mars 2023

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability,

The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign.
« TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe, » Proofpoint 

,

The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign.
« TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe, » Proofpoint 

, ,
https://thehackernews.com/2023/03/winter-vivern-apt-targets-european.html

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam,

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users.
Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union.
The suspects are alleged to have created more than 100 phishing

,

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users.
Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union.
The suspects are alleged to have created more than 100 phishing

, ,
https://thehackernews.com/2023/03/cyber-police-of-ukraine-busted-phishing.html

Deep Dive Into 6 Key Steps to Accelerate Your Incident Response

Deep Dive Into 6 Key Steps to Accelerate Your Incident Response,

Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents.
The SANS Institute provides research and education on information security. In the upcoming webinar, we’ll outline, in detail, six components of a SANS incident response plan,

,

Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents.
The SANS Institute provides research and education on information security. In the upcoming webinar, we’ll outline, in detail, six components of a SANS incident response plan,

, ,
https://thehackernews.com/2023/03/deep-dive-into-6-key-steps-to.html

3CX Supply Chain Attack — Here’s What We Know So Far

3CX Supply Chain Attack — Here’s What We Know So Far

,

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack.
The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS.
The company said it’s engaging the services of Google-owned Mandiant to review the incident. In the

,

Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack.
The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS.
The company said it’s engaging the services of Google-owned Mandiant to review the incident. In the

, ,
https://thehackernews.com/2023/03/3cx-supply-chain-attack-heres-what-we.html

Researchers Detail Severe « Super FabriXss » Vulnerability in Microsoft Azure SFX

Researchers Detail Severe « Super FabriXss » Vulnerability in Microsoft Azure SFX

,

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution.
Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed « Super FabriXss » by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022.
« The Super FabriXss vulnerability

,

Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution.
Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed « Super FabriXss » by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022.
« The Super FabriXss vulnerability

, ,
https://thehackernews.com/2023/03/researchers-detail-severe-super.html

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor,

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG.
« RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally, » Recorded Future told The Hacker News.
« The group has shown the ability to

,

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG.
« RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally, » Recorded Future told The Hacker News.
« The group has shown the ability to

, ,
https://thehackernews.com/2023/03/chinese-redgolf-group-targeting-windows.html

New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices,

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS.
Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan,

,

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS.
Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan,

, ,
https://thehackernews.com/2023/03/new-wi-fi-protocol-security-flaw.html

Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration

Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration,

Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. « Multi-cloud by design, » and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.And now, even security teams who have long been the holdout

,

Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. « Multi-cloud by design, » and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.And now, even security teams who have long been the holdout

, ,
https://thehackernews.com/2023/03/cyberstorage-leveraging-multi-cloud-to.html

Biden limite le recours aux logiciels espions comme Pegasus : quelle efficacité ?

Biden limite le recours aux logiciels espions comme Pegasus : quelle efficacité ?,

Les agences de sécurité américaines ne peuvent plus acheter et utiliser des logiciels espions privés. Si la mesure pourrait être adoptée dans d’autres pays comme la France, la portée du texte pose question.

,

Les agences de sécurité américaines ne peuvent plus acheter et utiliser des logiciels espions privés. Si la mesure pourrait être adoptée dans d’autres pays comme la France, la portée du texte pose question.

, ,
https://www.01net.com/actualites/biden-limite-le-recours-aux-logiciels-espions-comme-pegasus-quelle-efficacite.html

Fraude, terrorisme, propagande… ChatGPT inquiète la police européenne

Fraude, terrorisme, propagande… ChatGPT inquiète la police européenne,

hackers

L’essor de ChatGPT suscite l’inquiétude d’Europol. La police européenne estime que les criminels s’appuient déjà sur l’intelligence artificielle pour piéger leurs victimes…

,

hackers

L’essor de ChatGPT suscite l’inquiétude d’Europol. La police européenne estime que les criminels s’appuient déjà sur l’intelligence artificielle pour piéger leurs victimes…

, ,
https://www.01net.com/actualites/fraude-terrorisme-propagande-chatgpt-inquiete-police-europeenne.html