What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-07-15 23:00:00 | 12 septembre Nantes en présentiel Thales Roadshow 2024 : " Unlock your Cyber ! " (lien direct) | 12 septembre Nantes en présentiel Thales Roadshow 2024 : " Unlock your Cyber ! " - Événements / gauche_haut | |||
 |
2024-07-15 21:48:00 | La fuite de jeton GitHub expose les principaux référentiels de Python \\ aux attaques potentielles GitHub Token Leak Exposes Python\\'s Core Repositories to Potential Attacks (lien direct) |
Les chercheurs en cybersécurité ont déclaré avoir découvert un jeton GitHub divulgué accidentellement qui aurait pu accorder un accès élevé aux référentiels GitHub du langage Python, des référentiels Python Package Index (PYPI) et des référentiels Python Software Foundation (PSF).
JFrog, qui a trouvé le jeton d'accès personnel GitHub, a déclaré que le secret avait été divulgué dans un conteneur public Docker organisé sur Docker Hub.
"Ce
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub. "This |
|||
 |
2024-07-15 18:20:12 | The Evolving Role of CISOs in an AI-enhanced Cybersecurity World (lien direct) | >As businesses increasingly rely on digital infrastructures, the threats that aim to exploit these technologies also evolve. It’s no longer just about safeguarding against unauthorized access; it’s about understanding and mitigating the complex risks introduced by AI and machine learning-topics I’ve often discussed, emphasizing the need for an advanced cybersecurity strategy that evolves as quickly […] | |||
 |
2024-07-15 17:39:06 | Écosystème cybercriminal bien établi en Irak Well-Established Cybercriminal Ecosystem Blooming in Iraq (lien direct) |
Un bot télégramme malveillant est la clé d'un véritable jardin florissant d'activité cybercriminale néfaste, qui a été découverte via une série de packages Python.
A malicious Telegram bot is the key to a veritable flourishing garden of nefarious cybercriminal activity, which was discovered via a series of Python packages. |
|||
 |
2024-07-15 17:21:06 | Le gouvernement australien oblige le cadre de cybersécurité, souligne la collaboration globale de l'OT / ICS Australian government mandates cybersecurity framework, stresses global OT/ICS collaboration (lien direct) |
Comme le conclut l'exercice australien 2023-2024, le Cyber and Infrastructure Security Center (CISC) de la nation a annoncé que le ...
As the Australian financial year 2023-2024 concludes, the nation\'s Cyber and Infrastructure Security Centre (CISC) announced that the... |
Industrial | ||
 |
2024-07-15 17:13:08 | Piratage des citations scientifiques Hacking Scientific Citations (lien direct) |
Certains chercheurs sont gonfler leurs dénombrements de référence métadonnées:
Les citations du travail scientifique respectent un système de référence standardisé: chaque référence mentionne explicitement au moins le titre, les auteurs & # 8217;Noms, année de publication, journal ou nom de conférence et numéros de page de la publication citée.Ces détails sont stockés sous forme de métadonnées, non visibles dans le texte directement de l'article, mais affecté à un identifiant d'objet numérique, ou DOI & # 8212; un identifiant unique pour chaque publication scientifique.
Les références dans une publication scientifique permettent aux auteurs de justifier des choix méthodologiques ou de présenter les résultats des études antérieures, mettant en évidence la nature itérative et collaborative de la science ...
Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored as metadata, not visible in the article’s text directly, but assigned to a digital object identifier, or DOI—a unique identifier for each scientific publication. References in a scientific publication allow authors to justify methodological choices or present the results of past studies, highlighting the iterative and collaborative nature of science... |
Studies Conference | ||
|
2024-07-15 16:32:53 | Rite Aid devient la dernière victime de RansomHub \\ après une violation de données Rite Aid Becomes RansomHub\\'s Latest Victim After Data Breach (lien direct) |
La violation affecte les informations sur les clients plus anciens impliqués dans les achats effectués du 6 juin 2017, jusqu'au 30 juillet 2018.
The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018. |
Data Breach | ||
|
2024-07-15 16:22:00 | 10 000 victimes par jour: Infostaler Jardin de fruits à faible lutte 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit (lien direct) |
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn\'t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that\'s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit.
