Cyberpills.news
Alert for a serious vulnerability in SharePointThe invisible threat: a security flaw to monitor carefullyA serious vulnerability in Microsoft SharePoint, code CVE-2023-29357, could be exploited for ransomware attacks. It is urgent to install the released updates to prevent possible security breaches.
Cybercrime in Ukraine: cryptojacking operation dismantledInternational operation against illegal cryptocurrency miningA 29-year-old man who illegally created a million virtual servers to generate cryptocurrencies, earning $2 million, has been arrested in Ukraine. Europol and local police worked together to stop him after reports of suspicious activity.
Cybersecurity emergency: Google cookies in the sights of hackersSecurity experts alert: Google session data vulnerability under hacker attackA report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.
AsyncRAT: a large-scale cyber breachInfiltration and evasive strategies: the RAT that threatens digital securityAsyncRAT, a remote access tool for Windows, was used in a cyberattack to infiltrate and steal data from systems, targeting critical infrastructure in the US.
Security alert: malicious packets detected on PyPIPrevention measures and security awareness in response to the cyber threat on PyPIESET has discovered 116 malicious packages on PyPI that could install malware and infostealers to steal data and cryptocurrencies. Developers need to be careful and check the code.
Quantum computing: the next frontiers of 2024Advances and challenges of quantum computing in the new yearQuantum computing is advancing, with new security standards coming in 2024. It will combine with artificial intelligence to improve performance, and advances in quantum hardware are expected.
New EU regulation to strengthen cybersecurityImpacts and developments of the new EU directive on cyber resilienceThe EU has introduced new rules on cybersecurity, creating the IICB to improve resilience against cyber attacks. The Cert-EU has new intelligence and support functions.
Difficulty in accessing italian users via SPID on EU LoginInteroperability of digital identities: nodes and disservices in the SPID authentication system for Italian usersMany Italians are having problems accessing European web services via SPID, due to a persistent error. At the root of the problem would be the Italian eIDAS node, still in the process of being updated. This latest delay is negatively impacting users' job opportunities.
Large-scale theft of cryptocurrencies via phishingAnalysis of sophisticated cybercriminal strategies in the cryptocurrency sectorThe text reports that in 2023 a powerful malware, called "Wallet drainer", caused a loss of 295 million dollars in cryptocurrencies to 324,000 users. There are criminal groups, such as Monkey Drainer and Inferno Drainer, who have perpetrated phishing attacks by evading security systems. Despite advertising...
Discovery of a sophisticated malware attack against iPhonesExploited 4 zero-day vulnerabilities in a multi-faceted deadly malware attack on Apple devicesThe recent “Triangulation” hacker attack targeted iPhone users using undocumented vulnerabilities. The “backdooring” method was used to gain unauthorized access to systems and spread malware via iMessage by exploiting four zero-day vulnerabilities. Analysis revealed that the attacks were successful by expl...
Yahoo data breaches: Food for thought on cybersecurityThe implications of the Yahoo data breach and the need for greater cybersecurityThe article discusses cyber breaches suffered by Yahoo in 2013 and 2014 that exposed data of billions of users. The attack was facilitated by phishing techniques and outdated encryption. Yahoo's secrecy and poor data security management led to serious consequences, including a hefty fine. After the incident,...
Black Basta decryption: ransomware flaw discovered and decryptor createdSRLabs exposes Black Basta's fake invincibility: compromised encryption offers a bastion of hope for victimsSRLabs researchers have discovered a flaw in the encryption software of the Black Basta ransomware, creating a decryptor to recover encrypted files. The decryptor, called 'Black Basta Buster', exploits a weakness in the encryption algorithm used. However, the flaw has been fixed, preventing the use of...
Google faces and settles $5 billion privacy disputePotential bypass identified in Chrome's incognito mode. Possible solutionsGoogle has settled a $5 billion legal dispute over the tracking of incognito mode user data on its Chrome browser. One programmer, Jesse Li, discovered how websites can detect whether a user is using incognito mode thanks to the way Chrome handles FileSystem API data. This could be prevented if Google...
Cyber security in space: the latest trendsChallenges and innovative approaches to protecting space operationsThe growing interest in the commercialization of space has highlighted the importance of cyber security. In particular, artificial intelligence and data analytics technologies used in space tourism and small satellite networks are attractive targets for cybercrime. Faced with this threat, NASA has published...
