Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-08-31 12:57:48 |
Student Loan Breach Exposes 2.5M Records (lien direct) |
2.5 million people were affected, in a breach that could spell more trouble down the line. |
|
|
|
|
2022-08-30 16:00:43 |
Watering Hole Attacks Push ScanBox Keylogger (lien direct) |
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. |
Industrial
|
APT 40
|
|
|
2022-08-29 14:56:19 |
Tentacles of \'0ktapus\' Threat Group Victimize 130 Firms (lien direct) |
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. |
Threat
|
|
★★★★
|
|
2022-08-26 16:44:27 |
Ransomware Attacks are on the Rise (lien direct) |
Lockbit is by far this summer's most prolific ransomware group, trailed by two offshoots of the Conti group. |
Ransomware
|
|
|
|
2022-08-25 18:47:15 |
Cybercriminals Are Selling Access to Chinese Surveillance Cameras (lien direct) |
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. |
|
|
|
|
2022-08-24 14:17:04 |
Twitter Whistleblower Complaint: The TL;DR Version (lien direct) |
Twitter is blasted for security and privacy lapses by the company's former head of security who alleges the social media giant's actions amount to a national security risk. |
|
|
|
|
2022-08-23 13:19:58 |
Firewall Bug Under Active Attack Triggers CISA Warning (lien direct) |
CISA is warning that Palo Alto Networks' PAN-OS is under active attack and needs to be patched ASAP. |
|
|
|
|
2022-08-22 13:59:06 |
Fake Reservation Links Prey on Weary Travelers (lien direct) |
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. |
|
|
|
|
2022-08-19 15:25:56 |
iPhone Users Urged to Update to Patch 2 Zero-Days (lien direct) |
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. |
Threat
|
|
|
|
2022-08-18 14:31:38 |
Google Patches Chrome\'s Fifth Zero-Day of the Year (lien direct) |
Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System (CVSS), is associated with “insufficient validation of untrusted input in Intents,” […] |
Vulnerability
|
|
|
|
2022-08-17 15:07:53 |
APT Lazarus Targets Engineers with macOS Malware (lien direct) |
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems. |
Malware
|
APT 38
|
|
|
2022-08-16 14:30:01 |
U.K. Water Supplier Hit with Clop Ransomware Attack (lien direct) |
The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data. |
Ransomware
|
|
|
|
2022-08-16 12:26:27 |
Xiaomi Phone Bug Allowed Payment Forgery (lien direct) |
Mobile transactions could've been disabled, created and signed by attackers. |
|
|
|
|
2022-08-15 13:56:58 |
Black Hat and DEF CON Roundup (lien direct) |
'Summer Camp' for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings. |
|
|
|
|
2022-08-12 18:20:38 |
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics (lien direct) |
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities. |
Ransomware
Malware
|
|
|
|
2022-08-12 13:24:03 |
Facebook\'s In-app Browser on iOS Tracks \'Anything You Do on Any Website\' (lien direct) |
Researcher shows how Instagram and Facebook's use of an in-app browser within both its iOS apps can track interactions with external websites. |
|
|
|
|
2022-08-11 15:48:15 |
Starlink Successfully Hacked Using $25 Modchip (lien direct) |
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX's satellite-based internet system |
|
|
|
|
2022-08-11 15:14:44 |
New Hacker Forum Takes Pro-Ukraine Stance (lien direct) |
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus |
Threat
|
|
|
|
2022-08-11 12:51:34 |
Cisco Confirms Network Breach Via Hacked Employee Google Account (lien direct) |
Networking giant says attackers gained initial access to an employee's VPN client via a compromised Google account. |
|
|
|
|
2022-08-11 04:30:16 |
Podcast: Inside the Hackers\' Toolkit (lien direct) |
This edition of the Threatpost podcast is sponsored by Egress. |
|
|
|
|
2022-08-10 12:48:05 |
(Déjà vu) Microsoft Patches \'Dogwalk\' Zero-Day and 17 Critical Flaws (lien direct) |
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. |
|
|
|
|
2022-08-09 17:58:46 |
Virtual Currency Platform \'Tornado Cash\' Accused of Aiding APTs (lien direct) |
U.S. Treasury blocked the business of the virtual currency mixer for laundering more than $7 billion for hackers, including $455 million to help fund North Korea's missile program. |
|
|
|
|
2022-08-08 15:26:17 |
Phishers Swim Around 2FA in Coinbase Account Heists (lien direct) |
Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they can steal their credentials and eventually their funds. |
|
|
|
|
2022-08-05 13:17:09 |
Open Redirect Flaw Snags Amex, Snapchat User Data (lien direct) |
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. |
|
FedEx
FedEx
|
|
|
2022-08-03 15:23:16 |
VMWare Urges Users to Patch Critical Authentication Bypass Bug (lien direct) |
Vulnerability-for which a proof-of-concept is forthcoming-is one of a string of flaws the company fixed that could lead to an attack chain. |
Guideline
|
|
|
|
2022-08-02 23:02:12 |
Universities Put Email Users at Cyber Risk (lien direct) |
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails. |
|
|
|
|
2022-08-01 13:29:56 |
Securing Your Move to the Hybrid Cloud (lien direct) |
Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments. |
|
|
|
|
2022-07-29 15:07:58 |
Malicious Npm Packages Tapped Again to Target Discord Users (lien direct) |
Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods. |
|
|
|
|
2022-07-28 17:24:17 |
Threat Actors Pivot Around Microsoft\'s Macro-Blocking in Office (lien direct) |
Cybercriminals turn to container files and other tactics to get around the company's attempt to thwart a popular way to deliver malicious phishing payloads. |
|
|
|
|
2022-07-27 16:57:23 |
Messaging Apps Tapped as Platform for Cybercriminal Activity (lien direct) |
Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes. |
Malware
|
|
|
|
2022-07-26 18:15:41 |
Novel Malware Hijacks Facebook Business Accounts (lien direct) |
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain. |
Threat
Malware
|
|
|
|
2022-07-26 13:05:16 |
Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands (lien direct) |
Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. |
|
|
|
|
2022-07-26 12:38:21 |
IoT Botnets Fuels DDoS Attacks – Are You Prepared? (lien direct) |
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing. |
|
|
|
|
2022-07-25 11:00:04 |
Why Physical Security Maintenance Should Never Be an Afterthought (lien direct) |
SecuriThings' CEO Roy Dagan tackles the sometimes overlooked security step of physical security maintenance and breaks down why it is important. |
|
|
|
|
2022-07-21 12:59:30 |
Hackers for Hire: Adversaries Employ \'Cyber Mercenaries\' (lien direct) |
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP. |
Guideline
|
|
|
|
2022-07-20 12:35:02 |
Conti\'s Reign of Chaos: Costa Rica in the Crosshairs (lien direct) |
Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica? |
Ransomware
|
|
|
|
2022-07-20 12:14:47 |
Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems (lien direct) |
300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services. |
|
|
|
|
2022-07-19 15:33:01 |
Authentication Risks Discovered in Okta Platform (lien direct) |
Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction. |
Guideline
|
|
|
|
2022-07-19 15:20:16 |
FBI Warns Fake Crypto Apps are Bilking Investors of Millions (lien direct) |
Threat actors offer victims what appear to be investment services from legitimate companies to lure them into downloading malicious apps aimed at defrauding them. |
Threat
|
|
|
|
2022-07-18 12:32:22 |
Google Boots Multiple Malware-laced Android Apps from Marketplace (lien direct) |
Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant. |
|
|
|
|
2022-07-18 12:19:26 |
CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2 (lien direct) |
Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2. |
|
|
|
|
2022-07-15 16:26:53 |
Emerging H0lyGh0st Ransomware Tied to North Korea (lien direct) |
Microsoft has linked a threat that emerged in June 2021 and targets small-to-mid-sized businesses to state-sponsored actors tracked as DEV-0530. |
Threat
Ransomware
|
|
|
|
2022-07-14 15:08:16 |
Journalists Emerge as Favored Attack Target for APTs (lien direct) |
Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them. |
Threat
|
|
|
|
2022-07-13 11:45:26 |
Large-Scale Phishing Campaign Bypasses MFA (lien direct) |
Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets. |
|
|
|
|
2022-07-12 12:20:23 |
How War Impacts Cyber Insurance (lien direct) |
Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market. |
|
|
|
|
2022-07-12 11:43:11 |
\'Callback\' Phishing Campaign Impersonates Security Firms (lien direct) |
Victims instructed to make a phone call that will direct them to a link for downloading malware. |
|
|
|
|
2022-07-11 20:26:40 |
Rethinking Vulnerability Management in a Heightened Threat Landscape (lien direct) |
Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist. |
Threat
Vulnerability
|
|
|
|
2022-07-11 20:06:10 |
Popular NFT Marketplace Phished for $540M (lien direct) |
In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M. |
|
|
|
|
2022-07-08 14:45:47 |
Sneaky Orbit Malware Backdoors Linux Devices (lien direct) |
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine. |
Threat
Malware
|
|
|
|
2022-07-08 10:46:55 |
U.S. Healthcare Orgs Targeted with Maui Ransomware (lien direct) |
State-sponsored actors are deploying the unique malware--which targets specific files and leaves no ransomware note--in ongoing attacks. |
Ransomware
|
|
|