What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-07-19 19:24:00 | Les escrocs ciblent des collégiens avec de fausses offres d'emploi bioscience Scammers are targeting college kids with fake bioscience job offers (lien direct) |
Les cybercriminels ciblent les étudiants avec de fausses offres d'emploi dans les industries de la bioscience et de la santé dans l'espoir d'extraire les frais des victimes, les experts avertissent.Les chercheurs de la société de cybersécurité Proofpoint Point découvert Campagne, qui a ciblé les étudiants universitaires en Amérique du Nord en mai et juin - Saison de remise des diplômes - en utilisant des e-mails d'escroquerie sur le thème de l'emploi.
Cybercriminals are targeting college students with fake job offers in the bioscience and health industries with the hope of extracting fees out of victims, experts are warning. Researchers at the cybersecurity company Proofpoint uncovered the campaign, which targeted university students in North America in May and June - graduation season - using job-themed scam emails. |
Threat | ★★ | |
|
2023-07-18 16:35:00 | Appelé un faux numéro de support client de la compagnie aérienne?Google bouscule pour résoudre ce problème Called a bogus airline customer support number? Google is hustling to fix that (lien direct) |
Google a déclaré qu'il s'efforçait de corriger tous les faux numéros de téléphone du service client de la compagnie aérienne qu'un travailleur technologique a découvert cette semaine.Lundi, Shmuli Evers a écrit sur Twitter qu'après son vol de New York \'s John F. Kennedy International Airport était l'aéroport international de New York \\ KennedyAnnulé, il y a googlé le numéro de support client pour le bureau de Delta \\.Après
Google said it is working to correct all of the fake airline customer service phone numbers that a tech worker discovered this week. On Monday, Shmuli Evers wrote on Twitter that after his flight from New York\'s John F. Kennedy International Airport was canceled, he googled the customer support number for Delta\'s office there. After |
Threat | ★★ | |
|
2023-07-18 12:45:00 | Groupe Cybercrime FIN8 Utilisation de la porte dérobée mise à jour au milieu du passage aux ransomwares FIN8 cybercrime group using updated backdoor amid shift to ransomware (lien direct) |
Le groupe Cybercrime FIN8 utilise une porte dérobée mise à jour dans ses cyberattaques, qui impliquent de plus en plus des ransomwares.L'équipe Hunter de Symantec \\ a dit que c'était a observé le groupe DéploiementUne variante de la porte dérobée sardonique avant de livrer des ransomwares connus sous le nom de Black Cat ou AlphV.La porte dérobée sardonique était examinée par les chercheurs de Bitdefender Il y a deux ans et des experts
The FIN8 cybercrime group is using an updated backdoor in its cyberattacks, which increasingly involve ransomware. Symantec\'s Threat Hunter Team said it observed the group deploying a variant of the Sardonic backdoor before delivering ransomware known as Black Cat or AlphV. The Sardonic backdoor was examined by researchers at Bitdefender two years ago and experts |
Ransomware Threat | ★★★ | |
|
2023-07-16 17:30:00 | Le groupe de piratage russe Armageddon cible de plus en plus les services d'État ukrainiens Russian hacking group Armageddon increasingly targets Ukrainian state services (lien direct) |
Le groupe de piratage lié à Moscou connu sous le nom d'Armageddon reste l'un des acteurs de menace les plus actifs et les plus dangereux ciblant l'Ukraine pendant sa guerre avec la Russie, selon des recherches récentes.Le groupe, également connu sous le nom de Gamaredon, mène principalement des opérations de cyberespionnage contre les services ukrainiens de sécurité et de défense, mais le groupe a également été lié à au moins un
The Moscow-linked hacking group known as Armageddon remains one of the most active and dangerous threat actors targeting Ukraine during its war with Russia, according to recent research. The group, also known as Gamaredon, mostly conducts cyberespionage operations against Ukrainian security and defense services, but the group has also been linked to at least one |
Threat | ★★ | |
|
2023-07-12 15:49:00 | Les pirates chinois ont violé le courrier électronique du gouvernement américain et européen via Microsoft Bug Chinese hackers breached U.S. and European government email through Microsoft bug (lien direct) |
