Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an « economically motivated » actor that first came to light in 2021. « DarkCasino is an APT threat actor with strong technical and […]
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). « Observed as a ransomware-as-a-service (RaaS)
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. « Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, […]
Russian Hackers Launch ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure
Russian threat actors have been possibly linked to what’s been described as the « largest cyber attack against Danish critical infrastructure, » in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. « 22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace, » Denmark’s SektorCERT said [PDF]. « The
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. « The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including […]
YouTube impose des règles pour les contenus générés par l’IA
La révolution de l’intelligence artificielle (IA) est en train de bouleverser notre monde à bien des égards, et l’une des dernières frontières à être touchée est l’industrie du contenu vidéo en ligne. YouTube, la plate-forme vidéo la plus importante du monde, est en train de prendre des mesures pour réglementer ces nouvelles formes de médias […]
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, […]
Guide CNIL : durées de conservation des données dans le secteur social et médico-social
Dans le domaine complexe et crucial des secteurs social et médico-social, la gestion des données est une préoccupation majeure. Pour aider les acteurs de ces secteurs à naviguer efficacement dans ce paysage, un nouveau référentiel a été élaboré par la CNIL. Son objectif ? Guider de manière opérationnelle les acteurs dans l’identification et la détermination […]
Three Ways Varonis Helps You Fight Insider Threats
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the same: insiders have access to too much data with too few controls. Insider threats continue […]
Cybersécurité : les attaques les plus courtes sont-elles les meilleures ?
L’opposition entre attaques « courtes » et « longues » jalonne le dernier rapport Active Adversary de Sophos. Qu’en ressort-il ?