yaracroft @venom@nanao.cybtex.fr

L'indexeur de prix de crypto-monnaie CoinMarketCap a subi au 30 août 2021 une attaque #informatique de type #DDoS

https://livecoins.com.br/coinmarketcap-sofre-ataque-hacker-e-sai-do-ar/

La Banque Cantonale Neuchâteloise (bcn.ch) a subi une intrusion #informatique 4 août 2021 sur son site web #swiss #suisse

https://www.rts.ch/info/regions/neuchatel/12454081-la-banque-cantonale-neuchateloise-frappee-a-son-tour-par-une-cyberattaque.html

Les noms, prénoms, dates de naissance, adresses, numéros de téléphone ainsi que le résultat des tests #Covid-19 de 700000 personnes étaient accessibles depuis la plateforme Francetest (francetest.fr) #france #rgpd #santé #pharmacies #covid19 #gdpr #informatique

https://www.lefigaro.fr/conjoncture/une-faille-informatique-rend-accessible-les-donnees-personnelles-de-milliers-de-personnes-testees-pour-le-covid-19-20210831

#Brasil - Al menos 3 muertos en un golpe comando con explosivos y drones para robar dos bancos #drones #police

https://enfoquemisiones.com/al-menos-3-muertos-en-un-golpe-comando-con-explosivos-y-drones-para-robar-dos-bancos-en-brasil/

iOS 14.0 remote jailbreak using RCE + LPE exploit. « Don't stay on versions on or below iOS 14.3. If you click a malicious link, bad guys would steal everything on your #Apple #iPhone » #vuln

https:/twitter.com/pattern_F_/status/1432599008757760000

Unauthenticated PetitPotam everywhere:

• petitpotam to DC, target it to attacker host
• ntlmrelay (using socks) to target
• petitpotam again to target through socks (without supplying any passwords) using the relayed DC creds. #microsoft #windows #vuln #informatique

https://streamable.com/dzdmfb

#Indonesia is investigating a suspected computer security flaw in a #Covid19 test-and-trace #mobile application passport (Indonesia Health Alert Card (e-HAC)) that left exposed personal information & health status of 1.3 million people, a health ministry official said. 1.3 million indonesian citizens had their sensitive personal data, #covid-19 test results and more exposed on an open server. #informatique

https://ciso.economictimes.indiatimes.com/news/indonesia-probes-suspected-data-breach-on-covid-19-app/85792765

Kebocoran Databases e-HAC: Pentingnya Otoritas Independen untuk Memastikan Kepatuhan Sektor Publik dalam Pelindungan Data Pribadi #indonesia

https://elsam.or.id/kebocoran-databases-e-hac-pentingnya-otoritas-independen-untuk-memastikan-kepatuhan-sektor-publik-dalam-pelindungan-data-pribadi/

data-only attacks against #uefi #bios « Even a signed firmware can't be trusted » ( binarly ) #informatique

https://raw.githubusercontent.com/flothrone/smm/main/ZN2021%20Dataonly%20attacks%20BIOS%20-%20Ermolov.pdf

Data from Japanese tech giant Fujitsu is being sold on the dark web by a group called #Marketo, but the company said the information appears related to customers and not their own systems.

Credit Card Sniffers pose persistent threat to growing #e-commerce industry. #online #javascript #website #threats

https://go.recordedfuture.com/hubfs/reports/cta-2020-0827.pdf

For the past year, all of the infrastructure at tonari - our installations, our laptops, our tools - have run on a single WireGuard network that's organized by an opinionated network manager we've been writing called innernet. Today we're happy to be open sourcing it.

https://blog.tonari.no/introducing-innernet

CVE-2021-33766 (ProxyToken) An authentication bypass in #Microsoft Exchange server. Exchange Server continues to be an amazingly fertile area for vulnerability research. #vuln

https://www.zerodayinitiative.com/blog/2021/8/30/proxytoken-an-authentication-bypass-in-microsoft-exchange-server

Deepfakes in #cyber attacks aren't coming. They're already. Proliferation of deepfake technology also opens up Pandora's Box when it comes to identity. #threats

https://venturebeat.com/2021/08/28/deepfakes-in-cyberattacks-arent-coming-theyre-already-here/

Bangkok Airways investigating a #cyber attack in which some customers' personal data may have been compromised #thailand #lockbit #ransomware

https://www.bangkokair.com/press-release/view/clarifies-the-incident-of-a-cybersecurity-attack

A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called « intermittent encryption ». Called LockFile, the operators of the ransomware has been found exploiting recently disclosed flaws such as ProxyShell and PetitPotam to compromise #Microsoft #Windows servers and deploy file-encrypting #malware that scrambles only every alternate 16 bytes of a file, thereby giving it the ability to evade #ransomware defences.

https://thehackernews.com/2021/08/lockfile-ransomware-bypasses-protection.html

FBI agents appear to have been misusing a #digital evidence vault, causing privacy concerns and drawing attention to a secretive program created by the CIA-funded company Palantir. It's raising questions about FBI's shoddy track record of protecting #Americans' #privacy. #usa #cyber #threats

https://www.thedailybeast.com/fbi-screwup-lets-agents-access-information-they-werent-supposed-to-see