Over the last few years, the problem has grown bigger and bigger, and only now are we
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn\'t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that\'s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few years, the problem has grown bigger and bigger, and only now are we |
|||
 |
2024-07-15 16:15:00 | Les cyber-attaques cristalristes se décuplent à l'aide d'outils OSS CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools (lien direct) |
Sysdig a déclaré que Crystalray a utilisé une variété d'outils de sécurité open source pour rechercher des vulnérabilités
Sysdig said CRYSTALRAY used a variety of open source security tools to scan for vulnerabilities |
Tool Vulnerability | ||
 |
2024-07-15 16:00:00 | Le programme de partenaires académiques de Fortinet \\ forme la prochaine génération de professionnels de la cybersécurité Fortinet\\'s Academic Partner Program Trains the Next Generation of Cybersecurity Professionals (lien direct) |
Voici comment plusieurs universités collaborent avec Fortinet pour préparer les étudiants à une carrière en cybersécurité.Apprendre encore plus.
Here\'s how several universities are collaborating with Fortinet to prepare students for a career in cybersecurity. Learn more. |
|||
|
2024-07-15 15:54:00 | CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool (lien direct) | A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims.
Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source software]
A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source software] |
Tool Vulnerability Threat | ||
|
2024-07-15 15:30:00 | WP Time Capsule Plugin Update Urged After Critical Security Flaw (lien direct) | The WordPress plugin has over 20,000 active installations and is used for site backups and update management
The WordPress plugin has over 20,000 active installations and is used for site backups and update management |
|||
|
2024-07-15 15:24:46 | Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks (lien direct) | Au moins une douzaine d'organisations avec des noms de domaine dans le registraire du domaine Squarespace ont vu leurs sites Web détournés la semaine dernière.Squarespace a acheté tous les actifs de Google Domains il y a un an, mais de nombreux clients n'ont toujours pas mis en place leurs nouveaux comptes.Les experts disent que des pirates malveillants ont appris qu'ils pouvaient réquisitionner tous les comptes de squarespace migrés qui n'avaient pas encore été enregistrés, simplement en fournissant une adresse e-mail liée à un domaine existant.
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven\'t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn\'t yet been registered, merely by supplying an email address tied to an existing domain. |
|||
 |
2024-07-15 15:00:00 | Encoding Differentials: Why Charset Matters (lien direct) | The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications.
The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications. |
|||
 |
2024-07-15 14:56:04 | New Data-Stealing Poco RAT Campaign Targeting Spanish Speakers (lien direct) | New Poco RAT Malware Targets Spanish Speakers Through Emails! Disguised as financial documents, Poco RAT steals your info…
New Poco RAT Malware Targets Spanish Speakers Through Emails! Disguised as financial documents, Poco RAT steals your info… |
Malware | ||
 |
2024-07-15 14:50:05 | 15th July – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 15th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American telecom giant AT&T has disclosed a massive data breach that exposed personal information of 110M of its customers. The data was stolen from the company\'s workspace on a third-party cloud platform, […]
>For the latest discoveries in cyber research for the week of 15th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American telecom giant AT&T has disclosed a massive data breach that exposed personal information of 110M of its customers. The data was stolen from the company\'s workspace on a third-party cloud platform, […] |
Data Breach Threat Cloud | ||
|
2024-07-15 14:49:45 | New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns (lien direct) | >Key Findings Introduction MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), is known to be active since at least 2017. During the last year, MuddyWater engaged in widespread phishing campaigns targeting the Middle East, with a particular focus on Israel. Since October 2023, the actors\' activities have increased significantly. Their methods […]
>Key Findings Introduction MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), is known to be active since at least 2017. During the last year, MuddyWater engaged in widespread phishing campaigns targeting the Middle East, with a particular focus on Israel. Since October 2023, the actors\' activities have increased significantly. Their methods […] |
Threat | ||
|
2024-07-15 14:23:25 | New DHS report highlights gaps in cybersecurity efforts of Coast Guard for marine transportation systems (lien direct) | The U.S. Coast Guard has made progress in enhancing the cyber posture of the Marine Transportation System (MTS)...
The U.S. Coast Guard has made progress in enhancing the cyber posture of the Marine Transportation System (MTS)... |
|||
 |
2024-07-15 14:19:59 | New BugSleep malware implant deployed in MuddyWater attacks (lien direct) | The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems. [...] | |||
|
2024-07-15 14:09:45 | How Manufacturers Can Secure Themselves Against Cyber Threats (lien direct) | Good risk management is necessary to protect customers, ensure operational continuity, safeguard intellectual property, and maintain fiscal responsibility.
Good risk management is necessary to protect customers, ensure operational continuity, safeguard intellectual property, and maintain fiscal responsibility. |
|||
|
2024-07-15 14:00:00 | 7 Tips for Navigating Cybersecurity Risks in M&As (lien direct) | Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition.
Careful planning and proactive measures can ensure smooth and secure transitions, paving the way for a successful merger or acquisition. |
|||
 |
2024-07-15 14:00:00 | Scaling Up Malware Analysis with Gemini 1.5 Flash (lien direct) | Written by:Bernardo Quintero, Founder of VirusTotal and Security Director, Google Cloud SecurityAlex Berry, Security Manager of the Mandiant FLARE Team, Google Cloud SecurityIlfak Guilfanov, author of IDA Pro and CTO, Hex-RaysVijay Bolina, Chief Information Security Officer & Head of Cybersecurity Research, Google DeepMind
In our previous post, we explored how Gemini 1.5 Pro could be used to automate the reverse engineering and code analysis of malware binaries. Now, we\'re focusing on Gemini 1.5 Flash, Google\'s new lightweight and cost-effective model, to transition that analysis from the lab to a production-ready system capable of large-scale malware dissection. With the ability to handle 1 million tokens, Gemini 1.5 Flash offers impressive speed and can manage large workloads. To support this, we\'ve built an infrastructure on Google Compute Engine, incorporating a multi-stage workflow that includes scaled unpacking and decompilation stages. While promising, this is just the first step on a long journey to overcome accuracy challenges and unlock AI\'s full potential in malware analysis. VirusTotal analyzes an average of 1.2 million unique new files each day, ones that have never been seen before on the platform. Nearly half of these are binary files (PE_EXE, PE_DLL, ELF, MACH_O, APK, etc.) that could benefit from reverse engineering and code analysis. Traditional, manual methods simply cannot keep pace with this volume of new threats. Building a system to automatically unpack, decompile, and analyze this quantity of code in a timely and efficient manner is a significant challenge, one that Gemini 1.5 Flash is designed to help address. Building on the extensive capabilities of Gemini 1.5 Pro, the Gemini 1.5 Flash model was created to optimize efficiency and speed while maintaining performance. Both models share the same robust, multimodal capabilities and are capable of handling a context window of over 1 million tokens; however, Gemini 1.5 Flash is particularly designed for rapid inference and cost-effective deployment. This is achieved through parallel computation of attention and feedforward components, as well as the use of online distillation techniques. The latter enables Flash to learn directly from the larger and more complex Pro model during training. These architectural optimizations allow us to utilize Gemini 1.5 Flash to process up to 1,000 requests per minute and 4 million tokens per minute. To illustrate how this pipeline works, we\'ll first showcase examples of Gemini 1.5 Flash analyzing decompiled binaries. Then we\'ll briefly outline t |
Malware Tool Threat Cloud | ||
 |
2024-07-15 13:44:55 | Australia tells Russia to \\'back off\\' after Kremlin criticizes espionage allegations (lien direct) | Pas de details / No more details | |||
|
2024-07-15 13:00:40 | Celebrating World Youth Skills Day: The Vital Role of Cyber Security in Early Career Development (lien direct) | >Check Point Software Technologies, a leading AI-powered, cloud-delivered cyber security platform provider, advocates the importance of equipping today\'s youth with cyber security skills in emerging technologies like AI, ML, IoT and even Quantum Computing. This will ensure future job roles in cyber security will have the relevant skills and knowledge, prepared to handle and prevent tomorrow\'s increasingly sophisticated cyber attacks. World Youth Skills Day is celebrated on July 15th to recognize the value of equipping young people with the tools they need for employment and entrepreneurship, as well as sustaining development in the future. Among the myriad of skills shaping […]
>Check Point Software Technologies, a leading AI-powered, cloud-delivered cyber security platform provider, advocates the importance of equipping today\'s youth with cyber security skills in emerging technologies like AI, ML, IoT and even Quantum Computing. This will ensure future job roles in cyber security will have the relevant skills and knowledge, prepared to handle and prevent tomorrow\'s increasingly sophisticated cyber attacks. World Youth Skills Day is celebrated on July 15th to recognize the value of equipping young people with the tools they need for employment and entrepreneurship, as well as sustaining development in the future. Among the myriad of skills shaping […] |
Tool | ||
 |
2024-07-15 13:00:00 | Cybersecurity crisis communication: What to do (lien direct) | >Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering data and getting the business back online. While these tasks are critical, many organizations overlook […]
>Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering data and getting the business back online. While these tasks are critical, many organizations overlook […] |
Technical | ||
 |
2024-07-15 12:49:58 | La " coche bleue ", mais pas que : X accusé d\'enfreindre le DSA (lien direct) | Voilà X officiellement accusé d'infractions au DSA. La Commission européenne ne valide pas le système de la coche bleue... entre autres. | |||
|
2024-07-15 12:49:00 | Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months (lien direct) | Les institutions bancaires au détail de Singapour ont trois mois pour éliminer l'utilisation de mots de passe ponctuels (OTP) à des fins d'authentification lors de la connexion des comptes en ligne pour atténuer le risque d'attaques de phishing.
La décision a été annoncée par l'autorité monétaire de Singapour (MAS) et l'Association of Banks à Singapour (ABS) le 9 juillet 2024.
"Les clients qui ont activé leur numérique
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. "Customers who have activated their digital |
|||
|
2024-07-15 12:35:05 | Crypto Scammer Returns $9.27 Million Out of $24M Crypto Theft (lien direct) | Crypto Scamrammer fait sensation de 9,27 millions de dollars à une victime après 24 millions de dollars.Déménagement sans précédent dans la criminalité cryptographique. & # 8230;
Crypto scammer sensationally returns $9.27 million to a victim after $24 million theft. Unprecedented move in crypto crime.… |
|||
 |
2024-07-15 12:16:12 | AT&T Breach Linked to American Hacker, Telecom Giant Paid $370k Ransom: Reports (lien direct) | The massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom.
The massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom. |
|||
 |
2024-07-15 12:00:00 | Protecting Trained Models in Privacy-Preserving Federated Learning (lien direct) | This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government\'s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST\'s Privacy Engineering Collaboration Space or RTA\'s blog . The last two posts in our series covered techniques for input privacy in privacy-preserving federated learning in the context of horizontally and vertically partitioned data. To build a complete privacy-preserving federated learning
This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government\'s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST\'s Privacy Engineering Collaboration Space or RTA\'s blog . The last two posts in our series covered techniques for input privacy in privacy-preserving federated learning in the context of horizontally and vertically partitioned data. To build a complete privacy-preserving federated learning |
|||
|
2024-07-15 11:45:00 | Attackers Exploit URL Protections to Disguise Phishing Links (lien direct) | Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools
Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools |
Tool Threat | ||
 |
2024-07-15 11:30:00 | It Will Soon Be Easier for Americans to Recycle Batteries (lien direct) | Improperly discarded batteries leak toxic chemicals and are prone to exploding. A new program funded by the Department of Energy will prop up battery drop-off sites across the US.
