What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-18 00:02:51 | Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors (lien direct) | An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong, | Threat | ||
|
2022-01-17 21:13:47 | Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central (lien direct) | Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "may allow an attacker to read unauthorized data or write an arbitrary zip | Vulnerability | ||
|
2022-01-17 05:36:50 | Chrome Limits Websites\' Direct Access to Private Networks for Security Reasons (lien direct) | Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called | |||
|
2022-01-17 00:08:53 | Dark Web\'s Largest Marketplace for Stolen Credit Cards is Shutting Down (lien direct) | UniCC, the biggest dark web marketplace of stolen credit and debit cards, has announced that it's shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. "Don't build any conspiracy theories about us leaving," the anonymous operators of UniCC said in a farewell posted on dark web carding forums, according to | |||
|
2022-01-16 21:18:12 | High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites (lien direct) | Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. "This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site's administrator into performing an action, such as clicking on a | Vulnerability | ||
|
2022-01-16 20:29:32 | Ukrainian Government Officially Accuses Russia of Recent Cyberattacks (lien direct) | The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week. "All the evidence points to the fact that Russia is behind the cyber attack," the Ministry of Digital Transformation said in a statement. "Moscow continues to wage a hybrid war and is actively building forces in the | |||
|
2022-01-16 06:31:14 | New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking (lien direct) | A software bug introduced in Apple Safari 15's implementation of the IndexedDB API could be abused by a malicious website to track users' online activity in the web browser and worse, even reveal their identity. The vulnerability, dubbed IndexedDB Leaks, was disclosed by fraud protection software company FingerprintJS, which reported the issue to the iPhone maker on November 28, 2021. IndexedDB | |||
|
2022-01-16 01:28:50 | A New Destructive Malware Targeting Ukrainian Government and Business Entities (lien direct) | Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. "The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable," | Ransomware Malware | ||
|
2022-01-15 01:38:55 | Get Lifetime Access to Cybersecurity Certification Prep Courses (lien direct) | You can't go far in professional IT without being asked for some key certifications. In particular, most large companies today require new hires to be well versed in the fundamentals of cybersecurity. Adding the likes of CISSP, CISM, and CompTIA CASP+ to your résumé can open the door to many opportunities - including six-figure roles. There is just a small matter of some exams to pass. To help | |||
|
2022-01-15 01:21:23 | Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks (lien direct) | In an unprecedented move, Russia's Federal Security Service (FSB), the country's principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations. The surprise operation, which it said was carried out at the request of the U.S. authorities, saw the law enforcement agency conduct raids at 25 addresses | Ransomware | ||
|
2022-01-14 22:29:16 | Massive Cyber Attack Knocks Down Ukrainian Government Websites (lien direct) | No fewer than 70 websites operated by the Ukrainian government went offline on Friday for hours in what appears to be a coordinated cyber attack amid heightened tensions with Russia. "As a result of a massive cyber attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down," Oleg Nikolenko, MFA spokesperson, tweeted. The Security | |||
|
2022-01-14 06:16:30 | North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide (lien direct) | Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor. Russian cybersecurity company Kaspersky, which is tracking the intrusions | APT 38 APT 28 | ||
|
2022-01-14 00:23:21 | U.K. Hacker Jailed for Spying on Children and Downloading Indecent Images (lien direct) | A man from the U.K. city of Nottingham has been sentenced to more than two years in prison for illegally breaking into the phones and computers of a number of victims, including women and children, to spy on them and amass a collection of indecent images. Robert Davies, 32, is said to have purchased an arsenal of cyber crime tools in 2019, including crypters and remote administration tools (RATs | |||
|
2022-01-14 00:06:04 | Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies (lien direct) | Ukrainian police authorities have nabbed five members of a gang that's believed to have helped orchestrate attacks against more than 50 companies across Europe and the U.S and caused losses to the tune of more than $1 million. The special operation, which was carried out in assistance with law enforcement officials from the U.K. and U.S., saw the arrest of an unnamed 36-year-old individual from | Ransomware | ||
