IdO non sécurisés : les principaux risques juridiques et de sécurité
Les dispositifs de l’internet des objets (IdO) occupent une place de plus en plus importante dans les entreprises modernes. Ces outils permettent d’optimiser l’expérience des clients, de collecter des données pour la veille économique et d’automatiser les activités quotidiennes.
Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is
Tour of the Underground: Master the Art of Dark Web Intelligence Gathering
The Deep, Dark Web – The Underground – is a haven for cybercriminals, teeming with tools and resources to launch attacks for financial gain, political motives, and other causes. But did you know that the underground also offers a goldmine of threat intelligence and information that can be harnessed to bolster your cyber defense strategies? […]
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. « Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might […]
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). « Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors, » cybersecurity company Uptycs said in a report published last week. « Once the
Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis […]
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland’s Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as
Linkedin lance son vérificateur d’entreprise
Microsoft a annoncé le lancement d’une nouvelle méthode de vérification pour LinkedIn. Dorénavant, les employés pourront faire confirmer leur appartenance à la société qu’ils affichent. « Nous sommes ravis d’annoncer que des millions de membres de LinkedIn pourront vérifier leur lieu de travail à l’aide d’un identifiant Microsoft Entra Verified ID. En recherchant simplement une vérification, […]
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company’s MyBB forum database containing user data and private messages. What’s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. « MyBB admin logs show the account of a trusted but currently
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below – CVE-2023-20963 (CVSS score: 7.8) – Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) – Novi Survey Insecure Deserialization Vulnerability