What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-18 04:32:20 | Microsoft Warns of \'Ice Phishing\' Threat on Web3 and Decentralized Networks (lien direct) | Microsoft has warned of emerging threats in the Web3 landscape, including "ice phishing" campaigns, as a surge in adoption of blockchain and DeFi technologies emphasizes the need to build security into the decentralized web while it's still in its early stages. The company's Microsoft 365 Defender Research Team called out various new avenues through which malicious actors may attempt to trick | Threat | ||
|
2022-02-18 03:57:05 | PseudoManuscrypt Malware Spreading the Same Way as CryptBot Targets Koreans (lien direct) | Numerous Windows machines located in South Korea have been targeted by a botnet tracked as PseudoManuscrypt since at least May 2021 by employing the same delivery tactics of another malware called CryptBot. "PseudoManuscrypt is disguised as an installer that is similar to a form of CryptBot, and is being distributed," South Korean cybersecurity company AhnLab Security Emergency Response Center ( | Malware | ||
|
2022-02-18 00:37:46 | New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager (lien direct) | Multiple security vulnerabilities have been disclosed in Canonical's Snap software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges. Snaps are self-contained application packages that are designed to work on operating systems that use the Linux kernel and can be installed using a tool called snapd. Tracked | Tool | ||
|
2022-02-17 23:40:44 | Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware (lien direct) | A "potentially destructive actor" aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group "TunnelVision" owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus | Ransomware Conference | APT 35 | |
|
2022-02-17 22:15:27 | 4 Cloud Data Security Best Practices All Businesses Should Follow Today (lien direct) | These days, businesses all around the world have come to depend on cloud platforms for a variety of mission-critical workflows. They keep their CRM data in the cloud. They process their payrolls in the cloud. They even manage their HR processes through the cloud. And all of that means they're trusting the bulk of their privileged business data to those cloud providers, too. And while most major | |||
|
2022-02-17 21:19:03 | Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails (lien direct) | Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance (ESA) that could result in a denial-of-service (DoS) condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 (CVSS score: 7.5), stems from a case of insufficient error handling in DNS name resolution that could | |||
|
2022-02-17 19:38:08 | Another Critical RCE Discovered in Adobe Commerce and Magento Platforms (lien direct) | Adobe on Thursday updated its advisory for an actively exploited zero-day affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. Tracked as CVE-2022-24087, the issue – like CVE-2022-24086 – is rated 9.8 on the CVSS vulnerability scoring system and relates to an "Improper Input Validation" bug | Vulnerability | ||
|
2022-02-17 05:36:12 | Getting Your SOC 2 Compliance as a SaaS Company (lien direct) | If you haven't heard of the term, you will soon enough. SOC 2, meaning System and Organization Controls 2, is an auditing procedure developed by the American Institute of CPAs (AICPA). Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. In other words, you have to show (e.g., document | |||
|
2022-02-17 05:21:53 | Google Bringing Privacy Sandbox to Android to Limit Sharing of User Data (lien direct) | Google on Wednesday announced plans to bring its Privacy Sandbox initiatives to Android in a bid to expand its privacy-focused, but also less disruptive, advertising technology beyond the desktop web. To that end, the internet giant said it will work towards building solutions that prevent cross-app tracking à la Apple's App Tracking Transparency (ATT) framework, effectively limiting sharing of | |||
|
2022-02-17 01:22:21 | This New Tool Can Retrieve Pixelated Text from Redacted Documents (lien direct) | The practice of blurring out text using a method called pixelation may not be as secure as previously thought. While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original form. Dan Petro, a lead researcher at offensive | Tool Guideline | ||
|
2022-02-17 00:16:51 | Researchers Warn of a New Golang-based Botnet Under Continuous Development (lien direct) | Cybersecurity researchers have unpacked a new Golang-based botnet called Kraken that's under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. "Kraken already features the ability to download and execute secondary payloads, run shell commands, and take screenshots of the victim's system," threat intelligence firm | Threat | ||
|