|
2022-01-13 23:20:56 | Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM (lien direct) | Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited by a remote attacker to take control of an affected system. Tracked as CVE-2022-20658, the vulnerability has been rated 9.6 in severity on the CVSS scoring system, and | Vulnerability | ||
|
2022-01-13 06:23:34 | GootLoader Hackers Targeting Employees of Law and Accounting Firms (lien direct) | Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is a stealthy initial access malware, which after getting a foothold into the victim's computer system, | Malware | ||
|
2022-01-13 06:06:54 | Researchers Decrypted Qakbot Banking Trojan\'s Encrypted Registry Keys (lien direct) | Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Although mainly fashioned as an information-stealing malware, Qakbot has since shifted its goals and acquired new | |||
|
2022-01-13 00:37:23 | Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor (lien direct) | An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation. "The actor's attack setup was obviously rushed, as they used the basic open-source tool for the exploitation and based their operations | Tool Vulnerability | ||
|
2022-01-13 00:18:27 | Meeting Patching-Related Compliance Requirements with TuxCare (lien direct) | Cybersecurity teams have many demands competing for limited resources. Restricted budgets are a problem, and restricted staff resources are also a bottleneck. There is also the need to maintain business continuity at all times. It's a frustrating mix of challenges – with resources behind tasks such as patching rarely sufficient to meet security prerogatives or compliance deadlines. The multitude | Patching | ||
|
2022-01-12 23:51:35 | US Cyber Command Links \'MuddyWater\' Hacking Group to Iranian Intelligence (lien direct) | The U.S. Cyber Command (USCYBERCOM) on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber National Mission Force (CNMF) | |||
|
2022-01-12 20:58:10 | Apple Releases iPhone and iPad Updates to Patch HomeKit DoS Vulnerability (lien direct) | Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service (DoS) issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes for iOS and iPadOS 15.2.1, termed it as a "resource exhaustion issue" that could be triggered when | Vulnerability | ||
|
2022-01-12 05:09:28 | Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware (lien direct) | Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which commenced in October 2021, have primarily targeted entities located in the U.S., Canada, Italy, | Malware | ||
|
2022-01-12 02:54:38 | New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users (lien direct) | A new cross-platform backdoor called "SysJoker" has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that's believed to have been initiated during the second half of 2021. "SysJoker masquerades as a system update and generates its [command-and-control server] by decoding a string retrieved from a text file hosted on | Malware | ||
|
2022-01-12 01:49:02 | XDR: Redefining the game for MSSPs serving SMBs and SMEs (lien direct) | SMBs and SMEs are increasingly turning to MSSPs to secure their businesses because they simply do not have the resources to manage an effective security technology stack. However, it's also challenging for MSSPs to piece together an effective but manageable security technology stack to protect their clients, especially at an affordable price point. This is where Extended Detection and Response ( | |||
|
2022-01-12 01:14:58 | FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure (lien direct) | Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National | |||
|
2022-01-11 22:42:18 | First Patch Tuesday of 2022 Brings Fix for a Critical \'Wormable\' Windows Vulnerability (lien direct) | Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated Important in severity, with six zero-day publicly known at the time of the release. This is in | Vulnerability Patching | ||
|
2022-01-11 12:29:57 | How Can You Leave Log4J in 2021? (lien direct) | With the last month of 2021 dominated by the log4J vulnerabilities discovery, publication, and patches popping up in rapid succession, odds are you have patched your system against Log4J exploitation attempts. At least some systems, if not all. You might even have installed the latest patch – at the time of writing, that is 2.17.1, but, if the last rapid patching cycle persists, it might have | Patching | ||
|
2022-01-11 03:59:58 | New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors (lien direct) | Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear and TP-Link, among others. KCodes NetUSB is a Linux kernel module that enables devices on a local network to provide USB-based services over IP. Printers, external hard drives, and flash drives plugged into a Linux-based embedded system ( | |||
|
