29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services
A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive […]
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. « These families allow the threat actors to circumvent authentication and provide backdoor access to these devices, » Mandiant said in an
Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with multiple options […]
Urgent: GitLab Releases Patch for Critical Vulnerabilities – Update ASAP
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could facilitate account takeover by sending password reset emails to an unverified […]
Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO
Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson’s famous adage, « Everyone […]
Le XDR, un bouclier incontournable pour toutes les entreprises
Les acteurs du XDR ont su faire évoluer leurs offres pour s’adapter également aux besoins des petites et moyennes entreprises. Les entreprises qui ne disposent pas de leur propre équipe SOC peuvent s’appuyer sur des services de MDR proposés directement par les éditeurs ou de prestataires MSSP.
Un concours pour combattre la fraude au clonage vocal
La Federal Trade Commission (FTC) invite désormais les candidats à participer à un concours innovant. Son objectif ? Stimuler le développement de solutions et de politiques pour protéger les consommateurs contre l’usage malveillant de la technologie de clonage vocal, une branche de l’intelligence artificielle en pleine expansion.
NotPetya, six ans après : Merck et ses assureurs trouvent un accord !
Six ans après la redoutable cyberattaque NotPetya, le géant pharmaceutique Merck a conclu un accord significatif avec ses assureurs. Au cœur du débat : la définition des ‘actes de guerre’ dans le cyberespace.
L’innovation au coeur de la cyber détection
Le 25 Janvier à 10h , assistez au webinaire de Microsoft en partenariat avec Thales et venez découvrir : – Comment optimiser la gestion et la résolution des incidents cyber ? – Quelles sont les clés pour s’adapter sans cesse aux nouvelles menaces ? – Comment assurer l’amélioration continue et l’agilité dans la détection
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain