Pouet épinglé
  • Nouvelle variante du code chiffrant Ryuk.

Cette variante dispose de capacités de propagation automatique au sein des réseaux qu'il infecte.

Le code hostile est stocké dans la ressource 11/9943 du binaire et chiffré avec l’algorithme RC4 utilisant la clé « pDkzˆq#+(2w&95 » et ce code contient la chaîne Fuck def.

📎 (PDF) cert.ssi.gouv.fr/uploads/CERTF

Pouet épinglé

🇪🇺 Europol Decryption Platform

A new decryption platform marks a milestone in the fight against organised crime and terrorism in Europe. In full respect of fundamental rights and without limiting or weakening encryption, this initiative will be available to national law enforcement authorities of all Member States to help keep societies and citizens safe & secure.

La plateforme, basée dans le nord de l'Italie, à Ispra n'est autre qu'un super-calculateur capable de casser des terminaux chiffrés inaccessibles aux enquêteurs.

💪 Le projet CERBERUS a été intialisé par le 🇫🇷 colonel Jean Dominique Nollet.

europol.europa.eu/newsroom/new

Pouet épinglé

🇫🇷 Vous avez découvert une vulnérabilité / une faille de sécurité et vous souhaitez en faire part au gouvernement ?

Citoyens, signaler, c'est agir !

Vérifiez d'abord que la faille / vulnérabilité ne soit pas déjà connue et suffisamment sérieuse pour être notifiée par ce moyen. Ensuite, prenez le temps nécessaire afin de produire un rapport complet avec les détails techniques de l'exploitation.

ssi.gouv.fr/actualite/vous-sou

🛠 Conifer

Conifer is a web archiving service that creates an interactive copy of any web page that you browse, including content revealed by your interactions such as playing video and audio, scrolling, clicking buttons, and so forth.

github.com/rhizome-conifer/con

70 GB of Gab public posts, private posts, user profiles, hashed passwords for users, DMs, and plaintext passwords for groups.

ddosecrets.substack.com/p/rele

Les opérateurs derrière le ransomware DopplePaymer revendiquent des attaques contre :

  • 🇩🇪 Ensinger Industries, Inc. (ensingerplastics.com)

We develops & produces extruded, cast & compression molded stock shapes & finished components from plastic & composite polymers for a wide variety of industries. Thermoplastic polymer products are used in automotive, aerospace, mechanical engineering, medical technology, food industry, the electrical, semiconductor sectors.

Press-Seal Corporation is a family-owned business founded in 1954 in the Midwest. Born from the necessity to protect our planet's clean water supply, we've been designing and manufacturing rubber gaskets for underground containment systems for over half-a-century.

  • Nouvelle variante du code chiffrant Ryuk.

Cette variante dispose de capacités de propagation automatique au sein des réseaux qu'il infecte.

Le code hostile est stocké dans la ressource 11/9943 du binaire et chiffré avec l’algorithme RC4 utilisant la clé « pDkzˆq#+(2w&95 » et ce code contient la chaîne Fuck def.

📎 (PDF) cert.ssi.gouv.fr/uploads/CERTF

SolarWinds hackers tried to infiltrate Mimecast

Threat actor accessed, and potentially exfiltrated, certain encrypted service account credentials created by customers hosted in the United States and the United Kingdom. These credentials establish connections from Mimecast tenants to on-premise and cloud services, which include LDAP, Azure Active Directory, Exchange Web Services, POP3 journaling, and SMTP-authenticated delivery routes. It is clear that this incident is part of a highly sophisticated large-scale attack and is focused on specific types of information and organizations.

mimecast.com/blog/important-se

SolarWinds hackers tried to infiltrate Fidelis Cybersecurity

While we are not happy about being targeted by the attackers behind the SolarWinds, FireEye, Microsoft, Malwarebytes attacks, we think this is a good learning opportunity both for our own internal team, as well as the security community on the best practices to apply to an advanced adversary attack like « SUNBURST »

fidelissecurity.com/threatgeek

🇪🇨 Banco Pichincha

« Hotarus Corp » hacking group claims to have stolen « 31,636,026 Million customer records & 58,456 Sensitive system records » including credit card numbers.

pichincha.com/portal/transpare

🇬🇧 Npower Limited (npower.com)

Energy provider Npower has taken down its mobile app following a cyber attack that exposed some customers' bank details.

