What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-04-08 01:20:44 | Apple émet des correctifs d'urgence pour les exploits de style spyware 0-jour & # 8211;Mettez à jour maintenant! Apple issues emergency patches for spyware-style 0-day exploits – update now! (lien direct) |
Un bug pour pirater votre navigateur, puis un bug pour PWN le noyau ... signalé dans le Wild by Amnesty International.
A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International. |
Hack | ★★★ | |
 |
2023-04-07 14:22:20 | Apple corrige deux jours zéro exploités pour pirater les iPhones et les Mac Apple fixes two zero-days exploited to hack iPhones and Macs (lien direct) |
Apple a publié des mises à jour de sécurité d'urgence pour aborder deux nouvelles vulnérabilités zéro-jours exploitées dans les attaques pour compromettre les iPhones, les Mac et les iPads.[...]
Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. [...] |
Hack | ★★ | |
 |
2023-04-07 14:20:59 | Les JO 2024 ont déjà débuté pour les hackers (lien direct) | Les Jeux Olympiques 2024 pointent le bout de leurs médailles. Mais avant ce grand rendez-vous accueilli par la France, les hackers éthiques sont là. Au FIC, Yes We Hack et Eviden étaient déjà dans les startingblock pour déceler le moindre faux départ.... | Hack | ★★★ | |
 |
2023-04-07 13:00:00 | Cybercriminels \\ 'peut \\' voler votre voiture, en utilisant un nouveau piratage IoT Cybercriminals \\'CAN\\' Steal Your Car, Using Novel IoT Hack (lien direct) |
Le SUV de votre famille pourrait être parti dans la nuit grâce à une attaque de fissure et de piratage de phares.
Your family\'s SUV could be gone in the night thanks to a headlight crack and hack attack. |
Hack | ★★ | |
 |
2023-04-06 13:42:04 | Les voleurs utilisent un hack d'injection pour voler des voitures Thieves Use CAN Injection Hack to Steal Cars (lien direct) |
> Un haut-parleur portable d'aspect innocent peut masquer un dispositif de piratage qui lance des attaques d'injection de Can, qui ont été utilisées pour voler des voitures.
>An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars. |
Hack | ★★★ | |
|
2023-04-05 18:49:18 | Hack et entrez!Les portes de garage «sécurisées» que n'importe qui peut ouvrir de n'importe où & # 8211;Que souhaitez-vous savoir Hack and enter! The “secure” garage doors that anyone can open from anywhere – what you need to know (lien direct) |
Prenez un message / lecture / vous êtes juste joué / un grand hack phat ...
Grab a message/Play it back/You\'ve just performed/A big phat hack... |
Hack | ★★ | |
 |
2023-04-05 18:15:08 | CVE-2023-28852 (lien direct) | GLPI est un progiciel gratuit et logiciel de gestion informatique.À partir de la version 9.5.0 et avant les versions 9.5.13 et 10.0.7, un utilisateur avec les droits d'administration du tableau de bord peut pirater le formulaire de tableau de bord pour stocker un code malveillant qui sera exécuté lorsque d'autres utilisateurs utiliseront le tableau de bord connexe.Les versions 9.5.13 et 10.0.7 contiennent un correctif pour ce problème.
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versions 9.5.13 and 10.0.7 contain a patch for this issue. |
Hack | ||
 |
2023-04-04 13:00:00 | CyberheistNews Vol 13 # 14 [Eyes sur le prix] Comment les inconvénients croissants ont tenté un courteur par e-mail de 36 millions de vendeurs CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist (lien direct) |
CyberheistNews Vol 13 #14 | April 4th, 2023
[Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist
The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam.
It\'s not every day you hear about a purely social engineering-based scam taking place that is looking to run away with tens of millions of dollars. But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes.
This attack begins with a case of VEC – where a domain is impersonated. In the case of this attack, the impersonated vendor\'s domain (which had a .com top level domain) was replaced with a matching .cam domain (.cam domains are supposedly used for photography enthusiasts, but there\'s the now-obvious problem with it looking very much like .com to the cursory glance).
