Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-02-25 14:04:47 |
This chart shows the connections between cybercrime groups (lien direct) |
CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other. |
|
|
|
|
2021-02-24 21:16:14 |
More than 6,700 VMware servers exposed online and vulnerable to major new bug (lien direct) |
Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already. |
|
|
|
|
2021-02-24 15:13:18 |
Ukraine reports cyber-attack on government document management system (lien direct) |
Ukrainian officials blame "one of the hacker spy groups from the Russian Federation." |
|
|
|
|
2021-02-24 12:24:00 |
This botnet is abusing Bitcoin blockchains to stay in the shadows (lien direct) |
BTC transactions are being used to obfuscate malicious activity. |
|
|
|
|
2021-02-24 11:02:23 |
Start Options, B2G founder indicted for alleged digital currency, investor fraud (lien direct) |
The individual has been accused of being part of a scheme to defraud "hundreds" of investors. |
|
|
|
|
2021-02-24 05:01:03 |
COVID pandemic causes spike in cyberattacks against hospitals, medical companies (lien direct) |
IBM says attack rates have doubled against medical entities since the pandemic began. |
|
|
|
|
2021-02-23 23:28:16 |
Airplane maker Bombardier data posted on ransomware leak site following FTA hack (lien direct) |
Bombardier is the latest in a long string of hacks caused by companies using old versions of the Accellion FTA file-sharing server. |
Ransomware
Hack
|
|
|
|
2021-02-23 17:26:06 |
Flash version distributed in China after EOL is installing adware (lien direct) |
Security researchers say the Chinese Flash app is behaving lide adware and opening browser windows to show ads. |
|
|
|
|
2021-02-23 17:00:00 |
Google\'s Password Checkup feature coming to Android (lien direct) |
The Password Checkup feature will tell Android users when one of their passwords has been exposed in an online data breach. |
|
|
|
|
2021-02-23 14:00:03 |
Qualcomm, Sophos ink deal to secure 5G Snapdragon PCs (lien direct) |
Sophos will provide endpoint protection for always on, always connected PCs. |
|
|
|
|
2021-02-23 10:29:07 |
IBM issues patches for Java Runtime, Planning Analytics Workspace, Kenexa LMS (lien direct) |
The worst bugs could lead to malicious code execution and application crashes. |
Guideline
|
|
|
|
2021-02-23 09:25:22 |
Keybase patches bug that kept pictures in cleartext storage on Mac, Windows clients (lien direct) |
Keybase failed to wipe clean cached pictures even after deletion. |
|
|
|
|
2021-02-22 21:19:51 |
FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group (lien direct) |
FireEye: Hackers breached companies running FTA servers, stole private files, and are now publishing data on the Clop ransomware leak site. |
Ransomware
|
|
|
|
2021-02-22 15:45:22 |
Powerhouse VPN products can be abused for large-scale DDoS attacks (lien direct) |
Around 1,500 Powerhouse VPN servers are exposed online and ready to be abused by DDoS groups. |
|
|
|
|
2021-02-22 12:03:25 |
(Déjà vu) Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter (lien direct) |
The cross-site scripting bug reportedly earned the researcher a $5000 reward. |
|
|
|
|
2021-02-22 11:01:46 |
Chinese hackers cloned attack tool belonging to NSA\'s Equation Group (lien direct) |
The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued. |
Tool
Vulnerability
|
|
|
|
2021-02-22 07:58:04 |
30,000 Macs infected with new Silver Sparrow malware (lien direct) |
Silver Sparrow can even run on systems with Apple's new M1 chip. |
Malware
|
|
|
|
2021-02-19 16:02:00 |
Brave browser leaks onion addresses in DNS traffic (lien direct) |
DNS leak leaves footprints in DNS server logs for a Brave user's Tor traffic. |
|
|
|
|
2021-02-19 13:31:19 |
Myanmar arrests 11 suspects for hacking government sites during protests (lien direct) |
Hacktivists operated via a Facebook group and called themselves the "Myanmar Hackers." |
|
|
|
|
2021-02-19 13:31:00 |
Malaysia arrests 11 suspects for hacking government sites (lien direct) |
A similar government website defacement campaign is also taking place this week in Myanmar, in support of the country's jailed elected leader. |
Guideline
|
|
|
|
2021-02-18 17:44:00 |
Microsoft says SolarWinds hackers downloaded some Azure, Exchange, and Intune source code (lien direct) |
Microsoft says it has completed its investigation into its SolarWinds-related breach. |
|
|
|
|
2021-02-18 16:59:00 |
RIPE NCC discloses failed brute-force attack on its SSO service (lien direct) |
RIPE NCC, which manages the IP address space for the EMEA region, is now asking its 20,000 member orgs to enable 2FA for their accounts. |
|
|
|
|
2021-02-18 15:20:50 |
CrowdStrike acquires Humio for $400 million (lien direct) |
Deal expected to close at the end of Q1 2021. |
|
|
|
|
2021-02-18 11:54:37 |
Windows and Linux servers targeted by new WatchDog botnet for almost two years (lien direct) |
WatchDog botnet uses exploits to take over servers and mine cryptocurrency. |
|
|
|
|
2021-02-18 11:38:40 |
Masslogger Trojan reinvented in quest to steal Outlook, Chrome credentials (lien direct) |
The operators have also been linked to the use of AgentTesla, Formbook, and AsyncRAT. |
|
|
|
|
2021-02-17 22:06:16 |
