What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-05 10:30:26 | Tractors vs. threat actors: How to hack a farm (lien direct) | >Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat. | Hack Threat | ★★ | |
 |
2022-12-02 11:56:50 | Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws (lien direct) | Researchers at industrial cybersecurity firm Nozomi Networks have discovered three vulnerabilities in Mitsubishi Electric's GX Works3 engineering workstation software that could be exploited to hack safety systems. | Hack | ★★★ | |
 |
2022-12-02 11:04:39 | Android Keyboard Apps with 2 Million downloads can remotely hack your device (lien direct) | >Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn of three Android keyboard apps with cumulatively two million installs that are affected by multiple flaws (CVE-2022-45477, CVE-2022-45478, CVE-2022-45479, CVE-2022-45480, CVE-2022-45481, CVE-2022-45482, CVE-2022-45483) that can be […] | Hack | ★★★ | |
 |
2022-11-29 15:00:00 | Vol décentralisé: disséquer le piratage du pont nomade et suivre l'argent Decentralized Robbery: Dissecting the Nomad Bridge Hack and Following the Money (lien direct) |
Dans cet article de blog, Mandiant jette un aperçu plus approfondi de la façon dont le contrat de contrat de Nomad Bridge a été exploité et analyse les transactions en chaîne post-compromis à l'aide de la société de prévention de la cybercriminalité Cyber Cyber Cyber Cyber Cyber Cyber.Équipe Six \'s (CT6) Blockchain Investigative Software, cryptovoyant.
arrière-plan
Début août 2022, le public a observé une autre attaque de pont, cette fois contre le pont tokad - un "pont" permet d'interopérabilité entre deux blockchains et est décrit plus en détail dansce post.Dans ce cas, une mise à jour du contrat intelligent du pont \\ a conduit à un état où transactions spécialement conçues
In this blog post, Mandiant takes a deeper look into how the Nomad bridge smart-contract was exploited and analyzes the on-chain transactions post-compromise using cybercrime prevention company Cyber Team Six\'s (CT6) blockchain investigative software, CryptoVoyant. Background In early August 2022, the public observed yet another bridge attack, this time against the Nomad token bridge-a “bridge” allows interoperability between two blockchains and is further described in this post. In this case an update to the bridge\'s smart contract led to a state where specially crafted transactions |
Hack | ★★★★ | |
|
2022-11-29 13:32:35 | Ransomware Gang Takes Credit for Maple Leaf Foods Hack (lien direct) | The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. | Ransomware Hack | ★★★ | |
 |
2022-11-29 11:00:00 | 5 Tips for protecting your connected vehicle against Cyberattacks (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. As more connected vehicles hit the road, cyberattacks are increasing. Deloitte estimates that there will be over 470 million connected cars in use by 2025 if their popularity continues to grow at the current rate. And because each connected car produces about 25 GB of data every hour, they are a tempting challenge for cybercriminals and bad actors with malicious intent. Connected vehicles come with enhanced features that give drivers more to love about their favorite car brands, but cybersecurity in automobiles has a long way to go. If you drive a connected car or are considering buying one, you need to know how to protect your new car against a potential cyberattack. In this article, we’ll talk about how hackers can infiltrate your vehicle and what you can do to protect yourself and your car from a serious attack. Can your car get hacked? Cars today are built using hundreds of sensors connected to computers that help monitor how your car operates, add internet capabilities, and enable connected apps. While these technologies are helpful and convenient for drivers, they can also lead to data theft and even threaten your safety while driving. For example, remote manipulation, identity theft, and vehicle theft are all ways that bad actors can exploit the security vulnerabilities of your connected car. The push toward electric vehicles also poses a unique threat to connected car owners. A recent survey revealed that 79% of two-car households are considering an electric car for their next purchase, but ethical hacking exercises have shown that electric vehicles can easily be drained by remote hackers. This can potentially put drivers in a dangerous situation if they are stranded without a means of charging their vehicle. There are many ways that bad actors can hack into your car. They can manipulate the signal from a key fob to unlock your doors, change the code in the apps to create a backdoor to steal your data, learn about your driving habits, control your vehicle’s security response systems, and much more. Cars today are essentially human-assisted computers, which means they can be hacked just as easily as any other IoT device. How to protect your connected vehicle from a cyberattack Connected vehicles provide users convenience and peace of mind while traveling across the country or making their daily commute. But they also pose a significant threat when bad actors execute attacks for data theft, taking over vehicle controls, and even tracking your location. If you’re going to take advantage of connected vehicle features, you need to know how to protect yourself from becoming the victim of an automotive cyberattack. Here are five tips to protect your connected vehicle from an attack: Remove dongles Dongles are small devices that plug into the diagnostic port and allow companies to monitor your driving habits for various reasons. It can be used to monitor vehicle performance, improve gas mileage, and set more accurate insurance rates based on driving activity. Many people choose to use dongles to save money and ensure their car is running at top performance, but these devices can be an | Hack Threat Guideline | Deloitte Deloitte | ★★★ |
 |
2022-11-28 14:37:31 | Malicious Life Podcast: Jailbreaking Tractors (lien direct) |
John Deere, an American agricultural machinery manufacturer, has recently enraged many farmers and digital rights activists due to the restrictive fixing policy of its tractors. Now, an Australian white hat hacker named Sick Codes has demonstrated not only how he was able to jailbreak the company's tractors and run Doom on them (because why not) - but also hack into its global operations center, demonstrating how hackers can easily take over a huge number of farming machines all over the world. |
Hack | ★★★ | |
 |
2022-11-23 17:31:02 | Expert comment: Microsoft announce energy grid hack (lien direct) | Microsoft announce energy grid hack the comment from Sharon Nachshony, Security Researcher at Silverfort. - Malware Update | Hack | ||
 |
2022-11-22 17:54:04 | How to hack an unpatched Exchange server with rogue PowerShell code (lien direct) | Review your servers, your patches and your authentication policies - there's a proof-of-concept out | Hack | ★★★★ | |
 |
2022-11-22 13:28:52 | Hack The Box launches its annual University CTF to inspire the next generation of security professionals to take the fight against cybercriminals (lien direct) | As the cyber skills gap widens to record new levels, disruptive cybersecurity training and upskilling platform, Hack The Box (HTB), has announced its annual global University 'Capture the Flag' (CTF) competition that will take place from 2nd – 4th December 2022. This year's event, which is open to students and academics at higher […] | Hack | ★★★ | |
 |
2022-11-22 02:00:00 | Know thy enemy: thinking like a hacker can boost cybersecurity strategy (lien direct) | As group leader for Cyber Adversary Engagement at MITRE Corp., Maretta Morovitz sees value in getting to know the enemy – she can use knowledge about cyber adversaries to distract, trick, and deflect them and develop strategies to help keep threat actors from getting whatever they're after.That could mean placing decoys and lures that exploit their expectations for what an attacker will find when they first hack into an environment, she says. Or it could mean deliberately disorienting them by creating scenarios that don't match up to those expectations. “It's about how to drive defenses by knowing how the adversaries actually behave,” says Morovitz, who is also group leader for MITRE Engage, a cyber adversary engagement framework.To read this article in full, please click here | Hack Threat Guideline | ★★★ | |
 |
2022-11-18 18:08:04 | First Review of A Hacker\'s Mind (lien direct) | Kirkus reviews A Hacker’s Mind: A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost. Schneier, a professor at Harvard Kennedy School and author of such books as Data and Goliath and Click Here To Kill Everybody, regularly challenges his students to write down the first 100 digits of pi, a nearly impossible task—but not if they cheat, concerning which he admonishes, “Don’t get caught.” Not getting caught is the aim of the hackers who exploit the vulnerabilities of systems of all kinds. Consider right-wing venture capitalist Peter Thiel, who located a hack in the tax code: “Because he was one of the founders of PayPal, he was able to use a $2,000 investment to buy 1.7 million shares of the company at $0.001 per share, turning it into $5 billion—all forever tax free.” It was perfectly legal—and even if it weren’t, the wealthy usually go unpunished. The author, a fluid writer and tech communicator, reveals how the tax code lends itself to hacking, as when tech companies like Apple and Google avoid paying billions of dollars by transferring profits out of the U.S. to corporate-friendly nations such as Ireland, then offshoring the “disappeared” dollars to Bermuda, the Caymans, and other havens. Every system contains trap doors that can be breached to advantage. For example, Schneier cites “the Pudding Guy,” who hacked an airline miles program by buying low-cost pudding cups in a promotion that, for $3,150, netted him 1.2 million miles and “lifetime Gold frequent flier status.” Since it was all within the letter if not the spirit of the offer, “the company paid up.” The companies often do, because they're gaming systems themselves. “Any rule can be hacked,” notes the author, be it a religious dietary restriction or a legislative procedure. With technology, “we can hack more, faster, better,” requiring diligent monitoring and a demand that everyone play by rules that have been hardened against tampering... | Hack | ||