The email attaches a legitimate-looking payoff letter complete with loan details. According to Abnormal Security, nearly every aspect of the request looked legitimate. The telltale signs primarily revolved around the use of the lookalike domain, but there were other grammatical mistakes (that can easily be addressed by using an online grammar service or ChatGPT).
This attack was identified well before it caused any damage, but the social engineering tactics leveraged were nearly enough to make this attack successful. Security solutions will help stop most attacks, but for those that make it past scanners, your users need to play a role in spotting and stopping BEC, VEC and phishing attacks themselves – something taught through security awareness training combined with frequent simulated phishing and other social engineering tests.
Blog post with screenshots and links:https://blog.knowbe4.com/36-mil-vendor-email-compromise-attack
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, April 5, @ 2:00 PM (ET), for a live demo of how KnowBe4 i |
Ransomware Malware Hack Threat | ChatGPT ChatGPT APT 43 | ★★ |
 |
2023-04-04 09:24:00 | Les sociétés de crypto-monnaie ciblées dans une attaque sophistiquée de la chaîne d'approvisionnement 3CX Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack (lien direct) |
L'adversaire derrière l'attaque de la chaîne d'approvisionnement ciblant 3CX a déployé un implant de deuxième étape distinguant spécifiquement un petit nombre de sociétés de crypto-monnaie.
La société russe de cybersécurité Kaspersky, qui a suivi en interne la porte dérobée polyvalente sous le nom de Gopuram depuis 2020, a déclaré avoir observé une augmentation du nombre d'infections en mars 2023 coïncidant avec la violation du 3CX.
The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of cryptocurrency companies. Russian cybersecurity firm Kaspersky, which has been internally tracking the versatile backdoor under the name Gopuram since 2020, said it observed an increase in the number of infections in March 2023 coinciding with the 3CX breach. |
Hack Threat | ★★★ | |
 |
2023-04-03 18:03:55 | Hack de chaîne d'approvisionnement massive 3CX. Massive 3CX Supply Chain Hack Targeted Cryptocurrency Firms (lien direct) |
Les pirates nord-coréens semblent avoir utilisé le logiciel VoIP corrompu pour s'en occuper seulement une poignée d'entreprises cryptographiques avec une «précision chirurgicale».
North Korean hackers appear to have used the corrupted VoIP software to go after just a handful of crypto firms with "surgical precision." |
Hack | ★★ | |
 |
2023-04-03 16:30:00 | US DOD dévoile le site Web pour pirater le programme Bounty Bount de Pentagone US DoD Unveils Website For Hack the Pentagon Bug Bounty Program (lien direct) |
Ce sera une ressource pour les organisations du DoD, les fournisseurs et les chercheurs en sécurité
It will be a resource for DoD organizations, vendors and security researchers |
Hack | ★★ | |
 |
2023-04-03 16:04:36 | Capita Cyberattack a rendu ses programmes Microsoft Office 365 inaccessibles Capita Cyberattack Made Its Microsoft Office 365 Programs Inaccessible (lien direct) |
Capita a reconnu qu'une cyberattaque avait eu lieu vendredi dernier.De nombreux clients du Royaume-Uni, y compris des organisations gouvernementales, ont connu des perturbations en raison de l'incident, ce qui a perturbé l'accès aux applications internes Microsoft Office 365 dans le cabinet de services informatiques et de conseil.Dans une déclaration envoyée aux actionnaires ce matin, Capita a déclaré que le piratage n'avait pas compromis [& # 8230;]
Capita has acknowledged that a cyberattack occurred last Friday. Many clients across the UK, including government organizations, experienced disruption due to the incident, which disrupted access to internal Microsoft Office 365 apps at the IT services and consultancy firm. In a statement sent to shareholders this morning, Capita stated that the hack did not compromise […] |
Hack | ★★★ | |
|
2023-04-03 13:47:40 | Vulnérabilité du plugin Elementor Pro exploité pour pirater les sites Web WordPress Elementor Pro Plugin Vulnerability Exploited to Hack WordPress Websites (lien direct) |
> Une vulnérabilité sévère dans le plugin Elementor Pro WordPress est exploitée pour injecter des logiciels malveillants en sites Web vulnérables.
