What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-28 23:57:13 | Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million (lien direct) | A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed "HAECHI-II," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank | |||
|
2021-11-26 22:34:44 | Italy\'s Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices (lien direct) | Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato (AGCM) said "Google and Apple did not provide clear and immediate information on the | |||
|
2021-11-26 05:20:56 | Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware (lien direct) | An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of | Malware Threat | ||
|
2021-11-26 02:32:10 | Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable (lien direct) | A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware, | Malware | ||
|
2021-11-26 00:08:34 | CronRAT: A New Linux Malware That\'s Scheduled to Run on February 31st (lien direct) | Researchers have unearthed a new remote access trojan (RAT) for Linux that employs a never-before-seen stealth technique that involves masking its malicious actions by scheduling them for execution on February 31st, a non-existent calendar day. Dubbed CronRAT, the sneaky malware "enables server-side Magecart data theft which bypasses browser-based security solutions," Sansec Threat Research said | Malware Threat | ||
|
2021-11-25 21:10:28 | Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries (lien direct) | Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 countries, down from the previous 102: | |||
|
2021-11-25 09:52:44 | Product Releases Should Not Be Scary (lien direct) | Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but more often than | |||
|
2021-11-25 03:57:05 | This New Stealthy JavaScript Loader Infecting Computers with Malware (lien direct) | Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans (RATs) and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021. Around 155 samples of this new malware | Malware Threat | ||
|
2021-11-25 03:33:42 | Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware (lien direct) | A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. "[T]he stealer is a PowerShell script, short with powerful collection capabilities - in only ~150 lines, it provides the | Malware Threat | ||
|
2021-11-25 01:24:46 | If You\'re Not Using Antivirus Software, You\'re Not Paying Attention (lien direct) | Stop tempting fate and take a look at our picks for the best antivirus programs on the market today. Every year there are billions of malware attacks worldwide. And these threats are constantly evolving. So if you are not currently using antivirus software, or you still rely on some free software you downloaded back in 2017, you are putting your cybersecurity in serious jeopardy. Need help | Malware | ||
|
2021-11-25 00:10:45 | Warning - Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild (lien direct) | Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos disclosed that it "detected malware samples in the wild that are attempting to take advantage of this | Malware Vulnerability | ||
|
2021-11-24 21:09:55 | VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client (lien direct) | VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the bug has been rated 7.5 out of a maximum of 10 on the CVSS scoring system, | Vulnerability | ||
|
2021-11-24 04:25:16 | Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally (lien direct) | Multiple security weaknesses have been disclosed in MediaTek system-on-chips (SoCs) that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a "massive eavesdrop campaign" without the users' knowledge. The discovery of the flaws is the result of reverse-engineering the Taiwanese | Threat | ||
|
2021-11-24 00:49:24 | APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users (lien direct) | A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "incorporated new features into their malicious apps that make them more resilient to actions by users, who might try | Threat | ||
|
2021-11-23 23:40:13 | Over 9 Million Android Phones Running Malware Apps from Huawei\'s AppGallery (lien direct) | At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace to steal device information and victims' mobile phone numbers. The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as "Android.Cynos.7.origin," owing to the fact that the | Malware | ||
|
2021-11-23 21:32:20 | Apple Sues Israel\'s NSO Group for Spying on iPhone Users With Pegasus Spyware (lien direct) | Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. The Cupertino-based tech giant painted NSO Group as "notorious hackers - amoral 21st century mercenaries who have created highly sophisticated | |||
|
