Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-22 16:30:00 |
CISA et NSA Améliorent le cadre de sécurité avec un nouveau guide IAM [CISA and NSA Enhance Security Framework With New IAM Guide] (lien direct) |
Les conseils comprennent les meilleures pratiques pour la gouvernance de l'identité, le durcissement environnemental, le SSO, le MFA et l'audit IAM
Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing |
|
|
★★
|
|
2023-03-22 10:40:00 |
Les chercheurs en sécurité repérer 36 millions de dollars Bec Attaque [Security Researchers Spot $36m BEC Attack] (lien direct) |
Les acteurs de la menace ont issu l'identité du vendeur de la société cible \\
Threat actors impersonated target company\'s vendor |
Threat
General Information
|
|
★★
|
|
2023-03-22 10:00:00 |
Seulement 1% des domaines DOT-ORG sont entièrement protégés par DMARC [Just 1% of Dot-Org Domains Are Fully DMARC Protected] (lien direct) |
Les organisations échouent avec leurs mesures anti-phishing
Organizations are failing with their anti-phishing measures |
|
|
★★★
|
|
2023-03-22 09:30:00 |
Les attaques de ransomware sont doubles dans le secteur des transports en Europe \\ [Ransomware Attacks Double in Europe\\'s Transport Sector] (lien direct) |
Enisa affirme que la plupart des menaces sont opportunistes
ENISA claims most threats are opportunistic |
Ransomware
|
|
★★
|
|
2023-03-21 17:30:00 |
Plus de 2400 fausses pages ont trouvé des chercheurs d'emploi à cibler au Moyen-Orient, en Afrique [Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa] (lien direct) |
L'escroquerie a ciblé plus de 40 marques bien connues de 13 pays de la région de la MEA
The scam targeted more than 40 well-known brands from 13 countries in the MEA region |
|
|
★★
|
|
2023-03-21 17:00:00 |
Common Magic cible les entités de la zone de conflit Russo-Ukrainien [CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone] (lien direct) |
Des sociétés administratives, d'agriculture et de transport ciblées à Donetsk, Luhansk et Crimée
Administrative, agriculture and transportation firms targeted in Donetsk, Luhansk and Crimea |
|
|
★★
|
|
2023-03-21 16:30:00 |
Les pirates utilisent des packages NuGet pour cibler les développeurs .NET [Hackers Use NuGet Packages to Target .NET Developers] (lien direct) |
JFrog a déclaré que c'était la première instance de packages avec du code malveillant à Nuget
JFrog said this is the first instance of packages with malicious code in NuGet |
|
|
★★
|
|
2023-03-21 10:30:00 |
NCSC lance deux nouveaux outils pour les petites entreprises [NCSC Launches Two New Tools for Small Businesses] (lien direct) |
Les offres sont conçues pour améliorer la sécurité pour des millions d'entreprises
Offerings are designed to improve security for millions of firms |
|
|
★★
|
|
2023-03-21 10:05:00 |
General octets Bitcoin ATMs piratés pour voler des fonds (lien direct) |
L'entreprise exhorte les opérateurs à patcher maintenant
Company urges operators to patch now |
|
|
★★
|
|
2023-03-21 09:40:00 |
Ferrari révèle une attaque de rançon de violation de données (lien direct) |
Le constructeur automobile dit qu'il n'a pas payé ses extorteurs
Carmaker says it didn\'t pay its extorters |
Data Breach
|
|
★★
|
|
2023-03-20 17:30:00 |
Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims (lien direct) |
These included a number of government websites: 105 in Chile, 431 in Mexico and 265 in Peru |
|
|
★★
|
|
2023-03-20 17:00:00 |
KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps (lien direct) |
Microsoft said it saw between 40 and 60 daily attacks in February |
