Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-05-24 13:23:09 |
These are the flaws that let hackers attack blockchain and DeFi projects (lien direct) |
Most losses were due to 'unsophisticated' attacks. |
|
|
|
|
2022-05-24 10:00:01 |
IBM is helping these schools build up their ransomware defenses (lien direct) |
The goal is to improve cybersecurity defenses in public sector schools. |
Ransomware
|
|
|
|
2022-05-20 10:11:46 |
Fake domains offer Windows 11 installers - but deliver malware instead (lien direct) |
Be careful what you are downloading - these files deliver the Vidar infostealer. |
Malware
|
|
|
|
2022-05-19 14:00:01 |
Cyberattacks and misinformation activity against Ukraine continues say security researchers (lien direct) |
Malware and fake news continues, says Mandiant. |
Malware
|
|
|
|
2022-05-19 13:00:02 |
This Russian botnet does far more than DDoS attacks - and on a massive scale (lien direct) |
Operators can track social media trends and tailor their propaganda to suit. |
|
|
|
|
2022-05-18 08:30:02 |
Wizard Spider hackers hire cold callers to scare ransomware victims into paying up (lien direct) |
Researchers believe the group has millions of dollars in assets. |
Ransomware
|
|
|
|
2022-05-16 13:19:59 |
Are period tracking apps safe? (lien direct) |
Opinion: The convenience isn't worth the risk. |
|
|
|
|
2022-05-16 10:00:00 |
Researchers warn of APTs, data leaks as serious threats against UK financial sector (lien direct) |
Researchers say geopolitical threats are far from the only concern. |
|
|
|
|
2022-05-11 13:07:00 |
How to delete yourself from internet search results and hide your identity online (lien direct) |
Here is a step-by-step guide to reducing your digital footprint online, whether you want to lock down data or vanish entirely. |
|
|
★★
|
|
2022-05-05 11:02:00 |
Decade-old bugs discovered in Avast, AVG antivirus software (lien direct) |
Researchers say exploitation could have had "far-reaching and significant" consequences. |
|
|
|
|
2022-05-04 15:00:02 |
GitHub launches new 2FA mandates for code developers, contributors (lien direct) |
New rules surrounding authentication will come in by the end of 2023. |
|
|
|
|
2022-05-04 04:01:01 |
Chinese hackers perform \'rarely seen\' Windows mechanism abuse in three-year campaign (lien direct) |
Operation CuckooBees is an elaborate operation against companies in the US and beyond. |
|
|
|
|
2022-05-02 08:00:02 |
Mozilla finds mental health apps fail \'spectacularly\' at user security, data policies (lien direct) |
Prayer apps, too, have raised serious security concerns. |
|
|
|
|
2022-04-29 09:49:00 |
Vulnerable plugins plague the CMS website security landscape (lien direct) |
Backdoors, card skimming, and spam are also common factors in website compromise. |
Spam
|
|
|
|
2022-04-29 08:17:37 |
HackerOne acquires code security tester, review service PullRequest (lien direct) |
HackerOne says that clients will be able to more easily integrate code security reviews during workflows. |
|
|
|
|
2022-04-28 12:30:00 |
ExtraReplica: Microsoft patches certificate transparency bug in Azure PostgreSQL (lien direct) |
The flaw was exploitable to conduct privilege escalation and code execution. |
|
|
|
|
2022-04-27 12:00:00 |
Bronze President spies on Russian targets as Ukraine invasion continues (lien direct) |
It's not necessarily because Russia is considered hostile, however. |
|
|
|
|
2022-04-22 09:33:30 |
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave (lien direct) |
For as long as crypto is lucrative, cyberattackers will try to cash in. |
|
|
|
|
2022-04-21 13:27:55 |
Beanstalk DeFi project robbed of $182 million in flash loan attack (lien direct) |
Reserves were drained after the attacker awarded themselves voting rights. |
|
|
|
|
2022-04-21 11:33:31 |
Hive hackers are exploiting Microsoft Exchange Servers in ransomware spree (lien direct) |
In one case, it took them less than 72 hours to infiltrate and hold a company to ransom. |
Ransomware
|
|
|
|
2022-04-21 10:13:11 |
Warrior Trading forced to pay $3 million for \'misleading\' day trading scheme (lien direct) |
The FTC says the firm's owner made "bogus money-making claims." |
|
|
|
|
2022-04-19 09:34:09 |
Lenovo patches UEFI firmware vulnerabilities impacting millions of users (lien direct) |
Three vulnerabilities could be exploited to deploy flash implants and circumvent secure boot. |
|
|
|
|
2022-04-14 12:00:01 |
Meet ZingoStealer: the Haskers Gang\'s new, free malware (lien direct) |
ZingoStealer is able to spread cryptocurrency mining malware. |
Malware
|
|
|
|
2022-04-13 13:05:20 |
Critical vulnerabilities uncovered in hospital robots (lien direct) |
The robots zip around hospitals delivering medicine and other supplies. |
|
|
|
|
2022-04-13 10:52:56 |
Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene (lien direct) |
