CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors « interfered » with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers. The starting point of the attacks is […]
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It’s worth pointing out that the shortcoming only affects […]
Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign
Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. « The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as
VBScript et NTLM en voie d’extinction chez Microsoft
Microsoft vient d’officialiser l’obsolescence de VBScript et son intention de supprimer NTLM de Windows.
SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls
The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access call logs, camera, SMS messages, and external
CERTFR-2023-ACT-045 : Bulletin d’actualité CERTFR-2023-ACT-045 (16 octobre 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence
Encrypted messaging app Signal has pushed back against « viral reports » of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. « After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels, » it said in a series […]
Piraté, Shadow affirme l’intégrité de ses « PC cloud »
Des tiers ont pu accéder à des données client de Shadow après une attaque de social engineering contre un employé. Quel en est le bilan ?
Binance’s Smart Chain Exploited in New ‘EtherHiding’ Malware Campaign
Threat actors have been observed serving malicious code by utilizing Binance’s Smart Chain (BSC) contracts in what has been described as the « next level of bulletproof hosting. » The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting
Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. « The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM), » the tech giant said. […]