What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-16 12:49:30 | MailGuard Discovers New Phishing Campaign Targeting Telstra Customers (lien direct) | Another day, another phishing campaign. MailGuard, the email spam and virus filter, has identified a new fraudulent email campaign that has been targeting inboxes across Australia. The scam email is designed to look like a notification from Telstra, with the subject: “$500 Citibank prepaid gift card reward.” Once opened, the message displays the telecommunications giant's […] | Spam | ||
|
2019-10-16 09:05:53 | Cybergang lures iPhone jailbreakers to fraud site (lien direct) | A cybergang has created a malicious website that dangles the reward of being able to jailbreak an iPhone, but instead injects the device with click fraud malware. The threat actors use the legitimate Checkm8 vulnerability, which does allow some legacy iOS devices to be jailbroken, as the basis for their program, reported Cisco Talos researchers Warren Mercer and Paul […] | Threat | ||
|
2019-10-16 09:05:36 | Mac malware spread by fake company pushing cryptocurrency app (lien direct) | It appears North Korean hackers have revisited a tried-and-true scheme to attack Mac owners who work at cryptocurrency exchanges: creating a fake company and corresponding cryptocurrency trading app that actually infects users with malware. Researcher Patrick Wardle, creator of OS X security firm Objective-See, reported in a blog post late last week that malicious actors set up a […] | Malware | ||
|
2019-10-16 09:05:21 | Hack of fraud bazaar leaks data of 26 million stolen card details (lien direct) | A thriving online bazaar selling stolen payment card data has been hacked in a heist that leaked the records for more than 26 million cards, KrebsOnSecurity reported on Tuesday. The 26 million figure isn’t significant only to the legitimate consumers and businesses who own the stolen cards or the financial institutions that issued them. Fortunately for the […] | Hack | ||
|
2019-10-16 09:05:04 | iOS iPhone users warned of new hack (lien direct) | Users of older versions of Apple's iPhone are being warned against jailbreaking their device after Cisco Talos security researchers discovered a new targeted click fraud campaign. Capitalising on the recently disclosed “checkra1n”, the malicious campaign leverages a fake website that claims to give iPhone users the ability to jailbreak their phones. Instead, the fake website, checkrain[.]com, prompts […] | Hack | ||
|
2019-10-16 09:04:49 | (Déjà vu) 26 million stolen cards rescued from “BriansClub” hack (lien direct) | “BriansClub,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 […] | Hack | ||
|
2019-10-15 11:17:13 | By the time you\'ve been compromised, it\'s already too late (lien direct) | Analysing the IoC and IoA incident response techniques in cybersecurity By Zeki Turedi, Technology Strategist, EMEA at CrowdStrike Organisations attempting to protect their data currently face an unprecedented threat level. The World Economic Forum's Global Risks Report 2019 ranked data theft and cyber attack as two of the top five global risks in terms of likelihood. Even […] | Threat | ||
|
2019-10-15 11:03:22 | Technical challenge or business enabler? Seizing the opportunity of PCI DSS compliance (lien direct) | By Arnaud Crouzet, VP Security & Consulting at FIME As data breaches continue to rise globally, protecting the integrity of customer data (especially in the payments world) is vital. One essential security standard helping keep such data secure is PCI DSS – an information security standard for organizations that handle cardholder data. But aligning with the standard […] | |||
|
2019-10-15 10:52:33 | IoT under fire: Kaspersky detects more than 100 million attacks on smart devices in H1 2019 (lien direct) | Kaspersky honeypots – networks of virtual copies of various internet connected devices and applications – have detected 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of the year. This figure is seven times more than the number found in H1 2018, when only around 12 million […] | |||
|
2019-10-15 10:43:42 | (Déjà vu) Winnti Group uses new PortReuse malware on Asian Manufacturers (lien direct) | Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The hacking group’s ShadowPad malware also received some updates, with random module IDs and some extra obfuscation being the most noteworthy additions according to ESET researchers who monitored the hackers’ attacks […] | Malware | ||
|
2019-10-15 10:41:19 | (Déjà vu) Samsung Galaxy S10 fingerprint reader beaten by silicon case (lien direct) | A couple in the UK experienced a weird bug on their Samsung Galaxy S10 that allows bypassing the fingerprint reader to unlock the phone regardless of the biometric data registered in the device. Endeavors in the past tricked biometric protection in phones from multiple brands. Hackers were able to recreate a fingerprint from high-resolution photos […] | |||
