Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-19 14:37:18 |
(Déjà vu) Microsoft finds macOS bug that lets malware bypass security checks (lien direct) |
Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. [...] |
Malware
Vulnerability
|
|
★★
|
|
2022-12-19 14:37:18 |
Microsoft: Achilles macOS bug lets hackers bypass Gatekeeper (lien direct) |
Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. [...] |
Malware
Vulnerability
|
|
★★
|
|
2022-12-19 12:57:36 |
DraftKings warns data of 67K people was exposed in account hacks (lien direct) |
Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in November. [...] |
|
|
★★★
|
|
2022-12-19 12:39:27 |
Ukraine\'s DELTA military system users targeted by info-stealing malware (lien direct) |
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. [...] |
Malware
|
|
★★★
|
|
2022-12-18 11:07:14 |
Restaurant CRM platform \'SevenRooms\' confirms breach after data for sale (lien direct) |
SevenRooms, a restaurant CRM software and guest manRestaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.agement service provider, has admitted it has suffered a data breach, result of a security incident on one of its vendors. [...] |
Data Breach
Threat
|
|
★★★
|
|
2022-12-17 11:08:16 |
Glupteba malware is back in action after Google disruption (lien direct) |
The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost a year ago. [...] |
Malware
|
|
★★★
|
|
2022-12-16 13:47:12 |
Colombian energy supplier EPM hit by BlackCat ransomware attack (lien direct) |
Colombian energy company Empresas Públicas de Medellín (EPM) suffered a BlackCat/ALPHV ransomware attack on Monday, disrupting the company's operations and taking down online services. [...] |
Ransomware
|
|
★★★
|
|
2022-12-16 10:23:17 |
Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux (lien direct) |
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers. [...] |
Malware
|
|
★★
|
|
2022-12-15 16:10:28 |
Hackers leak personal info allegedly stolen from 5.7M Gemini users (lien direct) |
Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor. [...] |
Threat
|
|
★★★
|
|
2022-12-15 12:38:44 |
Phishing attack uses Facebook posts to evade email security (lien direct) |
A new phishing campaign uses Facebook posts as part of its attack chain to trick users into giving away their account credentials and personally identifiable information (PII). [...] |
|
|
★★★★
|
|
2022-12-15 12:24:00 |
Ukrainian govt networks breached via trojanized Windows 10 installers (lien direct) |
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. [...] |
|
|
★★★
|
|
2022-12-15 10:29:26 |
Social Blade confirms breach after hacker posts stolen user data (lien direct) |
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum. [...] |
Data Breach
|
|
★★
|
|
2022-12-15 08:00:00 |
LEGO BrickLink bugs let hackers hijack accounts, breach servers (lien direct) |
Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group's official second-hand and vintage marketplace for LEGO bricks. [...] |
|
|
★★
|
|
2022-12-15 02:36:18 |
Hackers target Japanese politicians with new MirrorStealer malware (lien direct) |
A hacking group tracked as MirrorFace has been targeting Japanese politicians for weeks before the House of Councilors election in July 2022, using a previously undocumented credentials stealer named 'MirrorStealer.' [...] |
Malware
|
|
★
|
|
2022-12-14 14:13:11 |
Attackers use SVG files to smuggle QBot malware onto Windows systems (lien direct) |
QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. [...] |
Malware
|
|
★★
|
|
2022-12-14 13:24:00 |
Microsoft patches Windows zero-day used to drop ransomware (lien direct) |
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. [...] |
Ransomware
Malware
Vulnerability
Threat
|
|
★★
|
|
2022-12-14 08:51:00 |
Microsoft fixes Windows Server issue causing freezes, restarts (lien direct) |
Microsoft has addressed an LSASS memory leak issue on some domain controllers that led to freezes and restarts after installing Windows Server updates released during last month's Patch Tuesday. [...] |
|
|
★★
|
|
2022-12-13 16:24:20 |
