What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-21 11:33:59 | Water Sector Security Report Released Just as Another Water Plant Hack Comes to Light (lien direct) | 
|
Hack | ||
 |
2021-06-20 16:36:59 | Norway blames China-linked APT31 for 2018 government hack (lien direct) | Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government's IT network. Norway's Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government's IT network in 2018. The attribution of the attack to the APT31 grouo is based […] | Hack | APT 31 | |
 |
2021-06-18 23:34:04 | North Korea Exploited VPN Flaw to Hack South\'s Nuclear Research Institute (lien direct) | South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which - "27.102.114[.]89 |
Hack Vulnerability | ||
 |
2021-06-17 11:24:00 | Smashing Security podcast #232: Zoomolympics and language matters (lien direct) | Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. | Hack | ||
 |
2021-06-17 00:09:00 | How to hack a bicycle – Peloton Bike+ rooting bug patched (lien direct) | It's a bike, Jim, but not as we know it. | Hack | ||
|
2021-06-16 02:14:53 | Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets (lien direct) | As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets.
"Ransomware operators often buy access from independent cybercriminal groups who infiltrate major |
Ransomware Hack Threat | ||
 |
2021-06-15 06:39:02 | Apple fixes ninth zero-day bug exploited in the wild this year (lien direct) | Apple has fixed two iOS zero-day vulnerabilities that "may have been actively exploited" to hack into older iPhone, iPad, and iPod devices. [...] | Hack | ||
|
2021-06-14 22:16:47 | Apple: WebKit Bugs Exploited to Hack Older iPhones (lien direct) | Apple late Monday shipped an out-of-band iOS update for older iPhones and iPads alongside a warning that a pair of WebKit security vulnerabilities may have been actively exploited. | Hack | ||
|
2021-06-14 21:00:28 | CodeCov Kills Off Bash Uploader Blamed for Supply Chain Hack (lien direct) | Following a major software supply chain compromise that exposed data for several major companies, developer tools startup CodeCov plans to kill off the Bash Uploader tool that was responsible for the breach. | Hack Tool | ||
 |
2021-06-14 17:13:00 | REvil Claims Responsibility for Invenergy Hack (lien direct) | Ransomware group that attacked JBS says it also hacked Chicago-based clean energy company | Ransomware Hack | ||
 |
2021-06-11 16:39:10 | Cyberpunk 2077 Hacked Data Circulating Online (lien direct) | CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer. | Hack | ||
 |
2021-06-10 14:26:25 | Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security (lien direct) | In this episode of the podcast
(#216) we talk with Brian Trzupek, Digicert's Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the firm SolarWinds.
The post Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/654400338/0/thesecurityledger -->»
|
Hack | ||
 |
2021-06-10 13:52:44 | Cyberguerre : l\'armée américaine présente les résultats de son bug bounty " Hack the Army 3.0 " (lien direct) | Le groupe russe à l'origine du piratage Solarwinds ayant lancé une nouvelle série d'offensives contre des agences gouvernementales américaines, les plus hautes institutions du pays sont plus que jamais sous pression pour réussir à contenir la cyber menace. The post Cyberguerre : l'armée américaine présente les résultats de son bug bounty " Hack the Army 3.0 " first appeared on UnderNews. | Hack | ||
 |
2021-06-09 12:07:07 | Experts Inisght On Security Threats Of VPN And What Organisations Can Do To Manage The Risk Of Ransomware. (lien direct) | BACKGROUND: In light of the ongoing conversation around the Colonial Pipeline hack and the latest findings showing that hackers used a VPN account to breach the network using just a… | Hack | ||
|
2021-06-04 14:09:26 | How to hack into 5500 accounts… just using “credential stuffing” (lien direct) | Passwords - don't just pay them lip service. | Hack | ||
 |
2021-06-04 06:14:00 | Secrecy around EncroChat cryptophone hack breaches French constitution, court hears (lien direct) | Pas de details / No more details | Hack | ||
|
2021-06-03 08:20:00 | FBI: REvil Ransomware Group Behind JBS Attack (lien direct) | The FBI said it would be working to bring the REvil group to justice for the hack on JBS | Ransomware Hack | ||
|
2021-06-02 07:54:01 | Experts React: On JBS Foods Hack Must Prompt Supply Chain Cyber Protection (lien direct) | BACKGROUND: The world’s largest meat supplier, JBS Foods, has been hit by a cyber-attack, the latest in a string of high-profile international hacks which show no sign of slowing down. Hackers… | Hack | ||
|
2021-06-01 12:41:33 | Swedish Public Health Agency Says Disease Database Targeted in Cyberattacks (lien direct) | The Swedish Public Health Agency (Folkhälsomyndigheten) is currently investigating several attempts to hack into SmiNet, a database that stores reports of infectious diseases, including COVID-19 cases. | Hack | ||
|
