Recherche : [EN] - Cyberveille

CVE-2022-21449: Psychic Signatures in Java https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/

20/04/2022 13:17:22

The long-running BBC sci-fi show Doctor Who has a recurring plot device where the Doctor manages to get out of trouble by showing an identity card which is actually completely blank. Of course, this being Doctor Who, the card is really made out of a special "psychic paper", which causes the person looking at it…

The More You Know, The More You Know You Don’t Know https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html

20/04/2022 07:58:06

A Year in Review of 0-days Used In-the-Wild in 2021

Pegasus spyware found on 5 French cabinet members' phones https://www.intego.com/mac-security-blog/pegasus-spyware-found-on-5-french-cabinet-members-phones/

19/04/2022 16:55:09

A new report claims that telltale signs of Pegasus spyware have been identified on at least five current French cabinet ministers' mobile phones. The

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/

18/04/2022 15:27:16

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens https://www.bleepingcomputer.com/news/security/github-attacker-breached-dozens-of-orgs-using-stolen-oauth-tokens/

18/04/2022 09:45:06

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

Increased Enterprise Use of iOS, Mac Means More Malware https://www.bankinfosecurity.com/ios-mac-malware-grows-increased-enterprise-use-a-18792

16/04/2022 09:57:28

As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild https://arstechnica.com/information-technology/2022/03/researcher-uses-600-year-old-algorithm-to-crack-crypto-keys-found-in-the-wild/

15/04/2022 10:35:16

It takes only a second to crack the handful of weak keys. Are there more out there?

Microsoft Zero-Days, Wormable Bugs Spark Concern https://threatpost.com/microsoft-zero-days-wormable-bugs/179273/

13/04/2022 16:10:01

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

Russia’s Sandworm hackers attempted a third blackout in Ukraine https://arstechnica.com/information-technology/2022/04/russias-sandworm-hackers-attempted-a-third-blackout-in-ukraine/

13/04/2022 09:00:34

The attack was the first in five years to use Sandworm's Industroyer malware.

RaidForums hacking forum seized by police, owner arrested https://www.bleepingcomputer.com/news/security/raidforums-hacking-forum-seized-by-police-owner-arrested/

13/04/2022 08:59:27

The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries.

Git security vulnerability announced https://github.blog/2022-04-12-git-security-vulnerability-announced/

13/04/2022 08:12:27

GitHub is unaffected by the vulnerabilities, but users should be aware of them and upgrade their local installation of Git.

The U.S. is using declassified intel to fight an info war with Russia, even when the intel isn't rock solid https://www.nbcnews.com/politics/national-security/us-using-declassified-intel-fight-info-war-russia-even-intel-isnt-rock-rcna23014

12/04/2022 17:45:04

The Biden administration has broken with precedent by using declassified intelligence in an information war against Russia — even intel that isn’t rock solid.

Industroyer2: Industroyer reloaded https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/

12/04/2022 15:38:40

ESET researchers have responded to a cyber-incident that affected an energy provider in Ukraine and involved ICS-capable malware called Industroyer2.

Exploiting Scratch with a malicious image https://www.mnemonic.no/blog/exploiting-scratch-with-a-malicious-image/

12/04/2022 10:03:33

How handcrafted SVGs in applications can compromise applications and lead to full remote code execution in MIT’s Scratch.

CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware https://www.trendmicro.com/en_id/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html

12/04/2022 08:57:37

Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai botnet malware. The exploitation allows threat actors to download the Mirai sample to the “/tmp” folder and execute them after permission change using “chmod”.

We began seeing malicious activities at the start of April 2022. We also found the malware file server with other variants of the sample for different CPU architectures.

Browser-in-the-Middle (BitM) attack https://link.springer.com/article/10.1007/s10207-021-00548-5

12/04/2022 08:52:43

Man-in-the-Middle (MitM), one of the best known attacks in the world of computer security, is among the greatest concerns for professionals in the field. Main goal of MitM is to compromise confidentiality, integrity and availability of data flowing between source and destination. However, most of its many variants involve difficulties that make it not always possible. The present paper aims at modelling and describing a new method of attack, named Browser-in-the-Middle (BitM) which, despite the similarities with MitM in the way it controls the data flow between a client and the service it accesses, bypasses some of MitM’s typical shortcomings. It could be started by phishing techniques and in some cases coupled to the well-known Man-in-the-Browser (MitB) attack. It will be seen how BitM expands the range of the possible attacker’s actions, at the same time making them easier to implement. Among its features, the absence of the need to install malware of any kind on the victim’s machine and the total control it allows the attacker are to be emphasized.
Document PDF

Police Records Show Women Are Being Stalked With Apple AirTags Across the Country https://www.vice.com/en/article/y3vj3y/apple-airtags-police-reports-stalking-harassment

10/04/2022 22:17:25

Motherboard obtained reports of stalking, harassment, and abuse using AirTags, targeting victims of intimate partner violence.

FBI Disrupts Cyclops Blink Botnet Used by Russian Intelligence Directorate https://www.hackread.com/fbi-disrupts-cyclops-blink-botnet-russia-intel-directorate/

10/04/2022 21:38:02

The Cyclops Blink botnet was controlled by the Russian Fed. Intelligence Directorate (GRU) and compromised thousands of devices worldwide.

DoS attacks hit Finnish websites during Zelenskyy address • The Register https://www.theregister.com/2022/04/09/dos_attacks_finland_russia/

09/04/2022 14:05:09

Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).

AcidRain | A Modem Wiper Rains Down on Europe https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/

08/04/2022 09:19:52

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Liens par page

Filtres