LockBit claims attack on California\'s Department of Finance (lien direct) |
The Department of Finance in California has been the target of a cyberattack now claimed by the LockBit ransomware gang. [...] |
Ransomware
|
|
★★★
|
|
2022-12-13 15:48:43 |
(Déjà vu) Apple security update fixes new iOS zero-day used to hack iPhones (lien direct) |
In security updates released today, Apple has fixed the tenth zero-day vulnerability since the start of the year, with this latest one actively used in attacks against iPhones. [...] |
Hack
Vulnerability
|
|
★★
|
|
2022-12-13 12:27:43 |
New GoTrim botnet brute forces WordPress site admin accounts (lien direct) |
A new Go-based botnet malware named 'GoTrim' is scanning the web for self-hosted WordPress websites and attempting to brute force the administrator's password and take control of the site. [...] |
Malware
|
|
★★
|
|
2022-12-12 18:34:25 |
Play ransomware claims attack on Belgium city of Antwerp (lien direct) |
The Play ransomware operation has claimed responsibility for a recent cyberattack on the Belgium city of Antwerp. [...] |
Ransomware
|
|
★
|
|
2022-12-12 16:26:33 |
New Python malware backdoors VMware ESXi servers for remote access (lien direct) |
A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. [...] |
Malware
|
|
★★★
|
|
2022-12-12 14:27:52 |
Twitter confirms recent user data leak is from 2021 breach (lien direct) |
Twitter confirmed today that the recent leak of millions of members' profiles, including private phone numbers and email addresses, resulted from the same data breach the company disclosed in August 2022. [...] |
Data Breach
|
|
★★★
|
|
2022-12-12 13:30:18 |
Uber suffers new data breach after attack on vendor, info leaked online (lien direct) |
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. [...] |
Data Breach
Threat
|
Uber
Uber
|
★
|
|
2022-12-11 11:22:33 |
(Déjà vu) Clop ransomware uses TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★★
|
|
2022-12-11 11:22:33 |
Clop ransomware partners with TrueBot malware for access to networks (lien direct) |
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] |
Ransomware
Malware
|
|
★
|
|
2022-12-10 10:06:12 |
Air-gapped PCs vulnerable to data theft via power supply radiation (lien direct) |
A new attack method named COVID-bit uses electromagnetic waves to transmit data from air-gapped systems isolated from the internet over a distance of at least two meters (6.5 ft), where its captured by a receiver. [...] |
|
|
★★
|
|
2022-12-09 14:51:48 |
Rackspace warns of phishing risks following ransomware attack (lien direct) |
Cloud computing provider Rackspace warned customers on Thursday of increased risks of phishing attacks following a ransomware attack affecting its hosted Microsoft Exchange environment. [...] |
Ransomware
|
|
★★
|
|
2022-12-09 12:00:03 |
Antivirus and EDR solutions tricked into acting as data wipers (lien direct) |
A security researcher has found a way to exploit the data deletion capabilities of widely used endpoint detection and response (EDR) and antivirus (AV) software from Microsoft, SentinelOne, TrendMicro, Avast, and AVG to turn them into data wipers. [...] |
|
|
★★★★
|
|
2022-12-09 09:00:00 |
Holiday 2022 deal: 20% off Zero2Automated malware analysis training (lien direct) |
Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in. [...] |
Malware
|
|
★★★
|
|
2022-12-08 16:19:09 |
Hacked corporate email accounts used to send MSP remote access tool (lien direct) |
MuddyWater hackers, a group associated with Iran's Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets. [...] |
Tool
|
|
★★★
|
|
2022-12-08 15:27:11 |
CommonSpirit Health ransomware attack exposed data of 623,000 patients (lien direct) |
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack. [...] |
Ransomware
Threat
|
|
★★★
|
|
2022-12-08 13:03:34 |
Tor Browser 12.0 brings Apple Silicon support, Android enhancements (lien direct) |
The Tor Project team has announced the release of Tor Browser 12.0, a major version release introducing support for Apple Silicon chips and several enhancements for the Android version. [...] |
|
|
★★★
|
|
2022-12-08 12:00:00 |
