Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-24 11:00:00 |
Russian IT “Brain Drain” Decentralizes Cybercrime (lien direct) |
Recorded Future claims war in Ukraine is having a major impact |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-24 10:15:00 |
Investment Scams Drive $9bn in Fraud in 2022 (lien direct) |
FTC says consumer fraud is up 30% on the previous year |
Studies
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-24 09:30:00 |
Firms Who Pay Ransom Subsidise 10 New Attacks: Report (lien direct) |
Trend Micro urges victim organizations to resist extorters demands |
Prediction
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 18:00:00 |
WinorDLL64 Backdoor Linked to Lazarus Group (lien direct) |
The Wslink loader can reportedly serve other connecting clients and load additional payloads |
|
APT 38
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 16:30:00 |
Dozens of Malicious \'HTTP\' Libraries Found on PyPI (lien direct) |
ReversingLabs cybersecurity researchers spotted 41 malicious PyPI packages |
|
|
★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 15:30:00 |
Hackers Use S1deload Stealer to Target Facebook, YouTube Users (lien direct) |
The malicious software employs DLL sideloading techniques to run its malicious components |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 10:20:00 |
ICO Calls on Accountants to Improve SME Data Protection (lien direct) |
A fifth of firms use accountants to help with compliance |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 09:50:00 |
Russian Invasion Sparks Global Wiper Malware Surge (lien direct) |
Fortinet detected a 50% increase in destructive attacks in H2 2022 |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-23 09:20:00 |
Phishing Sites and Apps Use ChatGPT as Lure (lien direct) |
Campaigns designed to steal card information and install malware |
Malware
|
ChatGPT
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 17:00:00 |
Open Source Flaws Found in 84% of Codebases (lien direct) |
The figures come from Synopsys' new Open Source Security and Risk Analysis report |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 16:00:00 |
Hydrochasma Group Targets Asian Medical and Shipping Sectors (lien direct) |
The hackers appear to have a possible interest in industries connected with COVID-19 treatments |
Medical
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 15:30:00 |
Npm Packages Used to Distribute Phishing Links (lien direct) |
The malicious packages were reportedly created using automated processes |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 10:45:00 |
Putin Speech Interrupted by DDoS Attack (lien direct) |
Outage impacts Russian state media websites |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 10:10:00 |
Time Taken to Deploy Ransomware Drops 94% (lien direct) |
Extortion found to be most common impact from cyber-attacks in 2022 |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-22 09:50:00 |
Call of Duty Developer Confirms Phishing Attempt but Not Breach (lien direct) |
Security researchers say hackers successfully exfiltrated content |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 18:00:00 |
New Privilege Escalation Bug Class Found on macOS and iOS (lien direct) |
The new class of privilege escalation bugs is based on the ForcedEntry attack |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 17:00:00 |
Hackers Exploit Privilege Escalation Flaw on Windows Backup Service (lien direct) |
The flaw is triggered using the Race Condition between temporary file creation and deletion |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 16:00:00 |
Researchers Uncover New Information Stealer \'Stealc\' (lien direct) |
Stealc is a fully featured stealer, whose development relied on Vidar, Raccoon, Mars and Redline |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 12:00:00 |
City Fund Managers Jailed for $8m Fraud (lien direct) |
Trio get 12 years behind bars |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 11:00:00 |
Ransomware Gang Seeks to Exploit Victim\'s Insurance Coverage (lien direct) |
Ransomware group tries to demonize carriers in negotiations |
Ransomware
|
|
★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-21 10:15:00 |
Fifth of Brits Have Fallen Victim to Online Scammers (lien direct) |
Many don't have any security controls in place, says F-Secure |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 18:00:00 |
Samsung Launches Message Guard to Protect Users From Cyber-Threats (lien direct) |
The feature provides a sandbox layer isolating some image files from the rest of the device |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 17:00:00 |
GoDaddy Announces Source Code Stolen and Malware Installed in Breach (lien direct) |
An unauthorized party caused the intermittent redirection of customer websites |
Malware
|
|
★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 16:00:00 |
Frebniis Malware Exploits Microsoft IIS Feature (lien direct) |
The malware was used by a previously unknown threat actor against targets in Taiwan |
Malware
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 11:30:00 |
FBI "Contains" Cyber-Incident on its Network (lien direct) |
Question marks remain over what happened at New York field office |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 10:55:00 |
