Archive for mai, 2024
Cyber security news of the day – 2024 May 31
Cyber security news by Alexandre Blanc Cyber
2024 Friday 31
Here is what you should be aware of today :
BBC Breach Puts 25K Pension Scheme Members at Risk
Though information such as dates of birth, email addresses, and home addresses were compromised, « the Beeb » assures individuals that financial information is still protected. The cloud leaks, as usual, can’t trust systems you don’t own and manage ! #cloud #clowd #cybersecurity
CISA warns of actively exploited Linux privilege elevation flaw
It’s linux patch time !The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including a Linux kernel privilege elevation flaw. (Oh by the way, the stupid cloud mostly runs on Linux, so you can just pray that they patch your workloads, otherwise, privilege escalation in shared hosting like public cloud, good luck ! !)
Snowflake compromised? Attackers exploit stolen credentials
Seems that the cloud is leaking and leaking and leaking again ! Have attackers compromised Snowflake or just their customers’ accounts and databases? Conflicting claims muddy the situation.
The linked article share recommendation for Snowflake users to try to reduce the impact of the incident, aside of only praying, as this is the only thing you can do when you use public cloud, and it won’t fix much ! LOL … The cloud is a JOKE !
Another link on this deeply corrupted cloud topic : https://www.bleepingcomputer.com/news/security/snowflake-account-hacks-linked-to-santander-ticketmaster-breaches/
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
This is bad, while LinkedIn and Microsoft are busy blocking account from certified and verified security people like me, the real threat actors are taking down more than half a millions routers in the US ! (I’m a bit pissed, yes)
« More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users’ access to the internet. »
And that’s about it for now ! Thanks in advance for sharing, as I’m now the enemy No 1 on Linkedin :P Feel free to share the news yourself using the share buttons below ! Enjoy !
Alexandre Blanc Cyber Kicked out from Linkedin
Edit on 2024 June 8th, Saturday, after the involvement and support worldwide, and a pressure from an incredible amount of people, LinkedIn restored my account. They claimed I got banned because I shared a malicious link (this one : Owasp AI and Security Guide ). This is why they deleted me. And then, they claim that after verification, the link was finally not malicious.
As you can guess, it’s a power game, and they wanted to slap me for something they didn’t like. But the power of communities has been stronger. That’s my take. I can’t express how thankful I am for all the support. Love to you all. Will take a few days to get back on track fully.
Edit on Friday night, after finding a great article linked in the comment
(and here) , lately, as I started my own business, I also started to add many connections and sent a lot of requests. The linked article about LinkedIn account restriction explains that adding too many « unknown » people, will lead to this. So, it seems that looking to expand my network, actually killed my network.
Will edit the post if things move, but I think this is it. Too many connection requests sent. (about 30 I’d say)
So, hopefully you’ll learn from this, don’t fuck it up as I just did.
So I got this email, and got blocked on all my devices. I vanished from the platform, my cyber buddies told me they can’t find me anymore.
I obviously had verified ID, MFA, and all available option for security. At this point, when I try to login, I got the following message :
Which is interesting, because I don’t know what this is referring to, and this is not aligned with the email stating « fraudulent activity detected ». Well, I’m known to fight AGAINST fraud. So, that’s about it.
That’s the cloud, after all, I rant a lot about it, you own nothing, you control nothing, well, here is a plain example. No information, no way to know or recover.
I contacted support via the form 2 times, but nothing there. I’ll wait a bit, and then reach out to insiders.
Fun times ! This happened around noon on 2024 May 30th, so far no news. I guess lunch time :D
Links
Recherche
Derniers articles
Tresronours Twitter
Keywords cloud topic
Membre de la FSF
![[FSF Associate Member]](https://blog.inforeseau.com/fsf.png){kind=small}
Liens qui vont bien
Mots clés vrac – keyword cloud
License du contenu – CC By NC SA
This création is licensed under a Creative Commons Paternité - Pas d'Utilisation Commerciale - Partage des Conditions Initiales à l'Identique 2.0 France License.
Archives
- Resumed posting and expanding on X
- Linkedin Access to your account has been restricted – Final debrief and resilience plan
- I’m thankful for the support I get in rough time
- Cyber security news of the day – 2024 May 31
- Alexandre Blanc Cyber Kicked out from Linkedin
- You’ll most likely find me on LinkedIn
- The Russian roulette landing page !
- RTSP, Debian, VLC, not playing, IP Camera
- 5G network hosted in the cloud, no internet, no phone ! So smart ! And I ended on TV, This week in cyber
- They lock the door for privacy… but they keep a copy of the key, and couple of backdoors
- Worst is yet to come, but they all warned you
- Migrating an old WordPress and handling character set, UTF8, latin1, latin1_swedish_ci
- From a broken TLS CA, to Facebook, to FIN12 hit and run
- Yes we can fix this mess, but do we want to ? That’s another story
- Criminals are still dominating the game, why are we doing so wrong, and what can we learn in this tech ocean ?
- Riding cloud can be tricky, don’t fall from it, in the weekly cyber !
- The threat landscape is very dynamic – Cyber news this week
- Cybersecurity is not obvious even for this newsletter !
- Install Slack desktop app on Kali rolling fixing libappindicator3-1 missing dependency
- How to delete all resources in azure to avoid charges after trial on your forced credit card registration
- Proxmox – ZFS – Dead drive on active VM, recover from replicated disk
- Restrict access to proxmox web admin interface
- Migrate your ESXI VMs to proxmox ZFS
- Install your VPN server with pi-hole on OVH VPS in 30 min
- Using raspberry pi 3 as wifi bridge and repeater and firewall
- Raspberry 3 – create a wifi repeater with USB wifi dongle
- raspberry 3 – routeur pare feu point d’acces wifi avec filtrage pub et tracking – router firewall access point with ads and tracking filtering
- Dell XPS 13 touchpad – corriger la sensibilité
- Utiliser Zazeen set top box depuis une connexion videotron
- Fermeture de mon compte facebook – la dernière goutte
- Choisir un kernel par defaut au demarrage de Centos 7.2 – configuration grub2
- Openvpn access server 2.0.25 et android
- Régler la luminosité du laptop par ligne de commande
- chromium outlook web app version complete sous linux
- Nexus 7 2012 – android 5 lollipop solution au probleme de lenteur
- HDD led sur Xubuntu – xfce
- xubuntu 14.04 verrouiller ecran de veille et desactiver mise en veille a la fermeture de l’ecran
- Authentification avec Radmin en utilisant Wine sur Gentoo
- Patcher bash sur une distribution plus supportee comme fedora 11
- Zimbra desktop sous xubuntu 14.04 64bit – fix
- xubuntu 12.10 probleme de son avec VLC – pulse audio – alsa – toshiba L855D – solution
- Evolution sous xubuntu 12.10 – bug affichage a la configuration – solution temporaire
- Booster son acces internet en changeant de DNS pour opendns
- Serveur DLNA sous ubuntu – minidlna
- sshfs sous windows – dokan sshfs
- xubuntu 11.10 Installer le plugin java pour firefox
- Installer Google Earth sur Xubuntu 11.10
- Installer nagios sur Fedora 11 depuis les sources
- Configurer varnish-cache avec des virtualhosts, apache, fedora, redhat, centos
- Installer Varnish depuis les sources sur Fedora 11