2021-11-23 04:26:58 | What Avengers Movies Can Teach Us About Cybersecurity (lien direct) | Marvel has been entertaining us for the last 20 years. We have seen gods, super-soldiers, magicians, and other irradiated heroes fight baddies at galactic scales. The eternal fight of good versus evil. A little bit like in cybersecurity, goods guys fighting cybercriminals.If we choose to go with this fun analogy, is there anything useful we can learn from those movies? World-ending baddies | |||
|
2021-11-23 04:06:22 | Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox (lien direct) | A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads. "Successful attacks of | Vulnerability | ||
|
2021-11-23 02:58:04 | More Stealthier Version of BrazKing Android Malware Spotted in the Wild (lien direct) | Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan (RAT) that's capable of carrying out financial fraud attacks by stealing two-factor authentication (2FA) codes and initiating rogue transactions from infected devices to transfer money from victims' accounts to an account operated by the threat actor. IBM X-Force dubbed the | Malware Threat | ||
|
2021-11-23 02:34:19 | The Importance of IT Security in Your Merger Acquisition (lien direct) | In the business world, mergers and acquisitions are commonplace as businesses combine, acquire, and enter various partnerships. Mergers and Acquisitions (M&A) are filled with often very complicated and complex processes to merge business processes, management, and a whole slew of other aspects of combining two businesses into a single logical entity. In the modern business world before and after | |||
|
2021-11-22 23:39:14 | GoDaddy Data Breach Exposes Over 1 Million WordPress Customers\' Data (lien direct) | Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain | Data Breach | ||
|
2021-11-22 04:10:31 | New Golang-based Linux Malware Targeting eCommerce Websites (lien direct) | Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms," researchers from Sansec Threat Research said in an analysis. "After a day and a | Malware Threat | ||
|
2021-11-22 03:47:12 | Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns (lien direct) | Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign that leverages stolen email chains to bypass security software and deploy malware on vulnerable systems. The findings come from Trend Micro following an investigation into a number of intrusions in the Middle East that culminated in the distribution of a | Spam Malware | ||
|
2021-11-21 23:30:46 | Facebook Postpones Plans for E2E Encryption in Messenger, Instagram Until 2023 (lien direct) | Meta, the parent company of Facebook, Instagram, and WhatsApp, disclosed that it doesn't intend to roll out default end-to-end encryption (E2EE) across all its messaging services until 2023, pushing its original plans by at least a year. "We're taking our time to get this right and we don't plan to finish the global rollout of end-to-end encryption by default across all our messaging services | |||
|
2021-11-20 07:54:06 | RedCurl Corporate Espionage Hackers Return With Updated Hacking Tools (lien direct) | A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. "In every attack, the threat actor demonstrates extensive red teaming skills and the ability to bypass | Threat | ||
|
2021-11-20 07:26:20 | North Korean Hackers Found Behind a Range of Credential Theft Campaigns (lien direct) | A threat actor with ties to North Korea has been linked to a prolific wave of credential theft campaigns targeting research, education, government, media and other organizations, with two of the attacks also attempting to distribute malware that could be used for intelligence gathering. Enterprise security firm Proofpoint attributed the infiltrations to a group it tracks as TA406, and by the | Malware Threat | ||
|
2021-11-19 05:14:08 | 11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells (lien direct) | Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index (PyPI) repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion attacks. The Python packages have since been removed from the repository following responsible | |||
|
2021-11-19 04:54:36 | U.S. Charged 2 Iranians Hackers for Threatening Voters During 2020 Presidential Election (lien direct) | The U.S. government on Thursday unsealed an indictment that accused two Iranian nationals of their involvement in cyber-enabled disinformation and threat campaign orchestrated to interfere in the 2020 presidential elections by gaining access to confidential voter information from at least one state election website. The two defendants in question - Seyyed Mohammad Hosein Musa Kazemi, 24, and | Threat | ||
|