|
2022-11-18 15:04:41 | Successful Hack of Time-Triggered Ethernet (lien direct) | Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it: On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. The attack works by exploiting a vulnerability in the TTE protocol. The work was completed by researchers at the University of Michigan, the University of Pennsylvania, and NASA’s Johnson Space Center... | Hack Vulnerability | ||
 |
2022-11-18 12:00:00 | The OkCupid Dev Who Built a Hack to Get Taylor Swift Tickets (lien direct) | Ruben Martinez Jr. was in the Ticketmaster queue so long he had time to build a Chrome Extension to help other Swifties know their true place in line. | Hack | ||
|
2022-11-17 09:39:05 | Magento Vulnerability Increasingly Exploited to Hack Online Stores (lien direct) | E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores. | Malware Hack Vulnerability | ||
|
2022-11-16 10:54:15 | Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers (lien direct) | A team of researchers from the University of Michigan, University of Pennsylvania and NASA have identified a potentially serious vulnerability in networking technology used in spacecraft, aircraft, and industrial control systems. | Hack Vulnerability | ||
 |
2022-11-14 10:45:00 | Mass Email Extortion Campaign Claims Server Hack (lien direct) | Threat actors claim they'll destroy victims' reputation if they don't pay | Hack Threat | ||
 |
2022-11-14 00:00:00 | Cyber Skills au Global Anti Summit 2022 Cyber Skills at the Global Anti Scam Summit 2022 (lien direct) |
Les 9 et 10 novembre, le 3e Sommet mondial anti-escroquerie (GASS) a eu lieu à La Haye.L'objectif du sommet est d'aider les gouvernements, les autorités financières et financières, les forces de l'ordre, les agences de protection de la marque et les organisations commerciales partagent des connaissances et des informations sur la lutte contre les escroqueries en ligne et définir des actions concrètes pour lutter contre la fraude en ligne plus efficacement et plus efficacement.
Offrant une combinaison de présentations, de conférences et d'ateliers, l'événement est également devenu victime d'une fausse alarme incendie, d'activité troll sur le chat en direct et d'un piratage du flux en direct tandis que M. Jack Whittaker, un doctorant à l'Université de Surrey,Faisait une présentation sur les raisons pour lesquelles les internautes sont arnaqués.
Commentant le sommet, Jacqueline Kehoe, le chef de projet des cyber-compétences de MTU \\, a ré-souligné l'importance de rester vigilant alors qu'elle racontait une fausse société de cybersécurité basée à Singapour, le groupe-IB, menée pendant l'événement.
L'entreprise a ciblé 100 participants au sommet, mais de faux comptes LinkedIn.Les participants ont été informés qu'ils avaient été sélectionnés par les organisateurs pour participer à un tirage au sort et ont reçu un lien qui demandait leurs coordonnées personnelles.Trente-cinq participants ont cliqué sur le faux lien, 15 ont rempli le faux formulaire et ont soumis leurs coordonnées personnelles et deux informations supplémentaires meublées.
On 9th and 10th of November, the 3rd Global Anti Scam Summit (GASS) was held at The Hague. The goal of the summit is to help governments, consumer and financial authorities, law enforcement, brand protection agencies, and commercial organisations share knowledge and insights on fighting online scams and define concrete actions to combat online fraud more effectively and efficiently. Delivering a combination of presentations, lectures and workshops, the event also became victim to a false fire alarm, troll activity on the live Zoom chat, and a hack of the live stream while Mr Jack Whittaker, a PhD candidate at the University of Surrey, was giving a presentation on why Internet users get scammed. Commenting on the summit, MTU\'s Cyber Skills Project Manager, Jacqueline Kehoe, re-emphasised the importance of remaining vigilant as she recounted a fake scam Singapore-based cyber-security company Group-IB conducted during the event. The company targeted 100 participants at the summit though fake LinkedIn accounts. Participants were told they had been selected by the organisers to take part in a lucky draw and were sent a link that asked for their personal details. Thirty-five participants clicked the fake link, 15 completed the fake form and submitted their personal details, and two furnished additional information. |
