What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-19 14:00:00 | Holiday Spam, Phishing Campaigns Challenge Retailers (lien direct) | Revived levels of holiday spending have caught the eye of threat actors who exploit consumer behaviors and prey on the surge of online payments and digital activities during the holidays. | Threat | ★★ | |
|
2022-12-16 20:50:00 | New Botnet Targeting Minecraft Servers Poses Potential Enterprise Threat (lien direct) | Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers. | Threat | ★★★ | |
|
2022-12-15 16:20:20 | Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) | Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. | Malware Threat Prediction | ★★★ | |
|
2022-12-14 22:00:20 | NSA Slices Up 5G Mobile Security Risks (lien direct) | The feds' mobile service provider guidance details cybersecurity threat vectors associated with 5G network slicing. | Threat | ★★ | |
|
2022-12-14 21:20:00 | Cybereason Warns Global Organizations Against Destructive Ransomware Attacks From Black Basta Gang (lien direct) | The Royal Ransomware Group has emerged as a threat to companies in 2022 and they have carried out dozens of successful attacks on global companies. Cybereason suggests that companies raise their awareness of this potential pending threat. | Ransomware Threat | ★★ | |
|
2022-12-14 15:06:25 | Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks (lien direct) | The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains. | Threat | ★★★ | |
|
2022-10-12 13:30:55 | InterVision Announces Study Identifying Ransomware as No. 1 Threat to Business Longevity (lien direct) | InterVision releases a new website focused on the customer experience, making B2B cybersecurity purchasing decisions easier. | Ransomware Threat | ||
|
2022-10-07 22:52:00 | Credential Harvesting Is Retail Industry\'s Top Threat (lien direct) | Why bother with new tactics and exploits when the old tricks are still effective? | Threat | ||
|
2022-10-05 17:00:00 | Giving Away the Keys to Your Backups? Here\'s How to Keep Out Hackers (lien direct) | As threat actors' sophistication has grown dramatically in the last few years, organizations haven't kept up with implementing the necessary countermeasure controls. | Threat | ||
|
2022-10-05 14:00:00 | Why Don\'t CISOs Trust Their Employees? (lien direct) | Executives fear "malicious insiders" as top cyber threat to companies, research shows. Reasonable steps to secure and monitor systems may prevent reputational damage but are not enough. | Threat | ||
|
2022-10-05 14:00:00 | 7 Practical Considerations for Effective Threat Intelligence (lien direct) | If your security team is considering, planning, building, or operating a threat intelligence capability, this advice can help. | Threat | ||
|
2022-10-04 14:37:39 | Steam Gaming Phish Showcases Browser-in-Browser Threat (lien direct) | Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses. | Threat | ||
|
2022-09-30 20:00:00 | The Top 4 Mistakes in Security Programs to Avoid (lien direct) | Overlooking even just a single security threat can severely erode a company's community and consumer confidence, tarnish reputation and brand, negatively impact corporate valuations, provide competitors with an advantage, and create unwanted scrutiny. | Threat | ||
|
2022-09-30 19:10:40 | Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here (lien direct) | It's time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cybercriminals, even unsophisticated ones. | Threat | ||
|
2022-09-29 19:26:44 | Dangerous New Attack Technique Compromising VMware ESXi Hypervisors (lien direct) | China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says. | Threat | ||
|
2022-09-27 15:05:03 | Adversaries Continue Cyberattacks with Greater Precision and Innovative Attack Methods According to NETSCOUT Report (lien direct) | TCP-based, DNS water-torture, and carpet-bombing attacks dominate the DDoS threat landscape, while Ireland, India, Taiwan, and Finland are battered by DDoS attacks resulting from the Russia/Ukraine war. | Threat | ||
|
2022-09-26 16:01:29 | Cyber Threat Alliance Extends Membership to 6+ Leading Cybersecurity Companies (lien direct) | CTA now has 36 members headquartered in 11 countries who follow cyber activities across the world, showing cybersecurity industry members realize the value in collaboration. | Threat | ||
|
2022-09-22 20:48:20 | Developer Leaks LockBit 3.0 Ransomware-Builder Code (lien direct) | Code could allow other attackers to develop copycat versions of the malware, but it could help researchers understand the threat better as well. | Threat | ||
|
2022-09-20 20:33:17 | ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat (lien direct) | Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises. | Malware Threat | ||
|
2022-09-20 17:00:00 | How to Dodge New Ransomware Tactics (lien direct) | The evolving tactics increase the threat of ransomware operators, but there are steps organizations can take to protect themselves. | Ransomware Threat | ||
|
2022-09-19 18:12:03 | Cyberattackers Make Waves in Hotel Swimming Pool Controls (lien direct) | Pool controllers exposed to the Internet with default passwords let threat actors tweak pool pH levels, and potentially more. | Threat | ||
|
2022-09-15 14:40:15 | Unflagging Iranian Threat Activity Spurs Warnings, Indictments From US Government (lien direct) | Authorities are cracking down on persistent cybercriminal attacks from APTs associated with Iran's Islamic Revolutionary Guard Corps. | Threat | ||
