Biztonsági szemle

France and Europol's joint operation to dismantle the PlugX worm botnet, which has impacted millions of devices worldwide, involved the usage of a disinfection solution from Sekoia.io.

Included in the impacted data were names, mobile numbers, and SMS opt-out preferences, said BMW Concessionaires in a statement to Hong Kong's Office of the Privacy Commissioner for Personal Data.

While Summerville noted that operations of its municipal departments have not been impacted by the incident, which was immediately contained, the Embargo group admitted to having stolen 1.71 TB of data from the town's Police Department.

Such a package, which has been taken down after accumulating 59 downloads, initially verifies targeted systems to be macOS before checking the machines' Universally Unique Identifier and infiltrating files that have Google Cloud authentication...

Infiltration of the third-party provider's systems between June 3 and 7 allowed threat actors to exfiltrate the customers' certain banking details, including full names, bank account numbers, and routing numbers leveraged for ACH fund transfers.

The campaign lured targets into downloading a fraudulent CrowdStrike Crash Reporter tool as a ZIP file with a trojanized InnoSetup installer.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4879 ServiceNow Improper Input Validation Vulnerability CVE-2024-5217 ServiceNow Incomplete List of Disallowed...

Security teams have to face that the attackers also have AI – here are three ways to more effectively operate in this new environment.

A large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I found a malicious Word document with VBA code using the CrowdStrike outage for social engineering purposes. It's an .ASD file (AutoRecover file). My tool oledump.py can analyze it:

When Johannes talked about my diary entry " Protected OOXML Spreadsheets" on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat.