yaracroft @venom@nanao.cybtex.fr

Introducing the Golden gMSAs Attack #cyber #windows #threats #informatique

https://www.semperis.com/blog/golden-gmsa-attack/

Microsoft Pluton Device + PAC technology improving security for Windows on ARM platforms #microsoft #technologies #threats #informatique

https://blogs.windows.com/windowsexperience/2022/02/28/mwc-2022-the-next-microsoft-pluton-device-pac-technology/

Visual graph of doxed #TrickBot group members #cyber #threats #informatique

https://raw.githubusercontent.com/soufianetahiri/Trickbotleaks/main/TrickBotGraph.jpg

🔥 CVE-2022-24724 - A vulnerability, discovered by Felix Wilhelm, exists in the table markdown extensions of cmark-gfm. If cmark-gfm is used for rendering remote user controlled markdown, this vulnerability may lead to Remote Code Execution (RCE) in applications employing affected versions of the cmark-gfm library. #vuln #informatique

https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x

drvscanner - Scan for potentially vulnerable drivers #windows #tools #informatique

https://github.com/helpsystems/nanodump

NanoDump - A flexible tool that creates a minidump of the LSASS process. #windows #tools #informatique

https://github.com/helpsystems/nanodump

A coverage-guided fuzzer targeting Hyper-V emulated devices, in the userland of Hyper-V root partition. Vulnerabilities in that layer coud lead to a guest to root partition escape. #windows #tools #informatique

https://github.com/googleprojectzero/Hyntrospect

Nice write-up that describes how to simplify Alexander Popov PoC exploit for CVE-2021-26708 in the #Linux kernel #vuln

https://hardenedvault.net/2022/03/01/poc-cve-2021-26708.html

The LAPSUS$ extortionist gang leaked Samsung's data, claims it contains « confidential source code » including critical components source code (biometrics, bootloaders, activation servers) #lapsus #cyber #software #databreach #technologies #threats #informatique

#Conti #Ransomware Group Diaries, Part III : Weaponry. #cyber #threats #informatique

https://krebsonsecurity.com/2022/03/conti-ransomware-group-diaries-part-iii-weaponry/

🇺🇸 #Verizon confirmed « intermittent issues » were affecting its #network after customers noted they were having trouble making or receiving phone calls. #usa #telecom #outage #informatique

https://nypost.com/2022/03/04/verizon-confirms-issues-impacted-customer-phone-calls/

🇱🇰 The Public Utilities Commission of Sri Lanka (PUCSL) said yesterday (3) that the nearly eight-hour-long scheduled power outage will continue for the third consecutive day, today (4) #srilanka #energy #outage #threats

https://www.themorning.lk/approximately-8-hour-power-outage-for-third-day-today/

🇨🇭 Un réseau d'accueil de jour victime d'un ransomware. C'est la vulnérabilité du réseau qui a valu l'attaque sur la structure, les données sur les enfants n'étaient pas particulièrement ciblées. #swiss #education #cyber #threats #suisse #informatique

https://www.24heures.ch/un-reseau-daccueil-de-jour-a-ete-victime-dune-cyberattaque-256447010017

🇺🇦 D'après l'AFP, les autorités ukrainiennes ont indiqué avoir pu envoyer des pompiers à la centrale nucléaire de Zaporijjia, assurant que la sécurité nucléaire des lieux était maintenant assurée. « L'#Ukraine compte quinze réacteurs nucléaires. S'il y a une explosion, c'est la fin de tout. La fin de l'#Europe. C'est l'évacuation de l'Europe », a-t-il poursuivi. « Seule une action européenne immédiate peut stopper les troupes russes. Il faut empêcher que l'Europe ne meure d'un désastre nucléaire », a ajouté Volodymyr Zelensky.

https://www.lemonde.fr/international/article/2022/03/04/guerre-en-ukraine-la-plus-grande-centrale-nucleaire-d-europe-touchee-par-des-frappes-russes_6116069_3210.html

The « Helt » an Estonian-owned general cargo ship, is reported to have sunk after colliding with a sea mine off the coast of 🇺🇦 Odessa. #marine #threats #maritime #cargo #naval

https://www.navalnews.com/naval-news/2022/03/estonian-cargo-ship-sinks-off-the-coast-of-odessa/

Mimikatz signé par NVIDIA. Florian Roth propose une règle Yara afin de détecter les binaires signés NVIDIA compilés après le 1 mars 2022. A adapter car un bête changement du pe.timestamp et ça passe à côté. #cyber #threats #informatique

https://github.com/Neo23x0/signature-base/blob/master/yara/gen_nvidia_leaked_cert.yar

The LAPSUS$ extortionist gang who broke into NVIDIA's network leak Deep Learning Super Sampling (DLSS) source code online. This code leak could hold the key for the open-source Linux driver community to bring DLSS to the platform, or even AMD and Intel learning from its design. #lapsus #databreach #cyber #threats #informatique

https://thehackernews.com/2022/03/hackers-who-broke-into-nvidias-network.html

🇺🇦 IAEA puts its Incident and Emergency Centre in full 24/7 response mode due to serious situation at Zaporizhzhia Nuclear Power Plant in #Ukraine

https://twitter.com/IAEAIEC

🇺🇦 #Ukraine tells IAEA (International Atomic Energy Agency) that fire at site of Zaporizhzhia Nuclear Power Plant has not affected « essential » equipment, plant personnel taking mitigatory actions.