What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-09 03:40:04 | Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions) (lien direct) | It is a time when many are thinking of their families and loved ones, time off work, and gift-giving – the holidays. However, while many have their minds outside the realm of work during the holiday season, often, this is when attackers plan their most sinister attacks. So how can you take precautions to protect your organization during these times? Why holidays put your company at risk of | |||
|
2021-12-09 03:15:55 | Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs (lien direct) | At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices. The most affected devices are located in China, Brazil, Russia, Italy, Indonesia, with the U.S. coming in at number eight, cybersecurity firm Eclypsium said in | |||
|
2021-12-08 23:02:51 | Over a Dozen Malicious NPM Packages Caught Hijacking Discord Servers (lien direct) | At least 17 malware-laced packages have been discovered on the NPM package Registry, adding to a recent barrage of malicious software hosted and delivered through open-source software repositories such as PyPi and RubyGems. DevOps firm JFrog said the libraries, now taken down, were designed to grab Discord access tokens and environment variables from users' computers as well as gain full control | |||
|
2021-12-08 21:18:35 | SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws (lien direct) | Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system. The flaws impact SMA 200, 210, 400, 410, and 500v products running versions 9.0.0.11-31sv and earlier, 10.2.0.8-37sv, | |||
|
2021-12-08 05:10:03 | Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers (lien direct) | Google on Tuesday said it took steps to disrupt the operations of a sophisticated "multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism. As part of the efforts, Google's Threat Analysis Group (TAG) said it partnered with the | Threat | ||
|
2021-12-08 03:00:26 | 140,000 Reasons Why Emotet is Piggybacking on TrickBot in its Return from the Dead (lien direct) | The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure, even as the malware is fast becoming an entry point for Emotet, another botnet that was taken down at the start of 2021. Most of the victims detected since November 1, 2020, are from Portugal (18%), the U.S. (14%), and India ( | Malware | ||
|
2021-12-08 02:55:50 | [eBook] Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams (lien direct) | If there is one thing the past few years have taught the world, it's that cybercrime never sleeps. For organizations of any size and scope, having around-the-clock protection for their endpoints, networks, and servers is no longer optional, but it's also not entirely feasible for many. Attackers are better than ever at slipping in undetected, and threats are constantly evolving. Teams can't | Threat | ||
|
2021-12-07 22:33:02 | Warning: Yet Another Bitcoin Mining Malware Targeting QNAP NAS Devices (lien direct) | Network-attached storage (NAS) appliance maker QNAP on Tuesday released a new advisory warning of a cryptocurrency mining malware targeting its devices, urging customers to take preventive steps with immediate effect. "A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named '[oom_reaper]' could occupy around 50% of the | Malware Cloud | APT 37 | |
|
2021-12-07 04:06:56 | Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides (lien direct) | Cybersecurity researchers have disclosed multiple vulnerabilities in a third-party driver software developed by Eltima that have been "unwittingly inherited" by cloud desktop solutions like Amazon Workspaces, Accops, and NoMachine and could provide attackers a path to perform an array of malicious activities. "These vulnerabilities allow attackers to escalate privileges enabling them to disable | |||
|
2021-12-07 03:07:15 | SolarWinds Hackers Targeting Government and Business Entities Worldwide (lien direct) | Nobelium, the threat actor attributed to the massive SolarWinds supply chain compromise, has been once again linked to a series of attacks targeting multiple cloud solution providers, services, and reseller companies, as the hacking group continues to refine and retool its tactics at an alarming pace in response to public disclosures. The intrusions, which are being tracked by Mandiant under two | Threat | ||
|
2021-12-07 00:14:47 | Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers (lien direct) | Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the malicious activities to a group it pursues as Nickel, and by the wider cybersecurity industry under the | APT 15 | ||
|
2021-12-06 21:21:01 | Latest Firefox 95 Includes RLBox Sandboxing to Protect Browser from Malicious Code (lien direct) | Mozilla is beginning to roll out Firefox 95 with a new sandboxing technology called RLBox that prevents untrusted code and other security vulnerabilities from causing "accidental defects as well as supply-chain attacks." Dubbed "RLBox" and implemented in collaboration with researchers at the University of California San Diego and the University of Texas, the improved protection mechanism is | |||
|
2021-12-06 04:51:23 | Malicious KMSPico Windows Activator Stealing Users\' Cryptocurrency Wallets (lien direct) | Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. The malware, dubbed "CryptBot," is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit cards, and capturing | Malware | ||
|
2021-12-06 04:22:29 | Vulnerability Scanning Frequency Best Practices (lien direct) | So you've decided to set up a vulnerability scanning programme, great. That's one of the best ways to avoid data breaches. How often you should run your scans, though, isn't such a simple question. The answers aren't the same for every type of organization or every type of system you're scanning. This guide will help you understand the questions you should be asking and help you come up with the | Vulnerability | ||
