What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-05-16 10:54:50 | The Dragon Who Sold His Camaro: Analyzing Custom Router Implant (lien direct) | > Recherche de: Itay Cohen, Radoslaw Madej et l'équipe de renseignement des menaces au cours des derniers mois, la recherche sur le point de contrôle a surveillé de près une série d'attaques ciblées destinées aux entités européennes des affaires étrangères.Ces campagnes ont été liées à un groupe APT parrainé par l'État chinois que nous suivons Camaro Dragon, qui partage des similitudes avec [& # 8230;] précédemment rapportés [& # 8230;]
>Research by: Itay Cohen, Radoslaw Madej, and the Threat Intelligence Team Over the past few months, Check Point Research has closely monitored a series of targeted attacks aimed at European foreign affairs entities. These campaigns have been linked to a Chinese state-sponsored APT group we track as Camaro Dragon, which shares similarities with previously reported […] |
Threat | ★★ | |
|
2023-05-15 13:58:02 | 15 mai & # 8211;Rapport de renseignement sur les menaces 15th May – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 15 mai, veuillez télécharger nos principales attaques de Bulletin sur la menace_ingence et violation de la société suédoise d'automatisation multinationale ABB a été victime d'une attaque de ransomware menée par le Russian Black Basta Ransomware Group.Les acteurs de la menace ont attaqué le répertoire de Windows Active de la société, affectant [& # 8230;]
>For the latest discoveries in cyber research for the week of 15th May, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The Swedish-Swiss multinational automation company ABB has been a victim of a ransomware attack conducted by the Russian Black Basta ransomware group. The threat actors have attacked the company\'s Windows Active Directory, affecting […] |
Ransomware Threat | ★ | |
|
2023-05-08 08:50:17 | 8 mai & # 8211;Rapport de renseignement sur les menaces 8th May – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 8 mai, veuillez télécharger nos principales attaques de menace_ingence et violation de la ville de Dallas, le Texas a subi une attaque de ransomware menée par Royal Ransomware Gang.L'attaque a provoqué une panne de réseau de ses services d'information et de technologie (ITS), notamment le département de police de Dallas, Dallas [& # 8230;]
>For the latest discoveries in cyber research for the week of 8th May, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The City of Dallas, Texas has suffered a ransomware attack conducted by Royal ransomware gang. The attack caused a network outage of its Information and Technology Services (ITS), including Dallas police department, Dallas […] |
Ransomware Threat | ★★ | |
|
2023-05-04 10:55:41 | Assaut Android d'Asie de l'Est & # 8211;Fluorshorse Eastern Asian Android Assault – FluHorse (lien direct) |
> Recherche par: Alex Shamshur, Sam Handelman, Raman Ladutska Introduction Dans les dernières recherches menées par Check Point Research, nous décrivons un malware nouvellement découvert appelé Fluhorse.Le malware propose plusieurs applications Android malveillantes qui imitent les applications légitimes, dont la plupart ont plus de 1 000 000 d'installations.Ces applications malveillantes volent les références des victimes et l'authentification à deux facteurs [& # 8230;]
>Research by: Alex Shamshur, Sam Handelman, Raman Ladutska Introduction In the latest research conducted by Check Point Research, we describe a newly discovered malware called FluHorse. The malware features several malicious Android applications that mimic legitimate applications, most of which have more than 1,000,000 installs. These malicious apps steal the victims\' credentials and Two-Factor Authentication […] |
Malware | ★★ | |
|
2023-05-01 13:48:04 | 1er mai & # 8211;Rapport de renseignement sur les menaces 1st May – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes en cyberdes clients AT & # 38; t & # 8217;adresses mail.Les victimes rapportent que les comptes de crypto-monnaie connectés à [& # 8230;]
>For the latest discoveries in cyber research for the week of 1st May, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES A threat actor was able to generate some mail keys of American Telecom giant AT&T, and used it to take control of AT&T customers’ email addresses. Victims report that cryptocurrency accounts connected to […] |
Threat | ★★ | |
|
2023-05-01 11:32:18 | Réaction en chaîne: le lien manquant de Rokrat \\ Chain Reaction: ROKRAT\\'s Missing Link (lien direct) |
> Introduction des principales conclusions des nombreux rapports sur APT37 Au cours des derniers mois, à l'annonce de Mandiant \\ sur & # 160; APT43, beaucoup d'attention est actuellement axée sur les acteurs des menaces nord-coréennes & # 8211;Et pour raison.La Corée du Nord a une longue histoire d'attaque de son voisin du sud, en particulier par la cyber-guerre qui se poursuit aujourd'hui.Dans ce [& # 8230;]
