What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-06-29 10:54:29 | University of California Paid Cybercriminals a £1 Million Ransom (lien direct) | The University of California, San Francisco (UCSF) says it paid cybercriminals $1.14 million (£1 million) to decrypt a “limited number of servers” in its School of Medicine that was hit by Netwalker ransomware earlier this month. The University – which has 10 campuses around California - was hit by the ransomware attack on June 1. It […] | Ransomware | ||
|
2020-06-29 10:46:12 | Office 365 users could be targeted with Coronavirus training resources (lien direct) | Threat actors are continuing to use Coronavirus lures and adapting their techniques to the current situation depending on the state of businesses in each region. In places where the Coronavirus is still spreading, cybercriminals use COVID-19 lures. In other regions where the pandemic is under control, they are targeting people returning to the workplace by […] | |||
|
2020-06-29 10:40:02 | “Golang” malware used to target Windows and Linux machines (lien direct) | Cyber-security researchers at Barracuda have identified a new variant of cryptominer malware called Golang, which is being used by China-based hackers to target both Windows and Linux machines. The new malware variant tries to mine Monero, an open-source cryptocurrency and researchers have spotted seven IP addresses linked to this it so far, all based out […] | Malware | ||
|
2020-06-26 11:36:59 | 26.8% of all crimes in Singapore last year were cybercrime (lien direct) | According to the Singapore Cyber Landscape 2019 report released Friday by the Cyber Security Agency of Singapore (CSA), cybercrime accounted for 26.8% of all crimes last year with e-commerce scams being the most popular. In 2018, there were a total of 6,215 cybercrime cases. Last year, this increased to 9,430 cases. Typically, victims of e-commerce […] | |||
|
2020-06-26 11:27:05 | Companies made to install compromised tax software (lien direct) | Two UK-based companies, a technology/software vendor as well as a major financial institution, have been forced by a Chinese bank to install tax software on their systems. However, the software was compromised with malware. “Discussions with our client revealed that [the malware] was part of their bank’s required tax software,” Trustwave said today. “They informed […] | |||
|
2020-06-26 11:21:35 | (Déjà vu) Biggest PPS DDoS attack on European Bank (lien direct) | A European bank has fallen victim to a huge distributed denial-of-service (DDoS) attack that sent to its networking gear a flood of 809 million packets per second (PPS). This attack is potentially the largest one to have ever occurred with a relatively small footprint of just 418Gbps. DDoS attack differentiates depending on the method used. […] | |||
|
2020-06-26 11:16:41 | Coronavirus training resources used as a phishing ploy (lien direct) | Coronavirus training resources are being used as a phishing ploy as COVID-19 restrictions lift and employees begin returning to the workplace. This phishing campaign leverages new training programs that are required for employees to undertake, in order to comply with coronavirus regulations. Specifically, the campaign targets Office 365 users and sends a fraudulent link for […] | |||
|
2020-06-26 10:29:22 | Boston bans use of facial recognition technology (lien direct) | Following San Francisco, Boston is now the second-largest city in the world to ban the use of facial recognition technology by police and city agencies, as well as the procurement of facial surveillance from a third party. This was determined on Wednesday, with a veto-proof majority and is with Mayor Martin J. Walsh who will […] | |||
|
2020-06-26 10:15:17 | LG Electronics Fall Victim to Ransomware Attack (lien direct) | South Korean multinational LG Electronics have supposedly had their website breached and locked by Maze ransomware operators. No details about this attack have been released as of yet, but the cyber criminals claim to have stolen proprietary information for projects involving big US companies. If their ransom demands are not met, or contact with the […] | Ransomware | ||
|
2020-06-25 10:02:32 | (Déjà vu) $50K+ rewards for PlayStation bug bounty program (lien direct) | Sony today announced the launch of a public PlayStation bug bounty program to pay security researchers and gamers for security vulnerabilities found in PlayStation 4 devices, the PlayStation Network domains. According to the company’s new PlayStation bug bounty program (aka Vulnerability Disclosure Program) hosted on HackerOne, Sony wants the research community to report any issues found in […] | |||
|
2020-06-25 09:58:42 | 67% of malware in Q1 2020 delivered via encrypted HTTPS connections (lien direct) | 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. These findings show that without HTTPS inspection of encrypted traffic and advanced behavior-based threat detection and response, organizations are missing up to […] | Malware Threat | ||
|
2020-06-25 09:31:08 | Google will automatically delete data it collect on users (lien direct) | Google is changing its default settings to automatically delete some of the data it collects about users. Web and app activity, including a log of website searches and pages visited, as well as location data, will now be wiped after 18 months. YouTube histories – including which clips were watched and for how long – […] | |||