2022-02-16 23:33:17 | Moses Staff Hackers Targeting Israeli Organizations for Cyber Espionage (lien direct) | The politically motivated Moses Staff hacker group has been observed using a custom multi-component toolset with the goal of carrying out espionage against its targets as part of a new campaign that exclusively singles out Israeli organizations. First publicly documented in late 2021, Moses Staff is believed to be sponsored by the Iranian government, with attacks reported against entities in | |||
|
2022-02-16 21:42:59 | U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors (lien direct) | State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors (CDCs) to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustained espionage campaign is said to have commenced at least two years ago from January 2020, according | |||
|
2022-02-16 07:46:53 | [Webinar] When More Is Not Better: Solving Alert Overload (lien direct) | The increasing volume and sophistication of cyberattacks have naturally led many companies to invest in additional cybersecurity technologies. We know that expanded threat detection capabilities are necessary for protection, but they have also led to several unintended consequences. The “more is not always better” adage fits this situation perfectly. An upcoming webinar by cybersecurity company | Threat | ||
|
2022-02-16 06:03:58 | Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020 (lien direct) | The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. "TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand," Check Point researchers Aliaksandr | Malware | ||
|
2022-02-16 03:25:59 | VMware Issues Security Patches for High-Severity Flaws Affecting Multiple Products (lien direct) | VMware on Tuesday patched several high-severity vulnerabilities impacting ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere that could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition. As of writing, there's no evidence that any of the weaknesses are exploited in the wild. The list of six flaws is as follows – | |||
|
2022-02-16 00:55:01 | EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware (lien direct) | The European Union's data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology's "unprecedented level of intrusiveness" that could endanger users' right to privacy. "Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very | |||
|
2022-02-15 21:25:21 | High-Severity RCE Security Bug Reported in Apache Cassandra Database Software (lien direct) | Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain remote code execution on affected installations. "This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra," Omer Kaspi, | Vulnerability | ||
|
2022-02-15 20:32:12 | Facebook Agrees to Pay $90 Million to Settle Decade-Old Privacy Violation Case (lien direct) | Meta Platforms has agreed to pay $90 million to settle a lawsuit over the company's use of cookies to allegedly track Facebook users' internet activity even after they had logged off from the platform. In addition, the social media company will be required to delete all of the data it illegally collected from those users. The development was first reported by Variety. The | |||
|
2022-02-15 06:06:28 | Researchers Link ShadowPad Malware Attacks to Chinese Ministry and PLA (lien direct) | Cybersecurity researchers have detailed the inner workings of ShadowPad, a sophisticated and modular backdoor that has been adopted by a growing number of Chinese threat groups in recent years, while also linking it to the country's civilian and military intelligence agencies. "ShadowPad is decrypted in memory using a custom decryption algorithm," researchers from Secureworks said in a report | Malware Threat | ★★★★ | |
|
2022-02-15 05:16:42 | SafeDNS: Cloud-based Internet Security and Web Filtering Solution for MSPs (lien direct) | Remote workplace trend is getting the upper hand in 2022. A recent survey by IWG (the International Workplace Group) determined that 70% of the world's professionals work remotely at least one day a week, with 53% based outside their workplace at least half of the week. Taking this into consideration, organizations have started looking for reliable partners that can deliver services and support | |||
|
2022-02-15 02:12:14 | Experts Warn of Hacking Group Targeting Aviation and Defense Sectors (lien direct) | Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, has led enterprise security firm | Malware Threat | ||
|
2022-02-15 00:52:33 | New MyloBot Malware Variant Sends Sextortion Emails Demanding $2,732 in Bitcoin (lien direct) | A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and propagation techniques to rope infected machines into a botnet, not to mention remove traces of other | Malware | ||
|
2022-02-14 21:06:51 | New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP! (lien direct) | Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is described as a use-after-free vulnerability in the Animation component that, if successfully exploited, | Vulnerability | ||
|
2022-02-14 01:44:47 | Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts (lien direct) | Spain's National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing | |||
