Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage

Actualités
Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach
Read More

Trust Services Security Incidents 2022 (ENISA)

Actualités
This report, the Annual Report Trust Services Security Incidents 2022, provides an aggregated overview of the notified breaches for 2022, analysing root causes, statistics and trends. This report marks the sixth round of security incident reporting for the EU’s trust services sector. In this round of annual summary reporting a total of 27 EU countries and 3 EEA countries took part. They reported a total of 35 incidents.
Read More

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks

Actualités
A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential
Read More

A New Age of Hacktivism

Actualités
In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is
Read More

Russian Government Software Backdoored to Deploy Konni RAT Malware

Actualités
An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People's Republic of Korea (DPRK)-nexus actors targeting Russia. The
Read More

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders

Actualités
The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly
Read More

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

Actualités
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a
Read More

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

Actualités
The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu
Read More