Aguilo Network

Notepad ++ update infrastructure has been hijacked. A summary of IOCs searches We have started this week with a very bad case. The hack of Notepad++. If you don't know what is Notepad++, or don't see how critical such attack is, please move forward, and take some courses. Because, yes, this is a supply chain attack. One of the most dangerous attack an organization could suffer. Whatever is your level of security, if a trusted source, partner, provider etc is compromised, it becomes very hard to ensure the integrity of your infrastructure. We must in such case apply a zero trust logic, and the principles of Defense in Depth. In this case, it is actually worst, it is a 2 levels supply chain attack. The attackers compromised the notepad++'s provider hosting infrastructure, which was then used to compromise users of notepad++. This post is written on Feb 3rd, at 11.00AM UTC+1. So all the information present here, are based on what is available at this time. What happened ? Quic...

    Je travaille pour plusieurs clients. L'un de mes clients est une grosse institution financière.  Dans le cadre de ma mission, je suis amené à revoir les signalements de phishing et d'arnaque. je vais vous raconter ici comment j'ai traqué et trollé un arnaqueur pas trés doué.