What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-18 18:08:04 | First Review of A Hacker\'s Mind (lien direct) | Kirkus reviews A Hacker’s Mind: A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost. Schneier, a professor at Harvard Kennedy School and author of such books as Data and Goliath and Click Here To Kill Everybody, regularly challenges his students to write down the first 100 digits of pi, a nearly impossible task—but not if they cheat, concerning which he admonishes, “Don’t get caught.” Not getting caught is the aim of the hackers who exploit the vulnerabilities of systems of all kinds. Consider right-wing venture capitalist Peter Thiel, who located a hack in the tax code: “Because he was one of the founders of PayPal, he was able to use a $2,000 investment to buy 1.7 million shares of the company at $0.001 per share, turning it into $5 billion—all forever tax free.” It was perfectly legal—and even if it weren’t, the wealthy usually go unpunished. The author, a fluid writer and tech communicator, reveals how the tax code lends itself to hacking, as when tech companies like Apple and Google avoid paying billions of dollars by transferring profits out of the U.S. to corporate-friendly nations such as Ireland, then offshoring the “disappeared” dollars to Bermuda, the Caymans, and other havens. Every system contains trap doors that can be breached to advantage. For example, Schneier cites “the Pudding Guy,” who hacked an airline miles program by buying low-cost pudding cups in a promotion that, for $3,150, netted him 1.2 million miles and “lifetime Gold frequent flier status.” Since it was all within the letter if not the spirit of the offer, “the company paid up.” The companies often do, because they're gaming systems themselves. “Any rule can be hacked,” notes the author, be it a religious dietary restriction or a legislative procedure. With technology, “we can hack more, faster, better,” requiring diligent monitoring and a demand that everyone play by rules that have been hardened against tampering... | Hack | ||
|
2022-11-18 15:04:41 | Successful Hack of Time-Triggered Ethernet (lien direct) | Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it: On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single plane to disrupt synchronization and communication between TTE devices on all planes. The attack works by exploiting a vulnerability in the TTE protocol. The work was completed by researchers at the University of Michigan, the University of Pennsylvania, and NASA’s Johnson Space Center... | Hack Vulnerability | ||
 |
2022-11-18 12:00:00 | The OkCupid Dev Who Built a Hack to Get Taylor Swift Tickets (lien direct) | Ruben Martinez Jr. was in the Ticketmaster queue so long he had time to build a Chrome Extension to help other Swifties know their true place in line. | Hack | ||
 |
2022-11-17 09:39:05 | Magento Vulnerability Increasingly Exploited to Hack Online Stores (lien direct) | E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores. | Malware Hack Vulnerability | ||
|
2022-11-16 10:54:15 | Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers (lien direct) | A team of researchers from the University of Michigan, University of Pennsylvania and NASA have identified a potentially serious vulnerability in networking technology used in spacecraft, aircraft, and industrial control systems. | Hack Vulnerability | ||
 |
2022-11-14 10:45:00 | Mass Email Extortion Campaign Claims Server Hack (lien direct) | Threat actors claim they'll destroy victims' reputation if they don't pay | Hack Threat | ||
 |
2022-11-14 00:00:00 | Cyber Skills au Global Anti Summit 2022 Cyber Skills at the Global Anti Scam Summit 2022 (lien direct) |
Les 9 et 10 novembre, le 3e Sommet mondial anti-escroquerie (GASS) a eu lieu à La Haye.L'objectif du sommet est d'aider les gouvernements, les autorités financières et financières, les forces de l'ordre, les agences de protection de la marque et les organisations commerciales partagent des connaissances et des informations sur la lutte contre les escroqueries en ligne et définir des actions concrètes pour lutter contre la fraude en ligne plus efficacement et plus efficacement.
Offrant une combinaison de présentations, de conférences et d'ateliers, l'événement est également devenu victime d'une fausse alarme incendie, d'activité troll sur le chat en direct et d'un piratage du flux en direct tandis que M. Jack Whittaker, un doctorant à l'Université de Surrey,Faisait une présentation sur les raisons pour lesquelles les internautes sont arnaqués.
Commentant le sommet, Jacqueline Kehoe, le chef de projet des cyber-compétences de MTU \\, a ré-souligné l'importance de rester vigilant alors qu'elle racontait une fausse société de cybersécurité basée à Singapour, le groupe-IB, menée pendant l'événement.