>Key findings Introduction From the many reports on APT37 in recent months, to Mandiant\'s announcement on APT43, a lot of attention is currently focused on North Korean threat actors – and with good reason. North Korea has a long history of attacking its southern neighbor, especially by means of cyber warfare which continues today. In this […] |
Threat | APT 37 APT 43 | ★★ |
|
2023-04-25 10:04:57 | Manticore éduqué & # 8211;L'acteur de menace alignée par l'Iran ciblant Israël via un arsenal amélioré d'outils Educated Manticore – Iran Aligned Threat Actor Targeting Israel via Improved Arsenal of Tools (lien direct) |
> Résultats clés: Introduction Dans ce rapport, la recherche sur le point de contrôle révèle les nouvelles résultats d'un cluster d'activités étroitement liées au phosphore.La recherche présente une nouvelle chaîne d'infection améliorée conduisant au déploiement d'une nouvelle version de Powerless.Cet implant était & # 160; attribué & # 160; au phosphore dans le passé, un groupe de menaces affilié à l'Iran opérant au Moyen-Orient [& # 8230;]
>Key Findings: Introduction In this report, Check Point research reveals new findings of an activity cluster closely related to Phosphorus. The research presents a new and improved infection chain leading to the deployment of a new version of PowerLess. This implant was attributed to Phosphorus in the past, an Iran-affiliated threat group operating in the Middle East […] |
Threat | APT 35 | ★★ |
|
2023-04-24 16:06:53 | 24 avril & # 8211;Rapport de renseignement sur les menaces 24th April – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 24 avril, veuillez télécharger nos principales attaques de menace_ingence et violation de l'American Bar Association (ABA), la plus grande association mondiale d'avocats et de professionnels du droit, a subi une violation de données avec les pirates qui gagnentAccès aux anciennes références de 1 466 000 membres.La brèche a été d'abord [& # 8230;]
>For the latest discoveries in cyber research for the week of 24th April, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The American Bar Association (ABA), the largest global association of lawyers and legal professionals, has suffered a data breach with hackers gaining access to older credentials of 1,466,000 members. The breach was first […] |
Data Breach Threat | ★★ | |
|
2023-04-22 04:59:40 | Opération montre silencieuse Operation Silent Watch (lien direct) |
> En juillet 2021, plusieurs éminents militants des droits de l'homme en Azerbaïdjan ont reçu le même e-mail de phishing qui les a livrés, capables de nuire importants à leur vie personnelle et professionnelle.Mais ce n'était que le début d'une histoire dans laquelle la boîte à outils de surveillance domestique est tirée au milieu d'un cyber-guerre à petite échelle dans [& # 8230;]
>In July 2021, several prominent human rights activists in Azerbaijan received the same phishing email that delivered them spyware, capable of causing significant harm to their personal and professional lives. But that was only the beginning of a story in which the domestic surveillance toolbox is fired in the midst of a small-scale cyber-war in […] |
★★★★ | ||
|
2023-04-18 17:16:14 | Raspberry Robin: Analyse anti-évasion et d'exploitation Raspberry Robin: Anti-Evasion How-To & Exploit Analysis (lien direct) |
Recherche de: Shavit Yosef Introduction Au cours de la dernière année, Raspberry Robin a évolué pour être l'un des logiciels malveillants les plus distribués actuellement actifs.Pendant ce temps, il est probable qu'il soit utilisé par de nombreux acteurs pour distribuer leur propre malware & # 160; tel que les ransomwares Icedid, Clop et plus encore.Au fil du temps, les logiciels malveillants ont continué d'évoluer et de dégénérer [& # 8230;]
Research by: Shavit Yosef Introduction During the last year, Raspberry Robin has evolved to be one of the most distributed malware currently active. During this time, it is likely to be used by many actors to distribute their own malware such as IcedID, Clop ransomware and more. Over time, malware has continued to evolve and escalate […] |
Ransomware Malware | ★★ | |
|
2023-04-17 07:51:47 | 17 avril & # 8211;Rapport de renseignement sur les menaces 17th April – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 17 avril, veuillez télécharger nos principaux attaques de menace_ingence et violation de deux principaux constructeurs automobiles Hyundai et Toyota ont révélé des violations de données importantes.Les propriétaires de voitures italiens et français de Hyundai ont été touchés, ainsi que des personnes qui ont réservé un essai routier.Les données divulguées se compose de [& # 8230;]
>For the latest discoveries in cyber research for the week of 17th April, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Two major automotive manufacturers Hyundai and Toyota have disclosed significant data breaches. Hyundai\'s Italian and French car owners were affected, along with individuals who booked a test drive. The leaked data consists of […] |