2021-11-19 01:27:29 | FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug (lien direct) | The U.S. Federal Bureau of Investigation (FBI) has disclosed that an unidentified threat actor has been exploiting a previously unknown weakness in the FatPipe MPVPN networking devices at least since May 2021 to obtain an initial foothold and maintain persistent access into vulnerable networks, making it the latest company to join the likes of Cisco, Fortinet, Citrix, Pulse Secure that have had | Threat | ||
|
2021-11-19 00:53:26 | A Simple 5-Step Framework to Minimize the Risk of a Data Breach (lien direct) | Today's businesses run on data. They collect it from customers at every interaction, and they use it to improve efficiency, increase their agility, and provide higher levels of service. But it's becoming painfully obvious that all of that data businesses collect has also made them an enticing target for cybercriminals. With each passing day, the evidence of that grows. In the last few months, | Data Breach | ||
|
2021-11-18 22:50:24 | Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims (lien direct) | The clearnet and dark web payment portals operated by the Conti ransomware group have gone down in what appears to be an attempt to shift to new infrastructure after details about the gang's inner workings and its members were made public. According to MalwareHunterTeam, "while both the clearweb and Tor domains of the leak site of the Conti ransomware gang is online and working, both their | Ransomware | ||
|
2021-11-18 21:38:10 | New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks (lien direct) | Researchers have demonstrated yet another variant of the SAD DNS cache poisoning attack that leaves about 38% of the domain name resolvers vulnerable, enabling attackers to redirect traffic originally destined to legitimate websites to a server under their control. "The attack allows an off-path attacker to inject a malicious DNS record into a DNS cache," University of California researchers | |||
|
2021-11-18 04:59:17 | Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models (lien direct) | Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Tracked as CVE-2021-34991 (CVSS score: 8.8), the pre-authentication buffer overflow flaw in small office and home office (SOHO) routers can lead | Vulnerability Guideline | ||
|
2021-11-18 04:43:56 | How to Build a Security Awareness Training Program that Yields Measurable Results (lien direct) | Organizations have been worrying about cyber security since the advent of the technological age. Today, digital transformation coupled with the rise of remote work has made the need for security awareness all the more critical. Cyber security professionals are continuously thinking about how to prevent cyber security breaches from happening, with employees and contractors often proving to be the | |||
|
2021-11-17 23:59:00 | Microsoft Warns about 6 Iranian Hacking Groups Turning to Ransomware (lien direct) | Nation-state operators with nexus to Iran are increasingly turning to ransomware as a means of generating revenue and intentionally sabotaging their targets, while also engaging in patient and persistent social engineering campaigns and aggressive brute force attacks. No less than six threat actors affiliated with the West Asian country have been discovered deploying ransomware to achieve their | Ransomware Threat | ||
|
2021-11-17 07:44:03 | U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws (lien direct) | Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple | Threat | ||
|
2021-11-17 07:13:06 | Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities (lien direct) | A malicious campaign has been found leveraging a technique called domain fronting to hide command-and-control traffic by leveraging a legitimate domain owned by the Myanmar government to route communications to an attacker-controlled server with the goal of evading detection. The threat, which was observed in September 2021, deployed Cobalt Strike payloads as a stepping stone for launching | |||
|
2021-11-17 03:10:39 | Israel\'s Candiru Spyware Found Linked to Watering Hole Attacks in U.K and Middle East (lien direct) | Israeli spyware vendor Candiru, which was added to an economic blocklist by the U.S. government this month, is said to have reportedly waged "watering hole" attacks against high-profile entities in the U.K. and the Middle East, new findings reveal. "The victimized websites belong to media outlets in the U.K., Yemen, and Saudi Arabia, as well as to Hezbollah; to government institutions in Iran ( | |||
|
2021-11-17 02:48:50 | On-Demand Webinar: Into the Cryptoverse (lien direct) | In the span of a few years, cryptocurrencies have gone from laughingstock and novelty to a serious financial instrument, and a major sector in high-tech. The price of Bitcoin and Ethereum has gone from single dollars to thousands, and they're increasingly in the mainstream. This is undoubtedly a positive development, as it opens new avenues for finance, transactions, tech developments, and more | |||
|