Norway Seizes Millions in North Korean Crypto (lien direct) |
Funds were taken in attack on Ronin Network |
|
|
★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-20 09:30:00 |
Police Bust $41m Email Scam Gang (lien direct) |
Criminal network comprises French and Israeli gangsters |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 18:00:00 |
Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos (lien direct) |
The threat actor initiated infection chains by targeting employees through WhatsApp messages |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 17:00:00 |
EU Cybersecurity Agency Warns Against Chinese APTs (lien direct) |
The document directly mentions APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda |
|
APT 30
APT 27
APT 15
APT 25
APT 31
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 16:10:00 |
Google Report Reveals Russia\'s Elaborate Cyber Strategy in Ukraine (lien direct) |
One year after the invasion of Ukraine, Google and Mandiant analyzed the cyber strategy of Russia-backed threat actors |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 16:00:00 |
Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict (lien direct) |
The newest version of OxtaRAT is a polyglot file combining a compiled AutoIT script and an image |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 11:00:00 |
UK NCSC Launches Recommendations on Supply Chain Mapping (lien direct) |
The UK National Cybersecurity Centre's new guidance breaks down the essentials of a good supply chain mapping (SCM) list |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 10:30:00 |
Firm Fined £200K For "Exploitative" Call Campaign (lien direct) |
It's OK Ltd made over 1.7 million nuisance calls |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 10:00:00 |
Data Leak Hits Thousands of NHS Workers (lien direct) |
Email snafu affects staff at Liverpool University Hospital Foundation Trust |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-17 09:30:00 |
Hackers Fake Emsisoft Certificate to Hide Attack (lien direct) |
Attempt to trick network defenders into allow-listing remote access app |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 18:00:00 |
BEC Groups Target Firms With Multilingual Impersonation Attacks (lien direct) |
Combined, the two groups have launched BEC campaigns in at least 13 different languages |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 17:00:00 |
City of Oakland Declares State of Emergency After Ransomware Attack (lien direct) |
Core functions are intact, but the city has taken certain non-emergency systems offline |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 16:00:00 |
Hackers Leverage PayPal to Send Malicious Invoices (lien direct) |
The phishing email warned users that there had been fraud on the account |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 13:00:00 |
Quarter of Crypto Tokens Linked to Pump-and-Dump (lien direct) |
Scammers made an estimated $30m in profits in 2022 |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 10:00:00 |
Experts Warn of Surge in Multipurpose Malware (lien direct) |
The average malware variant now utilizes 11 TTPs |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-16 09:30:00 |
UK Policing Riddled with Chinese CCTV Cameras (lien direct) |
Security and ethical concerns raised by surveillance commissioner |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 18:00:00 |
Google Launches Privacy Sandbox Beta on Android 13 Devices (lien direct) |
It is an initiative designed to limit user data sharing in digital advertising |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 16:51:00 |
LockBit and Royal Mail Ransomware Negotiation Leaked (lien direct) |
It shows the threat actor trying to convince Royal Mail to pay the ransom using various techniques |
Ransomware
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 16:00:00 |
Crypto-Stealing Campaign Deploys MortalKombat Ransomware (lien direct) |
The attacks mainly targeted victims in the US but also in the UK, Turkey, and the Philippines |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 12:00:00 |
Threat Analysis: VMware ESXi Attacks Soared in 2022 (lien direct) |
Recorded Future analyzed how threat actors have been exploiting VMware ESXi vulnerabilities over the past three years |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 10:30:00 |
Microsoft Patches Three Zero-Day Bugs This Month (lien direct) |
February Patch Tuesday contains updates for over 70 CVEs |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 10:00:00 |
SAS App and Website Hit as Attacks Target Swedish Firms (lien direct) |
Valentine's Day outages hit airline and media companies |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-15 09:30:00 |
SideWinder APT Attacks Regional Targets in New Campaign (lien direct) |
Indian threat group conducts hundreds of operations in a short time-span |
Threat
|
APT-C-17
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-14 18:00:00 |
Lokibot, AgentTesla Grow in January 2023\'s Most Wanted Malware List (lien direct) |
The infostealer Vidar has returned to the top 10 after an increase in 'brandjacking' attacks |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-02-14 17:00:00 |
Chinese Hackers Infiltrate South American Diplomatic Networks (lien direct) |
The group previously targeted government agencies and think tanks in Asia and Europe |
|
|
★★
|