Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-12 11:12:06 |
Medusa ransomware gang picks up steam as it targets companies worldwide (lien direct) |
A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands. [...] |
Ransomware
|
|
★★★
|
|
2023-03-12 10:18:09 |
CASPER attack steals data using air-gapped computer\'s internal speaker (lien direct) |
Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec. [...] |
|
|
★★★★
|
|
2023-03-11 11:28:14 |
CISA warns of actively exploited Plex bug after LastPass breach (lien direct) |
CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog of security flaws exploited in attacks. [...] |
Vulnerability
|
LastPass
LastPass
|
★★★
|
|
2023-03-10 16:27:40 |
Microsoft OneNote to get enhanced security after recent malware abuse (lien direct) |
Microsoft is working on introducing improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files. [...] |
Malware
|
|
★★★
|
|
2023-03-10 14:02:23 |
New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres (lien direct) |
A newly discovered Golang-based botnet malware scans for and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. [...] |
Malware
|
|
★★★
|
|
2023-03-10 12:48:07 |
Security researchers targeted with new malware via job offers on LinkedIn (lien direct) |
A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job offers that lead to the deployment of three new, custom malware families. [...] |
Malware
Guideline
|
|
★★★
|
|
2023-03-10 11:30:18 |
Blackbaud to pay $3M for misleading ransomware attack disclosure (lien direct) |
Cloud software provider Blackbaud has agreed to pay $3 million to settle charges brought by the Securities and Exchange Commission (SEC), alleging that it failed to disclose the full impact of a 2020 ransomware attack that affected more than 13,000 customers. [...] |
Ransomware
Cloud
|
|
★★
|
|
2023-03-10 10:43:16 |
Mental health provider Cerebral alerts 3.1M people of data breach (lien direct) |
Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and telehealth services. [...] |
Data Breach
|
|
★★
|
|
2023-03-10 05:24:00 |
Xenomorph Android malware now steals data from 400 banks (lien direct) |
The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system (ATS) framework and the ability to steal credentials for 400 banks. [...] |
Malware
|
|
★★★
|
|
2023-03-09 18:24:20 |
Police seize Netwire RAT malware infrastructure, arrest admin (lien direct) |
An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server. [...] |
Malware
|
|
★★★
|
|
2023-03-09 14:54:28 |
Akamai mitigates record-breaking 900Gbps DDoS attack in Asia (lien direct) |
Akamai reports having mitigated the largest DDoS (distributed denial of service) attack ever launched against a customer based in the Asia-Pacific region. [...] |
|
|
★★★
|
|
2023-03-09 14:13:49 |
Microsoft: Business email compromise attacks can take just hours (lien direct) |
Microsoft's Security Intelligence team recently investigated a business email compromise (BEC) attack and found that attackers move rapidly, with some steps taking mere minutes. [...] |
|
|
★★★
|
|
2023-03-09 12:40:37 |
SonicWall devices infected by malware that survives firmware upgrades (lien direct) |
A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that establish long-term persistence for cyber espionage campaigns. [...] |
Malware
|
|
★★
|
|
2023-03-09 12:24:39 |
AT&T alerts 9 million customers of data breach after vendor hack (lien direct) |
AT&T is notifying roughly 9 million customers that some of their information has been exposed after one of its marketing vendors was hacked in January. [...] |
Data Breach
Hack
|
|
★★
|
|
2023-03-08 17:48:41 |
FBI investigates data breach impacting U.S. House members and staff (lien direct) |
The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and personal information was stolen from DC Health Link's servers. [...] |
Data Breach
|
|
★★
|
|
2023-03-08 13:13:30 |
Veeam fixes bug that lets hackers breach backup infrastructure (lien direct) |
Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software. [...] |
Vulnerability
|
|
★★
|
|
2023-03-08 12:37:04 |
Ransomware gang posts video of data stolen from Minneapolis schools (lien direct) |
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack. [...] |
