Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-02-24 21:11:33 |
(Déjà vu) The Harsh Truths of Cybersecurity in 2022, Part II (lien direct) |
Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout. |
Ransomware
|
|
|
|
2022-02-24 20:07:34 |
Zenly Social-Media App Bugs Allow Account Takeover (lien direct) |
A pair of bugs in the Snap-owned tracking app reveal phone numbers and allow account hijacking. |
|
|
|
|
2022-02-24 18:42:49 |
Microsoft App Store Sizzling with New \'Electron Bot\' Malware (lien direct) |
The SEO poisoning bot, capable of full system takeover, is actively taking over social media accounts, masquerading as popular games like Temple Run. |
Malware
|
|
|
|
2022-02-24 16:06:19 |
Web Filtering and Compliances for Wi-Fi Providers (lien direct) |
Demand for public Wi-Fi is on the rise. Usually free of charge, but there is a risk of expensive losses. Learn ways to protect yourself from cyber-threats. |
|
|
|
|
2022-02-24 15:08:17 |
Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins (lien direct) |
A targeted phishing attack takes aim at a major U.S. payments company. |
|
|
|
|
2022-02-24 14:00:50 |
The Art of Non-boring Cybersec Training–Podcast (lien direct) |
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.
|
|
|
|
|
2022-02-23 21:29:30 |
Samsung Shattered Encryption on 100M Phones (lien direct) |
One cryptography expert said that 'serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics, are 'embarrassingly bad.' |
|
|
|
|
2022-02-23 17:20:41 |
Sextortion Rears Its Ugly Head Again (lien direct) |
Attackers are sending email blasts with malware links in embedded PDFs as a way to evade email filters, lying about having fictional "video evidence." |
Malware
|
|
|
|
2022-02-23 14:00:22 |
Creaky Old WannaCry, GandCrab Top the Ransomware Scene (lien direct) |
Nothing like zombie campaigns: WannaCry's old as dirt, and GandCrab threw in the towel years ago. They're on auto-pilot at this point, researchers say. |
Ransomware
|
Wannacry
|
|
|
2022-02-22 21:00:36 |
Gaming, Banking Trojans Dominate Mobile Malware Scene (lien direct) |
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say. |
Malware
|
|
|
|
2022-02-22 20:41:48 |
Cyberattackers Cook Up Employee Personal Data Heist for Meyer (lien direct) |
The Conti gang breached the cookware giant's network, prepping thousands of employees' personal data for consumption by cybercrooks. |
|
|
|
|
2022-02-22 18:00:30 |
Xenomorph Malware Burrows into Google Play Users, No Facehugger Required (lien direct) |
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now. |
Threat
Malware
|
|
|
|
2022-02-22 03:12:30 |
NFT Investors Lose $1.7M in OpenSea Phishing Attack (lien direct) |
Attackers took advantage of a smart-contract migration to swindle 17 users.
|
|
|
|
|
2022-02-18 16:55:59 |
New Critical RCE Bug Found in Adobe Commerce, Magento (lien direct) |
Adobe updated its recent out-of-band security advisory to add another critical bug, while researchers put out a PoC for the one it emergency-fixed last weekend. |
|
|
|
|
2022-02-18 14:25:09 |
Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups (lien direct) |
An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders.
|
|
|
|
|
2022-02-18 13:46:04 |
Iranian State Broadcaster Clobbered by \'Clumsy, Buggy\' Code (lien direct) |
Researchers said a Jan. 27 attack that aired footage of opposition leaders calling for assassination of Iran's Supreme Leader was a clumsy and unsophisticated wiper attack. |
Guideline
|
|
|
|
2022-02-17 17:28:02 |
Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators (lien direct) |
Kraken has already spread like wildfire, but in the past few months, the malware's author has been tinkering away, adding more infostealers and backdoors. |
|
|
|
|
2022-02-17 16:04:36 |
Ukrainian DDoS Attacks Should Put US on Notice–Researchers (lien direct) |
On Tuesday, institutions central to Ukraine's military and economy were hit with denial-of-service (DoS) attacks. Impact was limited, but the ramifications are not. |
|
|
★★★★★
|
|
2022-02-17 14:00:14 |
Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security – Podcast (lien direct) |
When it comes to ensuring safe cloud app rollouts, there's flat-out animosity between business shareholders. HackerOne's Alex Rice and GitLab's Johnathan Hunt share tips on quashing all the squabbling. |
|
|
★★
|
|
2022-02-16 22:34:52 |
TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands (lien direct) |
The resurgent trojan has targeted 60 top companies to harvest credentials for a wide range of applications, with an eye to virulent follow-on attacks. |
|
|
★★★★
|
|
2022-02-16 21:15:47 |
Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry (lien direct) |
The phishing attacks are spoofing LinkedIn to target 'Great Resignation' job hunters, who are also being preyed on by huge data-scraping bot attacks. |
|
|
★★
|
|
2022-02-16 16:03:32 |
High-Severity RCE Bug Found in Popular Apache Cassandra Database (lien direct) |
On the plus side, only instances with non-standard not recommended configurations are vulnerable. On the downside, those configurations aren't easy to track down, and it's easy as pie to exploit.
|
|
|
★★★★★
|
|
2022-02-16 15:59:14 |
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers (lien direct) |
A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS. |
Guideline
|
|
★★
|
|
2022-02-16 13:39:33 |
Emotet Now Spreading Through Malicious Excel Files (lien direct) |
An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December. |
|
|
★★★★
|
|
2022-02-15 22:31:33 |
SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming (lien direct) |
Researchers have never before seen SquirrelWaffle attackers use typosquatting to keep sending spam once a targeted Exchange server has been patched for ProxyLogon/ProxyShell. |
Spam
|
|
|
|
2022-02-15 18:33:28 |
Chrome Zero-Day Under Active Attack: Patch ASAP (lien direct) |
The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems. |
Guideline
|
|
★★
|
|
2022-02-15 14:02:07 |
TA2541: APT Has Been Shooting RATs at Aviation for Years (lien direct) |
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense.
|
Malware
|
|
|
|
2022-02-15 02:04:36 |
BlackByte Tackles the SF 49ers & US Critical Infrastructure (lien direct) |
Hours before the Superbowl and two days after the FBI warned about the ransomware gang, BlackByte leaked what are purportedly the NFL team's files.
|
Ransomware
|
|
|
|
2022-02-14 17:23:45 |
\'Cities: Skylines\' Gaming Modder Banned Over Hidden Malware (lien direct) |
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
|
Malware
|
|
|
|
2022-02-14 16:48:50 |
Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack (lien direct) |
The vendor issued an emergency fix on Sunday, and eCommerce websites should update ASAP to avoid Magecart card-skimming attacks and other problems. |
|
|
|
|
2022-02-11 21:51:28 |
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa (lien direct) |
A collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview. |
|
|
★★★★★
|
|
2022-02-11 19:57:34 |
Cybercrooks Frame Targets by Planting Fabricated Digital Evidence (lien direct) |
The 'ModifiedElephant' threat actors are technically unimpressive, but they've evaded detection for a decade, hacking human rights advocates' systems with dusty old keyloggers and off-the-shelf RATs.
|
Threat
|
|
|
|
2022-02-11 13:45:45 |
Apple Patches Actively Exploited WebKit Zero Day (lien direct) |
A memory issue affects myriad iPhone, iPad and MacOS devices and allows attackers to execute arbitrary code after processing malicious web content.
|
|
|
|
|
2022-02-10 23:16:44 |
Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares (lien direct) |
The Maze gang are purportedly never going back to ransomware and have destroyed all of their ransomware source code, said somebody claiming to be the developer. |
Ransomware
|
|
|
|
2022-02-10 22:13:33 |
Sharp SIM-Swapping Spike Causes $68M in Losses (lien direct) |
The attacks, which lead to 2FA defeat and account takeover, have accelerated by several hundred percent in one year, leading to thousands of drained bank accounts. |
Guideline
|
|
|
|
2022-02-10 16:39:04 |
(Déjà vu) SAP Patches Severe \'ICMAD\' Bugs (lien direct) |
SAP's Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more.
|
|
|
|
|
2022-02-10 16:39:04 |
SAP to Give Threat Briefing on Uber-Severe \'ICMAD\' Bugs (lien direct) |
SAP's Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more.
|
Threat
|
Uber
|
|
|
2022-02-10 13:58:07 |
PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE (lien direct) |
The plug-in's default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said.
|
|
|
|
|
2022-02-09 21:56:49 |
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware (lien direct) |
The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot. |
Malware
|
|
|
|
2022-02-09 21:06:38 |
3 Tips for Facing the Harsh Truths of Cybersecurity in 2022, Part I (lien direct) |
Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout. |
Ransomware
|
|
|
|
2022-02-09 14:03:18 |
MoleRats APT Flaunts New Trojan in Latest Cyberespionage Campaign (lien direct) |
Researchers from Proofpoint have spotted a new Middle East-targeted phishing campaign that delivers a novel malware dubbed NimbleMamba. |
Malware
|
|
|
|
2022-02-09 14:00:57 |
Ex-Gumshoe Nabs Cybercrooks with FBI Tactics (lien direct) |
Crane Hassold, former FBI analyst turned director of threat intel at Abnormal Security, shares stories from his covert work with cyberattackers. |
Threat
|
|
|
|
2022-02-08 20:24:17 |
No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day (lien direct) |
This batch had zero critical CVEs, which is unheard of. Most (50) of the patches are labeled Important, so don't delay to apply the patches, security experts said. |
|
|
|
|
2022-02-08 14:14:59 |
China Suspected of News Corp Cyberespionage Attack (lien direct) |
Attackers infiltrated the media giant's network using BEC, while Microsoft moved to stop such attacks by blocking VBA macros in 5 Windows apps. Included: more ways to help stop BEC.
|
|
|
|
|
2022-02-07 22:39:28 |
CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug (lien direct) |
Feb. 18 is the deadline to patch a bug that affects all unpatched versions of Windows 10 and requires zero user interaction to exploit. |
|
|
|
|
2022-02-07 22:13:29 |
Medusa Malware Joins Flubot\'s Android Distribution Network (lien direct) |
Two powerful trojans with spyware and RAT capabilities are being delivered in side-by-side campaigns using a common infrastructure. |
Malware
|
|
|
|
2022-02-07 22:09:27 |
LockBit, BlackCat, Swissport, Oh My! Ransomware Activity Stays Strong (lien direct) |
However, groups are rebranding and recalibrating their profiles and tactics to respond to law enforcement and the security community's focus on stopping ransomware attacks. |
Ransomware
|
|
|
|
2022-02-07 18:49:59 |
QuaDream, 2nd Israeli Spyware Firm, Weaponizes iPhone Bug (lien direct) |
The now-patched flaw that led to the ForcedEntry exploit of iPhones was exploited by both NSO Group and a different, newly detailed surveillance vendor.
|
|
|
|
|
2022-02-07 17:32:14 |
Roaming Mantis Expands Android Backdoor to Europe (lien direct) |
The 'smishing' group lives up to its name, expanding globally and adding image exfiltration to the Wroba RAT it uses to infect mobile victims. |
|
|
|
|
2022-02-04 18:58:28 |
\'Long Live Log4Shell\': CVE-2021-44228 Not Dead Yet (lien direct) |
The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what's next. |
|
|
|