yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
UNC2596 observed leveraging vulnerabilities to deploy #Cuba #ransomware. Beyond commonplace tools, like Cobalt Strike BEACON and NetSupport, UNC2596 has used novel #malware, including BURNTCIGAR to disable endpoint protection, WEDGECUT to enumerate active hosts, and the BUGHATCH custom downloader. COLDDRAW ransomware operations have impacted dozens of organizations across more than ten countries, including those within critical infrastructure. Wedgecut, Bughatch, Burntcigar #microsoft #mail #vuln #cyber #threats #informatique
A custom backdoor, SockDetour is designed to serve as a backup backdoor in case the primary one is removed. It is difficult to detect, since it operates filelessly and socketlessly on compromised #Windows servers. One of the command and control (C2) infrastructures that the threat actor used for #malware distribution for the TiltedTemple campaign hosted SockDetour along with other miscellaneous tools such as a memory dumping tool and several webshells. #microsoft #backdoor #cyber #apt #threats #informatique
A chinese security firm « Pangu Lab » pulished a report about a top-tier APT backdoor now tracked as Bvp47 that is linked to the Equation Group, the advanced persistent threat actor tied to the NSA. Bvp47 survived until today almost undetected, despite being submitted to the Virus Total antivirus database for the first time close to a decade ago, in late 2013. The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort. Pangu Lab has a code named « Operation Telescreen » for several Bvp47 incidents. Telescreen is a device imagined by British writer George Orwell in his novel « 1984 ». #usa #networks #nsa #snowden #linux #vuln #0day #backdoor #cyber #apt #network #threats #informatique
https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/
Statement by the North Atlantic Council on Russia's attack on Ukraine #military
https://www.nato.int/cps/en/natohq/official_texts_192404.htm
Over the years, North Korea has demonstrated high adaptability and advancement within the illicit cyber and crypto space using new technology to exploit vulnerabilities in the global financial system. Foreign assistance from key allies such as Beijing and Moscow has allowed Pyongyang to expand its cyber intrusion capabilities in ways ranging from hosting North Korean hackers within their jurisdictions to providing improved data connections to expand the country’s international bandwidth and connectivity. #cyber #threats #informatique
http://s3.us-east-1.amazonaws.com/files.cnas.org/documents/BlockchainAnalysisEES.pdf
A recent sextortion scam example in french, sent in by a Naked Security reader we'll refer to simply as @M (thanks, M!) , where the porn scammers have converted their message into an image. Adding an image that holds the call-to-action text obviously makes it harder for a recipient to reply, because a plain image can’t contain clickable links, or even text that can be copied and pasted. #cyber #spam #threats #mail #scam #informatique
🇦🇺 Addresses of more than 500,000 organisations including defence sites, a missile maintenance unit, and domestic violence shelters were inadvertently made public in the first major breach of the New South Wales government's massive trove of QR code data. In New South Wales, what's elsewhere known as government « incompetence » is apparently called « an error ». NSW took months to disclose massive data leak of Covid QR check-in system. #australia #cyber #threats #databreach #informatique
https://reclaimthenet.org/nsw-data-leak-of-covid-qr-check-in-system/
🇮🇷 Predatory Sparrow - This article provides an in-depth technical analysis of one of the attacks against the Iranian national media corporation, Islamic Republic of Iran Broadcasting (IRIB) which occurred in late January 2022. #iran #malware #cyber #threats #informatique
https://research.checkpoint.com/2022/evilplayout-attack-against-irans-state-broadcaster/
🇺🇸 Seattle-based logistics and freight forwarding company Expeditors International (expeditors.com) has been targeted in a cyberattack. With annual gross revenue of around $10 billion, Expeditors has 350 locations and over 18,000 employees worldwide, providing critical logistics solutions for its customers. Its services include supply chain, warehousing and distribution, transportation, customs and compliance. Systems will continue to be offline until they can be securely restored from backups. Expeditors describes the incident as a « significant event » that « could have a material adverse impact on our business, revenues, results of operations and reputation. » #cyber #industrial #threats #logistics #distribution #supply #technologies #logistic #services #transportation #customers #malware #databreach #industry #informatique
Linode, the nearly 20-year-old cloud software company that's made itself a household name in the Philly tech scene, will be acquired by Akamai Technologies. #business #informatique
Katana : Last week the websites for several banks and government organisations in Ukraine were hit with a DDoS attack. #botnets #cyber #ddos #threats #informatique
https://www.cadosecurity.com/technical-analysis-of-the-ddos-attacks-against-ukrainian-websites/
🇨🇭 A massive leak from one of the world's biggest private banks, Credit Suisse, has exposed the hidden wealth of clients involved in torture, drug trafficking, money laundering, corruption and other serious crimes. Details of accounts linked to 30,000 Credit Suisse clients all over the world are contained in the leak, which unmasks the beneficiaries of more than 100bn Swiss francs (£80bn)* held in one of Switzerland's best-known financial institutions. #swiss #cyber #banking #databreach #threats #suisse #informatique
A 14-year-old schoolboy was accused of stealing data of 100,000 Tele Operator A1 customers and demanding 150 Ethereum coins ($500,000) in ransom. #cyber #threats #informatique
🔥 CVE-2022-24086 : Successful exploitation could lead to RCE from an unauthenticated user in Magento Open Source and Adobe Commerce.
https://threatpost.com/new-critical-rce-bug-found-in-adobe-commerce-magento/178554/
A l'automne 2020, Microsoft avait indiqué que plus de 90% de l’infrastructure de Trickbot était tombée. Mais ses opérateurs ont su rebondir et semblent même avoir commencé à préparer une succession. Selon Check Point, plus de 140 000 machines ont ainsi été infectées par Trickbot au cours des 16 derniers mois, représentant les clients de soixantes entreprises. Parmi les sociétés dont les clients ont été touchés figurent notamment Amazon, Microsoft, PayPal, Bank of America, Wells Fargo et American Express. #malware #botnet #cyber #threats #informatique
https://www.lemagit.fr/actualites/252513615/Comment-Trickbot-a-su-renaitre
A Modern Ninja : Evasive Trickbot Attacks Customers of 60 High-Profile Companies. Trickbot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand. Such modules allow the execution of all kinds of malicious activities and pose great danger to the customers of 60 high-profile financial (including cryptocurrency) and technology companies, mainly located in the United States. #malware #botnet #cyber #threats #informatique
🇨🇭 Une partie des systèmes informatiques de l'Université de Neuchâtel (unine.ch) impactée par une attaque informatique perpétrée dans la matinée du vendredi 18 février 2022. #swiss #education #ransomware #city #cyber #threats #databreach #suisse #informatique
🔓 How to crack pixelated images ? #tools #cyber #threats #software #informatique
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
