Plus récents
yaracroft

Сотрудники ФСБ россии участвующие в преступной деятельности страны-агрессора на территории Европы.

gur.gov.ua/content/sotrudnyky-

0
yaracroft

Possible BGP hijack - Beginning at 2022-03-28 12:06:26 UTC, Prefix 104.244.42.0/24, is normally announced by AS13414 🇺🇸 TWITTER, US. But beginning at 2022-03-28 12:06:26, the same prefix (104.244.42.0/24) was also announced by 🇷🇺 ASN 8342 (RTCOMM-AS, RU).

bgpstream.com/event/288327

0
yaracroft

🇹🇳 Les services en ligne de la Banque Centrale de Tunisie (bct.gov.tn) de retour après l'attaque informatique du 23 mars 2022.

tuniscope.com/article/328147/b

0
yaracroft

Les GAFAM et autres entreprises 🇪🇺 européennes et 🇺🇸 américaines transférant des données entre les deux rives de l'Atlantique peuvent pousser un ouf de soulagement ce 25 mars 2022.

siecledigital.fr/2022/03/25/un

0
yaracroft

Le fabricant le fabricant 🇩🇪 allemand de literie Emma-Sleep (emma.fr) présent en 🇫🇷 France depuis 2017 a confirmé avoir subi une cyberattaque sur plusieurs mois, avec à la clef le vol de noms, d'adresses personnelles, de mails, de numéros de téléphone, et de numéros de cartes bancaires de plusieurs dizaines de milliers de clients. L'attaque a ciblé le processus de paiement du site web. Environ 97.000 potentielles victimes dans quelque 12 pays.

lemagit.fr/actualites/25251514

0
yaracroft

🇺🇸 U.S. Department of Justice unsealed 2 indictments charging 4 defendants, all Russian nationals who worked for the Russian , with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of and organizations, in approximately 135 countries.

The FSB hackers, Pavel Aleksandrovich Akulov (Павел Александрович Акулов), 36, Mikhail Mikhailovich Gavrilov (Михаил Михайлович Гаврилов), 42, and Marat Valeryevich Tyukov (Марат Валерьевич Тюков), 39, were members of a Center 16 operational unit known among cybersecurity researchers as « Dragonfly », « Berzerk Bear », « Energetic Bear », and « Crouching Yeti »

justice.gov/opa/pr/four-russia

0
yaracroft

A heap overflow vulnerability discovered in the IPv6 stack of OpenBSD. This issue, whose root cause can be found in the mishandling of Router Advertisement messages containing a DNSSL option with a malformed domain label, was patched by on March 21, 2022.

blog.quarkslab.com/heap-overfl

0
yaracroft

🕷 The rapid spread of Emotet via TrickBot and its behavior since the malware resurfaced last month could signal that a spate of ransomware attacks are on the way. Emotet also has added new capabilities since its resurgence.

threatpost.com/emotets-behavio

0
yaracroft

Lapsus$ a revendiqué une attaque contre le spécialiste de la gestion des accès et de l'authentification en mode service, captures d'écran à l'appui. Les captures d'écran suggèrent l'utilisation d'une VM VirtualBox pour accéder via RDP à un poste de travail d'une personne disposant de droits d'accès à des services SaaS en usage, en interne, chez Okta : Atlassian Jira Service Management, Slack, mais également l'interface d'administration en mode super utilisateur des services d'Okta lui-même.

lemagit.fr/actualites/25251493

0
yaracroft

🌐 12,784,191 of credentials are leaked from the users and are distributed on Dark/Deep Web in Feb 2022. More than 4,900 organizations have suffered damage from internal data leaking into the by ransomware gangs. Lapsus$ gang initially accessed the affected organizations through leaked credentials collected from Redline Stealer malware. More than 10,000 of Okta Inc (okta.com) login credentials are leaked from infected users with Redline.

0
yaracroft

How difficult was it for Vice Society to attack 🇦🇷 Argentina's Senate (senado.gob.ar) ? According to the spokesperson, it took « 6 hours to get access to every IT system » (100 computers) and « 6 hours to attack. » When the Senate realized that they had been attacked, Vice Society was reportedly still in their system and able to observe them.

databreaches.net/it-took-6-hou

0
yaracroft

⚖️ Igor Dekhtyarchuk, a resident and national of the Russian Federation (), was named in an indictment returned by a federal grand jury on March 16, 2022, charging him with offenses related to operating a cyber-criminal marketplace that sold thousands of stolen login credentials, personal identifiable information, and authentication tools.

justice.gov/usao-edtx/pr/russi

0
yaracroft

Okta Inc, whose authentication services are used to provide access to corporate networks, is investigating a breach after hackers posted screenshots of what they said was internal information. The scope of the hack is unknown, but it could have major consequences. In a statement, Okta official Chris Hollis said the hack could be related to a previously undisclosed incident in January 2022 which he said had since been contained.
\reuters.com/article/okta-breac

0
yaracroft

Unlike most activity groups that stay under the radar, DEV-0537 (LAPSUS$) doesn’t seem to cover its tracks. They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations. DEV-0537 also uses several tactics that are less frequently used by other threat actors tracked by Microsoft. Their tactics include phone-based social engineering and SIM-swapping.

microsoft.com/security/blog/20

0
yaracroft

Lapsus$ leaked in a downloadable archive file most of the Microsoft Bing Maps source code, and about half of the Microsoft Bing and code. The gang also claims to have compromised LG Electronics for the second time in a year, and the Okta, Inc (̀ okta.com`), an IdP service that stores and verifies user identities.

theregister.com/2022/03/21/mic

0
yaracroft

CVE-2022-0337 - Several web browsers based on the Chromium engine, for instance, , , running on .

github.com/Puliczek/CVE-2022-0

0
yaracroft

Anne Neuberger, the 🇺🇸 U.S. deputy national security adviser for cyber and emerging technology, joined the White House briefing on Monday to discuss potential Russian cyberattacks and urge companies to raise their defenses.

youtube.com/watch?v=VMhfacxfFc

0
yaracroft

President Biden have previously warned about the potential that Russia could conduct malicious cyber activity against the 🇺🇸 United States. Today, my Administration is reiterating those warnings based on evolving intelligence that the 🇷🇺 Russian Government is exploring options for potential cyberattacks.

whitehouse.gov/briefing-room/s

0
yaracroft

APT35 automates initial access using ProxyShell

thedfirreport.com/2022/03/21/a

0
yaracroft

says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal source code repositories and stolen data.

bleepingcomputer.com/news/secu

0
Plus anciens

yaracroft recommande :

informatique

2,96K

threats

2,03K

ransomware

1,24K

france

589

vuln

270

europe

125

tools

124

infosec

61

phishing

48
nanao

Comme le soleil, les machines ne se couchent jamais.

Ressources

Développeurs

Qu’est-ce que Mastodon ?

nanao.cybtex.fr

Davantage…