Ransomware
|
|
★★★
|
|
2023-03-07 17:49:02 |
New malware variant has “radio silence” mode to evade detection (lien direct) |
The Sharp Panda cyber-espionage hacking group was observed targeting high-profile government entities in Vietnam, Thailand, and Indonesia, using a new version of the 'Soul' malware framework. [...] |
Malware
|
|
★★
|
|
2023-03-07 16:10:15 |
Emotet malware attacks return after three-month break (lien direct) |
The Emotet malware operation is again spamming malicious emails as of Tuesday morning after a three-month break, rebuilding its network and infecting devices worldwide. [...] |
Malware
|
|
★★
|
|
2023-03-07 13:49:23 |
Hospital Clínic de Barcelona severely impacted by ransomware attack (lien direct) |
The Hospital Clínic de Barcelona suffered a ransomware attack on Sunday morning, severely disrupting its healthcare services after the institution's virtual machines were targeted by the attacks. [...] |
Ransomware
|
|
★★
|
|
2023-03-07 12:30:57 |
Microsoft shares fix for Outlook login errors in Exchange environments (lien direct) |
Microsoft has shared a fix for Outlook sign-in errors encountered by iOS and Android users with mailboxes in some Exchange environments. [...] |
|
|
★★★
|
|
2023-03-07 10:38:43 |
Acer confirms breach after 160GB of data for sale on hacking forum (lien direct) |
Taiwanese computer giant Acer confirmed that it suffered a data breach after threat actors hacked a server hosting private documents used by repair technicians. [...] |
Threat
Data Breach
|
|
★★★★
|
|
2023-03-07 09:48:21 |
Android March 2023 update fixes two critical code execution flaws (lien direct) |
Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity remote code execution (RCE) vulnerabilities impacting Android Systems running versions 11, 12, and 13. [...] |
|
|
★★
|
|
2023-03-06 16:34:14 |
Old Windows \'Mock Folders\' UAC bypass used to drop malware (lien direct) |
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old Windows User Account Control bypass discovered over two years ago. [...] |
Malware
|
|
★★
|
|
2023-03-06 13:18:07 |
Sandbox blockchain game breached to send emails linking to malware (lien direct) |
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating the game, trying to infect them with malware. [...] |
Malware
|
|
★★
|
|
2023-03-06 10:05:10 |
Securing cloud workloads with Wazuh - an open source, SIEM and XDR platform (lien direct) |
Wazuh is a free, open source security platform that offers Unified XDR and SIEM capabilities. Learn how Wazuh detect and defend against security threats targeting cloud environments. [...] |
Cloud
|
|
★★★
|
|
2023-03-06 10:03:24 |
New malware infects business routers for data theft, surveillance (lien direct) |
An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and build a covert proxy network. [...] |
Malware
|
|
★
|
|
2023-03-05 15:23:51 |
How to prevent Microsoft OneNote files from infecting Windows with malware (lien direct) |
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. Here's how to block malicious OneNote phishing attachments from infecting Windows. [...] |
Malware
|
|
★★
|
|
2023-03-04 15:47:41 |
Ransomware gang leaks data stolen from City of Oakland (lien direct) |
The Play ransomware gang has begun to leak data from the City of Oakland, California, that was stolen in a recent cyberattack. [...] |
Ransomware
|
|
★★
|
|
2023-03-03 18:46:41 |
The Week in Ransomware - March 3rd 2023 - Wide impact attacks (lien direct) |
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile. [...] |
Ransomware
|
|
★★★
|
|
2023-03-03 11:20:39 |
FBI and CISA warn of increasing Royal ransomware attack risks (lien direct) |
CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education. [...] |
Threat
Ransomware
|
|
★★★
|
|
2023-03-03 10:42:21 |
Play ransomware claims disruptive attack on City of Oakland (lien direct) |
The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February. [...] |
Ransomware
|
|
★★★
|
|
2023-03-02 18:20:53 |
BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11 (lien direct) |
The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infected even fully patched Windows 11 systems. [...] |
Malware
|
|
★★★
|
|
2023-03-02 16:00:10 |
