16th EU-CyCLONe Officers meeting (ENISA)
Cyber Crisis Liaison Organisation Network - EU-CyCLONe Officers meeting
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally," Dutch security outfit ThreatFabric said in a technical
Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the App Store and opened for the first time, it verifies that the
Low-Drama ‘Dark Angels’ Reap Record Ransoms (Krebs on Security)
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim’s operations. Image: Shutterstock. Security firm Zscaler ThreatLabz this month ranked Dark Angels as the top ransomware threat for 2024, noting that in early 2024 a victim paid the ransomware group $75 million — higher than any previously recorded ransom payment. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet…
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor poses as a trusted figure and uses email to
24th CSIRTs Network Meeting (ENISA)
EU CSIRTs Network is the network of appointed CSIRTs established by NIS1 and strengthen by NIS2
Vulnérabilité dans LibreOffice (06 août 2024) (CERT-FR)
Une vulnérabilité a été découverte dans LibreOffice. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.