2021-05-30 14:19:20 | US Says Agencies Largely Fended Off Latest Russian Hack (lien direct) | The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. | Hack | ||
 |
2021-05-29 13:00:00 | US Soldiers Exposed Nuclear Secrets on Digital Flashcards (lien direct) | Plus: A major hack in Japan, Citizen app run amuck, and more of the week's top security news. | Hack | ||
|
2021-05-28 20:16:19 | CVE-2020-15782 flaw in Siemens PLCs allows remote hack (lien direct) | Industrial cybersecurity firm Claroty discovered a new flaw in Siemens PLCs that can be exploited by a remote and unauthenticated attacker to hack the devices. Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782, that could be exploited by remote and unauthenticated attackers to bypass memory protection. The […] | Hack Vulnerability | ||
|
2021-05-28 15:08:02 | Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs (lien direct) | Researchers at industrial cybersecurity firm Claroty have identified a serious vulnerability that can be exploited by a remote and unauthenticated attacker to hack some of the programmable logic controllers (PLCs) made by Siemens. | Hack Vulnerability | ||
|
2021-05-27 14:24:34 | US Pipelines Ordered to Increase Cyber Defenses After Hack (lien direct) | U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. | Ransomware Hack | ||
|
2021-05-27 13:56:20 | Fujitsu SaaS Hack Sends Govt. of Japan Scrambling (lien direct) | Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities. | Hack Threat | ||
|
2021-05-27 12:58:14 | (Déjà vu) Expert Reaction On Japanese Government Agencies Suffer Data Breaches After Fujitsu Hack (lien direct) | Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. It is not… | Hack | ||
 |
2021-05-27 11:41:26 | The Story of the 2011 RSA Hack (lien direct) | Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come. | Hack | ★★★★ | |
|
2021-05-27 10:57:54 | Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack (lien direct) |  Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.
Features of Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub contains many frameworks, databases, applications, programming languages and more such as:
Drupal
ffmpeg
CouchDB
ActiveMQ
Glassfish
Joombla
JBoss
Kibana
Laravel
Rails
Python
Tomcat
And many, many more.
Read the rest of Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack now! Only available at Darknet.
|
Hack | ||
|
2021-05-27 09:48:37 | US announces new security directive after critical pipeline hack (lien direct) | The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. [...] | Ransomware Hack | ||
|
2021-05-27 03:21:17 | Japanese government agencies suffer data breaches after Fujitsu hack (lien direct) | Offices of multiple Japanese agencies were breached via Fujitsu's "ProjectWEB" information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. [...] | Hack | ||
|
2021-05-26 19:29:45 | US Exchanges Offer a Rich Potential Target for Hackers (lien direct) | Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that set off a public panic and forced the company to pay a ransom. Financial exchanges that manage daily transactions of tens or hundreds of billions of dollars are an appealing target for hackers. | Hack Threat | ||
 |
2021-05-25 15:00:00 | Anomali Cyber Watch: Bizzaro Trojan Expands to Europe, Fake Call Centers Help Spread BazarLoader Malware, Toshiba Business Reportedly Hit by DarkSide Ransomware and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BazarCall, DarkSide, Data breach, Malware, Phishing, Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Air India passenger data breach reveals SITA hack worse than first thought
(published: May 23, 2021)
Adding to the growing body of knowledge related to the March 2021 breach of SITA, a multinational information technology company providing IT and telecommunication services to the air transport industry, Air India announced over the weekend that the personal information of 4.5 million customers was compromised. According to the airline, the stolen information included passengers’ name, credit card details, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data. The compromise included data for passengers who registered with Indian Airlines between 26 August 2011 and 3 February 2021; nearly a decade. Air India adds to the growing list of SITA clients impacted by their data breach, including Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air, Cathay Pacific, Air New Zealand, and Lufthansa.
Analyst Comment: Unfortunately, breaches like this are commonplace. While customers have no control over their information being included in such a breach, they can and should take appropriate actions once notified they may be impacted, Those actions can include changing passwords and credit cards associated with the breached accounts, engaging with credit reporting agencies for enhanced credit monitoring or freezing of credit inquiries without permission, and reaching out to companies that have reportedly been breached to learn what protections they may be offering their clients.