International operation dismantles Kingdom MarketThe international collaboration leads to the seizure of the servers and the discovery of new investigative leadsGerman authorities, in collaboration with the USA, Switzerland and Moldova, have busted the virtual darknet black market, Kingdom Market. This portal sold drugs, cybercrime kits and fake documents, accepting payments in cryptocurrencies. The seizure of the servers made it possible to launch investigations...
India's request to Apple: ease security warningsBetween transparency to customers and diplomatic pressure: the difficult balance of tech companiesThe Indian government has asked Apple to moderate the impact of security warnings sent to iPhone users about possible attacks by state entities. This request highlights the challenges tech companies face in balancing digital security and geopolitical dynamics.
Cyber intrusion hits Yakult Australia and New ZealandDragonForce releases 95GB of leaked data: Buttonware known for production of popular probiotic beverageThe well-known company Yakult Australia was the victim of a cyber attack. The "DragonForce" criminal group claimed responsibility for the raid, during which 95GB of company data was allegedly stolen and subsequently disclosed. Despite the accident, the company's offices are operational. The investigations...
NASA issues guidance on space cybersecurityA proactive response to growing security threats in the aerospace industryNASA has released a manual for cybersecurity in space, designed to protect against growing vulnerabilities in the aerospace sector. The guidelines recommend continuous risk monitoring, application of domain separation and least privilege principles, as well as rigorous authentication of personnel and...
Corewell Health security breachData from over a million Michigan residents stolenMichigan healthcare provider Corewell Health's cybersecurity was breached, exposing sensitive data of more than a million residents. The compromised information includes personal and medical data. HealthEC, the platform involved, has started sending notifications to affected individuals, offering free...
The EU Commission launches incentives for cybersecurityCybersecurity development: from AI enhancement to post-quantum cryptography, EU incentivesThe European Commission will invest 84 million euros in six calls to strengthen cybersecurity. These funds are intended to promote artificial intelligence in security operations, strengthen the cyber resistance of SMEs, and facilitate the migration towards encryption systems resistant to quantum...
Agent Tesla: the attack vector exploits Microsoft OfficeExploiting an outdated vulnerability to spread the well-known malwareThe old Microsoft Office vulnerability, CVE-2017-11882, is being used to distribute the Agent Tesla malware. This software flaw threatens to compromise every version of Office released in the last 17 years, including Office 365. Criminals are actively using spam emails to trick users into opening malicious...
ALPHV operational disruption: FBI BlackCat ransomware strikeSuccessful sabotage: FBI and international police forces block the ALPHV criminal networkThe FBI, thanks to extensive international collaboration, hacked the infrastructure of the ALPHV criminal network also known as BlackCat, obtaining keys to decrypt data of ransomware victims. The operation blocked approximately $68 million in extortion. Despite this, ALPHV may reorganize under another...
McAfee and projections on the future of cybersecurity in 2024Deepfake, AI and the new face of online fraud: the cyber security landscape according to McAfeeDigital security firm McAfee warns of future risks related to artificial intelligence: sophisticated attacks called deepfakes, online fraud on social media and a rise in malware and voice fraud. The importance of user training and dynamic security solutions is highlighted.
Positive results of the GDPR and request for support from the EDPBChallenges and prospects: the importance of the GDPR in the European digital landscapeThe European Data Protection Board (EDPB) supports the findings of the General Data Protection Regulation (GDPR), but calls for more resources to address future digital challenges. The EDPB plays a key role in ensuring uniform implementation of the GDPR across member states and requires harmonized procedures...
Malware campaign targets banking informationThe artifice of the attacks has been revealed: between malicious scripts, camouflage and links with DanaBotA recent malware campaign carried out a JavaScript injection attack, targeting 50,000 users at 40 banking institutions around the world. The malware injects a malicious script into the user's browser, modifying banks' web pages and stealing data. Cybercriminals used sophisticated techniques to bypass...
Mozambique summit on innovation in cybersecurity 2024Strategies and innovations at the Cyber Revolution Summit 2024Traicon Events is organizing the “Cyber Revolution Summit” in Maputo, Mozambique on February 28-29, 2024. The event will bring together cybersecurity experts to discuss topics such as data protection, network security, threat management and more. The aim is to foster cooperation between the public and...
