Le Canada interdit les applications WeChat et Kaspersky sur les appareils du gouvernement
Le Canada a annoncé l’interdiction de l’utilisation des applications de Tencent et Kaspersky sur les appareils mobiles gouvernementaux. Invoqué, un niveau inacceptable de risque pour la vie privée et la sécurité du pays. « Le gouvernement du Canada s’engage à assurer la sécurité des informations et des réseaux gouvernementaux« , a déclaré le porte parole du gouvernement […]
L’affaire REvil devant un tribunal militaire
Des membres du groupe de ransomware REvil seront jugés par un tribunal militaire russe. Ils étaient militaires au moment des faits qu’ils leurs sont reprochés.
CanesSpy Spyware Discovered in Modified WhatsApp Versions
Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million […]
48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems
A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. « These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install, » software supply chain security firm Phylum said. All the counterfeit packages have […]
Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations
The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. « First, the drop manifested in India on August 8, » ESET said in an analysis published this week. « A week later, on August 16, the same thing happened in China. While the […]
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a « new experimental campaign » designed to breach cloud environments. « Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP), » cloud
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Compromised Facebook business accounts are being used to run bogus ads that employ « revealing photos of young women » as lures to trick victims into downloading an updated version of a malware called NodeStealer. « Clicking on ads immediately downloads an archive containing a malicious .exe ‘Photo Album’ file which also drops a second executable written in .NET […]
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes. As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important — and difficult. Asking the right questions can help you spot solutions
To MITRE or not to MITRE – telle est la question
MITRE, un outil pour les éditeurs ou pour les décideurs informatiques ? Quel poids sur le marché très concurrentiel de la cybersécurité ?
Ransomware : partage d’informations et suivi des paiements
Une coalition mondiale de dirigeants gouvernementaux en matière de cybersécurité annoncent des efforts visant à renforcer le partage d’informations sur les menaces numériques et à s’attaquer aux paiements en cryptomonnaies des chantages numériques.