What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-27 00:07:05 | New Android Malware Targeting Brazil\'s Itaú Unibanco Bank Customers (lien direct) | Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. “This application has a similar icon and name that could trick users into thinking it is a legitimate app related to Itaú Unibanco,” Cyble researchers said in a | Malware | ||
|
2021-12-24 05:07:16 | Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security (lien direct) | Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.5), the issue relates | Malware Vulnerability Threat | ||
|
2021-12-24 03:32:57 | New Ransomware Variants Flourish Amid Law Enforcement Actions (lien direct) | Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement's disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies. "Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS [ransomware-as-a-service] | Ransomware Malware | ||
|
2021-12-24 00:57:00 | New BLISTER Malware Using Code Signing Certificates to Evade Detection (lien direct) | Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has been dubbed "Blister" by researchers from Elastic Security, with the malware samples having | Malware | ||
|
2021-12-23 04:09:24 | CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities (lien direct) | Cybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "These vulnerabilities, especially Log4Shell, are severe," the intelligence agencies said in the new guidance. "Sophisticated cyber threat actors | Threat | ||
|
2021-12-23 03:39:19 | IoT SAFE - An Innovative Way to Secure IoT (lien direct) | By the end of 2021, there will be 12 billion connected IoT devices, and by 2025, that number will rise to 27 billion. All these devices will be connected to the internet and will send useful data that will make industries, medicine, and cars more intelligent and more efficient. However, will all these devices be safe? It's worth asking what you can do to prevent (or at least reduce) becoming a | |||
|
2021-12-22 23:51:17 | 4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories (lien direct) | A security flaw has been unearthed in Microsoft's Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. The vulnerability, codenamed "NotLegit," was reported to the tech giant by Wiz researchers on October 7, 2021, following which mitigations have been undertaken to fix | |||
|
2021-12-22 23:05:08 | Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software (lien direct) | Microsoft said it won't be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March. The disclosure comes from Berlin-based cybersecurity firm Positive Security, which found that the implementation of the link preview feature was susceptible to a number of issues that could "allow accessing | |||
|
2021-12-22 04:00:13 | China suspends deal with Alibaba for not sharing Log4j 0-day first with the government (lien direct) | China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months for failing to promptly report a critical security vulnerability affecting the broadly used Log4j logging library. The development was reported by Reuters and South China Morning | Vulnerability | ||
|
2021-12-21 23:45:57 | New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw (lien direct) | A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation of the attacker's abuse of the CVE-2021-40444 bug and demonstrate that even a patch can't always | Malware Vulnerability | ||
|
2021-12-21 23:01:52 | Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers (lien direct) | Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November following the availability of a proof-of-concept (PoC) tool on December 12. The two vulnerabilities - tracked as CVE-2021-42278 and CVE-2021-42287 - have a severity rating of 7.5 out of a maximum of 10 and concern a privilege escalation flaw affecting the | Tool | ||
|
2021-12-21 04:40:36 | Tropic Trooper Cyber Espionage Hackers Targeting Transportation Sector (lien direct) | Transportation industry and government agencies related to the sector are the victims of an ongoing campaign since July 2020 by a sophisticated and well-equipped cyberespionage group in what appears to be yet another uptick in malicious activities that are "just the tip of the iceberg." "The group tried to access some internal documents (such as flight schedules and documents for financial plans | APT 23 | ||
|
2021-12-21 02:52:36 | Top 7 common Cybersecurity Myths - Busted (lien direct) | Even with the growing awareness about cybersecurity, many myths about it are prevalent. These misconceptions can be a barrier to effective security. The first step to ensure the security of your business is to separate the false information, myths, and rumors from the truth. Here, we're busting some common cybersecurity myths. Read on to find out which of the following you thought were true. | |||
|
2021-12-21 02:24:59 | Secret Backdoors Found in German-made Auerswald VoIP System (lien direct) | Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices. "Two backdoor passwords were found in the firmware of the COMpact 5500R PBX," researchers from RedTeam Pentesting | |||
|
2021-12-20 23:20:59 | Meta Sues Hackers Behind Facebook, WhatsApp and Instagram Phishing Attacks (lien direct) | Facebook's parent company Meta Platforms on Monday said it has filed a federal lawsuit in the U.S. state of California against bad actors who operated more than 39,000 phishing websites that impersonated its digital properties to mislead unsuspecting users into divulging their login credentials. The social engineering scheme involved the creation of rogue webpages that masqueraded as the login | Guideline | ||
|
2021-12-20 06:56:44 | New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G (lien direct) | Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service (DoS) and man-in-the-middle (MitM) attacks using low-cost equipment. The "vulnerabilities in the handover procedure are not limited to one handover case only but they impact all different handover | |||
|
2021-12-20 06:15:13 | How to see if cybersecurity of your organization is in check for the New Year (lien direct) | The last several years have seen an ever-increasing number of cyber-attacks, and while the frequency of such attacks has increased, so too has the resulting damage. One needs only to look at CISA's list of significant cyber incidents to appreciate the magnitude of the problem. In May of 2021, for example, a ransomware attack brought down the Colonial Pipeline, causing a serious fuel disruption | Ransomware | ||
|
2021-12-20 02:03:20 | Experts Discover Backdoor Deployed on the U.S. Federal Agency\'s Network (lien direct) | A U.S. federal government commission associated with international rights has been targeted by a backdoor that reportedly compromised its internal network in what the researchers described as a "classic APT-type operation." "This attack could have given total visibility of the network and complete control of a system and thus could be used as the first step in a multi-stage attack to penetrate | |||
|
2021-12-19 23:47:27 | Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store (lien direct) | A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users' contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge. The latest Joker malware was found in a messaging-focused app named Color Message ("com.guo.smscolor.amessage"), | Malware | ||
|
2021-12-18 04:26:36 | New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability (lien direct) | Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability," | Vulnerability | ||
|
2021-12-18 02:24:47 | Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability (lien direct) | The issues with Log4j continued to stack up as the Apache Software Foundation (ASF) on Friday rolled out yet another patch - version 2.17.0 - for the widely used logging library that could be exploited by malicious actors to stage a denial-of-service (DoS) attack. Tracked as CVE-2021-45105 (CVSS score: 7.5), the new vulnerability affects all versions of the tool from 2.0-beta9 to 2.16.0, which | Tool Vulnerability | ||
|
2021-12-17 06:20:24 | Facebook Bans 7 \'Cyber Mercenary\' Companies for Spying on 50,000 Users (lien direct) | Meta Platforms on Thursday revealed it took steps to deplatform seven cyber mercenaries that it said carried out "indiscriminate" targeting of journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists located in over 100 countries, amid mounting scrutiny of surveillance technologies. To that end, the company said it alerted 50,000 users of | |||
|
2021-12-17 03:05:10 | New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021 (lien direct) | Industrial and government organizations, including enterprises in the military-industrial complex and research laboratories, are the targets of a new malware botnet dubbed PseudoManyscrypt that has infected roughly 35,000 Windows computers this year alone. The name comes from its similarities to the Manuscrypt malware, which is part of the Lazarus APT group's attack toolset, Kaspersky | Malware | APT 38 | |
|
2021-12-17 02:08:46 | How to Prevent Customer Support Help Desk Fraud Using VPN and Other Tools (lien direct) | It's no secret that the internet isn't a very safe place. And it's not hard to understand why. It's a medium that connects billions of people around the world that affords bad actors enough anonymity to wreak havoc without getting caught. It's almost as if the internet's tailor-made to enable scams and fraud. And that's just what it does. Right now, the world's on track to lose $10.5 trillion | |||
|
2021-12-16 23:19:24 | New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency (lien direct) | Cryptocurrency users in Ethiopia, Nigeria, India, Guatemala, and the Philippines are being targeted by a new variant of the Phorpiex botnet called Twizt that has resulted in the theft of virtual coins amounting to $500,000 over the last one year. Israeli security firm Check Point Research, which detailed the attacks, said the latest evolutionary version "enables the botnet to operate | |||
|
2021-12-16 05:08:56 | Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips (lien direct) | Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device's Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip. The novel attacks work against the so-called "combo chips," which are specialized chips that are equipped to handle different types of radio wave-based wireless communications, such as | |||
|
2021-12-16 04:56:43 | The Guide to Automating Security Training for Lean Security Teams (lien direct) | Cyber threats used to be less threatening. While nobody wants their customers' credit card numbers stolen in a data breach, or to see a deranged manifesto plastered over their company website, such incidents can almost seem quaint compared to ransomware attacks that bring all of your critical information systems to a dead halt. The frequency of these attacks increased more than 150% in the U.S. | Ransomware | ||
|
2021-12-16 02:19:19 | New Fileless Malware Uses Windows Registry as Storage to Evade Detection (lien direct) | A new JavaScript-based remote access Trojan (RAT) propagated via a social engineering campaign has been observed employing sneaky "fileless" techniques as part of its detection-evasion methods to elude discovery and analysis. Dubbed DarkWatchman by researchers from Prevailion's Adversarial Counterintelligence Team (PACT), the malware uses a resilient domain generation algorithm (DGA) to identify | Malware | ||
|
2021-12-15 22:24:49 | Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges (lien direct) | Web infrastructure company Cloudflare on Wednesday revealed that threat actors are actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility, making it imperative that customers move quickly to install the latest version as a barrage of attacks continues to pummel unpatched systems with a variety of malware. "This vulnerability is actively being exploited and | Vulnerability Threat | ||
|
2021-12-15 08:58:17 | Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets (lien direct) | Meta Platforms, the company formerly known as Facebook, has announced that it's expanding its bug bounty program to start rewarding valid reports of scraping vulnerabilities across its platforms as well as include reports of scraping data sets that are available online. "We know that automated activity designed to scrape people's public and private data targets every website or service," said | |||
|
2021-12-15 06:31:34 | Cynet\'s MDR Offers Organizations Continuous Security Oversight (lien direct) | Today's cyber attackers are constantly looking for ways to exploit vulnerabilities and infiltrate organizations. To keep up with this evolving threat landscape, security teams must be on the lookout for potential risks around the clock. Since most organizations simply cannot afford to have 24x7 security teams, managed detection and response (MDR) services have become a critical aspect of any | Threat | ||
|
2021-12-15 04:08:50 | Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials (lien direct) | Malicious actors are deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed "Owowa," on Microsoft Exchange Outlook Web Access servers with the goal of stealing credentials and enabling remote command execution. "Owowa is a C#-developed .NET v4.0 assembly that is intended to be loaded as a module within an IIS web server that also exposes | |||
|
2021-12-14 23:14:45 | Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware (lien direct) | Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that's being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads. The latest monthly release for December fixes a total of 67 flaws, bringing the total number of bugs patched by the company this year to 887, according to | Malware | ||
|
2021-12-14 21:53:07 | Second Log4j Vulnerability (CVE-2021-45046) Discovered - New Patch Released (lien direct) | The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations." The second vulnerability - tracked as CVE-2021-45046 - is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all versions of Log4j from 2.0-beta9 | Vulnerability | ||
|
2021-12-14 03:09:49 | Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware (lien direct) | Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The attack leverages the remote code execution flaw to download an additional payload, a .NET binary, from a | Ransomware Vulnerability | ||
|
2021-12-14 03:09:40 | How Extended Security Posture Management Optimizes Your Security Stack (lien direct) | As a CISO, one of the most challenging questions to answer is "How well are we protected right now?" Between the acceleration of hackers' offensive capabilities and the dynamic nature of information networks, a drift in the security posture is unavoidable and needs to be continuously compensated. Therefore, answering that question implies continuously validating the security posture and being in | |||
|
2021-12-13 23:56:11 | Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine (lien direct) | Europol, the European Union's premier law enforcement agency, has announced the arrest of a third Romanian national for his role as a ransomware affiliate suspected of hacking high-profile organizations and companies and stealing large volumes of sensitive data. The 41-year-old unnamed individual was apprehended Monday morning at his home in Craiova, Romania, by the Romanian Directorate for | Ransomware | ||
|
2021-12-13 22:10:28 | Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones (lien direct) | Apple on Monday released updates to iOS, macOS, tvOS, and watchOS with security patches for multiple vulnerabilities, including a remote jailbreak exploit chain as well as a number of critical issues in the Kernel and Safari web browser that were first demonstrated at the Tianfu Cup held in China two months ago. Tracked as CVE-2021-30955, the issue could have enabled a malicious application to | |||
|
2021-12-13 20:30:59 | Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild (lien direct) | Google has rolled out fixes for five security vulnerabilities in its Chrome web browser, including one which it says is being exploited in the wild, making it the 17th such weakness to be disclosed since the start of the year. Tracked as CVE-2021-4102, the flaw relates to a use-after-free bug in the V8 JavaScript and WebAssembly engine, which could have severe consequences ranging from | |||
|
2021-12-13 04:33:16 | Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group (lien direct) | A previously undocumented, financially motivated threat group has been connected to a string of data theft and extortion attacks on over 40 entities between September and November 2021. The hacker collective, which goes by the self-proclaimed name Karakurt and was first identified in June 2021, is capable of modifying its tactics and techniques to adapt to the targeted environment, Accenture's | Threat | ||
|
2021-12-13 04:21:18 | Top 3 SaaS Security Threats for 2022 (lien direct) | With 2021 drawing to a close and many closing their plans and budgets for 2022, the time has come to do a brief wrap-up of the SaaS Security challenges on the horizon. Here are the top 3 SaaS security posture challenges as we see them. 1 - The Mess of Misconfiguration Management The good news is that more businesses than ever are using SaaS apps such as GitHub, Microsoft 365, Salesforce, Slack, | |||
|
2021-12-13 00:10:11 | Microsoft Details Building Blocks of Widely Active Qakbot Banking Trojan (lien direct) | Infection chains associated with the multi-purpose Qakbot malware have been broken down into "distinct building blocks," an effort that Microsoft said will help to detect and block the threat in an effective manner proactively. The Microsoft 365 Defender Threat Intelligence Team dubbed Qakbot a "customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize | Malware Threat | ||
|
2021-12-12 21:43:38 | Apache Log4j Vulnerability - Log4Shell - Widely Under Active Attack (lien direct) | Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech giant Qihoo 360, disclosed | Vulnerability | ||
|
2021-12-10 20:18:19 | Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk (lien direct) | The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote | Vulnerability | ||
|
2021-12-10 06:25:41 | BlackCat: A New Rust-based Ransomware Malware Spotted in the Wild (lien direct) | Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. "Victims can pay with Bitcoin or Monero," the researchers said in a series of tweets detailing the file-encrypting malware. "Also | Ransomware Malware | ||
|
2021-12-10 03:59:04 | 1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses (lien direct) | As many as 1.6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four plugins and 15 Epsilon Framework themes. WordPress security company Wordfence, which disclosed details of the attacks, said Thursday it had detected and blocked more than 13.7 million attacks aimed at the plugins and themes in a | |||
|
2021-12-10 02:06:43 | Russia Blocks Tor Privacy Service in Latest Censorship Move (lien direct) | Russia has stepped up its censorship efforts in the country by fully banning access to the Tor web anonymity service, coinciding with the ban of six virtual private network (VPN) operators, as the government continues to control the internet and crackdown on attempts to circumvent locally imposed web restrictions. The Federal Service for Supervision of Communications, Information Technology and | |||
|
2021-12-09 03:40:04 | Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions) (lien direct) | It is a time when many are thinking of their families and loved ones, time off work, and gift-giving – the holidays. However, while many have their minds outside the realm of work during the holiday season, often, this is when attackers plan their most sinister attacks. So how can you take precautions to protect your organization during these times? Why holidays put your company at risk of | |||
|
2021-12-09 03:15:55 | Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs (lien direct) | At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices. The most affected devices are located in China, Brazil, Russia, Italy, Indonesia, with the U.S. coming in at number eight, cybersecurity firm Eclypsium said in | |||
|
2021-12-08 23:02:51 | Over a Dozen Malicious NPM Packages Caught Hijacking Discord Servers (lien direct) | At least 17 malware-laced packages have been discovered on the NPM package Registry, adding to a recent barrage of malicious software hosted and delivered through open-source software repositories such as PyPi and RubyGems. DevOps firm JFrog said the libraries, now taken down, were designed to grab Discord access tokens and environment variables from users' computers as well as gain full control |
To see everything:
Our RSS (filtrered)