|
|
★★★
|
|
2023-03-20 16:30:00 |
BreachForums Admin Arrested in New York (lien direct) |
Conor Brian Fitzpatrick of Peekskill was apprehended last Wednesday following an FBI investigation |
|
|
★
|
|
2023-03-20 10:40:00 |
UK Ransomware Incident Volumes Surge 17% in 2022 (lien direct) |
Jumpsec report identified Karakurt, Lockbit and Vice Society among groups responsible |
Ransomware
|
|
★★
|
|
2023-03-20 10:00:00 |
"Hinata" Botnet Could Launch Massive DDoS Attacks (lien direct) |
Akamai warns of new Mirai-like botnet written in Go |
|
|
★★
|
|
2023-03-20 09:30:00 |
Scam Robocalls Forecast to Cost $58bn This Year (lien direct) |
Juniper Research says most of the pain will be felt in the US |
|
|
★★
|
|
2023-03-17 17:30:00 |
Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets (lien direct) |
Most of these apps rely on clipper malware to steal the contents of the Android clipboard |
Malware
|
|
★★★
|
|
2023-03-17 17:00:00 |
Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips (lien direct) |
Four of these vulnerabilities enabled potential attackers to perform remote code execution |
|
|
★★★
|
|
2023-03-17 16:30:00 |
Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm (lien direct) |
SentinelOne shared details about the new campaign in an advisory published on Thursday |
|
|
★★
|
|
2023-03-17 10:30:00 |
ICO Reprimands Metropolitan Police for Data Snafu (lien direct) |
Negligence could have caused "significant damage" |
Legislation
|
|
★★★
|
|
2023-03-17 10:00:00 |
Russian Military Preparing New Destructive Attacks: Microsoft (lien direct) |
Organizations outside Ukraine could be targeted |
|
|
★★
|
|
2023-03-17 09:30:00 |
Vishing Campaign Targets Social Security Administration (lien direct) |
Tens of thousands of mailboxes targeted |
|
|
★★
|
|
2023-03-16 17:00:00 |
US Government IIS Server Breached via Telerik Software Flaw (lien direct) |
The critical vulnerability allows remote code execution and was assigned a CVSS v3.1 score of 9.8 |
Vulnerability
|
|
★★
|
|
2023-03-16 16:30:00 |
ChipMixer Crypto Laundromat Shut Down By German, US Authorities (lien direct) |
The operation seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m) |
|
|
★★
|
|
2023-03-16 16:00:00 |
UK Joins US, Canada, Others in Banning TikTok From Government Devices (lien direct) |
The Chancellor of the Duchy of Lancaster, Oliver Dowden, confirmed the plans earlier today |
|
|
★★★
|
|
2023-03-16 10:30:00 |
NCSC Calms Fears Over ChatGPT Threat (lien direct) |
Tool won't democratize cybercrime, agency argues |
Tool
Threat
|
ChatGPT
ChatGPT
|
★★
|
|
2023-03-16 10:10:00 |
BEC Volumes Double on Phishing Surge (lien direct) |
Business email compromise overtakes ransomware |
Ransomware
Studies
|
|
★★
|
|
2023-03-16 09:30:00 |
Chinese SilkLoader Malware Sold to Russian Cyber-Criminals (lien direct) |
Cobalt Strike beacon loader migrates across criminal ecosystems |
Malware
|
|
★★
|
|
2023-03-15 17:30:00 |
Tick APT Group Hacked East Asian DLP Software Firm (lien direct) |
The hacker breached the DLP company's internal update servers to deliver malware within its network |
Malware
|
|
★★
|
|
2023-03-15 17:00:00 |
"FakeCalls" Android Malware Targets Financial Firms in South Korea (lien direct) |
CPR discovered 2500 samples of the malware, impersonating 20 financial institutions in the region |
Malware
|
|
★★
|
|
2023-03-15 16:30:00 |
Humans Still More Effective Than ChatGPT at Phishing (lien direct) |
The research paper by HoxHunt analyzed 53,127 emails sent to users in over 100 countries |
|
ChatGPT
ChatGPT
|
★★★
|
|
2023-03-15 10:30:00 |
UK Bank Limits Crypto Payments to Smother Fraud (lien direct) |
NatWest warns of "life-changing" customer losses |
|
|
★★
|
|
2023-03-15 10:00:00 |
Phishing Campaigns Use SVB Collapse to Harvest Crypto (lien direct) |
Experts warn users to be on their guard |
Threat
|
|
★★
|
|
2023-03-15 09:30:00 |
Microsoft Patches Two Zero Days This Month (lien direct) |
They include one likely exploited by Russian-linked threat actors |
Threat
|
|
★★
|
|
2023-03-14 17:30:00 |
YoroTrooper Espionage Campaigns Target CIS, EU Countries (lien direct) |
The threat actors mainly targeted organizations across Azerbaijan, Tajikistan and Kyrgyzstan |
Threat
|
|
★★★
|
|
2023-03-14 17:00:00 |
DEV-1101 Updates Open Source Phishing Kit (lien direct) |
The kit is written in NodeJS and has automated setup and detection evasion capabilities |
Threat
|
|
★★★★
|
|
2023-03-14 16:30:00 |
CISA Creates New Ransomware Vulnerability Warning Program (lien direct) |
The Agency will warn critical infrastructure entities to enable mitigation before an incident |
Ransomware
Vulnerability
|
|
★★★
|
|
2023-03-14 10:30:00 |
LA Housing Authority Suffers Year-Long Breach (lien direct) |
LockBit ransomware group stole data and encrypted files |
Ransomware
|
|
★★
|
|
2023-03-14 10:00:00 |
UK Crypto Firm Loses $200m in Cyber-Attack (lien direct) |
Euler Finance suffered "flash loan" attack |
|
|
★★★
|
|
2023-03-14 09:30:00 |
MI5 Launches New Agency to Tackle State-Backed Attacks (lien direct) |
National Protective Security Authority begins its work |
|
|
★★
|
|
2023-03-13 17:30:00 |
Remote Code Execution and Camera Access Flaws Found in Smart Intercoms (lien direct) |
13 vulnerabilities were found in the E11 smart intercom devices by Chinese manufacturer Akuvox |
|
|
★★★
|
|
2023-03-13 17:00:00 |
Dark Pink APT Group Deploys KamiKakaBot Against South Asian Entities (lien direct) |
The relationship between Europe and ASEAN countries is being exploited with social engineering lures |
|
|
★★
|
|
2023-03-13 16:30:00 |
Infostealers Spread Via AI-Generated YouTube Videos (lien direct) |
Infostealers observed to be delivered via these videos included Vidar, RedLine and Raccoon |
Threat
|
|
★★
|
|
2023-03-13 15:30:00 |
Unlocking the Benefits and Trade-Offs of Agentless Cloud Security (lien direct) |
Agentless cloud security solutions were among the most talked-about topics during the Cloud & Cyber Security Expo, set in London on March 8-9, 2023 |
Cloud
|
|
★★★
|
|
2023-03-13 10:45:00 |
Final Three Sentenced in £70m Money Laundering Case (lien direct) |
London-based group also illegally obtained COVID relief funds |
|
|
★★
|
|
2023-03-13 10:00:00 |
Investment Fraud is Now Biggest Cybercrime Earner (lien direct) |
Category surged 127% year-on-year, says FBI |
Studies
|
|
★★★
|
|
2023-03-13 09:30:00 |
Blackbaud Settles $3m Charge Over Ransomware Attack (lien direct) |
SEC claims company filed misleading disclosures |
Ransomware
Guideline
|
|
★★
|
|
2023-03-10 17:30:00 |
Hadoken Security Group Upgrades Xenomorph Mobile Malware (lien direct) |
The trojan can now start specified applications, show push notifications, steal cookies and more |
Malware
|
|
★★★
|
|
2023-03-10 17:00:00 |
White House Allocates $3.1bn to Cybersecurity in New Budget (lien direct) |
$145m will go toward making CISA more resilient and defensible |
|
|
★★
|
|
2023-03-10 16:30:00 |
IceFire Ransomware Targets Linux Enterprise Networks (lien direct) |
The campaign leveraged the exploitation of a flaw in IBM's Aspera Faspex file-sharing software |
Ransomware
|
|
★★
|