Improperly discarded batteries leak toxic chemicals and are prone to exploding. A new program funded by the Department of Energy will prop up battery drop-off sites across the US. |
|||
 |
2024-07-15 11:27:07 | Weekly OSINT Highlights, 15 July 2024 (lien direct) | ## Snapshot Last week\'s OSINT reporting highlights a diverse array of cyber threats, showcasing the prominence of sophisticated malware, information stealers, and ransomware attacks. Attack vectors frequently include compromised websites, phishing emails, malicious advertisements, and exploitation of known vulnerabilities, particularly in widely-used software like Oracle WebLogic and Microsoft Exchange. Threat actors range from organized state-sponsored groups, such as China\'s APT41 (tracked by Microsoft as [Brass Typhoon](https://security.microsoft.com/intel-profiles/f0aaa62bfbaf3739bb92106688e6a00fc05eafc0d4158b0e389b4078112d37c6)) and APT40 (tracked by Microsoft as [Gingham Typhoon](https://security.microsoft.com/intel-profiles/a2fc1302354083f4e693158effdbc17987818a2433c04ba1f56f4f603268aab6)), to individual developers using platforms like GitHub to distribute malware. The targets are varied, encompassing financial institutions, cryptocurrency exchanges, government agencies, and sectors like healthcare, education, and manufacturing, with a notable focus on high-value data and critical infrastructure across multiple countries. ## Description 1. [Clickfix Infection Chain](https://security.microsoft.com/intel-explorer/articles/85fea057): McAfee Labs discovered the "Clickfix" malware delivery method that uses compromised websites and phishing emails to trick users into executing PowerShell scripts. This method is being used to deliver [Lumma](https://security.microsoft.com/intel-profiles/33933578825488511c30b0728dd3c4f8b5ca20e41c285a56f796eb39f57531ad)[Stealer](https://security.microsoft.com/intel-profiles/33933578825488511c30b0728dd3c4f8b5ca20e41c285a56f796eb39f57531ad) and [DarkGate](https://security.microsoft.com/intel-profiles/52fa311203e55e65b161aa012eba65621f91be7c43bacaaad126192697e6b648) malware across multiple countries, including the US, Canada, and China. 2. [CRYSTALRAY Expands Targeting](https://security.microsoft.com/intel-explorer/articles/ecea26df): Sysdig researchers identified the threat actor CRYSTALRAY, who has scaled operations to over 1,500 victims using SSH-Snake and various vulnerabilities for lateral movement and data exfiltration. Targets include systems vulnerable to CVE-2022-44877, CVE-2021-3129, and CVE-2019-18394. 3. [DodgeBox Loader by APT41](https://security.microsoft.com/intel-explorer/articles/3524d2ae): Zscaler ThreatLabz reported on DodgeBox, a reflective DLL loader used by the Chinese APT41 group, also known as Brass Typhoon. The loader delivers the MoonWalk backdoor and employs sophisticated techniques like call stack spoofing to avoid detection. 4. [ViperSoftX Information Stealer](https://security.microsoft.com/intel-explorer/articles/8084ff7b): Trellix researchers highlighted ViperSoftX, an information stealer spread through cracked software and malicious eBooks. The malware uses PowerShell and AutoIt for data exfiltration and evasion, targeting cryptocurrency wallets and other sensitive information. 5. [Coyote Banking Trojan](https://security.microsoft.com/intel-explorer/articles/201d7c4d): BlackBerry detailed Coyote, a .NET banking trojan targeting Brazilian financial institutions. Delivered likely via phishing, it performs various malicious functions like screen capture and keylogging, communicating with C2 servers upon detecting target domains. 6. [Kematian-Stealer on GitHub](https://security.microsoft.com/intel-explorer/articles/4e00b1b4): CYFIRMA identified Kematian-Stealer, an open-source information stealer hosted on GitHub. It targets applications like messaging apps and cryptocurrency wallets, employing in-memory execution and anti-debugging measures to evade detection. 7. [Eldorado Ransomware-as-a-Service](https://security.microsoft.com/intel-explorer/articles/3603cd85): Group-IB reported on Eldorado, a RaaS targeting various industries and countries, primarily the US. Written in Golang, it uses Chacha20 and RSA-OAEP encryption and has customizable features for targeted attacks. 8. [DoNex Ransomware Flaw](https://security.microsoft.com | Ransomware Malware Tool Vulnerability Threat Legislation Prediction Medical | APT 41 APT 40 | |
 |
2024-07-15 11:08:54 | Global tech innovation initiative unlocks Singapore as key growth market for international startups (lien direct) | Plexal, the innovation company solving society’s challenges through collaboration, the Cyber Security Agency of Singapore (CSA) and National University of Singapore (NUS) have partnered for a new international initiative – CyberBoost. Extending across two streams initially, CyberBoost: Build will support innovators to build their first MVP. Meanwhile, CyberBoost: Catalyse, which is powered by Plexal, will enable […]
The post Global tech innovation initiative unlocks Singapore as key growth market for international startups first appeared on IT Security Guru.
Plexal, the innovation company solving society’s challenges through collaboration, the Cyber Security Agency of Singapore (CSA) and National University of Singapore (NUS) have partnered for a new international initiative – CyberBoost. Extending across two streams initially, CyberBoost: Build will support innovators to build their first MVP. Meanwhile, CyberBoost: Catalyse, which is powered by Plexal, will enable […] The post Global tech innovation initiative unlocks Singapore as key growth market for international startups first appeared on IT Security Guru. |
|||
 |
2024-07-15 11:04:00 | NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack (lien direct) | Pas de details / No more details | |||
|
2024-07-15 11:03:58 | Atos : le financement de la restructuration validé (lien direct) | Un groupe de banques et de créanciers obligataires ont accepté le financement du plan de restructuration pour 1,675 milliard €. Ils contrôlent désormais 99% du capital.
