Recherche : [EN] - Cyberveille

Qakbot Malware Takedown and Defending Forward https://www.huntress.com/blog/qakbot-malware-takedown-and-defending-forward

31/08/2023 12:58:14

On Tuesday, August 29, 2023, the Federal Bureau of Investigations Los Angeles announced that they and other international partners disrupted the Qakbot malware infrastructure in a successful takedown.

First things first, this is awesome!!!

Raising Online Defenses Through Transparency and Collaboration | Meta https://about.fb.com/news/2023/08/raising-online-defenses/

31/08/2023 10:11:20

We're sharing a look into our defense strategy and the latest news on how we build it into our products.

A recent study shows that de-platforming hate networks reduces consumption and production of hateful content on Facebook and diminishes the ability of these hate networks to operate online.
We’re sharing new threat research on two of the largest known covert influence operations in the world from China and Russia, targeting 50+ apps and countries, including the US.
We added new transparency features to Threads, including state-controlled media labels to help people know exactly who they interact with on the new app.

How NightOwl for Mac Added a Botnet https://gizmodo.com/how-nightowl-for-mac-added-a-botnet-1850740785

31/08/2023 09:48:59

NightOwl was supposed to make Macs work in dark mode. After a recent update, one developer discovered it was siphoning users’ data through a botnet.

Exposing DuckTail https://www.zscaler.com/blogs/security-research/ducktail-threat-actor-expose

30/08/2023 17:29:24

A comprehensive exploration of DuckTail's sophisticated infrastructure and insights gained from months of monitoring.

Qakbot botnet infrastructure shattered after international operation https://www.europol.europa.eu/media-press/newsroom/news/qakbot-botnet-infrastructure-shattered-after-international-operation

30/08/2023 10:55:33

Active since 2007, this prolific malware (also known as QBot or Pinkslipbot) evolved over time using different techniques to infect users and compromise systems. Qakbot infiltrated victims’ computers through spam emails containing malicious attachments or hyperlinks. Once installed on the targeted computer, the malware allowed for infections with next-stage payloads such as ransomware. Additionally, the infected computer became part of...

Telekopye: Hunting Mammoths using Telegram bot https://www.welivesecurity.com/en/eset-research/telekopye-hunting-mammoths-using-telegram-bot/

30/08/2023 08:35:39

ESET researchers uncover a toolkit that operates as a Telegram bot and helps scammers target victims on online marketplaces, mainly in Russia.

The Cheap Radio Hack That Disrupted Poland’s Railway System https://www.wired.com/story/poland-train-radio-stop-attack/

29/08/2023 22:26:19

The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.

Qakbot botnet dismantled after infecting over 700,000 computers https://www.bleepingcomputer.com/news/security/qakbot-botnet-dismantled-after-infecting-over-700-000-computers/

29/08/2023 21:02:57

Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation 'Duck Hunt.'

Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) https://www.mandiant.com/resources/blog/unc4841-post-barracuda-zero-day-remediation

29/08/2023 21:02:01

UNC4841 has continued operations despite Barracuda ESG zero-day remediation efforts.

Attacks on Citrix NetScaler systems linked to ransomware actor https://www.bleepingcomputer.com/news/security/attacks-on-citrix-netscaler-systems-linked-to-ransomware-actor/

29/08/2023 08:39:56

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.

Adversary On The Defense: ANTIBOT.PW https://inquest.net/blog/adversary-on-the-defense-antibot-pw/

28/08/2023 20:55:37

Discover the lifecycle of a commercial web traffic filtering service originating from a GitHub project and how it found success within phishing operations, including how it evolved into a commercial platform offering under new branding.

GTA 6 Hacker Found To Be Teen With Amazon Fire Stick In Small Town Hotel Room https://hackaday.com/2023/08/26/gta-6-hacker-found-to-be-teen-with-amazon-fire-stick-in-small-town-hotel-room/

28/08/2023 11:59:45

International cybercrime, as portrayed by the movies and mass media, is a high-stakes game of shadowy government agencies and state-sponsored hacking groups. Hollywood casting will wheel out a charact...

Lapsus$: Court finds teenagers carried out hacking spree https://www.bbc.com/news/technology-66549159

28/08/2023 11:21:33

The 18 year old leaked clips of the unreleased Grand Theft Auto 6 game while on police bail.

Security advisory: malicious crate rustdecimal https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html

28/08/2023 06:42:31

The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin

Poland investigates cyber-attack on rail network - BBC News https://www.bbc.com/news/world-europe-66630260

27/08/2023 16:10:23

olish intelligence services are investigating a hacking attack on the country's railways, Polish media say.

Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.

The signals were interspersed with recording of Russia's national anthem and a speech by President Vladimir Putin, the report says.

Met Police admits details of officers at risk of exposure after warrant card supplier was hacked https://news.sky.com/story/met-police-admits-details-of-officers-at-risk-of-exposure-after-warrant-card-supplier-was-hacked-12948602

27/08/2023 00:56:36

The security breach took place when cybercriminals successfully breached the IT systems of a contractor in charge of producing warrant cards and staff passes.

CVE-2023-36844 And Friends: RCE In Juniper Devices https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/

26/08/2023 12:55:18

As part of our Continuous Automated Red Teaming and Attack Surface Management technology - the watchTowr Platform - we're incredibly proud of our ability to discover nested, exploitable vulnerabilities across huge attack surfaces.

Through our rapid PoC process, we enable our clients to understand if they are vulnerable to emerging

MOVEit, the biggest hack of the year, by the numbers https://techcrunch.com/2023/08/25/moveit-mass-hack-by-the-numbers/

26/08/2023 02:03:04

The mass-exploitation of MOVEit file transfer servers — the largest hack of the year so far — now affects at least 60 million people.

Technical Advisory – SonicWall Global Management System (GMS) & Analytics – Multiple Critical Vulnerabilities https://research.nccgroup.com/2023/08/24/technical-advisory-sonicwall-global-management-system-gms-analytics-multiple-critical-vulnerabilities/

25/08/2023 11:36:28

Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass – CVE-2023-34133 Title: Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass Risk: 9.8 (Critic…

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT https://blog.talosintelligence.com/lazarus-quiterat/

25/08/2023 08:39:04

This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.

Liens par page

Filtres