Recherche : [attack] - Cyberveille

PyPI package 'ctx' and PHP library 'phpass' compromised to steal environment variables https://blog.sonatype.com/pypi-package-ctx-compromised-are-you-at-risk

25/05/2022 06:59:04

This week, immensely popular PyPI package 'ctx' has been compromised and altered to steal environment variables from its users. Additionally, a forked PHP project 'phpass' also suffered a repo-hijacking attack with the project tained with identical malicious payload.

npm Supply Chain Attack Targeting Germany-Based Companies https://jfrog.com/blog/npm-supply-chain-attack-targets-german-based-companies/

11/05/2022 11:32:33

The JFrog Security Research team identified and quickly disclosed new npm malicious packages aimed at compromising leading industrial organizations

How the French fiber optic cable attacks accentuate critical infrastructure vulnerabilities https://www.cyberscoop.com/french-fiber-optic-cables-attack-critical-infrastructure/

01/05/2022 18:31:34

The pictures show neatly trimmed fiber optic cables dug up from underground behind what appears to be a well-hidden grate. The apparent simplicity of the sabotage is all the more harrowing in light of how extensively it disrupted Internet service in France, experts said.

Ongoing phishing attacks on Trezor users https://blog.trezor.io/ongoing-phishing-attacks-on-trezor-users-edd840b17304#4909

04/04/2022 17:35:23

Trezor users have reported being targeted by a malicious phishing attack on April 3.

BRANCH HISTORY INJECTION https://www.vusec.net/projects/bhi-spectre-bhb/?s=09

11/03/2022 10:09:52

On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks
BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).

Toyota suspends domestic factory operations after suspected cyber attack https://www.reuters.com/business/autos-transportation/toyota-suspends-all-domestic-factory-operations-after-suspected-cyber-attack-2022-02-28/

02/03/2022 12:06:30

Toyota Motor Corp said it will suspend domestic factory operations on Tuesday, losing around 13,000 cars of output, after a supplier of plastic parts and electronic components was hit by a suspected cyber attack.

Cyberattack targets Vodafone Portugal, disrupts services https://apnews.com/article/technology-business-europe-hacking-telecommunications-24b6daae9237b1d394f781b7e6497b04

19/02/2022 18:50:03

Vodafone Portugal, one of the country’s leading telecommunications companies, said Tuesday it had been hacked though no confidential customer data was compromised

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them https://www.bloombergquint.com/technology/-zero-click-hacks-by-nso-group-and-others-growing-in-popularity

19/02/2022 14:01:39

As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.

Cyber-attack on ICRC: What we know https://www.icrc.org/en/document/cyber-attack-icrc-what-we-know

16/02/2022 11:21:27

Nearly a month has passed since we determined that servers hosting personal data belonging to more than 515,000 people worldwide were hacked in a sophisticated cyber-attack. We are now in a position to share some findings of our analysis of this data breach.

Google Docs Comment Exploit Allows for Distribution of Phishing and Malware https://www.avanan.com/blog/google-docs-comment-exploit-allows-for-distribution-of-phishing-and-malware

15/02/2022 10:06:51

An exploit in the Google Docs comment feature allows hackers to easily spread malware and phishing.

Liens par page

Filtres