Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-15 02:36:18 |
Hackers target Japanese politicians with new MirrorStealer malware (lien direct) |
A hacking group tracked as MirrorFace has been targeting Japanese politicians for weeks before the House of Councilors election in July 2022, using a previously undocumented credentials stealer named 'MirrorStealer.' [...] |
Malware
|
|
★
|
|
2022-12-14 14:13:11 |
Attackers use SVG files to smuggle QBot malware onto Windows systems (lien direct) |
QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. [...] |
Malware
|
|
★★
|
|
2022-12-14 13:24:00 |
Microsoft patches Windows zero-day used to drop ransomware (lien direct) |
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. [...] |
Ransomware
Malware
Vulnerability
Threat
|
|
★★
|
|
2022-12-14 08:51:00 |
Microsoft fixes Windows Server issue causing freezes, restarts (lien direct) |
Microsoft has addressed an LSASS memory leak issue on some domain controllers that led to freezes and restarts after installing Windows Server updates released during last month's Patch Tuesday. [...] |
|
|
★★
|
|
2022-12-13 16:24:20 |
LockBit claims attack on California\'s Department of Finance (lien direct) |
The Department of Finance in California has been the target of a cyberattack now claimed by the LockBit ransomware gang. [...] |
Ransomware
|
|
★★★
|
|
2022-12-13 15:48:43 |
(Déjà vu) Apple security update fixes new iOS zero-day used to hack iPhones (lien direct) |
In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones. [...] |
Hack
Vulnerability
|
|
★★
|
|
2022-12-13 12:27:43 |
New GoTrim botnet brute forces WordPress site admin accounts (lien direct) |
A new Go-based botnet malware named 'GoTrim' is scanning the web for self-hosted WordPress websites and attempting to brute force the administrator's password and take control of the site. [...] |
Malware
|
|
★★
|
|
2022-12-12 18:34:25 |
Play ransomware claims attack on Belgium city of Antwerp (lien direct) |
The Play ransomware operation has claimed responsibility for a recent cyberattack on the Belgium city of Antwerp. [...] |
Ransomware
|
|
★
|
|
2022-12-12 16:26:33 |
New Python malware backdoors VMware ESXi servers for remote access (lien direct) |
A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. [...] |
Malware
|
|
★★★
|
|
2022-12-12 14:27:52 |
Twitter confirms recent user data leak is from 2021 breach (lien direct) |
Twitter confirmed today that the recent leak of millions of members' profiles, including private phone numbers and email addresses, resulted from the same data breach the company disclosed in August 2022. [...] |
Data Breach
|
|
★★★
|
|
2022-12-12 13:30:18 |
Uber suffers new data breach after attack on vendor, info leaked online (lien direct) |
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. [...] |
Data Breach
Threat
|
Uber
Uber
|
★
|
|
2022-12-11 11:22:33 |
(Déjà vu) Clop ransomware uses TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★★
|
|
2022-12-11 11:22:33 |
Clop ransomware partners with TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★
|
|
2022-12-10 10:06:12 |
Air-gapped PCs vulnerable to data theft via power supply radiation (lien direct) |
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems isolated from the internet over a distance of at least two meters (6.5 ft), where its captured by a receiver. [...] |
|
|
★★
|
|
2022-12-09 14:51:48 |
Rackspace warns of phishing risks following ransomware attack (lien direct) |
Cloud computing provider Rackspace warned customers on Thursday of increased risks of phishing attacks following a ransomware attack affecting its hosted Microsoft Exchange environment. [...] |
Ransomware
|
|
★★
|
|
2022-12-09 12:00:03 |
Antivirus and EDR solutions tricked into acting as data wipers (lien direct) |
A security researcher has found a way to exploit the data deletion capabilities of widely used endpoint detection and response (EDR) and antivirus (AV) software from Microsoft, SentinelOne, TrendMicro, Avast, and AVG to turn them into data wipers. [...] |
|
|
★★★★
|
|
2022-12-09 09:00:00 |
Holiday 2022 deal: 20% off Zero2Automated malware analysis training (lien direct) |
Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in. [...] |
Malware
|
|
★★★
|
|
2022-12-08 16:19:09 |
Hacked corporate email accounts used to send MSP remote access tool (lien direct) |
MuddyWater hackers, a group associated with Iran's Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets. [...] |
Tool
|
|
★★★
|
|
2022-12-08 15:27:11 |
CommonSpirit Health ransomware attack exposed data of 623,000 patients (lien direct) |
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack. [...] |
Ransomware
Threat
|
|
★★★
|
|
2022-12-08 13:03:34 |
Tor Browser 12.0 brings Apple Silicon support, Android enhancements (lien direct) |
The Tor Project team has announced the release of Tor Browser 12.0, a major version release introducing support for Apple Silicon chips and several enhancements for the Android version. [...] |
|
|
★★★
|
|
2022-12-08 12:00:00 |
Google: How Android\'s Private Compute Core protects your data (lien direct) |
Google has disclosed more technical details about how Private Compute Core (PCC) on Android works and keeps sensitive user data processed locally on protected devices. [...] |
|
|
★★★
|
|
2022-12-08 05:00:00 |
New \'Zombinder\' platform binds Android malware with legitimate apps (lien direct) |
A darknet platform dubbed 'Zombinder' allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality of the original app to evade suspicion. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-07 14:19:32 |
New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (lien direct) |
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras. [...] |
Malware
|
|
★★
|
|
2022-12-07 12:36:18 |
Hackers use new Fantasy data wiper in coordinated supply chain attack (lien direct) |
The Iranian Agrius APT hacking group is using a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa. [...] |
|
|
★★★
|
|
2022-12-06 16:14:30 |
Antwerp\'s city services down after hackers attack digital partner (lien direct) |
The city of Antwerp, Belgium, is working to restore its digital services that were disrupted last night by a cyberattack on its digital provider. [...] |
|
|
★★
|
|
2022-12-06 11:36:40 |
Android December 2022 security updates fix 81 vulnerabilities (lien direct) |
Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth. [...] |
|
|
★★★
|
|
2022-12-06 10:31:18 |
Rackspace confirms outage was caused by ransomware attack (lien direct) |
Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage. [...] |
Ransomware
|
|
★★★
|
|
2022-12-06 10:11:07 |
Massive DDoS attack takes Russia\'s second-largest bank VTB offline (lien direct) |
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS (distributed denial of service) attack. [...] |
|
|
★★★
|
|
2022-12-06 10:07:14 |
Password Reset Calls Are Costing Your Org Big Money (lien direct) |
Research states that the average help desk labor cost for a single password reset is about $70. With this cost, what can an organization do to lessen the impact of password resets? [...] |
|
|
★★
|
|
2022-12-05 15:41:11 |
Ransomware attack forces French hospital to transfer patients (lien direct) |
The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that hit on Saturday evening. [...] |
Ransomware
|
|
★★
|
|
2022-12-05 15:08:49 |
Sneaky hackers reverse defense mitigations when detected (lien direct) |
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. [...] |
Threat
|
|
★★★
|
|
2022-12-04 10:11:22 |
Android malware apps with 2 million installs spotted on Google Play (lien direct) |
A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. [...] |
Malware
Mobile
|
|
★★★
|
|
2022-12-03 10:12:06 |
Hackers use new, fake crypto app to breach networks, steal cryptocurrency (lien direct) |
The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. [...] |
Malware
|
APT 38
|
★★★
|
|
2022-12-02 17:51:35 |
The Week in Ransomware - December 2nd 2022 - Disrupting Health Care (lien direct) |
This week's big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country's largest healthcare providers. [...] |
Ransomware
|
|
★★
|
|
2022-12-02 14:05:26 |
DHS Cyber Safety Board to review Lapsus$ gang\'s hacking tactics (lien direct) |
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks. [...] |
|
|
★★
|