2022-01-11 01:18:24 | Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO (lien direct) | Moxie Marlinspike, the founder of the popular encrypted instant messaging service Signal, has announced that he is stepping down as the chief executive of the non-profit in a move that has been underway over the last few months. "In other words, after a decade or more, it's difficult to overstate how important Signal is to me, but I now feel very comfortable replacing myself as CEO based on the | |||
|
2022-01-11 01:00:17 | 2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security (lien direct) | Lookout, an endpoint-to-cloud cyber security company, have put together their cyber security predictions for 2022. 1 - Cloud connectivity and cloud-to-cloud connectivity will amplify supply-chain breaches One area organizations need to continue to monitor in 2022 is the software supply chain. We tend to think of cloud apps as disparate islands used as destinations by endpoints and end-users to | |||
|
2022-01-10 23:09:00 | Microsoft Details macOS Bug That Could Let Attackers Gain Access to User Data (lien direct) | Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control (TCC) security framework, which enables users to configure the privacy settings of their apps and | Vulnerability Threat | ||
|
2022-01-10 21:52:02 | Europol Ordered to Delete Data of Individuals With No Proven Links to Crimes (lien direct) | The European Union's data protection watchdog on Monday ordered Europol to delete a vast trove of personal data it obtained pertaining to individuals with no proven links to criminal activity. "Datasets older than six months that have not undergone this Data Subject Categorisation must be erased," the European Data Protection Supervisor (EDPS) said in a press statement. "This means that Europol | |||
|
2022-01-10 06:35:15 | Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries (lien direct) | A study of 16 different Uniform Resource Locator (URL) parsing libraries has unearthed inconsistencies and confusions that could be exploited to bypass validations and open the door to a wide range of attack vectors. In a deep-dive analysis jointly conducted by cybersecurity firms Claroty and Synk, eight security vulnerabilities were identified in as many third-party libraries written in C, | |||
|
2022-01-09 22:05:18 | BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks (lien direct) | Threat hunters have shed light on the tactics, techniques, and procedures embraced by an Indian-origin hacking group called Patchwork as part of a renewed campaign that commenced in late November 2021, targeting Pakistani government entities and individuals with a research focus on molecular medicine and biological science. "Ironically, all the information we gathered was possible thanks to the | Malware | ||
|
2022-01-07 23:15:27 | Facebook Launches \'Privacy Center\' to Educate Users on Data Collection and Privacy Options (lien direct) | Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps. "Privacy Center provides helpful information about five common privacy topics: sharing, security, data collection, data use | |||
|
2022-01-07 23:04:51 | NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon (lien direct) | The digital security team at the U.K. National Health Service (NHS) has raised the alarm on active exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an unknown threat actor to drop malicious web shells and establish persistence on affected networks for follow-on attacks. "The attack likely consists of a reconnaissance phase, where the attacker uses the Java Naming | Threat | ||
|
2022-01-07 01:31:46 | Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console (lien direct) | Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j "Log4Shell" vulnerability that came to light last month. The issue, tracked as CVE-2021-42392, is the " first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell | Vulnerability | ||
|
2022-01-06 23:35:50 | France Fines Google, Facebook €210 Million Over Privacy Violating Tracking Cookies (lien direct) | The Commission nationale de l'informatique et des libertés (CNIL), France's data protection watchdog, has slapped Facebook (now Meta Platforms) and Google with fines of €150 million ($170 million) and €60 million ($68 million) for violating E.U. privacy rules by failing to provide users with an easy option to reject cookie tracking technology. "The websites facebook.com, google.fr and | |||
|
2022-01-06 08:06:19 | North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry (lien direct) | A North Korean cyberespionage group named Konni has been linked to a series of targeted attacks aimed at the Russian Federation's Ministry of Foreign Affairs (MID) with New Year lures to compromise Windows systems with malware. "This activity cluster demonstrates the patient and persistent nature of advanced actors in waging multi-phased campaigns against perceived high-value networks," | |||
|
