Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-02-15 12:05:02 |
F5 launches new SaaS app security cloud, edge computing platform (lien direct) |
The solution aims to simplify the F5 security portfolio. |
|
|
|
|
2022-02-14 09:46:38 |
Patch now: Adobe releases emergency fix for exploited Commerce, Magento zero-day (lien direct) |
Adobe says the vulnerability is being used in attacks targeting Adobe Commerce users. |
Vulnerability
|
|
|
|
2022-02-11 12:10:03 |
These cybercriminals plant criminal evidence on human rights defender, lawyer devices (lien direct) |
There's more than one way to silence civil rights activists, it seems. |
|
|
|
|
2022-02-11 09:45:17 |
Spanish police arrest suspects in SIM-swapping ring (lien direct) |
Fraudsters used photocopies and stolen data to obtain duplicate SIM cards. |
|
|
|
|
2022-02-11 08:27:20 |
$1.3 billion lost to romance scams in the past five years: FTC (lien direct) |
Romance scams are reaching record-highs, regulators warn. |
|
|
|
|
2022-02-10 14:00:00 |
FritzFrog botnet returns to attack healthcare, education, government sectors (lien direct) |
The botnet managed to strike at least 500 government and enterprise SSH servers in eight months. |
|
|
|
|
2022-02-10 09:53:51 |
PHP Everywhere code execution bugs impact thousands of WordPress websites (lien direct) |
The remote code execution flaws are of critical severity. |
|
|
|
|
2022-02-09 10:30:02 |
Brute-forcing passwords, ProxyLogon exploits were some of 2021\'s most popular attack methods (lien direct) |
Log4j also became a top pick for exploitation after the discovery of a critical RCE flaw. |
|
|
|
|
2022-02-09 09:31:42 |
Lazarus hackers target defense industry with fake Lockheed Martin job offers (lien direct) |
The APT has previously masqueraded as Northrop Grumman and BAE Systems. |
|
APT 38
|
|
|
2022-02-08 10:00:02 |
Pay to play PrivateLoader spreads Smokeloader, Redline, Vidar malware (lien direct) |
The pay-per-install malware is one of the most popular loaders on the market today. |
Malware
|
|
|
|
2022-02-08 09:36:00 |
Chinese telecom Hytera charged for allegedly recruiting Motorola employees to steal trade secrets (lien direct) |
The firm allegedly conspired with employees to steal digital radio technology. |
|
|
|
|
2022-02-07 17:00:00 |
Google Cloud launches agentless cryptojacking malware scanner (lien direct) |
The new security feature is designed to hunt down instances of cryptojacking. |
Malware
|
|
|
|
2022-02-04 12:25:57 |
Russian APT Primitive Bear attacks Western gov\'t department in Ukraine through job hunt (lien direct) |
The hacking group's latest activities come at a time when tension is boiling between Russia and Ukraine. |
|
|
|
|
2022-02-04 11:41:14 |
Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed (lien direct) |
A zero-day bug in the Zimbra email platform is reportedly under attack. |
Vulnerability
|
|
|
|
2022-02-04 10:05:06 |
CISA issues advisory warning of critical vulnerabilities in Airspan Networks Mimosa (lien direct) |
The vulnerabilities go all the way up to 10 on the CVSS severity score. |
|
|
|
|
2022-02-03 10:59:17 |
3D printed guns, underground markets, bomb manuals: police crackdown continues (lien direct) |
Europol has now turned its attention to freely-available bomb guides published online. |
|
|
|
|
2022-02-02 13:46:40 |
Meet CoinStomp: new cryptojacking malware targets Asian cloud service providers (lien direct) |
Shell scripts are being used to exploit cloud instances. |
Malware
|
|
|
|
2022-02-02 13:00:01 |
Arid Viper hackers strike Palestine with political lures - and Trojans (lien direct) |
The threat group is suspected of being located in Gaza. |
Threat
|
APT-C-23
|
|
|
2022-02-01 11:35:13 |
One in seven ransomware extortion attempts leak key operational tech records (lien direct) |
Researchers say that double-extortion ransomware attacks represent a severe risk to operational processes. |
Ransomware
|
|
|
|
2022-02-01 10:17:45 |
State-sponsored Iranian hackers attack Turkish government, private organizations (lien direct) |
MuddyWater is impersonating the Turkish Health and Interior Ministries to sink its claws into victim networks. |
|
|
|
|
2022-01-31 13:06:00 |
Unsecured AWS server exposed 3TB in airport employee records (lien direct) |
The exposure impacted airport staff across Colombia and Peru. |
|
|
|
|
2022-01-28 10:34:25 |
Silkworm security? Researchers create new authentication method using silk fibers (lien direct) |
Academics say the material could be used to create unclonable physical components suitable for supporting digital security. |
|
|
|
|
2022-01-28 09:46:43 |
Google Play app dropped Vultur banking Trojan on Android handsets (lien direct) |
The app was installed thousands of times before it was removed. |
|
|
|
|
2022-01-27 12:18:42 |
EyeMed agrees $600,000 settlement over 2020 data breach (lien direct) |
The data of roughly 2.1 million individuals was exposed. |
Data Breach
|
|
|
|
2022-01-27 10:53:06 |
DeepDotWeb operator sentenced to eight years behind bars (lien direct) |
