Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-12-14 23:10:21 |
Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit (lien direct) |
It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. |
Hack
|
|
|
|
2021-12-14 22:21:35 |
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery (lien direct) |
December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. |
Malware
|
|
|
|
2021-12-14 20:23:48 |
400 Banks\' Customers Targeted with Anubis Trojan (lien direct) |
The new campaign masqueraded as an Orange Telecom account management app to deliver the latest iteration of Anubis banking malware.
|
|
|
|
|
2021-12-14 17:54:47 |
What the Log4Shell Bug Means for SMBs: Experts Weigh In (lien direct) |
An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what's vulnerable, what an attack looks like and to how to remediate. |
|
|
|
|
2021-12-14 17:21:51 |
How to Buy Precious Patching Time as Log4j Exploits Fly (lien direct) |
Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed.
|
Patching
|
|
|
|
2021-12-14 13:21:57 |
\'Seedworm\' Attackers Target Telcos in Asia, Middle East (lien direct) |
The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. |
|
|
|
|
2021-12-13 23:17:45 |
Kronos Ransomware Outage Drives Widespread Payroll Chaos (lien direct) |
Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking. |
Ransomware
|
|
|
|
2021-12-13 19:00:01 |
Where the Latest Log4Shell Attacks Are Coming From (lien direct) |
Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. |
|
|
|
|
2021-12-13 18:46:34 |
Malicious PyPI Code Packages Rack Up Thousands of Downloads (lien direct) |
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. |
Malware
|
|
|
|
2021-12-13 18:14:46 |
Log4Shell Is Spawning Even Nastier Mutations (lien direct) |
The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.
|
|
|
|
|
2021-12-10 19:00:36 |
\'Appalling\' Riot Games Job Fraud Takes Aim at Wallets (lien direct) |
Scammers are using fake job listings to empty the wallets of young, hopeful victims looking to break into the gaming industry. |
|
|
|
|
2021-12-10 17:58:04 |
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack (lien direct) |
The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” |
Tool
Vulnerability
Guideline
|
|
|
|
2021-12-10 16:19:44 |
Sprawling Active Attack Aims to Take Over 1.6M WordPress Sites (lien direct) |
Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts. |
|
|
|
|
2021-12-10 13:16:43 |
\'Karakurt\' Extortion Threat Emerges, But Says No to Ransomware (lien direct) |
The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. |
Ransomware
Threat
|
|
|
|
2021-12-09 21:09:49 |
Canadian Ransomware Arrest Is a Meaningful Flex, Experts Say (lien direct) |
U.S. and Canada charge Ottawa man for ransomware attacks, signaling that North America is no cybercriminal haven. |
Ransomware
|
|
|
|
2021-12-09 19:54:39 |
Fueled by Pandemic Realities, Grinchbots Aggressively Surge in Activity (lien direct) |
E-commerce's proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale. |
|
|
|
|
2021-12-09 15:56:16 |
How MikroTik Routers Became a Cybercriminal Target (lien direct) |
The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said. |
|
|
|
|
2021-12-08 22:30:04 |
Malicious npm Code Packages Built for Hijacking Discord Servers (lien direct) |
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. |
|
|
|
|
2021-12-08 20:13:18 |
Moobot Botnet Chews Up Hikvision Surveillance Systems (lien direct) |
Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned. |
|
|
★★★★★
|
|
2021-12-08 19:28:35 |
Not with a Bang but a Whisper: The Shift to Stealthy C2 (lien direct) |
DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike's arsenal. |
Threat
|
|
|
|
2021-12-08 19:16:54 |
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover (lien direct) |
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. |
|
|
|
|
2021-12-08 18:54:12 |
AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK (lien direct) |
Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a dozen cloud services used by millions of users worldwide open to privilege-escalation attacks. That includes Amazon WorkSpaces, Accops and NoMachine, among others: all apps that […] |
|
|
|
|
2021-12-08 14:47:59 |
Emotet\'s Behavior & Spread Are Omens of Ransomware Attacks (lien direct) |
The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets.
|
Ransomware
Threat
|
|
|
|
2021-12-07 20:24:02 |
Windows 10 Drive-By RCE Triggered by Default URI Handler (lien direct) |
There's an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. |
|
|
|
|
2021-12-07 20:01:45 |
When Scammers Get Scammed, They Take It to Cybercrime Court (lien direct) |
Underground arbitration system settles disputes between cybercriminals. |
|
|
|
|
2021-12-07 17:13:51 |
Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators (lien direct) |
The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. |
|
|
|
|
2021-12-07 13:24:30 |
SolarWinds Attackers Spotted Using New Tactics, Malware (lien direct) |
One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing.
