What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-31 16:15:11 | CVE-2022-3374 (lien direct) | The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog. | Guideline | APT 32 | |
 |
2022-08-18 08:00:00 | Ukraine and the fragility of agriculture security (lien direct) |  By Joe Marshall.The war in Ukraine has had far-reaching global implications and one of the most immediate effects felt will be on the global supply chain for food. This war-induced fragility has exposed the weaknesses of how we feed ourselves globally. Ransomware cartels and other adversaries are well aware of this and are actively exploiting that fragility. For the past six years, Cisco Talos has been actively involved in assisting public and private institutions in Ukraine to defend themselves against state-sponsored actors. Our involvement stretches the gamut from commercial to critical infrastructure, to election security. Our presence has afforded us unique opportunities and observations about cybersecurity in a macro and micro way. Ukraine has been a frequent victim of state-sponsored cyber attacks aimed at critical infrastructures like power and transportation. Talos is proud to stand with our partners in Ukraine and help defend their critical networks and help users there maintain access to necessary services. Now that Russia has invaded Ukraine, those threats have escalated to kinetic attacks that are wreaking havoc on a critical element of our world: agriculture and our global food supply chain. Even worse is the implications this war will have for future cyber attacks, as fragility is considered a lucrative element in deciding victimology by threat actors like ransomware cartels. To truly grasp the implications of the war in Ukraine, we have to examine how vital Ukrainian agriculture feeds the world, the current state of affairs, and what this means for the global cybersecurity posture to protect agricultural assets. Where there is weakness, there is opportunityRansomware cartels and their affiliates are actively targeting the agricultural industry. Moreover, these actors have done their homework and are targeting agricultural companies during the two times of the year where they cannot suffer disruptions: planting and harvesting. Per the published FBI PIN Alert: “Cyber actors may perceive cooperatives as lucrative targets with a willingness to pay due to the time-sensitive role they play in agricultural production.” This is far from unusual for these adversaries - they are shrewd and calculating, and understand their victims' weaknesses and industries. H |
Ransomware Threat Guideline Cloud | NotPetya Uber APT 37 APT 32 APT 28 APT 10 APT 21 Guam | |
|
2022-06-20 11:15:08 | CVE-2021-25104 (lien direct) | The Ocean Extra WordPress plugin before 1.9.5 does not escape generated links which are then used when the OceanWP is active, leading to a Reflected Cross-Site Scripting issue | Guideline | APT 32 | |
 |
2022-02-21 19:50:06 | Phishing Campaign Targets NFT Speculators (lien direct) |
Scams follow fashion because money follows fashion. So it's no surprise that non-fungible tokens (NFTs), which have become a hot speculative property, have drawn scam artists for phishing campaigns. They're not so much interested in the NFTs themselves as they are in the speculators' cash. OceanSea, a leading NFT marketplace, has responded to panicky tweets from users to reassure them that it's on top of rumors of “an exploit” connected to the smart contracts traders use. |
Guideline | APT 32 | |
 |
2020-05-10 14:50:19 | DigitalOcean Admits Of Data Breach After Leaving Internal Document Online (lien direct) | DigitalOcean, the world's leading web hosting platform, has confirmed that it exposed customer data after it accidentally left an internal Digital Ocean document online, according to a report from The Hacker News. According to the breach notification email sent to affected customers, the data leak took place when a DigitalOcean-owned document from 2018 was unintentionally […] | Data Breach Guideline | APT 32 | |
 |
2018-08-20 16:06:46 | DeGrasse Tyson: Make Truth Great Again (lien direct) | Neil deGrasse Tyson tweets the following:I'm okay with a US Space Force. But what we need most is a Truth Force - one that defends against all enemies of accurate information, both foreign & domestic.- Neil deGrasse Tyson (@neiltyson) August 20, 2018When people make comparisons with Orwell's "Ministry of Truth", he obtusely persists:A good start: The National Academy of Sciences, which “…provides objective, science-based advice on critical issues affecting the nation."- Neil deGrasse Tyson (@neiltyson) August 20, 2018Given that Orwellian dystopias were the theme of this summer's DEF CON hacker conference, let's explore what's wrong with this idea.Truth vs. "Truth"I work in a corrupted industry, variously known as the "infosec" community or "cybersecurity" industry. It's a great example of how truth is corrupted into "Truth".At a recent government policy meeting, I pointed out how vendors often downplay the risk of bugs (vulnerabilities that can be exploited by hackers). When vendors are notified of these bugs and release a patch to fix them, they often give a risk rating. These ratings are often too low, in order to protect the corporate reputation. The representative from Oracle claimed that they didn't do that, and that indeed, they'll often overestimate the risk. Other vendors chimed in, also claiming they rated the risk higher than it really was.In a neutral world, deliberately overestimating the risk would be the same falsehood as deliberately underestimating it. But we live