Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described the adversary as « one of the most dangerous financial […]
The Danger of Forgotten Pixels on Websites: A New Case Study
While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases. Download the full case study here. It’s a scenario that could have affected any type of […]
Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks
The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. « IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a downloader for further payloads, » the PwC Threat Intelligence said in a […]
Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. « This is an easily exploitable, unauthenticated remote code
YoroTrooper: Researchers Warn of Kazakhstan’s Stealthy Cyber Espionage Group
A relatively new threat actor known as YoroTrooper is likely made of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government’s Anti-Corruption Agency. « YoroTrooper attempts to obfuscate the
Top 6 des idées reçues concernant l’architecture Zero Trust
Qu’il s’agisse d’une phase de planification d’une ZTA ou simplement d’une mise en place, il est important de connaître les idées reçues les plus répandues concernant cette architecture pour mieux la comprendre
Ransomware : Big Game Hunting, exfiltration… les attaquants se tournent vers le plus rentable et affutent leurs outils
Cette tendance est motivée par l’intérêt persistant à maximiser la monétisation et fait écho à l’adoption massive de la technique de double extorsion, plus rentable, observée ces deux dernières années, et qui se poursuit en 2023.
La Cour pénale internationale confirme une cyberattaque à fin d’espionnage
La Cour pénale internationale (CPI) confirme que la cyberattaque dont elle a été victime septembre dernier était un cas d’« espionnage sophistiqué ».
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. « A malicious actor with network access to vCenter Server may trigger […]
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims’ accounts. « Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube, » ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using […]