Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-07 14:19:32 |
New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (lien direct) |
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras. [...] |
Malware
|
|
★★
|
|
2022-12-07 12:36:18 |
Hackers use new Fantasy data wiper in coordinated supply chain attack (lien direct) |
The Iranian Agrius APT hacking group is using a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa. [...] |
|
|
★★★
|
|
2022-12-06 16:14:30 |
Antwerp\'s city services down after hackers attack digital partner (lien direct) |
The city of Antwerp, Belgium, is working to restore its digital services that were disrupted last night by a cyberattack on its digital provider. [...] |
|
|
★★
|
|
2022-12-06 11:36:40 |
Android December 2022 security updates fix 81 vulnerabilities (lien direct) |
Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth. [...] |
|
|
★★★
|
|
2022-12-06 10:31:18 |
Rackspace confirms outage was caused by ransomware attack (lien direct) |
Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage. [...] |
Ransomware
|
|
★★★
|
|
2022-12-06 10:11:07 |
Massive DDoS attack takes Russia\'s second-largest bank VTB offline (lien direct) |
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS (distributed denial of service) attack. [...] |
|
|
★★★
|
|
2022-12-06 10:07:14 |
Password Reset Calls Are Costing Your Org Big Money (lien direct) |
Research states that the average help desk labor cost for a single password reset is about $70. With this cost, what can an organization do to lessen the impact of password resets? [...] |
|
|
★★
|
|
2022-12-05 15:41:11 |
Ransomware attack forces French hospital to transfer patients (lien direct) |
The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that hit on Saturday evening. [...] |
Ransomware
|
|
★★
|
|
2022-12-05 15:08:49 |
Sneaky hackers reverse defense mitigations when detected (lien direct) |
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. [...] |
Threat
|
|
★★★
|
|
2022-12-04 10:11:22 |
Android malware apps with 2 million installs spotted on Google Play (lien direct) |
A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. [...] |
Malware
Mobile
|
|
★★★
|
|
2022-12-03 10:12:06 |
Hackers use new, fake crypto app to breach networks, steal cryptocurrency (lien direct) |
The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. [...] |
Malware
|
APT 38
|
★★★
|
|
2022-12-02 17:51:35 |
The Week in Ransomware - December 2nd 2022 - Disrupting Health Care (lien direct) |
This week's big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country's largest healthcare providers. [...] |
Ransomware
|
|
★★
|
|
2022-12-02 14:05:26 |
DHS Cyber Safety Board to review Lapsus$ gang\'s hacking tactics (lien direct) |
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks. [...] |
|
|
★★
|
|
2022-12-02 12:29:48 |
New CryWiper malware wipes data in attack against Russian org (lien direct) |
A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. [...] |
Malware
|
|
★★★
|
|
2022-12-02 10:14:07 |
How Windows 11\'s Enhanced Phishing Protection guards your password (lien direct) |
One of the easier ways to steal a user's credentials is through a convincing fake login page or application. To help combat the constant risk of password theft, Microsoft added enhanced phishing protection in Windows 11 Version 22H2. [...] |
|
|
★★
|
|
2022-12-01 21:43:44 |
(Déjà vu) Samsung, LG, Mediatek certificates compromised to sign Android malware (lien direct) |
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware. [...] |
Malware
|
|
★★★★★
|
|
2022-12-01 21:43:44 |
Compromised OEM Android platform certificates used to sign malware (lien direct) |
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications were utilized by threat actors to sign apps containing malware. [...] |
Threat
Malware
|
|
★★★
|
|
2022-12-01 15:52:29 |
Android malware infected 300,000 devices to steal Facebook accounts (lien direct) |
An Android malware campaign masquerading as reading and education apps has been underway since 2018, attempting to steal Facebook account credentials from infected devices. [...] |
Malware
|
|
★★★
|
|
2022-12-01 13:45:32 |
(Déjà vu) New Redigo malware drops stealthy backdoor on Redis servers (lien direct) |
A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. [...] |
Threat
Malware
|
|
★★★
|
|
2022-12-01 11:19:46 |