|
Malware
Threat
|
|
|
|
2021-12-06 22:09:50 |
Crypto-Exchange BitMart to Pay Users for $200M Theft (lien direct) |
BitMart confirmed it had been drained of ~$150 million in cryptocurrency assets, but a blockchain security firm said it's closer to $200 million.
|
|
|
|
|
2021-12-06 21:47:45 |
Are You Guilty of These 8 Network-Security Bad Practices? (lien direct) |
Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. |
|
|
|
|
2021-12-06 20:45:19 |
Cyber Command Publicly Joins Fight Against Ransomware Groups (lien direct) |
U.S. military acknowledges targeting cybercriminals who launch attacks on U.S. companies. |
Ransomware
|
|
|
|
2021-12-06 18:29:59 |
Cuba Ransomware Gang Hauls in $44M in Payouts (lien direct) |
The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. |
Ransomware
Malware
|
|
|
|
2021-12-06 16:25:02 |
Pegasus Spyware Infects U.S. State Department iPhones (lien direct) |
It's unknown who's behind the cyberattacks against at least nine employees' iPhones, who are all involved in Ugandan diplomacy.
|
|
|
|
|
2021-12-06 16:14:54 |
Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies (lien direct) |
The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. |
|
|
★★★
|
|
2021-12-03 20:09:24 |
Pandemic-Influenced Car Shopping: Just Use the Manufacturer API (lien direct) |
Jason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes. |
|
|
|
|
2021-12-03 19:46:27 |
Omicron Phishing Scam Already Spotted in UK (lien direct) |
Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data. |
|
|
|
|
2021-12-03 17:47:37 |
What Are Your Top Cloud Security Challenges? Threatpost Poll (lien direct) |
We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll! |
|
|
|
|
2021-12-03 13:17:47 |
Threat Group Takes Aim Again at Cloud Platform Provider Zoho (lien direct) |
Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company's portfolio. |
|
|
|
|
2021-12-02 19:53:02 |
\'Double-Extortion\' Ransomware Data Leaks Skyrocket 935% (lien direct) |
Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found. |
Ransomware
|
|
|
|
2021-12-02 19:29:18 |
Planned Parenthood Breach Opens Patients to Follow-On Attacks (lien direct) |
Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information. |
|
|
|
|
2021-12-02 17:35:06 |
AT&T Takes Steps to Mitigate Botnet Found Inside Its Network (lien direct) |
AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem. |
Malware
|
|
|
|
2021-12-01 19:34:53 |
80K Retail WooCommerce Sites Exposed by Plugin XSS Bug (lien direct) |
The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts. |
|
|
|
|
2021-12-01 17:11:04 |
Stealthy \'WIRTE\' Gang Targets Middle Eastern Governments (lien direct) |
Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang.
|
|
|
|
|
2021-12-01 12:15:28 |
Widespread \'Smishing\' Campaign Defrauds Iranian Android Users (lien direct) |
Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts. |
Malware
|
|
|
|
2021-11-30 20:58:59 |
How Decryption of Network Traffic Can Improve Security (lien direct) |
Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good thing. |
|
|
|
|
2021-11-30 20:41:17 |
Lloyd\'s Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks (lien direct) |
The insurer won't pay for 'acts of cyber-war' or nation-state retaliation attacks. |
|
|
|
|
2021-11-30 18:11:16 |
Finland Faces Blizzard of FluBot-Spreading Text Messages (lien direct) |
Millions of texts leading to the Flubot spyware/banking trojan are targeting everyone who uses Androids in the country, in an "exceptional" attack. |
Guideline
|
|
|
|
2021-11-30 17:56:03 |
Panasonic\'s Data Breach Leaves Open Questions (lien direct) |
Cyberattackers had unfettered access to the technology giant's file server for four months. |
Data Breach
|
|
|
|
2021-11-30 13:56:45 |
Yanluowang Ransomware Tied to Thieflock Threat Actor (lien direct) |
Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. |
Ransomware
Threat
|
|
|
|
2021-11-29 21:22:12 |
IKEA Hit by Email Reply-Chain Cyberattack (lien direct) |
IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. |
|
|
|
|
2021-11-29 21:15:35 |
Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months (lien direct) |
Attackers are honing Google Play dropper campaigns, overcoming app store restrictions. |
|
|
|