Microsoft starts removing Flash from Windows devices via new KB4577586 update (lien direct) |
Windows 10 users are reporting seeing a new update this week that permanently removes Flash from their systems. |
|
|
|
|
2021-02-17 17:33:00 |
(Déjà vu) US charges two more members of the \'Lazarus\' North Korean hacking group (lien direct) |
The US DOJ described the North Korean hackers as "the world's leading bank robbers" and "a criminal syndicate with a flag." |
Guideline
|
APT 38
|
|
|
2021-02-17 13:15:12 |
Dutch police post \'friendly\' warnings on hacking forums (lien direct) |
Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause." |
|
|
|
|
2021-02-17 13:00:05 |
Bug in shared SDK can let attackers join calls undetected across multiple apps (lien direct) |
Apps that use the SDK include MeetMe, Skout, Nimo TV, temi, and Talkspace. |
|
|
|
|
2021-02-17 12:01:29 |
Owner of app that hijacked millions of devices with one update exposes buy-to-infect scam (lien direct) |
The owners of the once-legitimate Android app insist that a buyer was responsible for a malicious update with far-reaching consequences. |
|
|
|
|
2021-02-17 10:42:51 |
Tracker pixels in emails are now an \'endemic\' privacy concern (lien direct) |
Critics suggest the practice is marketing gone too far. |
|
|
|
|
2021-02-16 23:17:27 |
Centreon says only 15 entitites were targeted in recent Russian hacking spree (lien direct) |
Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software. |
|
|
|
|
2021-02-16 19:52:40 |
Malvertiser abused WebKit zero-day to redirect iOS & macOS users to shady sites (lien direct) |
Malicious ad campaigns have taken place all last year. Patches shipped on February 1, 2021. |
|
|
|
|
2021-02-16 06:00:03 |
Losses to romance scams reached a record $304 million in 2020 (lien direct) |
The FTC believes the pandemic limited people's ability to meet in person, which contributed to a spike in successful online romance scams. |
|
|
|
|
2021-02-16 00:21:27 |
Security bugs left unpatched in Android app with one billion downloads (lien direct) |
The vulnerabilities impact SHAREit, an app used for sharing files between users and their devices. |
|
|
|
|
2021-02-15 18:18:00 |
France: Russian state hackers targeted Centreon servers in years-long campaign (lien direct) |
New ANSSI report exposes new Sandworm APT attacks targeting IT companies using Centreon servers. |
|
|
|
|
2021-02-15 16:25:45 |
(Déjà vu) 270 addreses are responsible for 55% of all cryptocurrency money laundering (lien direct) |
Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law enforcement actions. |
|
|
|
|
2021-02-15 16:25:00 |
270 addresses are responsible for 55% of all cryptocurrency money laundering (lien direct) |
Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law enforcement actions. |
|
|
|
|
2021-02-14 15:41:34 |
Egregor ransomware operators arrested in Ukraine (lien direct) |
Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself. |
Ransomware
|
|
|
|
2021-02-12 19:42:13 |
Apple will proxy Safe Browsing traffic on iOS 14.5 to hide user IPs from Google (lien direct) |
iOS 14.5 is currently in beta. |
|
|
|
|
2021-02-12 13:55:00 |
Yandex said it caught an employee selling access to users\' inboxes (lien direct) |
The Russian company said the employee sold access to 4,887 user email accounts. |
|
|
|
|
2021-02-12 13:20:00 |
Microsoft said the number of web shells has doubled since last year (lien direct) |
Microsoft says it's seeing around 140,000 web shells a month, up from roughly 77,000 last August. |
|
|
|
|
2021-02-11 20:57:22 |
Accellion to retire product at the heart of recent hacks (lien direct) |
The Accellion FTA file transfer service has been at the heart of recent hacks at banks, telcos, and government organizations across the world. |
|
|
|
|
2021-02-11 17:16:00 |
Free decrypter released for Avaddon ransomware victims... aaand, it\'s gone! (lien direct) |
The Avaddon ransomware gang said in a forum post they already updated their code to counter the tool's release. |
Ransomware
|
|
|
|
2021-02-11 12:37:55 |
KeepChange said it stopped hackers from stealing user funds, but not personal data (lien direct) |
Stolen information includes names, email addresses, trade data, and hashed passwords. |
|
|
|
|
2021-02-11 11:00:04 |
Android spyware strains linked to state-sponsored Confucius threat group (lien direct) |
Hornbill and SunBird are being used to stalk and steal the data of Pakistani nationals. |
Threat
|
|
|
|
2021-02-11 10:30:28 |
PayPal fixes reflected XSS vulnerability in user wallet currency converter (lien direct) |
The currency conversion endpoint was susceptible to attacks. |
Vulnerability
|
|
|
|
2021-02-11 03:38:44 |
Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests (lien direct) |
Facebook's crackdown on lookalike domains last year has touched some of the domains security firm Proofpoint was using for security awareness training exercises. |
|
|
|
|
2021-02-10 22:26:27 |
Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7 (lien direct) |
An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. |
|
|
|
|
2021-02-10 14:08:23 |
Authorities arrest SIM swapping gang that targeted celebrities (lien direct) |
Eight men were arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks targeting US celebrities. |
|
|
|