What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-20 12:38:38 | 1.4 million Pixlr user records shared on hacker forum (lien direct) | 1.4 million Pixlr user records have been leaked online to a hacker forum. The user records contain information that can be used by malicious actors to carry out credential stuffing and targeted phishing attacks. The hacker known as ShinyHunters shared the user record database for free to the hacker forum, claiming that the data was […] | |||
|
2021-01-19 16:09:52 | Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors (lien direct) | Vdoo, a leader in product security for embedded software, today revealed it had extended its Series B funding to $57M, in an additional round led by Qumra Capital, Verizon Ventures, and others. The round was completed in the third quarter of last year, and the new funding was leveraged to expand Vdoo's offering to the […] | Guideline | ||
|
2021-01-19 13:13:38 | IObit hacked with malware spread to forum members (lien direct) | This weekend IObit, a Windows utility developer, was hacked resulting in strange DeroHE ransomware being distributed to a number of its forum users. IObit is a software developer that is known for anti-malware programs, such as Advanced SystemCare, and Windows system optimization. Over the weekend IObit forum members started to receive emails that were supposedly […] | Ransomware Malware | ||
|
2021-01-19 12:44:54 | Stealthy Miners Exploit Bitcoin Owners (lien direct) | The Bitcoin value is currently experiencing a high, with 1 Bitcoin worth around $36,000. With this, researchers have recorded an increase in coinminer malware which, according to Alexander Vukcevic “exploits other people’s computer resources for illegal mining activities.” This type of malware runs completely undetected on a victim’s computer. The aim of coinminer malware is […] | Malware | ★★★★★ | |
|
2021-01-19 12:13:46 | Capitol Riots fuelling Disinformation Campaigns (lien direct) | The FBI released a “joint threat assessment” on Thursday detailing fears that “Russian, Iranian and Chinese influence actors have seized the opportunity to amplify narratives in furtherance of their policy interest amid the presidential transition.” Additionally, a U.S. Intelligence memo claims that a Russian “proxy” took advantage of the event to advance a conspiracy theory, […] | Threat | ★★★ | |
|
2021-01-18 13:12:32 | Signal fixes Outage after Surge in New Users (lien direct) | After resolving technical issues that had affected both the mobile and web application on Friday, Signal said: “Thanks to the millions of new Signal users around the world for your patience.” As a result of the discontent over WhatsApp’s new Terms&Conditions, both Signal and Telegram have hugely benefited from an increase in downloads and users. […] | ★★ | ||
|
2021-01-18 11:52:16 | Fake Vaccine Data used to Spread Fear (lien direct) | Last week, a report by the EMA disclosed that attackers had hacked into their servers and stolen data related to the BioNTech Covid-19 vaccine. Until recently, the hackers’ motives had been unclear. New developments from the EMA, however, reveal that: “Some of the correspondence has been manipulated by the perpetrators prior to publication in a […] | ★★★★ | ||
|
2021-01-18 11:46:16 | Financial sector\'s cyber security guidelines tightened in Singapore (lien direct) | Singapore has recently revised its Technology Risk Management Guidelines so that they now include “strong oversight” of partnerships with third-party companies in order to maintain data confidentiality. The updated guidelines also covered stress tests and security controls, as well as appointments of senior IT executives and third-party vendors. The Technology Risk Management Guidelines have been […] | ★★ | ||
|
2021-01-18 11:29:09 | DuckDuckGo sees rapid growth in 2020 (lien direct) | DuckDuckGo, a privacy-focused search engine, has experienced impressive growth in 2020, receiving 102M daily searches in January. DuckDuckGo is a search engine that uses data from platforms such as Bing and Wikipedia to build a search index. They do not track users searches in order to build a user profile, and they also do not […] | ★★ | ||
|
2021-01-15 17:12:37 | 400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack (lien direct) | A ransomware attack launched against gaming company Capcom last November keeps getting worse, threatpost reported this week. The company now says that the personal data of up to 400,000 of its customers was compromised in the attack - 40,000 more than the company originally thought. Capcom is a Japan-based publisher of blockbuster games like Resident […] | Ransomware | ||
|
2021-01-15 17:06:30 | (Déjà vu) XSS vulnerability affects government websites (lien direct) | An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA, BleepingComputer reported today. Although 90 days have elapsed since the vulnerability was reported and patched, BleepingComputer is not aware of a formal disclosure made by the project.Security researcher Jackson Henry of the Sakura Samurai ethical hacking group […] | Vulnerability | ★★★★ | |
|
2021-01-15 16:38:55 | COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office (lien direct) | Much has been said about the shadow cast by the pandemic across security teams, as well as the widespread and seismic changes it has facilitated across every part of business function. The sudden shift into remote working has been a challenging endeavour for everyone, but especially among senior management. According to the recent COVID-19 State […] | ★★ | ||
|
2021-01-15 13:14:40 | Ethics Officer Facing Cyberstalking Charge (lien direct) | Julie Meadows-Keef has been arrested and charged with cyberstalking her coworker and ex-partner. Meadows-Keef has been banned from using the internet. However this excludes the use for work, paying her bills and legal defence. Following a messy divorce, restraining orders, a falsely filed sexual complaint by Meadows-Keef against Fletcher (which was dismissed), and stalking allegations, […] | ★★ | ||
|
2021-01-15 12:48:03 | Classiscam: Fake Ads hit European Market (lien direct) | A scam, known as Classiscam, is leading users to fraudulent merchant sites or phishing pages using fake tailored advertisements. The Cybercriminals use brands that are extremely popular in Europe including, LeBoinCoin, Allegro, OLX, Sbazar, FAN. Courier, Lalafo, Kufar and DHL. Anyone tricked by the scam falls victim to payment data theft. Security Researchers at Group-IB […] | Guideline | ||
|
2021-01-15 11:40:15 | Elon Musk giveaway scam spreads throughout Twitter (lien direct) | Malicious actors have hacked a number of Twitter accounts, including verified accounts, in an Elon Musk giveaway scam. Security researches MalwareHunterTeam have seen an increase in the number of verified Twitter accounts being hacked by a scam which claims that Elon Musk is giving away cryptocurrency. Accounts are compromised by replying to the giveaway tweet. […] | |||
|
2021-01-15 10:57:09 | 150,000 police arrest records lost (lien direct) | Priti Patel, the UK home secretary, is under fire after 150,000 police arrest records were accidentally lost from a police database last week. The lost files include DNA, arrest history records and fingerprints. As these files are now lost from the Police National Computer (PNC), essential evidence from crime scenes no longer exist which means […] | ★★★ | ||
|
2021-01-14 15:28:27 | Cybereason Announces New Partnership With Intel (lien direct) | Cybereason has entered into a new partnership with Intel. The two companies announced their combined plan to adopt and release new Intel Hardware Shield protections, which will further defend businesses from Ransomware attacks. Cybereason is a leader in future-ready attack protection, who aims to end cyber-attacks in an instant while Intel is known for being […] | Ransomware Guideline | ||
|
2021-01-14 14:03:49 | \'Anyone Else\'s Skype not Working?\' (lien direct) | Yesterday, January 13th, users worldwide were reporting issues with the popular video chat platform. Users were automatically signed out and when attempting to log back onto their accounts they all received the same message: “We’re unable to complete your request”. Microsoft acknowledged the issues and began working on restoring access. “We’re aware that the app […] | ★★★ | ||
|
2021-01-14 13:39:05 | German Investigators shut down DarkMarket (lien direct) | On Tuesday, German authorities announced the shut down of an illegal marketplace found on the darknet. Among the products sold on the network, known as DarkMarket, were drugs, forged money, stolen or forged credit cards, anonymous mobile phone SIM cards and malware. Prosecutors stated that the large network had nearly 500,000 users, more than 2,400 […] | ★★★★ | ||
|
2021-01-14 12:47:30 | (Déjà vu) Hackers bypassed the US Cybersecurity Agency\'s MFA (lien direct) | Today the US Cybersecurity and Infrastructure Security Agency (CISA) have revealed that malicious actors accessed their cloud service accounts by bypassing their multi-factor authentication (MFA) protocols. The attackers had tried multiple times to breach the CISA systems using brute force attacks, and it is through that they finally defeated the MFA protocols by using a […] | |||
