Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-20 16:00:37 |
Ursnif malware switches from bank account theft to initial access (lien direct) |
A new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. [...] |
Malware
|
|
|
|
2022-10-20 11:21:30 |
Health system data breach due to Meta Pixel hits 3 million patients (lien direct) |
Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals. [...] |
Data Breach
|
|
|
|
2022-10-20 11:03:41 |
OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) |
OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] |
Ransomware
Malware
|
|
|
|
2022-10-20 05:30:00 |
Hacking group updates Furball Android spyware to evade detection (lien direct) |
A new version of the 'FurBall' Android spyware has been found targeting Iranian citizens in mobile surveillance campaigns conducted by the Domestic Kitten hacking group, also known as APT-C-50. [...] |
|
|
|
|
2022-10-19 14:28:11 |
Microsoft data breach exposes customers\' contact info, emails (lien direct) |
Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. [...] |
Data Breach
|
|
|
|
2022-10-18 17:49:08 |
Ransom Cartel linked to notorious REvil ransomware operation (lien direct) |
Threat analysts have connected the pieces that link the Ransom Cartel RaaS (ransomware-as-a-service) to the REvil gang, one of the most notorious and prolific ransomware groups in recent years. [...] |
Ransomware
Threat
|
|
|
|
2022-10-18 12:36:01 |
Hackers target Asian casinos in lengthy cyberespionage campaign (lien direct) |
A hacking group named 'DiceyF' has been observed deploying a malicious attack framework against online casinos based in Southeast Asia since at least November 2021. [...] |
|
|
|
|
2022-10-18 10:06:03 |
Text message verification flaws in your Windows Active Directory (lien direct) |
While text messaging-based MFA goes a long way toward protecting an org against compromised credentials, it also has vulnerabilities of its own. Orgs must look for ways around the flaws associated with test-based MFA by upgrading to multi-factor authentication. Learn more in this article from Specops Software. [...] |
|
|
|
|
2022-10-18 06:00:00 |
Hackers compromised Hong Kong govt agency network for a year (lien direct) |
Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 (a.k.a. Winnti) that breached government agencies in Hong Kong and remained undetected for a year in some cases. [...] |
Guideline
|
APT 41
|
|
|
2022-10-17 16:51:38 |
Malware dev claims to sell new BlackLotus Windows UEFI bootkit (lien direct) |
A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. [...] |
Tool
Threat
|
|
|
|
2022-10-17 16:16:01 |
MyDeal data breach impacts 2.2M users, stolen data for sale online (lien direct) |
Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. [...] |
Data Breach
|
|
|
|
2022-10-17 13:56:16 |
Australian insurance firm Medibank confirms ransomware attack (lien direct) |
Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services. [...] |
Ransomware
|
|
|
|
2022-10-17 10:33:00 |
Ransomware attack halts circulation of some German newspapers (lien direct) |
German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. [...] |
Ransomware
|
|
|
|
2022-10-16 10:07:14 |
New PHP information-stealing malware targets Facebook accounts (lien direct) |
Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...] |
Malware
Threat
|
|
|
|
2022-10-14 17:27:17 |
Police tricks DeadBolt ransomware out of 155 decryption keys (lien direct) |
The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. [...] |
Ransomware
|
|
|
|
2022-10-14 08:51:03 |
Australian police secret agents exposed in Colombian data leak (lien direct) |
Identities of secret agents working for the Australian Federal Police (AFP) have been exposed after hackers leaked documents stolen from the Colombian government. [...] |
|
|
|
|
2022-10-13 16:48:44 |
Fast Company says Executive Board member info was not stolen in attack (lien direct) |
American business magazine Fast Company reached out to its Executive Board members this week to let them know their personal information was not stolen in a September 27 cyberattack that forced it to shut down its website. [...] |
|
|
|
|
2022-10-13 13:23:05 |
Russian DDoS attack project pays contributors for more firepower (lien direct) |
A pro-Russian group created a crowdsourced project called 'DDOSIA' that pays volunteers launching distributed denial-of-service (DDOS) attacks against western entities. [...] |
|
|
|
|
2022-10-13 10:05:10 |
What the Uber Hack can teach us about navigating IT Security (lien direct) |
The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] |
Hack
Threat
|
Uber
Uber
|
|
|
2022-10-13 09:01:23 |
Cloudflare mitigated record DDoS attack against Minecraft server (lien direct) |
Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service (DDoS) attack. [...] |
|
|
|
|
2022-10-13 08:00:00 |
New Alchimist attack framework targets Windows, macOS, Linux (lien direct) |
Cybersecurity researchers have discovered a new attack and C2 framework called 'Alchimist,' which appears to be actively used in attacks targeting Windows, Linux, and macOS systems. [...] |
|
|
|
|
2022-10-12 14:56:21 |
Unofficial WhatsApp Android app caught stealing users\' accounts (lien direct) |
A new version of an unofficial WhatsApp Android application named 'YoWhatsApp' has been found stealing access keys for users' accounts. [...] |
|
|
|
|
2022-10-12 14:10:56 |
Signal will remove support for SMS text messages on Android (lien direct) |
Signal says it will start to phase out SMS and MMS message support from its Android app to streamline the user experience and prioritize security and privacy. [...] |
|
|
|
|
2022-10-12 11:16:30 |
New npm timing attack could lead to supply chain attacks (lien direct) |
