What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-27 11:05:30 | Les pirates chinois livrent des logiciels malveillants à Barracuda Appareils de sécurité par e-mail via un nouveau zéro-jour Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day (lien direct) |
> Les pirates chinois ont exploité une journée zéro-jour comme CVE-2023-7102 pour livrer des logiciels malveillants à Barracuda Email Security Gateway (ESG) Appliances.
>Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. |
Malware Vulnerability Threat | ★★ | |
 |
2023-12-27 11:00:00 | Cybersécurité post-pandémique: leçons de la crise mondiale de la santé Post-pandemic Cybersecurity: Lessons from the global health crisis (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Beyond ‘just’ causing mayhem in the outside world, the pandemic also led to a serious and worrying rise in cybersecurity breaches. In 2020 and 2021, businesses saw a whopping 50% increase in the amount of attempted breaches. The transition to remote work, outdated healthcare organization technology, the adoption of AI bots in the workplace, and the presence of general uncertainty and fear led to new opportunities for bad actors seeking to exploit and benefit from this global health crisis. In this article, we will take a look at how all of this impacts the state of cybersecurity in the current post-pandemic era, and what conclusions can be drawn. New world, new vulnerabilities Worldwide lockdowns led to a rise in remote work opportunities, which was a necessary adjustment to allow employees to continue to earn a living. However, the sudden shift to the work-from-home format also caused a number of challenges and confusion for businesses and remote employees alike. The average person didn’t have the IT department a couple of feet away, so they were forced to fend for themselves. Whether it was deciding whether to use a VPN or not, was that email really a phishing one, or even just plain software updates, everybody had their hands full. With employers busy with training programs, threat actors began intensifying their ransomware-related efforts, resulting in a plethora of high-profile incidents in the last couple of years. A double-edged digital sword If the pandemic did one thing, it’s making us more reliant on both software and digital currencies. You already know where we’re going with this—it’s fertile ground for cybercrime. Everyone from the Costa Rican government to Nvidia got hit. With the dominance of Bitcoin as a payment method in ransoming, tracking down perpetrators is infinitely more difficult than it used to be. The old adage holds more true than ever - an ounce of prevention is worth a pound of cure. To make matters worse, amongst all that chaos, organizations also had to pivot away from vulnerable, mainstream software solutions. Even if it’s just choosing a new image editor or integrating a PDF SDK, it’s an increasing burden for businesses that are already trying to modernize or simply maintain. Actors strike where we’re most vulnerable Healthcare organizations became more important than ever during the global coronavirus pandemic. But this time also saw unprecedented amounts of cybersecurity incidents take place as bad actors exploited outdated cybersecurity measures. The influx of sudden need caused many overburdened healthcare organizations to lose track of key cybersecurity protocols that could help shore up gaps in the existing protective measures. The United States healthcare industry saw a 25% spike in successful data breaches during the pandemic, which resulted in millions of dollars of damages and the loss of privacy for thousands of patients whose data was compromis | Data Breach Vulnerability Threat Studies Prediction | ChatGPT | ★★ |
 |
2023-12-26 11:56:23 | Challenge of Protecting PII, Hunters Become the Hunt: OpenAI Vulnerability, Blackmailing of Bounty Hunters (lien direct) | A paradox emerges: those who protect us from cyber threats are themselves becoming the hunted.... | Vulnerability | ★★ | |
 |
2023-12-26 08:00:00 | Analyser les vulnérabilités de vos conteneurs Docker avec Grype (lien direct) | En hiver, tout le monde est vacciné contre la grippe, mais qu'en est-il de la sécurité de vos images Docker ? Grype est un scanner de vulnérabilités qui analyse les images Docker et les systèmes de fichiers, décelant les failles sur divers systèmes d'exploitation et langages de programmation. Il peut être installé via GitHub ou Brew pour Mac, et permet des scans personnalisés avec des sorties en formats différents, tout en offrant la possibilité d'intégrer des sources de données externes pour des analyses plus précises, y compris dans les workflows GitHub Actions. | Vulnerability | ★★★★ | |
 |
2023-12-22 18:00:00 | Google libère le huitième patch zéro-jour de 2023 pour Chrome Google Releases Eighth Zero-Day Patch of 2023 for Chrome (lien direct) |
CVE-2023-7024, exploité dans la nature avant le correctif, est une vulnérabilité chromée qui permet l'exécution de code distant dans le composant Webrtc du navigateur \\.
CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser\'s WebRTC component. |
Vulnerability Threat Patching | ★★★ | |
|
2023-12-22 14:20:26 | Mises à jour CISA: Guide Microsoft 365, outil Scubagear, Mozilla Alert, QNAP & FXC Vulnérabilités Entrez Kev CISA Updates: Microsoft 365 Guidance, SCuBAGear Tool, Mozilla Alert, QNAP & FXC Vulnerabilities Enter KEV (lien direct) |
CISA a officiellement publié les bases de base de configuration sécurisée Microsoft 365, visant à aider les organisations à ...
CISA has officially released the Microsoft 365 Secure Configuration Baselines, aiming to assist organizations in... |
Tool Vulnerability | ★★ | |
|
2023-12-22 13:04:25 | Dans d'autres nouvelles: Crypto Exchange Hack Guilty Plea, Note IA Vulnérabilités, Intellexa Spyware In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware (lien direct) |
> Des histoires remarquables qui auraient pu glisser sous le radar: le pirate d'échange de crypto-monnaie plaide coupable, vulnérabilités LLM, analyse des logiciels espions Intellexa.
