Blog

The Loper Bright Decision: How it Impacts Cybersecurity Law

Actualités
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law. Background What is
Read More

Enhancing Incident Response Readiness with Wazuh

Actualités
Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly. Challenges in incident
Read More

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Actualités
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. "A vulnerability exists in the affected products that allows a threat actor to
Read More

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

Actualités
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that's been active since at least 2012,
Read More

New Android Trojan « BlankBot » Targets Turkish Users’ Financial Data

Actualités
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. "BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection," Intel 471 said in an analysis published last week.
Read More

DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws

Actualités
The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for "flagrantly violating" children's privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service. They
Read More

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

Actualités
Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers. Attack chains entail the exploitation
Read More

U.S. Trades Cybercriminals to Russia in Prisoner Swap

Actualités
Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter Evan Gershkovich and ex-U.S. Marine Paul Whelan. AMong those in the prisoner swap is Roman Seleznev, 40, who was sentenced in 2017 to 27 years in prison for racketeering convictions tied to a lengthy career in stealing and selling payment card data. Seleznev earned this then-record sentence by operating some of the underground’s most bustling marketplaces for stolen card data. Roman Seleznev, pictured with bundles of cash. Image: US DOJ. Once known by the hacker handles “Track2,” “Bulba” and “nCux,” Seleznev is the son of Valery Seleznev, a prominent member of the Russian…
Read More

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

Actualités
A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. "The campaign likely targeted diplomats and began as early as March 2024," Palo Alto Networks Unit 42 said in a report published today, attributing it with medium to high level of confidence to APT28, which is also referred to as
Read More