Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme
A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. « The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice, » Trustwave SpiderLabs researcher Karla Agregado said. The email message, the […]
NIS2 : A l’aube de sa mise en application, les enjeux sont de taille
Même si la directive propose un mécanisme de proportionnalité en termes d’exigence, en fonction du niveau de criticité, la mise en œuvre peut devenir un projet conséquent, onéreux et exigeant en termes techniques, en fonction de la maturité initiale de l’entreprise.
Google Sues App Developers Over Fake Crypto Investment App Scam
Google has filed a lawsuit against two app developers for engaging in an « international online consumer investment fraud scheme » that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and […]
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of « improper neutralization of special elements » that could pave the way for arbitrary code execution. It was addressed by the company as part of
AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks
New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers’ models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. « Malicious models represent a major risk to AI systems,
CISO Perspectives on Complying with Cybersecurity Regulations
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and
From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet […]
Cyber Resilience Act : l’open source en ordre de bataille
Des fondations open source s’allient pour peser dans la définition des spécifications communes qui accompagneront la mise en application du Cyber Resilience Act.
Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886. The Google Cloud
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an « evolving threat » called JSOutProx. « JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET, » Resecurity said in a technical report published this week. « It employs the .NET (de)serialization feature to interact with a core