>Noteworthy stories that might have slipped under the radar: Cryptocurrency exchange hacker pleads guilty, rating LLM vulnerabilities, Intellexa spyware analysis. |
Hack Vulnerability | ★★★ | |
 |
2023-12-21 21:09:57 | Apache ActiveMQ Vulnerability (CVE-2023-46604) Continuously Being Exploited in Attacks (lien direct) | #### Description
AHNLAB Security Emergency Response Center (ASEC) a signalé que la vulnérabilité d'Apache ActiveMQ (CVE-2023-46604) est exploitée par divers acteurs de menace.La vulnérabilité est une vulnérabilité d'exécution de code distant dans le serveur de modèle de messagerie et d'intégration open source apache activemq.
L'attaque de vulnérabilité consiste à manipuler un type de classe sérialisé dans le protocole OpenWire pour instancier la classe dans le chemin de classe.Lorsque l'acteur de menace transmet un paquet manipulé, le serveur vulnérable fait référence au chemin (URL) contenu dans le paquet pour charger le fichier de configuration XML pour la classe.Les logiciels malveillants utilisés dans les attaques comprennent Ladon, Netcat, AnyDesk et Z0min.Ladon est l'un des outils principalement utilisés par les acteurs de la menace chinoise.NetCAT est un utilitaire pour transmettre des données à et depuis certaines cibles dans un réseau connecté par le protocole TCP / UDP.AnyDesk, Netsupport et Chrome Remote Desktop ont récemment été utilisés pour contourner les produits de sécurité.Z0miner a été signalé pour la première fois en 2020 par l'équipe de sécurité de Tencent et a été distribué via des attaques exploitant les vulnérabilités d'exécution du code distant Oracle Weblogic (CVE-2020-14882 / CVE-2020-14883).
#### URL de référence (s)
1. https://asec.ahnlab.com/en/59904/
#### Date de publication
18 décembre 2023
#### Auteurs)
Sanseo
#### Description AhnLab Security Emergency Response Center (ASEC) has reported that the Apache ActiveMQ vulnerability (CVE-2023-46604) is being exploited by various threat actors. The vulnerability is a remote code execution vulnerability in the open-source messaging and integration pattern server Apache ActiveMQ. The vulnerability attack involves manipulating a serialized class type in the OpenWire protocol to instantiate the class in classpath. When the threat actor transmits a manipulated packet, the vulnerable server references the path (URL) contained in the packet to load the XML configuration file for the class. The malware used in the attacks includes Ladon, NetCat, AnyDesk, and z0Miner. Ladon is one of the tools that are mainly used by Chinese-speaking threat actors. Netcat is a utility for transmitting data to and from certain targets in a network connected by TCP/UDP protocol. AnyDesk, NetSupport, and Chrome Remote Desktop have recently been used for bypassing security products. z0Miner was first reported in 2020 by the Tencent Security Team and was distributed via attacks exploiting the Oracle Weblogic remote code execution vulnerabilities (CVE-2020-14882/CVE-2020-14883). #### Reference URL(s) 1. https://asec.ahnlab.com/en/59904/ #### Publication Date December 18, 2023 #### Author(s) Sanseo |
Malware Tool Vulnerability Threat | ★★★ | |
 |
2023-12-21 13:32:00 | Google découvre un autre chrome zéro-jour exploité dans la nature Google discovers another Chrome zero-day exploited in the wild (lien direct) |
Google Chrome a publié un correctif de sécurité d'urgence pour un défaut zéro-jour qui a été exploité dans la nature.Cette vulnérabilité, suivie en CVE-2023-7024, affecte les versions de bureau du navigateur sur Mac, Linux et Windows.C'est le huitième activement exploité zéro-jour dans Chrome découvert depuis le début de 2023. Cl & eacute; ment Lecigne et Vlad
Google Chrome has released an emergency security fix for a zero-day flaw that has been exploited in the wild. This vulnerability, tracked as CVE-2023-7024, affects the desktop versions of the browser on Mac, Linux and Windows. It is the eighth actively exploited zero-day in Chrome discovered since the start of 2023. Clément Lecigne and Vlad |
Vulnerability Threat | ★★ | |
 |
2023-12-21 12:52:00 | Les pirates exploitent la vulnérabilité Old MS Excel à la propagation de l'agent Tesla malware Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware (lien direct) |
Les attaquants armement une vieille vulnérabilité de Microsoft Office dans le cadre de campagnes de phishing pour distribuer une souche de logiciels malveillants appelés & nbsp; agent Tesla.
Les chaînes d'infection levaient les documents de leurre de lereau Excel attaché dans les messages sur le thème de la facture pour tromper des cibles potentielles pour les ouvrir et activer l'exploitation du CVE-2017-11882 (score CVSS: 7.8), une vulnérabilité de corruption de mémoire dans Office \'s
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office\'s |
Malware Vulnerability | ★★ | |
|
2023-12-21 12:41:43 | Over a Dozen Critical RCE Vulnerabilities in Ivanti Avalanche; Actively Exploited Chrome Zero-Day, CVE-2023-7024 (lien direct) | Ivanti has issued security updates to address a total of 22 vulnerabilities identified in its... | Vulnerability Threat | ★★★ | |
|
2023-12-21 11:43:27 | Ivanti Patches Dozen Vulnérabilités critiques dans le produit Avalanche MDM Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product (lien direct) |
> Ivanti a corrigé 20 vulnérabilités dans son produit Avalanche MDM, y compris une douzaine de défauts d'exécution de code distant évalués.