in a non-neutral world, where only one side is a lie, the middle is truth, and the other side is "Truth". Lying in the name of the "Truth" is somehow acceptable.Moreover, Oracle is famous for having downplayed the risk of significant bugs in the past, and is well-known in the industry as being the least trustworthy vendor as far as security of their products is concerned. Much of their policy efforts in Washington D.C. are focused on preventing their dirty laundry from being exposed. They aren't simply another vendor promoting "Truth", but a deliberately exploiting "Truth" to corrupt ends.That we should exaggerate the risks of cybersecurity, deliberately lie to people for their own good, is the uncontroversial consensus of our infosec/cybersec community. Most do it, few think this is wrong. Security is a moral imperative that justifies "Truth".The National Academy of ScientistsSo are we getting the truth or "Truth" from organizations like the National Academy of Scientists?The question here isn't global warming. That mankind's carbon emissions warms the climate is truth. We have a good understanding of how greenhouse gases work, as well as many measures of the climate showing that warming is occurring. The Arctic is steadily losing ice each summer.Instead, the question is "Global Warming", the claims made by politicians on the subject. Do politicians on the left fairly represent the truth, or are they the "Truth"?Which side is the National Academy of Sciences on? Are they committed to the truth, or (like the infosec/cybersec community) are they pursuing "Truth"? Is global warming a moral imperative that justifies playing loose with the facts?Googling "national academy of sciences climate chang | Guideline | APT 32 | |
 |
2018-08-06 13:00:00 | Black Hat 2018 will be Phenomenal! (lien direct) |
The AlienVault team is ready to meet and greet visitors at Black Hat USA 2018, August 8th and 9th at the Mandalay Bay Convention Center in Las Vegas! Black Hat is one of the leading security industry events. The conference features the largest and most comprehensive trainings, educational sessions, networking opportunities and a two-day expo packed with exhibitors showcasing the latest in information security solutions from around the world!
Visit us at Booth #528!
Visit booth #528 located below the large, green alien head! We will be leading theater presentations twice an hour. Attendees will get a cool AlienVault collectors t-shirt, as well as a chance to win a pair of Apple® AirPods during our daily raffle. Stop by and meet the AlienVault team and learn about the recently announced endpoint detection and response capabilities now part of the USM Anywhere platform! USM Anywhere is the ONLY security solution that automates threat hunting everywhere modern threats appear: endpoints, cloud, and on-premises environments – all from one unified platform. Check out this awesome video by Javvad Malik, Community Evangelist for AlienVault, to learn more here!
Attend "From the Defender's Dilemma to the Intruder's Dilemma" Session for a chance to win a Nintendo Switch!
Join AlienVault VP of Product Marketing Sanjay Ramnath at a Black Hat speaking session. Sanjay will be speaking on Wednesday, August 8th from 10:20am-11:10am in Oceanside E on 'From the Defender's Dilemma to the Intruder's Dilemma'. We will be handing out raffle tickets before the session begins. Be sure to check out this session for the chance to win a Nintendo Switch!
Get Access to the Exclusive Security Leaders Party at Black Hat!
AlienVault is co-sponsoring one of the hottest security parties at Black Hat! Join us on Wednesday night from 8:00 - 10:00pm - guests will enjoy music, food, and a full open bar at the best venue at Mandalay Bay, Eyecandy Sound Lounge!
This will be the most talked about party of BHUSA 2018! We expect to reach capacity, so don't hesitate to get on the list now!
Event Details:
Date: Wednesday, August 8th
Time: 8:00 - 10:00 PM
Location: Eyecandy Sound Lounge, Mandalay Bay
We can’t wait to see you all at #BHUSA this week!
   |
Threat Guideline | APT 32 | |
 |
2017-12-12 07:55:49 | The OceanLotus MacOS Backdoor Transforms into HiddenLotus with a Slick UNICODE Trick (lien direct) | >Experts at Malwarebytes warns of a new variant of the macOS OceanLotus backdoor is using an innovative technique to avoid detection, A few years ago the bad actors realized they could use UNICODE characters that looked like English characters to lead unsuspecting victims to malicious websites. Now, they have figured out how to use a […] | Guideline | APT 32 | |
 |
2016-09-30 09:07:00 | IDG Contributor Network: Treasures attackers look for in the sea of email (lien direct) | As we dive into October, cybersecurity awareness month, there are lots of strategies to help us all become stronger swimmers in the digital waters. Given that there are 112 billion business emails sent around the world every day, that is one huge ocean that everyone can learn how to better navigate.Since its inception, email has become mission critical, and so many necessities beyond mail service have grown up along with it. Enterprises have become burdened by the complexities of email, which additionally requires the added protections of encryption gateways, spam filters, phishing protections, and much more.In order to attack all of the issues of email security in the age of digital disruption, you first have to know what is beneath the rough seas.To read this article in full or to leave a comment, please click here | Guideline | APT 32 |
1
We have: 9 articles.
We have: 9 articles.
To see everything:
Our RSS (filtrered)