L'entreprise a ciblé 100 participants au sommet, mais de faux comptes LinkedIn.Les participants ont été informés qu'ils avaient été sélectionnés par les organisateurs pour participer à un tirage au sort et ont reçu un lien qui demandait leurs coordonnées personnelles.Trente-cinq participants ont cliqué sur le faux lien, 15 ont rempli le faux formulaire et ont soumis leurs coordonnées personnelles et deux informations supplémentaires meublées.
On 9th and 10th of November, the 3rd Global Anti Scam Summit (GASS) was held at The Hague. The goal of the summit is to help governments, consumer and financial authorities, law enforcement, brand protection agencies, and commercial organisations share knowledge and insights on fighting online scams and define concrete actions to combat online fraud more effectively and efficiently. Delivering a combination of presentations, lectures and workshops, the event also became victim to a false fire alarm, troll activity on the live Zoom chat, and a hack of the live stream while Mr Jack Whittaker, a PhD candidate at the University of Surrey, was giving a presentation on why Internet users get scammed. Commenting on the summit, MTU\'s Cyber Skills Project Manager, Jacqueline Kehoe, re-emphasised the importance of remaining vigilant as she recounted a fake scam Singapore-based cyber-security company Group-IB conducted during the event. The company targeted 100 participants at the summit though fake LinkedIn accounts. Participants were told they had been selected by the organisers to take part in a lucky draw and were sent a link that asked for their personal details. Thirty-five participants clicked the fake link, 15 completed the fake form and submitted their personal details, and two furnished additional information. |
Hack Legislation Commercial | ★★ | |
 |
2022-11-11 11:59:21 | DeFi Platform DFX Finance Hack Stealing $4 Million (lien direct) | A foreign exchange-focused DeFi protocol DFX Finance was attacked on Nov. 11, with the attacker stealing roughly $4 million. | Hack | ||
|
2022-11-10 11:30:18 | ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (lien direct) | Oil and gas flow computers and remote controllers made by Swiss industrial technology firm ABB are affected by a serious vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers, according to industrial cybersecurity firm Claroty. | Hack Vulnerability | ||
 |
2022-11-08 17:07:00 | U.S. Seizes Over 50K Bitcoin Worth $3.3 Billion Linked to Silk Road Dark Web (lien direct) | The U.S. Department of Justice (DoJ) on Monday said it seized 50,676 Bitcoin in November 2021 that was stolen in the 2012 hack of the now-defunct Silk Road dark web marketplace. The bitcoin, which was obtained in 2012 and valued at $3.36 billion when it was discovered last year, is now worth $1.04 billion. Additionally recovered were $661,900 in cash, 25 Casascius coins with an approximate value | Hack | ||
|
2022-11-08 17:00:00 | SEC Announces \'Enforcement Action\' For SolarWinds Over 2020 Hack (lien direct) | In a recent 8-K filing with the SEC, the firm said it reached an agreement with shareholders | Hack | ||
|
2022-11-07 20:54:00 | Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack (lien direct) | Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its systems, but not | Ransomware Hack | ||
 |
2022-11-07 17:07:35 | Stolen $3bn Bitcoin mystery ends with popcorn tin discovery (lien direct) | James Zhong pleads guilty to the 2012 hack as police find stash of 50,000 Bitcoin. | Hack Guideline | ||
 |
2022-11-03 21:29:12 | LockBit ransomware gang claims the hack of Continental automotive group (lien direct) | >The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. The group added the name of the company to its Tor leak site and is threatening to publish alleged stolen data if the […] | Ransomware Hack | ||
 |
2022-11-01 21:39:28 | OpenSSL downgrades horror bug after week of panic, hype (lien direct) | Relax, there's more chance of Babbage coming back to life to hack your system than this flaw being exploited OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week. … | Hack Vulnerability | ||
 |
2022-11-01 15:00:00 | Anomali Cyber Watch: Active Probing Revealed ShadowPad C2s, Fodcha Hides Behind Obscure TLDs, Awaiting OpenSSL 3.0 Patch, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, DDoS, OpenSSL, Ransomware, Russia, Spyware, and Ukraine. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
(published: October 27, 2022)
ShadowPad is a custom, modular malware in use by multiple China-sponsored groups since 2015. VMware researchers analyzed the command-and-control (C2) protocol in recent ShadowPad samples. They uncovered decoding routines and protocol/port combinations such as HTTP/80, HTTP/443, TCP/443, UDP/53, and UDP/443. Active probing revealed 83 likely ShadowPad C2 servers (during September 2021 to September 2022). Additional samples communicating with this infrastructure included Spyder (used by APT41) and ReverseWindow (used by the LuoYu group).
