What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-10 16:24:51 | Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) | The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] | Threat Malware | ||
|
2022-10-10 13:50:03 | Toyota discloses data leak after access key exposed on GitHub (lien direct) | Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years. [...] | |||
|
2022-10-09 20:53:38 | Intel confirms leaked Alder Lake BIOS Source Code is authentic (lien direct) | Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party. [...] | |||
|
2022-10-09 15:26:40 | (Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-09 15:26:40 | Solana Phantom security update NFTs push password-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-08 11:18:09 | ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach (lien direct) | Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting the company's stolen files on their data leak site. [...] | Threat | ||
|
2022-10-08 10:11:22 | Callback phishing attacks evolve their social engineering tactics (lien direct) | The BazarCall malicious operation has evolved its social engineering methods, keeping the old fake charges lure for the first phase of the attack but then switching to pretending to help the victim deal with an infection or hack. [...] | |||
|
2022-10-06 14:03:17 | Meta sues app dev for stealing over 1 million WhatsApp accounts (lien direct) | Meta has sued several Chinese companies doing business as HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022. [...] | |||
|
2022-10-05 17:49:54 | FBI: Cyberattacks targeting election systems unlikely to affect results (lien direct) | The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting. [...] | |||
|
2022-10-05 13:21:19 | City of Tucson discloses data breach affecting over 125,000 people (lien direct) | The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. [...] | Data Breach | ||
|
2022-10-05 12:01:06 | Hundreds of Microsoft SQL servers backdoored with new malware (lien direct) | Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. [...] | Malware | ||
|
2022-10-05 07:00:00 | New Android malware \'RatMilad\' can steal your data, record audio (lien direct) | A new Android spyware named 'RatMilad' was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. [...] | Malware | ||
|
2022-10-04 19:08:56 | (Déjà vu) Hackers stole data from US defense org using Impacket, CovalentStealer (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-04 19:08:56 | US Govt: Hackers stole data from US defense org using new malware (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-04 12:43:38 | Optus confirms 2.1 million ID numbers exposed in data breach (lien direct) | Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month. [...] | Data Breach | ||
|
2022-10-03 18:42:13 | TD Bank discloses data breach after employee leaks customer info (lien direct) | TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud. [...] | Data Breach | ||
|
2022-10-03 14:35:40 | Russian retail chain \'DNS\' confirms hack after data leaked online (lien direct) | Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that allegedly exposed the personal information of 16 million customers and employees. [...] | Data Breach Hack | ★★★ | |
|
2022-10-03 13:58:56 | Live support service hacked to spread malware in supply chain attack (lien direct) | The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack. [...] | Malware | ||
|
2022-09-30 11:26:19 | Optus breach victims will get "supercharged" fraud protection (lien direct) | The Australian Federal Police (AFP) announced today the launch of Operation Guardian which will ensure that more than 10,000 customers who had their personal info leaked in the Optus data breach will get priority protection against fraud attempts. [...] | Data Breach | ||
|
2022-09-29 17:14:07 | Hacking group hides backdoor malware inside Windows logo image (lien direct) | Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [...] | Malware | ||
|
2022-09-29 10:32:16 | New Royal Ransomware emerges in multi-million dollar attacks (lien direct) | A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million. [...] | Ransomware | ★★★★★ | |
|
2022-09-29 09:00:18 | New malware backdoors VMware ESXi servers to hijack virtual machines (lien direct) | Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...] | Malware | ||
|
2022-09-29 03:05:27 | Upgraded Prilex Point-of-Sale malware bypasses credit card security (lien direct) | Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...] | Malware | ||
|
2022-09-28 12:06:26 | Stealthy hackers target military and weapons contractors in recent attack (lien direct) | Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. [...] | |||
|
2022-09-28 11:22:22 | New Chaos malware infects Windows, Linux devices for DDoS attacks (lien direct) | A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...] | Malware | ||
|
2022-09-28 10:06:03 | Wazuh - The free and open source XDR platform (lien direct) | Wazuh is a free and open source security platform that provides unified SIEM and XDR protection. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh is one of the fastest growing open source security solutions, with over 10 million downloads per year. [...] | |||
|
2022-09-27 17:08:49 | New NullMixer dropper infects your PC with a dozen malware families (lien direct) | A new malware dropper named 'NullMixer' is infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results. [...] | Malware | ||
|
2022-09-27 14:55:43 | Lazarus hackers drop macOS malware via Crypto.com job offers (lien direct) | The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. [...] | Malware Hack | APT 38 | |
|
2022-09-27 10:05:10 | Pass-the-Hash Attacks and How to Prevent them in Windows Domains (lien direct) | Hackers often start out with nothing more than a low-level user account and then work to gain additional privileges that will allow them to take over the network. One of the methods that is commonly used to acquire these privileges is a pass-the-hash attack. Here are five steps to prevent a pass-the-hash attack in a Windows domain. [...] | |||