|
2022-09-14 13:00:00 | TeamTNT Hits 150K Docker Containers via Malicious Cloud Images (lien direct) | Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says. | Threat | ★★★★ | |
|
2022-09-13 19:43:44 | ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools (lien direct) | Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer. | Threat | ||
|
2022-09-08 17:22:52 | A Pragmatic Response to the Quantum Threat (lien direct) | You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality. | Threat | ||
|
2022-09-07 21:50:17 | Pen Testing Evolves for the DevSecOps World (lien direct) | Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design. | Threat | ★★★ | |
|
2022-09-06 20:44:34 | Mysterious \'Worok\' Group Launches Spy Effort With Obfuscated Code, Private Tools (lien direct) | The threat actor - whose techniques and procedures do not match known groups - has created custom attack tools, including a program that hides scripts in .PNG images. | Threat | ||
|
2022-09-06 20:16:44 | TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks (lien direct) | What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns. | Malware Threat | ||
|
2022-09-06 19:51:08 | As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks (lien direct) | Hours after Los Angeles Unified School District hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector. | Ransomware Threat | ||
|
2022-09-02 14:00:00 | The Makings of a Successful Threat-Hunting Program (lien direct) | Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers. | Threat | ||
|
2022-08-31 20:09:09 | Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack (lien direct) | The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months. | Threat | ||
|
2022-08-24 17:33:27 | VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data (lien direct) | An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks. | Threat | ||
|
2022-08-24 15:30:01 | Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account (lien direct) | In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials. | Threat | ||
|
2022-08-24 14:38:30 | Acronis\' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023 (lien direct) | Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection. | Ransomware Threat Guideline | ||
|
2022-08-24 14:00:00 | Why Empathy Is the Key to Better Threat Modeling (lien direct) | Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams. | Threat | ||
|
2022-08-22 17:31:29 | Secureworks: How To Distinguish Hype From Reality With AI in SecOps (lien direct) | Secureworks' Nash Borges describes how his team has applied AI and ML to threat detection. | Threat | ||
|
2022-08-22 14:31:29 | Cisco: All Intelligence is Not Created Equal (lien direct) | Threat intel has changed over the years and that's changed how customers use it, says Matt Olney, director of Talos threat intelligence and interdiction at Cisco. | Threat | ||
|
2022-08-21 19:31:29 | Mimecast: Mitigating Risk Across a Complex Threat Landscape (lien direct) | Garret O'Hara of Mimecast discusses how companies can bolster security of their Microsoft 365 and Google Workspace environments, since cloud services often add complexity. | Threat | ||
|
2022-08-18 18:34:08 | China\'s APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload (lien direct) | The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access. | Tool Threat | APT 41 | |
|
2022-08-18 01:00:00 | Google Cloud Adds Curated Detection to Chronicle (lien direct) | The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team. | Threat | ||
|
2022-08-17 16:35:51 | \'Operation Sugarush\' Mounts Concerning Spy Effort on Shipping, Healthcare Industries (lien direct) | A suspected Iranian threat actor known as UNC3890 is gathering intel that could be used for kinetic strikes against global shipping targets. | Threat | ★★★★★ | |
|
2022-08-16 19:54:24 | Microsoft Disrupts Russian Group\'s Multiyear Cyber-Espionage Campaign (lien direct) | "Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says. | Threat | ||
|
2022-08-16 14:00:00 | Lessons From the Cybersecurity Trenches (lien direct) | Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts. | Threat | ||
|
2022-08-12 22:00:00 | Cybercriminals Weaponizing Ransomware Data For BEC Attacks (lien direct) | Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks. | Ransomware Threat | ||
|
2022-08-11 16:21:18 | New Cross-Industry Group Launches Open Cybersecurity Framework (lien direct) | 18 companies led by Amazon and Splunk announced the OCSF framework, to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications. | Threat | ||
|
2022-08-11 00:08:11 | New HTTP Request Smuggling Attacks Target Web Browsers (lien direct) | Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says. | Threat | ||
|
2022-08-10 15:47:13 | OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022 (lien direct) | Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers. | Malware Threat | ||
|
2022-08-10 14:46:53 | Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape (lien direct) | New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities. | Malware Threat | ||
|
2022-08-09 15:26:02 | Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale (lien direct) | New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations. | Threat | ||
|
2022-08-09 14:00:00 | Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks (lien direct) | Machine-learning algorithms alone may miss signs of a successful attack on your organization. | Threat |
To see everything:
Our RSS (filtrered)
