Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-09-29 16:00:00 |
Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads (lien direct) |
Cisco Talos discovered the malicious campaign in August 2022 |
|
|
|
|
2022-09-29 15:00:00 |
LeakBase: India Swachhata Platform Breached, 16 Million User PII Records Exposed (lien direct) |
Data samples contain email addresses, hashed passwords and user IDs, other PII |
|
|
|
|
2022-09-29 10:00:00 |
Mobile, Cloud and Email Are Top Threat Vectors For 2023 (lien direct) |
PwC study finds organizations have a long way to go on security |
Threat
|
|
|
|
2022-09-29 09:15:00 |
Crypto-Thieves Cost Victims 53 Times What They Make (lien direct) |
Report reveals surging cloud bills for crypto-jacking victims |
|
|
|
|
2022-09-29 08:30:00 |
IRS Warns of "Industrial Scale" Smishing Surge (lien direct) |
Tax agency says automated tools are to blame |
|
|
|
|
2022-09-28 17:00:00 |
WatchGuard Report: Malware Decreases but Encrypted Malware Up in Q2 2022 (lien direct) |
This could reflect threat actors shifting their tactics to rely on more elusive malware |
Threat
Malware
|
|
|
|
2022-09-28 16:00:00 |
(Déjà vu) Hackers Use Telegram and Signal to Assist Protestors in Iran (lien direct) |
Key activities are data leaking and selling, including officials' phone numbers and emails |
|
|
|
|
2022-09-28 15:00:00 |
Hacker Breaches Fast Company Apple News Account, Sends Racist Messages (lien direct) |
The breach seems related to the hack of Fast Company's website on Sunday afternoon |
Hack
|
|
|
|
2022-09-28 09:30:00 |
ICO Reprimands UK Organizations for GDPR Failings (lien direct) |
Subject Access Requests experiencing significant delays |
|
|
★★★★
|
|
2022-09-28 09:00:00 |
Cyber-Threats Top Business Leaders\' Biggest Concerns (lien direct) |
Many are operating under a false sense of security |
|
|
★★★★★
|
|
2022-09-28 08:30:00 |
Meta Takes Down Russian "Smash-and-Grab" Disinformation Campaign (lien direct) |
Chinese network targeting US mid-terms also closed down |
|
|
★★
|
|
2022-09-27 16:00:00 |
Lazarus Group Targets MacOS Users Seeking Crypto Jobs (lien direct) |
The new attacks would be a new instance of a campaign spotted by ESET and Malwarebytes in August |
|
APT 38
|
|
|
2022-09-27 15:00:00 |
Microsoft Sway Pages Weaponized to Perform Phishing and Malware Delivery (lien direct) |
Most phishing attack vectors observed involved clicking a direct link to a phishing page |
Malware
|
|
|
|
2022-09-27 09:40:00 |
Global Firms Deal with 51 Security Incidents Each Day (lien direct) |
Siloed systems appear to be holding back teams |
|
|
|
|
2022-09-27 09:05:00 |
TikTok Facing £27m UK Regulatory Fine (lien direct) |
Social network failed to protect kids, says ICO |
|
|
|
|
2022-09-27 08:30:00 |
Ukraine Predicts "Massive" Russian Cyber Assault (lien direct) |
Kremlin set to intensify attacks on critical infrastructure |
|
|
|
|
2022-09-26 17:00:00 |
Fitbit Increases Security Requirements, Mandates Google Login From 2023 (lien direct) |
Users will have the option to log in using their Fitbit account for as long as it is supported |
|
|
★★
|
|
2022-09-26 16:00:00 |
ReasonLabs Unveils Multimillion Dollar Global Credit Card Scam (lien direct) |
The victims of the plot were users of Mastercard, Visa, and American Express, among others |
|
|
|
|
2022-09-26 15:00:00 |
Hackers Use NullMixer and SEO to Spread Malware More Efficiently (lien direct) |
The websites are often related to crack, keygen and activators for illegal software |
Malware
|
|
|
|
2022-09-26 09:30:00 |
Ransomware Affiliates Adopt Data Destruction (lien direct) |
Concerning signs of escalation in tactics |
|
|
|
|
2022-09-26 09:00:00 |
US Duo Plead Guilty to $30m Forex Fraud Scheme (lien direct) |
Each face a maximum term of five years behind bars |
|
|
|
|
2022-09-26 08:30:00 |
UK Teen Arrested on Computer Misuse Charges (lien direct) |
Individual may be linked to Lapsus$ group |
|
|
|
|
2022-09-23 17:00:00 |
Air Force Upgrades Digital Modernization Strategy to "As a Service" Model (lien direct) |
The transition will be carried out through three procurements to be awarded before the end of 2024 |
|
|
|
|
2022-09-23 16:00:00 |
Hackers Deploy Malicious OAuth Apps to Compromise Email Servers, Spread Spam (lien direct) |
The spam emails were sent to trick recipients into signing up for fake paid subscriptions |
Spam
|
|
|
|
2022-09-23 15:00:00 |
Cyber Mercenary Group Void Balaur Continues Hack-For-Hire Campaigns (lien direct) |
Void Balaur campaigns in 2022 targeted various industries across the US, Russia and Ukraine |
|
|
|
|
2022-09-23 13:50:00 |
Details of Over 300,000 Russian Reservists Leaked, Anonymous Claims (lien direct) |
The group claims the individuals are likely to be mobilized by the Russian government to fight in Ukraine |
|
|
|
|
2022-09-23 09:30:00 |
Seven-Year Mobile Surveillance Campaign Targets Uyghurs (lien direct) |
Scarlet Mimic group uses over 20 Android malware variants |
Malware
|
|
|
|
2022-09-23 09:00:00 |
NSA Reveals "Hackers\' Playbook" for OT Attacks (lien direct) |
New report outlines key mitigations for OT owners |
|
|
|
|
2022-09-23 08:30:00 |
Europol "Hackathon" Identifies Scores of Human Trafficking Victims (lien direct) |
Over 100 online platforms checked for illegal activity |
|
|
|
|
2022-09-22 17:00:00 |
Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers (lien direct) |
Home addresses, driver's licenses and passport numbers were potentially accessed by the attacker |
|
|
★★
|
|
2022-09-22 16:00:00 |
Morgan Stanley Fined $35m By SEC For Data Security Lapse (lien direct) |
The improper data disposal reportedly started in 2016 and exposed 15 million customers' data |
|
|
★★★★★
|
|
2022-09-22 15:00:00 |
Russia-Based Hackers FIN11 Impersonate Zoom to Conduct Phishing Campaigns (lien direct) |
Cyfirma said the motive behind the attacks may be financial in nature |
|
|
★★★
|
|
2022-09-22 09:35:00 |
Twitter Password Reset Bug Exposed User Accounts (lien direct) |
Social media firm fixes issue that left sessions open |
|
|
|
|
2022-09-22 09:05:00 |
Authorized Push Payments Surge to 75% of Banking Fraud (lien direct) |
Social engineering tactics bear fruit for digital scammers |
|
|
|
|
2022-09-22 08:35:00 |
Iranian Hackers Hid in Albanian Networks for Over a Year (lien direct) |
CISA report reveals extent of state-backed campaign |
|
|
|
|
2022-09-21 17:00:00 |
Microsoft Upgrades Windows 11 With New Security Features (lien direct) |
The list includes application control enhancements and vulnerable drivers protection, among others |
|
|
★★★★
|
|
2022-09-21 16:00:00 |
350K Open-Source Projects At Risk of Supply Chain Vulnerability (lien direct) |
The flaw resides in the tarfile module, automatically installed in any Python project |
Vulnerability
|
|
|
|
2022-09-21 15:30:00 |
NCSC: British Retailers Need to Move Beyond Passwords (lien direct) |
The UK's national cybersecurity agency also advised organizations on what steps they should take if their brand has been spoofed online |
|
|
|
|
2022-09-21 15:00:00 |
Multiple Vulnerabilities Discovered in Dataprobe\'s iBoot-PDUs (lien direct) |
They pose a number of risks to Dataprobe, including giving control of the iBoot-PDU to attackers |
|
|
|
|
2022-09-21 11:45:00 |
Two-Fifths of US Consumers Suffer Personal Data Theft (lien direct) |
Those suffering emotional and physical impact surges |
|
|
|
|
2022-09-21 09:10:00 |
Video Game Publisher Admits Helpdesk Was Hijacked (lien direct) |
Players were sent malicious links disguised as support tickets |
|
|
|
|
2022-09-21 08:25:00 |
Open Source Repository Attacks Soar 700% in Three Years (lien direct) |
Sonatype says it has detected 95,000 since 2019 |
|
|
|
|
2022-09-20 17:00:00 |
California Signs Internet Privacy Legislation to Boost Children\'s Safety Online (lien direct) |
The new legislation will implement some of the strictest privacy requirements in the US |
|
|
|
|
2022-09-20 17:00:00 |
Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access (lien direct) |
Potential attacks resulting from it may include privilege escalation and cross–tenant access |
Vulnerability
|
|
|
|
2022-09-20 16:00:00 |
Europol and Bitdefender Jointly Release LockerGoga Decryptor (lien direct) |
LockerGoga targeted several companies in Norway and across the US in 2019 |
|
|
|
|
2022-09-20 15:30:00 |
Grand Theft Auto Publisher Rockstar Games Hacked (lien direct) |
The threat actor 'teapotuberhacker' could be linked to the Lapsus$ hacking group |
Threat
|
Uber
|
|
|
2022-09-20 15:00:00 |
Hackers Admit Destroying InterContinental Hotels Group\'s Data \'For Fun\' (lien direct) |
They tried to conduct a ransomware attack against IHG and upon failing, decided to delete the data |
Ransomware
|
|
|
|
2022-09-20 14:01:00 |
Quantum Computing Already Putting Data at Risk, Cyber Pros Agree (lien direct) |
In the Deloitte poll, 50.2% of respondents said their organization is at risk of 'harvest now, decrypt later' attacks |
|
Deloitte
Deloitte
|
★★
|
|
2022-09-20 09:30:00 |
American Airlines Breach Exposes Customer and Staff Information (lien direct) |
An undisclosed number of people have been impacted |
|
|
★★★
|
|
2022-09-20 09:10:00 |
Revolut Breach May Have Hit 50,000+ Customers (lien direct) |
Major phishing risk as personal details are compromised |
|
|
|