LockBit : ce que l’on sait du démantèlement de l’infrastructure du ransomware
Plusieurs agences nationales de sécurité, dont la NCA britannique et le FBI, ont supprimé des milliers de sites appartenant au réseau de pirates informatiques qui opèrent le ransomware LockBit.
Ransomware chez Schneider Electric : l’étau se resserre
Le collectif cybercriminel auquel on a attribué l’attaque contre Schneider Electric vient de publier un échantillon de données.
WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6. It has […]
Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns designed to steal intelligence, and information operations to turn public opinion against Israel. Iran
LockBit Ransomware’s Darknet Domains Seized in Global Law Enforcement Raid
An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group’s .onion website displays a seizure banner containing […]
CERTFR-2024-ACT-009 : Bulletin d’actualité CERTFR-2024-ACT-009 (19 février 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. « Their various […]
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how it’s become the most effective technology to detect cyber threats? NDR […]
Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. « Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play’s enhanced detection and protection mechanisms, » ThreatFabric said in a report shared with The Hacker News.
(In)sécurité du cloud : les 5 tendances à surveiller en 2024
Les grandes tendances de 2024 s’articulent autour de l’exploitation de la puissance de l’IA générative ainsi qu’une adoption accrue de la souveraineté du cloud et de l’architecture maillée de cybersécurité interopérable entre le cloud, l’IT/OT et le edge.