Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-17 09:00:00 |
Hackney Council Ransomware Attack Cost £12m+ (lien direct) |
Local government's travails highlight devastating impact of breaches |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-17 08:30:00 |
Global Cops Arrest Dozens Linked to Financial Crime Gang (lien direct) |
Black Axe syndicate responsible for multimillion-dollar losses |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 17:00:00 |
(Déjà vu) Mirai Botnet Targeted Wynncraft Minecraft Server, Cloudflare Reports (lien direct) |
The multi-vector, 2.5Tbps attack consisted of UDP and TCP floods |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 16:00:00 |
Shein Holding Company Fined $1.9m For Not Disclosing Data Breach (lien direct) |
The data breach saw Zoetop allegedly trying to keep the real impact of the leak quiet |
Data Breach
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 15:00:00 |
Education Sector Experienced 44% Increase in Cyber-Attacks Over Last Year (lien direct) |
An average of 2297 attacks against organizations were recorded every week |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 12:15:00 |
#DTX2022: How to Scam Someone Using Social Media Phishing (lien direct) |
Jake Moore, global cybersecurity advisor at ESET, shared at DTX Europe 2022 how he used a fake social media profile to hack employees of a company |
Hack
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 09:45:00 |
Magniber Ransomware Adopts JavaScript to Attack Individual Users (lien direct) |
Consumers should protect themselves by using least-privilege principles |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-14 09:00:00 |
Report Shows How China Has Been Using Cyberattacks Over the Past Decade (lien direct) |
Consultancy firm Booz Allen has published a comprehensive report on Chinese-sponsored threat |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 17:00:00 |
Chinese APT WIP19 Targets IT Service Providers and Telcos (lien direct) |
The group is characterized by the use of a stolen digital certificate issued by DEEPSoft |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 16:00:00 |
Malicious WhatsApp Mod Spotted Infecting Android Devices (lien direct) |
YoWhatsApp v2.22.11.75 was distributed via ads on Android apps like Snaptube and VidMate |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 15:00:00 |
Budworm Espionage Group Returns, Targets US State Legislature (lien direct) |
Budworm leveraged the Log4j vulnerabilities to compromise the Apache Tomcat service on servers |
|
APT 27
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 10:57:00 |
IP Cameras, VoIP and Video Conferencing Revealed as Riskiest IoT Devices (lien direct) |
Warning to orgnaizations to be aware of risky devices across IT, IoT, OT and IoMT |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 10:40:00 |
UK Government Urges Action to Enhance Supply Chain Security (lien direct) |
The NCSC guidance has been issued amid a significant increase in supply chain attacks in recent years |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-13 08:45:00 |
#DTX2022: Cyber Needs to Redress the Defensive-Offensive Balance Following Russia-Ukraine (lien direct) |
The Russia-Ukraine conflict highlights the value of defensive cybersecurity, says Dr Alexi Drew |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 17:00:00 |
FormBook Tops Check Point\'s Most Wanted Malware List For September (lien direct) |
Vidar, an infostealer, has entered the top 10 list in eighth place for the first time |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 16:00:00 |
Microsoft October 2022 Patch Tuesday Fixes 84 Flaws, Including Zero-Day (lien direct) |
Thirteen of the 84 vulnerabilities fixed in yesterday's update are classified as 'Critical' |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 15:00:00 |
Singtel\'s Australian IT Firm Dialog Suffers Data Breach (lien direct) |
The breach affected around 20 clients and 1000 current and/or former Dialog employees |
Data Breach
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 09:20:00 |
Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE (lien direct) |
The vulnerability has been assigned a CVE – Siemens has already updated affected systems and published recommendations for mitigating the risk |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 08:45:00 |
Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations (lien direct) |
Researchers at ESET found evidence of previously undocumented custom tools used by the hackers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-12 08:20:00 |
#ISC2Congress: US Government is Embracing \'Collective Defense\' (lien direct) |
We are all in it together, says the DoE's chief information officer |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 17:00:00 |
Google Unifies Recent Acquisitions Under New Cloud Security Offering (lien direct) |
Google embeds in cloud security market with new software suite |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 16:00:00 |
Toyota Reveals Data Leak of 300,000 Customers (lien direct) |
The leak was caused by an access key being made publicly available on GitHub for almost five years |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 15:00:00 |
A New Wave of PayPal Invoice Scams Using Crypto Disguise (lien direct) |
Trend Micro found evidence of new PayPal scammers impersonating crypto-related businesses |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 10:40:00 |
#ISC2Congress: Cybersecurity Pros Must Prepare for Emerging Deepfake Threats (lien direct) |
The security risks posed by deepfake technology are increasing |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 10:25:00 |
Calls for Better Microsoft Teams Backup as Confidential Info Sent on the Platform (lien direct) |
Many admitted to sending messages on Teams they should not have |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-11 09:35:00 |
Pro-Russian Group KillNet Claims Responsibility for 14 US Airport DDoS Attacks (lien direct) |
The websites of several major US airports were disrupted on October 10, 2022 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 17:40:00 |
Ukraine Enhances Cooperation With EU Cybersecurity Agencies (lien direct) |
Ukraine looks to enhance European integration with ENISA special partner status |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 16:00:00 |
Intel Confirms Source Code Leak (lien direct) |
Cyber-criminals could use the leaked source code to help launch attacks |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 15:00:00 |
ThermoSecure: Cracking Passwords Using Finger Heat on Keyboards is Now Possible (lien direct) |
A group of researchers have guessed 100% of six-character passwords using this attack |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 10:45:00 |
German Cybersecurity Chief Faces Sacking Over Possible Russia Ties (lien direct) |
Schoenbohm accused of having maintained contacts with people involved with Russian security services |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 09:55:00 |
Facebook Login Details at Risk as Meta Identifies Over 400 Malicious Apps (lien direct) |
Some of the malicious apps are able to evade detection and continue to make it onto legitimate app stores |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-10 09:40:00 |
91% of Cyber Pros Experience Mental Health Challenges at Work (lien direct) |
Factors contributing to mental health challenges included poor culture and the stressful nature of the work |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 17:00:00 |
LofyGang Group Linked to Recent Software Supply Chain Attacks (lien direct) |
The group focuses on utilizing open-source software for malicious purposes |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 16:02:00 |
RCE on Log4j Among Top CVEs Exploited By Chinese-Backed Hackers (lien direct) |
In a joint advisory, three US agencies, NSA, CISA and FBI, warned about Chinese threat actors |
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 15:45:00 |
Russian Sanctions Instigator Lloyd\'s Possibly Hit by Cyber-Attack (lien direct) |
The insurance market has detected “unusual activity” and turned off its systems |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 15:13:00 |
Businesses in Canada Warned Not to Overlook Cybersecurity As Recession Looms (lien direct) |
CEOs put cybersecurity seventh behind near-term risks such as the economy and potential recession |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 09:40:00 |
US Warns of Foreign Disinfo Ops Ahead of Midterms (lien direct) |
False narratives will try to sow doubt over outcome of election |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 09:10:00 |
Meta Sues Chinese Devs Over WhatsApp Malware Plot (lien direct) |
Fake apps led to account takeovers and spam campaigns |
Spam
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-07 08:30:00 |
Hacker Steals Over $570m from Binance Bridge (lien direct) |
Cypro-thieves target popular cross-chain bridging service |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 17:00:00 |
(Déjà vu) FBI and CISA Publish Advisory on Malicious Cyber Activity Against Election Infrastructure (lien direct) |
Threat actors trying to compromise elections are unlikely to result in large-scale disruptions |
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 16:00:00 |
Android Spyware \'RatMilad\' Targets Enterprise Devices in Iran (lien direct) |
The original RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 15:00:00 |
(Déjà vu) Uber\'s Former Security Chief Convicted of 2016 Data Breach Cover-Up (lien direct) |
Joe Sullivan was charged two years ago with obstruction of justice and misprision |
Data Breach
|
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 09:25:00 |
RDP Attacks Decline 89% in Eight Months (lien direct) |
Return to office and improved defenses are having an impact |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 08:50:00 |
US Healthcare Giant CommonSpirit Hit by Possible Ransomware (lien direct) |
Provider runs 140 hospitals across the nation |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-06 08:20:00 |
Retailer Easylife Fined £1.5m for Data Protection Breaches (lien direct) |
UK regulator also slams company for predatory marketing calls |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-05 17:00:00 |
(Déjà vu) Canadian Sentenced 20 Years in US Prison For Ransomware Attacks (lien direct) |
Sebastien Vachon-Desjardins, 35, was also ordered to forfeit $21.5m |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-05 16:00:00 |
CISA Advisory Details How Hackers Targeted Defense Industrial Base Organization (lien direct) |
The document was jointly released by CISA with the FBI and NSA |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-05 15:00:00 |
Australia\'s Data Breaches Continue With Telstra\'s Third-Party Supplier Hacked (lien direct) |
The data posted on the internet by the hackers was from 2017 and reportedly "basic in nature" |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-05 09:10:00 |
Ransomware Group Bypasses "Enormous" Range of EDR Tools (lien direct) |
BlackByte delivers new way to circumvent endpoint detection |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-10-05 08:45:00 |
Landmark US-UK Data Access Agreement Begins (lien direct) |
UK law enforcers should be biggest beneficiaries |
|
|
|