Analyst Comment: Researchers can use reverse engineering and active probing to map malicious C2 infrastructure. At the same time, the ShadowPad malware changes the immediate values used in the packet encoding per variant, so finding new samples is crucial for this monitoring.
MITRE ATT&CK: [MITRE ATT&CK] Application Layer Protocol - T1071 | [MITRE ATT&CK] Exfiltration Over Alternative Protocol - T1048 | [MITRE ATT&CK] System Information Discovery - T1082 | [MITRE ATT&CK] Ingress Tool Transfer - T1105
Tags: detection:ShadowPad, C2, APT, China, source-country:CN, actor:APT41, actor:LuoYu, detection:Spyder, detection:ReverseWindow, TCP, HTTP, HTTPS, UDP
Raspberry Robin Worm Part of Larger Ecosystem Facilitating Pre-Ransomware Activity
(published: October 27, 2022)
The Raspberry Robin USB-drive-targeting worm is an increasingly popular infection and delivery method. Raspberry Robin works as a three-file infection: Raspberry Robin LNK file on an USB drive, Raspberry Robin DLL (aka Roshtyak) backdoor, and a heavily-obfuscated .NET DLL that writes LNKs to USB drives. Microsoft researchers analyzed several infection chains likely centered around threat group EvilCorp (aka DEV-0206/DEV-0243). Besides being the initial infection vector, Raspberry Robin was seen delivered by the Fauppod malware, which shares certain code similarities both with Raspberry Robin and with EvilCorp’s Dridex malware. Fauppod/Raspberry Robin infections were followed by additional malware (Bumblebee, Cobalt Strike, IcedID, TrueBot), and eventually led to a ransomware infection (LockBit, Clop).
Analyst Comment: Organizations are advised against enabling Autorun of removable media on Windows by default, as it allows automated activation of an inserted, Raspberry Robin-infected USB drive. Apply best practices related to credential hygiene, network segmentation, and attack surface reduction.
MITRE ATT&CK: [MITRE ATT&CK] Replicat |
Ransomware Malware Hack Tool Vulnerability Threat Guideline | APT 41 | |
 |
2022-10-31 20:27:46 | Unconfirmed hack of Liz Truss\' phone prompts calls for “urgent investigation” (lien direct) | Unconfirmed media report says Russian spies hacked former UK prime minster's phone. | Hack | ||
 |
2022-10-31 01:57:31 | A Case of Malware Infection by the Lazarus Attack Group Disabling Anti-Malware Programs With the BYOVD Technique (lien direct) | In the ASEC blog post uploaded on April 2022 (New Malware of Lazarus Threat Actor Group Exploiting INITECH Process, https://asec.ahnlab.com/en/33801/), the team discussed the fact that the Lazarus attack group had been exploiting the INITECH process to infect systems with malware. This article aims to cover the details of the Lazarus group using the watering hole technique to hack into systems before exploiting the vulnerability of the MagicLine4NX product from Dream Security in order to additionally hack into systems in... | Malware Hack Vulnerability Threat Medical | APT 38 | |
|
2022-10-30 16:10:09 | Liz Truss phone hack claim prompts calls for investigation (lien direct) | The Mail on Sunday claims the ex-prime minister's phone was hacked while she was foreign secretary. | Hack | ||
|
2022-10-29 15:55:00 | Twilio Reveals Another Breach from the Same Hackers Behind the August Hack (lien direct) | Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in | Hack Threat | ||
 |
2022-10-27 12:59:43 | Twilio discloses another hack from June, blames voice phishing (lien direct) | Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. [...] | Hack | ||
|
2022-10-25 09:10:00 | Iranian Atomic Energy Agency Admits Email Hack (lien direct) | Suspected hacktivists inside country share sensitive info | Hack | ||
 |
2022-10-24 20:35:55 | FTC holds alcohol delivery app Drizly and its CEO liable for lax data security before 2020 hack (lien direct) | >The order makes the unusual move in specifically naming the company's CEO and could signal a more aggressive FTC on privacy matters. | Hack | ||
|
2022-10-24 13:17:43 | Iran\'s atomic energy agency confirms hack after stolen data leaked online (lien direct) | The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online. [...] | Hack | ||
|
2022-10-24 12:24:52 | In Israel, Albanian PM to Meet Cyber Chief After Iran Hack (lien direct) | Albanian Prime Minister Edi Rama arrived in Israel on Sunday for an official visit that will include a meeting with Israeli cyber defense officials, the Israeli Foreign Ministry said. | Hack | ||
 |
