Twitter, source fiable de threat intelligence ?
Dans quelle mesure Twitter / X fournit-il des renseignements fiables sur la menace cyber ? Une étude universitaire aborde la question.
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset’s metadata database. Outside […]
Mirai Botnet Variant ‘Pandora’ Hijacks Android TVs for Cyberattacks
A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for viewing pirated video content are installed. « It is likely that […]
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineer’s corporate account. This enabled the adversary to access a debugging environment that contained a crash dump of the consumer signing system that took place in April 2021 and steal […]
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw
Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android Framework. “There are indications that CVE-2023-35674 may be under limited, targeted […]
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain attack capability,” NSFOCUS Security Labs said in a […]
Three CISOs Share How to Run an Effective SOC
The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites, Founder of CyAlliance and former CISO at companies […]
9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products
Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution (RCE) on an engineering workstation,” Nozomi Networks said in a report published last week. The issues, tracked as CVE-2023-34392 and from CVE-2023-31168
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A previously undocumented « phishing empire » has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. « The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL […]
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting the link will download a […]