Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-08-08 19:00:00 |
10 Malicious Code Packages Slither into PyPI Registry (lien direct) |
The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. |
Malware
Threat
|
|
|
|
2022-08-08 14:00:00 |
Pipeline Operators Are Headed in the Right Direction, With or Without TSA\'s Updated Security Directives (lien direct) |
A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better. |
Threat
|
|
|
|
2022-08-05 16:38:36 |
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem (lien direct) |
For the right price, threat actors can get just about anything they want to launch a ransomware attack - even without technical skills or any previous experience. |
Ransomware
Threat
|
|
★★
|
|
2022-08-04 20:36:33 |
Time to Patch VMware Products Against a Critical New Vulnerability (lien direct) |
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines. |
Vulnerability
Threat
|
|
|
|
2022-08-03 17:00:00 |
Zero-Day Defense: Tips for Defusing the Threat (lien direct) |
Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust. |
Threat
|
|
|
|
2022-08-02 17:05:52 |
Microsoft Intros New Attack Surface Management, Threat Intel Tools (lien direct) |
Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts. |
Threat
|
|
|
|
2022-08-02 16:00:00 |
VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware (lien direct) |
Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal. |
Malware
Threat
|
|
|
|
2022-08-02 15:24:02 |
Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps (lien direct) |
With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety. |
Threat
|
|
|
|
2022-07-28 16:41:06 |
APT-Like Phishing Threat Mirrors Landing Pages (lien direct) |
By dynamically mirroring an organization's login page, threat actors are propagating legitimate-looking phishing attacks that encourage victims to offer up access to the corporate crown jewels. |
Threat
|
|
|
|
2022-07-28 09:00:00 |
In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement (lien direct) |
With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections. |
Malware
Threat
|
|
|
|
2022-07-25 20:35:41 |
Rare \'CosmicStrand\' UEFI Rootkit Swings into Cybercrime Orbit (lien direct) |
The firmware threat offers ultimate stealth and persistence - and may be distributed via tainted firmware components in a supply chain play, researchers theorize. |
Threat
|
|
|
|
2022-07-25 19:47:15 |
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs (lien direct) |
Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT. |
Ransomware
Malware
Threat
|
|
|
|
2022-07-22 16:43:09 |
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments (lien direct) |
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology. |
Ransomware
Malware
Threat
|
|
|
|
2022-07-22 15:46:10 |
(Déjà vu) Phishing Bonanza: Social Engineering Savvy Skyrockets as Malicious Actors Cash In (lien direct) |
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates. |
Threat
|
|
|
|
2022-07-20 19:46:17 |
Lax Security Fuels Massive 8220 Gang Botnet Army Surge (lien direct) |
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say. |
Threat
|
APT 17
|
|
|
2022-07-20 19:40:45 |
\'AIG\' Threat Group Launches with Unique Business Model (lien direct) |
The rapidly growing Atlas Intelligence Group relies on cyber-mercenaries to carry out its missions. |
Threat
|
|
|
|
2022-07-20 18:17:28 |
Mutare Voice Network Threat Survey Shows Nearly Half of Organizations Experienced Vishing or Social Engineering Attacks in Past Year (lien direct) |
Unsecured voice traffic, skyrocketing adoption of Teams-centric enterprise collaboration tools widen enterprise cybersecurity gaps and increase risk of breach. |
Threat
|
|
|
|
2022-07-20 15:05:49 |
Chaotic LAPSUS$ Group Goes Quiet, but Threat Likely Persists (lien direct) |
The LAPSUS$ group emerged with a big splash at the end of 2021, targeting companies, including Okta, with a "reckless and disruptive" approach to hacking. |
Threat
|
|
|
|
2022-07-14 20:43:13 |
DHS Review Board Deems Log4j an \'Endemic\' Cyber Threat (lien direct) |
Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. |
Vulnerability
Threat
|
|
|
|
2022-07-14 13:33:18 |
The Next Generation of Threat Detection Will Require Both Human and Machine Expertise (lien direct) |
To be truly effective, threat detection and response need to combine the strengths of people and technology. |
Threat
|
|
|
|
2022-07-12 20:00:00 |
Understanding the Omdia Threat Detection Data Lifecycle (lien direct) |
Data quality is key in an effective TDIR solution. Omdia's threat detection data lifecycle highlights the considerations for effective data-driven threat detection |
Threat
|
|
|
|
2022-07-08 14:00:00 |
Zero Trust Bolsters Our National Defense Against Rising Cyber Threats (lien direct) |
The Colonial Pipeline and JBS attacks, among others, showed us our national resilience is only as strong as public-private sector collaboration. |
Threat
|
|
|
|
2022-07-07 14:04:26 |
Empower Your Security Operations Team to Combat Emerging Threats (lien direct) |
When examining the modern threat landscape, empowering your security operations and overcoming the limitations inherent with other malware prevention solutions is imperative. |
Malware
Threat
|
|
|
|
2022-07-05 17:00:00 |
Why Browser Vulnerabilities Are a Serious Threat - and How to Minimize Your Risk (lien direct) |
As a result of browser market consolidation, adversaries can focus on uncovering vulnerabilities in just two main browser engines. |
Threat
|
|
|
|
2022-07-05 14:00:00 |
3 Cyber Threats Resulting From Today\'s Technology Choices to Hit Businesses by 2024 (lien direct) |
Companies need to consider the cost to disengage from the cloud along with proactive risk management that looks at governance issues resulting from heavy use of low- and no-code tools. |
Threat
|
|
|
|
2022-06-30 20:21:23 |
Google: Hack-for-Hire Groups Present a Potent Threat (lien direct) |
Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said. |
Threat
|
|
|
|
2022-06-30 18:29:00 |
Exchange Servers Backdoored Globally by SessionManager (lien direct) |
Malicious ISS module exploitation is the latest trend among threat actors targeting Exchange servers, analysts say. |
Threat
|
|
|
|
2022-06-29 12:30:44 |
5 Surprising Cyberattacks AI Stopped This Year (lien direct) |
See how these novel, sophisticated, or creative threats used techniques such as living off the land to evade detection from traditional defensive measures - but were busted by AI. |
Threat
|
|
|
|
2022-06-21 14:30:40 |
BRATA Android Malware Evolves Into an APT (lien direct) |
The BRATA Android banking Trojan is evolving into a persistent threat with a new phishing technique and event-logging capabilities. |
Malware
Threat
|
|
|
|
2022-06-10 19:21:39 |
Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry (lien direct) |
A Linux-based banking Trojan is a master at staying under the radar. |
Malware
Threat
|
|
|
|
2022-06-01 21:30:59 |
Hunting for Threats Using Network Traffic Flows (lien direct) |
SeclarityIO's NetworkSage platform analyzes network traffic data to identify attacks before they become real problems. |
Threat
|
|
|
|
2022-06-01 21:08:04 |
FluBot Android Malware Operation Disrupted, Infrastructure Seized (lien direct) |
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years. |
Malware
Threat
|
|
|
|
2022-06-01 20:49:18 |
NetSPI\'s New Breach and Attack Simulation Enhancements Help Organizations Achieve Behavior-Based Threat Detection (lien direct) |
Organizations leverage the platform-driven, human-delivered service to measure and continuously improve the efficacy of detective controls and MSSP coverage. |
Threat
|
|
|
|
2022-06-01 16:33:21 |
Ordr Secures $40 Million in Series C Funding to Answer Increased Demand for Connected Device Security (lien direct) |
Rising threat of data breaches and ransomware attacks drives need for complete and accurate real-time information about devices and their risks. |
Ransomware
Threat
|
|
|
|
2022-05-25 22:11:47 |
Most Common Threats in DBIR (lien direct) |
Supply chain and ransomware attacks increased dramatically this year, which explains why so many data breaches in this year's DBIR were grouped as system intrusion. |
Ransomware
Threat
|
|
|
|
2022-05-25 19:25:51 |
Vishing Attacks Reach All Time High, According to Latest Agari and PhishLabs Report (lien direct) |
According to the findings, vishing attacks have overtaken business email compromise as the second most reported response-based email threat since Q3 2021. |
Threat
|
|
|
|
2022-05-24 21:13:51 |
New Attack Shows Weaponized PDF Files Remain a Threat (lien direct) |
Notable new infection chain uses PDF to embed malicious files, load remote exploits, shellcode encryption, and more, new research shows. |
Threat
|
|
|
|
2022-05-19 14:00:00 |
6 Scary Tactics Used in Mobile App Attacks (lien direct) |
Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene. |
Malware
Threat
|
|
|
|
2022-05-09 22:19:47 |
Joker, Other Fleeceware Surges Back Into Google Play (lien direct) |
The infamous Joker threat is back in Google Play, along with other Trojanized mobile apps that secretly sign Android users up for paid subscription services. |
Threat
|
|
|
|
2022-05-05 21:21:52 |
Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials (lien direct) |
The same attack that allowed a threat actor to steal data from private Heroku GitHub repositories also resulted in the compromise of customer credentials, the company now says. |
Threat
|
|
|
|
2020-11-17 10:35:00 |
An Inside Look at an Account Takeover (lien direct) |
AI threat find: Phishing attack slips through email gateway and leads to large-scale compromise. |
Threat
Guideline
|
|
|
|
2020-11-12 18:00:00 |
Manufacturing Sees Rising Ransomware Threat (lien direct) |
Crypto-ransomware groups are increasingly adopting malware and tools that can probe and attack operational technology, such as industrial control systems, according to an assessment of current threats. |
Ransomware
Malware
Threat
|
|
|
|
2020-10-07 17:30:00 |
New \'HEH\' Botnet Targets Exposed Telnet Services (lien direct) |
Latest threat is one in a growing list of malware developed in the Go programming language. |
Malware
Threat
|
|
|
|
2020-10-01 10:00:00 |
Cryptojacking: The Unseen Threat (lien direct) |
Mining malware ebbs and flows with the price of cryptocurrencies, and given the momentum on price is upward, cryptojacking is a very present threat. |
Malware
Threat
|
|
|
|
2020-09-30 14:00:00 |
COVID-19 Creates Opening for OT Security Reform (lien direct) |
Operations technology was once considered low risk, at least until the virus came along and re-arranged the threat landscape. |
Threat
|
|
|
|
2020-08-28 13:05:00 |
TA542 Returns With Emotet: What\'s Different Now (lien direct) |
Researchers report the TA542 threat group has made code changes to its malware and started targeting new locations with Emotet. |
Malware
Threat
|
|
|
|
2020-08-20 14:00:00 |
Twitter Hack: The Spotlight that Insider Threats Need (lien direct) |
The high profile attack should spur serious board-level conversations around the importance of insider threat prevention. |
Threat
|
|
|
|
2020-08-03 16:45:00 |
DHS Urges \'Highest Priority\' Attention on Old Chinese Malware Threat (lien direct) |
"Taidoor" is a remote access tool that has been used in numerous cyber espionage campaigns since at least 2008. |
Malware
Tool
Threat
|
|
|
|
2020-06-25 09:00:00 |
\'GoldenSpy\' Malware Hidden in Tax Software Spies on Companies Doing Business in China (lien direct) |
Advanced persistent threat (APT) campaign aims to steal intelligence secrets from foreign companies operating in China. |
Malware
Threat
|
|
|
|
2020-06-11 17:30:00 |
ICS Threat Snake Ransomware Suspected in Honda Attack (lien direct) |
An attack targeting the automaker reportedly infected internal servers and led to the suspension of production at plants around the world. |
Ransomware
Threat
|
|
|