2022-01-06 03:16:35 | NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance (lien direct) | When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology (NIST). From the latest password requirements (NIST 800-63) to IoT security for manufacturers (NISTIR 8259), NIST is always the starting point. NIST plays a key role as a US standard-setter, due to the organization's professionalism and the external experts | |||
|
2022-01-06 02:45:40 | (Déjà vu) New Trick Could Let Malware Fake iPhone Shutdown to Spy on Users Secretly (lien direct) | Researchers have disclosed a novel technique by which malware on iOS can achieve persistence on an infected device by faking its shutdown process, making it impossible to physically determine if an iPhone is off or otherwise. The discovery - dubbed "NoReboot" - comes courtesy of mobile security firm ZecOps, which found that it's possible to block and then simulate an iOS rebooting operation, | Malware | ||
|
2022-01-05 22:30:43 | VMware Patches Important Bug Affecting ESXi, Workstation and Fusion Products (lien direct) | VMWare has shipped updates to Workstation, Fusion, and ESXi products to address an "important" security vulnerability that could be weaponized by a threat actor to take control of affected systems. The issue relates to a heap-overflow vulnerability - tracked as CVE-2021-22045 (CVSS score: 7.7) - that, if successfully exploited, results in the execution of arbitrary code. The company credited | Vulnerability Threat | ||
|
2022-01-05 21:47:57 | Google Releases New Chrome Update to Patch Dozens of New Browser Vulnerabilities (lien direct) | Google has rolled out the first round of updates to its Chrome web browser for 2022 to fix 37 security issues, one of which is rated Critical in severity and could be exploited to pass arbitrary code and gain control over a victim's system. Tracked as CVE-2022-0096, the flaw relates to a use-after-free bug in the Storage component, which could have devastating effects ranging from corruption of | |||
|
2022-01-05 05:40:30 | Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation (lien direct) | Cybersecurity researchers have taken the wraps of an organized financial-theft operation undertaken by a discreet actor to target transaction processing systems and siphon funds from entities primarily located in Latin America for at least four years. The malicious hacking group has been codenamed Elephant Beetle by Israeli incident response firm Sygnia, with the intrusions aimed at banks and | |||
|
2022-01-05 03:01:48 | New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification (lien direct) | An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and Microsoft's digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been tracking the sophisticated infection chain since November 2021, attributed it to a cybercriminal group dubbed Malsmoke, citing similarities | Malware | ||
|
2022-01-04 23:08:18 | Hackers Target Real Estate Websites with Skimmer in Latest Supply Chain Attack (lien direct) | Threat actors leveraged a cloud video hosting service to carry out a supply chain attack on more than 100 real estate websites operated by Sotheby's Realty that involved injecting malicious skimmers to steal sensitive personal information. "The attacker injected the skimmer JavaScript codes into video, so whenever others import the video, their websites get embedded with skimmer codes as well," | |||
|
2022-01-04 21:13:47 | Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities (lien direct) | Microsoft is warning of continuing attempts by nation-state adversaries and commodity attackers to take advantage of security vulnerabilities uncovered in the Log4j open-source logging framework to deploy malware on vulnerable systems. "Exploitation attempts and testing have remained high during the last weeks of December," Microsoft Threat Intelligence Center (MSTIC) said in revised guidance | Malware Threat | ||
|
2022-01-04 06:32:48 | SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts (lien direct) | A group of academics from the University of California, Santa Barbara, has demonstrated what it calls a "scalable technique" to vet smart contracts and mitigate state-inconsistency bugs, discovering 47 zero-day vulnerabilities on the Ethereum blockchain in the process. Smart contracts are programs stored on the blockchain that are automatically executed when predetermined conditions are met | |||
|
2022-01-04 03:27:09 | Researchers Detail New HomeKit \'doorLock\' Bug Affecting Apple iOS (lien direct) | A persistent denial-of-service (DoS) vulnerability has been discovered in Apple's iOS mobile operating system that's capable of sending affected devices into a crash or reboot loop upon connecting to an Apple Home-compatible appliance. The behavior, dubbed "doorLock," is trivial in that it can be triggered by simply changing the name of a HomeKit device to a string larger than 500,000 characters | Vulnerability | ||
|
2022-01-03 22:59:15 | Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware (lien direct) | Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. That's according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads. "This threat actor was able to leave most parts of | Malware Threat |
To see everything:
Our RSS (filtrered)
