What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-19 09:52:32 | Air-gapped systems leak data via SATA cable WiFi antennas (lien direct) | An Israeli security researcher has demonstrated a novel attack against air-gapped systems by leveraging the SATA cables inside computers as a wireless antenna to emanate data via radio signals. [...] | |||
|
2022-07-19 05:30:00 | New CloudMensis malware backdoors Macs to steal victims\' data (lien direct) | Unknown threat actors are using previously undetected malware to backdoor macOS devices and exfiltrate information in a highly targeted series of attacks. [...] | Malware Threat | ||
|
2022-07-18 10:42:28 | Roaming Mantis hits Android and iOS users in malware, phishing attacks (lien direct) | After hitting Germany, Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. [...] | |||
|
2022-07-18 10:04:02 | (Déjà vu) Enforcing Password History in Your Windows AD to Curb Password Reuse (lien direct) | 65% of end-users openly admit to reusing the same password for one or more (or all!) of their accounts. Password history requirements discourage this behavior by making it more difficult for a user to reuse their old password. [...] | |||
|
2022-07-18 10:04:02 | Enforcing Password History in Your AD to Curb Password Reuse (lien direct) | 65% of end-users openly admit to reusing the same password for one or more (or all!) of their accounts. Password history requirements discourage this behavior by making it more difficult for a user to reuse their old password. [...] | |||
|
2022-07-16 11:07:04 | Hackers pose as journalists to breach news media org\'s networks (lien direct) | Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors. [...] | Threat | ||
|
2022-07-16 10:11:12 | (Déjà vu) Elastix VoIP systems hacked in massive campaign to install PHP web shells (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | Massive campaign hits Elastix VoIP systems with 500,000 unique malware samples (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-15 13:46:43 | Password recovery tool infects industrial systems with Sality malware (lien direct) | A threat actor is infecting industrial control systems (ICS) to create a botnet through password "cracking" software for programmable logic controllers (PLCs). [...] | Malware Tool Threat | ||
|
2022-07-14 11:53:39 | Mantis botnet behind the record-breaking DDoS attack in June (lien direct) | The record-breaking distributed denial-of-service (DDoS) attack that Cloudflare mitigated last month originated from a new botnet called Mantis, which is currently described as "the most powerful botnet to date." [...] | |||
|
2022-07-14 03:13:23 | New Retbleed speculative execution CPU attack bypasses Retpoline fixes (lien direct) | Security researchers have discovered a new speculative execution attack called Retbleed that affects processors from both Intel and AMD and could be used to extract sensitive information. [...] | |||
|
2022-07-13 17:52:46 | New Lilith ransomware emerges with extortion site, lists first victim (lien direct) | A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks. [...] | Ransomware | ||
|
2022-07-13 16:50:18 | Bandai Namco confirms hack after ALPHV ransomware data leak threat (lien direct) | Game publishing giant Bandai Namco has confirmed that they suffered a cyberattack that may have resulted in the theft of customers' personal data. [...] | Ransomware Hack Threat | ||
|
2022-07-13 11:00:33 | New Android malware on Google Play installed 3 million times (lien direct) | A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. [...] | Malware | ||
|
2022-07-13 10:36:35 | $8 million stolen in large-scale Uniswap airdrop phishing attack (lien direct) | Uniswap, a popular decentralized cryptocurrency exchange, lost close to $8 million worth of Ethereum in a sophisticated phishing attack yesterday. [...] | |||
|
2022-07-12 17:10:17 | CISA orders agencies to patch new Windows zero-day used in attacks (lien direct) | CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild. [...] | Vulnerability | ||
|
2022-07-12 15:54:20 | Hackers impersonate cybersecurity firms in callback phishing attacks (lien direct) | Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks. [...] | |||
|
2022-07-12 14:03:27 | Hackers stole $620 million from Axie Infinity via fake job interviews (lien direct) | The hack that caused Axie Infinity losses of $620 million in crypto started with a fake job offer from North Korean hackers to one of the game's developers. [...] | Hack | ||
|
2022-07-12 13:02:29 | Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs (lien direct) | Microsoft says a massive series of phishing attacks has targeted more than 10,000 organizations starting with September 2021, using the gained access to victims' mailboxes in follow-on business email compromise (BEC) attacks. [...] | |||
|
2022-07-12 10:32:39 | New \'Luna Moth\' hackers breach orgs via fake subscription renewals (lien direct) | A new data extortion group has been breaching companies to steal confidential information, threatening victims to make the files publicly available unless they pay a ransom. [...] | |||
|
2022-07-11 18:10:14 | Hackers can unlock Honda cars remotely in Rolling-PWN attacks (lien direct) | A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows unlocking the cars or even starting the engine remotely. [...] | |||
|
2022-07-11 15:24:40 | Ransomware gang now lets you search their stolen data (lien direct) | Two ransomware gangs and a data extortion group have adopted a new strategy to force victim companies to pay threat actors to not leak stolen data. [...] | Ransomware Threat | ||
|
2022-07-10 10:03:00 | Maastricht University wound up earning money from its ransom payment (lien direct) | Maastricht University (UM), a Dutch university with more than 22,000 students, said last week that it has recovered the ransom paid after a ransomware attack that hit its network in December 2019. [...] | Ransomware | ||
|
2022-07-09 11:12:06 | Mangatoon data breach exposes data from 23 million accounts (lien direct) | Manga comic reading app Mangatoon has suffered a data breach that exposed the account information of 23 million users after a hacker stole it from an Elasticsearch database. [...] | Data Breach | ||