>A severe vulnerability in the Elementor Pro WordPress plugin is being exploited to inject malware into vulnerable websites. |
Malware Hack Vulnerability | ★★ | |
|
2023-04-03 10:13:07 | Europe, Amérique du Nord le plus touché par le piratage de la chaîne d'approvisionnement 3CX Europe, North America Most Impacted by 3CX Supply Chain Hack (lien direct) |
> L'Europe, les États-Unis et l'Australie semblent être les plus touchées par le hack de chaîne d'approvisionnement 3CX, selon les données de deux sociétés de cybersécurité.
>Europe, the United States and Australia seem to be the most impacted by the 3CX supply chain hack, according to data from two cybersecurity firms. |
Hack | ★★ | |
|
2023-04-03 08:26:07 | Un espace Google utilisé par un pirate informatique (lien direct) | Pour vanter un faux site de streaming, un pirate s'est invité dans un site Google afin de piéger les amateurs de football.... | Hack Threat | ★★★ | |
 |
2023-03-31 12:16:00 | Plus de preuves relie l'attaque de la chaîne d'approvisionnement 3CX au groupe de piratage nord-coréen [More evidence links 3CX supply-chain attack to North Korean hacking group] (lien direct) |
L'attaque de la chaîne d'approvisionnement contre la société de téléphone d'entreprise 3CX a utilisé le code de piratage qui «correspond exactement» au malware maltraité précédemment dans les attaques par un groupe nord-coréen notoire, selon une nouvelle analyse.L'établissement de l'étendue des dommages causés par le pirat
The supply-chain attack on the enterprise phone company 3CX used hacking code that “exactly matches” malware previously seen in attacks by a notorious North Korean group, according to new analysis. Establishing the extent of the damage caused by the hack has been a priority for researchers after a number of cybersecurity businesses went public with |
Malware Hack | APT 38 | ★★ |
|
2023-03-31 11:15:07 | Mandiant enquêtant sur le piratage 3CX car les preuves montrent que les attaquants ont eu accès pendant des mois [Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months] (lien direct) | > Plusieurs sociétés de cybersécurité ont publié des articles de blog, des avis et des outils pour aider les organisations qui pourraient avoir été frappées par l'attaque de la chaîne d'approvisionnement 3CX.
>Several cybersecurity companies have published blog posts, advisories and tools to help organizations that may have been hit by the 3CX supply chain attack. |
Hack | ★★ | |
 |
2023-03-30 12:19:17 | Les pirates pro-russes Target Target ont élu des responsables américains soutenant l'Ukraine [Pro-Russian hackers target elected US officials supporting Ukraine] (lien direct) | Le groupe suivi depuis 2021 exploite les serveurs Zimbra non corrigés pour pirater des comptes de messagerie.
Group tracked since 2021 exploits unpatched Zimbra servers to hack email accounts. |
Hack | ★★★ | |
|
2023-03-28 13:00:00 | Cyberheistnews Vol 13 # 13 [Oeil Overner] Comment déjouer les attaques de phishing basées sur l'IA sournoises [CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks] (lien direct) |
CyberheistNews Vol 13 #13 | March 28th, 2023
[Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks
Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO.
"A leader tasked with cybersecurity can get ahead of the game by understanding where we are in the story of machine learning (ML) as a hacking tool," Tyson writes. "At present, the most important area of relevance around AI for cybersecurity is content generation.
"This is where machine learning is making its greatest strides and it dovetails nicely for hackers with vectors such as phishing and malicious chatbots. The capacity to craft compelling, well-formed text is in the hands of anyone with access to ChatGPT, and that\'s basically anyone with an internet connection."
Tyson quotes Conal Gallagher, CIO and CISO at Flexera, as saying that since attackers can now write grammatically correct phishing emails, users will need to pay attention to the circumstances of the emails.
"Looking for bad grammar and incorrect spelling is a thing of the past - even pre-ChatGPT phishing emails have been getting more sophisticated," Gallagher said. "We must ask: \'Is the email expected? Is the from address legit? Is the email enticing you to click on a link?\' Security awareness training still has a place to play here."
Tyson explains that technical defenses have become very effective, so attackers focus on targeting humans to bypass these measures.
"Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. "This is where we can install a tripwire in our mindsets: we should be hyper aware of what it is we are acting upon when we act upon it.
"Not until an employee sends a reply, runs an attachment, or fills in a form is sensitive information at risk. The first ring of defense in our mentality should be: \'Is the content I\'m looking at legit, not just based on its internal aspects, but given the entire context?\' The second ring of defense in our mentality then has to be, \'Wait! I\'m being asked to do something here.\'"
New-school security awareness training with simulated phishing tests enables your employees to recognize increasingly sophisticated phishing attacks and builds a strong security culture.
Remember: Culture eats strategy for breakfast and is always top-down.
Blog post with links:https://blog.knowbe4.com/identifying-ai-enabled-phishing
|
Ransomware Malware Hack Tool Threat Guideline | ChatGPT ChatGPT | ★★★ |
 |
2023-03-24 12:45:57 | Blackfield Hackthebox Procédure pas à pas [Blackfield HacktheBox Walkthrough] (lien direct) | Le résumé Blackfield est une machine Windows Active Directory et est considérée comme une boîte dure par le piratage de la boîte.Cette boîte a diverses vulnérabilités intéressantes,
Summary Blackfield is a windows Active Directory machine and is considered as hard box by the hack the box. This box has various interesting vulnerabilities, |
Hack | ★★ | |
|
2023-03-24 12:10:00 | Fonds britannique de protection des pensions, dernière victime de Goanywhere Hack [UK Pension Protection Fund latest victim of GoAnywhere hack] (lien direct) |
Le Fonds de protection contre les pensions du Royaume-Uni, l'un des plus grands propriétaires d'actifs de Grande-Bretagne, Gestion & Pound; 39 milliards, a confirmé qu'il avait été affecté par le piratage du service de transfert de fichiers populaire Goanywhere.Un grand nombre d'organisations ont confirmé ces derniers jours que les pirates avaient accédé à leurs données en relation avec l'incident, y compris [la ville de Toronto
The U.K. Pension Protection Fund, one of Britain\'s largest asset owners, managing £39 billion, has confirmed it has been affected by the hack of popular file transfer service GoAnywhere. A large number of organizations have confirmed in recent days that hackers had accessed their data in connection to the incident, including [the City of Toronto |
Hack | ★★★ | |
 |
2023-03-23 16:57:08 | Commentaire d'expert: Withsecure - sur le récent Rio Tinto Hack [Expert comment: WithSecure - On the recent Rio Tinto hack] (lien direct) | Suite à la nouvelle que les anciens et actuels employés australiens de Rio Tinto ont peut-être fait voler des données personnelles par un groupe de cybercrimins, Paul Brucciani Cyber Security Conseiller à Withsecure Explique.
-
mise à jour malveillant
Following the news that former and current Australian employees of Rio Tinto may have had Personal data stolen by a cybercriminal group, Paul Brucciani Cyber Security Advisor at WithSecure explain. - Malware Update |
Hack General Information | ★ | |
|
2023-03-23 15:18:39 | La méthode post-exploitation OKTA expose les mots de passe utilisateur [Okta Post-Exploitation Method Exposes User Passwords] (lien direct) | La saisie accidentelle d'un mot de passe dans le champ de nom d'utilisateur de la plate-forme les économise pour auditer les journaux, auxquels les acteurs de menace peuvent accéder et utiliser pour compromettre les services d'entreprise.