|
2021-12-06 01:52:59 | Hackers Steal $200 Million Worth of Cryptocurrency Tokens from Bitmart Exchange (lien direct) | Cryptocurrency trading platform BitMart has disclosed a "large-scale security breach" that it blamed on a stolen private key, resulting in the theft of more than $150 million in various cryptocurrencies. The breach is said to have impacted two of its hot wallets on the Ethereum (ETH) blockchain and the Binance smart chain (BSC). The company noted that the wallets carried only a "small percentage | |||
|
2021-12-06 01:25:44 | 14 New XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers (lien direct) | Researchers have discovered 14 new types of cross-site data leakage attacks against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari, and Opera, among others. Collectively known as "XS-Leaks," the browser bugs enable a malicious website to harvest personal data from its visitors as they interact with other websites in the | |||
|
2021-12-04 01:01:44 | Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats (lien direct) | Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the | |||
|
2021-12-03 21:09:04 | Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks (lien direct) | Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability | Vulnerability | ||
|
2021-12-03 05:54:05 | Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments (lien direct) | A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings go into detail about the new tactics and tools adopted by the APT group known as SideCopy, which is | Threat | ||
|
2021-12-03 02:59:47 | New Malvertising Campaigns Spreading Backdoors, Malicious Chrome Extensions (lien direct) | A series of malicious campaigns have been leveraging fake installers of popular apps and games such as Viber, WeChat, NoxPlayer, and Battlefield as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension with the goal of stealing credentials and data stored in the compromised systems as well as maintaining persistent remote access. Cisco Talos | |||
|
2021-12-03 01:23:28 | Why Everyone Needs to Take the Latest CISA Directive Seriously (lien direct) | Government agencies publish notices and directives all the time. Usually, these are only relevant to government departments, which means that nobody else really pays attention. It's easy to see why you would assume that a directive from CISA just doesn't relate to your organization. But, in the instance of the latest CISA directive, that would be making a mistake. In this article, we explain why | |||
|
2021-12-03 00:06:17 | New Payment Data Sealing Malware Hides in Nginx Process on Linux Servers (lien direct) | E-commerce platforms in the U.S., Germany, and France have come under attack from a new form of malware that targets Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions. "This novel code injects itself into a host Nginx application and is nearly invisible," Sansec Threat Research team said in a new report. "The parasite is used to steal data from | Malware Threat | ||
|
2021-12-02 21:50:14 | CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability (lien direct) | The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution | Vulnerability | ||
|
2021-12-02 06:06:49 | Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials (lien direct) | Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel Gleicher, head of | |||
|
2021-12-02 04:02:33 | Let there be light: Ensuring visibility across the entire API lifecycle (lien direct) | The following article is based on a webinar series on enterprise API security by Imvision, featuring expert speakers from IBM, Deloitte, Maersk, and Imvision discussing the importance of centralizing an organization's visibility of its APIs as a way to accelerate remediation efforts and improve the overall security posture. Centralizing security is challenging in today's open ecosystem When | Deloitte | ||
|
2021-12-02 03:36:30 | Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks (lien direct) | Four different malicious frameworks designed to attack air-gapped networks were detected in the first half of 2020 alone, bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. "All frameworks are designed to perform some form of espionage, [and] all the frameworks used USB drives as the physical transmission | |||
|
2021-12-01 23:55:27 | Researchers Warn Iranian Users of Widespread SMS Phishing Campaigns (lien direct) | Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts. Unlike other variants of banking malware that bank of overlay attacks to capture sensitive data without the knowledge | Malware | ||
|
2021-12-01 21:34:59 | Russian Man Gets 60 Months Jail for Providing Bulletproof Hosting to Cyber Criminals (lien direct) | A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S. organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. 34-year-old Aleksandr Grichishkin, along with Andrei Skvortsov, founded the bulletproof hosting service and rented its infrastructure to other | Malware | ||
|
2021-12-01 21:26:38 | Critical Bug in Mozilla\'s NSS Crypto Library Potentially Affects Several Other Software (lien direct) | Mozilla has rolled out fixes to address a critical security weakness in its cross-platform Network Security Services (NSS) cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code. Tracked as CVE-2021-43527, the flaw affects NSS versions prior to 3.73 or 3.68.1 ESR, and concerns a heap overflow vulnerability when | |||
|
2021-12-01 05:52:28 | New EwDoor Botnet Targeting Unpatched AT&T Network Edge Devices (lien direct) | A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360's Netlab network security division, which detected the botnet first on October 27, | |||
|
2021-12-01 02:59:48 | Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks (lien direct) | Three different state-sponsored threat actors aligned with China, India, and Russia have been observed adopting a new method called RTF (aka Rich Text Format) template injection as part of their phishing campaigns to deliver malware to targeted systems. "RTF template injection is a novel technique that is ideal for malicious phishing attachments because it is simple and allows threat actors to | Malware Threat | ||