|
2020-06-25 09:26:36 | FBI warns K12 schools of ransomware threats (lien direct) | The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools that “cyber actors […] | Ransomware | ||
|
2020-06-25 09:22:42 | Data Stolen from Business Consulting Firm now found for Sale on Hacker Forum (lien direct) | Business consulting firm Frost & Sullivan Inc. has suffered a data breach and data stolen from the firm appeared for sale on a hacker forum. The Mountain View, California-based company has a global presence with 40 offices across six continents. It offers services such as market research, analysis, growth strategy consulting and corporate training. The data […] | Data Breach | ||
|
2020-06-25 09:00:54 | NCSC receives reports of a million phishing emails (lien direct) | The National Cyber Security Centre (NCSC) has received the millionth submission to its Suspicious Email Reporting Service, just two months after it first launched in the face of a surge in spam and phishing attacks at the height of the first wave of the UK's Covid-19 coronavirus outbreak. The NCSC said that besides Covid-19-related lures, more than 10,000 […] | Spam | ||
|
2020-06-24 12:36:17 | Songs of Solidarity (lien direct) | You may have never heard the name before, but Osman Kavla is one of Turkey's most celebrated activists and philanthropists. Osman Kavala is a person who is sensitive to international challenges and has tirelessly worked to bring people with different perspectives together in dialogue to address local and international conflicts. This dialogue both lays a […] | |||
|
2020-06-24 10:24:38 | Less than 1 in 3 Americans are Concerned about Data Security (lien direct) | Less than one in three Americans are concerned about their data security while working from home despite a 400% rise in cyber attacks during the pandemic, according to a new report from Unisys. Mathew Newfield, the chief information security officer of Unisys, said the Unisys Security Index Report found for the first time since 2010, internet […] | |||
|
2020-06-24 10:20:46 | New Technique Overcomes Voice Spoofing Attacks (lien direct) | Researchers from CSIRO's Data61 have developed a new technique to protect consumers from voice spoofing attacks. Fraudsters can record a person's voice for voice assistants like Amazon Alexa or Google Assistant and replay it to impersonate that individual. They can also stitch samples together to mimic a person's voice in order to spoof, or trick third parties. […] | |||
|
2020-06-24 10:15:41 | Police Comedy TV Show Riskiest to Watch Online (lien direct) | An American police procedural comedy television show has topped the list of most dangerous TV titles for US citizens to watch online. New research published today by global security software company McAfee revealed the web-based entertainment options most commonly targeted with malware by cyber-criminals. McAfee analyzed more than 100 of the most popular TV and movie titles available on […] | Malware | ||
|
2020-06-24 10:10:59 | Hakbit Ransomware Delivered Via Malicious Excel Attachments (lien direct) | A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial, business service, retail, and healthcare sectors. Low-volume style campaigns, sometimes called snowshoe spam attacks, use […] | Ransomware Spam | ||
|
2020-06-24 10:05:43 | Twitter bans DDoSecrets following \'BlueLeaks\' (lien direct) | A Twitter spokesperson has told ZDNet today that they’ve permanently suspended the @DDoSecrets Twitter account for violating its policy about the distribution of hacked data after the account shared links to hacked data stolen from US law enforcement agencies. Prior to the ban, enforced earlier today, the DDoSecrets account belonged to an activist group going […] | |||
|
2020-06-24 10:01:16 | EasyJet Faces Group Class Action (lien direct) | According to reports, more than 10,000 people have joined a group class action against easyJet after personal details of nine million customers were breached in the recent cyber attack. LAW firm PGMBM is leading the case against the budget carrier after filing papers last month with the sheer amount of customers from more than 50 […] | Guideline | ||
|
2020-06-23 11:37:28 | 41% of Irish businesses suffer cyber attack (lien direct) | A new report reveals that 41% of Irish firms experienced at least one cyber attack event in a six month period from September 2019 to February 2020. This is among the findings of a study of 5,569 companies across eight countries that was commissioned by insurer Hiscox, which includes Irish data for the first time. […] | |||
|
2020-06-23 11:20:24 | Alleged Breach of COVID Test Results in Indonesia (lien direct) | An alleged breach of COVID-19 test result data is being investigated by authorities in Indonesia. Concerns over a possible breach were raised after a hacker tried to sell what they claimed was the personal information of hundreds of thousands of people who had been tested for the novel coronavirus in Indonesia on an online forum. […] | |||
|
2020-06-23 11:11:03 | AMD to Offer Fixes to Severe Vulnerabilities (lien direct) | AMD has fixed one high-severity vulnerability affecting its client and embedded processors; fixes for the other two will come out later in June. Three high-severity vulnerabilities have been disclosed in AMD's client and embedded processors that came out between 2016 and 2019. An attacker with physical or privileged access to certain AMD powered systems could […] | Vulnerability | ||
|
2020-06-23 11:04:18 | (Déjà vu) Indiabulls Group hit with a Cyberattack (lien direct) | Indian conglomerate Indiabulls Group has allegedly been hit with a cyberattack from the CLOP Ransomware operators who have leaked screenshots of stolen data. The Indiabulls Group is an Indian conglomerate with $3.5 billion in revenue (2019), over 19,000 employees, and subsidiaries focusing on housing, personal finance and lending, infrastructure, and pharmaceuticals. “The Indiabulls Group is a […] | Ransomware | ||
|
2020-06-23 10:59:11 | Worry over Cyber Threats when Working from Home (lien direct) | IBM Security released findings from a study focused on the behaviours and security risks of those new to working from home (WFH) during the COVID-19 pandemic. The study shows more than 80% of respondents either rarely worked from home or not at all prior to the pandemic, and, in turn, more than half are now doing […] | |||
|
2020-06-22 10:55:04 | \'BlueLeaks\' Exposes Files from Hundreds of Police Departments (lien direct) | Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection - nearly 270 […] | |||
|
2020-06-22 10:53:49 | 54% rise in gaming-related cyber attacks recorded in April (lien direct) | As lockdown and isolation measures were enacted across the world in response to the global COVID-19 pandemic, engagement in at-home entertainment activities predictably skyrocketed – gaming, in particular, saw massive increases in user engagement. Kaspersky noticed this trend, and upon investigation, unsurprisingly found many instances of cyber attackers exploiting this increased engagement in video games: […] | |||
|
2020-06-22 10:52:30 | Do you reuse passwords and write them down for financial accounts? You\'re not alone! Britain is in need of cyber security education, say experts (lien direct) | Cyber security experts warn some of the country is in need of online password education after a survey revealed more than a quarter of Britons reuse up to five passwords across all their financial accounts and one in five admitted to writing them down. SOURCE: This Is Money | |||
|
2020-06-22 10:51:20 | Ransomware operators lurk on your network after their attack (lien direct) | When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over […] | Ransomware Threat | ||
|
2020-06-22 10:49:51 | CSIRO\'s Data61 develops voice detection technique to prevent voice spoofing attacks (lien direct) | The Commonwealth Scientific and Industrial Research Organisation’s (CSIRO) Data61, together with Samsung Research and South Korea’s Sungkyunkwan University, have developed a solution to protect consumers from voice spoofing attacks. The Voice liveness detection (Void) has been designed to be embedded in a smartphone or a voice assistance software to identify the difference between a live […] | |||
|
2020-06-22 10:48:39 | Privacy and security concerns related to patient data in the cloud (lien direct) | The Cloud Security Alliance has released a report examining privacy and security of patient data in the cloud. In the wake of COVID-19, health delivery organizations (HDOs) have quickly increased their utilization of telehealth capabilities (i.e., remote patient monitoring (RPM) and telemedicine) to treat patients in their homes. These technology solutions allow for the delivery […] | |||
|
2020-06-19 10:36:38 | North Korean state hackers reportedly planning COVID-19 phishing campaign targeting 5M across six nations (lien direct) | Singapore, Japan, and the US are amongst six nations reportedly targeted in a COVID-19 themed phishing campaign that is scheduled to take place June 21. North Korean state hacker group Lazarus are said to be behind the massive attack that will see more than 5 million businesses and individuals receiving phishing email messages from spoofed […] | APT 38 | ||
|
2020-06-19 10:35:35 | InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership (lien direct) | The InvisiMole threat group has resurfaced in a new campaign, revealing a new toolset and a strategic collaboration with the high-profile Gamaredon advanced persistent threat (APT) group. InvisiMole was first uncovered by ESET in 2018, with cyberespionage activity dating back to 2013 in operations in Ukraine and Russia. More recently, from late 2019 until at least this month, […] | Threat | ||
|
2020-06-19 10:34:24 | BofA Phish Gets Around DMARC, Other Email Protections (lien direct) | A credential-phishing attempt that relies on impersonating Bank of America has emerged in the U.S. this month, with emails that get around secure gateway protections and heavy-hitting protections like DMARC. The campaign involves emails that ask recipients to update their email addresses, warning users that their accounts could be recycled if this isn't done. “The […] | |||
|
2020-06-19 10:32:54 | Wells Fargo phishing baits customers with calendar invites (lien direct) | Wells Fargo customers are being targeted by a phishing campaign impersonating the Wells Fargo Security Team and luring potential victims to phishing pages with the help of calendar invites. Wells Fargo is a multinational financial services (banking, investment, and mortgage) provider with roughly 263,000 employees in 7,400 locations in 31 countries and territories. It serves one-third […] | |||
|