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services. |
Hack Threat | ★★ | |
 |
2023-03-23 14:00:11 | Bitcoin : des pirates ont dépouillé des distributeurs automatiques de cryptos (lien direct) |  Des hackers ont découvert une faille de sécurité dans certains distributeurs automatiques de Bitcoin. En exploitant la brèche, ils ont volé 1,5 million de dollars en cryptomonnaies à l'insu du fabricant, General Bytes. |
Hack | ★★★ | |
|
2023-03-23 11:09:06 | Les logiciels malveillants de volume d'informations Python utilisent Unicode pour échapper à la détection [Python info-stealing malware uses Unicode to evade detection] (lien direct) | Un package Python malveillant sur PYPI utilise Unicode comme technique d'obscurcissement pour échapper à la détection tout en volant et en exfiltrant les développeurs \\ 'des informations d'identification et d'autres données sensibles à partir de dispositifs compromis.[...]
A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers\' account credentials and other sensitive data from compromised devices. [...] |
Malware Hack | ★★★ | |
|
2023-03-21 15:36:27 | NBA alerte les fans après le piratage du fournisseur de services tiers [NBA Alerts Fans After Hack Of The Third-Party Service Provider] (lien direct) | Un avis a été émis par la National Basketball Association (NBA) pour informer ses fans d'un incident de violation de données qui a entraîné le vol de certaines informations personnelles.Un e-mail intitulé & # 8220; Avis de cybersécurité incident & # 8221;à un nombre non spécifié de fans les informant qu'un tiers non autorisé avait obtenu leur nom et leur e-mail [& # 8230;]
A notice has been issued by the National Basketball Association (NBA) to inform its fans about a data breach incident that resulted in the theft of certain personal information. An email titled “Notice of Cybersecurity Incident” to an unspecified number of fans informing them that an unauthorized third party had obtained their name and email […] |
Data Breach Hack | ★★ | |
|
2023-03-20 14:35:48 | Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes (lien direct) | >Cryptocurrency ATM maker General Bytes discloses a security incident resulting in the theft of millions of dollars' worth of crypto-coins. | Hack | ★★ | |
|
2023-03-20 13:29:00 | NBA alerts fans after hack of third-party service provider (lien direct) |
The National Basketball Association (NBA) said it is contacting fans after an unnamed service provider was hacked. An NBA spokesperson did not respond to questions about what service provider was hacked and when, but told The Record that the league is now trying to help those affected. “We were recently made aware that an unauthorized |
Hack | ★★ | |
 |
2023-03-16 16:31:10 | ReMarkable emits Type Folio keyboard cover for e-paper tablet (lien direct) | Distraction-free long-life e-ink handheld writing tool becomes a typing tool too... but leaves us conflicted Norwegian e-ink tablet maker reMarkable has launched the Type Folio, a keyboard cover, causing one Reg hack to feel strangely conflicted.… | Hack Tool | ★★ | |
|
2023-03-15 14:06:14 | Hacker selling data allegedly stolen in US Marshals Service hack (lien direct) | A threat actor is selling on a Russian-speaking hacking forum what they claim to be hundreds of gigabytes of data allegedly stolen from U.S. Marshals Service (USMS) servers. [...] | Hack Threat | ★★★★ | |
|
2023-03-14 22:00:00 | Kremlin-backed hackers blamed in recent phishing attempts on EU agencies (lien direct) |
A Russian state-backed hacker group known as Nobelium is behind recent attempted cyberattacks on diplomatic entities and government agencies in the European Union, cybersecurity researchers say. In a campaign identified in early March, the hackers sent phishing emails with content related to diplomatic relations between Poland and the U.S., according to a report by cybersecurity |
Hack | APT 29 | ★★★ |
|
2023-03-14 20:09:54 | Still using authenticators for MFA? Software for sale can hack you anyway (lien direct) | Some forms of multi-factor authentication only go so far in preventing account takeovers. | Hack | ★★ | |
|
2023-03-14 09:00:07 | Hack crypto : 197 millions de dollars volés grâce à une faille… et une tactique bien connue (lien direct) |  Un nouveau piratage secoue le monde des cryptomonnaies. En exploitant une faille de sécurité passée inaperçue pendant huit mois, des hackers ont pu voler 197 millions de dollars en monnaies numériques. |
Hack | ★★★ | |
|
