What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-20 04:10:00 | 483 Crypto.com accounts compromised in $34 million hack (lien direct) | Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform. [...] | Hack | ||
 |
2022-01-20 01:17:58 | Red Cross implores hackers not to leak data for 515k “highly vulnerable people” (lien direct) | Hack on Red Cross storage contractor follows a separate hacking incident last year. | Hack | ||
 |
2022-01-18 08:00:00 | Yi Hack – Pour débrider les caméras Xiaomi et profiter gratuitement du RTSP (lien direct) | Yi Hack - Pour débrider les caméras Xiaomi et profiter gratuitement du RTSP | Hack | ||
 |
2022-01-17 11:40:12 | Personal Information Compromised in Goodwill Website Hack (lien direct) | Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach. | Hack | ||
|
2022-01-16 14:19:42 | Ukraine Says Has \'Evidence\' Russia Behind Cyberattack (lien direct) | Ukraine said Sunday it had evidence that Russia was behind a massive cyberattack that knocked out key government websites this past week, as Microsoft warned the hack could be far worse than first thought. | Hack | ||
|
2022-01-13 20:42:20 | Microwave hack replaces flat keypad with mechanical keyboard switches (lien direct) | Keyboard switches give this microwave a more tactile feel. | Hack | ||
 |
2022-01-11 14:52:46 | Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers (lien direct) | Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. The ransomware gang started its operations on December 27, 2021, and […] | Ransomware Hack Vulnerability | ||
|
2022-01-11 06:24:43 | Night Sky ransomware uses Log4j bug to hack VMware Horizon servers (lien direct) | The Night Sky ransomware gang has started to exploit the critical CVE-2021-4422 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems. [...] | Ransomware Hack Vulnerability | ||
|
2022-01-07 15:47:57 | Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns (lien direct) | A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web shells. The security team at the UK National Health Service (NHS) announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An unknown threat group has […] | Hack Vulnerability Threat | ||
|
2022-01-07 01:00:47 | Rights Group Verifies Polish Senator Was Hacked With Spyware (lien direct) | Amnesty International said Thursday it has independently confirmed that powerful spyware from the Israeli surveillance software maker NSO Group was used to hack a Polish senator multiple times in 2019 when he was running the opposition's parliamentary election campaign. | Hack | ||
 |
2022-01-05 19:55:00 | Anomali Cyber Watch: $5 Million Breach Extortion, APTs Using DGA Subdomains, Cyberespionage Group Incorporates A New Tool, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Cyberespionage, Data breach, DGA, Infostealer, Phishing, Rootkit, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Fintech Firm Hit by Log4j Hack Refuses to Pay $5 Million Ransom
(published: December 29, 2021)
The Vietnamese crypto trading, ONUS, was breached by unknown threat actor(s) by exploiting the Log4Shell (CVE-2021-44228) vulnerability between December 11 and 13. The exploited target was an AWS server running Cyclos, which is a point-of-sale software provider, and the server was only intended for sandbox purposes. Actors were then able to steal information via the misconfigured AWS S3 buckets containing information on approximately two million customers. Threat actors then attempted to extort five million dollars (USD).
Analyst Comment: Although Cyclos issued a warning to patch on December 13, the threat actors had already gained illicit access. Even though Log4Shell provided initial access to the compromised server, it was the misconfigured buckets the actors took advantage of to steal data.
MITRE ATT&CK: [MITRE ATT&CK] Exploitation for Client Execution - T1203
Tags: ONUS, Log4Shell, CVE-2021-44228,
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
(published: December 29, 2021)
Palo Alto Networks Unit42 researchers have published a report based on their tracking of strategically-aged malicious domains (registered but not used until a specific time) and their domain generation algorithm (DGA) created subdomains. Researchers found two Pegasus spyware command and control domains that were registered in 2019 and were not active until July 2021. A phishing campaign using DGA subdomains that were similar to those used during the SolarWinds supply chain attack was also identified.
Analyst Comment: Monitor your networks for abnormal DNS requests, and have bandwidth limitations in place, if possible, to prevent numerous connections to DGA domains. Knowing which DGAs are most active in the wild will allow you to build a proactive defense by detecting any DGA that is in use. Anomali can detect DGA algorithms used by malware to assist in defending against these types of threats.