Security researchers have discovered an npm timing attack that reveals the names of private packages so threat actors can release malicious clones publicly to trick developers into using them instead. [...] |
Threat
|
|
|
|
2022-10-12 08:00:26 |
Google simplifies sign-ins with Chrome, Android passkey support (lien direct) |
Google announced today that it's introducing passkey support to both its Google Chrome web browser and the Android operating system to simplify sign-ins across apps, websites, and devices. [...] |
|
|
|
|
2022-10-11 15:48:37 |
Android leaks some traffic even when \'Always-on VPN\' is enabled (lien direct) |
Mullvad VPN has discovered that Android leaks traffic every time the device connects to a WiFi network, even if the "Block connections without VPN," or "Always-on VPN," features is enabled. [...] |
|
|
|
|
2022-10-11 12:59:44 |
Microsoft Exchange servers hacked to deploy LockBit ransomware (lien direct) |
Microsoft is investigating reports of a new zero-day bug abused to hack Exchange servers which were later used to launch Lockbit ransomware attacks. [...] |
Ransomware
Hack
|
|
|
|
2022-10-11 05:30:00 |
Hacking group POLONIUM uses \'Creepy\' malware against Israel (lien direct) |
Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] |
Malware
Threat
|
|
|
|
2022-10-10 16:24:51 |
Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) |
The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] |
Malware
Threat
|
|
|
|
2022-10-10 13:50:03 |
Toyota discloses data leak after access key exposed on GitHub (lien direct) |
Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years. [...] |
|
|
|
|
2022-10-09 20:53:38 |
Intel confirms leaked Alder Lake BIOS Source Code is authentic (lien direct) |
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party. [...] |
|
|
|
|
2022-10-09 15:26:40 |
(Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) |
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] |
Malware
Guideline
|
|
|
|
2022-10-09 15:26:40 |
Solana Phantom security update NFTs push password-stealing malware (lien direct) |
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] |
Malware
Guideline
|
|
|
|
2022-10-08 11:18:09 |
ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach (lien direct) |
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting the company's stolen files on their data leak site. [...] |
Threat
|
|
|
|
2022-10-08 10:11:22 |
Callback phishing attacks evolve their social engineering tactics (lien direct) |
The BazarCall malicious operation has evolved its social engineering methods, keeping the old fake charges lure for the first phase of the attack but then switching to pretending to help the victim deal with an infection or hack. [...] |
|
|
|
|
2022-10-06 14:03:17 |
Meta sues app dev for stealing over 1 million WhatsApp accounts (lien direct) |
Meta has sued several Chinese companies doing business as HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022. [...] |
|
|
|
|
2022-10-05 17:49:54 |
FBI: Cyberattacks targeting election systems unlikely to affect results (lien direct) |
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting. [...] |
|
|
|
|
2022-10-05 13:21:19 |
City of Tucson discloses data breach affecting over 125,000 people (lien direct) |
The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. [...] |
Data Breach
|
|
|
|
2022-10-05 12:01:06 |
Hundreds of Microsoft SQL servers backdoored with new malware (lien direct) |
Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. [...] |
Malware
|
|
|
|
2022-10-05 07:00:00 |
New Android malware \'RatMilad\' can steal your data, record audio (lien direct) |
A new Android spyware named 'RatMilad' was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. [...] |
Malware
|
|
|
|
2022-10-04 19:08:56 |
(Déjà vu) Hackers stole data from US defense org using Impacket, CovalentStealer (lien direct) |
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] |
Malware
|
|
|
|
2022-10-04 19:08:56 |
US Govt: Hackers stole data from US defense org using new malware (lien direct) |
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] |
Malware
|
|
|
|
2022-10-04 12:43:38 |
Optus confirms 2.1 million ID numbers exposed in data breach (lien direct) |
Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month. [...] |
Data Breach
|
|
|
|
2022-10-03 18:42:13 |
TD Bank discloses data breach after employee leaks customer info (lien direct) |
TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud. [...] |
Data Breach
|
|
|
|
2022-10-03 14:35:40 |
Russian retail chain \'DNS\' confirms hack after data leaked online (lien direct) |
Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that allegedly exposed the personal information of 16 million customers and employees. [...] |
Data Breach
Hack
|
|
★★★
|
|
2022-10-03 13:58:56 |
Live support service hacked to spread malware in supply chain attack (lien direct) |
The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack. [...] |
Malware
|
|
|
|
2022-09-30 11:26:19 |
Optus breach victims will get "supercharged" fraud protection (lien direct) |
The Australian Federal Police (AFP) announced today the launch of Operation Guardian which will ensure that more than 10,000 customers who had their personal info leaked in the Optus data breach will get priority protection against fraud attempts. [...] |
Data Breach
|
|
|
|
2022-09-29 17:14:07 |
Hacking group hides backdoor malware inside Windows logo image (lien direct) |
Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [...] |
Malware
|
|
|
|
2022-09-29 10:32:16 |
New Royal Ransomware emerges in multi-million dollar attacks (lien direct) |
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million. [...] |
Ransomware
|
|
★★★★★
|
|
2022-09-29 09:00:18 |
New malware backdoors VMware ESXi servers to hijack virtual machines (lien direct) |
Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...] |
Malware
|
|
|