Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-11-16 15:15:45 |
Updated RapperBot malware targets game servers in DDoS attacks (lien direct) |
The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS (Distributed Denial of Service) attacks against game servers. [...] |
Malware
|
|
|
|
2022-11-16 08:00:00 |
DuckDuckGo now lets all Android users block trackers in their apps (lien direct) |
DuckDuckGo for Android's 'App Tracking Protection' feature has reached open beta, allowing all Android users to block third-party trackers across all their installed apps. [...] |
|
|
|
|
2022-11-15 17:24:49 |
North Korean hackers target European orgs with updated malware (lien direct) |
North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. [...] |
Malware
|
|
|
|
2022-11-15 13:00:00 |
Google to roll out Privacy Sandbox on Android 13 starting early 2023 (lien direct) |
Google announced today that they will begin rolling out the Privacy Sandbox system on a limited number of Android 13 devices starting in early 2023. [...] |
|
|
|
|
2022-11-14 14:14:22 |
Google will pay $391M to settle Android location tracking lawsuit (lien direct) |
Google has agreed to pay $391.5 million to settle a lawsuit filed by a coalition of attorneys general from 40 U.S. states alleging that the search giant tracked Android users' locations since at least 2014 even when they thought location tracking was disabled. [...] |
|
|
|
|
2022-11-14 13:19:27 |
Whoosh confirms data breach after hackers sell 7.2M user records (lien direct) |
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. [...] |
Data Breach
|
|
|
|
2022-11-12 11:10:20 |
New extortion scam threatens to damage sites\' reputation, leak data (lien direct) |
An active extortion scam is targeting website owners and admins worldwide, claiming to have hacked their servers and demanding $2,500 not to leak data. [...] |
|
|
|
|
2022-11-12 10:07:14 |
Android phone owner accidentally finds a way to bypass lock screen (lien direct) |
Cybersecurity researcher David Schütz accidentally found a way to bypass the lock screen on his fully patched Google Pixel 6 and Pixel 5 smartphones, enabling anyone with physical access to the device to unlock it. [...] |
|
|
|
|
2022-11-11 15:01:09 |
Microsoft Defender network protection generally available on iOS, Android (lien direct) |
Microsoft announced that the Mobile Network Protection feature is generally available to help organizations detect network weaknesses affecting Android and iOS devices running Microsoft's Defender for Endpoint (MDE) enterprise endpoint security platform. [...] |
|
|
|
|
2022-11-11 11:26:33 |
New BadBazaar Android malware linked to Chinese cyberspies (lien direct) |
A previously undocumented Android spyware tool named 'BadBazaar' has been discovered targeting ethnic and religious minorities in China, most notably the Uyghurs in Xinjiang. [...] |
Malware
Tool
|
|
|
|
2022-11-10 17:58:42 |
Phishing drops IceXLoader malware on thousands of home, corporate devices (lien direct) |
A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware. [...] |
Malware
|
|
|
|
2022-11-10 17:18:10 |
(Déjà vu) Microsoft fixes Windows zero-day bug exploited to push malware (lien direct) |
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] |
Malware
|
|
|
|
2022-11-10 17:18:10 |
Microsoft fixes MoTW zero-day used to drop malware via ISO files (lien direct) |
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] |
Malware
|
|
|
|
2022-11-10 14:17:25 |
Worok hackers hide new malware in PNGs using steganography (lien direct) |
A threat group tracked as 'Worok' hides malware within PNG images to infect victims' machines with information-stealing malware without raising alarms. [...] |
Threat
Malware
|
|
|
|
2022-11-10 11:02:58 |
Ukraine arrests fraud ring members who made €200 million per year (lien direct) |
Ukraine's cyber police and Europol have identified and arrested five key members of an international investment fraud ring estimated to have caused losses of over €200 million per year. [...] |
|
|
|
|
2022-11-09 17:51:08 |
New StrelaStealer malware steals your Outlook, Thunderbird accounts (lien direct) |
A new information-stealing malware named 'StrelaStealer' is actively stealing email account credentials from Outlook and Thunderbird, two widely used email clients. [...] |
Malware
|
|
|
|
2022-11-09 11:43:27 |
Medibank warns customers their data was leaked by ransomware gang (lien direct) |
Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems. [...] |
Ransomware
|
|
|
|
2022-11-08 17:56:13 |
LockBit affiliate uses Amadey Bot malware to deploy ransomware (lien direct) |
A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. [...] |
Ransomware
Malware
|
|
|
|
2022-11-08 09:39:46 |
Influencer \'Hushpuppi\' gets 11 years in prison for cyber fraud (lien direct) |
An Instagram influencer known as 'Hushpuppi' has been sentenced to 11 years in prison for conspiring to launder tens of millions of USD from business email compromise (BEC) scams and various cyber schemes. [...] |
|
|
|
|
2022-11-07 12:50:26 |
Ransomware gang threatens to release stolen Medibank data (lien direct) |
A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. [...] |
Ransomware
|
|
|
|
2022-11-04 15:22:52 |
British govt is scanning all Internet devices hosted in UK (lien direct) |
The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. [...] |
Guideline
|
|
|
|
2022-11-03 15:36:50 |
RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam (lien direct) |
The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. [...] |
Threat
Malware
|
|
|
|
2022-11-03 14:25:59 |
LockBit ransomware claims attack on Continental automotive giant (lien direct) |
The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental. [...] |
Ransomware
|
|
|
|
2022-11-02 16:35:15 |
(Déjà vu) Hundreds of U.S. news sites push malware in supply-chain attack (lien direct) |
The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] |
Threat
Malware
|
|
|
|
2022-11-02 16:35:15 |
Hundreds of U.S. news sites hit in SocGholish supply-chain attack (lien direct) |
