yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
CVE-2021-1675 (PrintNightmare) vulnerability is critical and should be addressed immediately, as a patch is not yet available. A regular domain user can easily take over the entire Active Directory domain. How to keep your print servers running, until a patch is available ? Restricting the ACLs. This is not a perfect solution, but until a patch is available.
Here is one way to re-enable vuln on patched Windows 10. Package Point and Print restriction policies affect CVE-2021-1675 patch effectiveness on non-DC systems. If HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint\NoElevationOnInstall is 1, then system is vulnerable after patch. ( Joe Desimone & Stan Hegt )
LeMagIT a cherché à joindre le service de presse d'Assu 2000, sans succès pour l'instant. Selon des sources distinctes, Assu 2000 est victime d'une attaque informatique menée avec le #ransomware #Conti. Tout le groupe serait affecté et plusieurs marques sont affectées : Maxance, EuroAssurance, CreditMarket, abcourtage, ou encore Assureo.
The U.S Secret Service has a new page where the agency is now listing the most sought-after fugitives involved in financially related cybercrime investigations.
Josep Rodriguez, a researcher and consultant at security firm IOActive, sounds alarm over ATM NFC reader vulnerabilities - he discovered a number of vulnerabilities in NFC technology, allowing you to hack ATMs and payment terminals, simply waving a smartphone in front of a contactless card reader - it could be used as part of a « jackpotting » attack
The SolarWinds backdoor in Danmarks Nationalbank was open for 7 months, before the attack was detected by coincidence by the American IT-security company FireEye
A hacker group linked to the Russian state known as « Fancy Bear » conducted a cyber attack on critical German infrastructure & the country's #banking system
Russland hat nach BILD-Informationen in den vergangenen Tagen massiv kritische Infrastruktur und das Bankenwesen in Deutschland angegriffen
Les opérateurs de #REvil en possession de données sensibles concernant les activités de l'opérateur téléphonique espagnol MásMóvil (grupomasmovil.com) #ransomware
https://www.businessinsider.es/masmovil-hackeada-ciberdelincuentes-afirman-robar-bases-datos-891803
Leaked Babuk Locker ransomware builder used in new attacks
Detect CVE-2021-1675 (PrintNightmare) Exploitation Attempts
https://socprime.com/blog/detect-printnightmare-cve-2021-1675-exploitation-attempts/
Detection & Remediation Information for 💥 CVE-2021-1675 aka PrintNightmare
Impacket implementation of 💥 CVE-2021-1675 aka PrintNightmare
Altus Group Limited (« Altus Group ») (TSX: AIF), announced that on June 13, 2021 it determined it had experienced a cybersecurity incident impacting some of its information technology systems.
https://www.altusgroup.com/company/press-releases/altus-group-reports-cybersecurity-incident
The #UK arm of the Salvation Army has been hit by a #ransomware attack
https://www.theregister.com/2021/06/30/salvation_army_ransomware_attack/
Un individu revendique une intrusion réussie sur une machine en lien avec l'Université de Leyde (universiteitleiden.nl)
French Connection UK, also known as FCUK, have recently been hit by a #ransomware attack, leading to a significant breach of private internal data.
Law enforcement has taken control of the DoubleVPN encryption service in an operation coordinated by Europol & Eurojust
Klap voor communicatie criminelen: DoubleVPN
In the recent campaign we observed several changes to the IcedID Trojan.
https://securelist.com/malicious-spam-campaigns-delivering-banking-trojans/102917/
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