2023-03-13 14:32:01 | CISA Warns of Plex Vulnerability Linked to LastPass Hack (lien direct) | >CISA has added vulnerabilities in Plex Media Server and VMware NSX-V to its Known Exploited Vulnerabilities catalog. | Hack Vulnerability | LastPass LastPass | ★★★ |
|
2023-03-10 09:30:00 | Acronis Clarifies Hack Impact Following Data Leak (lien direct) | >Acronis said a single customer's account was compromised after a hacker leaked gigabytes of information on a cybercrime forum. | Hack | ★★ | |
|
2023-03-09 21:19:11 | New Rise In ChatGPT Scams Reported By Fraudsters (lien direct) | Since the release of ChatGPT, the cybersecurity company Darktrace has issued a warning, claiming that a rise in criminals utilizing artificial intelligence to craft more intricate schemes to defraud employees and hack into organizations has been observed. The Cambridge-based corporation said that AI further enabled “hacktivist” cyberattacks employing ransomware to extract money from businesses. The […] | Ransomware Hack | ChatGPT ChatGPT | ★★ |
|
2023-03-09 16:30:00 | Acer Confirms Unauthorized Access But Says No Consumer Data Stolen (lien direct) | Kernelware threat actor claimed responsibility for the hack on a dark web forum | Hack Threat | ★★ | |
|
2023-03-09 12:24:39 | AT&T alerts 9 million customers of data breach after vendor hack (lien direct) | AT&T is notifying roughly 9 million customers that some of their information has been exposed after one of its marketing vendors was hacked in January. [...] | Data Breach Hack | ★★ | |
 |
2023-03-08 16:59:49 | Israel blames prolific Iranian-linked hacking group for February university hack (lien direct) | >MuddyWater has been attacking targets around the world for years, according to the U.S. and other western governments. | Hack | ★★ | |
|
2023-03-08 16:04:00 | Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity (lien direct) | The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the | Hack Vulnerability Medical | APT 38 | ★★★ |
|
2023-03-07 14:30:00 | Internal documents show Mexican army used spyware against civilians, set up secret military intelligence unit (lien direct) |
_Two digital rights groups, Mexico's R3D and the University of Toronto's Citizen Lab, have just released an update to their “[Ejército Espía](https://ejercitoespia.r3d.mx/)” (“Spying Government”) report from late last year. In October 2022, they revealed that the Mexican army bought spyware and deployed it against at least two Mexican journalists and a human rights advocate between 2019 and 2021. While they had compelling circumstantial evidence, there was no smoking gun. The newly-released internal classified documents appear to prove it._
_Luis Fernando Garcia, a lawyer and executive director of R3D, told Click Here in an interview that a roster of freedom of information requests and internal Ministry of Defense documents – released as part of last year's massive hack-and-leak operation by the hacktivist group Guacamaya – connect officials at the highest levels of the Mexican army to the purchase of Pegasus spyware. R3D found a 2019 acceptance letter that links the military to a company with the exclusive right to sell licenses for the NSO Group's Pegasus spyware in Mexico._
_NSO Group created Pegasus in 2011 and it has been linked to everything from the capture of the drug lord El Chapo to the murder of journalist Jamal Khashoggi. Pegasus' super power is its ability to infect smartphones without a user knowing - the phone becomes a spy in their pocket, capturing their location, their communications, and information on their friends._
_Among the new revelations are documents from the Mexican Secretariat of National Defense , or SEDENA, that discuss a previously unknown military intelligence agency in charge of the nation's surveillance programs. The leaked files show the agency, referred to as CMI or the Military Intelligence Center, spied on a human rights advocate named Raymundo Ramos who has been investigating a suspected extrajudicial killing by the Army that occurred in July 2020 in a border town called Nuevo Laredo._
_The interview has been edited for space and clarity. A fuller version of the story can be heard on the [Click Here](https://podcasts.apple.com/us/podcast/click-here/id1225077306) podcast._
**CLICK HERE: For people who don't know, can you explain the mission of R3D (The Digital Rights Defense Network)?**
**LUIS FERNANDO GARCIA:** The Digital Rights Defense Network is a NGO that works on issues related to human rights and technology. Since the beginning we've been working to uncover and to investigate and pushback against the surveillance apparatus in Mexico.
