Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals
Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. « Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface, » Securonix […]
Watch the Webinar — AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks
Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That’s on the one hand. On the other end of this fencing match: risk. From IP leakage and data privacy risks […]
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. « The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users, » Volexity security researchers Callum Roxan, Paul
CERTFR-2023-ACT-041 : Bulletin d’actualité CERTFR-2023-ACT-041 (25 septembre 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Chasse aux cybermenaces : l’analyse proactive des attaques renforce la cyber résilience
Ce n’est pas parce qu’un processus est immature ou simple qu’il n’est pas central. La chasse aux menaces est le moteur de la grande majorité des autres fonctions dont le SOC est responsable.
New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. « While this activity occurred around the same time and in some instances even simultaneously on the same victims’ machines, each cluster is characterized by distinct tools, modus operandi and […]
Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. « Deadglyph’s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly, » ESET said in a new report shared with The Hacker News. « This combination
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. « The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian […]
New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. « The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering its 2FA code to their bank accounts […]