yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
What happens when you first plug a USB device in ? There's a whole bunch of negotiation where the computer discovers what a USB device is capable of.
A new technique that downloads and executes malicious DLLs (Zloader) without any malicious code present in the initial spammed attachment #Microsoft #Office macro. These macro codes cannot be detected using static detection since the content is formed dynamically on run time #windows #malware
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/zloader-with-a-new-infection-technique/
A vulnerability discovered in Schneider Electric (SE) Modicon programmable logic controllers (PLCs) allows full takeover of the industrial chips. The CVE-2021-22779 can be used to bypass existing security mechanisms in PLCs to hijack devices and potentially impact wider industrial setups.
BIOPASS is a Python Remote Access Trojan (RAT) that was spotted in attacks targeting online gambling companies in China. Attackers use OBS Studio's (obsproject.com) RTMP (Real-Time Messaging Protocol) streaming capabilities to record the user's screen & broadcast it to an attacker's control panel.
Cloud forensics in Microsoft Azure AD
Mint Mobile, a #US based telecommunications company, disclosed a #databreach after an unofficial person accessed customer's accounts information & ported some phone numbers. The company notified impacted customers through a mail that said, « An unauthorized person gained access to the company's systems and ported a 'small (?) number' of phone numbers between June 8th and June 10th 2021 » However, the company did not disclose how hackers accessed the customer's data.
L'entreprise de services du numérique (ESN) française Atos annonce une baisse ses objectifs annuels : le titre s'effondre frôlant à quasiment la barre des -18% #france #business #informatique
The Dutch Ministry of Defense plans to use advanced technologies, infrastructure services, and expertise from Atos and IBM Global Technology Services to construct new data centers, safeguard its IT system, and build a proprietary broadband mobile network to help ensure classified government information remains protected. #business #informatique
Chinese cyberattacks : A Systematic Espionage Campaign
Nobody who seriously studies the issue doubts that the #cyber attacks on American systems are part of a systematic #espionage campaign that could not really occur without Chinese state approval. We should also think about how one should respond to this sort of activity and cyberattacks, if at all. The response, if any, must come from the #US government. The American private sector has virtually no leverage to use to modify Chinese behavior. As complex as the problem is, it is a threat here to stay. Although, sooner or later these attacks are detected, it does leave the state vulnerable, politically and economically. It also makes one wonder : If these exploits are the ones we can identify typically, after the fact, what about the ones we are missing ?
https://www.thegreatcoursesdaily.com/chinese-cyberattacks-a-systematic-espionage-campaign/
Spreadshop hacked. T-shirt lovers warned of « considerably vicious » data breach
Immediate action required to avoid ransomware pandemic
« Ransomware has become too large of a threat for any entity or sector to address alone »
Speaking at the INTERPOL High-Level Forum on Ransomware, Secretary General Stock said that while some solutions existed nationally or bi-laterally, effectively preventing and disrupting #ransomware meant adopting the same international collaboration used to fight #terrorism, human trafficking or mafia groups.
« The World Economic Forum Partnership, in close collaboration with INTERPOL, has been working to shape global architectures to support such collaboration and explore ways to encourage responsible measures by the leadership of victim organisations. »
With Project Gateway providing a framework which enables INTERPOL to cooperate with private partners and receive threat data directly, participants endorsed four recommendations to create a global leadership #framework for action to disrupt and mitigate the impact of ransomware. Under this framework, INTERPOL will also focus on identifying, targeting and disrupting cybercrime threat actors behind ransomware attacks by taking a regional approach for operational coordination with member countries.
CVE-2021-35464 : Malicious cyber actors are actively exploiting a pre-authorization Remote Code Execution (RCE) vulnerability in ForgeRock Access Management - a commercial open access management solution that is based on OpenAM
Amazon (amazon.com) a subi une importante panne entre le 11 juillet 2021 et le 12 juillet 2021 dans plusieurs pays du monde. La deuxième grande panne mondiale depuis juin 2021.
https://www.reuters.com/technology/amazon-services-down-multiple-users-downdetector-2021-07-12/
The cost of shutting down the #Internet
https://merchantmachine.co.uk/the-cost-of-shutting-down-the-internet/
Le fournisseur de services IT anversois ITxx (itxx.be) paye 1/4 de millions d'€ (~300.000$) de rançon aux opérateurs de #ransomware #Conti « Dans l'intérêt de nos clients, et parce que les experts nous ont convaincus qu'il n'y avait pas d'alternative, nous avons procédé au paiement de la rançon » #informatique #cyber
Après Altran ou encore Sopra-Steria, c'est au tour d'une autre figure emblématique des sociétés de conseil en technologies de l'information d'être dans le viseur des #cyber attaquants. Une partie des systèmes informatiques de la société de conseil et d'intégration Keyrus a été infectée par un #ransomware. Des experts techniques externes ont été appelés en renfort. L'origine de l'attaque a été identifiée sans plus de détails. Tous les fournisseurs de services IT sont particulièrement ciblés. Spécialisé dans le conseil (stratégie, organisation, gestion de la performance,...) et l'intégration de solutions informatiques en particulier dans les domaines de la BI, du #BigData et du e-commerce, Keyrus compte plusieurs centaines de grands comptes dont Air #France KLM, AP-HP, Biomérieux, Coliposte, Galeries Lafayette, La Grande Récré, le ministère de la Justice, Solvay, Vinci,...
#Firefox 90 will support Fetch Metadata Request Headers which allows web applications to protect themselves and their users against various cross-origin threats
https://blog.mozilla.org/security/2021/07/12/firefox-90-supports-fetch-metadata-request-headers/
New activity that has been attributed to the Lazarus adversary group potentially targeting engineering job candidates and/or employees in classified engineering roles within the #US & #Europe. Windows documents attempted to impersonate new defense contractors and engineering companies like Airbus, General Motors (GM), Rheinmetall.
https://cybersecurity.att.com/blogs/labs-research/lazarus-campaign-ttps-and-evolution
Why remote learning is a high risk time for #cyber attacks ? #education
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