|
2022-12-02 12:29:48 |
New CryWiper malware wipes data in attack against Russian org (lien direct) |
A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. [...] |
Malware
|
|
★★★
|
|
2022-12-02 10:14:07 |
How Windows 11\'s Enhanced Phishing Protection guards your password (lien direct) |
One of the easier ways to steal a user's credentials is through a convincing fake login page or application. To help combat the constant risk of password theft, Microsoft added enhanced phishing protection in Windows 11 Version 22H2. [...] |
|
|
★★
|
|
2022-12-01 21:43:44 |
(Déjà vu) Samsung, LG, Mediatek certificates compromised to sign Android malware (lien direct) |
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware. [...] |
Malware
|
|
★★★★★
|
|
2022-12-01 21:43:44 |
Compromised OEM Android platform certificates used to sign malware (lien direct) |
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications were utilized by threat actors to sign apps containing malware. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-01 15:52:29 |
Android malware infected 300,000 devices to steal Facebook accounts (lien direct) |
An Android malware campaign masquerading as reading and education apps has been underway since 2018, attempting to steal Facebook account credentials from infected devices. [...] |
Malware
|
|
★★★
|
|
2022-12-01 13:45:32 |
(Déjà vu) New Redigo malware drops stealthy backdoor on Redis servers (lien direct) |
A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-01 11:19:46 |
New DuckLogs malware service claims having thousands of \'customers\' (lien direct) |
A new malware-as-a-service (MaaS) operation named 'DuckLogs' has emerged, giving low-skilled attackers easy access to multiple modules to steal information, log key strokes, access clipboard data, and remote access to the compromised host. [...] |
Malware
|
|
★★★
|
|
2022-11-30 19:14:39 |
GoTo says hackers breached its dev environment, cloud storage (lien direct) |
Remote access and collaboration company GoTo disclosed today that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service. [...] |
Threat
|
|
★★★
|
|
2022-11-30 18:25:53 |
Keralty ransomware attack impacts Colombia\'s health care system (lien direct) |
The Keralty multinational healthcare organization suffered a RansomHouse ransomware attack on Sunday, disrupting the websites and operations of the company and its subsidiaries. [...] |
Ransomware
|
|
★★
|
|
2022-11-30 18:14:17 |
Critical RCE bugs in Android remote keyboard apps with 2M installs (lien direct) |
Three Android applications that allow users to use devices as remote keyboards for their computers have critical vulnerabilities that could expose key presses and enable remote code execution. [...] |
|
|
★★
|
|
2022-11-30 15:51:29 |
New Windows malware scans victims\' mobile phones for data to steal (lien direct) |
Security researchers found a previously unknown backdoor they call Dophin that's been used by North Korean hackers in highly targeted operations for more than a year to steal files and send them to Google Drive storage. [...] |
Malware
|
|
★★★
|
|
2022-11-30 12:00:00 |
Google discovers Windows exploit framework used to deploy spyware (lien direct) |
Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company. [...] |
Threat
|
|
★★★★★
|
|
2022-11-30 10:06:12 |
Password Salting to Increase Windows Active Directory Security (lien direct) |
Specops Password Policy can help to prevent users from using any passwords that are known to be vulnerable to table-based lookup attacks. The result is a level of protection that is comparable to that of password salting, but without the hassles of managing salts. [...] |
|
|
★★
|
|
2022-11-30 08:00:00 |
Android and iOS apps with 15 million installs extort loan seekers (lien direct) |
Over 280 Android and iOS apps on the Google Play and the Apple App stores trapped users in loan schemes with misleading terms and employed various methods to extort and harass borrowers. [...] |
Guideline
|
|
★★
|
|
2022-11-29 17:57:18 |
Trigona ransomware spotted in increasing attacks worldwide (lien direct) |
A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. [...] |
Ransomware
|
|
★★
|