>Ivanti has patched 20 vulnerabilities in its Avalanche MDM product, including a dozen remote code execution flaws rated critical. |
Vulnerability | ★★ | |
|
2023-12-21 11:00:00 | Violations de données: analyse approfondie, stratégies de récupération et meilleures pratiques Data breaches: In-depth analysis, recovery strategies, and best practices (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In the dynamic landscape of cybersecurity, organizations face the ever-present risk of data breaches. This article provides a detailed exploration of data breaches, delving into their nuances, and offers comprehensive recovery strategies along with best practices. A data breach occurs when unauthorized threat actors gain access to sensitive information, jeopardizing data integrity and confidentiality. There are some common causes behind major data breaches: Cyber-attacks: Sophisticated cyber-attacks, techniques such as spear phishing, ransomware, and advanced persistent threats, are predominant causes behind data breaches. Insider threats: Whether arising from employee errors, negligence, or intentional malicious actions, insider threats contribute significantly to data breaches. Third-party incidents: Weaknesses in the security protocols of third-party vendors or service providers can expose organizations to the risk of data breaches. Learnings acquired Rapid detection and response: The criticality of swift detection and response cannot be overstated. Delayed identification prolongs the impact and complicates the recovery process. Comprehensive incident response: Organizations must establish a robust incident response plan, encompassing communication strategies, legal considerations, and meticulous technical remediation steps. Regulatory compliance: Adherence to regulatory requirements and industry standards is not only essential for legal compliance but is also a fundamental aspect of maintaining trust and credibility. Employee training: Ongoing training initiatives that elevate employees\' awareness of security threats and best practices play a pivotal role in preventing data breaches. Continuous security audits: Regular security audits and assessments serve as proactive measures, identifying vulnerabilities before they can be exploited. Best practices for recovery Detailed incident communication: Provide a comprehensive and transparent communication plan, detailing the incident\'s scope, impact, and the organization\'s proactive steps for resolution. Stakeholder engagement: Engage with stakeholders, including customers, employees, and regulatory bodies. Keep them informed about the incident\'s progress and the measures being taken for recovery. Comprehensive cyber insurance coverage: Cyber insurance can be a strategic asset, covering a range of costs related to the incident, including investigation, legal proceedings, and potential regulatory fines. Strengthen cybersecurity measures: Advanced threat detection: Implement advanced threat detection mechanisms that can identify anomalous behavior and potential threats in real-time. Encryption and access controls: Enhance data protection by implementing robust encryption protocols and access controls, limiting unauthorized access to sensitive information. Regular system updates: Maintain an agile cybersecurity posture by regularly updating and patching systems to address known vulnerabilities. Law enforcement partnership: Collaborate with law enforcement agencies and relevant authorities, leveraging their expertise to aid in the investigation and apprehension of cybercriminals. Legal counsel engagement: Engage legal counsel to navigate the legal intricacies associated with the breach, ensuring compliance with regulations and m | Ransomware Data Breach Vulnerability Threat Patching Technical | ★★ | |
 |
2023-12-21 10:30:00 | Ivanti exhorte les clients à corriger 13 vulnérabilités critiques Ivanti Urges Customers to Patch 13 Critical Vulnerabilities (lien direct) |
Ivanti publie des mises à jour pour corriger 22 vulnérabilités dans son produit de gestion d'appareils mobiles Avalanche
Ivanti releases updates to fix 22 vulnerabilities in its Avalanche mobile device management product |
Vulnerability Mobile | ★★ | |
 |
2023-12-21 10:00:59 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 4 & # 8211; CVE-2023-23376) Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376) (lien direct) |
Ceci est la cinquième partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:56 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 3 & # 8211; octobre 2022) Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022) (lien direct) |
Ceci est la quatrième partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:53 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 2 & # 8211; septembre 2022) Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022) (lien direct) |
Il s'agit de la troisième partie de notre étude sur le système de fichiers journaux commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:50 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares Windows CLFS and five exploits used by ransomware operators (lien direct) |
Nous n'avions jamais vu autant d'exploits de pilotes CLFS utilisés auparavant dans des attaques actives, puis soudain, il y en a tellement capturés en seulement un an.Y a-t-il quelque chose qui ne va pas avec le pilote CLFS?Toutes ces vulnérabilités sont-elles similaires?Ces questions m'ont encouragé à examiner de plus près le conducteur CLFS et ses vulnérabilités.
We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. |
Ransomware Vulnerability | ★★ | |
|
2023-12-21 10:00:47 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 1 & # 8211; CVE-2022-24521) Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521) (lien direct) |
Il s'agit de la deuxième partie de notre étude sur le système de fichiers journaux commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisées dans les attaques de ransomwares tout au long de l'année.
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 10:00:01 | Windows CLFS et cinq exploits utilisés par les opérateurs de ransomwares (exploit # 5 & # 8211; CVE-2023-28252) Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252) (lien direct) |
Il s'agit de la six partie de notre étude sur le système de fichiers journal commun (CLFS) et cinq vulnérabilités dans ce composant Windows OS qui ont été utilisés dans les attaques de ransomwares tout au long de l'année.
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. |
Ransomware Vulnerability Studies | ★★ | |
|
2023-12-21 09:11:00 | Urgent: nouvelle vulnérabilité chromée zéro exploitée dans la nature - mise à jour dès que possible Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP (lien direct) |
Google a déployé des mises à jour de sécurité pour le navigateur Web Chrome pour lutter contre un défaut zéro jour de haute sévérité qui, selon lui, a été exploité dans la nature.
La vulnérabilité, attribuée à l'identificateur CVE & NBSP; CVE-2023-7024, a été décrite comme a & nbsp; Bug de débordement de tampon basé sur un tas & nbsp; dans le cadre WebBrTC qui pourrait être exploité pour entraîner des plantages de programme ou une exécution de code arbitraire.
Cl & eacute; ment;
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément |
Vulnerability Threat | ★★ | |
 |
2023-12-21 05:00:25 | Battleroyal, le cluster Darkgate se propage par e-mail et les fausses mises à jour du navigateur BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates (lien direct) |
Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybercrime actors and was spread via many methods such as email, Microsoft Teams, Skype, malvertising and fake updates. Proofpoint researchers are tracking a particularly interesting operator of the DarkGate malware. At the time of publication, researchers are not attributing this cluster of activity to a known threat actor and are temporarily calling it BattleRoyal. Between September and November 2023, at least 20 email campaigns used DarkGate malware with GroupIDs “PLEX”, “ADS5”, “user_871236672” and “usr_871663321”. The GroupID is a configuration setting that is also referred to as username, botnet, campaign, or flag 23. The campaigns are notable for: Delivery: via email and RogueRaticate fake browser updates Volumes and geography: email campaigns include tens of thousands of emails targeting dozens of industries primarily in USA and Canada Attack chain: includes a variety of notable tools such as 404 TDS, Keitaro TDS, and .URL files exploiting CVE-2023-36025 Volume of DarkGate campaigns based on four GroupIDs discussed in this report. TDS all the things! (an email campaign example) On October 2, 2023, Proofpoint identified one of the first campaigns in this cluster. It was notable due to the use of more than one traffic delivery system (TDS), specifically 404 TDS and Keitaro TDS. Additionally, the .URL files involved exploited CVE-2023-36025, a vulnerability in Windows SmartScreen. While other parts of the attack chain from this actor changed or varied, .URL files were involved in every campaign. The emails in this campaign contained: 404 TDS URLs that, if clicked by the user, redirected to Keitaro TDS Keitaro TDS was observed serving an internet shortcut (.URL) file The internet shortcut, if double clicked, downloaded a zipped VBS script The VBS in turn downloaded and executed several shell commands (cmd.exe) The shell commands (a) created a directory on C: drive, (b) copied curl.exe from system folder to this new directory, (c) used the curl to download Autoit3.exe, (d) used curl to download and save an AutoIT script, and (e) ran the downloaded AutoIT script with the downloaded AutoIT interpreter The AutoIT script ran an embedded DarkGate Attack chain summary that follows the flow of: Email > 404 TDS > Keitaro TDS > .URL > .VBS > Shell commands > AutoIT / AutoIT script > DarkGate. Screenshot of an example email from October 2 campaign. Screenshot of the .URL file involved in the October 2 campaign. Proofpoint has identified multiple cybercriminal campaigns exploiting CVE-2023-36025; however, the BattleRoyal cluster exploited this vulnerability more than any other actor observed in Proofpoint threat data. Notably, this activity cluster exploited CVE-2023-36025 before it was published by Microsoft. SmartScreen is a security feature that is designed to prevent people from visiting malicious websites. The vulnerability could allow an actor to bypass the SmartScreen defenses if a user clicked on a specially crafted .URL file or a hyperlink pointing to a .URL file. More specifically, a SmartScreen alert would not be triggered when a .URL points to a SMB or WebDav share as file:// and the malicious payload is inside a ZIP file which is specified in the URL target. RogueRaticate (fake browser update campaign example) On October 19, 2023, an external researcher identified and publicly shared details of the RogueRaticate fake update activity cluster using an interesting obfuscation technique first identified in 2020. Proofpoint subsequently identified the activity in Proofpoint data. This campaign delivered fake browser update requests to end users on their web browsers that dropped a DarkGate payload with the “ADS5” GroupID. The threat actor injected a request to a domain they controlled that used .css steganography to conceal the malicious c | Malware Tool Vulnerability Threat Prediction | ★★ | |
 |
2023-12-20 20:58:34 | La saison de la cyber-vulnérabilité: comment les vacances deviennent un terrain de jeu de pirate \\ The Season of Cyber Vulnerability: How the Holidays Become a Hacker\\'s Playground (lien direct) |
La saison de la cyber-vulnérabilité: comment les vacances deviennent un terrain de jeu de pirate \\
Comprendre les risques et fortifier les défenses de la période festive
-
mise à jour malveillant
The Season of Cyber Vulnerability: How the Holidays Become a Hacker\'s Playground Understanding the risks and fortifying defences in the festive period - Malware Update |
Vulnerability | ★★ | |
 |
2023-12-20 18:06:55 | GCP-2023-049 (lien direct) | Publié: 2023-12-20 Description Description Gravité notes Les vulnérabilités suivantes ont été découvertes dans le noyau Linux qui peut conduire à une escalade de privilège sur le système d'exploitation optimisé et les nœuds Ubuntu. CVE-2023-3090 Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité GKE GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité nue High CVE-2023-3090 Published: 2023-12-20Description Description Severity Notes The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.CVE-2023-3090 For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-3090 | Vulnerability Cloud | ||
 |
2023-12-20 16:52:42 | Fake F5 Big-ip Zero-Day Avertissement Emails Fake F5 BIG-IP zero-day warning emails push data wipers (lien direct) |
Le cyber-Directorat national d'Israël avertit des e-mails de phishing faisant semblant d'être des mises à jour de sécurité Zero-Day F5 Big-IP qui déploient les essuie-glaces de données Windows et Linux.[...]
The Israel National Cyber Directorate warns of phishing emails pretending to be F5 BIG-IP zero-day security updates that deploy Windows and Linux data wipers. [...] |
Vulnerability Threat | ★★★ | |
|
2023-12-20 15:00:00 | Vulnérabilité F5 ciblée \\ 'mise à jour \\' délivre des essuie-glaces aux victimes israéliennes Targeted F5 Vulnerability \\'Update\\' Delivers Wiper to Israeli Victims (lien direct) |
Les fichiers censés être un patch de vulnérabilité F5 suppriment le contenu du serveur.
Files purporting to be an F5 vulnerability patch are deleting server contents. |
Vulnerability | ★★ | |
|
2023-12-20 12:00:22 | La violation des données XFINITY a un impact sur 36 millions d'individus Xfinity Data Breach Impacts 36 Million Individuals (lien direct) |
> La violation de données XFINITY récemment divulguée, qui a impliqué l'exploitation de la vulnérabilité agricole, a un impact sur 36 millions d'individus
>The recently disclosed Xfinity data breach, which involved exploitation of the CitrixBleed vulnerability, impacts 36 million individuals |
Data Breach Vulnerability | ★★ | |
 |
2023-12-20 11:15:01 | Xfinity a secoué avec une violation de données impactant 36 millions d'utilisateurs Xfinity Rocked with Data Breach Impacting 36 Million Users (lien direct) |
> Par deeba ahmed
La dernière violation de données XFINITY est liée à la vulnérabilité critique des saignements Citrix.
Ceci est un article de HackRead.com Lire le post original: Xfinity a secoué avec une violation de données impactant 36 millions d'utilisateurs
>By Deeba Ahmed The latest Xfinity data breach is linked to the critical Citrix Bleed vulnerability. This is a post from HackRead.com Read the original post: Xfinity Rocked with Data Breach Impacting 36 Million Users |
Data Breach Vulnerability | ★★ | |
|
2023-12-20 02:00:00 | BugCrowd annonce des cotes de vulnérabilité pour les LLM Bugcrowd Announces Vulnerability Ratings for LLMs (lien direct) |
La mise à jour de la taxonomie de notation de la vulnérabilité de la société offre aux chercheurs de vulnérabilité un cadre pour évaluer et hiérarchiser les vulnérabilités dans les modèles de grande langue.
The update to the company\'s Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models. |
Vulnerability | ★★ | |
|
2023-12-19 20:55:00 | Flaws de sécurité Microsoft Outlook Zero-Click déclenché par un fichier son Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File (lien direct) |
Les attaquants peuvent enchaîner les vulnérabilités pour obtenir une exécution complète du code distant.
Attackers can chain the vulnerabilities to gain full remote code execution. |
Vulnerability | ★★ | |
 |
2023-12-19 17:35:09 | SSH protège les réseaux les plus sensibles du monde.Ça devient beaucoup plus faible SSH protects the world\\'s most sensitive networks. It just got a lot weaker (lien direct) |
La nouvelle attaque de Terrapin utilise la troncature préfixe pour rétrograder la sécurité des canaux SSH.
Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels. |
Vulnerability | ★★★★ | |
|
2023-12-19 15:00:00 | 2023 Cyber Madenats: 26 000+ Vulnérabilités, 97 au-delà de la liste des CISA 2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List (lien direct) |
Le rapport Quality a également montré que plus de 7 000 vulnérabilités avaient un code d'exploitation de preuve de concept
The Qualys report also showed over 7000 vulnerabilities had proof-of-concept exploit code |
Vulnerability Threat | ★★★ | |
|
2023-12-19 14:30:00 | 36 millions de personnes touchées par la violation de données à Xfinity 36 million people affected by data breach at Xfinity (lien direct) |
Le fournisseur de services de télévision par câble et d'Internet Xfinity indique qu'une violation liée à une vulnérabilité généralisée dans la technologie Citrix a exposé des données de près de 36 millions de personnes à la mi-octobre.L'intrusion s'est produite entre le 16 et le 19 octobre, après que Citrix ait annoncé le bogue, mais avant que Xfinity ne répare ses systèmes, a déclaré la société basée à Philadelphie dans un notification déposée lundi
Cable TV and internet service provider Xfinity says a breach linked to a widespread vulnerability in Citrix technology exposed data of about nearly 36 million people in mid-October. The intrusion happened between October 16-19, after Citrix had announced the bug but before Xfinity patched its systems, the Philadelphia-based company said in a notification filed Monday |
Data Breach Vulnerability | ★★ | |
|
2023-12-19 12:28:00 | 8220 gang exploitant Oracle Weblogic Server Vulnérabilité à la propagation de logiciels malveillants 8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware (lien direct) |
Les acteurs de menace associés à la & nbsp; 8220 gang & nbsp; ont été observés exploitant un défaut de haute sévérité dans le serveur Oracle Weblogic pour propager leurs logiciels malveillants.
La lacune de sécurité est & nbsp; CVE-2020-14883 & nbsp; (Score CVSS: 7.2), un bug d'exécution de code distant qui pourrait être exploité par des attaquants authentifiés pour prendre les serveurs sensibles.
"Cette vulnérabilité permet à la distance authentifiée
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated |
Malware Vulnerability Threat | ★★ | |
|
2023-12-19 12:03:18 | Les attaques Terrapin peuvent rétrograder la sécurité des connexions OpenSSH Terrapin attacks can downgrade security of OpenSSH connections (lien direct) |
Les chercheurs universitaires ont développé une nouvelle attaque appelée Terrapin qui manipule les numéros de séquence pendant le processus de poignée de main pour briser l'intégrité du canal SSH lorsque certains modes de chiffrement largement utilisés sont utilisés.[...]
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used. [...] |
Vulnerability | ★★★ | |
|
2023-12-19 11:48:41 | Alertes Microsoft des vulnérabilités RCE et DOS dans Perforce Server: CVE-2023-45849, CVE-2023-35767, CVE-2023-45319, CVE-2023-5759 Microsoft Alerts of RCE and DoS Vulnerabilities in Perforce Server: CVE-2023-45849, CVE-2023-35767, CVE-2023-45319, CVE-2023-5759 (lien direct) |
Lors d'une revue de sécurité de ses studios de développement de jeux, Microsoft a trouvé quatre vulnérabilités à Perforce ...