The botnet borrows a few tricks from Mirai. |
|
|
|
|
2022-04-13 09:22:14 |
Barracuda Networks changes hands with purchase by global investment firm KKR (lien direct) |
KKR is taking over from Thoma Bravo. |
|
|
|
|
2022-04-12 14:00:05 |
These hackers pretend to poach, recruit rival bank staff in new cyberattacks (lien direct) |
Employees looking for new career opportunities are the targets. |
|
|
|
|
2022-04-12 13:00:00 |
Only half of organizations reviewed security policies due to the pandemic: Study (lien direct) |
Investment is expected to increase but existing cybersecurity strategies are lacking. |
|
|
|
|
2022-04-11 13:00:01 |
XSS vulnerability patched in Directus data engine platform (lien direct) |
The platform is described as a "flexible powerhouse for engineers." |
Vulnerability
|
|
|
|
2022-04-08 10:27:21 |
FIN7 hacking group member sentenced to five years behind bars (lien direct) |
He worked as a penetration tester for the criminal outfit. |
|
|
|
|
2022-04-07 09:17:06 |
VMware warns of critical remote code execution bug in Workspace ONE Access (lien direct) |
Other severe vulnerabilities have been resolved. |
|
|
★★★★
|
|
2022-04-07 08:19:00 |
Zoom awarded $1.8 million in bug bounty rewards over 2021 (lien direct) |
The program has paid out $2.4 million since its launch. |
|
|
★★★★★
|
|
2022-04-07 04:00:02 |
Israeli officials are being catfished by AridViper hackers (lien direct) |
APT-C-23 is targeting high-ranking individuals in defense, law, and emergency services. |
|
APT-C-23
|
|
|
2022-04-06 12:00:02 |
This new malware targets AWS Lambda environments (lien direct) |
Denonia malware is abusing servers to run cryptocurrency miners. |
Malware
|
|
|
|
2022-04-06 09:30:03 |
Fake Android shopping apps steal bank account logins, 2FA codes (lien direct) |
Customers of Malaysian banks are being turned into cash cows. |
|
|
|
|
2022-04-05 13:59:41 |
FIN7 hackers evolve operations with ransomware, novel backdoor (lien direct) |
Researchers have explored the shift in the sophisticated group's latest tactics. |
|
|
|
|
2022-04-05 10:50:32 |
GitHub now scans for secret leaks in developer workflows (lien direct) |
The new tool aims to protect developers against API and token exposure. |
Tool
|
|
|
|
2022-04-05 09:44:20 |
US judge sentences men for $1.5 million Apple Gift Card scam (lien direct) |
Apple is also owed over $1 million in damages. |
|
|
|
|
2022-04-04 11:23:00 |
Borat RAT malware: a \'unique\' triple threat that is far from funny (lien direct) |
The malware combines remote access, spyware, and ransomware into one nasty package. |
Threat
Ransomware
Malware
|
|
|
|
2022-04-04 10:13:18 |
Turkey seeks 40,000-year sentences for alleged cryptocurrency exit scammers (lien direct) |
21 suspects are wanted in connection to a defunct Turkish crypto exchange. |
|
|
|
|
2022-04-01 11:54:00 |
Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit (lien direct) |
Log4Shell is being exploited to deploy the kernel rootkit. |
|
APT 19
|
★★★★
|
|
2022-04-01 10:23:05 |
Zyxel urges customers to patch critical firewall bypass vulnerability (lien direct) |
The vendor has issued a severity score of 9.8. |
Vulnerability
|
|
|
|
2022-04-01 09:40:55 |
The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities (lien direct) |
The flaws can be exploited to execute code on vulnerable controllers and workstations. |
|
|
|
|
2022-03-31 14:52:41 |
Meet BlackGuard: a new infostealer peddled on Russian hacker forums (lien direct) |
Sophisticated, but potentially cheap. |
|
|
|
|
2022-03-31 12:00:02 |
Cybersecurity managers with a direct line to executive boards set the tone for investment: study (lien direct) |
Moody's examines how incident response and defense have implications for the market. |
|
|
|
|
2022-03-31 09:23:10 |
Globant admits to data breach after Lapsus$ releases source code (lien direct) |
The hacking group criticized Globant's "poor security practices." |
Data Breach
|
|
|
|
2022-03-30 11:25:23 |
As Lapsus$ comes back from \'vacation,\' Sitel clarifies position on data breach (lien direct) |
Lapsus$ also claims to have compromised a software solutions provider. |
Data Breach
|
|
|
|
2022-03-30 09:40:44 |
This new ransomware targets data visualization tool Jupyter Notebook (lien direct) |
Misconfigured environments are the entry point for the ransomware strain. |
Ransomware
Tool
|
|
|
|
2022-03-29 12:00:00 |
Transparent Tribe APT returns to strike India\'s government and military (lien direct) |
The development of custom malware indicates the group is trying to "compromise even more victims." |
Malware
|
APT 36
|
|
|
2022-03-29 11:09:00 |
Ukraine destroys five bot farms that were spreading \'panic\' among citizens (lien direct) |
Over 100,000 fake accounts were allegedly used to spread misinformation about Russia's invasion. |
|
|
|