yaracroft @venom@nanao.cybtex.fr

L'agence fédérale américaine du commerce (FTC) gonfle ses muscles afin de créer un rapport de force en menaçant d'utiliser toute son autorité légale pour poursuivre en justice les entreprises qui ne protégent pas les données des consommateurs contre l'exposition à des vulnérabilités connues #usa #government #vuln #cyber #threats #informatique

https://www.lemondeinformatique.fr/actualites/lire-failles-dans-log4j-la-ftc-brandit-la-menace-de-poursuites-85340.html

🇪🇺 Lutter contre la fraude aux fonds européens #europe #justice #digital #business #informatique

https://www.lemonde.fr/international/article/2022/01/03/les-debuts-prometteurs-du-parquet-europeen_6107976_3210.html

« The attack surfaces are multiplying all over the place and the consequences of these attacks are hard to imagine yet » ( Stuart E. Madnick, professor of IS&T at MIT ) #cyber #iot #software #hardware #outage #disruptive #networks #vuln #malware #threats #internet #informatique

https://www.zdnet.com/article/your-cybersecurity-training-needs-improvement-because-hacking-attacks-are-only-getting-worse/

CVE-2021-44832 - IBM Cloud APM v8.1.4.0 Server installs a vulnerable Online Help application. #vuln #ibm #cloud #software #threats #informatique

https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-cve-2021-44832-affects-the-ibm-performance-management-product/

CVE-2021-20047 - SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in RCE in the target system. #vuln #vpn #windows #software #threats #informatique

http://www.cyberis.co.uk/blog/CVE-2021-20047

Passer par les sous-traitants attaquer des grands groupes est une technique établie. Terminé les escarmouches, ce sont de vraies batailles que se livrent états, services secrets, entreprises et électrons libres du dark web. Avec, comme dans le champ du terrorisme, une frontière parfois très poreuse entre cyberguerre et cybercriminalité. #france #cyber #threats #informatique

https://www.le-tout-lyon.fr/a-lyon-les-agents-de-la-drsd-sur-le-front-face-aux-cyberattaques-93066.html

New Zloader campaign exploits Microsoft's Signature Verification putting users at risk. 🔥 This banking malware designed to steal user credentials and private information is back with a simple yet sophisticated infection chain. #microsoft #malware #windows #digital #threats #informatique

https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/

Increasing incidence of cyberattacks will be a key driver fueling the mobile security software market. Mobile #security #software market size is estimated to grow by USD 2.75 billion from 2021 to 2025 at a CAGR of 10% with the enterprises segment having largest market share. #mobile #phones #threats #business #informatique

https://www.technavio.com/report/mobile-security-software-market-industry-analysis

Google Chrome - This update includes 37 security fixes. #vuln #google #chrome #internet #browser #software #informatique

https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html

Security patch for the HarmonyOS #vuln #huawei #phones #software #informatique

https://www.huaweicentral.com/january-2022-harmonyos-mobile-security-patch-details-released/

CVE-2021-22045 - VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. Someone with access to a VM with CD-ROM device emulation may be able to exploit it in conjunction with other issues to execute code on the hypervisor from a virtual machine. #vuln #vmware #software #informatique

https://www.vmware.com/security/advisories/VMSA-2022-0001.html

Purple Fox - The threat actors have noticed that the attacks generally take advantage of legitimate software for implementing malicious payloads. The vulnerability has been named CVE-2021-1732, and this vulnerability generally optimizes rootkit capabilities that are leveraged in their attacks. #windows #malware #worm #cyber #software #threats #powershell #vuln #telegram #rootkit #informatique

https://blog.minerva-labs.com/malicious-telegram-installer-drops-purple-fox-rootkit

🇺🇸 IBEX Global Solutions, Inc. (ibex.co) announced that the company's IT systems were the target of a malware attack, resulting in sensitive consumer data of more than 174,000 people being compromised. #usa #cyber #malware #threats #ransomware #databreach #informatique

https://www.jdsupra.com/legalnews/data-breach-alert-ibex-global-solutions-6885247/

Le 18 décembre 2021, la Suisse procède à l'expulsion de Vladislav Klyushin suite à la demande d'extradition des États-Unis. #swiss #usa #russia #cyber #elections #threats #police #informatique

https://www.bluewin.ch/fr/infos/faits-divers/arrete-en-valais-une-mine-dor-pour-les-services-secrets-aux-usa-1033808.html

Russian businessman Vladislav Klyushin pleaded not guilty to participating in an $82 million insider trading scheme that relied on information stolen through hacking. #usa #russia #cyber #elections #threats #police #justice #informatique

https://www.reuters.com/world/russian-businessman-pleads-not-guilty-us-insider-trading-through-hacking-2022-01-05/

CVE-2021-1732 Technical Analysis #vuln #microsoft #windows #informatique

https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/technical-analysis-of-cve-2021-1732/

credential stuffing : more than 1.1 million online accounts compromised in cyberattacks at 17 well-known companies - « Right now, there are more than 15 billion stolen credentials being circulated across the #internet » #usa #businesses #cyber #threats #business #informatique

https://ag.ny.gov/press-release/2022/attorney-general-james-alerts-17-companies-credential-stuffing-cyberattacks

🐘 Elephant Beetle, a financially motivated threat group targeting and infiltrating organizations from the finance and commerce sectors in Latin America. The group executes its attacks patiently over long periods of time, blending in with the target’s environment and going completely undetected while it quietly liberates organizations of large amounts of money. #cyber #threats #report #informatique

https://blog.sygnia.co/elephant-beetle-an-organized-financial-theft-operation

📵 Persistence without « Persistence » : Meet The Ultimate Persistence Bug - « NoReboot » #apple #ios #iphones #vuln #informatique

https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/