Un groupe de banques et de créanciers obligataires ont accepté le financement du plan de restructuration pour 1,675 milliard €. Ils contrôlent désormais 99% du capital. |
|||
|
2024-07-15 11:02:10 | Match Systems\\' CEO Andrei Kutin Provides Insight on DMM Bitcoin Breach (lien direct) | Dubai, UAE, 15th July 2024, CyberNewsWire
Dubai, UAE, 15th July 2024, CyberNewsWire |
|||
 |
2024-07-15 11:00:00 | Campagnes de phishing et rat Rafel: un duo dangereux Phishing Campaigns and Rafel RAT: A Dangerous Duo (lien direct) |
> Parmi la myriade d'outils employés dans des activités malveillantes, les chevaux de Troie (rats) à accès à distance se distinguent par leur capacité à fournir aux attaquants un accès sans entrave aux systèmes compromis.
>Among the myriad of tools employed in malicious activities, Remote Access Trojans (RATs) stand out for their ability to provide attackers with unfettered access to compromised systems. |
Tool | ||
|
2024-07-15 10:40:00 | New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection (lien direct) | Les chercheurs en cybersécurité ont mis en lumière une nouvelle version d'une souche de ransomware appelée hardbit qui est emballée avec de nouvelles techniques d'obscurcissement pour dissuader les efforts d'analyse.
"Contrairement aux versions précédentes, le groupe de ransomware hardbit a amélioré la version 4.0 avec la protection de la phrase passante", a déclaré les chercheurs de cyberison Kotaro Ogino et Koshi Oyama dans une analyse.
"La phrase de passe doit être fournie pendant
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. "The passphrase needs to be provided during |
Ransomware | ||
 |
2024-07-15 10:34:59 | Overcoming the Pitfalls of Inadequate Security Measures in the SDLC (lien direct) | Lax security measures in the software development lifecycle (SDLC) can lead to severe financial repercussions for organizations. The Verizon 2024 Data Breach Investigations Report highlights this growing risk, stating, "Our ways-in analysis witnessed a substantial growth of attacks involving the exploitation of vulnerabilities as the critical path to initiate a breach when compared to previous years. It almost tripled (180% increase) from last year."
This underscores the critical need to integrate security practices throughout the SDLC. Let\'s delve into the importance of this integration and explore strategies to overcome common pitfalls in the process.
For a deep dive into our expertise on integrating security measures, automation, and advanced testing techniques for secure software development at speed, download the eBook, Secure the SDLC in 6 Steps: Optimizing Developer Experience Through Automation.
Pitfalls that Lead to Insecure Software Development…
Lax security measures in the software development lifecycle (SDLC) can lead to severe financial repercussions for organizations. The Verizon 2024 Data Breach Investigations Report highlights this growing risk, stating, "Our ways-in analysis witnessed a substantial growth of attacks involving the exploitation of vulnerabilities as the critical path to initiate a breach when compared to previous years. It almost tripled (180% increase) from last year." This underscores the critical need to integrate security practices throughout the SDLC. Let\'s delve into the importance of this integration and explore strategies to overcome common pitfalls in the process. For a deep dive into our expertise on integrating security measures, automation, and advanced testing techniques for secure software development at speed, download the eBook, Secure the SDLC in 6 Steps: Optimizing Developer Experience Through Automation. Pitfalls that Lead to Insecure Software Development… |
Data Breach Vulnerability | ||
|
2024-07-15 10:28:15 | L\'AI Act publié : le calendrier de mise en application (lien direct) | L\'AI Act comporte des dispositions qui n\'entreront en application qu\'en 2027 et pose des échéances mise en conformité qui vont jusqu\'à 2031. Tour d\'horizon.