Hack Legislation Commercial | ★★ | |
 |
2022-11-11 11:59:21 | DeFi Platform DFX Finance Hack Stealing $4 Million (lien direct) | A foreign exchange-focused DeFi protocol DFX Finance was attacked on Nov. 11, with the attacker stealing roughly $4 million. | Hack | ||
|
2022-11-10 11:30:18 | ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (lien direct) | Oil and gas flow computers and remote controllers made by Swiss industrial technology firm ABB are affected by a serious vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers, according to industrial cybersecurity firm Claroty. | Hack Vulnerability | ||
 |
2022-11-08 17:07:00 | U.S. Seizes Over 50K Bitcoin Worth $3.3 Billion Linked to Silk Road Dark Web (lien direct) | The U.S. Department of Justice (DoJ) on Monday said it seized 50,676 Bitcoin in November 2021 that was stolen in the 2012 hack of the now-defunct Silk Road dark web marketplace. The bitcoin, which was obtained in 2012 and valued at $3.36 billion when it was discovered last year, is now worth $1.04 billion. Additionally recovered were $661,900 in cash, 25 Casascius coins with an approximate value | Hack | ||
|
2022-11-08 17:00:00 | SEC Announces \'Enforcement Action\' For SolarWinds Over 2020 Hack (lien direct) | In a recent 8-K filing with the SEC, the firm said it reached an agreement with shareholders | Hack | ||
|
2022-11-07 20:54:00 | Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack (lien direct) | Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its systems, but not | Ransomware Hack | ||
 |
2022-11-07 17:07:35 | Stolen $3bn Bitcoin mystery ends with popcorn tin discovery (lien direct) | James Zhong pleads guilty to the 2012 hack as police find stash of 50,000 Bitcoin. | Hack Guideline | ||
|
2022-11-03 21:29:12 | LockBit ransomware gang claims the hack of Continental automotive group (lien direct) | >The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. The group added the name of the company to its Tor leak site and is threatening to publish alleged stolen data if the […] | Ransomware Hack | ||
 |
2022-11-01 21:39:28 | OpenSSL downgrades horror bug after week of panic, hype (lien direct) | Relax, there's more chance of Babbage coming back to life to hack your system than this flaw being exploited OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week. … | Hack Vulnerability | ||
 |
2022-11-01 15:00:00 | Anomali Cyber Watch: Active Probing Revealed ShadowPad C2s, Fodcha Hides Behind Obscure TLDs, Awaiting OpenSSL 3.0 Patch, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, DDoS, OpenSSL, Ransomware, Russia, Spyware, and Ukraine. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
(published: October 27, 2022)
ShadowPad is a custom, modular malware in use by multiple China-sponsored groups since 2015. VMware researchers analyzed the command-and-control (C2) protocol in recent ShadowPad samples. They uncovered decoding routines and protocol/port combinations such as HTTP/80, HTTP/443, TCP/443, UDP/53, and UDP/443. Active probing revealed 83 likely ShadowPad C2 servers (during September 2021 to September 2022). Additional samples communicating with this infrastructure included Spyder (used by APT41) and ReverseWindow (used by the LuoYu group).
Analyst Comment: Researchers can use reverse engineering and active probing to map malicious C2 infrastructure. At the same time, the ShadowPad malware changes the immediate values used in the packet encoding per variant, so finding new samples is crucial for this monitoring.
MITRE ATT&CK: [MITRE ATT&CK] Application Layer Protocol - T1071 | [MITRE ATT&CK] Exfiltration Over Alternative Protocol - T1048 | [MITRE ATT&CK] System Information Discovery - T1082 | [MITRE ATT&CK] Ingress Tool Transfer - T1105
Tags: detection:ShadowPad, C2, APT, China, source-country:CN, actor:APT41, actor:LuoYu, detection:Spyder, detection:ReverseWindow, TCP, HTTP, HTTPS, UDP
Raspberry Robin Worm Part of Larger Ecosystem Facilitating Pre-Ransomware Activity
(published: October 27, 2022)
The Raspberry Robin USB-drive-targeting worm is an increasingly popular infection and delivery method. Raspberry Robin works as a three-file infection: Raspberry Robin LNK file on an USB drive, Raspberry Robin DLL (aka Roshtyak) backdoor, and a heavily-obfuscated .NET DLL that writes LNKs to USB drives. Microsoft researchers analyzed several infection chains likely centered around threat group EvilCorp (aka DEV-0206/DEV-0243). Besides being the initial infection vector, Raspberry Robin was seen delivered by the Fauppod malware, which shares certain code similarities both with Raspberry Robin and with EvilCorp’s Dridex malware. Fauppod/Raspberry Robin infections were followed by additional malware (Bumblebee, Cobalt Strike, IcedID, TrueBot), and eventually led to a ransomware infection (LockBit, Clop).
Analyst Comment: Organizations are advised against enabling Autorun of removable media on Windows by default, as it allows automated activation of an inserted, Raspberry Robin-infected USB drive. Apply best practices related to credential hygiene, network segmentation, and attack surface reduction.
MITRE ATT&CK: [MITRE ATT&CK] Replicat |
Ransomware Malware Hack Tool Vulnerability Threat Guideline | APT 41 | |
 |
2022-10-31 20:27:46 | Unconfirmed hack of Liz Truss\' phone prompts calls for “urgent investigation” (lien direct) | Unconfirmed media report says Russian spies hacked former UK prime minster's phone. | Hack | ||
 |
2022-10-31 01:57:31 | A Case of Malware Infection by the Lazarus Attack Group Disabling Anti-Malware Programs With the BYOVD Technique (lien direct) | In the ASEC blog post uploaded on April 2022 (New Malware of Lazarus Threat Actor Group Exploiting INITECH Process, https://asec.ahnlab.com/en/33801/), the team discussed the fact that the Lazarus attack group had been exploiting the INITECH process to infect systems with malware. This article aims to cover the details of the Lazarus group using the watering hole technique to hack into systems before exploiting the vulnerability of the MagicLine4NX product from Dream Security in order to additionally hack into systems in... | Malware Hack Vulnerability Threat Medical | APT 38 | |
|
2022-10-30 16:10:09 | Liz Truss phone hack claim prompts calls for investigation (lien direct) | The Mail on Sunday claims the ex-prime minister's phone was hacked while she was foreign secretary. | Hack | ||
|
2022-10-29 15:55:00 | Twilio Reveals Another Breach from the Same Hackers Behind the August Hack (lien direct) | Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in | Hack Threat | ||
 |
2022-10-27 12:59:43 | Twilio discloses another hack from June, blames voice phishing (lien direct) | Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. [...] | Hack | ||
|
2022-10-25 09:10:00 | Iranian Atomic Energy Agency Admits Email Hack (lien direct) | Suspected hacktivists inside country share sensitive info | Hack | ||
 |
2022-10-24 20:35:55 | FTC holds alcohol delivery app Drizly and its CEO liable for lax data security before 2020 hack (lien direct) | >The order makes the unusual move in specifically naming the company's CEO and could signal a more aggressive FTC on privacy matters. | Hack | ||
|
2022-10-24 13:17:43 | Iran\'s atomic energy agency confirms hack after stolen data leaked online (lien direct) | The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online. [...] | Hack | ||
|
2022-10-24 12:24:52 | In Israel, Albanian PM to Meet Cyber Chief After Iran Hack (lien direct) | Albanian Prime Minister Edi Rama arrived in Israel on Sunday for an official visit that will include a meeting with Israeli cyber defense officials, the Israeli Foreign Ministry said. | Hack | ||
|
2022-10-24 07:16:00 | Iran\'s nuclear energy agency confirms email server hacked (lien direct) | The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach.The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The energy agency said the hack was intended to gain the attention of the public and media."It should be noted that the content in users' emails contains technical messages and common and current daily exchanges," according to a statement on the organization's website. "It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention."To read this article in full, please click here | Hack | ||
|
2022-10-21 16:25:57 | When cops hack back: Dutch police fleece DEADBOLT criminals (legally!) (lien direct) | Crooks: Show us the money! Cops: How about you show us the decryption keys first? | Hack | ||
|
2022-10-18 06:27:06 | Cops swoop after crooks use wireless keyfob hack to steal cars (lien direct) | Hotwiring is so 2021 Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.… | Hack | ||
|
2022-10-14 12:15:00 | #DTX2022: How to Scam Someone Using Social Media Phishing (lien direct) | Jake Moore, global cybersecurity advisor at ESET, shared at DTX Europe 2022 how he used a fake social media profile to hack employees of a company | Hack | ||
|
2022-10-13 10:05:10 | What the Uber Hack can teach us about navigating IT Security (lien direct) | The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] | Hack Threat | Uber Uber | |
|
