What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-14 06:05:01 | FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks (lien direct) | A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion.
According to FireEye's Mandiant threat intelligence team, the collective - known as FIN11 - has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying |
Ransomware Malware Threat | ||
|
2020-10-02 02:59:55 | Researchers Fingerprint Exploit Developers Who Help Several Malware Authors (lien direct) | Writing advanced malware for a threat actor requires different groups of people with diverse technical expertise to put them all together. But can the code leave enough clues to reveal the person behind it?
To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits |
Malware Threat | ||
|
2020-09-30 02:29:01 | Chinese APT Group Targets Media, Finance, and Electronics Sectors (lien direct) | Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China.
Linking the attacks to Palmerworm (aka BlackTech) - likely a China-based advanced persistent threat (APT) - Symantec's Threat Hunter Team said the first wave of activity associated with this campaign began last |
Threat | ||
|
2020-09-28 06:27:05 | Researchers Uncover Cyber Espionage Operation Aimed At Indian Army (lien direct) | Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information.
Dubbed "Operation SideCopy" by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an advanced persistent threat (APT) group that has successfully managed to stay |
Threat | ||
|
2020-09-19 04:24:39 | Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents (lien direct) | Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information.
The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts - one for |
Threat | ||
|
2020-09-18 01:45:03 | U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence (lien direct) | The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors.
According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target |
Malware Threat | ||
|
2020-09-15 02:14:30 | CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities.
"CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information |
Threat | ||
|
2020-09-09 08:21:50 | Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine (lien direct) | We have all heard of the "cybersecurity skills gap" - firms' inability to hire and retain high-level cybersecurity talent.
I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to |
Threat | ||
|
2020-09-02 01:54:16 | New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data (lien direct) | Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit.
In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers.
"For threat actors, |
Threat | ||
|
2020-08-26 02:33:05 | APT Hackers Exploit Autodesk 3D Max Software for Industrial Espionage (lien direct) | It's one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it's an entirely different matter when they are used as "hackers for hire" by competing private companies to make away with confidential information.
Bitdefender's Cyber Threat Intelligence Lab discovered yet another instance of an espionage attack targeting an unnamed international |
Threat | ||
|
2020-08-19 04:36:17 | XDR: The Next Level of Prevention, Detection and Response [New Guide] (lien direct) | One new security technology we keep hearing about is Extended Detection and Response (XDR).
This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control and integration technologies.
Think of XDR as prepackaged EDR, NTA, UEBA (and perhaps other |
Threat | ||
|
2020-07-27 23:57:33 | QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices (lien direct) | Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP's network-attached storage (NAS) appliances.
Called QSnatch (or Derek), the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America.
" |
Malware Threat | ||
|
2020-07-21 08:05:25 | Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions (lien direct) | An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News.
The attacks were observed during the first week of July, coinciding the passage of controversial security law in Hong |
Threat | ||
|
2020-07-17 03:23:46 | Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online (lien direct) | An OPSEC error by an Iranian threat actor has laid bare the inner workings of the hacking group by providing a rare insight into the "behind-the-scenes look into their methods."
IBM's X-Force Incident Response Intelligence Services (IRIS) got hold of nearly five hours worth of video recordings of the state-sponsored group it calls ITG18 (also called Charming Kitten, Phosphorous, or APT35) that |
Threat Conference | APT 35 | ★★★★★ |
|
2020-07-06 04:40:46 | Cato MDR: Managed Threat Detection and Response Made Easy (lien direct) | Lately, we can't help noticing an endless cycle where the more enterprises invest in threat prevention; the more hackers adapt and continue to penetrate enterprises.
To make things worse, detecting these penetrations still takes too long with an average dwell time that exceeds 100 (!) days.
To keep the enterprise protected, IT needs to figure out a way to break this endless cycle without |
Threat | ||
|
2020-07-01 03:43:24 | Use This Definitive RFP Template to Effectively Evaluate XDR solutions (lien direct) | A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response.
Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions.