|
2021-01-14 11:53:10 | Warning of COVID-19 QR code scams (lien direct) | QR codes are being increasingly used by businesses and venues in order to register customers to help track COVID-19 cases. As we see a rise in QR code usage, we are also seeing a rise in the number of QR code scams. Avast security is warning that individuals and businesses should be aware of the […] | |||
|
2021-01-13 14:54:23 | Pfizer COVID-19 Vaccine Data Leaked Online (lien direct) | Following a data breach in December, the European Medicines Agency (EMA) today revealed, that data concerning the Pfizer/BioNTech COVID-19 vaccine, has been leaked online. Fortunately, the EMA has stated that the regulatory network remains fully functional and that any COVID-19 evaluation and approval timelines have not been affected by the breach. The stolen data includes […] | Data Breach | ★★★★ | |
|
2021-01-13 14:13:43 | ANU Scam: New Positive Positive cases of COVID-19 (lien direct) | Staff at the Australian National University (ANU) have been sent a warning after receiving a scam email claiming new cases of COVID-19 had been recorded on campus. Professor Jodie Bradbury sent a screenshot of the email to his colleagues alerting them of the scam, which was given the subject line “New positive positive COVID-19 cases […] | ★★ | ||
|
2021-01-13 12:07:29 | Mimecast certificate used by Microsoft 365 Exchange Web Services have been compromised (lien direct) | Mimecast have announced that one of their authentication certificates used by Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor“. Mimecast secure emails for customers using email services such as Microsoft 365. Users can apply Mimecast’s security services to their emails by creating a connection to Mimecast's server. The Mimecast certificate […] | Threat | ★★★★★ | |
|
2021-01-13 11:44:11 | Google\'s Project Zero reveals Windows and Android exploit chains (lien direct) | New research by Google’s Project Zero has recently discovered two exploit servers which were being used as watering hole attacks. The Project Zero report says “a highly sophisticated actor” who uses a complex targeting infrastructure is responsible for the attacks. The Project Zero researchers said “they are well-engineered, complex code with a variety of novel […] | |||
|
2021-01-12 17:29:28 | Just What Does It Take to Develop a Career in the Cybersecurity Domain? (lien direct) | This is a reminder I get every day when I interact with people from the cybersecurity fraternity, most of whom say that they landed a career in cybersecurity purely by chance. I recently made a LinkedIn post asking people to share their stories about how they happened to become cybersecurity professionals. The responses that […] | |||
|
2021-01-12 16:54:02 | Findings of the Forrester Wave SAST 2021 Report (lien direct) | As a result of a demanding market, developers have often foregone security for speed with security teams typically tagged on at the very end of the development lifecycle. This, however, is an unsustainable, if not unacceptable stance, in today's environment. The future requires organisations to integrate security from the beginning when the application is built. […] | ★★ | ||
|
2021-01-12 12:32:07 | Potential Link between SolarWinds and Turla APT (lien direct) | Researchers at Kaspersky have recently discovered considerable similarities between the Sunburst and Kazuar backdoors. The similarities potentially link the Sunburst backdoors, used in the SolarWinds supply-chain attack, to a previously known Turla weapon. Kazuar, a malware written using the .NET framework, was first reported in 2017. These have been used in unison throughout various breaches […] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-12 12:02:49 | Parler Hack: Platform\'s Role in U.S. Insurrection (lien direct) | After rioters stormed the U.S. Capitol last Wednesday, a hacker on Twitter archived the Trump supporters’ posts on Parler to piece together the role the platform played in the insurgency. The hacker, who goes by @donk_enby on Twitter, claims her goal was to store every post relating to the assault before Parler was taken down. According […] | |||
|
2021-01-12 10:51:09 | (Déjà vu) Instagram, Facebook and LinkedIn accounts exposed by Chinese Data-Scrapers (lien direct) | Around 318 million social media account records, from platforms such as Instagram, Facebook and LinkedIn have been leaked online after SocialArks experience a cloud misconfiguration. Over 400GB of private and public data from 214 million social-media profiles has been exposed, with details of celebrities and social media influencers from all over the world being leaked. […] | ★★★★ | ||
