What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-21 11:15:26 | Cisco bug opens software to attack (lien direct) | A default password would let anyone access the Cisco Smart Software Manager On-Prem Base platform, even if it's not directly connected to the internet. A critical flaw in the High Availability (HA) service of Cisco Smart Software Manager On-Prem Base has been uncovered, which would open the door to remote attackers thanks to its use […] | |||
|
2020-02-21 11:14:26 | Crypto scam on hacked Youtube channel (lien direct) | Neebs Gaming, a highly popular YouTube gaming channel boasting of 1.88 million subscribers, was hacked over the weekend by unidentified crypto scammers, who changed its name and banner to Coinbase Pro to collect Bitcoin from its viewers/subscribers. Source: HackRead | |||
|
2020-02-21 11:11:05 | White House communications data hack (lien direct) | The US Department of Defence confirmed that computer systems controlled by the Defence Information Systems Agency (DISA) had been hacked, exposing the personal data of about 200,000 people.The agency oversees military communications including calls for US President Donald Trump. The data exposed included names and social security numbers. Source: BBC | Hack | ||
|
2020-02-21 11:10:29 | IE vulnerability patched by Microsoft (lien direct) | Microsoft issued a patch for an Internet Explorer scripting engine memory corruption vulnerability that could lead remote code execution and that has been detected in the wild. The vulnerability, CVE-2020-0674, carries a CVSS rating of 7.5 and since it has been detected being abused in the wild requires users to update their systems as soon […] | Vulnerability Guideline | ||
|
2020-02-21 11:09:27 | ISS World hit by ransomware attack (lien direct) | With 500,000 staff, making it one of the world's largest private sector employers, ISS has operations in over 60 countries around the world. It provides building maintenance, janitorial services, office supplies, physical building security, catering and facilities management services to a large roster of enterprise clients. It makes revenues of approximately DKK75bn (£8.4bn) per annum. […] | Ransomware | ||
|
2020-02-20 15:45:19 | Apply Now For The Hottest Cybersecurity Startup Accelerator Programme (lien direct) | With cyber threats in continuous evolution, now more than ever do we need new ideas, new products, new protective measures to defend individuals and organisations, public and private, from cyber attacks. To help academics commercialise their ideas, CyberASAP (Cybersecurity Academic Startup Accelerator Project), funded by DCMS in collaboration with Innovate UK & KTN, has created […] | |||
|
2020-02-20 11:03:28 | Login details exposed in password reuse attacks (lien direct) | An IT security firm has recovered 9,050,064,764 login credentials in possession by cybercriminals from over 640 data breaches involving emails and usernames secured using plaintext passwords. Password reuse, improper hashing, misconfigured servers, and the use of common weak passwords and common phrases were the main reasons which led to the compromise of users' accounts. Source: […] | |||
|
2020-02-20 11:02:22 | Emotet text message malware spreads (lien direct) | A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. Attackers are sending SMS messages purporting to be from victims' banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and […] | Malware | ||
|
2020-02-20 11:01:38 | HHS report 30+ data breaches affecting one million people in 2020 (lien direct) | Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care entities in the first month and a half of 2020. Although a few reported breaches involved theft or improper […] | |||
|
2020-02-20 11:00:29 | Private data vulnerable as 2,000 UK Government devices stolen (lien direct) | The data provided is clearly showing that the UK should be doing a lot more now when securing data. A shocking find from this data was that at least 1,474 devices were reported as being lost; 347 as stolen; and 183 were unknown. Of these devices, just 249 were recovered. Steve Beeching, managing director of […] | |||
|
2020-02-20 10:59:16 | (Déjà vu) MGM hotel guests face data leak (lien direct) | The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the […] | |||
|
2020-02-20 10:45:24 | RSA 2020 – what are they talking about? (lien direct) | With one of the most anticipated cybersecurity events of the year just around the corner, we thought to help you navigate around the 700 exhibiting vendors we'd highlight some of what a handful of those companies will be talking at the show. 'The Human Element' is the theme of RSA Conference 2020, but there is also […] | |||
|
2020-02-19 16:01:06 | Ransomware attack hits American energy plant (lien direct) | The American Cybersecurity and Infrastructure Security Agency (CISA) has announced that an American critical infrastructure operation has been affected by ransomware attacks. The attack was caused by a Spearphishing technique that targeted workers of a natural gas compression facility. The ransomware encrypted the plant's IT and OT networks causing a partial loss of view for […] | Ransomware | ||
|
2020-02-19 11:35:04 | Report claims Coronavirus malware increasing (lien direct) | While the number of people affected by the coronavirus is climbing daily, it’s another form of virus that has analysts worried elsewhere. Coronavirus-themed malware is starting to spread, according to a report by cybersecurity software company Check Point. Several spam campaigns thematically linked to the global epidemic have emerged since the outbreak of the coronavirus […] | Spam Malware | ||
|
2020-02-19 11:34:01 | Google Adsense Hit by Bitcoin Ransomware (lien direct) | A new email-based form of crypto ransomware is targeting website owners using banners from Google's AdSense program. According to the report by KrebsonSecurity, the scam involves criminals threatening site owners with a flood of bot and junk traffic to trigger Google's automated anti-fraud system, leading the suspension of their AdSense account for suspicious traffic. In […] | Ransomware Guideline | ||
|
2020-02-19 11:32:59 | (Déjà vu) Gambling Companies Hit by DRBControl (lien direct) | An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named “DRBControl” by security researchers, the group uses malware not publicly reported before. The mission appears to be cyberespionage, stealing databases and source code from the targets being part […] | Malware Threat | ||
|
2020-02-19 11:30:27 | (Déjà vu) Italian Windows Users Hit by Dharma Ransomware Spam (lien direct) | Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The Dharma Ransomware has been active for many years and is based on another ransomware family called Crysis. It is not common, though, to see this ransomware family distributed through malspam as it is more commonly installed via […] | Ransomware Spam | ||
|
2020-02-19 11:29:46 | Two Day Ransomware Attack on Gas Compressor (lien direct) | A recent ransomware attack caused a U.S. natural gas compressor facility to shut for two days, the latest in a string of attacks targeting the country's energy infrastructure over the past few years. Hackers sent emails with a malicious link to gain control of the facility's information technology system, the Department of Homeland Security […] | Ransomware | ||
|
2020-02-18 16:26:30 | First Application Security Testing Solution to Analyse Open Source and Proprietary Code on the Developer\'s Desktop (lien direct) | The increasing pace of development is shifting the responsibility for application security left, all the way onto the developer's desktop. But dealing with security issues detected in downstream builds and tests can be very disruptive. By the time defects are reported, developers have moved on to their next tasks. To remediate a problem, they have […] | |||
|
2020-02-18 10:34:08 | \'Adwind RAT\' malware campaign hits Turkish businesses (lien direct) | At least 80 companies based in Turkey have been dealing with an ongoing threat that is constantly evolving to become more persistent and dangerous. This massive phishing campaign was given the name “The Turkish Rat” by Sophos and Talos researchers, who have been following it for a while. Researchers from Check Point now report that […] | Malware Threat | ||
|
2020-02-18 10:32:36 | (Déjà vu) Coronavirus phishing alert issued by World Health Organization (lien direct) | The World Health Organization (WHO) warns of ongoing Coronavirus-themed phishing attacks that impersonate the organization with the end goal of stealing information and delivering malware. “Criminals are disguising themselves as WHO to steal money or sensitive information,” the United Nations agency says in the Coronavirus scam alert. Source: Bleeping Computer | |||
|
2020-02-18 10:31:15 | vpnMentor discover PhotoSquared data leak (lien direct) | Researchers have discovered that a popular photo app leaked the personal data and images of thousands of customers as a result of an unsecured Amazon Web Services (AWS) storage bucket. The discovery was made by vpnMentor whose researchers found that a misconfigured S3 database belonging to the company PhotoSquared, which creates printed photo boards from […] | |||
|
2020-02-18 10:28:13 | New report warns of Android malware (lien direct) | Android smartphone owners must be getting pretty used to the daily warnings about malware-filled apps and device-infecting adware. Threats continue to arrive thick and fast but the latest alert could be one the most concerning to date. A new report from the team at Malwarebytes has uncovered a new attack which is able to reinfect […] | Malware | ||
|
2020-02-18 10:26:49 | (Déjà vu) Israeli soldiers catfished by hacking group (lien direct) | A hacking group compromised mobile phones belonging to soldiers in the Israel Defence Forces (IDF) using pics of young girls and directing them to download malware disguised as chat apps. Behind this endeavour is an actor identified as APT-C-23, known for cyberattacks in the Middle East and associated with the Hamas militant group. Source: Bleeping […] | Malware | APT-C-23 | |
|
2020-02-17 10:25:51 | Second Likud Party app voter data leak (lien direct) | A second and more serious data breach has been uncovered in the Elector firm's election software that Likud has been using in its Knesset campaign, as reported by the Calcalist business daily on Sunday. Both hacking incidents, which occurred within a week of one another, involved the leak of the entire registry of Israeli voters […] | Data Breach | ||
|
2020-02-17 10:24:34 | 144K Canadians\' personal information breached by federal entities (lien direct) | A handful of Canadian government departments and agencies have reportedly compromised the personal information of 144,000 individuals across 7,992 breaches experienced over the past two years. As reported by the Canadian Broadcasting Corporation (CBC), the Canadian government revealed the information in an answer to an order paper question filed by Conservative MP Dean Allison late […] | |||
