Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-02-04 18:26:07 |
Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers (lien direct) |
The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another. |
|
Uber
|
|
|
2022-02-04 13:28:01 |
Attackers Target Intuit Users by Threatening to Cancel Tax Accounts (lien direct) |
The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software. |
|
|
|
|
2022-02-03 23:08:49 |
Kronos Still Dragging Itself Back From Ransomware Hell (lien direct) |
And customers including Tesla, PepsiCo and NYC transit workers are filing lawsuits over the “real pain in the rear end” of manual inputting, inaccurate wages & more. |
Ransomware
|
|
|
|
2022-02-03 22:10:32 |
Low-Detection Phishing Kits Increasingly Bypass MFA (lien direct) |
A growing class of phishing kits – transparent reverse proxy kits – are being used to get past multi-factor authentication using MiTM tactics. |
|
|
|
|
2022-02-03 20:15:54 |
Critical Cisco Bugs Open VPN Routers to Cyberattacks (lien direct) |
The company's RV line of small-business routers contains 15 different security vulnerabilities that could enable everything from RCE to corporate network access and denial-of-service – and many have exploits circulating. |
|
|
|
|
2022-02-03 18:28:14 |
Wormhole Crypto Platform: \'Funds Are Safe\' After $314M Heist (lien direct) |
The popular bridge, which connects Ethereum, Solana blockchain & more, was shelled out by it's-not-saying. Wormhole is trying to negotiate with the attacker. |
|
|
|
|
2022-02-03 14:00:25 |
PowerPoint Files Abused to Take Over Computers (lien direct) |
Attackers are using socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines.
|
Malware
|
|
|
|
2022-02-02 22:25:35 |
KP Snacks Left with Crumbs After Ransomware Attack (lien direct) |
The Conti gang strikes again, disrupting the nom-merchant's supply chain and threatening empty supermarket shelves lasting for weeks. |
Ransomware
|
|
|
|
2022-02-02 19:23:41 |
Supply-Chain Security Is Not a Problem…It\'s a Predicament (lien direct) |
Despite what security vendors might say, there is no way to comprehensively solve our supply-chain security challenges, posits JupiterOne CISO Sounil Yu. We can only manage them. |
|
|
|
|
2022-02-02 14:00:23 |
Thousands of Malicious npm Packages Threaten Web Apps (lien direct) |
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors. |
Threat
|
|
|
|
2022-02-02 13:58:34 |
Charming Kitten Sharpens Its Claws with PowerShell Backdoor (lien direct) |
The notorious Iranian APT is fortifying its arsenal with new malicious tools and evasion tactics and may even be behind the Memento ransomware.
|
|
APT 35
|
|
|
2022-02-01 23:06:53 |
FBI: Use a Burner Phone at the Olympics (lien direct) |
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that "can be trivially sidestepped." Besides burners, here are more tips on staying cyber-safe at the Games. |
|
|
|
|
2022-02-01 21:32:13 |
Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft (lien direct) |
Rising critical unpatched vulnerabilities and a lack of encryption leave medical device data defenseless, researcher warn. |
|
|
|
|
2022-02-01 20:59:53 |
The Account Takeover Cat-and-Mouse Game (lien direct) |
ATO attacks are evolving. Jason Kent, hacker-in-residence at Cequence Security, discusses what new-style cyberattacks look like in the wild. |
|
|
|
|
2022-02-01 20:02:02 |
Samba \'Fruit\' Bug Allows RCE, Full Root User Access (lien direct) |
The issue in the file-sharing and interop platform also affects Red Hat, SUSE Linux and Ubuntu packages. |
|
|
|
|
2022-02-01 14:00:08 |
Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities (lien direct) |
LOLBins help attackers become invisible to security platforms. Uptycs provides a rundown of the most commonly abused native utilities for Windows, Linux and macOS – and advice for protection. |
|
|
|
|
2022-01-31 21:59:35 |
Public Exploit Released for Windows 10 Bug (lien direct) |
The vulnerability affects all unpatched Windows 10 versions following a messy Microsoft January update. |
Vulnerability
|
|
|
|
2022-01-31 18:18:41 |
Apple Pays $100.5K Bug Bounty for Mac Webcam Hack (lien direct) |
The researcher found that he could gain unauthorized camera access via a shared iCloud document that could also "hack every website you've ever visited."
|
Hack
|
|
|
|
2022-01-31 17:56:09 |
NSO Group Pegasus Spyware Aims at Finnish Diplomats (lien direct) |
Finland is weathering a bout of Pegasus infections, along with a Facebook Messenger phishing scam. |
|
|
|
|
2022-01-28 21:47:21 |
Lazarus APT Uses Windows Update to Spew Malware (lien direct) |
The group once again dangled fake job opportunities at engineers in a spear-phishing campaign that used Windows Update as a living-off-the-land technique and GitHub as a C2.
|
Malware
|
APT 38
|
|
|
2022-01-28 16:54:06 |
Zerodium Spikes Payout for Zero-Click Outlook Zero-Days (lien direct) |
The sweetened deal came on the same day that Trustwave SpiderLabs published a new way to bypass Outlook security to deliver malicious links to victims.
|
|
|
|
|
2022-01-28 14:15:47 |
Conti, DeadBolt Target Delta, QNAP (lien direct) |
QNAP had to push out an unexpected (and not entirely welcome) NAS device update, and Delta Electronics' network has been crippled.
|
|
|
|
|
2022-01-28 14:00:25 |
Shlayer and Bundlore MacOS Malware Strains – How Uptycs EDR Detection Can Help (lien direct) |
MacOS malware Shlayer and Bundlore may have variations, but the behavior of their attacks have not changed – attacking older macOS versions and poorly-protected websites. |
Malware
|
|
|
|
2022-01-27 20:59:53 |
2FA App Loaded with Banking Trojan Infests 10K Victims via Google Play (lien direct) |
The Vultur trojan steals bank credentials but asks for permissions to do far more damage down the line. |
|
|
|
|
2022-01-27 17:19:49 |
BotenaGo Botnet Code Leaked to GitHub (lien direct) |
The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it.
|
Malware
|
|
|
|
2022-01-27 15:00:07 |
Shipment-Delivery Scams a Fav Way to Spread Malware (lien direct) |
Attackers increasingly are spoofing the courier DHL and using socially engineered messages related to packages to trick users into downloading Trickbot and other malicious payloads.
|
Malware
|
|
|
|
2022-01-27 13:11:09 |
How to Secure Your SaaS Stack with a SaaS Security Posture Management Solution (lien direct) |
SaaS Security Posture Management (SSPM) named a must have solution by Gartner. Adaptive Shields SSPM solution allows security teams full visibility and control. |
|
|
|
|
2022-01-26 22:39:34 |
TrickBot Crashes Security Researchers\' Browsers in Latest Upgrade (lien direct) |
The malware has added an anti-debugging tool that crashes browser tabs when researchers use code beautifying for analysis. |
Malware
Tool
|
|
|
|
2022-01-26 22:19:57 |
Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild (lien direct) |
iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users' browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild. |
|
|
★★★★
|
|
2022-01-26 21:24:36 |
\'Dark Herring\' Billing Malware Swims onto 105M Android Devices (lien direct) |
The mobile malware heisted hundreds of millions of dollars from unsuspecting users, thanks to 470 different well-crafted malicious app in Google Play. |
Malware
|
|
|
|
2022-01-26 20:23:24 |
New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense (lien direct) |
Need a blueprint for architecting a formidable cyber-defense? Kerry Kerry Matre, senior director at Mandiant, shares hers in this detailed breakdown. |
|
|
|
|
2022-01-26 19:37:12 |
Cybercriminals Love Supply-Chain Chaos: Here\'s How to Protect Your Inbox (lien direct) |
Threat actors use bogus 'shipping delays' to deceive customers and businesses. Troy Gill, senior manager of threat intelligence at Zix, discusses how spoofing is evolving and what to do. |
Threat
|
|
|
|
2022-01-26 17:52:49 |
Linux Bug in All Major Distros: \'An Attacker\'s Dream Come True\' (lien direct) |
The 12-year-old flaw in the sudo-like polkit's pkexec tool, found in all major Linux distributions, is likely to be exploited in the wild within days. |
|
|
|
|
2022-01-26 14:02:07 |
Threat Actors Blanket Androids with Flubot, Teabot Campaigns (lien direct) |
Attackers are getting creative, using smishing & a malicious Google Play QR reader to plant banking trojans on the phones of victims across the globe.
