FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. « The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed lures, » Cloudflare’s threat intelligence team Cloudforce One
Avec iOS 18 et l’IA, Siri rattrapera-t-il son retard ?
Dans dix jours, aura lieu la WWDC ! Beaucoup attendent la présentation des nouveaux systèmes d’Apple, et plus encore les fameuses annonces IA promises par Tim Cook qui devraient révolutionner l’iPhone mais surtout Siri.
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now incorporates new anti-analysis techniques, according to findings from web infrastructure and […]
Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors
A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021. « The campaign is geared toward establishing long-term access to compromised victim organizations to enable LilacSquid to siphon data […]
Face à Nvidia, huit géants technologiques s’allient sous le nom d’Ultra Accelerator Link
AMD, Broadcom, Cisco, Google, Hewlett Packard Enterprise, Intel, Meta et Microsoft annoncent la formation d’un groupe baptisé Ultra Accelerator…
La Carte Vitale numérique est déployée dans 23 départements français !
Vingt-cinq ans après sa sortie, la Carte Vitale a bénéficié d’un important rafraîchissement pour passer en version numérique accessible depuis son smartphone.
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. « These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site scripting (XSS) attacks due to inadequate input sanitization
🇬🇧 Sandworm intrusion set campaign targeting Centreon systems (15 février 2021)
French version: 🇫🇷 ANSSI has been informed of an intrusion campaign targeting the monitoring software Centreon distributed by the French company CENTREON which resulted in the breach of several French entities. The first victim seems to have been compromised from late 2017. The campaign…
[MàJ] Vulnérabilité dans Atlassian Confluence (03 juin 2022)
[Mise à jour du 03 juin 2022 à 19h52] Atlassian a publié des correctifs. Une vulnérabilité a été découverte dans Atlassian Confluence. Elle permet à un attaquant non authentifié de provoquer une exécution de code arbitraire à distance. Cette vulnérabilité est actuellement exploitée de façon…
How to Build Your Autonomous SOC Strategy
Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported […]