Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-15 14:19:20 |
Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) |
Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] |
Malware
Threat
|
|
|
|
2021-04-13 09:04:11 |
Watch out for this W-2 phishing scam targeting the 2021 tax season (lien direct) |
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...] |
Threat
|
|
|
|
2021-04-09 14:52:36 |
Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (lien direct) |
Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. [...] |
Ransomware
Threat
Guideline
|
|
|
|
2021-04-09 13:55:00 |
Attackers deliver legal threats, IcedID malware via contact forms (lien direct) |
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] |
Malware
Threat
|
|
|
|
2021-04-07 17:18:42 |
VISA: Hackers increasingly using web shells to steal credit cards (lien direct) |
Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. [...] |
Threat
|
|
|
|
2021-04-07 16:06:13 |
REvil ransomware now changes password to auto-login in Safe Mode (lien direct) |
A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. [...] |
Ransomware
Threat
|
|
|
|
2021-04-07 11:36:59 |
Gigaset Android phones infected by malware via hacked update server (lien direct) |
Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] |
Malware
Threat
|
|
|
|
2021-04-06 18:00:33 |
Windows XP makes ransomware gangs work harder for their money (lien direct) |
A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago. [...] |
Ransomware
Threat
|
|
|
|
2021-04-06 09:00:00 |
Ongoing attacks are targeting unsecured mission-critical SAP apps (lien direct) |
Threat actors are targeting mission-critical SAP enterprise applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. [...] |
Threat
|
|
|
|
2021-04-02 13:04:37 |
FBI and CISA warn of state hackers attacking Fortinet FortiOS servers (lien direct) |
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. [...] |
Threat
|
|
|
|
2021-04-02 07:03:11 |
Ransomware gang wanted $40 million in Florida schools cyberattack (lien direct) |
Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. [...] |
Ransomware
Threat
|
|
|
|
2021-03-31 13:33:45 |
Google: North Korean hackers target security researchers again (lien direct) |
Google's Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts. [...] |
Threat
|
|
|
|
2021-03-31 12:31:49 |
Malware hidden in game cheats and mods used to target gamers (lien direct) |
Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] |
Malware
Threat
|
|
|
|
2021-03-29 03:32:59 |
PHP\'s Git server hacked to add backdoors to PHP source code (lien direct) |
In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [...] |
Threat
|
|
|
|
2021-03-19 11:11:09 |
Computer giant Acer hit by $50 million ransomware attack (lien direct) |
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. [...] |
Ransomware
Threat
|
|
|
|
2021-03-12 14:57:57 |
Scammers promote fake cryptocurrency giveaways via Twitter ads (lien direct) |
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...] |
Threat
|
|
|
|
2021-03-10 10:57:36 |
Norway parliament data stolen in Microsoft Exchange attack (lien direct) |
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. [...] |
Threat
|
|
|
|
2021-03-08 15:06:34 |
Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) |
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] |
Malware
Threat
|
|
|
|
2021-03-02 09:00:00 |
Microsoft 365 Defender Threat Analytics enters public preview (lien direct) |
Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. [...] |
Threat
|
|
|
|
2021-03-02 00:14:00 |
Malicious NPM packages target Amazon, Slack with new dependency attacks (lien direct) |
Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...] |
Vulnerability
Threat
|
|
|
|
2021-03-01 14:29:35 |
World\'s leading dairy group Lactalis hit by cyberattack (lien direct) |
Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...] |
Threat
Guideline
|
|
|
|
2021-03-01 10:14:20 |
Tether cryptocurrency firm says docs in $24 million ransom are \'forged\' (lien direct) |
USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...] |
Threat
|
|
|
|
2021-02-24 08:51:03 |
LazyScripter hackers target airlines with remote access trojans (lien direct) |
Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). [...] |
Threat
|
|
|
|
2021-02-23 08:56:40 |
Ukraine: DDoS attacks on govt sites originated from Russia (lien direct) |
The National Security and Defense Council (NSDC) of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. [...] |
Threat
|
|
|
|
2021-02-22 09:06:36 |
Global Accellion data breaches linked to Clop ransomware gang (lien direct) |
Threat actors associated with a financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion's legacy File Transfer Appliance and steal data. [...] |
Ransomware
Threat
|
|
|
|
2021-02-21 09:24:11 |
Warning: Google Alerts abused to push fake Adobe Flash updater (lien direct) |
Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers. [...] |
Threat
|
|
|
|
2021-02-20 12:57:44 |
Kroger data breach exposes pharmacy and employee data (lien direct) |
Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. [...] |
Data Breach
Threat
|
|
|
|
2021-02-14 12:12:06 |
Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) |
This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict.
The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] |
Malware
Threat
|
|
|
|
2021-02-10 10:43:45 |
Hackers auction alleged stolen Cyberpunk 2077, Witcher source code (lien direct) |
Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were stolen in a ransomware attack. [...] |
Ransomware
Threat
|
|
|
|
2021-02-10 03:30:00 |
(Déjà vu) Microsoft fixes Windows 10 bug letting attackers trigger BSOD crashes (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-02-10 03:30:00 |
Microsoft fixes the Windows 10 console driver crash bug (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-02-09 15:42:45 |
HelloKitty ransomware behind CD Projekt Red cyberattack, data theft (lien direct) |
The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize. [...] |
Ransomware
Threat
|
|
|
|
2021-02-05 15:14:46 |
Malicious extension abuses Chrome sync to steal users\' data (lien direct) |
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. [...] |
Threat
|
|
|
|
2021-02-04 13:41:58 |
Hackers steal StormShield firewall source code in data breach (lien direct) |
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...] |
Data Breach
Threat
Guideline
|
|
|
|
2021-02-03 22:30:08 |
Oxfam Australia investigates data breach after database sold online (lien direct) |
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...] |
Data Breach
Threat
|
|
|
|
2021-02-02 11:00:00 |
Malicious script steals credit card info stolen by other hackers (lien direct) |
A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...] |
Threat
|
|
|
|
2021-02-01 14:15:30 |
Phishing campaign lures US businesses with fake PPP loans (lien direct) |
Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a PPP loan to keep their business going during the COVID-19 crisis. [...] |
Threat
|
|
|
|
2021-02-01 08:04:01 |
Android emulator supply-chain attack targets gamers with malware (lien direct) |
ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] |
Malware
Threat
|
|
|
|
2021-01-26 10:01:27 |
Mimecast links security breach to SolarWinds hackers (lien direct) |
Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. [...] |
Threat
|
|
|
|
2021-01-25 11:54:03 |
Australian securities regulator discloses security breach (lien direct) |
The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach. [...] |
Threat
|
|
|
|
2021-01-24 13:16:39 |
Data breach at Buyucoin crypto exchange leaks user info, trades (lien direct) |
A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. [...] |
Threat
|
|
|
|
2021-01-23 12:14:25 |
SonicWall firewall maker hacked using zero-day in its VPN device (lien direct) |
Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems. [...] |
Vulnerability
Threat
|
|
|
|
2021-01-22 14:11:38 |
(Déjà vu) Bonobos clothing store suffers a data breach, hacker leaks 70GB database (lien direct) |
Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker. [...] |
Data Breach
Threat
|
|
|
|
2021-01-22 12:47:33 |
Intel: Hackers stole unpublished earnings info from corporate site (lien direct) |
Intel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results. [...] |
Threat
|
|
|
|
2021-01-21 11:22:05 |
CHwapi hospital hit by Windows BitLocker encryption cyberattack (lien direct) |
The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. [...] |
Threat
|
|
|
|
2021-01-19 15:03:33 |
Malwarebytes says SolarWinds hackers accessed its internal emails (lien direct) |
Cybersecurity firm Malwarebytes today confirmed that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails. [...] |
Threat
|
|
|
|
2021-01-18 13:30:00 |
Microsoft Defender to enable full auto-remediation by default (lien direct) |
Microsoft will enable fully automated threat remediation by default for Microsoft Defender for Endpoint customers who have opted into public previews starting next month, on February 16, 2021. [...] |
Threat
|
|
|
|
2021-01-15 13:43:34 |
Hackers leaked altered Pfizer data to sabotage trust in vaccines (lien direct) |
The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. [...] |
Threat
|
|
|
|
2021-01-14 16:47:21 |
Verified Twitter accounts hacked in $580k \'Elon Musk\' crypto scam (lien direct) |
Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active. [...] |
Threat
|
|
|
|
2021-01-14 13:05:44 |
NSA advises companies to avoid third party DNS resolvers (lien direct) |
The US National Security Agency (NSA) says that companies should avoid using third party DNS resolvers to block threat actors' DNS traffic eavesdropping and manipulation attempts and to block access to internal network information. [...] |
Threat
|
|
|