2022-10-24 07:16:00 | Iran\'s nuclear energy agency confirms email server hacked (lien direct) | The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach.The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The energy agency said the hack was intended to gain the attention of the public and media."It should be noted that the content in users' emails contains technical messages and common and current daily exchanges," according to a statement on the organization's website. "It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention."To read this article in full, please click here | Hack | ||
 |
2022-10-21 16:25:57 | When cops hack back: Dutch police fleece DEADBOLT criminals (legally!) (lien direct) | Crooks: Show us the money! Cops: How about you show us the decryption keys first? | Hack | ||
|
2022-10-18 06:27:06 | Cops swoop after crooks use wireless keyfob hack to steal cars (lien direct) | Hotwiring is so 2021 Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.… | Hack | ||
|
2022-10-14 12:15:00 | #DTX2022: How to Scam Someone Using Social Media Phishing (lien direct) | Jake Moore, global cybersecurity advisor at ESET, shared at DTX Europe 2022 how he used a fake social media profile to hack employees of a company | Hack | ||
|
2022-10-13 10:05:10 | What the Uber Hack can teach us about navigating IT Security (lien direct) | The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] | Hack Threat | Uber Uber | |
|
2022-10-13 10:00:00 | #See Yourself in Cyber: Top Five Ways to Help Improve your Organization\'s Security Posture (lien direct) | Since 2004, the President of the United States has proclaimed October as cybersecurity awareness month, helping individuals better understand cybersecurity threats and protect them from them. Every year, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) collaborate to increase cybersecurity awareness among private sector companies and consumers. This Year’s Theme: “#See Yourself in Cyber “This year’s campaign theme — “See Yourself in Cyber” — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people. This October will focus on the “people” part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future. We encourage each of you to engage in this year’s efforts by creating your own cyber awareness campaigns and sharing this messaging with your peers.” -Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity is Complex See Yourself in Cyber can be interpreted in multiple ways. To me, it’s speaking to those students unsure of what to major in, telling them to see themselves working in the industry. It’s reaching out to other departments within an organization to get them to understand how they impact security. And highlighting how hard a security analyst’s job is. In a recent blog post, I dove deeper into why security is more challenging than ever. And it all comes back to people. People are the heart of any security organization. Security tools are a requirement, but they don’t replace people. According to (ISC) ²’s 2021 Cyber Workforce Report, there is still a cybersecurity workforce gap of more than 2.72 million. Which for some organizations can mean they’re already behind before even starting. Improving Your Security Posture There are many ways an organization can improve its security posture. They can share threat intelligence. They can invest in threat intelligence platforms or XDR solutions that improve their existing investments. For this blog, I’ve narrowed it down to five: 1) Understanding Your Relevant Threat Landscape Understanding the attack surface is key to knowing what assets need protection and how best to protect them. Unfortunately, most organizations struggle because their attack surface keeps changing. Start with an attack surface assessment. Find out how an attacker sees you. Map your assets against their potential vulnerabilities and readiness to prevent or respond to threats. This will help understand how well current tools and investments protect critical assets and what additional measures need to be taken to improve protection. A comprehensive assessment should include the following: • Visibility into all external facing assets to uncover exposed assets • Identify and evaluate the current security programs • Evaluate the effectiveness of information security policies, procedures, and processes • Determine the effect of cybersecurity incidents on KPIs, including availability, integrity, and privacy • Assess the maturity level of current tools and investments | Ransomware Malware Hack Threat Guideline | ||
|
