Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-03-29 11:00:02 |
Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners (lien direct) |
Three backdoors and four miners have been detected in new attacks. |
|
|
|
|
2022-03-28 13:00:00 |
Hundreds more packages found in malicious npm \'factory\' (lien direct) |
Over 600 malicious packages were published in only five days. |
|
|
|
|
2022-03-28 09:57:58 |
Sophos patches critical remote code execution vulnerability in Firewall (lien direct) |
Sophos Firewall is a network protection solution for the enterprise market. |
Vulnerability
|
|
|
|
2022-03-25 13:23:59 |
UK police arrest seven individuals suspected of being hacking group members (lien direct) |
The youngest suspect is 16 years old. |
|
|
|
|
2022-03-25 12:22:24 |
Frosties NFT operators arrested over $1.1 million \'rug pull\' scam (lien direct) |
Investors hand over their cryptocurrency. Project developers vanish. |
|
|
|
|
2022-03-25 11:44:45 |
Avast acquires SecureKey Technologies in authentication, identity management push (lien direct) |
The Canadian company specializes in digital identity services. |
|
|
|
|
2022-03-24 13:00:02 |
Vidar spyware is now hidden in Microsoft help files (lien direct) |
The malware is being spread through an interesting phishing tactic. |
Malware
|
|
★★★
|
|
2022-03-24 10:52:51 |
Mustang Panda hacking group takes advantage of Ukraine crisis in new attacks (lien direct) |
Just as criminals seized on the pandemic, this group is trying to capitalize on Russia's invasion of Ukraine. |
|
|
|
|
2022-03-24 08:58:26 |
Malicious npm packages target Azure developers to steal personal data (lien direct) |
Typosquatting and automatic tools are the weapons of choice. |
|
|
|
|
2022-03-23 16:08:00 |
Okta names Sitel in Lapsus$ security incident impacting up to 366 customers (lien direct) |
The analogy "walking away from your computer at a coffee shop" has been used to describe the incident. |
|
|
|
|
2022-03-23 13:00:09 |
This is how much the average Conti hacking group member earns a month (lien direct) |
While ransom payments can reach millions of dollars, it isn't as much as you'd think. |
|
|
|
|
2022-03-22 12:28:54 |
Social engineering attacks to dominate Web3, the metaverse (lien direct) |
Researchers offer their thoughts on the most prevalent threats faced by emerging technologies. |
|
|
|
|
2022-03-22 10:08:00 |
Okta says breach evidence posted by Lapsus$ hackers linked to January \'security incident\' (lien direct) |
Okta claims there is no proof of current malicious activity on its networks. |
|
|
|
|
2022-03-21 12:49:36 |
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers (lien direct) |
InvisiMole has been collaborating with the Gamaredon APT for years. |
|
|
|
|
2022-03-21 11:41:25 |
New Conti ransomware source code leaked (lien direct) |
The individual responsible is targeting Conti after the group announced its loyalty to Russia during the invasion of Ukraine. |
Ransomware
|
|
|
|
2022-03-21 11:10:19 |
Suspected DarkHotel APT resurgence targets luxury Chinese hotels (lien direct) |
Hospitality firms in Macao, China, are bearing the brunt of targeted cyberattacks. |
|
|
|
|
2022-03-18 12:00:00 |
Franchises, partnerships emerge in Ransomware-as-a-Service operations (lien direct) |
Researchers detail the movers and shakers in the space over 2021. |
|
|
|
|
2022-03-17 12:11:00 |
Russian Cyclops Blink botnet launches assault against Asus routers (lien direct) |
The only option available might be a return to factory settings for infected routers. |
|
|
|
|
2022-03-17 11:06:03 |
Cloudflare debuts Friendly Bot validation service (lien direct) |
Machine learning is already used to "spot your bot." |
|
|
|
|
2022-03-17 10:23:00 |
Ex CafePress owner fined $500,000 for \'shoddy\' security, covering up data breach (lien direct) |
When victim accounts were closed after being hacked in one incident, CafePress went so far as to charge them a $25 fee. |
Data Breach
|
|
|
|
2022-03-16 13:00:02 |
iPhone, Android users lose life savings to romance fraud, cryptocurrency operation (lien direct) |
Attackers now 'double dip' to clear out victim bank accounts. |
|
|
|
|
2022-03-15 13:17:00 |
The role of cloud services, public tools in the Russia-Ukraine cyber conflict (lien direct) |
DDoS tools and how-to guides are being spread through cloud technologies. |
|
|
|
|
2022-03-15 12:55:00 |
CaddyWiper: More destructive wiper malware strikes Ukraine (lien direct) |
The wiper avoids domain controllers to stay under the radar. |
Malware
|
|
|
|
2022-03-14 12:03:32 |
Automotive giant Denso confirms hack, Pandora ransomware group takes credit (lien direct) |
Denso supplies Toyota, General Motors, and Honda, to name but a few. |
Ransomware
|
|
|
|
2022-03-14 11:50:53 |
Ukraine reportedly adopts Clearview AI to track Russian invaders (lien direct) |
The facial recognition technology has not been made available to Russia. |
|
|
|
|
2022-03-14 11:41:31 |
Ubisoft reveals \'security incident\' forcing company-wide password refresh (lien direct) |
The gaming giant remains tight-lipped on the particulars of the assumed hack. |
|
|
|
|
2022-03-04 10:48:00 |
