What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-28 13:40:42 | TikTok \'Invisible Body\' challenge exploited to push malware (lien direct) | Hackers are capitalizing on a trending TikTok challenge named 'Invisible Challenge' to install malware on thousands of devices and steal their passwords, Discord accounts, and, potentially, cryptocurrency wallets. [...] | Malware | ★★★ | |
|
2022-11-28 10:15:35 | Meta fined €265M for not protecting Facebook users\' data from scrapers (lien direct) | Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC) for a massive 2021 Facebook data leak exposing the information of hundreds of million users worldwide. [...] | ★★★★★ | ||
|
2022-11-28 09:43:53 | The Cyber Monday 2022 Security, IT, VPN, & Antivirus Deals (lien direct) | Cyber Monday is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. [...] | ★★ | ||
|
2022-11-25 12:18:23 | Vice Society ransomware claims attack on Cincinnati State college (lien direct) | The Vice Society ransomware operation has claimed responsibility for a cyberattack on Cincinnati State Technical and Community College, with the threat actors now leaking data allegedly stolen during the attack. [...] | Ransomware Threat | ★★ | |
|
2022-11-24 10:29:49 | Hackers modify popular OpenVPN Android app to include spyware (lien direct) | A threat actor associated with cyberespionage operations since at least 2017 has been luring victims with fake VPN software for Android that is a trojanized version of legitimate software SoftVPN and OpenVPN. [...] | Threat | ||
|
2022-11-23 12:21:12 | Pro-Russian hacktivists take down EU Parliament site in DDoS attack (lien direct) | The website of the European Parliament has been taken down following a DDoS (Distributed Denial of Service) attack claimed by a pro-Russia group of hacktivists calling themselves Anonymous Russia. [...] | ★★ | ||
|
2022-11-23 10:59:37 | Mali GPU \'patch gap\' leaves Android users vulnerable to attacks (lien direct) | A set of five exploitable vulnerabilities in Arm's Mali GPU driver remain unfixed months after the chip maker patched them, leaving potentially millions of Android devices exposed to attacks. [...] | |||
|
2022-11-23 06:02:16 | Russian cybergangs stole over 50 million passwords this year (lien direct) | At least 34 distinct Russian-speaking cybercrime groups using info-stealing malware like Raccoon and Redline have collectively stolen 50,350,000 account passwords from over 896,000 individual infections from January to July 2022. [...] | Malware | ★★★★ | |
|
2022-11-22 14:55:29 | Hackers breach energy orgs via bugs in discontinued web server (lien direct) | Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector. [...] | ★★★★ | ||
|
2022-11-22 11:04:37 | Android file manager apps infect thousands with Sharkbot malware (lien direct) | A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan. [...] | Malware | ★★★ | |
|
2022-11-21 18:09:13 | Aurora infostealer malware increasingly adopted by cybergangs (lien direct) | Cybercriminals are increasingly turning to a new Go-based information stealer named 'Aurora' to steal sensitive information from browsers and cryptocurrency apps, exfiltrate data directly from disks, and load additional payloads. [...] | Malware | ★★★★ | |
|
2022-11-21 15:17:36 | Hackers steal $300,000 in DraftKings credential stuffing attack (lien direct) | Sports betting company DraftKings said today that it would make whole customers affected by a credential stuffing attack that led to losses of up to $300,000. [...] | |||
|
2022-11-21 13:24:44 | Google Chrome extension used to steal cryptocurrency, passwords (lien direct) | An information-stealing Google Chrome browser extension named 'VenomSoftX' is being deployed by Windows malware to steal cryptocurrency and clipboard contents as users browse the web. [...] | Malware | ||
|
2022-11-21 10:04:40 | Apps with over 3 million installs leak \'Admin\' search API keys (lien direct) | Researchers discovered 1,550 mobile apps leaking Algolia API keys, risking the exposure of sensitive internal services and stored user information. [...] | |||
|
2022-11-20 10:07:14 | (Déjà vu) New ransomware encrypts files, then steals your Discord account (lien direct) | The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] | Ransomware | ||
|
2022-11-20 10:07:14 | New AxLocker ransomware encrypts files, then steals your Discord account (lien direct) | The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] | Ransomware | ||
|
2022-11-19 13:28:32 | New attacks use Windows security bypass zero-day to drop malware (lien direct) | New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings. [...] | Malware Vulnerability | ||
|
2022-11-18 10:24:41 | Chinese hackers use Google Drive to drop malware on govt networks (lien direct) | State-backed Chinese hackers launched a spearphishing campaign to deliver custom malware stored in Google Drive to government, research, and academic organizations worldwide. [...] | Malware | ||
|
2022-11-17 15:07:02 | Previously unidentified ARCrypter ransomware expands worldwide (lien direct) | A previously unknown 'ARCrypter' ransomware that compromised key organizations in Latin America is now expanding its attacks worldwide. [...] | Ransomware | ||
|
2022-11-17 13:19:17 | QBot phishing abuses Windows Control Panel EXE to infect devices (lien direct) | Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. [...] | Malware | ||
|
2022-11-16 15:15:45 | Updated RapperBot malware targets game servers in DDoS attacks (lien direct) | The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS (Distributed Denial of Service) attacks against game servers. [...] | Malware | ||
|
2022-11-16 08:00:00 | DuckDuckGo now lets all Android users block trackers in their apps (lien direct) | DuckDuckGo for Android's 'App Tracking Protection' feature has reached open beta, allowing all Android users to block third-party trackers across all their installed apps. [...] | |||
|
2022-11-15 17:24:49 | North Korean hackers target European orgs with updated malware (lien direct) | North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. [...] | Malware | ||
|
2022-11-15 13:00:00 | Google to roll out Privacy Sandbox on Android 13 starting early 2023 (lien direct) | Google announced today that they will begin rolling out the Privacy Sandbox system on a limited number of Android 13 devices starting in early 2023. [...] | |||
|
2022-11-14 14:14:22 | Google will pay $391M to settle Android location tracking lawsuit (lien direct) | Google has agreed to pay $391.5 million to settle a lawsuit filed by a coalition of attorneys general from 40 U.S. states alleging that the search giant tracked Android users' locations since at least 2014 even when they thought location tracking was disabled. [...] | |||
|
2022-11-14 13:19:27 | Whoosh confirms data breach after hackers sell 7.2M user records (lien direct) | The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. [...] | Data Breach | ||
|
2022-11-12 11:10:20 | New extortion scam threatens to damage sites\' reputation, leak data (lien direct) | An active extortion scam is targeting website owners and admins worldwide, claiming to have hacked their servers and demanding $2,500 not to leak data. [...] | |||
|
2022-11-12 10:07:14 | Android phone owner accidentally finds a way to bypass lock screen (lien direct) | Cybersecurity researcher David Schütz accidentally found a way to bypass the lock screen on his fully patched Google Pixel 6 and Pixel 5 smartphones, enabling anyone with physical access to the device to unlock it. [...] | |||
|
2022-11-11 15:01:09 | Microsoft Defender network protection generally available on iOS, Android (lien direct) | Microsoft announced that the Mobile Network Protection feature is generally available to help organizations detect network weaknesses affecting Android and iOS devices running Microsoft's Defender for Endpoint (MDE) enterprise endpoint security platform. [...] | |||
|
2022-11-11 11:26:33 | New BadBazaar Android malware linked to Chinese cyberspies (lien direct) | A previously undocumented Android spyware tool named 'BadBazaar' has been discovered targeting ethnic and religious minorities in China, most notably the Uyghurs in Xinjiang. [...] | Malware Tool | ||
|
2022-11-10 17:58:42 | Phishing drops IceXLoader malware on thousands of home, corporate devices (lien direct) | A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware. [...] | Malware | ||
|
2022-11-10 17:18:10 | (Déjà vu) Microsoft fixes Windows zero-day bug exploited to push malware (lien direct) | Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] | Malware | ||
|
2022-11-10 17:18:10 | Microsoft fixes MoTW zero-day used to drop malware via ISO files (lien direct) | Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] | Malware | ||
|
2022-11-10 14:17:25 | Worok hackers hide new malware in PNGs using steganography (lien direct) | A threat group tracked as 'Worok' hides malware within PNG images to infect victims' machines with information-stealing malware without raising alarms. [...] | Malware Threat | ||
|
2022-11-10 11:02:58 | Ukraine arrests fraud ring members who made €200 million per year (lien direct) | Ukraine's cyber police and Europol have identified and arrested five key members of an international investment fraud ring estimated to have caused losses of over €200 million per year. [...] | |||
|
2022-11-09 17:51:08 | New StrelaStealer malware steals your Outlook, Thunderbird accounts (lien direct) | A new information-stealing malware named 'StrelaStealer' is actively stealing email account credentials from Outlook and Thunderbird, two widely used email clients. [...] | Malware | ||
|
2022-11-09 11:43:27 | Medibank warns customers their data was leaked by ransomware gang (lien direct) | Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems. [...] | Ransomware | ||
|
2022-11-08 17:56:13 | LockBit affiliate uses Amadey Bot malware to deploy ransomware (lien direct) | A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. [...] | Ransomware Malware | ||
|
2022-11-08 09:39:46 | Influencer \'Hushpuppi\' gets 11 years in prison for cyber fraud (lien direct) | An Instagram influencer known as 'Hushpuppi' has been sentenced to 11 years in prison for conspiring to launder tens of millions of USD from business email compromise (BEC) scams and various cyber schemes. [...] | |||
|
2022-11-07 12:50:26 | Ransomware gang threatens to release stolen Medibank data (lien direct) | A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. [...] | Ransomware | ||
|
2022-11-04 15:22:52 | British govt is scanning all Internet devices hosted in UK (lien direct) | The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. [...] | Guideline | ||
|
2022-11-03 15:36:50 | RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam (lien direct) | The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. [...] | Malware Threat | ||
|
2022-11-03 14:25:59 | LockBit ransomware claims attack on Continental automotive giant (lien direct) | The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental. [...] | Ransomware | ||
|
2022-11-02 16:35:15 | (Déjà vu) Hundreds of U.S. news sites push malware in supply-chain attack (lien direct) | The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] | Malware Threat | ||
|
2022-11-02 16:35:15 | Hundreds of U.S. news sites hit in SocGholish supply-chain attack (lien direct) | The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] | Malware Threat | ||
|
2022-11-02 14:41:42 | (Déjà vu) Emotet botnet starts blasting malware again after 4 month break (lien direct) | The Emotet malware operation is again spamming malicious emails after almost a four-month "vacation" that saw little activity from the notorious cybercrime operation. [...] | Malware | ||
|
2022-11-02 14:41:42 | Emotet botnet starts blasting malware again after 5 month break (lien direct) | The Emotet malware operation is again spamming malicious emails after almost a five-month "vacation" that saw little activity from the notorious cybercrime operation. [...] | Malware | ||
|
2022-11-02 13:21:26 | Dozens of PyPI packages caught dropping \'W4SP\' info-stealing malware (lien direct) | Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. [...] | Malware | ||
|
2022-11-02 13:05:18 | Vodafone Italy discloses data breach after reseller hacked (lien direct) | Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telco's services in the country, has fallen victim to a cyberattack. [...] | Data Breach | ||
|
2022-11-01 17:15:20 | Dropbox discloses breach after hacker stole 130 GitHub repositories (lien direct) | Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. [...] | Threat |
To see everything:
Our RSS (filtrered)