MITRE ATT&CK: [MITRE ATT&CK] Dynamic Resolution - T1568 | [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Application Layer Protocol - T1071
Tags: DGA , Pegasus, Phishing
Implant.ARM.iLOBleed.a
(published: December 28, 2021)
Amnpardaz researchers discovered a new rootkit that has been targeting Hewlett-Packard Enterprise’s Integrated Lights-Out (iLO) server managemen |
Malware Hack Tool Vulnerability Threat | LastPass | |
|
2022-01-04 21:05:11 | UScellular discloses the second data breach in a year (lien direct) | UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over […] | Data Breach Hack | ||
|
2022-01-04 12:07:08 | UScellular discloses data breach after billing system hack (lien direct) | UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. [...] | Data Breach Hack | ||
 |
2021-12-31 12:01:41 | (Déjà vu) PIT HackTheBox Walkthrough (lien direct) | Pit is a CTF Linux box with difficulty rated as a medium on Hack The Box platform. Let’s deep dive into breaking down this machine. | Hack | ||
|
2021-12-29 17:21:27 | Chinese Spies Exploit Log4Shell to Hack Major Academic Institution (lien direct) | China-linked cyberespionage group Aquatic Panda was recently observed exploiting the Log4Shell vulnerability to compromise a large academic institution, CrowdStrike's Falcon OverWatch team reports. | Hack Vulnerability | ||
|
2021-12-29 13:03:09 | BountyHunter HackTheBox Walkthrough (lien direct) | Bounty hunter is a CTF Linux machine with an Easy difficulty rating on the Hack the Box platform. So let’s get started and take a | Hack | ||
|
2021-12-29 07:07:07 | Fintech firm hit by log4j hack refuses to pay $5 million ransom (lien direct) | One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort $5 million and threatened to publish the customer data should ONUS refuse to comply. [...] | Hack | ||
 |
2021-12-24 10:25:00 | Former Uber CSO Faces New Charge for 2016 Breach (lien direct) | US feds accuse Joe Sullivan of using bug bounty to conceal 2016 hack and breach | Hack | Uber Uber | |
 |
2021-12-21 17:42:17 | How to display seconds in the Windows 11 system clock despite Microsoft\'s wishes (lien direct) | Microsoft decided to block a Registry File hack that allows users to display seconds in the Windows 11 system clock. Now to get seconds to display, Windows 11 users have to install a third-party app. | Hack | ||
|
2021-12-21 12:19:11 | Vulnerabilities Can Allow Hackers to Tamper With Walk-Through Metal Detectors (lien direct) | Walk-through metal detectors made by Garrett are affected by potentially serious vulnerabilities that can be exploited to hack the devices and alter their configuration. | Hack | ||
|
2021-12-17 10:00:00 | Conti ransomware uses Log4j bug to hack VMware vCenter servers (lien direct) | Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. [...] | Ransomware Hack | ||
 |
2021-12-16 14:45:51 | The DHS is inviting hackers to break into its systems, but there are rules of engagement (lien direct) | The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks. Read more in my article on the Tripwire State of Security blog. | Hack | ||
|
2021-12-16 00:08:09 | Smashing Security podcast #256: Virgin Media just won\'t take no for an answer, NFT apes, and bad optics (lien direct) | After a brief discussion of the Log4Shell vulnerability panic, we discuss how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your girlfriend's facial recognition. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. | Hack Vulnerability | ||
 |
2021-12-14 23:10:21 | Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit (lien direct) | It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. | Hack | ||
|
2021-12-13 20:45:23 | Seal HackTheBox Walkthrough (lien direct) | Seal is a CTF Linux machine rated as medium difficulty on Hack the Box platform. So let get started and deep dive into breaking down | Hack | ||
|
2021-12-13 19:28:00 | SANS Opens Free Holiday Hack Challenge (lien direct) | Cybersecurity training institute invites world to help Santa defeat cyber-villains | Hack | ||
|
2021-12-13 19:21:50 | How to display version information on the Windows 11 desktop (lien direct) | A simple hack of the Windows 11 Registry File allows you to display OS version information directly on the desktop, which can come in handy when you're troubleshooting. | Hack | ||
|
2021-12-10 10:34:27 | Saudi Activist Sues 3 Former U.S. Officials Over Hacking (lien direct) | Loujain al-Hathloul, a prominent Saudi political activist who pushed to end a ban on women driving in her country, is suing three former U.S. intelligence and military officials she says helped hack her cellphone so a foreign government could spy on her before she was imprisoned and tortured. | Hack | ||
 |
2021-12-09 10:30:33 | SnapHack: Watch out for those who can hack into anyone\'s Snapchat! (lien direct) | Oh snap! This is how easy it may be for somebody to hijack your Snapchat account – all they need to do is peer over your shoulder. | Hack | ||
|
2021-12-07 20:58:46 | Explore Hackthebox Walkthrough (lien direct) | “Explore” is a Capture the Flag challenge that we’ll be solving today. (HTB) Hack the Box is where you can get your hands on one, | Hack | ||
|
2021-12-06 13:46:47 | France warns of Nobelium cyberspies attacking French orgs (lien direct) | The French national cyber-security agency ANSSI said today that the Russian-backed Nobelium hacking group behind last year's SolarWinds hack has been targeting French organizations since February 2021. [...] | Hack | ||
 |
2021-12-06 11:22:48 | BitMart hacked in “large-scale security breach” (lien direct) | BitMart, a trusted cryptocurrency trading platform has been the latest to suffer a breach, resulting in the loss of approximately $150 million. The hack was confirmed on Saturday, when BitMart confirmed in a statement that hackers had withdrawn a large amount in assets. The company added that withdrawals had been temporarily suspended and that a […] | Hack | ||
 |
2021-12-04 16:10:18 | A Planned Parenthood LA Hack Affects 400,000 Patients (lien direct) | Plus: A Ubiquiti hack revelation, predictive policing, and more of the week's top security news. | Hack | ||
|
2021-12-03 10:26:13 | Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack (lien direct) | A former employee of Ubiquiti Networks has been arrested and charged in connection with a hack that stole gigabytes of data and attempted to extort US $2 million from the firm. Read more in my article on the Hot for Security blog. | Data Breach Hack | ||
 |
2021-12-02 14:32:36 | Smart Contract Bug Results in $31 Million Loss (lien direct) | A hacker stole $31 million from the blockchain company MonoX Finance , by exploiting a bug in software the service uses to draft smart contracts. Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. MonoX updates prices after each swap by calculating new prices for both tokens. When the swap is completed, the price of tokenInthat is, the token sent by the userdecreases and the price of tokenOutor the token received by the userincreases. By using the same token for both tokenIn and tokenOut, the hacker greatly inflated the price of the MONO token because the updating of the tokenOut overwrote the price update of the tokenIn. The hacker then exchanged the token for $31 million worth of tokens on the Ethereum and Polygon blockchains... | Hack | ||
|
2021-12-02 11:52:34 | Former Employee Accused of Being Behind Ubiquiti Hack (lien direct) | The hacker attack disclosed by Ubiquiti in January 2021 was actually conducted by a former employee, according to the Justice Department, which announced charges against the individual on Wednesday. | Hack | ||
|
2021-11-30 13:00:00 | Think Climate Change Is Messy? Wait Until Geoengineering (lien direct) | Someone's bound to hack the atmosphere to cool the planet. So we urgently need more research on the consequences, says climate scientist Kate Ricke. | Hack | ||
 |
2021-11-30 01:36:45 | Panasonic Suffers Data Breach After Hackers Hack Into Its Network (lien direct) | Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. | Data Breach Hack | ||
|
2021-11-29 22:23:51 | How to disable (again) the blur effect on the Windows 11 login screen (lien direct) | We used a Registry File hack in Windows 10 to disable the blur effect on the login screen, but the Windows 11 update restored the default. We'll show you how to fix it again. | Hack | ||
|
2021-11-29 09:40:21 | Panasonic discloses data breach after network hack (lien direct) | Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained access to servers on its network this month. [...] | Data Breach Hack Threat | ||
 |
2021-11-27 09:31:26 | Video: SANS Holiday Hack Challenge 2021 Q&A with Ed Skoudis, (Sat, Nov 27th) (lien direct) | The 2021 SANS Holiday Hack Challenge begins mid-December, but you can already watch "SANS Holiday Hack Challenge 2021 Q&A with Ed Skoudis" on YouTube. | Hack | ||
|
2021-11-24 15:29:13 | Apple Sues NSO Group (lien direct) | Piling more on NSO Group’s legal troubles, Apple is suing it: The complaint provides new information on how NSO Group infected victims' devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers. More news: Apple's legal complaint provides new information on NSO Group's FORCEDENTRY, an exploit for a now-patched vulnerability previously used to break into a victim's Apple device and install the latest version of NSO Group's spyware product, Pegasus. The exploit was originally identified by the Citizen Lab, a research group at the University of Toronto. ... | Hack Vulnerability | ||
|
2021-11-23 08:29:16 | GoDaddy hack exposes accounts of 1.2 million customers (lien direct) | Web-hosting firm and domain registrar GoDaddy has revealed that it has suffered cyber attack which saw a hacker gain access to details of over one million customers. Read more in my article on the Hot for Security blog. | Hack | ||
|
2021-11-22 15:55:47 | Researchers Hack Conti Ransomware Infrastructure (lien direct) | Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti Ransomware-as-a-Service (RaaS), which allowed them to gain insight into the inner workings of the ransomware. | Ransomware Hack Vulnerability | ||
|
2021-11-22 11:43:08 | GoDaddy hack causes data breach affecting 1.2 million customers (lien direct) | GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment. [...] | Data Breach Hack | ||
|
2021-11-19 12:00:00 | Locked Out of \'God Mode\', Runners Hack Their Treadmills (lien direct) | NordicTrack customers were watching Netflix using a simple trick-until the company blocked their access. | Hack | ||
|
2021-11-15 19:51:13 | How to restore the full context menu to File Explorer in Windows 11 (lien direct) | The full right-click context menu in File Explorer can be restored in Windows 11 with a specific code and an unusual and slightly tricky hack of the Windows Registry File. | Hack | ||
|
2021-11-11 21:43:11 | Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant (lien direct) | Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat actor to be a | Hack Threat | ||
 |
2021-11-10 14:00:00 | Breach and Attack Simulation: Hack Yourself to a More Secure Future (lien direct) | Getting breached is the surest way to learn your organization’s cybersecurity vulnerabilities. And that’s why you need to hack yourself before threat actors do. A cyber breach and attack simulation, also called red teaming, is best to understand vulnerabilities in practice, rather than just theory. What can you do before, during and after a simulated […] | Hack Threat | ||
|
2021-11-10 12:08:04 | Lazarus hackers target researchers with trojanized IDA Pro (lien direct) | A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application. [...] | Hack | APT 38 APT 28 |
To see everything:
Our RSS (filtrered)