These are the problems that cause headaches for bug bounty hunters (lien direct) |
A researcher shares his thoughts on the challenges of responsible vulnerability disclosure. |
Vulnerability
|
|
|
|
2022-03-03 12:53:51 |
US launches KleptoCapture force to tackle cryptocurrency use in Russian sanction avoidance (lien direct) |
The DoJ says the team will target "efforts" to use cryptocurrency to circumvent sanctions or launder cash. |
|
|
|
|
2022-03-02 17:10:00 |
Ukraine government calls on Oracle, SAP for support (lien direct) |
Updated: Mykhailo Fedorov has requested the severance of business relationships with Russia. Oracle has taken this step. |
|
|
|
|
2022-03-02 10:02:42 |
TeaBot Android Banking Trojan continues its global conquest with new upgrades (lien direct) |
The RAT has is now targeting over 400 applications. |
|
|
|
|
2022-03-01 12:37:00 |
Ukraine asks cryptocurrency firms to block Russian users (lien direct) |
The request comes at a time when economic sanctions are sending shockwaves through the Russian banking system. |
|
|
|
|
2022-03-01 10:21:00 |
Google TAG removes fraudulent \'influence\' operations linked to Belarus, Moldova, Ukraine (lien direct) |
The tech giant has also tackled thousands of YouTube channels connected to China. |
|
|
|
|
2022-02-28 14:01:00 |
Ukraine security agencies warn of Ghostwriter threat activity, phishing campaigns (lien direct) |
CERT-UA warns of misinformation, phishing, and active assaults against Ukrainian organizations. |
Threat
|
|
|
|
2022-02-25 09:52:15 |
Ukraine calls for volunteer hackers to protect critical infrastructure: report (lien direct) |
The country is reportedly asking volunteers to join digital defensive and surveillance missions. |
|
|
|
|
2022-02-24 11:02:59 |
Darktrace acquires attack surface analytics firm Cybersprint (lien direct) |
Darktrace says the deal will bolster the firm's artificial intelligence (AI) capabilities. |
|
|
|
|
2022-02-23 09:08:20 |
Malware authors target rivals with malicious npm packages (lien direct) |
Trojan packages reveal what could be internal rivalry between cybercriminals. |
|
|
|
|
2022-02-23 09:00:02 |
These new hacking groups are striking industrial, operational tech targets (lien direct) |
Two of the new groups are sophisticated enough to reach ICS/OT networks directly. |
|
|
|
|
2022-02-23 06:30:01 |
Hackers tried to shatter the spine of global supply chains in 2021 (lien direct) |
IBM researchers say supply chains were the focus of criminals last year and manufacturers bore the brunt of attacks. |
|
|
|
|
2022-02-22 10:14:43 |
Almost 100,000 new mobile banking Trojan strains detected in 2021 (lien direct) |
Mobile malware used to be relatively rare. Now, the focus has pivoted from PCs to our handsets. |
Malware
|
|
|
|
2022-02-21 13:11:57 |
NIST proposes model to assess cybersecurity investment strategies in network security (lien direct) |
The larger the network, the larger the attack surface. Computational models may pinpoint the best places for investment. |
|
|
|
|
2022-02-21 12:18:36 |
CISA publishes guide with free cybersecurity tools, resources for incident response (lien direct) |
The resources can provide a foundation for dealing with the aftermath of cyberattacks. |
|
|
|
|
2022-02-21 10:43:43 |
Scam artists swindle NFTs worth \'millions\' in OpenSea phishing attack (lien direct) |
The NFT platform is "working around the clock" to investigate. |
|
|
|
|
2022-02-18 09:41:04 |
Thanks, dad: jammer used to stop kids going online, wipes out a town\'s internet by mistake (lien direct) |
The -interesting- control method could lead to a hefty fine and jail time. |
Guideline
|
|
|
|
2022-02-18 08:41:27 |
New RCE flaw added to Adobe Commerce, Magento security advisory (lien direct) |
Researchers have also been able to replicate the original security flaw. |
|
|
|
|
2022-02-17 10:45:56 |
Microsoft warns of emerging \'ice phishing\' threat on blockchain, DeFi networks (lien direct) |
The firm says that the introduction of web3 may also bring with it unique forms of phishing. |
Threat
|
|
|
|
2022-02-17 09:28:54 |
Trickbot abuses top brands including Bank of America, Wells Fargo in attacks against customers (lien direct) |
The malware is said to pose a "great danger" to the customers of 60 finance and tech giants. |
Malware
|
|
|
|
2022-02-17 08:30:35 |
Businessman admits to working as spyware broker in US and Mexico (lien direct) |
He pleaded guilty to brokering spyware and surveillance tools. |
Guideline
|
|
|
|
2022-02-17 07:55:40 |
Missouri will not prosecute \'hacker\' reporter for daring to view state website HTML (lien direct) |
Missouri's governor was both criticized and mocked for saying the journalist "decoded HTML source code" for malicious purposes. |
|
|
|
|
2022-02-16 13:00:02 |
How the initial access broker market leads to ransomware attacks (lien direct) |
Researchers explore the attack methods of LockBit, Avaddon, Darkside, Conti, and BlackByte ransomware groups. |
Ransomware
|
|
|
|
2022-02-15 13:06:14 |
Squirrelwaffle, Microsoft Exchange Server vulnerabilities exploited for financial fraud (lien direct) |
Unpatched servers have been used to twist corporate email threads and conduct financial theft. |
|
|
|