Cyber Warfare fragments: attacks in Africa with MuddyC2GoUnder the radar: operational tactics and emerging tools of the MuddyWater groupIranian hacker group MuddyWater has strengthened attacks on telecommunications in Africa, via a new system called MuddyC2Go. This system, managed remotely, facilitates cyber attacks and spreads through phishing emails or by exploiting vulnerabilities in outdated software. MuddyWater will try to remain...
Play ransomware alert: 300 entities affected, including critical infrastructureThe modus operandi of the Play cybercriminal group and advice for countering its attacksThe FBI, CISA and ASD's ACSC warn against the activities of the Play ransomware cybercriminal group, responsible for cyber breaches globally. The group uses data stolen before the attack as a threat to demand ransom. Agencies recommend implementing multi-factor authentication, software updates, and recovery...
Impact of Lockbit ransomware on public administration: analysis and perspectivesRepercussions, modus operandi and responses: a detailed look at the attack on Westpole and Digital PAThe article discusses the Lockbit attack which heavily damaged the Italian Public Administration (PA), affecting over a thousand public bodies. The attackers used the Ransomware as a Service (RaaS) crime model, which involves using ransomware to gain monetary gain. PA Digitale is working to mitigate...
Quishing: defense strategies against QR Code scamsThe growing threat of Quishing: how to protect yourself and navigate safelyThe article addresses the phenomenon of "quishing", online scams using QR Codes. These are scams that induce users to share sensitive data or download malicious software. The FTC suggests precautions for users and experts underline the importance of conscious use of QR Codes.
MongoDB security breach investigationIllegal access to company systems: MongoDB launches investigations and strengthens security measuresDatabase software company MongoDB said it is under investigation for a security breach. While the exposure of customer data on the MongoDB Atlas cloud platform is unclear, customers are urged to implement multi-factor authentications and regularly change passwords on MongoDB Atlas.
Critical security update on iOS 17.2Fighting bluetooth threats: Apple fixes critical vulnerabilities with new iOS 17.2 updateThe article describes how a recent iOS update fixed major security vulnerabilities related to Safari and the iPhone kernel. It also highlights how hackers exploited weaknesses in the Bluetooth protocol to launch DoS attacks on the device. Finally, we discuss the role of the manufacturers of Flipper Zero,...
The Porsche Macan and EU cybersecurity legislationImplications of the new EU rules on cybersecurity: the temporary farewell of the Porsche Macan from the European marketDue to new EU regulations on cybersecurity, Porsche will suspend sales of its Macan model in Europe from 2024. Adapting the SUV to the new standards would be excessively expensive. However, Porsche will present the new, rules-abiding electric Macan in 2025.
Microsoft identifies Storm-0539 threat in gift card fraudStorm-0539: Sophisticated attacks bypass MFA protection and put gift cards at riskMicrosoft has warned of an increase in malicious activity from the Storm-0539 cyber threat group, which uses sophisticated phishing strategies. After obtaining the first credentials, they manage to bypass MFA protection and access sensitive information.
How to recover and protect a compromised social accountKey steps to recovering a hacked social account and security strategies to prevent future intrusionsThis article provides advice on how to protect your social network account in case of intrusions. We recommend that you immediately change your password, activate multi-factor authentication and contact the social network's support service. In case of impossible access, interact with the platform's technical...
Interview with Google CISO, Phil VenablesThe critical role of ethical hackers in addressing global security threatsGoogle Cloud expert Phil Venables argues that despite the advent of AI and automation, ethical hackers play a crucial role in identifying new ways to exploit system vulnerabilities. Programs involving ethical hackers can help prevent costly security incidents.
Critical RCE vulnerability discovered in Apache Struts 2: recommendations and fixesTechnical look at the RCE threat: details, implications and how to protect yourselfHackers are attacking Apache Struts 2, which is vulnerable due to a Remote Code Execution (RCE) flaw. The vulnerability, known as CVE-2023-50164, allows an attacker to upload a malicious file, resulting in an attack. Struts users are advised to update to the correct version as soon as possible to avoid...
Kraft Heinz investigation into possible data theft by ransomwareCyber attack under investigation: Kraft Heinz targeted by Snatch ransomware groupGlobal company Kraft Heinz is under investigation for an alleged cyberattack by ransomware group 'Snatch'. The latter included Kraft Foods in their victim list, although without providing concrete evidence of the attack. Kraft Heinz, however, detected no problems in its corporate network. 'Snatch' uses...