The platform provided links to Dark Web marketplaces. |
|
|
|
|
2022-01-27 10:17:15 |
Konni remote access Trojan receives \'significant\' upgrades (lien direct) |
Researchers say the security community should keep a close eye on this malware strain. |
Malware
|
|
|
|
2022-01-26 11:41:09 |
DazzleSpy: Pro-democracy org hijacked to become macOS spyware distributor (lien direct) |
A Safari exploit was being served through a watering hole attack. |
|
|
|
|
2022-01-26 10:00:17 |
Trickbot will now try to crash researcher PCs to stop reverse engineering attempts (lien direct) |
The Trojan has been refreshed with a new set of anti-analysis capabilities. |
|
|
|
|
2022-01-26 08:20:19 |
UK government security center, i100 publish NMAP scripts for vulnerability scanning (lien direct) |
The SME project aims to streamline the detection and remediation of specific bugs. |
Vulnerability
|
|
|
|
2022-01-25 12:22:05 |
Staff negligence is now a major reason for insider security incidents (lien direct) |
Negligence and malicious insider activities are common security challenges in the enterprise today. |
|
|
|
|
2022-01-25 10:00:01 |
Mirai splinter botnets dominate IoT attack scene (lien direct) |
One of the most well-known botnets ever to exist continues to plague PCs and connected devices. |
|
|
|
|
2022-01-24 11:43:08 |
Tor Project battles Russian censorship through the courts (lien direct) |
An appeal has been filed to challenge a block imposed by Russian authorities. |
|
|
|
|
2022-01-24 10:50:02 |
Researchers break down WhisperGate wiper malware used in Ukraine website defacement (lien direct) |
The wiper is similar to malware previously used in attacks against the country – with added functions. |
Malware
|
|
|
|
2022-01-24 09:06:37 |
Hackers hijack smart contracts in cryptocurrency token \'rug pull\' exit scams (lien direct) |
Misconfiguration provides the perfect opportunity for token-based theft. |
|
|
|
|
2022-01-21 10:18:00 |
Chinese APT deploys MoonBounce implant in UEFI firmware (lien direct) |
The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware. |
|
|
|
|
2022-01-21 09:03:34 |
Amazon fake crypto token investment scam steals Bitcoin from victims (lien direct) |
Criminals are peddling the idea of a new Amazon cryptocurrency token to swindle victims. |
|
|
|
|
2022-01-20 09:56:17 |
Multichain token hack losses reach $3 million: report (lien direct) |
Multichain messaging seems confusing, at best. |
Hack
|
|
|
|
2022-01-20 08:15:07 |
\'Serial\' romance fraudster jailed for trying to scam 670 people in the UK (lien direct) |
Victims were conned out of thousands of pounds, including one woman who was terminally ill. |
|
|
|
|
2022-01-19 17:00:02 |
Deloitte launches new SaaS cyber threat detection and response platform (lien direct) |
AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform. |
Threat
|
Deloitte
|
|
|
2022-01-19 11:19:47 |
Zoom vulnerabilities impact clients, MMR servers (lien direct) |
Vulnerabilities in the videoconferencing software have been analyzed by Google researchers. |
|
|
|
|
2022-01-19 09:40:09 |
Donot Team APT will strike gov\'t, military targets for years - until they succeed (lien direct) |
The group has been described as "remarkably persistent" in cyberattacks. |
|
|
|
|
2022-01-18 17:35:44 |
How tech is a weapon in modern domestic abuse -- and how to protect yourself (lien direct) |
From Apple AirTags to stalkerware, everyday tech can be used against you. |
|
|
|
|
2022-01-18 11:19:02 |
UK government announces crackdown on cryptocurrency adverts (lien direct) |
Officials want to ensure ads are "fair and clear". |
|
|
|
|
2022-01-14 13:21:00 |
Cold calling 02 scam artists are offering 40% plan discounts, free phone contracts for your security code (lien direct) |
They don't seem to like it when you call them out, though. |
|
|
|
|
2022-01-14 12:50:17 |
Dark web carding platform UniCC shuts up shop after making millions (lien direct) |
The operators have apparently made enough to keep them happy in retirement. |
|
|
|
|
2022-01-14 11:49:40 |
SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks (lien direct) |
Malware is used to find and empty cryptocurrency wallets at victim organizations. |
Malware
|
|
|
|
2022-01-13 12:36:02 |
Ransomware locks down prison, knocks systems offline (lien direct) |
Inmates were confined to their cells as a result of the cyberattack. |
|
|
|
|
2022-01-13 11:49:44 |
UK jails man for spying on kids, adults with Remote Access Trojans (lien direct) |
Malware was used to take explicit photos and videos. |
Malware
|
|
|
|
2022-01-13 08:00:02 |
Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry (lien direct) |
A deep dive into threats against this sector reveals the top threats organizations should keep in mind. |
|
APT 38
|
|
|
2022-01-12 13:03:56 |
Remote Access Trojans spread through Microsoft Azure, AWS cloud service abuse (lien direct) |
It seems that one or two Trojans aren't enough for your average cyberattacker. |
|
|
|