Un groupe de piratage chinois a exploité un bogue dans le service de messagerie cloud de Microsoft \\ pour espionner des organisations de deux douzaines, y compris certaines agences gouvernementales, le géant de la technologie a dit Mardi tard.Décrit comme un «adversaire bien ressourcé», l'acteur de menace a suivi par Microsoft en tant que Storm-0558 a principalement ciblé les agences gouvernementales en Europe occidentale et s'est concentré sur l'espionnage, le vol de données et
A Chinese hacking group exploited a bug in Microsoft\'s cloud email service to spy on two-dozen organizations, including some government agencies, the tech giant said late Tuesday. Described as a “well-resourced adversary,” the threat actor tracked by Microsoft as Storm-0558 has primarily targeted government agencies in Western Europe and focused on espionage, data theft, and |
Threat Cloud | ★★ | |
|
2023-07-06 17:29:00 | Les cyber-agences avertissent les nouvelles variantes de logiciels malveillants TrueBot qui nous ciblent et les entreprises canadiennes Cyber agencies warn of new TrueBot malware variants targeting US and Canadian firms (lien direct) |
Les agences de cybersécurité aux États-Unis et au Canada ont averti jeudi que les acteurs de la menace utilisent de nouvelles variantes de logiciels malveillants TrueBot pour voler des données aux victimes.Dans un Advisory co-écrit par l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA), le FBI, le centre de partage et d'analyse multi-états (MS-ISAC) et le Centre canadien de cybersécurité (CCCS), le
Cybersecurity agencies in the U.S. and Canada warned Thursday that threat actors are using new TrueBot malware variants to steal data from victims. In an advisory co-written by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS), the |
Malware Threat | ★★ | |
|
2023-06-22 12:07:00 | Les cabinets d'avocats britanniques ont averti de mettre à niveau les cyberdéfenses contre les attaques de ransomwares British law firms warned to upgrade cyberdefenses against ransomware attacks (lien direct) |
Les cabinets d'avocats en Grande-Bretagne ont été avertis jeudi de moderniser leurs cyberdéfenses à la suite d'un certain nombre d'attaques de ransomwares qui ont conduit à des informations sensibles et potentiellement légalement privilégiées volées par des criminels et publiées en ligne.Dans un rapport de menace pour le secteur juridique britannique , le National Cyber SecurityCentre (NCSC) a averti que financièrement
Law firms in Britain were warned on Thursday to upgrade their cyberdefenses in the wake of a number of ransomware attacks that led to sensitive and potentially legally privileged information being stolen by criminals and published online. In a threat report for the British legal sector, the National Cyber Security Centre (NCSC) warned that financially |
Ransomware Threat | ★★ | |
|
2023-06-07 19:04:00 | Le géant de la fermeture éclair YKK confirme les réseaux américains ciblés par cyberattaque ciblés Zipper giant YKK confirms cyberattack targeted U.S. networks (lien direct) |
Le géant japonais de la fermeture éclair, YKK, a confirmé que ses opérations américaines étaient ciblées par des pirates au cours des dernières semaines, mais ont déclaré qu'elle avait pu contenir la menace avant les dommages causés.La société basée à Tokyo ne dirait pas si elle avait été frappée de ransomwares, mais un porte-parole a déclaré à Future News qu'une fois que YKK a découvert que son américain
Japanese zipper giant YKK confirmed that its U.S. operations were targeted by hackers in recent weeks but said it was able to contain the threat before damage was caused. The Tokyo-based corporation would not say if it was hit with ransomware, but a spokesperson told Recorded Future News that once YKK discovered that its U.S.-based |
Threat | ★★★ | |
|
2023-06-06 21:05:00 | New \\'PowerDrop\\' malware targeting US aerospace industry (lien direct) |
Un nouveau script PowerShell malveillant vise l'industrie aérospatiale des États-Unis, ont révélé des chercheurs.Le malware, surnommé PowerDrop, a été trouvé implanté sur le réseau d'un entrepreneur de défense sans nom en mai par Adlumin menace Research .Le malware est utilisé comme un cheval de Troie à distance pour exécuter des commandes sur les réseaux de victime après avoir accédé à
A new malicious PowerShell script is targeting the United States aerospace industry, researchers have found. The malware, dubbed PowerDrop, was found implanted on the network of an unnamed defense contractor in May by Adlumin Threat Research. The malware is used as a remote access trojan to run commands on victim networks after getting access to |
Malware Threat | ★★ | |
|
