Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign
The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. « While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater’s methods remain constant, » Deep
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. « A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions […]
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
Cybersecurity researchers have discovered a credit card skimmer that’s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the « Miscellaneous Scripts » section of the Magento admin panel. […]
Failles de sécurité dans les appareils NAS D-Link
Un chercheur en cybersécurité met au jour des failles de sécurité inquiétantes dans de nombreux appareils NAS D-Link. Ces vulnérabilités, actuellement non prises en charge par le fabricant, incluent des injections de commandes et des portes dérobées codées en dur. Le problème a été identifié dans le script /cgi-bin/nas_sharing.cgi, spécifiquement dans son composant HTTP GET […]
Législation européenne sur le cloud : Un changement favorable aux fournisseurs américains
Dans un revirement surprenant, il semble que l’Europe n’exige finalement pas que les fournisseurs de cloud soient exemptés des lois non européennes.
U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft’s systems that led to the theft of email correspondence with the company. The attack, which came to light earlier this year, has […]
Python’s PyPI Reveals Its Secrets
GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,
Python’s PyPI Reveals Its Secrets
GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. « This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors, » Proofpoint said. « Additionally, the actor appeared to
Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks
Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off « individually […]