L\'AI Act comporte des dispositions qui n\'entreront en application qu\'en 2027 et pose des échéances mise en conformité qui vont jusqu\'à 2031. Tour d\'horizon. |
|||
|
2024-07-15 10:15:34 | Des packages Python malveillants révèlent une vaste opération cybercriminelle basée en Irak (lien direct) | Des packages Python malveillants révèlent une vaste opération cybercriminelle basée en Irak 🚨Checkmarx #ThreatIntelligence - Malwares | |||
|
2024-07-15 10:11:57 | Vigilance Alertes Vulnérabilités - jose.4.j : chiffrement faible via Password Hash Iteration Count, analysé le 15/05/2024 (lien direct) | Un attaquant peut accéder aux données sur jose.4.j, via Password Hash Iteration Count, afin d\'obtenir des informations sensibles.
-
Vulnérabilités
Un attaquant peut accéder aux données sur jose.4.j, via Password Hash Iteration Count, afin d\'obtenir des informations sensibles. - Vulnérabilités |
|||
|
2024-07-15 10:11:57 | Vigilance Vulnerability Alerts - jose.4.j: weak encryption via Password Hash Iteration Count, analyzed on 15/05/2024 (lien direct) | An attacker can access data on jose.4.j, via Password Hash Iteration Count, in order to read sensitive information.
-
Security Vulnerability
An attacker can access data on jose.4.j, via Password Hash Iteration Count, in order to read sensitive information. - Security Vulnerability |
Vulnerability | ||
|
2024-07-15 10:05:39 | Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations (lien direct) | >Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations.
>Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. |
Malware Legislation | ||
|
2024-07-15 10:00:24 | MuddyWater Threat Group Deploys New BugSleep Backdoor (lien direct) | >Check Point Research (CPR) warns that Iranian threat group MuddyWater has significantly increased its activities against Israel and is deploying a new, previously undocumented backdoor campaign. Key Findings MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), has significantly increased its activities in Israel since the beginning of the Israel-Hamas war in October 2023. This parallels with activities against targets in Saudi Arabia, Turkey, Azerbaijan, India and Portugal The threat actors consistently use phishing campaigns sent from compromised organizational email accounts, leading to the deployment of legitimate Remote Management Tools such as Atera Agent and […]
>Check Point Research (CPR) warns that Iranian threat group MuddyWater has significantly increased its activities against Israel and is deploying a new, previously undocumented backdoor campaign. Key Findings MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), has significantly increased its activities in Israel since the beginning of the Israel-Hamas war in October 2023. This parallels with activities against targets in Saudi Arabia, Turkey, Azerbaijan, India and Portugal The threat actors consistently use phishing campaigns sent from compromised organizational email accounts, leading to the deployment of legitimate Remote Management Tools such as Atera Agent and […] |
Tool Threat | ||
 |
2024-07-15 10:00:00 | Smart Hotel Technologies and the Cybersecurity Risks They Bring (lien direct) | The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Smart technologies are being quickly adopted by the hospitality sector in order to improve guest experiences and improve operations. However, hotels are also popular targets for cybercriminals due to their extensive collection of data and increased connectivity. These linked devices have flaws that could allow for illegal access and data breaches, risking the security and privacy of visitors. This article examines the cybersecurity risks related to these technologies and provides helpful advice on how passengers may protect their data while taking advantage of these benefits. Smart Technologies and the Risks that They Bring A new wave of technology in the hotel sector promises to improve visitor experiences and operational effectiveness. Smart technologies like IoT-enabled gadgets and AI-powered services are being incorporated into modern hotels. These include mobile check-in, keyless entry for a quick, contactless experience, AI-powered chatbots and automated concierge systems for smooth guest interactions, smart in-room entertainment systems that allow guests to control various aspects of their environment via voice commands or smartphone apps, and smart thermostats for customized climate control. While these innovations significantly enhance convenience and personalization, they also introduce considerable cybersecurity risks. The interconnected nature of these devices and the vast amounts of data they handle make hotels and Airbnb rooms attractive targets for cybercriminals. Here are some of the most dangerous cybersecurity threats facing modern hospitality settings. Data Breaches Data breaches are a major concern in the