Threat | ★★ | |
|
2023-04-11 16:58:26 | QueueJumper: Vulnérabilité RCE non authentifiée critique dans le service MSMQ QueueJumper: Critical Unauthenticated RCE Vulnerability in MSMQ Service (lien direct) |
> La recherche sur le point de chèque de résumé des cadres a récemment découvert trois vulnérabilités dans la file d'attente de messages & # 8220; Microsoft & # 8221;Service, communément appelé MSMQ.Ces vulnérabilités ont été divulguées à Microsoft et corrigées lors de la mise à jour du mardi avril.Le plus grave d'entre eux, surnommé queuejumper par la RCR (CVE-2023-21554), est une vulnérabilité critique qui pourrait permettre aux attaquants non authentifiés d'exécuter à distance [& # 8230;]
>Executive Summary Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthenticated attackers to remotely execute […] |
Vulnerability | ★★ | |
|
2023-04-10 13:06:17 | 10 avril & # 8211;Rapport de renseignement sur les menaces 10th April – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 10 avril, veuillez télécharger nos principaux attaques de menace_ingence et violation du géant du matériel informatique taiwanais MSI a subi une attaque de ransomware par le message monétaire du groupe récemment fondé.Le groupe a exigé 4 millions de dollars de rançon et prétend avoir volé le code source et les bases de données comme [& # 8230;]
>For the latest discoveries in cyber research for the week of 10th April, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Taiwanese computing hardware giant MSI has suffered a ransomware attack by the recently-founded group Money Message. The group has demanded $4M in ransom, and claims to have stolen source code and databases as […] |
Ransomware Threat | ★★ | |
|
2023-04-03 23:02:34 | Rorschach & # 8211;Un nouveau ransomware sophistiqué et rapide Rorschach – A New Sophisticated and Fast Ransomware (lien direct) |
> Introduction des résultats clés Tout en répondant à une affaire de ransomware contre une entreprise basée aux États-Unis, le CPIRT a récemment rencontré une souche de ransomware unique déployée à l'aide d'un composant signé d'un produit de sécurité commerciale.Contrairement à d'autres cas de ransomware, l'acteur de menace ne s'est caché derrière aucun alias et ne semble avoir aucune affiliation à aucun des [& # 8230;]
>Key Findings Introduction While responding to a ransomware case against a US-based company, the CPIRT recently came across a unique ransomware strain deployed using a signed component of a commercial security product. Unlike other ransomware cases, the threat actor did not hide behind any alias and appears to have no affiliation to any of the […] |
Ransomware Threat | ★★★ | |
|
2023-04-03 15:11:18 | 3 avril & # 8211;Rapport de renseignement sur les menaces 3rd April – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 3 avril, veuillez télécharger nos principales attaques de Bulletin Threat_Intelligence et violation des versions Windows et MacOS de 3CXDesktopApp, une application VoIP d'une société de communication 3CX, ont été compromises et utilisées pour distribuer des versions tojanisées dans une société de communication 3CXAttaque de la chaîne d'approvisionnement à grande échelle.Dans cette campagne répandue, surnommée [& # 8230;]
>For the latest discoveries in cyber research for the week of 3rd April, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Both Windows and macOS versions of 3CXDesktopApp, a VoIP application of 3CX Communications Company, were compromised and used to distribute Trojanized versions in a large-scale supply chain attack. In this widespread campaign, dubbed […] |
Threat | ★★ | |
|
2023-03-27 15:28:06 | Rhadamanthys: l'infosteller «tout bagel» [Rhadamanthys: The “Everything Bagel” Infostealer] (lien direct) | > Contexte à retenir les principaux qu'est-ce qui fait que un homme se réveille un jour et dit: «Je vais construire mon propre logiciel malveillant et le vendre aux cybercriminels sur le Web Dark»?Après tout, le marché est saturé de concurrents, et le produit est jugé sur la seule mesure unique du nombre de victimes qu'il a [& # 8230;]
>Key Takeaways Background What causes a man to wake up one day and say, “I\'m going to build my own malware and go sell it to cybercriminals on the dark web”? After all, the market is saturated with competitors, and the product is judged on the one sole metric of how many victims it has […] |
Malware | ★★★ | |
|
2023-03-27 14:49:28 | 27 mars & # 8211;Rapport de renseignement sur les menaces [27th March – Threat Intelligence Report] (lien direct) | > Pour les dernières découvertes en cyberLe système de transfert de fichiers géré Fortra Goanywhere a été divulgué.Parmi ceux-ci figurent le luxe américain [& # 8230;]