|
2021-01-12 10:39:06 | (Déjà vu) Bitdefender release free DarkSide ransomware decryptor (lien direct) | Bitdefender, a Romanian cybersecurity firm, has released a free DarkSide ransomware decryptor which allows victims to recover their stole files without the need to pay a ransom. DarkSide is a ransomware that has been targeting organisations since August 2020 and since then has received a number of payouts, with a spike in its usage between […] | Ransomware | ||
|
2021-01-11 15:29:16 | Creating a culture of cybersecurity and tech innovation (lien direct) | Cloud native technologies have the potential to truly change the way we access and secure applications, but the success of this relies on the people and processes in place to handle the roll out of these technologies. This requires appropriate leadership, and decision makers within an organisation who demonstrate robust cloud security leadership are more […] | Guideline | ||
|
2021-01-11 13:54:16 | Russian Hacker sentenced to 12-Years for International Hacking Campaign (lien direct) | 37-year-old Russian Hacker, Andrei Tyurin was sentenced to 12 years in prison for the theft of personal information from several financial institutions, brokerage firms, financial news publishers and other large American companies. Among these was J.P. Morgan, which, as a result, suffered one of the largest thefts of U.S. customer data. More than 80 million […] | |||
|
2021-01-11 12:55:17 | Data stolen from New Zealand\'s Central Bank following hack (lien direct) | New Zeland’s central bank, The Reserve Bank of New Zealand, has recently been hacked, with both personally and commercially sensitive information being stolen in the hack. News of the hack was first revealed on Sunday, and it has been reported that it was due to the breach of a third-party file sharing service which the […] | Hack | ||
|
2021-01-11 12:20:44 | Google\'s Titan security key can be cloned (lien direct) | Researchers at NinjaLab have discovered a vulnerability in Google’s Titan physical security key which means it can be cloned. The vulnerability leaves the key exposed to hackers who can gain access to users accounts without the key’s owner being aware. Physical two-factor authentication security keys, such as Titan, are known to be the strongest form […] | Vulnerability | ||
|
2021-01-11 11:50:54 | Parler suspended from Google\'s Play Store and dropped by Amazon (lien direct) | The “free speech” social networking app Parler has been suspended from Google’s Play Store after it failed to delete “egregious content”. The app has also dropped offline after losing support from Amazon Web Services (AWS). Parler states that they are an “unbiased” social media platform, and is popular among those who have been removed from […] | ★★ | ||
|
2021-01-08 13:29:51 | Trump\'s former cybersecurity chief hired by SolarWinds (lien direct) | SolarWinds, the technology company that recently experienced a significant cyber-attack has hired Chris Krebs to deal with the fallout from the hack. Chris Krebs was Trump’s former cybersecurity chief and has been hired by SolarWinds as an independent consultant. Krebs was head of the U.S. Cybersecurity Infrastructure and Security Agency (CISA), which alongside the FBI […] | ★★★ | ||
|
2021-01-08 13:02:56 | Aurora Cannabis files sold on the dark web (lien direct) | A hacker is currently selling Aurora Cannabis files, which were stored during a breach on Christmas day. Aurora Cannabis is a large Canadian cannabis production company, who operate a number of medical and consumer cannabis brands, such as CanniMed, San Rafael, Woodstock, MedRelease and Whistler Medical Marijuana Corp. The hacker who is selling the stolen […] | |||
|
2021-01-07 16:26:09 | Hackney Council documents stolen in ransomware attack (lien direct) | Following a cyberattack in October, it appears that personal details of Hackney Council residents and staff members have been published on the dark web. The data posted online was “limited and “not visible through search engines” according to experts. Officials are continuing to work with the UK National Cyber Security Centre and National Crime Agency […] | Ransomware | ||
|
2021-01-07 16:16:08 | JetBrains deny SolarWinds involvement (lien direct) | The software development firm JetBrains has published a statement denying allegations from publications such as the Wall Street Journal and the New York Times which claimed that JetBrains were under investigation for their possible involvement in the SolarWinds hack. The report which cited government sources stated that US officials are investigating a situation in which […] | |||