2022-10-12 14:22:09 | Websites For More Than A Dozen US Airlines Taken Offline By Cyber Attacks (lien direct) | Websites for more than a dozen US airports were temporarily brought offline by cyberattacks on Monday morning, including LaGuardia airport in New York City. The hack has been attributed to a group known as Killnet, Russian hacktivists who support the Kremlin but are not thought to directly be government actors. The attacks did not affect […] | Hack | ||
|
2022-10-12 14:14:52 | Mango Markets Drained Of $100 Million In Month\'s Largest Crypto Theft (lien direct) | It has been reported that in the second $100 million DeFi hack this week, Mango Markets was drained of $100 million in funds due to an exploit. Mango Markets tweeted Tuesday evening that a hacker was able to empty funds from Mango via an oracle price manipulation. Only last Thursday,$100 million was stolen from the Binance […] | Hack | ||
 |
2022-10-11 20:04:35 | Limited distribution: Secretaría de la Defensa Nacional México (6 TBs) (lien direct) | Guacamaya's hack of Mexico's SEDENA, showing evidence of corruption in the military, plus their surveillance of politicians, diplomats, artists, activists and journalists | Hack | ★★★ | |
|
2022-10-11 12:59:44 | Microsoft Exchange servers hacked to deploy LockBit ransomware (lien direct) | Microsoft is investigating reports of a new zero-day bug abused to hack Exchange servers which were later used to launch Lockbit ransomware attacks. [...] | Ransomware Hack | ||
 |
2022-10-07 13:49:06 | Binance blockchain suffers $570 million hack (lien direct) | World's largest crypto exchange targeted in security breach. | Hack | ||
|
2022-10-07 10:57:25 | Binance Bridge Hit by $560 Million Hack (lien direct) | Hackers have exploited a cross-chain bridge to divert more than $560 million worth of cryptocurrency from Binance Bridge. Operating on the Binance Coins (BNB) Smart Chain, Binance Bridge is a blockchain bridge designed to help with the transfer of information and assets between blockchains. | Hack | ||
|
2022-10-06 17:06:34 | Australian Police Make First Arrest in Optus Hack Probe (lien direct) | A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one third of Australia's population was stolen has resulted in its first arrest, investigators said Thursday. | Hack | ★★★ | |
|
2022-10-06 15:11:37 | Ex-Uber security chief convicted of hiding hack from federal regulators (lien direct) | Former security chief may be first exec found guilty of hiding a data breach. | Hack | Uber | |
|
2022-10-06 13:16:00 | Guilty verdict in the Uber breach case makes personal liability real for CISOs (lien direct) | Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here | Data Breach Hack | Uber Uber | |
|
2022-10-05 10:27:39 | (Déjà vu) Seattle Woman Gets Probation for Massive Capital One Hack (lien direct) | A former Seattle tech worker convicted of several charges related to a massive hack of Capital One bank and other companies in 2019 was sentenced Tuesday to time served and five years of probation. | Hack | ||
|
2022-10-04 16:00:00 | Optus Confirms Hack Exposed Data of Nearly 2.1 Million Australians (lien direct) | The company confirmed it has employed Deloitte to lead a forensic review of the cyber-attack | Hack Guideline | Deloitte Deloitte | |
|
2022-10-04 12:36:00 | Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers (lien direct) | Australian telecom giant Optus on Monday confirmed that nearly 2.1 million of its current and former customers suffered a leak of their personal information and at least one form of identification number as a result of a data breach late last month. The company also said it has engaged the services of Deloitte to conduct an external forensic assessment of the attack to "understand how it | Hack | Deloitte Deloitte | |
 |
2022-10-04 11:20:28 | How to See Yourself in Cyber: Top Tips from Industry Leaders (lien direct) | It's 2022 and as we all know, the world is a very different place. However, one thing that has not changed is the importance of cybersecurity. In fact, it's more important now than ever before, as the SolarWinds hack and Executive Order prove. That's why for Cybersecurity Awareness Month this year, we asked cybersecurity pioneers and leaders to get their insights on staying cyber safe. Here are their thoughts on CISA's 4 Things You Can Do to See Yourself in Cyber. Enable Multi-Factor Authentication “With the continued rise in cybercrime, there are a few simple steps every person should take to protect themselves, if they aren't already. CISA's first recommended step to stay 'cyber-safe' is to implement multi-factor authentication. It significantly lessens the likelihood of being hacked via unauthorized access and compromised credentials, which, according to Verizon's 2021 Data Breach Investigations Report, were the gateway for 61% of data breaches. Enabling multi-factor… | Data Breach Hack Guideline | ★★ | |
