yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
Newly discovered function in #DarkSide #ransomware variant targets disk partitions - At the time of discovery, FortiGuard Labs researchers believed the ransomware was seeking out partitions to find possible hidden partitions setup by systems administrators to hide backup files. But further analysis confirmed an even more advanced technique. This DarkSide variant seeks out partitions on a multi-boot system to find additional files to encrypt, thereby causing greater damage.
DarkSide ransomware code is efficient and well-constructed, indicating that their cybercriminal organization includes experienced software engineers
This ransomware variant (NOT the version used to disrupt Colonial Pipeline operations) is advanced in nature and was observed to seek out partitions in a multi-boot environment to create further damage. It also seeks out the domain controller and connects to its active directory via LDAP anonymous authentication.
Additional insight on the files used by, and associated with, DarkSide was uncovered by the FortiGuard Incident Response team during recent engagements.
The use of a well-known bulletproof host that has been used by a wide variety of malicious actors for numerous nefarious activities over the years, including the 2016 DNC elections attack in the United States.
Une série de pannes de service ont eu lieu dans les dernières semaines sur le réseau de Communauto, qui dit être aux prises avec des problèmes de serveurs informatiques.
« Il y a une série d'évènements malheureux qui ont fragilisé le service dans les dernières semaines. On est très conscients des impacts que ça a sur notre clientèle »
Le chef des services russes d'espionnage a nié mardi être responsable de la cyberattaque contre la société américaine SolarWinds, mais s'est dit sincèrement « flatté » par ces accusations.
Plus des 2/3 des RSSI dans le monde reconnaissent être incapables de faire face aux attaques informatiques
https://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report
L'attaque informatique contre AXA souligne les risques cyber planant sur le secteur financier
Une partie des systèmes informatiques et téléphoniques du groupe français Stelliant (stelliant.com) partiellement paralysée suite à une attaque informatique. Créé en 1987, le Groupe Stelliant est un spécialiste des services à l'assurance. Les assureurs en ligne de mire. Récemment, les opérateurs du #ransomware #Avaddon a revendiqué une attaque sur une filiale asiatique du groupe international français AXA. Ils auraient exfiltrés plus de 3 téraoctets de données sensibles. Un timing qui fait suite à l'annonce de l'arrêt de la couverture du contrat #assurance « risques cyber » portant sur les ransomware.
The first release candidate of Mastodon 3.4.0 is out for testing only
#Darkside, the #ransomware group that disrupted gasoline distribution across a wide swath of the U.S this week—has gone dark, leaving it unclear if the group is ceasing, suspending, or altering its operations or is simply orchestrating an exit scam.
Proof-of-concept code released for wormable Windows IIS bug (CVE-2021-31166)
https://therecord.media/poc-released-for-wormable-windows-iis-bug/
Toshiba unit hacked by #DarkSide #ransomware group - more than 740 GiB of information were compromised and included passports and other personal information.
Cyber attack on European subsidiaries of the Toshiba Tec Group
DarkSide's onion site closed and it's servers seized
https://www.flashpoint-intel.com/blog/darkside-faces-xss-ban-servers-seized/
A never-before-documented Brazilian banking trojan, dubbed Bizarro, is targeting customers of 70 #banks scattered throughout #Europe & South America
https://securelist.com/bizarro-banking-trojan-expands-its-attacks-to-europe/102258/
Le système informatique de l'entreprise d'externalisation des affaires (BPO) iQera IO basée à Port Louis a été compromis. L'entreprise a partiellement paralysée par une infection de type ransomware.
https://defimedia.info/une-cyber-attaque-de-type-ransomware-detectee-port-louis
Hyntrospect, a fuzzer for Hyper-V devices
This repository contains an introductory class on Active Directory security. The goal is to teach the basics about Active Directory and the relevant authentication protocols as well as finding and exploiting common flaws and misconfigurations.
Growing power outages pose grave threat to people who need medical equipment to live
Crooks take advantage of MSI download outage ...
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
