DDoS 2.0: IoT Sparks New DDoS Alert
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they’re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and […]
Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. « This suggests that the threat actors are streamlining operations by making their techniques multipurpose, » Trend Micro researchers said in a new analysis published this
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims’ credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. « The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, and pharmaceutical sectors to likely facilitate
Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. « Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program’s context or perform other […]
Prévention des pertes de données : comment tirer profit de son évolution
La perte de données peut être lourde de conséquences pour les entreprises. Elle érode la confiance dans l’organisation et est susceptible d’entraîner des pertes financières dues à des poursuites judiciaires, à des amendes pour non-respect de la réglementation et à l’exposition de la propriété intellectuelle.
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. The campaign, which took place between […]
Avoid These 5 IT Offboarding Pitfalls
Employee offboarding is no one’s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That’s easier said than done, especially considering that IT organizations have less visibility and control over employees’ IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and […]
Faille critique dans WebP : une surface d’attaque étendue
Une faille critique a été corrigée dans la bibliothèque logicielle du codec WebP. Jusqu’où s’étend le risque ?
N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation
A high-severity security flaw has been disclosed in N-Able’s Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges. Tracked as CVE-2023-27470 (CVSS score: 8.8), the issue relates to a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows