La Russie veut 2 millions de téléphones dotés d’un système d’exploitation Aurora local à l’usage des fonctionnaires
Le géant russe des télécommunications, Rostelecom, a annoncé son projet de fournir aux responsables gouvernementaux russes des téléphones portables équipés du système d’exploitation Aurora, une alternative nationale aux logiciels occidentaux.
32 modules complémentaires malveillants frappent 75 millions d’appareils depuis le Chrome Web Store
Google a supprimé 32 extensions malveillantes du Chrome Web Store qui usurpaient les résultats de recherche et montraient des publicités intrusives aux utilisateurs. Le nombre total de téléchargements de ces addons est de 75 millions.
L’outil « Terminator » dévoilé : une menace sournoise pour les antivirus
Un programme universel prétendument « légal » cache une attaque pirate de type BYOVD et cible les systèmes de sécurité. Il est vendu 300 $.
Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App
Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. « Exploitation is often followed by deployment of a web shell with data exfiltration capabilities, » the Microsoft Threat Intelligence team said in a series of tweets today. « CVE-2023-34362 allows attackers to
The Annual Report: 2024 Plans and Priorities for SaaS Security
Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure 1. How many organizations have experienced a SaaS security incident within the past two […]
Externalisation de la cybersécurité : la grande accélération
Après les applications métiers, les plateformes big data, les ERP…la cybersécurité prend le chemin du Cloud et de l’externalisation. Outre le SOC, de nombreuses briques de sécurité ne s’achètent plus que sous forme de service managé.
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack
Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that’s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites further serve as « makeshift » command-and-control (C2) servers, using the cover to facilitate the
Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. « This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities, » the BlackBerry Research and Intelligence Team said in a report
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors
A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. « TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for further attacks, » VMware’s Fae Carlisle said. Active since at least 2017, TrueBot is linked to […]
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal
An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an « extremely high degree of similarity » between Royal and BlackSuit. « In fact, they’re nearly identical, with 98% similarities […]