #internet on their desktop computers » #online #threats #business [ https://www.cnbc.com/2023/07/18/google-restricting-internet-access-to-some-employees-for-security.html ] #informatique

« No #business can be 100% immune from cyber attacks » #threats [ https://www.forbes.com/sites/betsyatkins/2023/07/18/microsoft-security-breach-a-wake-up-call-for-board-of-directors/ ] #informatique

A cybersecurity certification & labeling program #usa #smart #iot #devices #vuln #security #industries #software #market #threats #business #products [ https://www.whitehouse.gov/briefing-room/statements-releases/2023/07/18/biden-harris-administration-announces-cybersecurity-labeling-program-for-smart-devices-to-protect-american-consumers/ ] #informatique

💩​ bullshit spotted ⚡️⚡️⚡️

Millions of emails intended for Pentagon #employees were inadvertently sent to email accounts in #Mali over the last decade because of typos caused by the similarity of the US #military's #email ...

[ https://www.theverge.com/2023/7/17/23797379/mali-ml-typo-us-military-emails-leak ]

« some containing highly sensitive information »

Email encryption ? ​

RTFM? 🦄​ The Pwnie Awards recognize both excellence & incompetence in the field of information #security
​

🏷 https://emailselfdefense.fsf.org #mail #informatique

During the ursnif VNC sessions, I was able to extract interesting data from the unencrypted network communication. Specifically, I managed to obtain the threat actors’ clipboard as well as screenshots. ( @Kostas )

#windows #malware #threats [ https://kostas-ts.medium.com/ursnif-vs-italy-il-pdf-del-destino-5c83d6281072 ] #informatique