XDR has been referred to as the next step in the evolution of Endpoint |
Threat | ||
|
2020-06-30 00:45:13 | Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware (lien direct) | Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes.
The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to control compromised machines, cybersecurity firm Bitdefender said in a report shared with The Hacker |
Threat | ||
|
2020-06-25 03:42:20 | Docker Images Containing Cryptojacking Malware Distributed via Docker Hub (lien direct) | With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies.
According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the |
Malware Threat | ||
|
2020-06-23 04:03:32 | VirusTotal Adds Cynet\'s Artificial Intelligence-Based Malware Detection (lien direct) | VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.
VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, |
Malware Threat | ||
|
2020-06-23 01:53:35 | Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards (lien direct) | Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.
According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for |
Threat | ||
|
2020-06-18 02:50:48 | InvisiMole Hackers Target High-Profile Military and Diplomatic Entities (lien direct) | Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage.
The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting in an extensive look into InvisiMole's operations and the group's tactics, tools, and procedures |
Threat | ||
|
2020-06-11 14:35:49 | A Bug in Facebook Messenger for Windows Could\'ve Helped Malware Gain Persistence (lien direct) | Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows.
The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already |
Malware Vulnerability Threat | ||
|
2020-06-04 01:31:39 | New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers (lien direct) | A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday.
The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported custom |
Tool Threat | ||
|
2020-05-21 01:11:42 | Iranian APT Group Targets Governments in Kuwait and Saudi Arabia (lien direct) | Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia.
Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known for its attacks on telecommunication and travel industries in the Middle East to collect personal |
Threat Prediction | APT 39 | |
|
2020-05-12 02:59:54 | Cynet Offers IR Specialists Grants up to $1500 for each IR Engagement (lien direct) | In the past, the autonomous breach protection company Cynet announced that it is making Cynet 360 threat detection and response platform available at no charge for IR (incident response) service providers and consultants.
Today Cynet takes another step and announces a $500 grant for Incident Responders for each IR engagement in which Cynet 360 was used, with an additional $1,000 grant if the |
Threat | ||
|
2020-04-16 05:59:15 | Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository (lien direct) | As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on.
In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 |
Threat | ||
|
2020-04-15 03:40:12 | 49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets (lien direct) | Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are |
Threat | ||
|
2020-04-14 06:52:10 | Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks (lien direct) | Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS.
Dubbed 'SafeBIOS Events & Indicators of Attack' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their |
Tool Threat | ||
|
2020-04-08 03:55:51 | Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild (lien direct) | Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.
The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as |
Malware Threat | ||
|
2020-04-07 01:49:27 | Secure Remote Working During COVID-19 - Checklist for CISOs (lien direct) | Coronavirus crisis introduces a heavy burden on the CISOs with the collective impact of a mass transition to working remotely coupled with a surge of cyberattacks that strive to monetize the general chaos.
Security vendors, unintendedly, contribute to this burden by a relentless generation of noise in the form of attack reports, best practices, tips, and threat landscape analysis.
Here we |
Threat | ||
|
2020-03-24 06:12:09 | How to Provide Remote Incident Response During the Coronavirus Times (lien direct) | While the Coronavirus pandemic continues to strike chaos across the global economies, threat actors keep on launching cyberattacks on organizations from all sizes and verticals.
IR providers face a unique challenge when approached by these organizations since, due to the Coronavirus mass quarantine, conducting incident response engagements by arriving physically to the customers' offices is |
Threat | ||
|
2020-03-18 08:52:53 | How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats (lien direct) | The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations.
Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors.
In light of these insights, Cynet has also shared a few ways to best prepare for the |
Threat | ||
|
2020-03-18 03:38:50 | Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait (lien direct) | As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.
Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own |
Malware Threat | ||
|
2020-03-11 09:57:10 | Beware of \'Coronavirus Maps\' – It\'s a malware infecting PCs to steal passwords (lien direct) | Cybercriminals will stop at nothing to exploit every chance to prey on internet users.
Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks.
Reason Cybersecurity recently released a threat analysis report detailing a new attack that takes advantage of internet users' |
Malware Threat | ||
|
2020-03-03 04:50:15 | Download Guide - Advanced Threat Protection Beyond the AV (lien direct) | At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment.
The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutions (represented by vendors like Crowdstrike and Carbon Black) or Network Traffic Analysis/NDR |
Threat | ||
|
2020-02-21 08:50:15 | Microsoft Brings Defender Antivirus for Linux, Coming Soon for Android and iOS (lien direct) | Almost within a year after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian.
If this news hasn't gotten you excited yet...
Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and |
Threat | ||
|
2020-02-19 03:43:46 | US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences.
The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed |
Ransomware Threat | ||
|
2020-02-18 03:42:33 | Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations (lien direct) | Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive.
Cynet changes the rules of the game with a free threat assessment offering (click here to learn more) based on more than 72 hours of data collection, enabling |
Threat | ||
|
2020-01-20 04:22:32 | Evaluating Your Security Controls? Be Sure to Ask the Right Questions (lien direct) | Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options.
But what do you specifically want to know? And how are the findings relevant to the threat landscape you face at this moment?
"Decide what you want to know and then choose the best tool for the job." |
Tool Threat | ||
|
2019-12-25 08:44:16 | How Organizations Can Defend Against Advanced Persistent Threats (lien direct) | Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time.
They typically perform complex hacks that allow them to steal or destroy data and resources.
According to Accenture, APTs have been organizing themselves into groups that |
Threat | ||
|
2019-11-27 02:22:58 | Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019 (lien direct) | As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year.
According to a report published by Google's Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with "credential phishing emails" that tried to trick |
Threat | ||
|
2019-11-15 01:32:52 | Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping (lien direct) | It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously.
Starting with the country's first-ever conviction for 'SIM Swapping' this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from victims.
In the latest |
Threat | ||
|
2019-11-14 06:01:49 | Hackers Impersonating Financial Agencies Target German, Italian, US Firms (lien direct) | Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware.
Though the new malware campaigns are not customized for each organization, the threat actors appear to be more |
Ransomware Malware Threat | ||
|
2019-11-07 03:58:44 | Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers (lien direct) | Do you always uncomfortable trusting companies with your data? If so, you're not alone.
While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data.
Unfortunately, when we say companies can't eliminate insider threat completely, cybersecurity firms, who are meant to protect others, are not an exception.
Cybersecurity firm |
Threat | ||
|
2019-10-02 05:00:02 | A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments (lien direct) | Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems.
Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has slowed down the success of phishing and social engineering attacks over the years.
Since phishing |
Threat | ||
|
2019-09-30 06:06:27 | Pay What You Wish - 9 Hacking Certification Training Courses in 1 Bundle (lien direct) | The greatest threat facing most nations is no longer a standing army. It's a hacker with a computer who can launch a crippling cyber attack from thousands of miles away-potentially taking down everything from server farms to entire power grids with a few lines of code.
So it should come as no surprise that virtually every major company in both the public and private sector-as well as national |
Threat | ||
|
2019-09-24 00:48:06 | Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw (lien direct) | It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild.
Discovered by Clément Lecigne of Google's Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the |
Vulnerability Threat | ||
|
2019-09-18 03:29:53 | The Definitive RFP Templates for EDR/EPP and APT Protection (lien direct) | Advanced Persistent Threats groups were once considered a problem that concerns Fortune 100 companies only. However, the threat landscape of the recent years tells otherwise-in fact, every organization, regardless of vertical and size is at risk, whether as a direct target, supply chain or collateral damage.
The vast majority of security decision-makers acknowledge they need to address the |
Threat | ||
|
2019-09-12 02:28:40 | (Déjà vu) CISO Kit - Breach Protection in the Palm of Your Hand (lien direct) | CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail.
Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing the |
Threat | ||
|
2019-09-11 04:54:04 | Breach Protection in the Palm of Your Hand (lien direct) | CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail.
Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing |
Threat |
To see everything:
Our RSS (filtrered)