Tags: Data Breach, Airline, PII
BazarCall: Call Centers Help Spread BazarLoader Malware
(published: May 19, 2021)
Researchers from PaloAlto’s Unit42 released a breakdown of a new infection method for the BazarLoader malware. Once installed, BazarLoader provides backdoor access to an infected Windows host which criminals can use to scan the environment, send follow-up malware, and exploit other vulnerable hosts on the network. In early February 2021, researchers began to report a “call center” method of distributing BazarLoader. Actors would send phishing emails with trial subscription-based themes encouraging victims to phone a number to unsubscribe. If a victim called, the actor would answer the phone and direct the victim through a process to infect the computer with BazarLoader. Analysts dubbed this method of infection “BazarCall.”
Analyst Comment: This exemplifies social engineering tactics threat actors employ to trick users into installing malware on their machines. All social media users should be cautious when accepting unknown requests to connect, and particularly cautious when receiving communication from unknown users. Even if cal |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | ||
|
2021-05-25 14:08:37 | (Déjà vu) Time HackTheBox Walkthrough (lien direct) | Hello! Everyone and Welcome to yet another CTF challenge from Hack the Box, called 'Time,' which is available online for those who want to increase their skills in penetration testing and Black box testing. Level: Medium Task: Find user.txt and root.txt in the victim's machine Penetration Methodologies Scanning Nmap Enumeration Browsing HTTP | Hack | ★★★★★ | |
|
2021-05-24 18:22:26 | Delivery HackTheBox Walkthrough (lien direct) | Hello! Everyone and Welcome to yet another CTF challenge from Hack the Box, called 'Delivery,' which is available online for those who want to increase their skills in penetration testing and Black box testing. Delivery is a retired vulnerable lab presented by Hack the Box for making online penetration testing | Hack | ||
|
2021-05-24 14:14:26 | Needle in the Haystack: The Inside Story of the Microsoft Exchange Hack (lien direct) | 
|
Hack | ||
|
2021-05-24 13:18:10 | U.S. Government Asks Victims of 2017 EtherDelta Hack to Come Forward (lien direct) | The U.S. government is hoping to obtain additional information on the 2017 hacker attack targeting the EtherDelta cryptocurrency trading platform and it has asked victims of the incident to come forward. | Hack | ||
|
2021-05-24 11:20:05 | AIs and Fake Comments (lien direct) | This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn't another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy – the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens. This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones... | Hack | ★★★ | |
|
2021-05-24 08:44:00 | Air India is latest victim of Sita hack (lien direct) | Pas de details / No more details | Hack | ||
 |
2021-05-24 07:46:47 | Damage of SITA data breach still unfolding as Air India compromised (lien direct) | Tech Crunch has reported that a recently found Air India passenger data breach indicates that the SITA hack is worse than first anticipated. Three months after air transport data giant SITA reported its own data breach, the damage is still mounting. Air India said this week that personal data of about 4.5 million passengers had […] | Data Breach Hack | ★★★★★ | |
|
2021-05-23 12:08:41 | India\'s National Carrier Says Hack Leaked Passengers\' Data (lien direct) | Personal data of an unspecified number of travelers has been compromised after a company that serves India's national carrier was hacked, Air India said. The hackers were able to access 10 years' worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday. | Hack | ||
|
2021-05-21 22:01:08 | Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers (lien direct) | India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year.
The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact |
Data Breach Hack | ||
|
2021-05-21 14:48:50 | Air India data breach impacts 4.5 million customers (lien direct) | Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021. [...] | Data Breach Hack | ||
|
2021-05-20 10:19:46 | SolarWinds Hack Happened Months Earlier Than Thought (lien direct) | BACKGROUND: The Solar Winds CEO has announced that its infamous hack may have happened months earlier than thought. Sudhakar Ramakrishna suggested that hackers that penetrated 10 U.S. government agencies and… | Hack | ||
|
2021-05-20 10:00:00 | The Full Story of the Stunning RSA Hack Can Finally Be Told (lien direct) | In 2011, Chinese spies stole the crown jewels of cybersecurity-stripping protections from firms and government agencies worldwide. Here's how it happened. | Hack | ||
|
2021-05-19 14:36:40 | Probe Into Florida Water Plant Hack Led to Discovery of Watering Hole Attack (lien direct) | An investigation conducted by industrial cybersecurity firm Dragos into the recent cyberattack on the water treatment plant in Oldsmar, Florida, led to the discovery of a watering hole attack that initially appeared to be aimed at water utilities. | Hack | ||
|
2021-05-19 12:30:07 | ROUNDTABLE: Experts react to President Biden\'s exec order in the aftermath of Colonial Pipeline hack (lien direct) | As wake up calls go, the Colonial Pipeline ransomware hack was piercing. Related: DHS embarks on 60-day cybersecurity sprints The attackers shut down the largest fuel pipeline in the U.S., compelling Colonial to pay them 75 bitcoins, worth a … (more…) | Ransomware Hack | ||
|
2021-05-19 10:50:14 | Lawmakers Reintroduce \'Pipeline Security Act\' Following Colonial Hack (lien direct) | More than a dozen U.S. lawmakers led by Rep. Emanuel Cleaver (D-MO) have reintroduced the Pipeline Security Act, whose goal is to aid the DHS's efforts to protect pipeline infrastructure against cyberattacks, terrorist attacks and other threats. | Hack | ||
|
2021-05-17 20:44:00 | Cyber Self-Defense Is Not Complicated (lien direct) | Anomali Sr. Director of Cyber Intelligence Strategy A.J. Nash recently penned a column for United States Cybersecurity Magazine about how few people in the modern world are immune to the threat of a cyber-attack. Hence, the importance of cyber self-defense. In “Cyber Self-Defense Is Not Complicated,” A.J. talks about why self-commitment is an increasingly effective way to minimize the risks that certainly lurk. Whether it be texts that include personal content not meant for public consumption, emails, hard drives, cloud storage containing sensitive business information, or the endless supply of finance transaction data that most of us pass across the Internet daily, few people in the modern world are immune to the threat of a cyber-attack. Hence, the importance of cyber self-defense. The most common avenue of attack for cyber actors continues to be phishing. Phishing enables cybercriminals to gain the access needed for a ransomware attack, cyber extortion, or the theft of personally identifiable information (PII) which is used to steal money or identities. While the threat of compromise may be daunting to many who do not see themselves as very technical, even those with limited knowledge can employ a few simple techniques and tools to greatly reduce the potential for being compromised. Before we talk solutions, let us briefly examine the common threats most of us face and nearly all of us can minimize through simple cyber self-defense. 4 Common Threats Faced in Cyberspace Phishing: Someone poses as a legitimate institution or individual in an email or text to lure victims into providing sensitive data such as PII, banking and credit card details, and passwords. Ransomware: Malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files until a ransom is paid. Theft of PII: The theft of data that may include a Social Security number, date of birth, driver’s license number, bank account and financial information, as well as a passport number. All this data can be assembled into a full financial record file (AKA, “fullz”) for identity theft. These reportedly sell for as little as $8/each on cybercriminal markets across the Dark Web. Cyber Extortion/Blackmail: A crime in which a threat actor demands payment to prevent the release of potentially embarrassing or damaging information. In most cases involving individual victims (not companies), a threat actor pretends to have compromised a victim’s computer or an account tied to something embarrassing. By quoting credentials usually gathered from a previously published breach, the threat actor quotes those credentials as “evidence” of access to the more embarrassing data. Because people commonly use the same credentials for multiple accounts, this bluff often works, leading to the victim being forced to provide more embarrassing content for extortion, pay money, or both. Cyber Self-Defense Practices: Safely Using Wi-Fi and Bluetooth Wireless connectivity to the Internet and other devices is one of the most convenient inventions in recent memory. Unfortunately, these technologies also come with risks many users fail to recognize or mitigate. Thankfully, it only takes a few simple changes to greatly reduce the risk of personal compromise and practice cyber self-defense. Keep Wi-Fi and Bluetooth features turned off on mobile phones and la | Malware Hack Threat Guideline | ||
|
2021-05-14 17:35:22 | DarkSide Ransomware Shutdown: An Exit Scam or Running for Hills? (lien direct) | The criminal gang behind the disruptive Colonial Pipeline ransomware hack says it is shutting down operations, but threat hunters believe the group will reemerge with a new name and new ransomware variants. | Ransomware Hack Threat | ||
 |
2021-05-13 19:15:08 | CVE-2021-29510 (lien direct) | Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either `'infinity'`, `'inf'` or `float('inf')` (or their negatives) to `datetime` or `date` fields causes validation to run forever with 100% CPU usage (on one CPU). Pydantic has been patched with fixes available in the following versions: v1.8.2, v1.7.4, v1.6.2. All these versions are available on pypi(https://pypi.org/project/pydantic/#history), and will be available on conda-forge(https://anaconda.org/conda-forge/pydantic) soon. See the changelog(https://pydantic-docs.helpmanual.io/) for details. If you absolutely can't upgrade, you can work around this risk using a validator(https://pydantic-docs.helpmanual.io/usage/validators/) to catch these values. This is not an ideal solution (in particular you'll need a slightly different function for datetimes), instead of a hack like this you should upgrade pydantic. If you are not using v1.8.x, v1.7.x or v1.6.x and are unable to upgrade to a fixed version of pydantic, please create an issue at https://github.com/samuelcolvin/pydantic/issues requesting a back-port, and we will endeavour to release a patch for earlier versions of pydantic. | Hack | ★★★★ |
To see everything:
Our RSS (filtrered)
