yaracroft @venom@nanao.cybtex.fr

The Israel Defense Forces says the malfunction occurred during a « routine test of the alert system » - the false rocket alarm was not a cyber attack #israel

https://www.timesofisrael.com/liveblog_entry/idf-false-rocket-alarm-caused-by-technical-issue-not-cyber-attack/

ROC Mondriaan (rocmondriaan.nl) educational institute victim of a serious #cyber attack. ROC Mondriaan has 26 branches in The Hague, Delft, Leiden and Naaldwijk. The MBO group has more than 20,000 students and more than 2,100 employees in the approximately 240 study programmes #education #ransomware

https://www.cybercrimeinfo.nl/cybercrime/727722_onderwijsinstelling-roc-mondriaan-in-den-haag-slachtoffer-van-grote-cyberaanval

Between January 1 and July 31 2020, victims lost £414.7m to #cyber crime and fraud. However, the figure surged to £1.3bn for the same period in 2021 #threats

https://colpolice.maps.arcgis.com/apps/opsdashboard/index.html

EskyFun - 365,630,387 records contained data from June 2021 onward, leaking user data collected on a seven-day rolling system. Records included IP, IMEI numbers, device information, phone numbers, event logs,.. #gaming

https://www.vpnmentor.com/blog/report-eskyfun-leak/

A healthcare ransomware attack occurred on June 25, 2021 resulted in potential exposure of the PII & PHI of over 48k individuals at Indiana-based CarePointe ENT (carepointe.net) #ransomware

http://carepointe.net/wp-content/uploads/2021/08/Data-Security-Incident.pdf

Chinese Tactics #china #empowerment #cyber #warfare

https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN33195-ATP_7-100.3-000-WEB-1.pdf

The National Institute of Standards and Technology (NIST) will collaborate with #industry and other #partners to develop a new framework to improve the #security and integrity of the #technology #supply chain #usa #cyber #threats

https://www.whitehouse.gov/briefing-room/statements-releases/2021/08/25/fact-sheet-biden-administration-and-private-sector-leaders-announce-ambitious-initiatives-to-bolster-the-nations-cybersecurity/

A list of useful payloads and bypasses for Web Application Security #informatique

https://github.com/swisskyrepo/PayloadsAllTheThings

PetitPotam : This blog will cover how to execute a full attack chain of the recently disclosed Petit Potam attack from both #Linux or #Windows machines #cyber #threats #informatique

https://threat.tevora.com/petitpotam-the-full-attack-chain-with-windows-and-linux/

🇨🇭 La municipalité de Rolles « regrette d'avoir sous-estimé la gravité de l'attaque #informatique, le potentiel de l'utilisation des données et l'importance de la transparence pour la population. Elle reconnaît avec humilité une certaine naïveté » #swiss #sagesse #suisse #ransomware

hhttps://www.letemps.ch/economie/apres-piratage-massif-rolle-admet-naivete

The #Business Of Fraud : SIM Swapping #threats #simswapping

https://go.recordedfuture.com/hubfs/reports/cta-2021-0825.pdf

New undocumented modular backdoor, SideWalk, being used by an APT group we've named SparklingGoblin; this #backdoor was used during one of SparklingGoblin's recent campaigns that targeted a computer retail company based in the #USA. This backdoor shares multiple similarities with another backdoor used by the group: CROSSWALK #cyber #threats

https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/

Un couple se retrouve sans-le-sou, comptes en #banque et livrets vidés #france #simswapping #police #maroc #smartphone

https://www.ladepeche.fr/2021/08/24/un-couple-de-retraites-se-fait-pirater-ses-comptes-bancaires-9747744.php

#Nokia SAC Wireless (sacw.com) #conti #ransomware

https://s3.documentcloud.org/documents/21047756/sac-wireless-data-breach-conti-ransomware-bc-notification-letter.pdf

Contrairement à ce que la commune vaudoise avait affirmé, les données de plus de 5000 habitants à Rolle sont en ligne à la suite d'une infection par #ransomware. Rapports d'évaluation des employés, demandes d'exonération fiscale, arrangement fiscal de la part d'une multinationale ou même les notes des élèves sont accessibles sur le darknet #swiss #suisse

https://www.letemps.ch/economie/exclusif-piratage-rolle-beaucoup-plus-grave-quannonce

The UpGuard Research team can now disclose multiple data leaks resulting from #Microsoft Power Apps portals configured to allow public access - a new vector of #data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses. It is a better resolution to change the product in response to observed user behaviors than to label systemic loss of data confidentiality an end user #misconfiguration, allowing the problem to persist and exposing end users to the #cyber security risk of a #databreach

https://www.upguard.com/breaches/power-apps

#Microsoft will raise the cost of its commercial 365 plans to their new prices ; pricing changes will go into effect in 6 months

https://www.microsoft.com/en-us/microsoft-365/blog/2021/08/19/new-pricing-for-microsoft-365/