yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
The Kaseya ransomware Attack is a Really Big Deal
https://www.lawfareblog.com/kaseya-ransomware-attack-really-big-deal
Vérifications de l'intégrité d'un système d'exploitation avec Secure Boot. (discutable)
Vulnerabilities : IOBit Advanced SystemCare Ultimate is a system optimizer that promises to remove unwanted files and application from Windows to improve performance. #Windows users are encouraged to update these affected products as soon as possible.
https://blog.talosintelligence.com/2021/07/vuln-spotlight-iobit0-.html
A barristers' chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data - We cannot predict the impact of this court order because cybercriminals have begun to launch more large-scale attacks against Western countries disregarding the United States & European Union efforts on the matter. The most powerful cybercriminal groups engaged in ransomware attacks are concentrated in geographical areas such as Iran and North Korea, with the majority of them based in Russia. All of these countries have one thing in common: they do not enforce U.K. court orders.
https://www.theregister.com/2021/07/06/ransomware_4_new_square_chambers/
How OVO Energy saved many thousands of US dollars in fees to Bug Bounty researchers
https://tech.ovoenergy.com/how-we-prevented-subdomain-takeovers-and-saved-000s/
4 vulnerabilities afflict the popular Sage X3 Enterprise Resource Planning (ERP) platform including 1 critical bug that rates 10 out of 10 on the CVSS vulnerability-severity scale. 2 of the bugs could be chained together to allow complete system takeovers, with potential supply-chain ramifications
https://threatpost.com/critical-sage-x3-rce-bug-allows-full-system-takeovers/167612/
Kaseya VSA Exploit POC - Authentication Bypass, Arbitrary File Upload & Command Injection
POC created by Caleb Stewart which reproduces the 2 July 2021 #REvil #ransomware attack against 30+ Managed Service Providers (MSP). In this demo, we demonstrate how a simple command can be run or a Meterpreter payload from MSFVenom can up uploaded and executed.
The Kaseya ransomware case continues #ransomware groups' abuse of trust
https://blog.f-secure.com/the-kaseya-ransomware-case-continues-ransomware-groups-abuse-of-trust/
The Internet Outages Map is an at-a-glance visualization of global #Internet health over the last 24 hours #informatique #tools
A l'occasion de l'événement de signature de l'accord de coopération entre Airbus Cybersecurity & IMT Atlantique (imt-atlantique.fr), la Chaire Cybersécurité des Infrastructures Critiques organise 1h de programme en live stream comme suit :
- Marc-Oliver Pahl : La chaire Cyber CNI – excellente recherche et forte collaboration
- Léo Lavaur : Détection collaborative d'anomalies
- Nicolas Delcombel : La cyberconscience 3D
- Marc-Oliver Pahl : Le testbed Cyber CNI - recherche reproductible en cybersécurité
- Fabien Autrel, Alex Kabil : Tour de labo (non diffusé mais disponible plus tard) #france #cyber
Zyxel : Best Practices to Secure a Distributed Network Infrastructure - In the post-pandemic era, more and more employees are forced to work primarily from home, thus the way people get connected and the way people accessing corporate resources has changed forever. Now that the network perimeter is no longer fixed in the office, securing a distributed #network #infrastructure to support a more fluid type of working has become a challenge for IT professionals. #informatique
Signature d'un partenariat entre Airbus Cybersecurity & Institut Mines Télécom Atlantique en présence de F. Juhles (CEO Airbus Cybersecurity) F. Prêteux, directrice déléguée à la recherche & au développement économique à IMT (imt.fr) & Anne Beauval directrice déléguée d'IMT Atlantique #france #cyber
Our Investigative Tech Team is developing a number of #tools to ease the work of #opensource investigators. Here's how you can help Bellingcat.
Vulnérabilités sur les systèmes de climatisation de l'air/contrôleurs centralisés Mitsubishi Electric. L'exploitation de ces vulnérabilités pourrait mener à un déni de service ou à la divulgation d'information dans le but de corrompre le système.
https://cyber.gc.ca/fr/avis/systemes-de-controle-bulletin-de-securite-mitsubishi-electric-16
Lil' skimmer, the Magecart impersonator
https://blog.malwarebytes.com/cybercrime/2021/06/lil-skimmer-the-magecart-impersonator/
Weird files - Generating mocks, polyglots, near polyglots... An introduction to Mitra #informatique
Voicemail is insecure and can be broken into through multiple techniques. If your applications employ a mechanism to deliver an OTP/2FA code via voice call, ensure that they are not sending them to voicemail.
https://blog.assetnote.io/2021/06/27/uber-account-takeover-voicemail/
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