|
2022-09-26 15:54:17 | New Erbium password-stealing malware spreads as game cracks, cheats (lien direct) | The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. [...] | Malware | ||
|
2022-09-26 14:40:47 | Hackers use PowerPoint files for \'mouseover\' malware delivery (lien direct) | Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. [...] | Malware | ||
|
2022-09-25 11:14:27 | Ransomware data theft tool may show a shift in extortion tactics (lien direct) | Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. [...] | Ransomware Malware Tool | ||
|
2022-09-24 12:54:20 | Windows 11 now warns when typing your password in Notepad, websites (lien direct) | Windows 11 22H2 was just released, and with it comes a new security feature called Enhanced Phishing Protection that warns users when they enter their Windows password in insecure applications or on websites. [...] | |||
|
2022-09-24 10:06:33 | (Déjà vu) American Airlines learned it was breached from phishing targets (lien direct) | American Airlines says its Cyber Security Response Team (CIRT) found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account. [...] | Data Breach | ||
|
2022-09-24 10:06:33 | American Airlines learned they were breached from phishing targets (lien direct) | American Airlines says its Cyber Security Response Team (CIRT) found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account. [...] | Data Breach | ||
|
2022-09-23 17:25:58 | The Week in Ransomware - September 23rd 2022 - LockBit leak (lien direct) | This week we saw some embarrassment for the LockBit ransomware operation when their programmer leaked a ransomware builder for the LockBit 3.0 encryptor. [...] | Ransomware | ||
|
2022-09-23 12:31:54 | npm packages used by crypto exchanges compromised (lien direct) | Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects, appear to have been compromised. Powered by the Ethereum blockchain, dydX is a decentralized exchange platform offering perpetual trading options for over 35 popular cryptocurrencies including Bitcoin (BTC) and Ether (ETH). [...] | |||
|
2022-09-23 09:24:13 | Ukraine dismantles hacker gang that stole 30 million accounts (lien direct) | The cyber department of Ukraine's Security Service (SSU) has taken down a group of hackers that stole accounts of about 30 million individuals and sold them on the dark web. [...] | |||
|
2022-09-23 07:17:34 | Train to become an ethical hacker with this $35 course deal (lien direct) | The point is, if you want to advance your career in IT and get a better handle on cyber threat mitigation, then The 2023 Complete Cyber Security Ethical Hacking Certification Bundle is a great place to start. It's convenient, it's fun, and since it's on sale, it's very easy to afford. [...] | Threat | ||
|
2022-09-21 15:35:04 | Twitter failed to log you out of all devices after password resets (lien direct) | Twitter logged out some users after addressing a bug where some Twitter accounts remained logged on some mobile devices after voluntary password resets. [...] | |||
|
2022-09-21 14:44:10 | FBI: Iranian hackers lurked in Albania\'s govt network for 14 months (lien direct) | The Federal Bureau of Investigation (FBI) and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months. [...] | Threat | ||
|
2022-09-21 13:55:49 | Malwarebytes mistakenly blocks Google, YouTube for malware (lien direct) | Malwarebytes has addressed a false positive that was blocking users from accessing websites and services hosted on the google.com domain, including Google search and Youtube. [...] | Malware | ||
|
2022-09-21 10:05:10 | DDoS and bot attacks in 2022: Business sectors at risk and how to defend (lien direct) | According to Gcore, in 2022, the number and volume of DDoS attacks will roughly double compared to 2021. The average attack power will grow from 150-300 Gbps to 500-700 Gbps. Andrew Slastenov, Head of Web Security, at Gcore talks to his colleagues about trends in the cybersecurity market: [...] | |||
|
2022-09-20 18:31:48 | Imperva mitigated long-lasting, 25.3 billion request DDoS attack (lien direct) | Internet security company Imperva has announced its DDoS (distributed denial of service) mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers. [...] | |||
|
2022-09-20 18:12:15 | 2K Games says hacked help desk targeted players with malware (lien direct) | American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. [...] | Malware | ||
|
2022-09-20 16:33:51 | Hive ransomware claims attack on New York Racing Association (lien direct) | The Hive ransomware operation claimed responsibility for an attack on the New York Racing Association (NYRA), which previously disclosed that a cyber attack on June 30, 2022, impacted IT operations and website availability and compromised member data. [...] | Ransomware | ||
|
2022-09-20 12:13:10 | (Déjà vu) 2K game support hacked to email RedLine info-stealing malware (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-20 12:13:10 | Game dev 2K\'s support site hacked to push malware via fake tickets (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-20 10:06:03 | Top 8 takeaways from the VMWare Cybersecurity Threat Report (lien direct) | VMware has recently released the 2022 edition of its annual Global Incident Response Threat Report. It is critically important for IT professionals to understand these trends and what they could mean for your organization's cyber security efforts. Let's break down VMware's 8 key findings and offer meaningful insights into each. [...] | Threat | ||
|
2022-09-20 06:30:15 | MFA Fatigue: Hackers\' new favorite tactic in high-profile breaches (lien direct) | Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue. [...] |
To see everything:
Our RSS (filtrered)
