Actualités – Page 55 – Guillaume BEAUPELLET

Phishing : recrudescence des attaques par QR code

Les attaques de phishing utilisant des QR codes frauduleux intégrés dans des documents PDF joints à des courriers électroniques sont en recrudescence.

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part of Protect AI’s Huntr bug bounty platform. […]

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are […]

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities from the U.S., the U.K., Belgium, […]

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. « The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not […]

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) […]

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. « The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies, » ESET security researcher Anh Ho […]

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google’s Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, […]

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also […]

Bulletin d’actualité CERTFR-2024-ACT-047 (28 octobre 2024)

Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…