During a security review of its game development studios, Microsoft found four vulnerabilities in Perforce... |
Vulnerability | ★★ | |
|
2023-12-19 11:30:00 | Les données des clients XFINITY sont compromises dans l'attaque exploitant la vulnérabilité agricole Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability (lien direct) |
> La Xfinity de Comcast \\ affirme que les données des clients, y compris les informations d'identification, ont été compromises dans une attaque exploitant la vulnérabilité agricole
>Comcast\'s Xfinity says customer data, including credentials, were compromised in an attack exploiting the CitrixBleed vulnerability |
Vulnerability | ★★ | |
|
2023-12-19 11:00:00 | La meilleure conférence de cybersécurité dont vous n'avez jamais entendu parler The best Cybersecurity conference you never heard of (lien direct) |
For the past 12 years in Austin, TX, the last week of October has been reserved for the Lonestar Application Security Conference (LASCON). Unequivocally, LASCON is the best cybersecurity conference you have never heard of!
LASCON is the annual confab of the Austin, TX OWASP (the Open Worldwide Application Security Project) chapter. OWASP is a volunteer organization that is a treasure trove of application security information with things such as standards, discussion groups, documentation, and more. The organization tracks the annual OWASP Top 10 web application security risks and is the proverbial north star for developers seeking more secure coding practices.
LASCON 2023 talks are recorded and available.
As a conference, LASCON rolls up its metaphorical sleeves and puts on a fabulous show. The uniqueness of LASCON:
Delivers exceptional content focused on application security
Offers every attendee the opportunity to challenge themselves and gain new life skills
Provides physical and cerebral entertainment
Exceptional content
LASCON is wholly committed to discussing, exploring, and showcasing application security. Check out the 2023 agenda here to see the extensive programming focused on application security.
Why is application security so important? In the world of cybersecurity, the subset of application security is the last mile and the area the adversaries know may be less security-aware.
Software is malleable and widely shared. In many cases software developers live in an environment of “just ship it” only to find that unintentional vulnerabilities crept into a production release.
The push to “DevSecOps” or “SecDevOps” means security disciplines are being incorporated from the beginning to alleviate many of the problems that stem from a “just ship it” environment.
LASCON tackles the what, why, and how of application security. In 2023, there was plenty of focus on the needs and benefits of automation, how development teams need to communicate to different audiences, and of course what generative-AI means for application security. In other words, something for everyone.
Many of the LASCON sessions were recorded and the replays will be available in the next few months. I highly recommend viewing this topical content.
New life skills
Similar to other conferences, LASCON has an expo hall where sponsor-vendors showcase their technology and give away swag.
But…LASCON goes a step further and brings in the Longhorn Lock Picking Club to set up Lock Pick Village in one end of the expo hall. Lock Pick Village focuses on locksport. This skill uses logical thinking, involves manual dexterity, and brings out the physical aspect of security.
Lock Pick Village is a favorite among attendees and creates a bonding opportunity at LASCON. The mayor of Lock Pick Village runs various contests throughout the two days of the conference with winners walking away with bragging rights.
Entertainment
LASCON has something for everyone!
Each year, the LASCON organizing team hosts “speed debates”. These debates are sarcastic, outlandish, and just plain funny. A moderator hosts two teams who take on cybersecurity topics of the day and present heartfelt pro or con arguments. Topics are far-ranging and incl |
Vulnerability Conference | ★★★ | |
 |
2023-12-19 02:45:07 | L'histoire du patch mardi: en regardant les 20 premières années The History of Patch Tuesday: Looking back at the first 20 years (lien direct) |
L'un des aspects les plus critiques de la cybersécurité est de s'assurer que tous les logiciels sont tenus à jour avec les derniers correctifs.Ceci est nécessaire pour couvrir toutes les vulnérabilités dont les cybercriminels pourraient profiter afin d'infiltrer une organisation et de lancer une attaque.Avec le volume de mises à jour et les efforts nécessaires pour les installer et les configurer, il est bon de savoir précisément lorsque les correctifs seront publiés."Patch Mardi", un événement mensuel où Microsoft publie des correctifs logiciels, a commencé il y a 20 ans et se déroule toujours aujourd'hui.Depuis lors, il y a eu un changement considérable dans la façon dont ...
One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an organization and launch an attack. With the volume of updates and the effort needed to install and configure them, it is good to know precisely when patches will be released. “Patch Tuesday”, a monthly event where Microsoft releases software patches, started 20 years ago and is still going strong today. Since then, there has been a considerable shift in how... |
Vulnerability | ★★★★ | |
|
2023-12-19 01:22:36 | La vulnérabilité Apache ActiveMQ (CVE-2023-46604) étant en permanence exploitée dans les attaques Apache ActiveMQ Vulnerability (CVE-2023-46604) Continuously Being Exploited in Attacks (lien direct) |
En novembre 2023, Ahnlab Security Emergency Response Center (ASEC) a publié un article de blog intitulé & # 8220;Circonstances du groupe Andariel exploitant une vulnérabilité Apache ActiveMQ (CVE-2023-46604) & # 8221;[1] qui a couvert les cas du groupe de menaces Andariel exploitant la vulnérabilité CVE-2023-46604 pour installer des logiciels malveillants.Ce message a non seulement couvert les cas d'attaque du groupe Andariel, mais aussi ceux de Hellokitty Ransomware, de Cobalt Strike et Metasploit Meterpreter.Depuis lors, la vulnérabilité Apache ActiveMQ (CVE-2023-46604) a continué à être exploitée par divers acteurs de menace.Ce ...
