Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-16 16:00:00 |
Botnets, Trojans, DDoS From Ukraine and Russia Have Increased Since Invasion (lien direct) |
The news comes from a report by Top10VPN and is based on data by the Shadowserver Foundation |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-16 12:00:00 |
State-Backed APT Group Activity Continuing Apace (lien direct) |
The report outlines recent APT group activity from Russia, China, Iran and North Korea |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-16 10:45:00 |
Euro Authorities Warn World Cup Fans Over Qatari Apps (lien direct) |
Security and privacy concerns mount for those attending matches |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-16 10:10:00 |
Most Neurodiverse Women in Tech Feel Unsupported: Study (lien direct) |
Report suggests high demand for talent from security sector employers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-16 09:30:00 |
LockBit Remains Most Prolific Ransomware in Q3 (lien direct) |
Phobos is a close second, according to Trellix |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-15 18:00:00 |
Billbug Targets Government Agencies in Multiple Asian Countries (lien direct) |
According to Symantec, the targeting of a certificate authority was notable |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-15 17:00:00 |
Remote Code Execution Discovered in Spotify\'s Backstage (lien direct) |
Spotify ranked the vulnerability as critical, with a CVSS score of 9.8 |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-15 16:00:00 |
Lazarus Backdoor DTrack Evolves to Target Europe and Latin America (lien direct) |
DTrack has not changed substantially, but Lazarus made some “interesting” modifications |
|
APT 38
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-15 10:10:00 |
Police Celebrate Arrest of 59 Suspected Scammers (lien direct) |
Month-long European operation focused on online fraudsters |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-15 09:30:00 |
Google to Pay $392m in Landmark Privacy Case (lien direct) |
Multi-state settlement is largest in US history |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-14 18:00:00 |
GitHub Now Supports Private Vulnerability Reporting For Public Repositories (lien direct) |
The feature needs to be manually enabled by repository maintainers |
Vulnerability
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-14 17:00:00 |
NSA Guide Helps Firms Protect Against Memory Safety Vulnerabilities (lien direct) |
The document describes situations where cyber actors steal sensitive information and other negative impacts |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-14 10:45:00 |
Mass Email Extortion Campaign Claims Server Hack (lien direct) |
Threat actors claim they'll destroy victims' reputation if they don't pay |
Hack
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-14 10:10:00 |
UK Shoppers Lost £15m+ to Scammers Last Winter (lien direct) |
Cyber experts urge consumers to improve online safety |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-14 09:30:00 |
Ukrainian CERT Discloses New Data-Wiping Campaign (lien direct) |
Somnia malware hijacks Telegram and VPN accounts |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 18:00:00 |
CISA Releases SSVC Guide to Help Companies Prioritize Vulnerabilities (lien direct) |
Remediation efforts are prioritized based on exploitation status, safety impact and prevalence criteria |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 17:00:00 |
Man Arrested in Ontario For Alleged LockBit Ransomware Involvement (lien direct) |
Mikhail Vasiliev was apprehended in Canada and is in custody awaiting extradition to the US |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 16:00:00 |
Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks (lien direct) |
They left quoting concerns about the rollout of new features without an FTC consent decree |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 14:00:00 |
#IRISSCON: Social Engineering Testers Warned Not to Cross Ethical and Legal Boundaries (lien direct) |
Sharon Conheady discusses the ethical and legal dilemmas often faced by social engineering testers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 12:00:00 |
CISA Says Midterm Voting Uncompromised By Cyber-attacks (lien direct) |
Election workers will continue to work in the days ahead to certify the election results |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 11:05:00 |
Ukrainian Cyber Cops Bust $200m Fraud Ring (lien direct) |
Two-year pan-European operation ends in arrests |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 11:00:00 |
Only 30% of Cyber-Insurance Holders Say Ransomware is Covered (lien direct) |
Insurers are cutting back on coverage as claims surge |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-11 10:30:00 |
Qatar World Cup Firms Urged to Upgrade Cyber-Threat Model (lien direct) |
Digital Shadows warns of elevated risk from scammers and threat actors |
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 17:00:00 |
(Déjà vu) New Lenovo Notebook Models Affected By UEFI Firmware Vulnerabilities (lien direct) |
The flaws affect various Lenovo Yoga, IdeaPad and ThinkBook devices |
|
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 16:40:00 |
#IRISSCON: Police Officer Urges More Reporting and Engagement to Tackle Cybercrime (lien direct) |
Ireland's National Cyber Crime Bureau outlines cybercrime trends being observed in law enforcement |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 16:00:00 |
Majority of Security Managers Lack Threat Intelligence Skills (lien direct) |
The report suggests threat intelligence is a crucial source for vulnerability detection |
Vulnerability
Threat
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 15:45:00 |
The \'Great Resignation\' Caused Insider Threats to Peak in Q3 2022, Kroll Finds (lien direct) |
Kroll's Q3 2022 Threat Landscape report showed an unprecedented increase in insider threats |
Threat
|
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 13:15:00 |
#IRISSCON: Cyber Professionals Now Tasked with Securing Society, Says Mikko Hyppönen (lien direct) |
Mikko Hyppönen discusses how cyber-threats will become even more dangerous as reliance on connectivity grows |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 11:00:00 |
Some 98% of Global Firms Suffer Supply Chain Breach in 2021 (lien direct) |
Two-fifths still trust suppliers to handle their own security |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 10:00:00 |
Malware Redirects 15,000 Sites in Malicious SEO Campaign (lien direct) |
Campaign designed to improve search engine rankings of spammy sites |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-10 09:30:00 |
Couple Get 40 Years for Navy Espionage Plot (lien direct) |
Duo tried to sell secrets of nuclear propulsion |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 18:00:00 |
High-Risk Vulnerability Found in ABB\'s Flow Computers (lien direct) |
Attackers could exploit it by sending a specially crafted message to an affected system node |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 17:00:00 |
Malicious Package on PyPI Hides Behind Image Files, Spreads Via GitHub (lien direct) |
The findings indicate that PyPI malicious packages and their obfuscation techniques are evolving |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 16:00:00 |
Medibank Confirms Data Stolen in Breach is Now Available Online (lien direct) |
The leaked data includes personal data like names, addresses and phone numbers, among others |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 10:30:00 |
Advanced RAT AgentTesla Most Prolific Malware in October (lien direct) |
Info-stealers take top three spots, says Check Point |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 10:00:00 |
Instagram Influencer Gets 11 Years for Money Laundering (lien direct) |
Man known as “Hushpuppi” linked to fraud and business email compromise |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-09 09:30:00 |
Microsoft Patches Six Zero-Day Bugs this Month (lien direct) |
Patch Tuesday updates require urgent action from sysadmins |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 18:00:00 |
Insider Risk on the Rise: 12% of Employees Take IP When Leaving Jobs (lien direct) |
The data comes from workforce cyber intelligence and security company Dtex |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 17:00:00 |
SEC Announces \'Enforcement Action\' For SolarWinds Over 2020 Hack (lien direct) |
In a recent 8-K filing with the SEC, the firm said it reached an agreement with shareholders |
Hack
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 16:00:00 |
Conti Affiliates Black Basta, BlackByte Continue to Attack Critical Infrastructure (lien direct) |
Between February and July, 81 victim organizations were listed on the groups' data leak sites |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 10:45:00 |
SMBs Fear Security Budget Cuts as Inflation Bites (lien direct) |
Concerns come amid worries over ransomware surge |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 10:15:00 |
Swiss Re: Cyber-Insurance Industry Must Reform (lien direct) |
Some 90% of risk is still uninsured, warns industry giant |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-08 09:40:00 |
Silk Road Thief Pleads Guilty to $3.4bn Raid (lien direct) |
Man stole 50,000 Bitcoin from notorious dark web marketplace |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 18:00:00 |
Vultur Android Banking Trojan Reaches 100,000+ Downloads on Google Play Store (lien direct) |
The dropper hides behind a fake utility app with limited permissions and a small footprint |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 17:16:00 |
Medibank Refuses to Pay Ransom After Data Breach (lien direct) |
Medibank believes there is a limited chance paying a ransom would return customers' data |
Data Breach
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 16:03:00 |
Android RAT Group Targets Indian Defense Personnel (lien direct) |
The app asked for several permissions, including camera, microphone, internet and storage |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 14:00:00 |
Cyber Insurance Market Stabilizing as Security Awareness Improves (lien direct) |
The cyber insurance market is beginning to stabilize following several years of steep rate increases, according to a recent report |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 10:30:00 |
Japan Joins Key NATO Cyber Agency (lien direct) |
Another show of strength for the Cooperative Cyber Defence Centre of Excellence |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 10:00:00 |
ICO: Department for Education Should Have Been Fined £10m (lien direct) |
DfE oversight leads to misuse of data on 28 million children |
Guideline
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-11-07 09:30:00 |
FBI: Beware of Cyber-Threat from Russian Hacktivists (lien direct) |
Feds claim DDoS attacks are being aimed at critical infrastructure |
|
|
|