The new face of ransomware gangsChallenge to corporations: ransomware gangs go corporateRansomware hackers are changing their tactics, adopting an almost corporate approach to the media. Some groups, such as Royal, the Play, and RansomHouse, actively seek to correct false information about them and put pressure on their victims by publicly exposing them.
IBM partners with NATO to strengthen cybersecurityStrengthening cyber resilience: IBM's innovative management service for NATONATO has signed a contract with IBM to improve its cybersecurity services. IBM will create a unified system that will allow you to manage information on vulnerabilities and patches, increasing visibility into any risks. This service aims to maintain, update and protect IT assets from the growing cyber...
Microsoft reports abuse of OAuth for crypto mining and phishingExploiting OAuth for illicit activities: attackers adapt to emerging technologiesMicrosoft has discovered that criminals are using OAuth infrastructure to conduct phishing and cryptocurrency mining attacks, leveraging compromised user accounts to create or alter OAuth applications. Microsoft suggests implementing multi-factor authentication and periodic checks to prevent such...
DeepMind reveals flaw in AI memoriesA critical vulnerability in AI: extractable storage identified in ChatGPTDeepMind has discovered a vulnerability in OpenAI's ChatGPT that can reveal sensitive information stored during its training. Through the repeated use of specific words, the AI could reveal personal data, NSFW content, and more. OpenAI has already taken steps to address the issue.
Generative AI: a new frontier of cybercrimeDouble challenge: the ambivalent role of generative artificial intelligence in cybersecurityThe article explores the risks and opportunities of GAIA (generative artificial intelligence) in cybersecurity. While AI can enhance defense against cyber attacks, it can also arm cybercriminals with more sophisticated tools. Therefore, defense strategies must include sound human training and international...
Bluetooth: the new threat to device securityMalicious people can connect via Bluetooth without your consentCybersecurity research has identified a critical Bluetooth vulnerability affecting various Android, Linux, iOS and macOS devices. Attackers can connect via Bluetooth without the user's consent, thus being able to control the device. Software companies are rolling out corrective patches. To prevent such...
End-to-end encryption on Facebook MessengerSecurity and privacy enhanced but new ethical concerns raisedMeta announced that end-to-end encryption will become the norm on Facebook and Messenger, ensuring the privacy of conversations between sender and recipient. The path towards this greater security was long and complex. However, the adoption of this technology raises concerns about its potential use for...
Operation EMMA: global effort against bank fraudGlobal synergy in the fight against financial cybercrimeThe international operation EMMA, supported by Europol, Eurojust and Interpol, intercepted over 10,000 suspicious transactions, arrested more than a thousand people and prevented fraud worth around 32 million euros. The Italian Postal Police has identified 879 "money mules", avoiding fraud worth over...
Security update for Chrome 120Summary of the issues resolved and details on the implications of the memory leaksGoogle has updated Chrome to version 120, fixing 10 security vulnerabilities. The most serious are related to 'use-after-free' issues, potentially dangerous because they can allow the execution of arbitrary code. In the update, Google awarded rewards totaling $15,000 to researchers for reporting such...
Nissan investigation into cyber attackNissan Oceania computer systems affected: potential data compromiseNissan is investigating a cyber attack on its systems in Australia and New Zealand, which could have allowed access to personal data. The company warned customers about the potential data compromise. Nissan is working with security experts to understand the extent of the unauthorized access.
EU Parliament calls for tighter rules for cloud and AIDMA regulatory developments: focus on cloud services and artificial intelligenceThe European Parliament's Economic Affairs Committee (ECON) sees the importance of regulating cloud services and artificial intelligence in the Digital Markets Act (DMA) to ensure fair competition. There is an urgent need for an acceleration of antitrust procedures, a critical examination of the concessions...
Critical vulnerability discovered in NFT open-source librarySecurity gap detected in smart contract library: exploit risk for non-fungible tokens (NFTs)Tech company Thirdweb has revealed a vulnerability in an open-source library used to develop smart contracts for NFTs. This bug may affect many contracts in the Web3 industry. While there are no active exploits, Thirdweb has warned developers to take preventative measures. The company has also strengthened...