2020-06-15 14:33:55 | Tweet Chat: The Human factor in Security (lien direct) | In our first-ever IT Security Guru Tweet Chat, we were joined by Javvad Malik, Dr. Jessica Barker, Mo Amin, Ed Tucker and Lisa Forte as they debated the human factor in security. These leading figures from within the cybersecurity community, whom have a wealth of experience and are best placed to talk about the importance […] | Guideline | ||
|
2020-06-15 11:35:39 | (Déjà vu) Cybercriminals are quick to find exposed Elasticsearch servers (lien direct) | Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. For the duration of the experiment, a honeypot with a fake database recorded more than 150 unauthorized requests, the first one occurring less […] | Threat | ★★ | |
|
2020-06-15 11:29:15 | (Déjà vu) Home Router Left Unpatched and Exposed to Severe Security Bugs (lien direct) | D-Link has released a firmware update to fix three out of six security vulnerabilities reported for the DIR-865L wireless router model for consumers. One flaw is rated critical, others are high-severity. Attackers can use the bugs to execute arbitrary commands, steal sensitive information, upload malware, or delete data. D-Link's DIR-865L was released in 2012 and […] | ★★ | ||
|
2020-06-15 11:23:42 | UK government investing £10 million in Cybersecurity Programme (lien direct) | The government will provide £10 million over four years “to develop groundbreaking cybersecurity technologies,” as part of its commitment to increase investment in R&D to 2.4 percent of GDP by 2027, Digital Secretary Oliver Dowden announced. Nine winning research teams share the £10 million investment under the government's Digital Security by Design programme, which aims […] | |||
|
2020-06-15 10:59:22 | Intersport, Claire\'s, and Icing Victim of Magecart attacks (lien direct) | Hacker groups that engage in web skimming (also known as Magecart) attacks have breached the web stores of two of the world’s biggest retail chains — accessories store Claire’s and sporting goods retailer Intersport. According to reports published today by security firms Sanguine Security and ESET, hackers breached the two companies’ websites and hid malicious […] | |||
|
2020-06-12 12:39:17 | (Déjà vu) Snake Ransomware Attack that targeted Honda has now targeted Enel Group (lien direct) | European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS (SNAKE) ransomware operators, the group that also targeted Honda earlier this week. Enel Group confirmed for BleepingComputer that its internal IT network was disrupted on Sunday evening […] | Ransomware | ||
|
2020-06-12 12:29:58 | Twitter bans 32k accounts pushing propaganda (lien direct) | Social networking giant Twitter disclosed today three new state-linked information operations that have been taking place on its platform this year. As a result of its investigation, Twitter said it banned and removed 32,242 accounts that were part of networks operated out of China, Russia, and Turkey, all three pushing local political agendas and narratives, and associated […] | |||
|
2020-06-12 12:24:43 | (Déjà vu) Ransomware Attack Leads City of Knoxville to Shut Down Network (lien direct) | The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in […] | Ransomware | ||
|
2020-06-12 12:17:52 | (Déjà vu) Insurance firm discloses data breach (lien direct) | Fortune 500 insurance holding company Genworth Financial disclosed a data breach after an unauthorized party gained access to insurance agents’ online accounts using compromised login credentials. The U.S. mortgage and long term care insurer had revenue of $8,6 billion during the last fiscal year and it reached a deal with China Oceanwide Holdings Group that […] | Data Breach | APT 32 | |
|
2020-06-11 10:56:03 | Malware Functions Bundled in Encryption Utility Product (lien direct) | The increasingly prevalent GuLoader malware has been traced back to a far-reaching encryption service that attempts to pass as above-board. An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the cloud-delivered malicious GuLoader dropper, claim researchers. The tool, according a recent investigation, creates GuLoader […] | Malware | ||
|
2020-06-11 10:48:56 | Wire Tapping Devices Found Connected to Slovak Government Network (lien direct) | Slovak authorities have arrested four suspects on Tuesday as part of an investigation into a series of suspicious devices found connected to the government’s official IT network. According to local news site Aktuality, the equipment is believed to have been used for wiretapping purposes and would have allowed threat actors to intercept both internet and telephony […] | Threat | ||
|
2020-06-11 10:30:36 | Cryptomining Gang Hijacking ML-focused Kubernetes Clusters (lien direct) | Microsoft has published a report today detailing a never-before-seen series of attacks against Kubeflow, a toolkit for running machine learning (ML) operations on top of Kubernetes clusters. The attacks have been going on since April this year, and Microsoft says its end-goal has been to install a cryptocurrency miner on Kubernetes clusters running Kubeflow instances […] | Uber | ||
|
2020-06-11 10:22:29 | (Déjà vu) Ransomware Auto-Spreads to Windows devices (lien direct) | The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. Thanos first began private distribution at the end of October 2019, but it was not until January 2020 when victims seeking help for […] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