|
|
|
|
|
2022-01-25 21:00:08 |
Cyberattacks on Squid Game Minecraft Tourney Take Down Andorra\'s Internet (lien direct) |
Some of the bursts of traffic reached up to 10Gbps, reports noted, overwhelming the country's only ISP, and crippling Andorran Squidcraft gamers along with the rest of the population. |
|
|
|
|
2022-01-25 20:45:00 |
Ozzy Osbourne NFTs Used to Bite Off Chunk of Crypto Coin (lien direct) |
A discarded Discord vanity URL for CryptoBatz was hijacked by cybercriminals to drain cryptocurrency wallets.
|
|
|
|
|
2022-01-25 20:35:56 |
Segway Hit by Magecart Attack Hiding in a Favicon (lien direct) |
Visitors who shopped on the company's eCommerce website in January will likely find their payment-card data heisted, researchers warned. |
|
|
|
|
2022-01-25 18:54:42 |
New MacOS Malware \'DazzleSpy\' Used in Watering-Hole Attacks (lien direct) |
A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a new macOS backdoor that researchers dubbed DazzleSpy.
|
Malware
|
|
|
|
2022-01-25 16:22:49 |
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover (lien direct) |
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users. |
|
|
|
|
2022-01-25 13:56:19 |
BRATA Android Trojan Updated with \'Kill Switch\' that Wipes Devices (lien direct) |
Researchers identify three new versions of the banking trojan that include various new features, including GPS tracking and novel obfuscation techniques. |
|
|
|
|
2022-01-24 23:08:56 |
Linux Servers at Risk of RCE Due to Critical CWP Bugs (lien direct) |
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
|
|
|
★★★★★
|
|
2022-01-24 21:54:58 |
MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists (lien direct) |
State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data. |
|
|
|
|
2022-01-24 21:13:22 |
Surge in Malicious QR Codes Sparks FBI Alert (lien direct) |
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware. |
|
|
|
|
2022-01-24 20:26:32 |
Dark Souls 3 Servers Shut Down Due to Critical RCE Bug (lien direct) |
The bug can allow attackers to remotely execute code on gamers' computers. The devs temporarily deactivated PvP servers across multiple affected versions. |
|
|
|
|
2022-01-24 10:00:56 |
Unusual \'Donald Trump\' Packer Malware Delivers RATs, Infostealers (lien direct) |
The 'DTPacker' downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds. |
Malware
|
|
|
|
2022-01-21 21:03:23 |
The Internet\'s Most Tempting Targets (lien direct) |
What attracts the attackers? David "moose" Wolpoff, CTO at Randori, discusses how to evaluate your infrastructure for juicy targets. |
|
|
|
|
2022-01-21 20:27:15 |
Merck Awarded $1.4B Insurance Payout over NotPetya Attack (lien direct) |
Court rules 'War or Hostile Acts' exclusion doesn't apply to the pharma giant's 2017 cyberattack. |
|
NotPetya
NotPetya
|
|
|
2022-01-21 18:19:37 |
20K WordPress Sites Exposed by Insecure Plugin REST-API (lien direct) |
The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. |
|
|
|
|
2022-01-21 17:13:03 |
McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges (lien direct) |
McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.
|
|
|
|
|
2022-01-21 14:10:07 |
Spyware Blitzes Compromise, Cannibalize ICS Networks (lien direct) |
The brief spearphishing campaigns spread malware and use compromised networks to steal credentials that can be sold or used to commit financial fraud.
|
Malware
|
|
|