>For the latest discoveries in cyber research for the week of 27th March, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES New victims of Clop ransomware gang that leveraged for the attack purpose a zero-day security flaw (CVE-2023-0669) in the Fortra GoAnywhere Managed File Transfer system were disclosed. Among those are the American luxury […] |
Ransomware Threat | ★★ | |
|
2023-03-20 16:19:35 | 20th March – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 20th March, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Hitachi Energy reported a data breach caused by the Clop ransomware group which exploited a zero-day vulnerability (CVE-2023-0669) in the Fortra GoAnywhere MFT system, which was used by Hitachi. Check Point IPS, Threat […] | Ransomware Data Breach Vulnerability Threat | ★★ | |
|
2023-03-16 09:58:00 | CheckMate (lien direct) | >Research by :Oded Vaanunu / Roman Zaikin / Dan Lasker Chess.com is the world leading platform for online chess games. It is an internet chess server, news website, and social networking website. Chess.com has a strong focus on community-based forums and blogs. These social features allow players to connect with each other, become friends, share […] | Guideline | ★★ | |
|
2023-03-15 12:30:47 | DotRunpeX – demystifying new virtualized .NET injector used in the wild (lien direct) | >Highlights: Introduction During the past few months, we have been monitoring the dotRunpeX malware, its usage in the wild, and infection vectors related to dozens of campaigns. The monitoring showed that this new dotnet injector is still evolving and in high development. We uncovered several different methods of distribution where in all cases, the dotRunpeX […] | ★★ | ||
|
2023-03-14 15:29:20 | South Korean Android Banking Menace – FakeCalls (lien direct) | >Research by: Bohdan Melnykov, Raman Ladutska When malware actors want to enter the business, they can choose markets where their profit is almost guaranteed to be worth the effort – according to past results. The malware does not need to be high profile, just careful selection of the audience and the right market can be […] | Malware | ★★ | |
|
2023-03-13 15:38:32 | 13th March – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 13th March, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Sensitive personal information of more than 56,000 Washington D.C. residents, including an undisclosed number of Senators and members of Congress, has been leaked on a darkweb forum. The leak occurred after the D.C. […] | Threat | ★★ | |
|
2023-03-07 11:05:35 | Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities (lien direct) | >Executive summary In 2021, Check Point Research published a report on a previously undisclosed toolset used by Sharp Panda, a long-running Chinese cyber-espionage operation targeting Southeast Asian government entities. Since then, we have continued to track the use of these tools across several operations in multiple Southeast Asian countries, in particular nations with similar territorial claims or strategic […] | ★★ | ||
|
2023-03-06 15:13:13 | The Blitz Tutorial Lab on Fuzzing with AFL++ (lien direct) | >Introduction To paraphrase a famous quote by Pete Cordell, telling an infosec enthusiast there’s already a tutorial on how to do X is like telling a songwriter there’s already a song about love. This specific tutorial is borne out of sympathy for readers who know their way around C language, GNU make and the like, […] | ★★ | ||
|
2023-03-06 14:24:30 | 6th March – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 6th March, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The American fast food chain Chick-fil-A has released an announcement revealing a credential stuffing attack occurred on their website and mobile app. The attack exposed over 71K customers’ accounts data, including names, email […] | Threat | ★★★ | |
|
2023-02-27 16:07:21 | 27th February – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 27th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Stanford University experienced a data breach in which files containing Economics Ph.D. program admission information were leaked. Personal and health information of 897 applicants might have been exposed. Dish Network, a major American TV and satellite broadcast provider, had been experiencing an unexplained outage with its websites and apps. Shortly after, the company's employees detected suspicious activity on their desktops and reported it as a cyberattack. Canadian telecom TELUS is investigating a potential data breach after a threat […] | Data Breach Threat | ★★ | |
|
2023-02-20 16:33:22 | 20th February – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 20th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Check Point Research identified a campaign against entities in Armenia, using a new version of OxtaRAT – an AutoIt-based backdoor for remote access and desktop surveillance. The threat actors have been targeting human […] | Threat | ★★ | |
