yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
Conti Gang Demands $40M Ransom from Florida School District
https://threatpost.com/conti-40m-ransom-florida-school/165258/
Companies pay out hundreds of millions in #ransomware attacks
European Institutions Were Targeted In A Cyber Attack Last Week
Les secrets du GlobalEye sur le Darkweb - Victime de l’attaque de l'un de ses sous-traitants, Bombardier a subi un vol de documents sensibles sur ses activités avec le groupe suédois SAAB, fabricant du système de surveillance GlobalEye.
https://air-cosmos.com/article/les-secrets-du-globaleye-sur-le-darkweb-24572
Technological University Dublin has said its Tallaght campus was the victim of a « significant » ransomware attack last week.
Today we are releasing a report detailing the activities of a Middle Eastern cyber espionage group that performs surveillance on their political opponents. In a more modern twist, however, we found evidence of the group using voice changing software to enhance their operation.
https://www.cadosecurity.com/post/threat-group-uses-voice-changing-software-in-espionage-attempt
RockeGroup is back with a new malware variant targeting the cloud.
COVID-19 Phishing With a Side of Cobalt Strike
https://www.domaintools.com/resources/blog/covid-19-phishing-with-a-side-of-cobalt-strike
CNED - Cyberattaques du mardi 6 avril 2021
https://www.cned.fr/journalistes/communiques-presse/2021/cyberattaques-du-mardi-6-avril-2021?id=1742
(CVE-2021-21982 / CVSSv3:9.1) - A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance may be able to obtain a valid authentication token, granting access to the administration API of the appliance. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings. A remote attacker could exploit this vulnerability to take control of an affected system.
https://www.vmware.com/security/advisories/VMSA-2021-0005.html
Stolen videos captured by tens of thousands of security cameras at private properties throughout China are now for sale across social media, marketed as sex tapes.
https://threatpost.com/chinese-hackers-intimate-camera-footage/165281/
eSentire is warning enterprises and individuals that a hacking group is spearphishing business professionals on LinkedIn with fake job offers in an effort to infect them with a sophisticated backdoor trojan.
An ISIS supporting cybersecurity group (known as EHF : Electronic Horizons Foundation) launched their own Cloud (Horizons Cloud Platform) and Chat platforms that they vowed would help churn out new propaganda and allow followers of the terror group to better « close ranks » online.
#cyber #threats #terrorism #propaganda #technologies #cloud #srb893 #terrorisme
FBI and CISA have information indicating APT actors are using multiple CVEs to exploit Fortinet FortiOS vulnerabilities.
Des attaquants inconnus ont compromis le serveur Git officiel de PHP et ont planté une porte dérobée dans le code source. Quelques heures après sa suppression, le code est réapparu. PHP est à ce jour utilisé par près de 80% des sites web dans le monde.
Over 43,500 European citizens have signed a « Reclaim Your Face » petition calling for a ban on biometric mass surveillance practices in the EU
Fuite de données de plus d'un milliard de comptes Facebook : The target is primed for a SIM-swapping attack, where thieves trick or bribe employees at mobile phone stores into transferring ownership of the target's phone number to a mobile device controlled by the attackers.
Phone numbers were never designed to be identity documents, but that's effectively what they've become. It's time we stopped letting everyone treat them that way.
https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/
Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim's customers and partners directly !
https://krebsonsecurity.com/2021/04/ransom-gangs-emailing-victim-customers-for-leverage/
EtterSilent : the underground's new favorite maldoc builder. The seller offered two types of weaponized Microsoft Office documents (maldocs) to users
https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot/
Andrei Tyurin condamné à verser aux victimes 19,9 millions de dollars.
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