In November 2023, AhnLab Security Emergency response Center (ASEC) published a blog post titled “Circumstances of the Andariel Group Exploiting an Apache ActiveMQ Vulnerability (CVE-2023-46604)” [1] which covered cases of the Andariel threat group exploiting the CVE-2023-46604 vulnerability to install malware. This post not only covered attack cases of the Andariel group but also those of HelloKitty Ransomware, Cobalt Strike, and Metasploit Meterpreter. Since then, the Apache ActiveMQ vulnerability (CVE-2023-46604) has continued to be exploited by various threat actors. This... |
Ransomware Malware Vulnerability Threat | ★★★ | |
|
2023-12-18 22:51:00 | Dans les coulisses: la frappe coordonnée de Jaskago \\ sur macOS et Windows Behind the Scenes: JaskaGO\\'s Coordinated Strike on macOS and Windows (lien direct) |
Executive summary
In recent developments, a sophisticated malware stealer strain crafted in the Go programming language has been discovered by AT&T Alien Labs, posing a severe threat to both Windows and macOS operating systems.
As of the time of publishing of this article, traditional antivirus solutions have low or even non-existent detection rates, making it a stealthy and formidable adversary.
Key takeaways:
The malware is equipped with an extensive array of commands from its Command and Control (C&C) server.
JaskaGO can persist in different methods in infected system.
Users face a heightened risk of data compromise as the malware excels at exfiltrating valuable information, ranging from browser credentials to cryptocurrency wallet details and other sensitive user files.
Background
JaskaGO contributes to a growing trend in malware development leveraging the Go programming language. Go, also known as Golang, is recognized for its simplicity, efficiency, and cross-platform capabilities. Its ease of use has made it an attractive choice for malware authors seeking to create versatile and sophisticated threats.
While macOS is often perceived as a secure operating system, there exists a prevalent misconception among users that it is impervious to malware. Historically, this misbelief has stemmed from the relative scarcity of macOS-targeted threats compared to other platforms. However, JaskaGO serves as a stark reminder that both Windows and macOS users are constantly at risk of malware attacks.
As the malware use of file names resembling well-known applications (such as “Capcut_Installer_Intel_M1.dmg”, “Anyconnect.exe”) suggest a common strategy of malware deployment under the guise of legitimate software in pirated application web pages.
The first JaskaGo sample was observed in July 2023, initially targeting Mac users. Following this opening assault, dozens of new samples have been identified as the threat evolved its capabilities and developed in both macOS and to Windows versions; its low detection rate is evident by its recent sample by anti-virus engines. (Figure 1)
 .
Figure 1. As captured by Alien Labs: Anti-virus detection for recent JaskaGO samples within VirusTotal.
Analysis
Upon initial execution, the malware cunningly presents a deceptive message box, displaying a fake error message, claiming a missing file. This is strategically designed to mislead the user into believing that the malicious code failed to run. (Figure 2)
Figure 2. As captured by Alien Labs: Fake error message.
Anti-VM
The malware conducts thorough checks to determine if it is operating within a virtual machine (VM). This process begins with the examination of general machine information, where specific criteria such as the number of processors, system up-time, available system memory, and MAC addresses are checked. The presence of MAC addresses associated with well-known VM software, such as VMware or VirtualBox, is a key indicator. (Figure 3)
Figure 3. As captured by Alien Labs: Looking for VM related MAC addresses.
Additionally, the malware\'s Windows version searches for VM-related traces in both the registry and the file system. (Figure 4)
|
Malware Vulnerability Threat Prediction Technical | ★★★ | |
|
2023-12-18 21:13:00 | Attention: les experts révèlent de nouveaux détails sur les exploits Outlook RCE sur zéro clique Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits (lien direct) |
Des détails techniques ont émergé environ deux défauts de sécurité désormais paralysés dans Microsoft Windows qui pourraient être enchaînés par les acteurs de la menace pour réaliser l'exécution de code distant sur le service de messagerie Email Outlook sans toute interaction utilisateur.
"Un attaquant sur Internet peut enchaîner les vulnérabilités pour créer un exploit complet de code distant (RCE) à zéro cliquez sur des clients d'Outlook", akamai la sécurité
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security |
Vulnerability Threat Technical | ★★★ | |
|
2023-12-18 19:00:00 | La mise en place d'une valeur en dollars sur les vulnérabilités aidera-t-elle à les prioriser? Will Putting a Dollar Value on Vulnerabilities Help Prioritize Them? (lien direct) |
Le système de notation de l'impact de la vulnérabilité de Zoom calcule l'impact d'une vulnérabilité pour attribuer un paiement en espèces pour les bogues, ce qui a conduit les pirates à hiérarchiser les défauts plus graves.Peut-il faire de même pour les entreprises?
Zoom\'s Vulnerability Impact Scoring System calculates the impact of a vulnerability to assign a cash payout for bugs, leading hackers to prioritize more severe flaws. Can it do the same for companies? |
Vulnerability | ★★ | |
|
2023-12-18 17:00:00 | Moveit Vulnérabilité Hits Delta Dental: 7 millions d'enregistrements exposés MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed (lien direct) |
Les acteurs non autorisés ont violé les données de santé, y compris les détails liés aux procédures dentaires et aux réclamations
Unauthorized actors breached health data, including details related to dental procedures and claims |
Vulnerability | ★★ | |
|
2023-12-18 13:05:33 | Nouveau service DDOS, Vulnérabilité Microsoft Defender, Accès au réseau à la banque indienne, fuite de données de l'Université de Princeton New DDoS Service, Microsoft Defender Vulnerability, Network Access to Indian Bank, Princeton University Data Leak (lien direct) |
La semaine dernière, l'équipe Web sombre de Socradar a découvert des développements critiques, y compris un nouveau DDOS ...
