A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings go into detail about the new tactics and tools adopted by the APT group known as SideCopy, which is

A series of malicious campaigns have been leveraging fake installers of popular apps and games such as Viber, WeChat, NoxPlayer, and Battlefield as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension with the goal of stealing credentials and data stored in the compromised systems as well as maintaining persistent remote access. Cisco Talos

La plateforme de finance décentralisée BadgerDAO s'est fait voler 120 millions de dollars en cryptomonnaies. C'est le troisième plus gros casse du genre. Une faille de sécurité serait en cause. [Lire la suite]

Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !

The post 120 millions volés à une plateforme de crypto : c’est le 3e plus gros casse de l’année appeared first on Cyberguerre.

Les entreprises sont les cibles d’attaques cyber toujours plus complexes. Les solutions existent, et le maître mot en la matière reste la complémentarité. Mais pour bien gérer ces outils  parfois très complexes, le recours à un service managé peut s’avérer indispensable.

The post EDR et MDR : l’externalisation, solution de gestion efficace des outils de sécurité des entreprises first appeared on UnderNews.

Government agencies publish notices and directives all the time. Usually, these are only relevant to government departments, which means that nobody else really pays attention. It's easy to see why you would assume that a directive from CISA just doesn't relate to your organization. But, in the instance of the latest CISA directive, that would be making a mistake. In this article, we explain why

E-commerce platforms in the U.S., Germany, and France have come under attack from a new form of malware that targets Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions. "This novel code injects itself into a host Nginx application and is nearly invisible," Sansec Threat Research team said in a new report. "The parasite is used to steal data from

Déjà connus dans l’univers de la « sneakers », un marché souvent très lucratif, les logiciels ou bots d’achat automatisés pourraient bien faire des ravages chez d’autres commerçants en ligne à l’approche des fêtes de fin d’année. Cela peut s’avérer préoccupant car cette année 2021 est particulièrement marquée par les difficultés d’approvisionnement que rencontrent de nombreux marchands.

The post Cadeaux de Noël : faisons-nous la course contre des robots sans le savoir ? first appeared on UnderNews.

​Microsoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser. [...]

Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. [...]

Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns. [...]

Press play for the first episode as host Aryeh Goretsky is joined by Zuzana Hromcová to discuss native IIS malware

The post Launching ESET Research Podcast: A peek behind the scenes of ESET discoveries appeared first on WeLiveSecurity

The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution

An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to leveraging a different vulnerability in another Zoho product. [...]

Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. [...]

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. [...]

Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel Gleicher, head of

Après avoir observé trois acteurs APT d'Inde, de Russie et de Chine, les chercheurs Proofpoint ont pu découvrir l’adoption d’une nouvelle technique d’attaque de phishing connue sous le nom d’injection de modèles RTF.

The post Des acteurs malveillants APT chinois, indiens et russes développent une nouvelle technique de phishing first appeared on UnderNews.

Selon une étude de ThycoticCentrify, 57 % des entreprises ont été victimes d’incidents de sécurité liés à la divulgation de secrets DevOps. Une enquête commandée à Forrester révèle que la centralisation des secrets et l’utilisation d’outils cohérents sont la clé pour protéger les innovations dans DevOps.

The post 57 % des entreprises ont été victimes d’incidents de sécurité liés à la divulgation de secrets DevOps first appeared on UnderNews.

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...]