|
2019-10-15 10:33:17 | (Déjà vu) Fake accounts locking Facebook users out of their accounts (lien direct) | Numerous people are reporting that they have been locked out of Facebook after reporting fake user profiles to the social site. Some users claim that this has been happening for over a week. According to claims by many users under the Twitter #FacebookLockout hashtag, when people report a fake account to Facebook, about 30 minutes later they […] | |||
|
2019-10-15 10:32:53 | Pitney Bowes system taken down by malware (lien direct) | Pitney Bowes reported today that it was hit with malware that has made some files inaccessible, but stopped short of calling it a ransomware attack. Pitney Bowes said the attack has encrypted some corporate information and disrupted customer access to certain services, but at this time the company does not believe any customer or employee […] | Ransomware Malware | ||
|
2019-10-15 10:32:30 | Apple browsing history shared with Chinese company (lien direct) | The company acknowledged it's using 'safe browsing' technology from Tencent, which has ties to the Chinese government. Apple is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. The data shared is tied to the Safari Safe Browsing technology. Revelations of the relationship have drawn criticism from […] | |||
|
2019-10-14 13:14:10 | Connected home devices still of concern to consumers (lien direct) | In order to understand what people are doing to protect themselves from the risk of compromised smart home devices, such as internet-connected TVs, smart thermostats, home assistants and more, ESET polled 4,000 consumers. Key findings include: Over a third of all respondents indicated they are concerned about unauthorized access of their home networks via connected home devices (smart TVs, smart […] | |||
|
2019-10-14 13:13:29 | Personal data from South African home loan applicants exposed via security flaw (lien direct) | Security vulnerabilities in systems used by several South African banks exposed the personal data of people who applied for home loans. Information about the flaw came from a source who spoke to MyBroadband on condition that they remain anonymous. The existence of the flaws were confirmed by E4 Strategic, the company which develops and maintains […] | |||
|
2019-10-14 13:12:47 | Cybersecurity and 5G (lien direct) | The rollout of fifth-generation mobile networks - which offer the potential for downloads speeds of up to 10 times faster than today's - will change how we communicate, work and stream video. However, the faster speeds are also likely to present an opportunity for hackers to target more devices and launch bigger cyber attacks, experts […] | |||
|
2019-10-14 13:12:19 | Conversations increase on cybersecurity between NATO and Japan (lien direct) | NATO and Japan held cyber defence staff talks this week to assess current cyber threats and policy developments. “Cyber threats are becoming more complex, destructive, and coercive. Their enduring and evolving nature demands that we continue to adapt and respond appropriately. To adapt to this quickly changing environment, NATO must leverage our unique network of […] | |||
|
2019-10-14 13:11:37 | Most enterprise email domains are vulnerable (lien direct) | The standards for Internet email have never evolved to include robust sender identity validation. As cyber-attack become more sophisticated, this places enterprises at an increased risk, according to a new report from Valimail. The new report is titled “Email Fraud Landscape: BEC explodes as attackers exploit email's identity crisis”, and the Valimail analysis surveys the current vulnerabilities […] | |||
|
2019-10-11 09:37:18 | 15 New Ransomware Victims Hit Since the Start of October! (lien direct) | Since October 1, Armor, a global cloud security solutions provider, has identified 15 new organizations which have been hit by ransomware in the U.S. including 5 healthcare networks and/or organizations, 2 municipalities (one of which has suffered 3 ransomware attacks this year), 3 school districts, a police department, the North Carolina State Bar, 2 Florida employment […] | Ransomware | ||
|
2019-10-11 09:23:01 | Ransomware attacks targeting flaw in iTunes for Windows (lien direct) | Ransomware attackers have been abusing a vulnerability in the Windows version of Apple iTunes to avoid detection from antivirus software, according to security researchers. The problem deals with the Apple-created Bonjour updater that comes with iTunes for Windows, which is used to deliver software updates to the app. Security firm Morphisec has discovered it also suffers from […] | Ransomware Vulnerability | ||
|
2019-10-11 09:22:44 | Increase in Phishing scams since the iPhone 11 Pro was launched (lien direct) | Scammers are targeting Australians desperate to get their hands on Apple's latest premium smartphones, using the promise of an iPhone 11 Pro to lure in unsuspecting victims. The Australian Communications and Media Authority (ACMA) has warned people to be on the lookout for the scam, which uses fake emails to “phish” for information that could […] | |||
|
2019-10-11 09:22:11 | WhatsApp used by Diplomats to discuss Ukraine Policy (lien direct) | Nearly a decade after Hillary Clinton began using personal devices and a private email server while Secretary of State – a practice that sparked a heated debate and congressional investigations during the 2016 presidential election cycle – an early impeachment probe into President Trump revealed that diplomats in the administration used WhatsApp and their personal […] | |||
|
2019-10-11 09:21:49 | (Déjà vu) Diplomats are being targeted by a new malware software (lien direct) | A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. The espionage malware strain dubbed Attor by the researchers comes with some unusual capabilities including the use of encrypted modules, Tor-based communications, and a plugin […] | Malware | ||
|
2019-10-11 09:20:41 | (Déjà vu) Information stolen and sold from prostitution forums (lien direct) | Popular prostitution and escort forums in the Netherlands and Italy have suffered data breaches that exposed the usernames, email addresses, and hashed passwords for their registered members. With prostitution and escort services being legal in the Netherlands and Italy, forums have been created that allows users to review services or interact directly with sex workers. […] | |||
|
2019-10-10 16:22:33 | One Identity Report Highlights “Pass the Hash” Attack Prevalence, Impact and Uncertainty (lien direct) | One Identity, the identity-centered security specialist, has released new global research, conducted by Dimensional Research, revealing the significant prevalence and impact of cyberattacks that use stolen hashed administrator credentials, also referred to as Pass the Hash (PtH) attacks. Among the survey's most noteworthy findings is that 95% of respondents say that PtH attacks have a […] | |||
|
2019-10-10 10:43:53 | Global 1000 Enterprises are Set to Benefit Significantly from Industry-Defining Cybersecurity Collaboration (lien direct) | Market-leading technology solution provider, World Wide Technology and Cybereason, the creators of leading Cyber Defence Platform, have recently announced a promising partnership. This collaboration will allow the customers of both companies to bring autonomy to their cybersecurity settings by combining multiple data sources, businesses context, machine learning and big data analytics to better protect their […] | Guideline | ||
|
2019-10-10 10:13:22 | Volusion data breach impacts 6,500 sites including the Sesame Street store (lien direct) | Hackers have breached the infrastructure of Volusion, a leading e-commerce solution for small businesses, allowing them to collect customer card details from between 6,500-20,000 sites. The attack occurred via the implementation of a modified JavaScript file that included malicious code that logs card details entered in online forms code. Here’s what cybersecurity experts had to say. Saryu […] | Data Breach Guideline | ||
|
2019-10-10 09:23:22 | The current threat landscape: How to prepare and protect your organisation (lien direct) | By Karl Lankford,Director of Solutions Engineering, BeyondTrust The world is an uncertain place, particularly for cybersecurity professionals – many of whom have learned the hard way that they can't rest on their laurels. While new technologies and methods of attack are always emerging, threats are constantly attacking organisations from both outside and in. In an […] | Threat | ||
|
2019-10-10 08:57:45 | (Déjà vu) Singapore citizen charged for Amazon AWS Cryptomining Fraud (lien direct) | 29-year old Singapore citizen Ho Jun Jia aka Matthew Ho was charged today under a 14-count indictment for allegedly mining cryptocurrency using stolen Amazon AWS and Google Cloud computing power and services. The defendant who was taken into custody by the Singapore Police Force on September 26, used the credit card and identity information stolen from California and […] | ★★★★★ | ||
|