|
2020-02-17 10:21:35 | Olympics and FC Barcelona Twitter accounts hacked (lien direct) | The official Twitter accounts for the Olympics and FC Barcelona were hacked Saturday by the same group responsible for years of other prominent Twitter account hacks. A Twitter spokesperson confirmed to Business Insider that both the Olympics and FC Barcelona accounts were hacked by a group called OurMine and through a “third-party platform.” Source: Business […] | |||
|
2020-02-17 10:20:29 | VPN servers hit by Iranian hackers (lien direct) | 2019 will be remembered as the year when major security bugs were disclosed in a large number of enterprise VPN servers, such as those sold by Pulse Secure, Palo Alto Networks, Fortinet, and Citrix. A new report published today reveals that Iran’s government-backed hacking units have made a top priority last year to exploit VPN […] | |||
|
2020-02-17 10:19:14 | Coronavirus misinformation smishing increases in South Korea (lien direct) | The South Korean government has warned the public of a sharp rise in smishing attempts — scam text messages — that use misinformation about the novel coronavirus outbreak. As of February 15, 9,688 smishing texts had been sent that used false information on the novel coronavirus, the Ministry of Science and ICT, South Korean police, […] | |||
|
2020-02-14 10:29:59 | Students\' Data left Unprotected by International Education Body (lien direct) | The Institute of International Education (IIE), a century-old educational organisation that operates numerous leading international scholarship and fellowship programmes across multiple countries, was detected to have left sections of its database unprotected and open to public search. The vulnerable database was detected by security researcher Bob Diachenko, who found the databases indexed in public domain on […] | Guideline | ||
|
2020-02-14 10:26:57 | Third-Party Bot Exposes Thousands of Instagram Accounts (lien direct) | An Instagram password leak that has exposed about 10,000 scraped user accounts stems from a popular “bot” app used to automatically grow a following on the platform. The app SocialCaptain stored Instagram usernames and passwords in plaintext, visible by viewing the source code of the app's profile page. Source: CPO Magazine | |||
|
2020-02-14 10:22:17 | Loda RAT phishing Campaign Targets Americas (lien direct) | Researchers have observed a new malware campaign that's been targeting the U.S., Argentina, Brazil and Costa Rica with an updated variant of the Loda RAT remote access trojan. In a company blog post on Wednesday, Cisco Talos said that since at least the last quarter of 2019, the campaign has been using malicious websites to host malicious documents that […] | Malware | ★★★★ | |
|
2020-02-14 10:21:14 | Malware Security Breach Disclosed by Rutter\'s (lien direct) | US store chain Rutter’s disclosed a security breach today. The company says hackers gained access to its stores’ network system and planted malware that collected payment card details as they were being processed. Stores in Pennsylvania and West Virginia were impacted, Rutter’s said today in a press release and a notice posted on its website. Source: ZD Net | Malware | ||
|
2020-02-13 10:27:34 | 1.7 million clients potentially affected by data breach, say Nedbank (lien direct) | Nedbank says it has investigated a data security issue that occurred at the premises of a third-party service provider, namely Computer Facilities – a direct marketing company that issues SMS and email marketing information on behalf of Nedbank and a number of other companies. A subset of the potentially compromised data at Computer Facilities included […] | |||
|
2020-02-13 10:25:27 | Puerto Rico allegedly scammed out of $2.6 million (lien direct) | SAN JUAN, Puerto Rico - Puerto Rico’s government has lost more than $2.6 million after falling for an email phishing scam, according to a senior official. The finance director of the island’s Industrial Development Company, Rubén Rivera, said in a complaint filed to police Wednesday that the agency sent the money to a fraudulent account. […] | |||
|
2020-02-13 10:24:34 | Cyberattack wave strikes Palestinian territories (lien direct) | A new cyberspying campaign has been detected in the Middle East which is going after victims in Palestinian territories. An investigation into the attacks, conducted by the Cybereason Nocturnus team and made public on Thursday, suggests that one of the Gaza Cybergang groups — also known as MoleRATs — is potentially responsible. Source: ZD Net | |||
|
2020-02-13 10:23:18 | (Déjà vu) Exchange Admins urged by Microsoft to Disable SMBv1 (lien direct) | Microsoft is advising administrators to disable the SMBv1 network communication protocol on Exchange servers to provide better protection against malware threats and attacks. Since 2016, Microsoft has been recommending that administrators remove support for SMBv1 on their network as it does not contain additional security enhancements added to later versions of the SMB protocol. Source: […] | Malware | ||
|
2020-02-12 16:27:44 | Estee Lauder Breach: What Do The Experts Think? (lien direct) | Corin Imai, senior security advisor at DomainTools: “Cybercriminal operations thrive off the kind of data that this database left exposed: sensitive personal identifiable information can be sold online and exploited in all sorts of subsequent campaigns. Fortunately, security researchers promptly brought the misconfiguration to the attention of Estee Lauder, who quickly secured the database. Although there […] | |||
