yaracroft @venom@nanao.cybtex.fr

🐛 Can you spot the vulnerability? Identifieras-tu la vulnérabilité ? #vuln #infosec #informatique

Credits: ACCEIS (acceis.fr)

🇨🇦 ITSM.10.071 #canada #cyber #threats #informatique

https://cyber.gc.ca/sites/default/files/ITSM10071-Prot%C3%A9ger-votre-organisation-contre-menaces-cha%C3%AEne-approvisionnement-logiciels-f.pdf

This cross-site scripting (XSS) cheat sheet ( brought to by PortSwigger Research ) contains many vectors that can help you bypass WAFs & filters #web #threats #informatique

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet.pdf

🇺🇸 Investigation took three (3) months. An assistant facilities director for the town of Cohasset, Massachusetts, was accused of stealing thousands of dollars in ↯ electricity from a local school to operate a « secret cryptocurrency mine » in a seemingly overlooked crawlspace #usa #education #electrical #threats #city #rig #electricity #informatique

https://arstechnica.com/tech-policy/2023/02/secret-crawlspace-cryptomine-discovered-in-routine-inspection-of-ma-high-school/

🛠 Ex22 #ransomware #tools #threats #informatique

https://www.cyfirma.com/outofband/exfiltrator-22-an-emerging-post-exploitation-framework/

🇨🇦 Les files d'attente s'allongent devant les points de service de la SAAQ

https://journalmetro.com/actualites/montreal/3017378/de-longues-files-dattente-a-la-saaq-jusquen-avril/

https://www.swpc.noaa.gov/news/g3-strong-geomagnetic-storm-conditions-observed-feb-27

Cert-IST - bilan 2022 #isc #scada #threats #report #vuln #informatique

https://www.cert-ist.com/pub/files/Cert-IST_Bilan2022_fr.pdf

🇨🇴 Hospital Joaquín Páez Borrero

🇮🇩 Un groupe d'hactivistes poena diffuse 1.4GB de données en lien avec l'autorité de régulation nucléaire BAPETEN (bapeten.go.id)

🇫🇷 Des étudiants en troisième année de LSPS manifesteront ce lundi 27 février 2023 pour protester contre un « bug » de la machine à corriger de l'UPEC (u-pec.fr) les obligeant à repasser trois (3) de leurs partiels du premier semestre le 26 mars 2023 alors que les inscriptions au master approchent #france #education #santé #medical #students #software #glitch #medecine #informatique

https://www.ouest-france.fr/ile-de-france/creteil-94000/300-etudiants-obliges-de-repasser-des-partiels-a-cause-d-un-bug-ils-exigent-un-geste-de-leur-fac-7bb844f4-b453-11ed-a71d-77105b478d18

🇺🇸 The corporate website of satellite broadcaster Dish Network (dish.com) went offline Thursday after the company experienced an internal technology issue usa outage threats incident informatique

https://gallantceo.com/blog/2023/02/25/dish-network-suffers-multi-day-customer-service-and-website-outage/

🇨🇴 El robo de la base de datos de la ESE Norte (esenorte.gov.co) afecta a alrededor de 30 000 usuarios en 17 IPS, que no podrán agendar citas a través de la plataforma, delincuentes piden rescate por la información #colombia #medical #data #healthcare #ransomware #salud #databreach #hospital #cyber #tecnología #riesgos #online #services #sistema #laboratorio #patients #threats #servicios #santé #colombie #informatique

https://caracol.com.co/2023/02/23/fue-hackeado-el-sistema-de-una-las-eses-que-cubre-la-salud-publica/

☣️ Hydrochasma

The threat actor behind this campaign, has not been linked to any previously identified group, but appears to have a possible interest in industries that may be involved in COVID-19-related treatments or vaccines #asia #healthcare #medical #treatments #threats #informatique

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/hydrochasma-asia-medical-shipping-intelligence-gathering

CVE-2022-36537

The adversary used ConnectWise R1Soft Server Backup Manager software as an initial point of access and as a platform to control downstream systems connected via the R1Soft Backup Agent. This threat is still under active research.

https://blog.fox-it.com/2023/02/22/from-backup-to-backdoor-exploitation-of-cve-2022-36537-in-r1soft-server-backup-manager/

🇫🇷 Une partie des systèmes informatiques et téléphoniques du Département du Lot (lot.fr) impactée par une « panne » informatique #france #city #services #online #outage #telecom #incident #threats #panne #informatique

https://www.ladepeche.fr/2023/02/22/le-departement-du-lot-victime-dune-panne-dinformatique-et-de-telephone-11015949.php

#usa #city #ransomware #databreach #threats #informatique 

https://www.oaklandca.gov/news/2023/city-of-oakland-targeted-by-ransomware-attack-core-services-not-affected

🇨🇦 Nouvelle panne et de nombreux ralentissements sur les services SAAQclic (saaqclic.saaq.gouv.qc.ca) #canada #online #outage #digital #services #panne #assurances #numérique # #citizens #drivers #plates #permis #licence #vehicle #systems #achalandage #mobilité #automobile #informatique

https://www.latribune.ca/affaires/une-autre-panne-pour-saaqclic-59ac8b9b131639dc619a518d31991b54

As to 0mega ransomware, not much is known about it since it first appeared in mid-2022. The leak site has only listed three (3) victims since it opened ( via [Dissent Doe](@PogoWasRight) )

https://www.databreaches.net/aviacode-remains-silent-after-0mega-dumps-200-gb-of-their-files/