hospitality industry due to the vast amounts of sensitive guest information collected and stored. High-profile incidents, such as the Marriott data breach in 2018, which affected up to 500 million guest records, underscore the severity of this threat. Compromised data often includes personal identification details, credit card information, and even passport numbers, leading to significant financial and reputational damage for the affected hotels and Airbnb hosts. IoT Vulnerabilities The globalization of IoT devices in accommodation businesses like hotels and Airbnb properties increases the attack surface for cybercriminals. Each connected device represents a potential entry point for hackers. For instance, vulnerabilities in smart thermostats or lighting systems can be exploited to gain access to the broader network, compromising other critical systems and guest data. Phishing and Social Engineering Phishing attacks and social engineering tactics are prevalent in the hospitality industry. Cybercriminals often target staff and guests with deceptive emails or messages designed to steal login credentials or other sensitive information. These attacks can lead to unauthorized access to systems and data breaches. Point of Sale (POS) Systems POS systems handle numerous financial transactions, making them attractive to hackers. Attacks on POS systems can involve malware that captures credit card information before it is encrypted. Such inci | Ransomware Data Breach Malware Vulnerability Threat Mobile | ||
|
2024-07-15 09:15:00 | Pharmacy Giant Rite Aid Hit By Ransomware (lien direct) | US pharmacy chain Rite Aid has confirmed a cybersecurity \'incident\' in June
US pharmacy chain Rite Aid has confirmed a cybersecurity \'incident\' in June |
Ransomware | ||
|
2024-07-15 09:01:38 | My First Book is 20 Years Old Today (lien direct) | 2004, Addison-Wesley / Pearson a publié mon premier livre, le tao de la surveillance de la sécurité du réseau: au-delà de la détection des intrusions . Ce message de 2017 Explique les différences entre mes quatre premiers livres Et pourquoi j'ai écrit tao . & nbsp; Aujourd'hui, je suis toujours ravi quand j'entends que quelqu'un a trouvé mes livres utiles. & nbsp; J'ai fini d'écrire des livres sur la sécurité, mais je crois que les tactiques et stratégies de base dans tous mes livres sont toujours pertinentes.Je ne suis pas sûr que ce soit une bonne chose, cependant.J'aurais aimé plus besoin des tactiques et des stratégies de mon livre."The Cloud", avec tant d'autres développements et approches, était censé nous avoir sauvés maintenant. Considérez cette déclaration à partir d'un Rapport Décrivant l'équipe rouge de CISA \\ contre une agence de la Fed: & nbsp; “ [a] Tempte pour capturer des données médico-légales via via via via via via via via via via via via via via via via via via via les données médico-légales via via via via les données médico-légales via via via les données médico-légales via via les données médico-légales viaLes captures de paquets se sont produites directement sur les hôtes compromis de Solaris et Windows, où l'équipe rouge a observé les données collectées et a donc eu la possibilité de perturber la collecte, de falsifier des fichiers de preuves et de mieux adapter et échapper à leurs défenses. » C'est pourquoi vous ne devriez pas non plus compter sur EDR, pour votre seule compréhension de l'activité adversaire.L'adversaire peut fermer ou modifier votre outil de sécurité de point de terminaison.Pour la surveillance de la sécurité du réseau, vous ne devez pas non plus collecter sur les points de terminaison.Collectez en utilisant des robinets de réseau, ou dans une pincée, Span Ports. Il n'y a rien dans cette intrusion qui aurait été une surprise en 2004. Voici Le message que j'ai publié en 2004 lorsque la première copie est apparueà ma porte . & nbsp; & nbsp; Il n'y a rien de tel que d'obtenir une vraie copie entre vos mains, et je chéris cette expérience! Je reviendrai probablement cet événement en 5 ans.Rendez-vous alors! Copyright 2003-2020 Richard Bejtlich e | Cloud | ||
|
2024-07-15 09:01:32 | Mailinblack annonce la sortie de Cockpit (lien direct) | Mailinblack annonce la sortie de Cockpit, sa plateforme de pilotage du cyber-risque humain
Disponible à partir du 15 juillet, Cockpit permet aux DSI et dirigeants d\'entreprises de piloter, depuis une seule plateforme et en temps réel, les vulnérabilités liées aux cyber-risques humains et d\'accéder aux outils permettant d\'y remédier
-
Produits
Mailinblack annonce la sortie de Cockpit, sa plateforme de pilotage du cyber-risque humain Disponible à partir du 15 juillet, Cockpit permet aux DSI et dirigeants d\'entreprises de piloter, depuis une seule plateforme et en temps réel, les vulnérabilités liées aux cyber-risques humains et d\'accéder aux outils permettant d\'y remédier - Produits |
Tool |
To see everything:
