Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-05-12 11:00:00 |
Researchers track down five affiliates of DarkSide ransomware service (lien direct) |
Customers of the RaaS can deploy malware as they see fit and dictate the content of leaks. |
Ransomware
Malware
|
|
|
|
2021-05-12 08:44:22 |
FBI, CISA publish alert on DarkSide ransomware (lien direct) |
The advisory deals with ransomware-as-a-service, thrust into the spotlight by the Colonial Pipeline cyberattack. |
Ransomware
|
|
|
|
2021-05-11 10:46:00 |
(Déjà vu) Colonial Pipeline attack: Everything you need to know (lien direct) |
Updated: DarkSide has claimed responsibility for the catastrophic ransomware outbreak. |
Ransomware
|
|
|
|
2021-05-11 10:46:00 |
Everything you need to know about the Colonial Pipeline ransomware attack (lien direct) |
DarkSide has claimed responsibility for the catastrophic ransomware outbreak. |
Ransomware
|
|
|
|
2021-05-11 08:14:27 |
GitHub shifts away from passwords with security key support for SSH Git operations (lien direct) |
Support has been added to bolster defense against account compromise. |
|
|
|
|
2021-05-10 18:00:03 |
DarkSide explained: the ransomware group responsible for Colonial Pipeline cyberattack (lien direct) |
The group's existence is tied to a murky web of shorted stocks, criminality, and failed attempts to appear as Robin Hood. |
Ransomware
|
|
|
|
2021-05-10 10:29:06 |
Amazon seized, destroyed two million fake products sent to warehouses in 2020 (lien direct) |
Over 10 billion suspect listings were also wiped out during the year in a counterfeit crackdown. |
|
|
|
|
2021-05-10 09:24:33 |
Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks (lien direct) |
Fake TLDs are now also being created to maximize the potential success of attacks. |
|
|
|
|
2021-05-10 08:14:49 |
Group pleads guilty to running bulletproof hosting service for criminal gangs, malware payloads (lien direct) |
Zeus, SpyEye, Citadel, and the Blackhole exploit kit were among the strains stored through the host. |
Malware
|
|
|
|
2021-05-07 11:25:54 |
New Moriya rootkit stealthily backdoors Windows systems (lien direct) |
Unknown attackers may have been quietly exploiting networks in attacks reaching back to 2018. |
|
|
|
|
2021-05-07 10:16:05 |
IRS secures order to serve Kraken with customer data request on cryptocurrency traders (lien direct) |
Users who have conducted $20,000 in transactions are now on the tax office's radar. |
|
|
|
|
2021-05-07 09:15:44 |
Google teams up with Stop Scams to tackle financial fraud in the UK (lien direct) |
Companies are stepping up to tackle scams on and offline. |
|
|
|
|
2021-05-06 13:00:06 |
Data leak implicates over 200,000 people in Amazon fake product review scam (lien direct) |
Names, email addresses, and PayPal details were exposed and left online. |
|
|
|
|
2021-05-06 10:30:03 |
Ryuk ransomware finds foothold in bio research institute through student who wouldn\'t pay for software (lien direct) |
The incident started with a student who didn't want to pay for a license and ended with the loss of research. |
Ransomware
|
|
|
|
2021-05-05 09:37:00 |
Banking Trojan evolves from distribution through porn to phishing schemes (lien direct) |
While starting out in Brazil, the malware may now also be present in Europe. |
Malware
|
|
|
|
2021-05-05 08:47:10 |
Panda Stealer dropped in Excel files, spreads through Discord to steal user cryptocurrency (lien direct) |
The malware hones in on cryptocurrency funds as well as VPN credentials. |
Malware
|
|
|
|
2021-05-04 14:00:03 |
Three new malware families found in global finance phishing campaign (lien direct) |
Doubledrag, Doubledrop, and Doubleback are the work of “experienced” threat actors. |
Threat
Malware
|
|
|
|
2021-05-04 13:05:20 |
Patch issued to tackle critical security issues present in Dell driver software since 2009 (lien direct) |
Five critical security issues have been discovered. |
|
|
|
|
2021-04-30 09:37:17 |
SAP admits to \'thousands\' of illegal software exports to Iran (lien direct) |
SAP says it accepts “full responsibility for past conduct.” |
|
|
|
|
2021-04-30 08:52:17 |
WeSteal: A \'shameless\' cryptocurrency stealer sold in the underground (lien direct) |
The brazen developer doesn't even try to hide their creation's true purpose. |
|
|
|
|
2021-04-30 07:45:39 |
ISC urges updates of DNS servers to wipe out new BIND vulnerabilities (lien direct) |
The security flaws could lead to remote exploitation. |
Guideline
|
|
|
|
2021-04-29 10:00:04 |
Paleohacks data leak exposes customer records, password reset tokens (lien direct) |
The leak wasn't dealt with until Amazon was contacted directly. |
|
|
|
|
2021-04-29 09:39:06 |
RotaJakiro: A Linux backdoor that has flown under the radar for years (lien direct) |
The malware remains undetected by most VirusTotal engines. |
Malware
|
|
|
|
2021-04-29 08:49:09 |
Accenture acquires French cybersecurity firm Openminded (lien direct) |
The bid is aimed at expanding Accenture's European footprint. |
|
|
|
|
2021-04-28 12:43:42 |
Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild (lien direct) |
The patch tackles a zero-day bug actively exploited by Shlayer malware. |
Vulnerability
|
|
|
|
2021-04-28 10:29:28 |
Linux kernel vulnerability exposes stack memory, causes data leaks (lien direct) |
The bug could also be used as a conduit for more severe attacks. |
Vulnerability
|
|
|
|
2021-04-28 09:11:00 |
Microsoft mulls over tweaks to threat data, code-sharing scheme following Exchange Server debacle (lien direct) |
It has been suspected that exploit code used in the wave of attacks may have been sourced from the program. |
Threat
|
|
|
|
2021-04-28 04:01:03 |
COVID-19, WFH prompts spike in cyberattacks against banks, insurers (lien direct) |
Research suggests “open and insecure gaps” are being exploited in financial organizations' networks. |
|
|
|
|
2021-04-27 08:54:35 |
Adobe releases open source \'one-stop shop\' for security threat, data anomaly detection (lien direct) |
The project is focused on data processing efficiency and improving threat log data analysis. |
Threat
|
|
|
|
2021-04-26 11:08:00 |
Darktrace slashes valuation price estimate ahead of IPO: report (lien direct) |
The caution is aimed at preventing share prices from tanking on debut. |
|
|
|
|
2021-04-26 09:34:40 |
Prominent security expert Dan Kaminsky passes away at 42 (lien direct) |
Kaminsky is being remembered not only for his kindness but also for being a “force of nature” in the infosec community. |
|
|
|
|
2021-04-26 07:24:13 |
Thodex cryptocurrency exchange chief allegedly goes on the run with $2bn in client funds (lien direct) |
The exchange claims such reports are “unfounded.” |
|
|
|
|
2021-04-23 08:56:25 |
ToxicEye: Trojan abuses Telegram platform to steal your data (lien direct) |
The RAT is using bots to propagate across Telegram channels. |
|
|
|
|
2021-04-22 13:08:16 |
SolarWinds hack analysis reveals 56% boost in command server footprint (lien direct) |
Researchers say newly identified targets are likely. |
Hack
|
|
|
|
2021-04-22 07:23:12 |
New US Justice Department team aims to disrupt ransomware operations (lien direct) |
The task force will focus on dealing with the “root causes” of ransomware. |
Ransomware
|
|
|
|
2021-04-21 13:12:39 |
Instagram debuts new tool to stop abusive message salvos made through new accounts (lien direct) |
DMs are the next area the firm wants to focus on in controlling abusive behavior. |
Tool
|
|
|
|
2021-04-21 10:35:25 |
Zero-day vulnerabilities in SonicWall email security are being actively exploited (lien direct) |
The vendor is urging customers to apply patches immediately. |
|
|
|
|
2021-04-21 09:45:24 |
Codecov breach impacted \'hundreds\' of customer networks: report (lien direct) |
Reports suggest the initial hack may have led to a more extensive supply chain attack. |
Hack
|
|
★★
|
|
2021-04-20 12:07:50 |
Internal Facebook email reveals intent to frame data scraping as \'normalized, broad industry issue\' (lien direct) |
More scraping incidents are "expected" in the future. |
|
|
|
|
2021-04-20 10:35:48 |
Lazarus hacking group now hides payloads in BMP image files (lien direct) |
South Korea continues to be a favored target. |
|
APT 38
|
|
|
2021-04-20 09:04:43 |
Facebook cracks down on posts urging violence, mockery ahead of Chauvin verdict in George Floyd case (lien direct) |
The company also aims to wipe out content that “praises, celebrates or mocks George Floyd's death.” |
|
|
|
|
2021-04-20 08:15:12 |
Remote code execution vulnerabilities uncovered in smart air fryer (lien direct) |
The impacted vendor has not responded or fixed the security issues. |
|
|
|
|
2021-04-19 11:09:00 |
Peloton pushes back against \'urgent\' warning against using Tread+ treadmill (lien direct) |
The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+. |
|
|
|
|
2021-04-19 09:42:18 |
Coding error allowed attackers to delete Facebook live video (lien direct) |
The security issue earned the reporting researcher a substantial bug bounty. |
|
|
|
|
2021-04-09 10:15:53 |
Critical Zoom vulnerability triggers remote code execution without user input (lien direct) |
The researchers who discovered the bug have earned themselves $200,000. |
Vulnerability
|
|
|
|
2021-04-09 09:32:33 |
Washington State educational organizations targeted in cryptojacking spree (lien direct) |
The lucrative nature of cryptocurrency means no industry is safe. |
|
|
|
|
2021-04-08 11:03:18 |
Facebook tackles deepfake spread and troll farms in latest moderation push (lien direct) |
AI-generated images and an exiled militant group are now on Facebook's radar. |
|
|
|
|
2021-04-08 09:40:42 |
Italian man arrested after allegedly paying hitman in cryptocurrency (lien direct) |
Europol claims he attempted to have his ex-girlfriend assassinated. |
|
|
|
|
2021-04-08 09:36:31 |
Vyveva: Lazarus hacking group\'s latest weapon strikes South African freight (lien direct) |
The backdoor is being used to spy on the activities of freight companies. |
|
APT 38
APT 28
|
|
|
2021-04-07 11:34:39 |
Man jailed for trying to buy chemical weapon online able to kill \'hundreds\' of people (lien direct) |
Orders were made in the name of a minor. |
|
|
|