2022-10-13 10:00:00 | #See Yourself in Cyber: Top Five Ways to Help Improve your Organization\'s Security Posture (lien direct) | Since 2004, the President of the United States has proclaimed October as cybersecurity awareness month, helping individuals better understand cybersecurity threats and protect them from them. Every year, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) collaborate to increase cybersecurity awareness among private sector companies and consumers. This Year’s Theme: “#See Yourself in Cyber “This year’s campaign theme — “See Yourself in Cyber” — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people. This October will focus on the “people” part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future. We encourage each of you to engage in this year’s efforts by creating your own cyber awareness campaigns and sharing this messaging with your peers.” -Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity is Complex See Yourself in Cyber can be interpreted in multiple ways. To me, it’s speaking to those students unsure of what to major in, telling them to see themselves working in the industry. It’s reaching out to other departments within an organization to get them to understand how they impact security. And highlighting how hard a security analyst’s job is. In a recent blog post, I dove deeper into why security is more challenging than ever. And it all comes back to people. People are the heart of any security organization. Security tools are a requirement, but they don’t replace people. According to (ISC) ²’s 2021 Cyber Workforce Report, there is still a cybersecurity workforce gap of more than 2.72 million. Which for some organizations can mean they’re already behind before even starting. Improving Your Security Posture There are many ways an organization can improve its security posture. They can share threat intelligence. They can invest in threat intelligence platforms or XDR solutions that improve their existing investments. For this blog, I’ve narrowed it down to five: 1) Understanding Your Relevant Threat Landscape Understanding the attack surface is key to knowing what assets need protection and how best to protect them. Unfortunately, most organizations struggle because their attack surface keeps changing. Start with an attack surface assessment. Find out how an attacker sees you. Map your assets against their potential vulnerabilities and readiness to prevent or respond to threats. This will help understand how well current tools and investments protect critical assets and what additional measures need to be taken to improve protection. A comprehensive assessment should include the following: • Visibility into all external facing assets to uncover exposed assets • Identify and evaluate the current security programs • Evaluate the effectiveness of information security policies, procedures, and processes • Determine the effect of cybersecurity incidents on KPIs, including availability, integrity, and privacy • Assess the maturity level of current tools and investments | Ransomware Malware Hack Threat Guideline | ||
|
2022-10-12 14:22:09 | Websites For More Than A Dozen US Airlines Taken Offline By Cyber Attacks (lien direct) | Websites for more than a dozen US airports were temporarily brought offline by cyberattacks on Monday morning, including LaGuardia airport in New York City. The hack has been attributed to a group known as Killnet, Russian hacktivists who support the Kremlin but are not thought to directly be government actors. The attacks did not affect […] | Hack | ||
|
2022-10-12 14:14:52 | Mango Markets Drained Of $100 Million In Month\'s Largest Crypto Theft (lien direct) | It has been reported that in the second $100 million DeFi hack this week, Mango Markets was drained of $100 million in funds due to an exploit. Mango Markets tweeted Tuesday evening that a hacker was able to empty funds from Mango via an oracle price manipulation. Only last Thursday,$100 million was stolen from the Binance […] | Hack | ||
 |
2022-10-11 20:04:35 | Limited distribution: Secretaría de la Defensa Nacional México (6 TBs) (lien direct) | Guacamaya's hack of Mexico's SEDENA, showing evidence of corruption in the military, plus their surveillance of politicians, diplomats, artists, activists and journalists | Hack | ★★★ | |
|
2022-10-11 12:59:44 | Microsoft Exchange servers hacked to deploy LockBit ransomware (lien direct) | Microsoft is investigating reports of a new zero-day bug abused to hack Exchange servers which were later used to launch Lockbit ransomware attacks. [...] | Ransomware Hack | ||
 |
2022-10-07 13:49:06 | Binance blockchain suffers $570 million hack (lien direct) | World's largest crypto exchange targeted in security breach. | Hack | ||
|
2022-10-07 10:57:25 | Binance Bridge Hit by $560 Million Hack (lien direct) | Hackers have exploited a cross-chain bridge to divert more than $560 million worth of cryptocurrency from Binance Bridge. Operating on the Binance Coins (BNB) Smart Chain, Binance Bridge is a blockchain bridge designed to help with the transfer of information and assets between blockchains. | Hack | ||
|
2022-10-06 17:06:34 | Australian Police Make First Arrest in Optus Hack Probe (lien direct) | A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one third of Australia's population was stolen has resulted in its first arrest, investigators said Thursday. | Hack | ★★★ | |
|
2022-10-06 15:11:37 | Ex-Uber security chief convicted of hiding hack from federal regulators (lien direct) | Former security chief may be first exec found guilty of hiding a data breach. | Hack | Uber |
To see everything:
Our RSS (filtrered)
