Plus récents
yaracroft

🇫🇷 Un des premiers centres régionaux de cybersécurité de France ouvrira ses portes en septembre 2022 en Bourgogne. La convention signée ce jeudi 24 février 2022 entre la région Bourgogne-Franche-Comté, l'ARNIA et l'ANSSI. Si depuis quelques heures le « cyberterrorisme » prend une autre dimension avec la guerre en Ukraine, le phénomène est largement rependu sur le territoire français et à toutes les échelles. Les attaques sont généralement menées par des groupes ou individus isolés, afin de demander une rançon. La Bourgogne-Franche-Comté est bien placée pour le savoir puisqu'elle en a fait les frais en 2021 avec plusieurs intrusions, notamment sur les hôpitaux de Villefranche-sur-Saône et de Dax.

france3-regions.francetvinfo.f

0
yaracroft

🇺🇦 Timeline of Cyberattacks on critical infrastructure and civilian objects

cyberpeaceinstitute.org/ukrain

0
yaracroft

🎙️ Stéphane Boujnah, patron d'Euronext, redoute des cyberattaques d'une nature inédite. Chaque dirigeant d'entreprise et même chaque ménage doit prendre des précautions pour renforcer la sécurité de ses systèmes d'information. Qu'ils soient modestes, de bureautique, ou plus significatifs, liés à la production, ou plus systémiques, liés au cœur de l'activité.

media.radiofrance-podcast.net/

0
yaracroft

The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions. The effort to build a cyber military force is coming late in the game.

reuters.com/world/exclusive-uk

0
yaracroft

The White House has denied reports that President Biden has been presented with an arsenal of ways to launch massive cyberattacks against Russia.

threatpost.com/white-house-den

0
yaracroft

🇵🇹 Cibercriminosos Lapsus$ Group ameaçaram esta quinta-feira revelar informação dos grupos Impresa, Vodafone Portugal e da T-Mobile, que recentemente foram alvo de ciberataques, colocando à votação dos utilizadores qual o primeiro a ser alvo.

observador.pt/2022/02/24/lapsu

0
yaracroft

A new form of disk-wiping malware was used to attack organizations in 🇺🇦 Ukraine shortly before the launch of a Russian invasion this morning (February 24). Symantec, a division of Broadcom Software, has also found evidence of wiper attacks against Windows computers in 🇱🇹 Lithuania. Sectors targeted included organizations in the financial, defense, aviation, and IT services sectors.

symantec-enterprise-blogs.secu

0
yaracroft

Russia's invasion of Ukraine has paved the way for a new battlefront with the West in cyberspace.

U.S and UK governments this week warned of Russia-linked called Cyclops Blink, which can infect equipment to attack downstream devices in key targets.

Mandiant's McNamara is keeping a close watch on a possible cyber threat from Russia-linked hacking group Temp.Isotope, which also been referred to as Berserk Bear, or Energetic Bear.

theregister.com/2022/02/24/cyb

0
yaracroft

EUropean Radiological Data Exchange Platform

remon.jrc.ec.europa.eu/About/R

0
yaracroft

🇺🇦 Ukrainian official said Russian shelling hit a radioactive waste repository and an increase in radiation levels was reported. The plant was the site of the world's worst nuclear accident when a nuclear reactor exploded in April 1986, spewing radioactive waste across Europe.

apnews.com/article/russia-ukra

0
yaracroft

🇮🇷 MuddyWater is conducting cyber and other malicious cyber operations as part of Iran's Ministry of Intelligence and Security (MOIS), targeting a range of government and private-sector organizations across sectors—including telecommunications, defense, local government, and oil and natural gas—in Asia, Africa, Europe, and North America.

cisa.gov/uscert/ncas/current-a

0
yaracroft

UNC2596 observed leveraging vulnerabilities to deploy . Beyond commonplace tools, like Cobalt Strike BEACON and NetSupport, UNC2596 has used novel , including BURNTCIGAR to disable endpoint protection, WEDGECUT to enumerate active hosts, and the BUGHATCH custom downloader. COLDDRAW ransomware operations have impacted dozens of organizations across more than ten countries, including those within critical infrastructure. Wedgecut, Bughatch, Burntcigar

mandiant.com/resources/unc2596

0
yaracroft

Guerrilla - Trend Micro soupçonnerait que des pirates aient eu accès aux chaînes de fabrication de téléphones Android de marques TE, Meizu, Huawei, Oppo ou encore HTC et y aient installé des malwares avant l'achat.

20minutes.fr/high-tech/3240983

0
yaracroft

A custom backdoor, SockDetour is designed to serve as a backup backdoor in case the primary one is removed. It is difficult to detect, since it operates filelessly and socketlessly on compromised servers. One of the command and control (C2) infrastructures that the threat actor used for distribution for the TiltedTemple campaign hosted SockDetour along with other miscellaneous tools such as a memory dumping tool and several webshells.

unit42.paloaltonetworks.com/so

0
yaracroft

A chinese security firm « Pangu Lab » pulished a report about a top-tier APT backdoor now tracked as Bvp47 that is linked to the Equation Group, the advanced persistent threat actor tied to the NSA. Bvp47 survived until today almost undetected, despite being submitted to the Virus Total antivirus database for the first time close to a decade ago, in late 2013. The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort. Pangu Lab has a code named « Operation Telescreen » for several Bvp47 incidents. Telescreen is a device imagined by British writer George Orwell in his novel « 1984 ».

pangulab.cn/en/post/the_bvp47_

0
yaracroft

Statement by the North Atlantic Council on Russia's attack on Ukraine

nato.int/cps/en/natohq/officia

0
yaracroft

Over the years, North Korea has demonstrated high adaptability and advancement within the illicit cyber and crypto space using new technology to exploit vulnerabilities in the global financial system. Foreign assistance from key allies such as Beijing and Moscow has allowed Pyongyang to expand its cyber intrusion capabilities in ways ranging from hosting North Korean hackers within their jurisdictions to providing improved data connections to expand the country’s international bandwidth and connectivity.

s3.us-east-1.amazonaws.com/fil

0
yaracroft

A recent sextortion scam example in french, sent in by a Naked Security reader we'll refer to simply as @M (thanks, M!) , where the porn scammers have converted their message into an image. Adding an image that holds the call-to-action text obviously makes it harder for a recipient to reply, because a plain image can’t contain clickable links, or even text that can be copied and pasted.

nakedsecurity.sophos.com/2022/

0
yaracroft

🇦🇺 Addresses of more than 500,000 organisations including defence sites, a missile maintenance unit, and domestic violence shelters were inadvertently made public in the first major breach of the New South Wales government's massive trove of QR code data. In New South Wales, what's elsewhere known as government « incompetence » is apparently called « an error ». NSW took months to disclose massive data leak of Covid QR check-in system.

reclaimthenet.org/nsw-data-lea

0
yaracroft

🇮🇷 Predatory Sparrow - This article provides an in-depth technical analysis of one of the attacks against the Iranian national media corporation, Islamic Republic of Iran Broadcasting (IRIB) which occurred in late January 2022.

research.checkpoint.com/2022/e

0
Plus anciens

yaracroft recommande :

informatique

2,96K

threats

2,03K

ransomware

1,24K

france

589

vuln

270

europe

125

tools

124

infosec

61

phishing

48
nanao

Comme le soleil, les machines ne se couchent jamais.

Ressources

Développeurs

Qu’est-ce que Mastodon ?

nanao.cybtex.fr

Davantage…