|
2022-02-14 00:12:46 | Critical Security Flaws Reported in Moxa MXview Network Management Software (lien direct) | Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa's MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses "could allow a remote, unauthenticated attacker to execute code on the hosting machine with the highest | |||
|
2022-02-13 19:26:30 | Critical Magento 0-Day Vulnerability Under Active Exploitation - Patch Released (lien direct) | Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring system and has been characterized as an "improper input validation" issue that could be weaponized to | Vulnerability | ||
|
2022-02-11 03:49:44 | Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers (lien direct) | A previously unknown hacking group has been linked to targeted attacks against human rights activists, human rights defenders, academics, and lawyers across India in an attempt to plant "incriminating digital evidence." Cybersecurity firm SentinelOne attributed the intrusions to a group it tracks as "ModifiedElephant," an elusive threat actor that's been operational since at least 2012, whose | Threat | ||
|
2022-02-10 23:39:05 | France Rules That Using Google Analytics Violates GDPR Data Protection Law (lien direct) | French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union's General Data Protection Regulation (GDPR) laws in the country, almost a month after a similar decision was reached in Austria. To that end, the National Commission on Informatics and Liberty (CNIL) ruled that the transatlantic movement of Google Analytics data to the U.S. is not " | |||
|
2022-02-10 19:30:50 | Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw (lien direct) | Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and | Vulnerability | ||
|
2022-02-10 06:03:07 | FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors (lien direct) | A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts. Dubbed FritzFrog, "the decentralized botnet targets any device that exposes an SSH server - cloud instances, data center servers, routers, etc. - and is capable of running | |||
|
2022-02-10 05:33:56 | COVID Does Not Spread to Computers (lien direct) | "…well, of course!" is what you might think. It's a biological threat, so how could it affect digital assets? But hang on. Among other effects, this pandemic has brought about a massive shift in several technological areas. Not only did it force numerous organizations - that up to now were reluctant - to gear up in cyber to go digital, all at once, oftentimes with hastily pieced together | |||
|
2022-02-10 02:22:27 | CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks (lien direct) | Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, healthcare, financial | Ransomware | ||
|
2022-02-09 23:22:43 | Russia Cracks Down on 4 Dark Web Marketplaces for Stolen Credit Cards (lien direct) | A special law enforcement operation undertaken by Russia has led to the seizure and shutdown of four online bazaars that specialized in the theft and sales of stolen credit cards, as the government continues to take active measures against harboring cybercriminals on its territory. To that end, the domains operated by the card fraud forms and marketplaces, Ferum Shop, Sky-Fraud, Trump's Dumps, | |||
|
2022-02-09 22:34:58 | Critical RCE Flaws in \'PHP Everywhere\' Plugin Affect Thousands of WordPress Sites (lien direct) | Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that's used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems. PHP Everywhere is used to flip the switch on PHP code across WordPress installations, enabling users to insert and execute PHP-based code in the content management | |||
|
2022-02-09 05:53:03 | U.S. Arrests Two and Seizes $3.6 Million in Cryptocurrency Stolen in 2016 Bitfinex Hack (lien direct) | The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of cryptocurrency | Hack | ||
|
2022-02-09 05:33:56 | Guide: Alert Overload and Handling for Lean IT Security Teams (lien direct) | Alarming research reveals the stress and strains the average cybersecurity team experiences on a daily basis. As many as 70% of teams report feeling emotionally overwhelmed by security alerts. Those alerts come at such high volume, high velocity, and high intensity that they become an extreme source of stress. So extreme, in fact, that people's home lives are negatively affected. Alert overload | |||
|
2022-02-09 03:25:23 | Iranian Hackers Using New Marlin Backdoor in \'Out to Sea\' Espionage Campaign (lien direct) | An advanced persistent threat (APT) group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks - code named Out to Sea - to a threat actor called OilRig (aka APT34), while also conclusively connecting its activities to a second | Malware Threat | APT 34 | |
|
