[Cybersécurité] AI-Driven Cyberattack on Mexico Couldn’t Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
[Cybersécurité] ‘FrostyNeighbor’ APT Carefully Targets Govt Orgs in Poland, Ukraine
Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.
[Cybersécurité] ‘Dirty Frag’ Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
[Cybersécurité] Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco’s network control system.
Microsoft Finally Releases Recall as Part of Windows Insider Preview
The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
Russian Script Kiddie Assembles Massive DDoS Botnet
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.
Texas Teen Arrested for Scattered Spider Telecom Hacks
An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on ‘key Scattered Spider members’ and their tactics.
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card form or extracting data directly from payment fields.
‘Operation Undercut’ Adds to Russia Malign Influence Campaigns
Just like Russia’s Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.
China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.
![[Cybersécurité] AI-Driven Cyberattack on Mexico Couldn’t Breach OT Systems](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)