Dit démantelé, LockBit semble reprendre ses activités

Un site aux couleurs de LockBit 3.0 est réapparu ce week-end. Et avec lui, un message qui suggère une reprise d’activité.

LockBit Ransomware Group Resurfaces After Law Enforcement Takedown

The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing. […]

Authorities Claim LockBit Admin « LockBitSupp » Has Engaged with Law Enforcement

LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, « has engaged with law enforcement, » authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. « Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 […]

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to « enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances, » Ram Shankar Siva Kumar, AI red team

How to Use Tines’s SOC Automation Capability Matrix

Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it’s been shared

Researchers Detail Apple’s Recent Zero-Click Shortcuts Vulnerability

Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and 

Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. « With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach

LockBit démantelé : les acteurs de la cyber restent vigilants

Si les éditeurs de solutions cyber se réjouissent du succès de l’opération Cronos qui a permis de neutraliser LockBit, ils restent très vigilants sur la disparition totale du réseau. Réactions de Sophos, Netwrix, Netskope, Harfanglab et Kaspersky.