Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses

The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security firm Proofpoint said the activity targets organizations in the U.S. with voicemail-themed lures containing links to OneDrive URLs. « The URLs led to a Word file with names […]

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more

Cyberattaqué, comment le CH Armentières gère sa com de crise

Trois jours ont passé depuis la cyberattaque contre l’hôpital d’Armentières. On retrouve, dans sa com de crise, des motifs similaires à celle qu’avait orchestrée son homologue de Corbeil-Essonnes, lui aussi touché un week-end.

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that […]

PikaBot Resurfaces with Streamlined Code and Deceptive Tactics

The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of « devolution. » « Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network […]

Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit

The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. « This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that can be extremely difficult to

Quand le MFA fait le jeu des cyberattaquants

Proofpoint attire l’attention sur une campagne en cours impliquant la manipulation MFA sur des comptes Microsoft.

Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know

The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and

Cybersécurité : les étapes incontournables pour se mettre en conformité avec la directive NIS2

La directive NIS 2 vise à améliorer la résilience des infrastructures critiques en matière de cybersécurité et à renforcer leur capacité de réponse à l’échelle de l’Union européenne.