17Juin 2024 by

EUELEx19_AAR (ENISA)

Actualités
On April 5th, the European Parliament, the European Commission and the EU Agency for cybersecurity (ENISA) in close cooperation with the EU Member States organised an exercise to test the EU's response to and crisis plans for potential cybersecurity incidents affecting the EU elections. This report is divided into three (3) sections. In the first section, a summary of the national briefings is presented while in the second the results of the preparatory survey are presented together with some key conclusions. In the third section, the exercise scenario is presented together with the various incidents, injects and main takeaways from the players’ votes. Finally, in the Annexes we present anonymized responses to the injects and the satisfaction survey results.
Read More
17Juin 2024 by

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

Actualités
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to
Read More
17Juin 2024 by

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Actualités
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.
Read More
17Juin 2024 by

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

Actualités
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German
Read More
17Juin 2024 by

NiceRAT Malware Targets South Korean Users via Cracked Software

Actualités
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst
Read More
16Juin 2024 by

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested (Krebs on Security)

Actualités, Sécurité
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today reports the suspect was wanted by the FBI and arrested in Palma de Mallorca as he tried to board a flight to Italy. A still frame from a video released by the Spanish national police shows Tylerb in custody at the airport. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. “According to Palma police, at one point he controlled Bitcoins worth $27 million.” The cybercrime-focused Twitter/X account vx-underground said…
Read More