|
2021-01-07 12:45:29 | British Airways to pay £3bn in breach settlement (lien direct) | British Airways customers were affected by two data breaches in 2018. Around 185,000 reward-booking customers were informed that their personal and financial information had been compromised between April and July 2019, while 380,000 app-based customers and website users had their details exposed in August and September 2018. As compensation for the breach, British Airways has […] | ★★ | ||
|
2021-01-07 11:07:01 | Service NSW government app down after outage (lien direct) | On Thursday the New South Wales government’s COVID-19 QR check-in app, Service NSW, was down for two hours after an outage. This left NSW residents unable to check in to local businesses using the app. The app is mandatory for businesses offering hospitality services. If they do not use the Service NSW app then they […] | |||
|
2021-01-06 12:54:47 | Google CAPTCHA broken by speech-to-text AI (lien direct) | CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart, and it is used to stop bots signing in or registering for accounts, as only humans can solve the tests. However, new AI is being developed to allow computers to correctly complete CAPTCHAs, as the AI is now able to complete […] | |||
|
2021-01-06 12:51:18 | Tokyo Olympics train ethical hackers to protect against cyber-attacks (lien direct) | Tokyo 2020 Olympic and Paralympic Games have trained a number of cybersecurity professionals in order to defend against potential cyber-attacks. It has been reported that 220 ethical hackers were trained by a programme led by the National Institute of Information and Communications Technology, with most of the experts coming from Japanese telecommunication companies. As part […] | |||
|
2021-01-06 12:47:40 | New phishing scam impersonates government officials (lien direct) | On Tuesday the police released a warning to members of the public of a new phishing scam where government officials are being impersonated. The scams have been ongoing since December 2020, with victims reporting that they have received text messages and phone calls claiming to be government agencies. These messages would alert the recipient that […] | |||
|
2021-01-06 12:44:19 | Russia possibly behind government agency hacks (lien direct) | On Tuesday the office of the U.S. Director of National Intelligence said that it is “likely” that Russias are behind a number of hacks that took place last month where hackers gained access to federal agencies. The office, as well as the National Security Agency, Cybersecurity and Infrastructure Security Agency, and FBI, shared in a […] | |||
|
2021-01-04 16:16:41 | Putting security first – a case study (lien direct) | NHS Management provides administrative and consulting services for over 50 individual healthcare facilities and companies across four states in the US southeast region. Naturally, quality of care is the number one priority, as is protecting patient data in such a highly regulated environment and no compromises between the two can be made. Stephen Locke, CIO […] | ★★★★★ | ||
|
2021-01-04 12:38:00 | Ticketmaster fined $10m for hacking their competitor (lien direct) | Ticketmaster has just received a $10 million fine after one of their staff admitted to hacking into their competitor’s systems in order to affect their presale ticket business. It has been reported that a Ticketmaster employee repeatedly infiltrated their competitor’s computers in order to restrict their presale ticket business. It appears that a former employee […] | |||
|
2021-01-04 12:25:19 | (Déjà vu) Hacker sells 368.8 million stolen user records on the dark web (lien direct) | A data breach broker has stolen the user records from twenty-six companies and is selling them on a hacker forum. Last Friday the hacker began to sell the 368.8 million stolen records on a hacker forum, with prices ranging from $1,800 to $4,000 depending on the company that the data was stolen from. Eight of […] | Data Breach | ||
|
2021-01-04 12:15:08 | Customers\' call records access in T-Mobile breach (lien direct) | In December T-Mobile suffered a security breach which could have possibly exposed customers’ phone numbers and call-related information. Fortunately, T-Mobile confirmed that only 0.2 per cent of their users were affected and that the information exposed in the breach did not include customers’ names, financial data, credit card information, tax IDs, PINs, addresses or Social […] |
To see everything:
Our RSS (filtrered)