Chick-fil-A confirms accounts hacked in months-long "automated" attack (lien direct) |
American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. [...] |
Threat
|
|
★★★★
|
|
2023-03-02 15:09:01 |
Chinese hackers use new custom backdoor to evade detection (lien direct) |
The Chinese cyber espionage hacking group Mustang Panda was seen deploying a new custom backdoor named 'MQsTTang' in attacks starting this year. [...] |
|
|
★★★
|
|
2023-03-02 14:33:21 |
Hatch Bank discloses data breach after GoAnywhere MFT hack (lien direct) |
Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform. [...] |
Data Breach
Hack
|
|
★★
|
|
2023-03-02 09:59:05 |
British retail chain WH Smith says data stolen in cyberattack (lien direct) |
British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. [...] |
Data Breach
|
|
★★★
|
|
2023-03-01 18:14:47 |
Trezor warns of massive crypto wallet phishing campaign (lien direct) |
An ongoing phishing campaign is pretending to be Trezor data breach notifications attempting to steal a target's cryptocurrency wallet and its assets. [...] |
Data Breach
|
|
★★★
|
|
2023-03-01 13:44:37 |
Iron Tiger hackers create Linux version of their custom malware (lien direct) |
The APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom remote access malware, allowing the Chinese cyberespionage group to target more services used in the enterprise. [...] |
Malware
|
APT 27
|
★★★
|
|
2023-02-28 12:24:55 |
Dish Network confirms ransomware attack behind multi-day outage (lien direct) |
Satellite broadcast provider and TV giant Dish Network has finally confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday. [...] |
Ransomware
|
|
★★★
|
|
2023-02-27 20:40:56 |
LastPass: DevOps engineer hacked to steal password vault data in 2022 breach (lien direct) |
LastPass revealed more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. [...] |
Threat
Cloud
|
LastPass
|
★★
|
|
2023-02-27 19:48:28 |
U.S. Marshals Service investigating ransomware attack, data theft (lien direct) |
The U.S. Marshals Service (USMS) is investigating the theft of sensitive law enforcement information following a ransomware attack that has impacted what it describes as "a stand-alone USMS system." [...] |
Ransomware
|
|
★
|
|
2023-02-25 10:16:22 |
PureCrypter malware hits govt orgs with ransomware, info-stealers (lien direct) |
A threat actor has been targeting government entities with PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains. [...] |
Threat
Ransomware
Malware
|
|
★★
|
|
2023-02-24 13:44:45 |
(Déjà vu) News Corp says state hackers were on its network for two years (lien direct) |
Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. [...] |
|
|
★★★
|
|
2023-02-24 13:44:45 |
News Corp says state hackers breached its systems 3 years ago (lien direct) |
Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. [...] |
|
|
★
|
|
2023-02-24 11:27:59 |
Stanford University discloses data breach affecting PhD applicants (lien direct) |
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023. [...] |
Data Breach
|
|
★★
|
|
2023-02-23 21:54:58 |
TELUS investigating leak of stolen source code, employee data (lien direct) |
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. The threat actor subsequently shared screenshots apparently showing private source code repositories and payroll records held by the company. [...] |
Threat
Data Breach
|
|
★★
|
|
2023-02-23 13:34:26 |
Pirated Final Cut Pro infects your Mac with cryptomining malware (lien direct) |
Security researchers discovered a cryptomining operation targeting macOS with a malicious version of Final Cut Pro that remains largely undetected by antivirus engines. [...] |
Malware
|
|
★★★
|
|
2023-02-23 12:36:04 |
Russian malware dev behind NLBrute hacking tool extradited to US (lien direct) |
A Russian malware developer accused of creating and selling the NLBrute password-cracking tool was extradited to the United States after being arrested in the Republic of Georgia last year on October 4. [...] |
Malware
Tool
|
|
★★★
|
|
2023-02-23 10:00:53 |
Fruit giant Dole suffers ransomware attack impacting operations (lien direct) |
Dole Food Company, one of the world' largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations. [...] |
Ransomware
|
|
★
|