|
2023-02-16 10:56:45 | Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia (lien direct) | >Executive summary Amid rising tensions between Azerbaijan and Armenia over the Lachin corridor in late 2022, Check Point Research identified a malicious campaign against entities in Armenia. The malware distributed in this campaign is a new version of a backdoor we track as OxtaRAT, an AutoIt-based tool for remote access and desktop surveillance. Key findings: […] | Malware Tool | ★★ | |
|
2023-02-13 15:27:37 | 13th February – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 13th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The California cities of Oakland and Modesto have been targeted by ransomware attacks, disrupting services in the former and the police network in the latter. Also in California, healthcare company 'Heritage Provider Network' […] | Ransomware Threat | Heritage | ★★ |
|
2023-02-10 03:29:19 | 2022 in Cybersecurity (lien direct) | >For the latest discoveries in cyber research for the week of 13th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The California cities of Oakland and Modesto have been targeted by ransomware attacks, disrupting services in the former and the police network in the latter. Also in California, healthcare company 'Heritage Provider Network' […] | ★★★ | ||
|
2023-02-08 11:00:31 | 2023 Security Report: Cyberattacks reach an all-time high in response to geo-political conflict, and the rise of \'disruption and destruction\' malware (lien direct) | >The 2023 Security Report is reflecting on a chaotic year in cybersecurity. The report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war. Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year. According to the […] | Malware | ★★ | |
|
2023-02-06 16:07:13 | 6th February – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 6th February, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHE Check Point Research has flagged the Dingo crypto Token, with a market cap of $10,941,525 as a scam. The threat actors behind the token added a backdoor function in its smart contract, to […] | Threat | ★★★ | |
|
2023-01-30 15:37:36 | 30th January – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 30th January, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHE The ALPHV/BlackCat Ransomware group has allegedly hacked Westmont Hospitality Group, one of the largest privately-held hospitality businesses in the world. They claim to have obtained access to 262GB of the company’s data. Check […] | Ransomware Threat | ★★ | |
|
2023-01-30 10:53:31 | Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware (lien direct) | >Research by: Arie Olshtein Executive summary Introduction Cyber criminals increasingly rely on packers to carry out their malicious activities. The packer, also referred to as “Crypter” and “FUD” on hacking forums, makes it harder for antivirus programs to detect the malicious code. By using a packer, malicious actors can spread their malware more easily with […] | Malware | ★★★ | |
|
2023-01-23 13:50:37 | 23rd January – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 23rd January, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The fast food brand 'Yum! Brands', operator of leading fast food restaurants including KFC, Pizza Hut and Taco Bell, has been targeted by a ransomware attack. The attack lead to the temporary closure […] | Ransomware Threat Guideline | ★★★ | |
|
2023-01-16 15:48:55 | 16th January – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 16th January, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Britain's international mail service, Royal Mail, has had its operations disrupted by a cyberattack. The service has instructed its users not to post mail, as it is unable to dispatch packages to their […] | Threat | ★★★ | |
|
2023-01-15 22:05:17 | AI Can Write Malware Now. Are We Doomed? (lien direct) | >Today’s AI can beat humans at Jeopardy, chess, recognizing faces and diagnosing medical conditions. As of last Fall it can write malware, too. In fact, it can write an entire attack chain: phishing emails, macros, reverse shells, you name it. What do we do now? | Malware Medical | ★★ | |
|
2023-01-09 20:57:31 | 9th January – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 9th January, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Check Point Research has published a report on APT-C-36, also known as Blind Eagle – a financially motivated threat group attacking citizens of various countries in South America since at least 2018. CPR […] | Threat | APT-C-36 | ★★★ |
|
2023-01-06 11:59:27 | OPWNAI : Cybercriminals Starting to Use ChatGPT (lien direct) | >Introduction At the end of November 2022, OpenAI released ChatGPT, the new interface for its Large Language Model (LLM), which instantly created a flurry of interest in AI and its possible uses. However, ChatGPT has also added some spice to the modern cyber threat landscape as it quickly became apparent that code generation can help […] | Threat | ChatGPT | ★★★ |
