Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result […]
The New Effective Way to Prevent Account Takeovers
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, « Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them » […]
EUCLEAK, cette faille qui touche bien plus que les clés YubiKey
Deux Français attirent l’attention sur une faille cryptographique dans un microcontrôleur qui équipe notamment les YubiKey. Ils avaient déjà trouvé une vulnérabilité du même ordre touchant les clés Titan de Google.
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an « illegal database with billions of photos of faces, » including those of Dutch citizens. « Facial recognition is a […]
Arnaud Philippe – Médiamétrie : « La mise en conformité aux exigences de NIS2 suppose des investissements »
Arnaud Philippe, Directeur qualité et sécurité et DPO de Médiamétrie, détaille son approche de la mise en conformité à NIS2. Il souligne l’importance des interactions avec les métiers et la nécessité de prendre en compte le suivi du cycle de vie des données ainsi que leur impact environnemental.
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, […]
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. « Head Mare uses more up-to-date methods for obtaining initial access, » Kaspersky said in a Monday analysis of the group’s tactics and tools. « For instance, the attackers took advantage of the relatively recent CVE-2023-38831 […]
New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems
Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. « It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector, » cybersecurity
Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. « This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks, » Dutch security company ThreatFabric said. […]
RSSI : une évolution hiérarchique plus que salariale ?
À trois ans d’intervalle, le rattachement hiérarchique des RSSI membres du CESIN semble avoir évolué plus sensiblement que leur rémunération.