New DuckLogs malware service claims having thousands of \'customers\' (lien direct) |
A new malware-as-a-service (MaaS) operation named 'DuckLogs' has emerged, giving low-skilled attackers easy access to multiple modules to steal information, log key strokes, access clipboard data, and remote access to the compromised host. [...] |
Malware
|
|
★★★
|
|
2022-11-30 19:14:39 |
GoTo says hackers breached its dev environment, cloud storage (lien direct) |
Remote access and collaboration company GoTo disclosed today that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service. [...] |
Threat
|
|
★★★
|
|
2022-11-30 18:25:53 |
Keralty ransomware attack impacts Colombia\'s health care system (lien direct) |
The Keralty multinational healthcare organization suffered a RansomHouse ransomware attack on Sunday, disrupting the websites and operations of the company and its subsidiaries. [...] |
Ransomware
|
|
★★
|
|
2022-11-30 18:14:17 |
Critical RCE bugs in Android remote keyboard apps with 2M installs (lien direct) |
Three Android applications that allow users to use devices as remote keyboards for their computers have critical vulnerabilities that could expose key presses and enable remote code execution. [...] |
|
|
★★
|
|
2022-11-30 15:51:29 |
New Windows malware scans victims\' mobile phones for data to steal (lien direct) |
Security researchers found a previously unknown backdoor they call Dophin that's been used by North Korean hackers in highly targeted operations for more than a year to steal files and send them to Google Drive storage. [...] |
Malware
|
|
★★★
|
|
2022-11-30 12:00:00 |
Google discovers Windows exploit framework used to deploy spyware (lien direct) |
Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company. [...] |
Threat
|
|
★★★★★
|
|
2022-11-30 10:06:12 |
Password Salting to Increase Windows Active Directory Security (lien direct) |
Specops Password Policy can help to prevent users from using any passwords that are known to be vulnerable to table-based lookup attacks. The result is a level of protection that is comparable to that of password salting, but without the hassles of managing salts. [...] |
|
|
★★
|
|
2022-11-30 08:00:00 |
Android and iOS apps with 15 million installs extort loan seekers (lien direct) |
Over 280 Android and iOS apps on the Google Play and the Apple App stores trapped users in loan schemes with misleading terms and employed various methods to extort and harass borrowers. [...] |
Guideline
|
|
★★
|
|
2022-11-29 17:57:18 |
Trigona ransomware spotted in increasing attacks worldwide (lien direct) |
A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. [...] |
Ransomware
|
|
★★
|
|
2022-11-29 10:05:10 |
Ransomware detection with Wazuh SIEM and XDR platform (lien direct) |
Wazuh is a free, open source SIEM/XDR solution with more than 10 million annual downloads. Learn more about how Wazuh can help protect your organization against the ever-evolving tactics of ransomware. [...] |
|
|
★★★
|
|
2022-11-28 17:52:53 |
Malicious Android app found powering account creation service (lien direct) |
A fake Android SMS application, with 100,000 downloads on the Google Play store, has been discovered to secretly act as an SMS relay for an account creation service for sites like Microsoft, Google, Instagram, Telegram, and Facebook [...] |
|
|
★★
|
|
2022-11-28 13:40:42 |
TikTok \'Invisible Body\' challenge exploited to push malware (lien direct) |
Hackers are capitalizing on a trending TikTok challenge named 'Invisible Challenge' to install malware on thousands of devices and steal their passwords, Discord accounts, and, potentially, cryptocurrency wallets. [...] |
Malware
|
|
★★★
|
|
2022-11-28 10:15:35 |
Meta fined €265M for not protecting Facebook users\' data from scrapers (lien direct) |
Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC) for a massive 2021 Facebook data leak exposing the information of hundreds of million users worldwide. [...] |
|
|
★★★★★
|
|
2022-11-28 09:43:53 |
The Cyber Monday 2022 Security, IT, VPN, & Antivirus Deals (lien direct) |
Cyber Monday is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. [...] |
|
|
★★
|
|
2022-11-25 12:18:23 |
Vice Society ransomware claims attack on Cincinnati State college (lien direct) |
The Vice Society ransomware operation has claimed responsibility for a cyberattack on Cincinnati State Technical and Community College, with the threat actors now leaking data allegedly stolen during the attack. [...] |