2019-10-10 08:57:17 | 1 Million New Zealanders Health Data Exposed (lien direct) | The medical and personal information of about 1 million people was exposed after a breach of Tū Ora Compass Health, a primary health organization (PHO) located in New Zealand. The non-governmental organization (NGO) discovered four intrusions – by what Ministry of Health Director-General of Health Ashley Bloomfield said were two hacktivists and two “more sophisticated […] | |||
|
2019-10-10 08:56:56 | (Déjà vu) Personal Medical Information Of 60,000 Patients Exposed in Phishing Incident (lien direct) | Community-based healthcare system Methodist Hospitals from Gary, Indiana, disclosed that sensitive personal and medical information for 68,039 individuals may have been exposed following a successful phishing attack against two of its employees. Methodist provides surgical and medical hospital services, it employs 2,576 individuals, and it reported a total number of 195,055 patient encounters during 2018 according to last year’s annual […] | |||
|
2019-10-10 08:56:32 | Twitter Spills MFA Phone Numbers to Advertisers (lien direct) | Email addresses and phone numbers provided to secure user accounts were accidentally shared with marketers. Twitter account holders who provided an email address or phone number to enable multifactor authentication may have had their data used for advertising purposes, Twitter reports. Source: Dark Reading 60 SHARES Share On Facebook Tweet Follow us Share Share Share […] | |||
|
2019-10-10 08:55:55 | Sesame Street Online Store Targeted by Credit-Card Stealing Hack (lien direct) | The official Sesame Street online store, along with thousands of other retailers, has been targeted by a credit card-stealing hack. Card details were collected by a piece of malicious software, dubbed JavaScript Cookie. The code was found in shopping cart software built by Volusion, which has 20,000 small business customers. The issue was spotted by […] | Hack | ||
|
2019-10-09 12:36:04 | Organisations worldwide failing to adequately protect sensitive data in the cloud (lien direct) | A new global study from Thales, with research from the Ponemon Institute, has exposed an increasing disparity between the rapid growth of data stored in the cloud and an organisation’s approach to cloud security. Although nearly half (48%) of corporate data is stored in the cloud, only a third (32%) of organisations admit they employ a security-first approach […] | |||
|
2019-10-09 12:32:08 | New LastPass research finds password habits remain key obstacle to business\' security (lien direct) | LastPass by LogMeIn today released the results of their 3rd Annual Global Password Security Report, a study that offers insights into employee password behaviors as well as emerging trends around identity and access management at businesses worldwide. Among the key findings from this year’s report is that while more businesses are investing in security measures like multifactor authentication […] | LastPass | ||
|
2019-10-09 10:11:47 | Should Schools Teach Cybersecurity? (lien direct) | By Jonny Mackley, Copywriter For some schoolchildren today, technology has been in and around their lives for as long as they can remember. Approximately 9 out of 10 households have access to the internet, and many own their own smartphones. It is therefore imperative that they are equipped with the necessary knowledge to keep them […] | |||
|
2019-10-09 09:16:31 | Iranian Cyberattack on US Presidential Campaign may be a sign of what\'s to come (lien direct) | Political parties and election systems will be heavily targeted in the months leading up to the 2020 general elections, some security experts say. A recently detected Iranian cyberattack targeting a US presidential campaign may well be a harbinger of what’s in store for political parties and election systems in the run-up to next year’s general […] | Guideline | ||
|
2019-10-09 09:16:14 | 10,000 customers credit card information stolen in data breach (lien direct) | Hackers may have absconded with tens of thousands of online shoppers’ credit card information in an attack on cloud infrastructure company, Volusion. According to ZDNet, multiple cyber security firms have confirmed the hack on Volusion, a software company that claims to provide infrastructure for more than 30,000 merchants. Among the affected parties are the Sesame Street […] | Data Breach Hack | ||
|
2019-10-09 09:15:58 | (Déjà vu) 269% increase in attacks to Business Emails (lien direct) | A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes. Business email compromise (BEC) ramped up 269% from last quarter to this quarter, according to Mimecast’s latest Email Security Risk Assessment (ESRA). This quarter showed a massive spike in emails containing dangerous file types, malware attachments, […] | Spam Malware | ||
|