In the last week, SOCRadar’s Dark Web Team uncovered critical developments, including a new DDoS... |
Vulnerability | ★★ | |
|
2023-12-18 11:00:00 | Dévoiler le Web Dark: un guide professionnel de l'exploration éthique Unveiling the dark web: A professional\\'s guide to ethical exploration (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The dark web, often shrouded in mystery and intrigue, is a realm of the internet that exists beyond the reach of traditional search engines. While the Dark Web does harbor a certain notoriety for hosting illegal activities, it also contains valuable information and resources that can be beneficial for professionals involved in cybersecurity, threat intelligence, and investigations. This article will provide a comprehensive guide on how to search the dark web for information gathering in a professional and ethical manner. Understanding the dark web Before delving into the intricacies of searching on the dark web, it\'s crucial to comprehend its structure. The internet comprises three layers: the surface web, the deep web, and the dark web. Surface web: This is the portion of the internet indexed by search engines like Google and accessible to the general public. Deep web: The Deep Web includes websites and databases not indexed by search engines. These are often password-protected or behind paywalls, such as online banking or email accounts. Dark web: The dark web is a hidden network of websites that can only be accessed using specialized software, such as Tor. It\'s intentionally designed to conceal the identity of users and hosts. While it has a reputation for illegal markets, it also includes legitimate websites and forums. Ethical considerations Searching the dark web requires a strong commitment to ethical conduct. It\'s essential to respect both legal and moral boundaries. Here are some critical ethical considerations: Legal compliance: Ensure that your activities are within the bounds of the law. Engaging in any illegal activities, such as purchasing illicit goods, is strictly prohibited. Use encryption: When accessing the dark web, always use encryption tools like the Tor browser to protect your identity and maintain anonymity. Verification: Verify the legitimacy of the information you find. Misinformation and scams are prevalent on the dark web. Searching the Dark Web Get the right tools: Start by downloading the Tor browser, a free and open-source software that allows you to access the dark web while concealing your IP address. Consider using a virtual private network (VPN) in combination with the Tor browser for an additional layer of security. Deep web vs. dark web: Distinguish between the deep web and the dark web. Remember that the deep web consists of web pages not indexed by search engines but is not inherently hidden. The dark web, on the other hand, is intentionally concealed. Search engines: Dark web search engines like DuckDuckGo, Torch and notEvil can be used to find specific websites and content. These search engines access .onion domains, which are unique to the dark web. Directories: Dark web directories are like Yellow Pages for hidden services. They list websites and their categories, making it easier to find what you\'re looking for. Notable directories include The Hidden Wiki and TorLinks. Forums and communities: The dark web hosts numerous forums, discussion boards, and communities that cover a wide range of topics. Some of these can be valuable sources of information. However, exercise caution as many forums are associated with illegal activities. File sharing: File-sharing services on the dark web may contain a wealth of data, including documents, reports, and archives. Some of these files may be of intere | Tool Vulnerability Threat | ★★ | |
 |
2023-12-18 09:05:52 | CISA rapporte l'évaluation des risques de santé et de la vulnérabilité, offre des recommandations de cybersécurité CISA reports on healthcare risk and vulnerability assessment, offers cybersecurity recommendations (lien direct) |
L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) a publié vendredi un rapport sur les conclusions d'un ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released on Friday a report on the findings of a... |
Vulnerability | ★★ | |
|
2023-12-16 11:17:34 | La vulnérabilité NVR VIOSTOR NAPTOR activement exploitée par malware botnet QNAP VioStor NVR vulnerability actively exploited by malware botnet (lien direct) |
Un botnet basé à Mirai nommé \\ 'InfectedSlurs \' exploite une vulnérabilité d'exécution de code distant (RCE) dans QNAP VIOSTORDispositifs NVR (enregistreur vidéo réseau) à détourner et les faire faire partie de son essaim DDOS (déni de service distribué).[...]
A Mirai-based botnet named \'InfectedSlurs\' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. [...] |
Malware Vulnerability | ★★★ | |
|
2023-12-15 19:00:00 | Établir des critères de récompense pour la déclaration des bogues dans les produits de l'IA Establishing Reward Criteria for Reporting Bugs in AI Products (lien direct) |
Les programmes de chasseurs de bogues peuvent aider les organisations à favoriser la découverte de tiers et le rapport sur les problèmes et les vulnérabilités spécifiques aux systèmes d'IA.
Bug hunter programs can help organizations foster third-party discovery and reporting of issues and vulnerabilities specific to AI systems. |
Vulnerability | ★★ | |
|
2023-12-15 18:35:05 | Delta Dental Hit avec 7 millions de violation de données utilisateur dans l'attaque liée à Moveit Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack (lien direct) |
> Par waqas
Depuis son émergence en mai 2023, la vulnérabilité Moveit a été exploitée par le gang de ransomware CL0P lié à la Russie, & # 8230;
Ceci est un article de HackRead.com Lire le post original: Delta Dental Hit avec 7 millions de violation de données utilisateur dans l'attaque liée à Moveit
>By Waqas Since its emergence in May 2023, the MOVEit vulnerability has been exploited by the Russian-linked Cl0p ransomware gang,… This is a post from HackRead.com Read the original post: Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack |
Ransomware Data Breach Vulnerability | ★★ |
To see everything:
Our RSS (filtrered)