The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] |
Threat
Malware
|
|
|
|
2022-11-02 14:41:42 |
(Déjà vu) Emotet botnet starts blasting malware again after 4 month break (lien direct) |
The Emotet malware operation is again spamming malicious emails after almost a four-month "vacation" that saw little activity from the notorious cybercrime operation. [...] |
Malware
|
|
|
|
2022-11-02 14:41:42 |
Emotet botnet starts blasting malware again after 5 month break (lien direct) |
The Emotet malware operation is again spamming malicious emails after almost a five-month "vacation" that saw little activity from the notorious cybercrime operation. [...] |
Malware
|
|
|
|
2022-11-02 13:21:26 |
Dozens of PyPI packages caught dropping \'W4SP\' info-stealing malware (lien direct) |
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. [...] |
Malware
|
|
|
|
2022-11-02 13:05:18 |
Vodafone Italy discloses data breach after reseller hacked (lien direct) |
Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telco's services in the country, has fallen victim to a cyberattack. [...] |
Data Breach
|
|
|
|
2022-11-01 17:15:20 |
Dropbox discloses breach after hacker stole 130 GitHub repositories (lien direct) |
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. [...] |
Threat
|
|
|
|
2022-11-01 16:03:34 |
Malicious Android apps with 1M+ installs found on Google Play (lien direct) |
A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing users sites that steal sensitive information or generate 'pay-per-click' revenue for the operators. [...] |
|
|
|
|
2022-11-01 11:29:25 |
New SandStrike spyware infects Android devices via malicious VPN app (lien direct) |
Threat actors are using a newly discovered spyware known as SandStrike and delivered via a malicious VPN application to target Persian-speaking Android users. [...] |
Threat
|
|
|
|
2022-11-01 10:06:12 |
Using Regex to Implement Passphrases in Your Active Directory (lien direct) |
Passphrases provide a superior type of password for authentication as they allow you to create strong passwords you can remember. Furthermore, you can use regex (regular expression) to effectively help develop solid passphrases and ensure these do not contain weak elements. Let's see how. [...] |
|
|
|
|
2022-11-01 06:48:34 |
Google ad for GIMP.org served info-stealing malware via lookalike site (lien direct) |
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which was malware. [...] |
Malware
|
|
|
|
2022-10-31 11:34:52 |
Hacking group abuses antivirus software to launch LODEINFO malware (lien direct) |
The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. [...] |
Malware
|
APT 10
|
|
|
2022-10-28 16:08:28 |
The Week in Ransomware - October 28th 2022 - Healthcare leaks (lien direct) |
This week, we learned of healthcare data leaks out of Australia, information about existing attacks, and reports on how ransomware gangs operate and partner with malware developers for initial access. [...] |
Ransomware
Malware
|
|
|
|
2022-10-28 06:00:00 |
Android malware droppers with 130K installs found on Google Play (lien direct) |
A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...] |
Malware
|
|
|
|
2022-10-28 06:00:00 |
Hackers use Microsoft IIS web server logs to control malware (lien direct) |
The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...] |
Malware
|
|
|
|
2022-10-27 14:05:38 |
Australian Clinical Labs says patient data stolen in ransomware attack (lien direct) |
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. [...] |
Ransomware
Data Breach
|
|
|
|
2022-10-27 13:10:18 |
Drinik Android malware now targets users of 18 Indian banks (lien direct) |
A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...] |
Malware
|
|
|
|
2022-10-27 12:59:43 |
Twilio discloses another hack from June, blames voice phishing (lien direct) |
Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. [...] |
Hack
|
|
|
|
2022-10-27 10:12:30 |
Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets (lien direct) |
A new version of the Fodcha DDoS botnet has emerged, featuring ransom demands embedded in packets and new features to evade detection of its infrastructure. [...] |
|
|
|
|
2022-10-25 15:46:23 |
See Tickets discloses 2.5 years-long credit card theft breach (lien direct) |
Ticketing service provider 'See Tickets' has disclosed a data breach, informing customers that cybercriminals might have accessed their payment card details via a skimmer on its website. [...] |
|
|
|
|
2022-10-25 15:02:37 |
Ukrainian charged for operating Raccoon Stealer malware service (lien direct) |
26-year-old Ukrainian national Mark Sokolovsky has been charged for his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation. [...] |
Malware
|
|
|
|
2022-10-25 10:05:10 |
How the "pizza123" password could take down an organization (lien direct) |
The breach, the bitter taste of pizza123, and the plight of malicious push notifications demand caution when selecting and managing passwords. [...] |
|
|
|
|
2022-10-25 04:49:21 |
Hive claims ransomware attack on Tata Power, begins leaking data (lien direct) |
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. In data leak screenshots seen by BleepingComputer, Hive operators are seen leaking data it claims to have stolen from Tata Power, indicating the ransom negotiations failed. [...] |
Ransomware
|
|
|
|
2022-10-24 13:17:43 |
Iran\'s atomic energy agency confirms hack after stolen data leaked online (lien direct) |
The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online. [...] |
Hack
|
|
|
|
2022-10-24 10:51:38 |
Pendragon car dealer refuses $60 million LockBit ransomware demand (lien direct) |
Pendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt files and not leak them. [...] |
Ransomware
|
|
|
|
2022-10-23 11:15:19 |
Thousands of GitHub repositories deliver fake PoC exploits with malware (lien direct) |
Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. [...] |
Malware
|
|
|
|
2022-10-23 10:17:34 |
Typosquat campaign mimics 27 brands to push Windows, Android malware (lien direct) |
A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. [...] |
Malware
|
|
|