Non classé

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution.
The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution.
The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.
« One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.
« One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a

Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many

Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware.
The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said.
The attacks involve distributing phishing emails

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware.
The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said.
The attacks involve distributing phishing emails

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild.
The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild.
The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
The two high-severity vulnerabilities are listed below –

CVE-2024-53150 (CVSS score: 7.8) – An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure
CVE-2024-53197 (CVSS score: 7.8) – A privilege escalation flaw in the USB sub-component of Kernel

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
The two high-severity vulnerabilities are listed below –

CVE-2024-53150 (CVSS score: 7.8) – An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure
CVE-2024-53197 (CVSS score: 7.8) – A privilege escalation flaw in the USB sub-component of Kernel

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.
« ‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS)

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.
« ‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS)

⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Surge and More

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day.
Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough.
This week,

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day.
Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough.
This week,

After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. 
It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending – how many vulnerabilities we patched, how fast we

After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. 
It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending – how many vulnerabilities we patched, how fast we

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets.
« Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack, » Silent Push said in an

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets.
« Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack, » Silent Push said in an