What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-01 09:10:12 | SideWinder hackers plant fake Android VPN app in Google Play Store (lien direct) | Phishing campaigns attributed to an advanced threat actor called SideWinder involved a fake VPN app for Android devices published on Google Play Store along with a custom tool that filters victims for better targeting. [...] | Tool Threat | APT-C-17 | |
|
2022-06-01 07:32:43 | Ransomware attacks need less than four days to encrypt systems (lien direct) | The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019. [...] | Ransomware | ||
|
2022-06-01 06:00:00 | Telegram\'s blogging platform abused in phishing attacks (lien direct) | Telegram's anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform's lax policies to set up interim landing pages that lead to the theft of account credentials. [...] | Guideline | ||
|
2022-05-31 19:10:09 | Hackers steal WhatsApp accounts using call forwarding trick (lien direct) | There's a trick that allows attackers to hijack a victim's WhatsApp account and gain access to personal messages and contact list. [...] | |||
|
2022-05-31 18:00:17 | Windows MSDT zero-day now exploited by Chinese APT hackers (lien direct) | Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely on Windows systems. [...] | Vulnerability Threat | ||
|
2022-05-31 16:02:01 | Over 3.6 million MySQL servers found exposed on the Internet (lien direct) | Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. [...] | |||
|
2022-05-31 15:43:51 | FBI warns of Ukrainian charities impersonated to steal donations (lien direct) | Scammers are claiming to be collecting donations to help Ukrainian refugees and war victims while impersonating legitimate Ukrainian humanitarian aid organizations, according to the Federal Bureau of Investigation (FBI). [...] | |||
|
2022-05-31 13:34:25 | Costa Rica\'s public health agency hit by Hive ransomware (lien direct) | All computer systems on the network of Costa Rica's public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. [...] | Ransomware | ||
|
2022-05-31 11:45:04 | New XLoader botnet uses probability theory to hide its servers (lien direct) | Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware's operation. [...] | Malware Threat | ||
|
2022-05-31 10:06:48 | Aligning Your Password Policy enforcement with NIST Guidelines (lien direct) | Although most organizations are not required by law to comply with NIST standards, it is usually in an organization's best interest to follow NIST's cybersecurity standards. This is especially true for NIST's password guidelines. [...] | |||
|
2022-05-31 05:18:39 | Microsoft shares mitigation for Office zero-day exploited in attacks (lien direct) | Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. [...] | |||
|
2022-05-30 16:00:01 | Vodafone plans carrier-level user tracking for targeted ads (lien direct) | Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. [...] | |||
|
2022-05-30 14:10:44 | Italy warns organizations to brace for incoming DDoS attacks (lien direct) | The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday. [...] | |||
|
2022-05-30 12:13:12 | Google quietly bans deepfake training projects on Colab (lien direct) | Google has quietly banned deepfake projects on its Colaboratory (Colab) service, putting an end to the large-scale utilization of the platform's resources for this purpose. [...] | |||
|
2022-05-30 11:07:15 | Three Nigerians arrested for malware-assisted financial crimes (lien direct) | Interpol has announced the arrest of three Nigerian men in Lagos, who are suspected of using remote access trojans (RATs) to reroute financial transactions and steal account credentials. [...] | |||
|
2022-05-30 10:23:43 | New Microsoft Office zero-day used in attacks to execute PowerShell (lien direct) | Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. [...] | Vulnerability | ||
|
2022-05-29 12:39:55 | (Déjà vu) EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 12:39:55 | EnemyBot malware adds exploits for critical bugs in VMware, F5 BIG-IP (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 11:15:22 | Mobile trojan detections rise as malware distribution level declines (lien direct) | Kaspersky's quarterly report on mobile malware distribution records a downward trend that started at the end of 2020, detecting one-third of the malicious installations reported in Q1 2021, and about 85% of those counted in Q4 2021. [...] | Malware | ||
|
2022-05-29 10:00:00 | New Yorker imprisoned for role in carding group behind $568M damages (lien direct) | John Telusma, a 37-year-old man from New York, was sentenced to four years in prison for selling and using stolen and compromised credit cards on the Infraud carding portal operated by the transnational cybercrime organization with the same name. [...] | |||
|
2022-05-28 15:53:15 | Microsoft: The new Windows 11 features from Build 2022 (lien direct) | During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...] | |||
|
2022-05-28 11:10:00 | Clop ransomware gang is back, hits 21 victims in a single month (lien direct) | After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...] | Ransomware | ||
|
2022-05-28 10:01:33 | New Windows Subsystem for Linux malware steals browser auth cookies (lien direct) | Hackers are showing an increased interest in the Windows Subsystem for Linux (WSL) as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. [...] | Malware | ||
|
2022-05-27 16:26:39 | FBI warns of hackers selling credentials for U.S. college networks (lien direct) | Cybercriminals are offering to sell for thousands of U.S. dollars network access credentials for higher education institutions based in the United States. [...] | |||
|
2022-05-27 14:40:49 | GitHub: Attackers stole login details of 100K npm user accounts (lien direct) | GitHub revealed today that an attacker stole the login details of roughly 100,000 npm accounts during a mid-April security breach with the help of stolen OAuth app tokens issued to Heroku and Travis-CI. [...] | |||
|
2022-05-27 13:06:56 | Microsoft finds severe bugs in Android apps from large mobile providers (lien direct) | Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. [...] | |||
|
2022-05-27 11:59:34 | Microsoft to force better security defaults for all Azure AD tenants (lien direct) | Microsoft has announced that it will force enable stricter secure default settings known as 'security defaults' on all existing Azure Active Directory (Azure AD) tenants starting in late June 2022. [...] | |||
|
2022-05-27 09:23:18 | BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (lien direct) | Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. [...] | Ransomware | ||
|
2022-05-26 17:21:44 | Intuit warns of QuickBooks phishing threatening to suspend accounts (lien direct) | Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. [...] | |||
|
2022-05-26 16:14:52 | Microsoft: Windows 11 22H2 has reached RTM with build 22621 (lien direct) | Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing (RTM) build, meaning that the development of Window's 11 next feature update is ready for release. [...] | |||
|
2022-05-26 15:44:58 | Windows 11 KB5014019 breaks Trend Micro ransomware protection (lien direct) | This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...] | Ransomware | ★★★ | |
|
2022-05-26 15:11:03 | OAS platform vulnerable to critical RCE and API access flaws (lien direct) | Threat analysts have disclosed vulnerabilities affecting the Open Automation Software (OAS) platform, leading to device access, denial of service, and remote code execution. [...] | Threat Guideline | ★★★ | |
|
2022-05-26 14:21:33 | Exploit released for critical VMware auth bypass bug, patch now (lien direct) | Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...] | Vulnerability | ||
|
2022-05-26 11:46:14 | Microsoft shares mitigation for Windows KrbRelayUp LPE attacks (lien direct) | Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...] | |||
|
2022-05-26 10:06:03 | Zyxel warns of flaws impacting firewalls, APs, and controllers (lien direct) | Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...] | |||
|
2022-05-26 09:26:59 | Google shut down caching servers at two Russian ISPs (lien direct) | Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...] | |||
|
2022-05-26 08:02:01 | Industrial Spy data extortion market gets into the ransomware game (lien direct) | The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...] | Ransomware | ||
|
2022-05-26 03:16:08 | New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps (lien direct) | The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. [...] | Malware | ||
|
2022-05-25 17:51:27 | FTC fines Twitter $150M for using 2FA info for targeted advertising (lien direct) | The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [...] | |||
|
2022-05-25 16:54:59 | Microsoft adds support for WSL2 distros on Windows Server 2022 (lien direct) | Microsoft has announced that Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...] | |||
|
2022-05-25 15:25:48 | New \'Cheers\' Linux ransomware targets VMware ESXi servers (lien direct) | A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...] | Ransomware | ||
|
2022-05-25 14:31:53 | Microsoft adds Office subscriptions to Windows 11 account settings (lien direct) | Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...] | |||
|
2022-05-25 13:00:00 | New ChromeLoader malware surge threatens browsers worldwide (lien direct) | The ChromeLoader malware is seeing an uptick in detections this month, following a relatively stable operation volume since the start of the year, which means that the malvertiser is now becoming a widespread threat. [...] | Malware | ||
|
2022-05-25 12:41:50 | Tails 5.0 Linux users warned against using it "for sensitive information" (lien direct) | Tails developers have warned users to stop using the portable Debian-based Linux distro until the next release if they're entering or accessing sensitive information using the bundled Tor Browser application. [...] | |||
|
2022-05-25 11:54:46 | Darknet market Versus shuts down after hacker leaks security flaw (lien direct) | The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. [...] | |||
|
2022-05-25 10:00:01 | Is 100% Cybersecurity Readiness Possible? Medical Device Pros Weigh In (lien direct) | As medical devices become more connected and reliant on software, their codebase grows both in size and complexity, and they are increasingly reliant on third-party and open source software components. Learn more from 150 senior decision makers who oversee product security or cybersecurity compliance in the medical device industry, [...] | |||
|
2022-05-25 09:42:26 | (Déjà vu) Hacker says hijacking libraries, stealing AWS keys was ethical research (lien direct) | The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...] | |||
|
2022-05-25 09:42:26 | Hacker of Python, PHP libraries: no "malicious activity" was intended (lien direct) | The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...] | |||
|
2022-05-25 09:04:40 | Interpol arrests alleged leader of the SilverTerrier BEC gang (lien direct) | After a year-long investigation that involved Interpol and several cybersecurity companies, the Nigeria Police Force has arrested an individual believed to be in the top ranks of a prominent business email compromise (BEC) group known as SilverTerrier or TMT. [...] | |||
|
2022-05-25 07:43:34 | (Déjà vu) SpiceJet airline passengers stranded after ransomware attack (lien direct) | Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