|
2020-02-12 12:20:10 | The Impact of Security Automation on Hiring Trends (lien direct) | Compiling data drawn from surveys sent out to more than a thousand IT and IT security practitioners within the UK and US, the Ponemon Institute, in collaboration with DomainTools, have recently published their insights in the report titled “Staffing the IT Security Function in the Age of Automation”. Will automation shrink IT security functions’ headcount? […] | |||
|
2020-02-12 10:19:37 | Ransomware set to target cloud services (lien direct) | As businesses' daily operations become more dependent on cloud services, ransomware authors will follow to maximize profits. The good news: Many of the best practices for physical servers also apply to the cloud. Ransomware is now a billion-dollar enterprise for cybercriminals, and - as in any industry - it has evolved over time to become […] | Ransomware | ||
|
2020-02-12 10:18:45 | Malware now attacking Apple OSX computers twice as much as PCs (lien direct) | Mac laptops and desktops running OSX have a reputation as being virus- and malware-free, but as Apple’s market share increases, cybercriminals are beginning to focus their efforts on OSX machines, according to a recent report by Malwarebytes. The State of Malware 2020 report is a deep dive into what this anti-malware company has found on computers and […] | Malware | ||
|
2020-02-12 10:15:49 | (Déjà vu) New phishing campaign uses Amex and Chase fraud protection emails as bait (lien direct) | A very clever phishing campaign is underway that pretends to be fraud protection emails from American Express and Chase that ask you to confirm if the listed credit card transactions are legitimate. If you have credit cards and commonly use them, you may have received emails in the past asking you to confirm if a particular […] | |||
|
2020-02-12 10:12:52 | 440 million Estée Lauder records exposed (lien direct) | The Estée Lauder Companies Inc. accidentally left over 440 million records publicly exposed after failing to password-protect a corporate database, according to a researcher who spotted the oversight. The misconfigured database was found to contain user emails in plain text, including those sent from internal email addresses; references to reports and internal documents; and IP […] | |||
|
2020-02-12 10:09:57 | Facebook account of Katie Price has been \'hacked\' (lien direct) | Katie Price has been forced to battle Facebook after hackers stole control of her account and changed it into a page for quotes and memes. The 41-year-old former glamour model has been locked out of her verified Katie Price account for weeks, and has accused mysterious repeat hackers of taking control of it for the third time. […] | |||
|
2020-02-11 12:14:13 | Most cybersecurity professionals feel overworked (lien direct) | New research has revealed 83 percent of IT security professionals feel more overworked going into 2020 than they were at the beginning of 2019, according to a Tripwire survey. The research, which was in partnership with Dimensional Research, examined how organisations and security pros are coping under the strains of the skills gap. Having surveyed […] | |||
|
2020-02-11 11:20:50 | Cybercriminals spread malware by using Coronavirus-themed emails (lien direct) | Criminal groups are exploiting fears over the recent novel coronavirus outbreak in an email phishing campaign directed at the global shipping industry, according to a report issued Monday by a California-based cybersecurity firm. Source: Global News | Malware | ||
|
2020-02-11 11:17:38 | Active PayPal Phishing Scam attacks SSNs (lien direct) | Phishing emails have been uncovered that request a full rundown of personal data – even asking for photos of passports. A recently uncovered phishing campaign, targeting PayPal users, pulls out all the stops and asks victims for the complete spectrum of personal data – even going so far as to ask for social security numbers […] | |||
|
2020-02-11 11:07:39 | (Déjà vu) Chinese Military charged by U.S. for Equifax Breach (lien direct) | The U.S. Department of Justice announced today that four members of the Chinese People's Liberation Army (PLA) 54th Research Institute were charged for hacking the credit reporting agency Equifax in 2017. On January 28, 2020, a federal grand jury in Atlanta returned an indictment alleging that Wu Zhiyong (吴志勇), Wang Qian (王乾), Xu Ke (许可), and Liu Lei (刘磊) broke […] | Equifax | ||
|
2020-02-11 11:02:05 | Accounts on Twitter and Instagram have been hacked (lien direct) | Facebook has been targeted by Saudi-based hacking collective OurMine after compromise of its Twitter and Instagram accounts. Red faces for security teams at both Twitter and Instagram, after the official accounts of Facebook and Messenger were briefly compromised on those platforms. Source: Silicon | |||
|
2020-02-11 10:21:23 | Where is the World of Cybersecurity Heading in 2020? (lien direct) | As we all know, the world of cybersecurity is an ever-evolving, fast-growing industry that can be tough to follow at times. For example, we have seen a rapid upsurge in the use of smart devices and with that, an increased risk of cyberattacks. This has not been limited to private households either. Rather, the logistics […] |
To see everything:
Our RSS (filtrered)