2021-11-16 22:40:27 | Facebook Bans Pakistani and Syrian Hacker Groups for Abusing its Platform (lien direct) | Meta, the company formerly known as Facebook, announced Tuesday that it took action against four separate malicious cyber groups from Pakistan and Syria who were found targeting people in Afghanistan, as well as journalists, humanitarian organizations, and anti-regime military forces in the West Asian country. The Pakistani threat actor, dubbed SideCopy, is said to have used the platform to | Threat | ||
|
2021-11-16 08:48:41 | New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses (lien direct) | Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM (dynamic random-access memory) chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices. The new technique - dubbed "Blacksmith" (CVE-2021-42114, CVSS score: 9.0) - is designed to trigger bit flips on target refresh rate-enabled DRAM | |||
|
2021-11-16 04:41:42 | Researchers Demonstrate New Way to Detect MITM Phishing Kits in the Wild (lien direct) | No fewer than 1,220 Man-in-the-Middle (MitM) phishing websites have been discovered as targeting popular online services like Instagram, Google, PayPal, Apple, Twitter, and LinkedIn with the goal of hijacking users' credentials and carrying out further follow-on attacks. The findings come from a new study undertaken by a group of researchers from Stony Brook University and Palo Alto Networks, | |||
|
2021-11-16 01:22:15 | Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware (lien direct) | The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021. According to a new report from security researcher Luca Ebach, the infamous TrickBot malware is being used as an entry point to distribute what appears to be a new version of Emotet on systems previously | Malware | ||
|
2021-11-15 22:52:38 | New \'Moses Staff\' Hacker Group Targets Israeli Companies With Destructive Attacks (lien direct) | A new politically-motivated hacker group named "Moses Staff" has been linked to a wave of targeted attacks targeting Israeli organizations since September 2021 with the goal of plundering and leaking sensitive information prior to encrypting their networks, with no option to regain access or negotiate a ransom. "The group openly states that their motivation in attacking Israeli companies is to | |||
|
2021-11-15 21:38:51 | SharkBot - A New Android Trojan Stealing Banking and Cryptocurrency Accounts (lien direct) | Cybersecurity researchers on Monday took the wraps off a new Android trojan that takes advantage of accessibility features on the devices to siphon credentials from banking and cryptocurrency services in Italy, the U.K., and the U.S. Dubbed "SharkBot" by Cleafy, the malware is designed to strike a total of 27 targets - counting 22 unnamed international banks in Italy and the U.K. as well as five | Malware | ||
|
2021-11-15 07:30:01 | Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic (lien direct) | A new analysis of website fingerprinting (WF) attacks aimed at the Tor web browser has revealed that it's possible for an adversary to glean a website frequented by a victim, but only in scenarios where the threat actor is interested in a specific subset of the websites visited by users. "While attacks can exceed 95% accuracy when monitoring a small set of five popular websites, indiscriminate ( | Threat | ||
|
2021-11-15 02:21:24 | (Déjà vu) North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro (lien direct) | Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA Pro reverse engineering software. The findings were reported by ESET security researcher Anton Cherepanov last week in a series of tweets. IDA Pro is an Interactive Disassembler that's | APT 38 | ||
|
2021-11-15 01:53:34 | How to Tackle SaaS Security Misconfigurations (lien direct) | Whether it's Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring these apps' security settings are properly configured falls on the security team. The challenge lies within how burdensome this responsibility is - each app has tens or hundreds of security settings to configure, in | |||
|
2021-11-14 21:28:16 | FBI\'s Email System Hacked to Send Out Fake Cyber Security Alert to Thousands (lien direct) | The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "sophisticated chain attack." The incident, which was first publicly disclosed by threat intelligence non-profit SpamHaus, involved sending rogue warning emails with the subject line "Urgent: Threat actor in systems" | Threat | ||
|
2021-11-12 07:32:30 | Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks (lien direct) | Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads. Microsoft 365 Defender Threat Intelligence Team, in a new report published Thursday, disclosed that it identified infiltrations distributing the | Ransomware Malware Threat | ★★★ |
To see everything:
Our RSS (filtrered)