Google: How Android\'s Private Compute Core protects your data (lien direct) |
Google has disclosed more technical details about how Private Compute Core (PCC) on Android works and keeps sensitive user data processed locally on protected devices. [...] |
|
|
★★★
|
|
2022-12-08 05:00:00 |
New \'Zombinder\' platform binds Android malware with legitimate apps (lien direct) |
A darknet platform dubbed 'Zombinder' allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality of the original app to evade suspicion. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-07 14:19:32 |
New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (lien direct) |
A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras. [...] |
Malware
|
|
★★
|
|
2022-12-07 12:36:18 |
Hackers use new Fantasy data wiper in coordinated supply chain attack (lien direct) |
The Iranian Agrius APT hacking group is using a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa. [...] |
|
|
★★★
|
|
2022-12-06 16:14:30 |
Antwerp\'s city services down after hackers attack digital partner (lien direct) |
The city of Antwerp, Belgium, is working to restore its digital services that were disrupted last night by a cyberattack on its digital provider. [...] |
|
|
★★
|
|
2022-12-06 11:36:40 |
Android December 2022 security updates fix 81 vulnerabilities (lien direct) |
Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth. [...] |
|
|
★★★
|
|
2022-12-06 10:31:18 |
Rackspace confirms outage was caused by ransomware attack (lien direct) |
Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind its ongoing Hosted Exchange outage. [...] |
Ransomware
|
|
★★★
|
|
2022-12-06 10:11:07 |
Massive DDoS attack takes Russia\'s second-largest bank VTB offline (lien direct) |
Russia's second-largest financial institution VTB Bank says it is facing the worse cyberattack in its history after its website and mobile apps were taken offline due to an ongoing DDoS (distributed denial of service) attack. [...] |
|
|
★★★
|
|
2022-12-06 10:07:14 |
Password Reset Calls Are Costing Your Org Big Money (lien direct) |
Research states that the average help desk labor cost for a single password reset is about $70. With this cost, what can an organization do to lessen the impact of password resets? [...] |
|
|
★★
|
|
2022-12-05 15:41:11 |
Ransomware attack forces French hospital to transfer patients (lien direct) |
The André-Mignot teaching hospital in the suburbs of Paris had to shut down its phone and computer systems because of a ransomware attack that hit on Saturday evening. [...] |
Ransomware
|
|
★★
|
|
2022-12-05 15:08:49 |
Sneaky hackers reverse defense mitigations when detected (lien direct) |
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. [...] |
Threat
|
|
★★★
|
|
2022-12-04 10:11:22 |
Android malware apps with 2 million installs spotted on Google Play (lien direct) |
A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. [...] |
Malware
Mobile
|
|
★★★
|
|
2022-12-03 10:12:06 |
Hackers use new, fake crypto app to breach networks, steal cryptocurrency (lien direct) |
The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. [...] |
Malware
|
APT 38
|
★★★
|
|
2022-12-02 17:51:35 |
The Week in Ransomware - December 2nd 2022 - Disrupting Health Care (lien direct) |
This week's big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country's largest healthcare providers. [...] |
Ransomware
|
|
★★
|
|
2022-12-02 14:05:26 |
DHS Cyber Safety Board to review Lapsus$ gang\'s hacking tactics (lien direct) |
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks. [...] |
|
|
★★
|
|
2022-12-02 12:29:48 |
New CryWiper malware wipes data in attack against Russian org (lien direct) |
A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. [...] |
Malware
|
|
★★★
|
|
2022-12-02 10:14:07 |
How Windows 11\'s Enhanced Phishing Protection guards your password (lien direct) |
One of the easier ways to steal a user's credentials is through a convincing fake login page or application. To help combat the constant risk of password theft, Microsoft added enhanced phishing protection in Windows 11 Version 22H2. [...] |
|
|
★★
|