2022-02-09 02:46:33 | Russian APT Hackers Used COVID-19 Lures to Target European Diplomats (lien direct) | The Russia-linked threat actor known as APT29 targeted European diplomatic missions and Ministries of Foreign Affairs as part of a series of spear-phishing campaigns mounted in October and November 2021. According to ESET's T3 2021 Threat Report shared with The Hacker News, the intrusions paved the way for the deployment of Cobalt Strike Beacon on compromised systems, followed by leveraging the | Threat | APT 29 | |
|
2022-02-08 22:40:43 | Microsoft and Other Major Software Firms Release February 2022 Patch Updates (lien direct) | Microsoft on Tuesday rolled out its monthly security updates with fixes for 51 vulnerabilities across its software line-up consisting of Windows, Office, Teams, Azure Data Explorer, Visual Studio Code, and other components such as Kernel and Win32k. Among the 51 defects closed, 50 are rated Important and one is rated Moderate in severity, making it one of the rare Patch Tuesday updates without | |||
|
2022-02-08 06:30:47 | Palestinian Hackers Use New NimbleMamba Implant in Recent Attacks (lien direct) | An advanced persistent threat (APT) hacking group operating with motives that likely align with Palestine has embarked on a new campaign that leverages a previously undocumented implant called NimbleMamba. The intrusions leveraged a sophisticated attack chain targeting Middle Eastern governments, foreign policy think tanks, and a state-affiliated airline, enterprise security firm Proofpoint said | Threat | ||
|
2022-02-08 04:42:17 | Several Malware Families Using Pay-Per-Install Service to Expand Their Targets (lien direct) | A detailed examination of a Pay-per-install (PPI) malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021. Loaders are malicious programs used for loading additional executables onto the infected machine. With PPI malware services such as PrivateLoader, | Malware | ||
|
2022-02-08 04:16:19 | \'Roaming Mantis\' Android Malware Targeting Europeans via Smishing Campaigns (lien direct) | A financially motivated campaign that targets Android devices and spreads mobile malware via SMS phishing techniques since at least 2018 has spread its tentacles to strike victims located in France and Germany for the first time. Dubbed Roaming Mantis, the latest spate of activities observed in 2021 involve sending fake shipping-related texts containing a URL to a landing page from where Android | Malware | ||
|
2022-02-08 00:22:37 | Medusa Android Banking Trojan Spreading Through Flubot\'s Attacks Network (lien direct) | Two different Android banking Trojans, FluBot and Medusa, are relying on the same delivery vehicle as part of a simultaneous attack campaign, according to new research published by ThreatFabric. The ongoing side-by-side infections, facilitated through the same smishing (SMS phishing) infrastructure, involved the overlapping usage of "app names, package names, and similar icons," the Dutch mobile | |||
|
2022-02-07 23:45:20 | How Attack Surface Management Preempts Cyberattacks (lien direct) | The wide-ranging adoption of cloud facilities and the subsequent mushrooming of organizations' networks, combined with the recent migration to remote work, had the direct consequence of a massive expansion of organizations' attack surface and led to a growing number of blind spots in connected architectures. The unforeseen results of this expanded and attack surface with fragmented monitoring | |||
|
2022-02-07 20:38:37 | Microsoft Disables Internet Macros in Office Apps by Default to Block Malware Attacks (lien direct) | Microsoft on Monday said it's taking steps to disable Visual Basic for Applications (VBA) macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. "Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, | Malware | ||
|
2022-02-07 19:37:09 | Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse (lien direct) | Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation technologies, is a universal Windows | Malware Vulnerability Threat | ||
|
2022-02-07 05:34:15 | New CapraRAT Android Malware Targets Indian Government and Military Personnel (lien direct) | A politically motivated advanced persistent threat (APT) group has expanded its malware arsenal to include a new remote access trojan (RAT) in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high "degree of crossover" with another Windows malware known as CrimsonRAT that's associated with Earth | Malware Threat | ||
|
2022-02-07 01:46:01 | Hackers Backdoored Systems at China\'s National Games Just Before Competition (lien direct) | Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve | |||
|
2022-02-07 01:20:20 | IoT/connected Device Discovery and Security Auditing in Corporate Networks (lien direct) | Today's enterprise networks are complex environments with different types of wired and wireless devices being connected and disconnected. The current device discovery solutions have been mainly focused on identifying and monitoring servers, workstation PCs, laptops and infrastructure devices such as network firewalls, switches and routers, because the most valuable information assets of |
To see everything:
Our RSS (filtrered)