  • Credential stuffing

bbc.com/news/technology-561956

  • 🇺🇸 Morgan County (morgan-county.org)

Morgan County is a county located in the central portion of the U.S. state of Missouri.

Afficher le fil de discussion

Les opérateurs derrière le ransomware DopplePaymer revendiquent des attaques contre :

Florida Studio Theatre (FST) is Sarasota's contemporary theatre. Founded in 1973, FST has grown to a village of five theatres located in the heart of Downtown, Sarasota.

SCP SCIENCE manufactures analytical equipment, supplies, reagents, certified reference materials and other products for the inorganic analytical market.

The Dutch Research Council is the national research council of the Netherlands. NWO funds thousands of top researchers at universities and institutes and steers the course of Dutch science by means of subsidies and research programmes.

Paul Ammeen founded SKC in 1986 as a headset distributor. A business communication technology integrator based in Kansas City with offices and teams nationwide.

  • [ 47.88 Go ] 🇬🇧 MNA Media (mnamedia.co.uk)

  • [ 533.36 Go ] 🇬🇧 PFF Packaging Group (pff.uk.com)

  • [ 76.37 Go ] 🇺🇸 Valley Wide Cooperative (valleywidecoop.com)

  • [ 239.86 Go ] 🇺🇸 B Green Wholesale (bgreenco.net)

Afficher le fil de discussion

Les opérateurs derrière le ransomware Conti diffusent un total de 1866.15 Go de données compressées relatives à :

  • [ 8.87 Go ] 🇬🇧 J Rosenthal & Son (jrosenthal.co.uk)

  • [ 21.01 Go ] 🇺🇸 Smith (smith.co)

  • [ 28.37 Go ] 🇧🇪 Blue Projectc Inc (blueprojects.com)

  • [ 910.43 Go ] 🇺🇸 The International Society of Automation (isa.org)

👁 socat a partagé

🇺🇸 U.S - The House Foreign Affairs Committee unanimously approved the creation of a new bureau of international cyberspace policy at the State Department as part of the Cyber Diplomacy Act

Hornbill & SunBird have sophisticated capabilities to exfiltrate SMS messages, encrypted messaging app content and geolocation, as well as other types of sensitive information.

The malware strains were seen in attacks targeting personnel linked to Pakistan’s military and various nuclear authorities and Indian election officials in Kashmir.

threatpost.com/military-nuclea

Les opérateurs derrière le ransomware Clop revendiquent une attaque contre :

  • 🇺🇸 Steris Corporation (steris.com)

STERIS is a leading provider of infection prevention and other procedural products and services. The company is focused primarily on healthcare, pharmaceutical and medical device Customers. The company is focused primarily on healthcare, pharmaceutical and medical device

💢 Panne mondiale - incidents majeurs sur les services Microsoft Xbox.

Depuis ce jeudi soir, la plateforme d'hébergement de vidéos , Youtube, semble connaître quelques difficultés. Il en va de même pour les services en ligne de Microsoft.

(PRESSE) actu-mag.fr/2021/02/25/des-pan

Parmi les documents subtilisés, on trouve notamment une illustration de l'avion de surveillance militaire GlobalEye de l'entreprise suédoise Saab ainsi que des documents techniques récents sur un avion d'interception de signaux électromagnétiques mis au point par la firme britannique Marshall Aerospace and Defence. Les pirates auraient également mis la main sur au moins un dessin technique d'une antenne radar de l'équipementier italien Leonardo.

(PRESSE) journaldemontreal.com/2021/02/

Afficher le fil de discussion
Plus anciens
nanao

Comme le soleil, les machines ne se couchent jamais.