2019-10-09 09:15:43 | (Déjà vu) Apology sent out from Twitter for using customers phone numbers for advertising (lien direct) | Twitter says that some of its users’ phone numbers and email addresses provided for account security like two-factor authentication may have been used accidentally for ad targeting. “We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for […] | |||
|
2019-10-09 09:15:26 | (Déjà vu) Fake Phishing Emails from Amazon AWS Suspension Emails for Unpaid Bills (lien direct) | In this article we take a look at a phishing campaign that pretends to be an Amazon AWS suspension notice for unpaid bills that looks good enough to trick many users. A billing notice from a vendor, especially one like Amazon, that states that your account has been suspended for unpaid bills, may confuse a […] | |||
|
2019-10-08 09:07:04 | (Déjà vu) RobbinHood Ransomware is now using street cred to force victims to pay (lien direct) | The operators behind the RobbinHood ransomware have changed their language in the ransom note, at least in one variant of the malware, to take from victims all hope of decrypting the files for free and to make them pay for the recovery. Boastful and arrogant in their message, the cybercriminals point to past incidents involving their […] | Ransomware | ||
|
2019-10-08 09:06:48 | Yahoo! Engineer has pleaded guilty to stealing pictures of women (lien direct) | Reyes Daniel Ruiz, a former Yahoo! software engineer, has pleaded guilty to using his access privileges at the company to hack users' accounts so that he could download private images and videos mostly belonging to young women. A 10-year veteran of Yahoo!, Ruiz admitted to accessing around 6,000 accounts and storing the pilfered files at […] | Hack Guideline | Yahoo | |
|
2019-10-08 09:06:33 | (Déjà vu) Medical Data Exposed of 1 Million People in Tū Ora Breach (lien direct) | Primary health organization (PHO) Tū Ora Compass Health from New Zealand disclosed a security breach that led to the exposure of medical and personally identifiable information (PII) of roughly 1 million people. PHOs are non-governmental organizations (NGOs) designed to provide support to the provision of fundamental primary health care services, mostly via general practices, to enrolled people. […] | |||
|
2019-10-08 09:06:17 | 92 Million Brazilians Data found on underground forums for sale (lien direct) | Several members-only dark web forums are reportedly auctioning what appears to be a stolen government database featuring the personal information of 92 million Brazilian citizens. The 16GB SQL database contains such information as name, birth date, mother's name, gender and tax details including taxpayer IDs, according to BleepingComputer, which credits the discovery to a researcher with […] | |||
|
2019-10-08 09:05:58 | New Tool Introduced on Instagram to Prevent Phishing Attacks (lien direct) | Instagram has added a new feature to its app to help users work out if an email was sent by the Facebook company or if it's an attempted phishing scam. Now, if you receive an email claiming to be from Instagram, you can check if it's genuine by heading over to the “Emails from Instagram” […] | Tool | ||
|
2019-10-08 09:00:07 | New Report Finds Staggering Increase in Business Email Compromise (BEC) Attacks (lien direct) | Mimecast (NASDAQ: MIME), a leading email and data security company, announced the availability of its latest Email Security Risk Assessment (ESRA). The quarterly assessment is an aggregated report of tests that measure the efficacy of widely used email security systems.[1] This quarter's ESRA report found a significant increase in Business Email Compromise (BEC) attacks, emails containing dangerous file types, malware […] | Malware Guideline | ||
|
2019-10-08 08:51:48 | Student cyber entrepreneurs announce HackBack2 (lien direct) | Two young cyber security entrepreneurs are running their second HackBack virtual Capture the Flag (CTF) competition for teams from UK Universities. Ben Spring and Ashu Savani, who met as students during an internship at Context Information Security, developed the TryHackMe interactive platform to make it easier for students and other newcomers to learn cyber security skills. The HackBack2 event on 26 […] | |||
|
2019-10-07 09:23:04 | Independent Market Survey Reveals 64% of ERP Deployments Have Been Breached in the Last 24 Months (lien direct) | Onapsis, the leader in business application protection, today announced the findings of a new IDC survey titled 'ERP Security: The Reality of Business Application Protection' sponsored by Onapsis . According to the sponsored survey of 430 IT decision makers, ERP applications are 'critical' to business operations. Sixty-four percent of the 191 decision makers surveyed whose […] | Guideline |
To see everything:
Our RSS (filtrered)
