Au cours des cinq dernières années, 100 milliards de dollars de cryptomonnaies illicites ont transité
Depuis 2019, les échanges de cryptomonnaies ont reçu au moins 100 milliards de dollars provenant d’adresses liées à des activités illégales.
Google Patches New Android Kernel Vulnerability Exploited in the Wild
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. « There are indications that CVE-2024-36971 may be under limited, targeted exploitation, » the tech giant noted in its […]
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances. Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. It affects Apache OFBiz […]
Bulletin d’actualité CERTFR-2024-ACT-035 (05 août 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). « The program selling for as little as $80 on underground resources allows the adversaries to take control of corporate computers and hijack restricted data, » cybersecurity vendor BI.ZONE said in a new […]
Researchers Uncover Flaws in Windows Smart App Control and SmartScreen
Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being […]
The Loper Bright Decision: How it Impacts Cybersecurity Law
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law. Background What […]
Enhancing Incident Response Readiness with Wazuh
Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly. Challenges in incident
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. « A vulnerability exists in the affected products that allows a threat […]
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active […]