|
2022-07-08 15:22:42 | New 0mega ransomware targets businesses in double-extortion attacks (lien direct) | A new ransomware operation named '0mega' targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms. [...] | Ransomware | ||
|
2022-07-07 17:04:09 | Fake copyright complaints push IcedID malware using Yandex Forms (lien direct) | [...] | Malware | ||
|
2022-07-07 16:38:42 | New stealthy OrBit malware steals data from Linux devices (lien direct) | A newly discovered Linux malware is being used to stealthily steal information from backdoored Linux systems and infect all running processes on the machine. [...] | Malware | ||
|
2022-07-07 13:19:23 | Quantum ransomware attack affects 657 healthcare orgs (lien direct) | Professional Finance Company Inc. (PFC), a full-service accounts receivables management company, says that a ransomware attack in late February led to a data breach affecting over 600 healthcare organizations. [...] | Ransomware Data Breach | ||
|
2022-07-07 11:47:20 | QNAP warns of new Checkmate ransomware targeting NAS devices (lien direct) | Taiwan-based network-attached storage (NAS) vendor QNAP warned customers to secure their devices against attacks using Checkmate ransomware to encrypt data. [...] | Ransomware | ||
|
2022-07-06 18:40:40 | Windows 11 Subsystem for Android can now use VPN-assigned IPs (lien direct) | Microsoft has released an update for the Windows Subsystem for Android, allowing all Windows 11 Insiders to use their VPN's IP address with Android apps. [...] | |||
|
2022-07-06 16:46:37 | IT services giant SHI hit by "professional malware attack" (lien direct) | SHI International Corp, a New Jersey-based provider of Information Technology (IT) products and services, has confirmed that its network was hit by a malware attack over the weekend. [...] | Malware | ||
|
2022-07-06 14:38:54 | Apple\'s new Lockdown Mode defends against government spyware (lien direct) | Apple announced that a new security feature known as Lockdown Mode will roll out with iOS 16, iPadOS 16, and macOS Ventura to protect high-risk individuals like human rights defenders, journalists, and dissidents against targeted spyware attacks. [...] | |||
|
2022-07-06 13:32:10 | (Déjà vu) Ransomware, hacking groups move from Cobalt Strike to Brute Ratel (lien direct) | Hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] | Ransomware | ||
|
2022-07-06 13:32:10 | (Déjà vu) Ransomware, hacking groups ditch Cobalt Strike for Brute Ratel (lien direct) | APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] | Ransomware | ||
|
2022-07-06 13:32:10 | Ransomware gangs, APT groups ditch Cobalt Strike for Brute Ratel (lien direct) | APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...] | Ransomware | ||
|
2022-07-06 12:52:48 | (Déjà vu) Marriott confirms another data breach after hotel got hacked (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 12:52:48 | (Déjà vu) Marriott hit by new data breach and a failed extortion attempt (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 12:52:48 | Marriott confirms data breach and a failed extortion attempt (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 10:47:32 | US govt warns of Maui ransomware attacks against healthcare orgs (lien direct) | The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. [...] | Ransomware Threat | ||
|
2022-07-05 18:20:47 | New RedAlert Ransomware targets Windows, Linux VMware ESXi servers (lien direct) | A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. [...] | Ransomware | ||
|
2022-07-05 13:55:21 | NPM supply-chain attack impacts hundreds of websites and apps (lien direct) | An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise thousands of downstream desktop apps and websites. [...] | |||
|
2022-07-04 13:56:49 | Google patches new Chrome zero-day flaw exploited in attacks (lien direct) | Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022. [...] | Vulnerability | ||
|
2022-07-03 10:09:00 | Microsoft Defender adds network protection for Android, iOS devices (lien direct) | Microsoft has announced the introduction of a new Microsoft Defender for Endpoint (MDE) feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks. [...] | |||
|
2022-07-02 11:36:48 | Rogue HackerOne employee steals bug reports to sell on the side (lien direct) | A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. [...] | Vulnerability | ||
|
2022-07-01 15:35:53 | The Week in Ransomware - July 1st 2022 - Bug Bounties (lien direct) | It has been relatively busy this week with new ransomware attacks unveiled, a bug bounty program introduced, and new tactics used by the threat actors to distribute their encryptors. [...] | Ransomware Threat | ||
|
2022-06-30 19:05:11 | Toll fraud malware disables your WiFi to force premium subscriptions (lien direct) | Microsoft is warning that toll fraud malware is one of the most prevalent threats on Android and that it is evolving with features that allow automatic subscription to premium services. [...] | Malware Threat | ||
|
2022-06-30 14:04:11 | Macmillan shuts down systems after likely ransomware attack (lien direct) | Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. [...] | Ransomware | ||
|
2022-06-30 12:59:02 | Microsoft Exchange servers worldwide backdoored with new malware (lien direct) | A newly discovered lightweight and persistent malware was used by attackers to backdoor Microsoft Exchange servers belonging to government and military organizations from Europe, the Middle East, Asia, and Africa. [...] | Malware | ||
|
2022-06-30 10:57:51 | Ukraine targeted by almost 800 cyberattacks since the war started (lien direct) | Ukrainian government and private sector organizations have been the target of 796 cyberattacks since the start of the war on February 24, 2022, when Russia invaded Ukraine. [...] | |||
|
2022-06-30 10:31:59 | Russian hacktivists take down Norway govt sites in DDoS attacks (lien direct) | Norway's National Security Authority (NSM) published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service (DDoS) attacks. [...] |
To see everything:
Our RSS (filtrered)
