yaracroft @venom@nanao.cybtex.fr

How malleable C2 profiles make Cobalt Strike difficult to detect. #cyber #threats #informatique

https://unit42.paloaltonetworks.com/cobalt-strike-malleable-c2-profile/

RouterOS Scanner is a tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities. #tools #routers #devices #vuln #networks #python #informatique

http://github.com/microsoft/routeros-scanner

DDoSecrets acquires over 79Gb of emails from the network OMEGA Company, the R&D department of Russia's state-controlled pipeline company, Transneft. #russia #cyber #threats #databreach #russie #informatique

https://ddosecrets.com/wiki/Transneft

🇫🇷 Du 14 au 25 mars 2022, 8ème édition de l’exercice ministériel de cyberdéfense DEFNET #france #defense #cyber #threats #informatique

https://www.defense.gouv.fr/ema/actualites/sentrainer-au-cyber-combat-defnet-2022

🇦🇹 Une intrusion informatique a permis de faire sonner les cloches de la cathédrale de Saint-Étienne (Vienne) durant plus de 20 minutes à 2 heures du matin. Voilà qui ressemble à un canular mais faire retentir le son d'une cloche indique l'heure.. comme en son temps, celui des batailles. #austria #city #warfare #psyops #threats #autriche #informatique

https://kurier.at/chronik/wien/warum-hat-die-pummerin-um-2-uhr-nachts-gelaeutet/401939095

Cyclops Blink an advanced modular state-sponsored botnet that is reportedly linked to the Sandworm or Voodoo Bear advanced persistent threat group. #asus #devices #routers #networks #botnet #cyber #software #threats #informatique

https://www.trendmicro.com/en_us/research/22/c/cyclops-blink-sets-sights-on-asus-routers--.html

CVE-2022-0778 - OpenSSL (Severity: High) : Infinite loop in BN_mod_sqrt() reachable when parsing certificates #vuln #security #informatique

https://www.openssl.org/news/secadv/20220315.txt

Apple patches 87 security holes #vuln #apple #iphones #macos #windows #cyber #software #threats #informatique

https://nakedsecurity.sophos.com/2022/03/15/apple-patches-87-security-holes-from-iphones-and-macs-to-windows/

🇨🇦 La Ville de Châteauguay (ville.chateauguay.qc.ca), qui a dépassé le délai légal pour le dépôt son rapport financier cinq années consécutives, justifie son retard par une foule de raisons hors de son contrôle, incluant une attaque informatique qui a entraîné la destruction du dossier d'audit. #canada #ransomware #city #cyber #databreach #threats #informatique

https://www.journaldequebec.com/2022/03/17/rapports-financiers-en-retard-a-repetition-la-ville-de-chateauguay-sexplique

« we have some clients data of few doctors in this company » annonçaient les opérateurs Lockbit concernant l'attaque informatique ciblant 🇨🇭 OneDoc (onedoc.ch). D'après le site d'information suisse Le Temps, son directeur affirme, qu'en l'état, il n'a constaté aucun problème de sécurité. #swiss #lockbit #ransomware #cyber #threats #suisse #informatique

https://www.letemps.ch/economie/nom-site-onedocch-lie-une-cyberattaque

Cyber-Detect, la startup qui sait comment se ridiculiser sur le quotidien régional Vosges Matin ?

#infosec #startup #lamers

https://www.vosgesmatin.fr/science-et-technologie/2022/03/16/la-start-up-cyber-detect-peut-contrer-une-cyberattaque-russe

🚆 A computer « glitch » in a railway signalling system caused train traffic disruptions in #Poland, #Italia and #Asia, French rail giant Alstom said Thursday. The problem has been detected and is in the process of being fixed, a spokesman for the company said, adding that it was not a cyberattack. #pologne #italie #asie #railway #outage #informatique

https://www.barrons.com/news/computer-glitch-disrupts-rail-services-in-poland-asia-alstom-01647517807

🇮🇹 Les opérateurs Lockbit revendiquent une attaque informatique sur la commune italienne de Villefranche (villafrancapiemonte.to.it) #lockbit #ransomware #city #italia #cyber #threats #databreach #italie #informatique

Dragos has observed consistent network communication between Emotet C2 servers and numerous auto manufacturing companies. These #Emotet servers are suspected to be controlled by the Conti ransomware group. #conti #automotive #databreach #cyber #botnet #threats #informatique

https://www.dragos.com/blog/industry-news/suspected-conti-ransomware-activity-in-the-auto-manufacturing-sector

🇮🇱 The cellphone of the wife of Mossad chief David Barnea was hacked and the contents, including photos and documents, distributed on an anonymous #Telegram channel. #israel #data #phone #cyber #retaliation #telecom #threats #warfare #tactics #smartphone #databreach #informatique

https://www.haaretz.com/israel-news/.premium-hackers-break-into-phone-of-mossad-head-s-wife-in-apparent-iranian-revenge-1.10679760

Denso (denso.com), a multibillion supplier to key automotive companies like Toyota, Mercedes-Benz and Ford, confirmed that cybercriminals leaked stolen, classified information from the Japan-based car-components manufacturer after an attack on one of its offices in Germany. #pandora #ransomware #cyber #automotive #threats #databreach #informatique

https://threatpost.com/pandora-ransomware-hits-giant-automotive-supplier-denso/178911/

Pandora (Rook) - The Box has been open for a while... #pandora #ransomware #cyber #threats #informatique

https://dissectingmalwa.re/blog/pandora/

On March 15, 2022, users of the popular Vue.js frontend #JavaScript #framework started experiencing what can only be described as a #supply chain attack impacting the npm ecosystem. This was the result of the nested dependencies node-ipc and peacenotwar being sabotaged as an act of protest by the maintainer of the node-ipc package. #vuln #cyber #threats #informatique

hhttps://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/

CVE-2022-25636 #vuln #linux #threats #informatique

https://github.com/Bonfee/CVE-2022-25636

CVE-2022-25636 : Nick Gregory discovered a hole in 🐧 #Linux's netfilter #firewall program that's « exploitable to achieve kernel code execution », giving full local privilege escalation, container escape, .. #cyber #threats #informatique

https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/