New Cyberthreat ‘Boolka’ Deploying BMANAGER Trojan via SQLi Attacks
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER. « The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022, » Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said […]
How to Cut Costs with a Browser Security Platform
Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk – the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive […]
Une vulnérabilité zero-day pour des caméras en vente
Les « inventeurs » de 0day préfèrent vendre leurs créations directement dans le dark web plutôt que de passer par des brokers ou des programmes de bug bounty. Une vulnérabilité pour caméra IP est vendue 400 000 dollars.
Wikileaks’ Julian Assange Released from U.K. Prison, Heads to Australia
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the « largest compromises of classified information in the history » of the country. Capping off a 14-year legal saga, […]
Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. « The injected malware attempts to create a new administrative user account and then sends those details back to the attacker-controlled server, » Wordfence security researcher Chloe Chamberland said in a […]
4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and […]
Cyberassurance : le marché stagne, bon ou mauvais signe ?
En 2023, le volume de primes a peu progressé sur le marché français de la cyberassurance. L’AMRAE livre une analyse.
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. « The Naptime architecture is centered around the interaction between an AI agent and a target codebase, » Google Project Zero researchers Sergei Glazunov and Mark […]
Réinitialisation Rapide : des hackers ont trouvé un moyen de lancer des attaques DDoS puissantes
Pourquoi autant de DDoS ces derniers temps ? Les cybercriminels exploitent activement la vulnérabilité Réinitialisation Rapide pour mener des blocages numériques.
Bulletin d’actualité CERTFR-2024-ACT-027 (24 juin 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…