|
2021-12-01 00:36:43 | Hacker Jailed for Stealing Millions of Dollars in Cryptocurrencies by SIM Hijacking (lien direct) | A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the U.S. Department of Justice (DoJ) said. Garrett Endicott, 22, from the U.S. state of Missouri, who pleaded guilty to charges of wire fraud and aggravated identity theft following an indictment in 2019, was sentenced to 10 | Guideline | ||
|
2021-11-30 21:20:46 | Twitter Bans Users From Posting \'Private Media\' Without a Person\'s Consent (lien direct) | Twitter on Tuesday announced an expansion to its private information policy to include private media, effectively prohibiting the sharing of photos and videos without express permission from the individuals depicted in them with an aim to curb doxxing and harassment. "Beginning today, we will not allow the sharing of private media, such as images or videos of private individuals without their | |||
|
2021-11-30 06:37:03 | New Hub for Lean IT Security Teams (lien direct) | One of the harsh realities of cybersecurity today is that malicious actors and attackers don't distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape requires constant attention, and sometimes a little support. XDR provider Cynet has built a new | |||
|
2021-11-30 05:11:48 | Critical Wormable Security Flaw Found in Several HP Printer Models (lien direct) | Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. The two weaknesses - collectively called Printing Shellz - were discovered and | |||
|
2021-11-30 01:36:45 | Panasonic Suffers Data Breach After Hackers Hack Into Its Network (lien direct) | Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. | Data Breach Hack | ||
|
2021-11-30 01:11:45 | Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS (lien direct) | Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as CVE-2021-24084 (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain | Vulnerability | ||
|
2021-11-30 00:31:27 | WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East (lien direct) | Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity company Kaspersky attributed the attacks with high confidence to a threat actor named WIRTE, adding the | Malware Threat | ||
|
2021-11-29 07:05:52 | 4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021 (lien direct) | Four different Android banking trojans were spread via the official Google Play Store between August and November 2021, resulting in more than 300,000 infections through various dropper apps that posed as seemingly harmless utility apps to take full control of the infected devices. Designed to deliver Anatsa (aka TeaBot), Alien, ERMAC, and Hydra, cybersecurity firm ThreatFabric said the malware | Malware | ||
|
2021-11-29 05:14:10 | New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists (lien direct) | North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat (APT) as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as ScarCruft, also known as APT37, Reaper | Threat Cloud | APT 37 APT 37 | |
|
2021-11-29 04:48:25 | CleanMyMac X: Performance and Security Software for Macbook (lien direct) | We use Internet-enabled devices in every aspect of our lives today-to find information, shop, bank, do homework, play games, and keep in touch with friends and family. As a result, our devices contain much personal information about us. Also, any great device will get a little clunky and slow over time and the Mac is no exception, and the whole "Macs don't get viruses" claim is a myth. Malware | Malware | ||
|
2021-11-29 02:56:29 | Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency (lien direct) | Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications | |||
|
2021-11-28 23:57:13 | Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million (lien direct) | A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed "HAECHI-II," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank | |||
|
2021-11-26 22:34:44 | Italy\'s Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices (lien direct) | Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato (AGCM) said "Google and Apple did not provide clear and immediate information on the | |||
|
2021-11-26 05:20:56 | Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware (lien direct) | An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of | Malware Threat | ||
|
2021-11-26 02:32:10 | Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable (lien direct) | A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware, | Malware | ||
|
2021-11-26 00:08:34 | CronRAT: A New Linux Malware That\'s Scheduled to Run on February 31st (lien direct) | Researchers have unearthed a new remote access trojan (RAT) for Linux that employs a never-before-seen stealth technique that involves masking its malicious actions by scheduling them for execution on February 31st, a non-existent calendar day. Dubbed CronRAT, the sneaky malware "enables server-side Magecart data theft which bypasses browser-based security solutions," Sansec Threat Research said | Malware Threat | ||
|
2021-11-25 21:10:28 | Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries (lien direct) | Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 countries, down from the previous 102: | |||
|
2021-11-25 09:52:44 | Product Releases Should Not Be Scary (lien direct) | Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but more often than | |||
|
2021-11-25 03:57:05 | This New Stealthy JavaScript Loader Infecting Computers with Malware (lien direct) | Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans (RATs) and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021. Around 155 samples of this new malware | Malware Threat |
To see everything:
Our RSS (filtrered)