Threat
Ransomware
|
|
★★
|
|
2022-11-24 10:29:49 |
Hackers modify popular OpenVPN Android app to include spyware (lien direct) |
A threat actor associated with cyberespionage operations since at least 2017 has been luring victims with fake VPN software for Android that is a trojanized version of legitimate software SoftVPN and OpenVPN. [...] |
Threat
|
|
|
|
2022-11-23 12:21:12 |
Pro-Russian hacktivists take down EU Parliament site in DDoS attack (lien direct) |
The website of the European Parliament has been taken down following a DDoS (Distributed Denial of Service) attack claimed by a pro-Russia group of hacktivists calling themselves Anonymous Russia. [...] |
|
|
★★
|
|
2022-11-23 10:59:37 |
Mali GPU \'patch gap\' leaves Android users vulnerable to attacks (lien direct) |
A set of five exploitable vulnerabilities in Arm's Mali GPU driver remain unfixed months after the chip maker patched them, leaving potentially millions of Android devices exposed to attacks. [...] |
|
|
|
|
2022-11-23 06:02:16 |
Russian cybergangs stole over 50 million passwords this year (lien direct) |
At least 34 distinct Russian-speaking cybercrime groups using info-stealing malware like Raccoon and Redline have collectively stolen 50,350,000 account passwords from over 896,000 individual infections from January to July 2022. [...] |
Malware
|
|
★★★★
|
|
2022-11-22 14:55:29 |
Hackers breach energy orgs via bugs in discontinued web server (lien direct) |
Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector. [...] |
|
|
★★★★
|
|
2022-11-22 11:04:37 |
Android file manager apps infect thousands with Sharkbot malware (lien direct) |
A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan. [...] |
Malware
|
|
★★★
|
|
2022-11-21 18:09:13 |
Aurora infostealer malware increasingly adopted by cybergangs (lien direct) |
Cybercriminals are increasingly turning to a new Go-based information stealer named 'Aurora' to steal sensitive information from browsers and cryptocurrency apps, exfiltrate data directly from disks, and load additional payloads. [...] |
Malware
|
|
★★★★
|
|
2022-11-21 15:17:36 |
Hackers steal $300,000 in DraftKings credential stuffing attack (lien direct) |
Sports betting company DraftKings said today that it would make whole customers affected by a credential stuffing attack that led to losses of up to $300,000. [...] |
|
|
|
|
2022-11-21 13:24:44 |
Google Chrome extension used to steal cryptocurrency, passwords (lien direct) |
An information-stealing Google Chrome browser extension named 'VenomSoftX' is being deployed by Windows malware to steal cryptocurrency and clipboard contents as users browse the web. [...] |
Malware
|
|
|
|
2022-11-21 10:04:40 |
Apps with over 3 million installs leak \'Admin\' search API keys (lien direct) |
Researchers discovered 1,550 mobile apps leaking Algolia API keys, risking the exposure of sensitive internal services and stored user information. [...] |
|
|
|
|
2022-11-20 10:07:14 |
(Déjà vu) New ransomware encrypts files, then steals your Discord account (lien direct) |
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] |
Ransomware
|
|
|
|
2022-11-20 10:07:14 |
New AxLocker ransomware encrypts files, then steals your Discord account (lien direct) |
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...] |
Ransomware
|
|
|
|
2022-11-19 13:28:32 |
New attacks use Windows security bypass zero-day to drop malware (lien direct) |
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings. [...] |
Malware
Vulnerability
|
|
|
|
2022-11-18 10:24:41 |
Chinese hackers use Google Drive to drop malware on govt networks (lien direct) |
State-backed Chinese hackers launched a spearphishing campaign to deliver custom malware stored in Google Drive to government, research, and academic organizations worldwide. [...] |
Malware
|
|
|
|
2022-11-17 15:07:02 |
Previously unidentified ARCrypter ransomware expands worldwide (lien direct) |
A previously unknown 'ARCrypter' ransomware that compromised key organizations in Latin America is now expanding its attacks worldwide. [...] |
Ransomware
|
|
|
|
2022-11-17 13:19:17 |
QBot phishing abuses Windows Control Panel EXE to infect devices (lien direct) |
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. [...] |
Malware
|
|
|