|
2023-01-05 09:12:26 | BlindEagle Targeting Ecuador With Sharpened Tools (lien direct) | >Blind Eagle, is a financially motivated threat group that has been launching indiscriminate attacks against citizens of various countries in South America since at least 2018. In a recent campaign targeting Ecuador based organizations, CPR detected a new infection chain that involves a more advanced toolset. | Threat | APT-C-36 | ★★★ |
|
2023-01-02 16:05:39 | 2nd January – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 2nd January, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Decentralized multi-chain crypto wallet BitKeep announced it has been a victim of an attack that resulted in the theft of over $9M worth of digital currencies from its customers. Threat actors were able […] | Threat | ★★★ | |
|
2022-12-26 15:09:29 | 26th December – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 26th December, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES LastPass revealed that it has been breached for the second time this year, an event that resulted in attackers stealing customer encrypted password vaults and additional account information. The breach was achieved after […] | Threat | LastPass | ★★★ |
|
2022-12-20 08:59:36 | 19th December – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 20th December, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES Information of more than 80,000 security professionals and law enforcement officers is being offered for sale online, after the FBI's information sharing portal InfraGard has been breached. The attacker has gained access to […] | Threat | ★★★ | |
|
2022-12-19 11:14:43 | OpwnAI: AI That Can Save the Day or HACK it Away (lien direct) | >Research by: Sharon Ben-Moshe, Gil Gekker, Golan Cohen Introduction Due to ChatGPT, OpenAI's release of the new interface for its Large Language Model (LLM), in the last few weeks there has been an explosion of interest in General AI in the media and on social networks. This model is used in many applications all over […] | Hack | ChatGPT | ★★★ |
|
2022-12-12 15:13:04 | 12th December – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 12th December, please download our Threat Intelligence Bulletin. Top Attacks and Breaches The company that holds the World Cup broadcasting rights for sub-Saharan Africa has suffered a series of cyberattacks since the beginning of the tournament, targeting one of its decoding servers. The […] | Threat | ★★★ | |
|
2022-12-12 10:55:16 | Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper (lien direct) | >Highlights: Introduction During the past few weeks, we have shared the preliminary results of our investigation of the Azov ransomware on social media, as well as with Bleeping Computer. The below report goes into more detail regarding the internal workings of Azov ransomware and its technical features. Background & Key Findings Azov first came to […] | Ransomware | ★★★ | |
|
2022-12-09 14:12:13 | Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine (lien direct) | > Introduction Cloud Atlas (or Inception) is a cyber-espionage group. Since its discovery in 2014, they have launched multiple, highly targeted attacks on critical infrastructure across geographical zones and political conflicts. The group's tactics, techniques and procedures (TTPs) have remained relatively static over the years. However, since the rapid escalation of the conflict between Russia […] | ★★★ | ||
|
2022-12-06 00:48:43 | How Hackers Make NFTs Disappear (lien direct) | >Earlier this Fall, some users of the OpenSea trading platform posted dire messages to Twitter: all of the NFTs in their wallets were gone. Thousands of dollars worth of investments had suddenly disappeared. Soon it became clear: they were never getting their money back. This wasn't just a glitch, it was a hack. But how? […] | ★★★ | ||
|
2022-12-05 16:18:04 | 5th December – Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 5th December, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Cyber criminals who breached Australian Medibank’s systems have released another batch of data onto the dark web, claiming that the files contain all data harvested in the former heist that impacted 9.7 […] | Threat | ★★★ | |
|
2022-11-28 13:10:59 | 28th November– Threat Intelligence Report (lien direct) | >For the latest discoveries in cyber research for the week of 28th November, please download our Threat Intelligence Bulletin. Top Attacks and Breaches The European Parliament website has been attacked following a vote declaring Russia a state sponsor of terrorism. The pro-Russian hacktivist groups Anonymous Russia and Killnet, have claimed responsibility for the attack, causing […] | Threat | ★★★ |
To see everything:
Our RSS (filtrered)
