yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
(CVE-2021-34527) Windows Print Spooler Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
LimeVPN : 69.400 customers sensitive information hacked and sold on darkweb
New Skills Academy (newskillsacademy.co.uk) online learning platform, 800,000 students. Number of victims impacted by the breach is yet unknown. #databreach #education
https://www.hackread.com/new-skills-academy-data-breach-alerts-users/
CVE-2021-34527 - Update Guide
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
IndigoZebra APT continues to attack Central Asia with evolving tools
The actor suspected of this cyber-espionage operation is an APT group dubbed “IndigoZebra“, previously attributed by researchers to China. The technical details of the operation were not publicly disclosed before.
In this article, we will discuss the tools, TTPs and infrastructure used by the attacker during the years of its activity. We will also provide technical analysis of the two different strains of the previously publicly undescribed backdoor xCaon, including its latest version we dubbed BoxCaon which uses the legitimate cloud storage service Dropbox to act as its C&C server.
Several major South Korean #facilities have fallen victim to #cyber attacks originating from North Korea ( #kimsuky #apt ) in recent months, as the reclusive state has been ramping up its cyber #terrorism campaign. In the wake of the cyberterrorism campaign, Ha Tae-keung urged the government to declare a state of emergency and take actions
https://www.koreatimes.co.kr/www/nation/2021/07/103_311462.html
Russian GRU Conducting Global Brute Force Campaign to Compromise #Enterprise and #Cloud Environments
The CSA provides details on the campaign, which is being conducted by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The campaign uses a Kubernetes® cluster in brute force access attempts against the enterprise and #cloud environments of #government and private sector targets worldwide. After obtaining credentials via brute force, the GTsSS uses a variety of known vulnerabilities for further network access via remote code execution and lateral movement.
Les investigations en lien avec l'attaque informatique du SI interne de Japan Airport Fueling Service Co., Ltd. (JAFS) (jafsnet.co.jp) en date du 21 juin 2021 révèlent la présence d'un #ransomware. La nature et le type de données potentiellement exposé ne figure pas dans le communiqué officiel.
💢 Netgear DGN2200v1 series routers running firmware versions before v1.0.0.60 - Unauthenticated attackers can access management pages via authentication bypass, gain access to secrets stored on the device, and derive saved router credentials using a cryptographic side-channel attack
Federal law enforcement agencies are investigating a cyber attack at Massena Central School that occurred June 22, 2021. Superintendent Pat Brady said the incident caused a disruption in the district's network and impacted certain systems. Massena isn't alone, schools across the nation have struggled with attacks as graduation approached.
https://www.northcountrynow.com/news/cyber-attack-massena-central-school-under-investigation-0301963
Mayo Clinic (mayoclinic.org) is facing 3 lawsuits from patients who say a former surgery resident, Ahmad Alsughayer, viewed hundreds of their nude photographs in electronic medical records despite having no professional reason to go into their files.
La télévision russe dit que des attaques DDoS 💥 ont perturbé l'émission de Poutine
Afin de limiter les défaillances dans l'acheminement des plis électoraux, le ministre de l'Intérieur se dit favorable au retour d'une régie publique. Adrexo, appartenant à Hopps Group, avait justifié ces dysfonctionnements sur l'ensemble de la chaîne logistique suite à une attaque informatique de type #ransomware subie quelques jours auparavant, paralysant ses capacités logistiques.
#Lorenz #ransomware : Dutch cybersecurity company Tesorion have been able to develop a process that can in some cases decrypt files affected by Lorenz without paying the ransom.
https://www.tesorion.nl/en/posts/lorenz-ransomware-analysis-and-a-free-decryptor/
Le système informatique de la Chambre de Commerce et d'Industrie Bordeaux-Gironde (bordeauxgironde.cci.fr) perturbé par une attaque informatique impliquant un #ransomware
https://linformaticien.com/la-cci-bordeaux-gironde-victime-dun-ransomware/
REvil Linux #Ransomware : The ransomware-as-a-service (RaaS) operation behind REvil ( aka Sodinokibi, Sodin ) have become one of the most prolific and successful threat groups since the ransomware first appeared in May 2019. REvil has been primarily used to target #Windows systems. However, the threat actors behind #REvil #ransomware have expanded their arsenal to include #Linux ransomware
https://cybersecurity.att.com/blogs/labs-research/revils-new-linux-version
C# LPE Implementation of CVE-2021-1675
https://github.com/cube0x0/CVE-2021-1675/tree/main/SharpPrintNightmare
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