**CH: You started your latest investigation into government surveillance in collaboration with the University of Toronto's Citizen Lab in early 2022. What did the initial investigation [[published last October](https://ejercitoespia.r3d.mx/)] reveal?**
**LG:** We started checking phones of human rights defenders, journalists, trying to see if we could find forensic evidence of Pegasus in Mexico. We started to document cases of people who were infected in 2019, 2020, and 2021, which means [it was deployed] during the current government, not the previous government.
A week or maybe less from our publication date, something really important happened. The army's email system was hacked and an activist group called Guacamaya was offering access to those emails to media organizations and to human rights organizations. And this gave us like the missing key that we needed to actually point the finger at the army and say we found these Pegasus cases [and connected them to the military].
**CH: Can you talk about some of the specific things you discovered in the Guacamaya documents?**
**LG:** We were able to find a kind of acceptance letter from the army, directed to the secretary, which is the head of the army - the General Secretary of National Defense in Mexico. And here it talks about a contract with Comercializadora Antsua |
Hack | ★★★★★ | |
|
2023-03-04 14:00:00 | The LastPass Hack Somehow Gets Worse (lien direct) | Plus: The US Marshals disclose a “major” cybersecurity incident, T-Mobile has gotten pwned so much, and more. | Hack | LastPass LastPass | ★★★ |
|
2023-03-03 11:33:13 | Warning on SolarWinds-like supply-chain attacks: \'They\'re just getting bigger\' (lien direct) | Industry hasn't 'improved much at all' SCSW Back in 2020, Eric Scales led the incident response team investigating a nation-state hack that compromised his company's servers along with those at federal agencies and tech giants including Microsoft and Intel.… | Hack | ★★★ | |
|
2023-03-02 14:33:21 | Hatch Bank discloses data breach after GoAnywhere MFT hack (lien direct) | Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform. [...] | Data Breach Hack | ★★ | |
|
2023-03-02 12:09:33 | [Eye Opener] Businessweek: The Satellite Hack Everyone Is Finally Talking About (lien direct) |
![[Eye Opener] Businessweek: The Satellite Hack Everyone Is Finally Talking About](https://blog.knowbe4.com/hubfs/satellites-over-europe-courtesy-Airbus.jpg)
|
Hack | ★★★ | |
 |
2023-03-02 11:00:00 | 8 Common Cybersecurity issues when purchasing real estate online: and how to handle them (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. More and more, people are completing the entire real estate transaction process online. From searching for properties to signing documents, online convenience can make the process easier and more efficient. However, with all of this activity taking place on the internet, it is important to be aware of the potential security risks that come along with it. Here are the eight common cybersecurity issues that can arise during the purchase of real estate online and how you can protect yourself against them. 1. Cybercrime This is, unfortunately, the world we live in - and it makes sense, given the large sums of money involved. Cybercriminals may attempt to hack into the system and gain access to private information. They may even try to interfere with the transaction process itself, delaying or preventing it from taking place at all. To combat this threat, make sure you are using a secure online platform when completing the transaction and be sure to only provide personal information when necessary. When you are completing a real estate transaction online, a lot of your personal information will be requested. This can include anything from your address and phone number to your bank account information. If this information is not properly secured, it could be at risk of being accessed by cybercriminals. To keep yourself safe, it is important to know what to look out for. You should watch for the commonly attempted ways that remote real estate buyers might be targeted and understand what you should do in the event of a breach. 