|
2022-10-04 01:10:35 | Report: Mexico Continued to Use Spyware Against Activists (lien direct) | The Mexican government or army has allegedly continued to use spyware designed to hack into the cellphones of activists, despite a pledge by President Andrés Manuel López Obrador to end such practices. | Hack | ||
|
2022-10-03 16:49:07 | New PS5 exploit unlocks root privileges, read/write memory access (lien direct) | Hack uses FreeBSD "race condition" exploit on older PS5 firmware. | Hack | ||
|
2022-10-03 14:35:40 | Russian retail chain \'DNS\' confirms hack after data leaked online (lien direct) | Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that allegedly exposed the personal information of 16 million customers and employees. [...] | Data Breach Hack | ★★★ | |
 |
2022-10-03 12:40:56 | Researcher Spotlight: Globetrotting with Yuri Kramarz (lien direct) | From the World Cup in Qatar to robotics manufacturing in east Asia, this incident responder combines experience from multiple arenas By Jon Munshaw. Yuri “Jerzy” Kramarz helped secure everything from the businesses supporting the upcoming World Cup in Qatar to the Black Hat security conference and critical national infrastructure. He's no stranger to cybersecurity on the big stage, but he still enjoys working with companies and organizations of all sizes in all parts of the world. “What really excites me is making companies more secure,” he said in a recent interview. “That comes down to a couple things, but it's really about putting a few solutions together at first and then hearing the customer's feedback and building from there.” Yuri is a senior incident response consultant with Cisco Talos Incident Response (CTIR) currently based in Qatar. He walks customers through various exercises, incident response plan creation, recovery in the event of a cyber attack and much more under the suite of offerings CTIR has. Since moving from the UK to Qatar, he is mainly focused on preparing various local entities in Qatar for the World Cup slated to begin in November. Qatar estimates more than 1.7 million people will visit the country for the international soccer tournament, averaging 500,000 per day at various stadiums and event venues. For reference, the World Bank estimates that 2.9 million people currently live in Qatar. This means the businesses and networks in the country will face more traffic than ever and will no doubt draw the attention of bad actors looking to make a statement or make money off ransomware attacks. “You have completely different angles in preparing different customers for defense during major global events depending on their role, technology and function,” Kramarz said. In every major event, there were different devices, systems and networks interconnected to provide visitors and fans with various hospitality facilities that could be targeted in a cyber attack. Any country participating in the event needs to make sure they understand the risks associated with it and consider various adversary activities that might play out to secure these facilities. Kramarz has worked in several different geographic areas in his roughly 12-year security career, including Asia, the Middle East, Europe and the U.S. He has experience leading red team engagements (simulating attacks against targets to find potential security weaknesses) in traditional IT and ICS/OT environments, vulnerability research and blue team defense. The incident response field has been the perfect place for him to put all these skills to use.  He joined Portcullis Securit |
Ransomware Hack Vulnerability Guideline | ||
 |
2022-10-03 05:00:59 | Méfiance : l\'authentification multifacteur ne vous protège pas totalement des pirates (lien direct) | 
Le hack récent d'Uber a montré une fois de plus que les systèmes d'authentification à plusieurs facteurs ne sont pas toujours efficaces pour contrer les cybercriminels, qui usent de nouvelles techniques pour tenter de vous piéger.
L'article Méfiance : l'authentification multifacteur ne vous protège pas totalement des pirates est à retrouver sur 01net.com. |
Hack | Uber | |
|
2022-09-30 15:44:10 | US DoD announced the results of the Hack US bug bounty challenge (lien direct) | >The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which is considered part of DoD's vulnerability disclosure program (VDP). The challenge was launched Chief […] | Hack Vulnerability |
To see everything:
Our RSS (filtrered)