2. Data breaches Buying real estate remotely involves a number of different tools, like online payment gateways and other web services. All of these tools can be vulnerable to data breaches, which means that hackers could gain access to your personal information stored on their servers. To protect yourself, research a service’s security standards before providing any sensitive information or look for an alternative if the security measures are inadequate. Always make sure you are observing best practices during and after an online purchase, which include doing things like updating your passwords as appropriate and monitoring your credit cards for any suspicious activity. By following these tips, you can help ensure that your online real estate transaction is secure. 3. Phishing scams These are attempts to obtain your personal information by pretending to be a legitimate source and they are on the rise. Be sure to only provide your information on secure websites and look for signs of legitimacy, such as “https” in the web address or a padlock icon in the URL bar. Phishing scams that target real estate buyers might include emails, text messages, and voicemails asking you to provide your credit card details or other personal information to make a purchase. Make sure to always look for signs of legitimacy before providing any sensitive information. They might also include bogus emails from lawyers or other professionals with malicious links or attachments. Be sure to only open emails from verified sources and never click on suspicious links. 4. Malware threats Malicious software can be used to steal your personal information, such as banking credentials and passwords, or to install ransomware that locks you out from accessing your own files. To protect yourself from malware, make sure to install | Ransomware Malware Hack | ★★ | |
|
2023-02-28 14:00:00 | CyberheistNews Vol 13 #09 [Eye Opener] Should You Click on Unsubscribe? (lien direct) |
CyberheistNews Vol 13 #09 | February 28th, 2023
[Eye Opener] Should You Click on Unsubscribe?
By Roger A. Grimes.
Some common questions we get are "Should I click on an unwanted email's 'Unsubscribe' link? Will that lead to more or less unwanted email?"
The short answer is that, in general, it is OK to click on a legitimate vendor's unsubscribe link. But if you think the email is sketchy or coming from a source you would not want to validate your email address as valid and active, or are unsure, do not take the chance, skip the unsubscribe action.
In many countries, legitimate vendors are bound by law to offer (free) unsubscribe functionality and abide by a user's preferences. For example, in the U.S., the 2003 CAN-SPAM Act states that businesses must offer clear instructions on how the recipient can remove themselves from the involved mailing list and that request must be honored within 10 days.
Note: Many countries have laws similar to the CAN-SPAM Act, although with privacy protection ranging the privacy spectrum from very little to a lot more protection. The unsubscribe feature does not have to be a URL link, but it does have to be an "internet-based way." The most popular alternative method besides a URL link is an email address to use.
In some cases, there are specific instructions you have to follow, such as put "Unsubscribe" in the subject of the email. Other times you are expected to craft your own message. Luckily, most of the time simply sending any email to the listed unsubscribe email address is enough to remove your email address from the mailing list.
[CONTINUED] at the KnowBe4 blog:https://blog.knowbe4.com/should-you-click-on-unsubscribe
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, March 1, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approac |
Malware Hack Tool Vulnerability Threat Guideline Prediction | APT 38 ChatGPT | ★★★ |
|
2023-02-28 11:41:25 | Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites (lien direct) | A critical vulnerability in the Houzez premium WordPress theme and plugin has been exploited in the wild. | Hack Vulnerability | ★★★ | |
|
2023-02-22 20:30:12 | No, ChatGPT didn\'t win a hacking competition prize…yet (lien direct) | $20k Pwn2Own prize for the humans, zero for the AI It was bound to happen sooner or later. For the first time ever, bug hunters used ChatGPT in a successful Pwn2Own exploit, helping the researchers to hack software used in industrial applications and win $20,000.… | Hack Industrial | ChatGPT | ★★★ |
|
2023-02-22 13:30:01 | R1Soft Server Backup Manager Vulnerability Exploited to Deploy Backdoor (lien direct) | Hackers have been exploiting a vulnerability tracked as CVE-2022-36537 to hack hundreds of R1Soft servers. | Hack Vulnerability | ★★★ |
To see everything:
Our RSS (filtrered)