2023-05-24 18:39:00 | Hackers liés à l'Iran Agrius déploient de nouveaux ransomwares contre les organisations israéliennes Iran-linked hackers Agrius deploying new ransomware against Israeli orgs (lien direct) |
Un groupe de menaces persistantes avancées liées à l'Iran utilise de nouveaux ransomwares tout en ciblant un adversaire familier au Moyen-Orient, ont révélé des chercheurs.Vérifier l'équipe de réponse aux incidents de Point \\ Enquête Le déploiement des ransomwares contre les organisations israéliens et revendiqué par un groupe se doublant de l'argent.Les chercheurs ont découvert qu'il portait les caractéristiques d'Agrius, un pirate
An Iran-linked advanced persistent threat group is using new ransomware while targeting a familiar adversary in the Middle East, researchers have found. Check Point\'s Incident Response Team investigated the deployment of the ransomware against Israeli organizations and claimed by a group dubbing itself Moneybird. Researchers found that it bore the hallmarks of Agrius, a hacker |
Ransomware Threat | ★★ | |
|
2023-05-23 20:00:00 | Les pirates iraniens présumés ciblent les sociétés de livraison et de logistique israéliennes Suspected Iranian hackers target Israeli shipping and logistics companies (lien direct) |
Plusieurs sites Web d'expédition et de logistique en Israël ont été piratés pour recueillir des informations sur leurs utilisateurs, selon un rapport de la société de cybersécurité basée à Tel Aviv, Clearsky.L'entreprise attribue ces attaques "avec une faible confiance" pour le groupe de pirates d'État national iranien, également appelé TA456 etChaton impérial.L'acteur de menace est actif depuis à
Several shipping and logistics websites in Israel were hacked to gather information about their users, according to a report by Tel Aviv-based cybersecurity company ClearSky. The company attributes these attacks “with a low confidence” to the Iranian nation-state hacker group Tortoiseshell, also called TA456 and Imperial Kitten. The threat actor has been active since at |
Threat | ★★ | |
|
2023-05-23 12:40:00 | La campagne d'espionnage cible l'Ukraine, Israël, l'Inde, le Kazakhstan et d'autres, selon la cyber-agence Spying campaign targets Ukraine, Israel, India, Kazakhstan and others, cyber agency says (lien direct) |
L'équipe d'intervention d'urgence informatique d'Ukraine \\, CERT-UA, a identifié une campagne de cyber-espionnage ciblant un non divulguéAgence gouvernementale en Ukraine.Un acteur de menace identifié par les chercheurs comme UAC-0063 «a également manifesté son intérêt» pour cibler la Mongolie, le Kazakhstan, le Kirghizistan, Israël et l'Inde, selon le Rapport Publié lundi.Les chercheurs ont initialement détecté l'activité associée à l'UAC-0063 en 2021, mais
Ukraine\'s computer emergency response team, CERT-UA, has identified a cyber-espionage campaign targeting an undisclosed government agency in Ukraine. A threat actor identified by researchers as UAC-0063 “has also shown interest” in targeting Mongolia, Kazakhstan, Kyrgyzstan, Israel and India, according to the report published on Monday. Researchers initially detected activity associated with UAC-0063 in 2021, but |
Threat | ★★ | |
|
2023-05-16 18:19:00 | \\ 'lancefly \\' groupe d'espionnage des organisations ciblant les organisations en Asie avec des logiciels malveillants personnalisés \\'Lancefly\\' espionage group targeting organizations across Asia with custom malware (lien direct) |
Un groupe de piratage soutenu par le gouvernement connu sous le nom de «Lancefly» a été vu en utilisant des logiciels malveillants sur mesure pour attaquer les gouvernements, les télécommunications et d'autres organisations à travers l'Asie.Des chercheurs de Symantec ont déclaré que Lancefly, étiquetée comme une menace persistante avancée (APT), était auparavant impliquée dans plusieurs attaques de 2020 qui ont utilisé des leurres de phishing basés sur le 37e asean Summit.La dernière campagne -
A government-backed hacking group known as “Lancefly” has been seen using custom-made malware to attack governments, telecoms and other organizations across Asia. Researchers from Symantec said Lancefly, labeled as an advanced persistent threat (APT), was previously implicated in several 2020 attacks that used phishing lures based on the 37th ASEAN Summit. The latest campaign - |
Malware Threat | ★★ | |
|
2023-05-08 12:00:00 | Alors que les données de ransomware restent \\ 'floues, \\' les cyber-chefs américains voient les raisons de l'optimisme As ransomware data remains \\'fuzzy,\\' US cyber leaders see reasons for optimism (lien direct) |
NASHVILLE - Deux principaux dirigeants fédéraux de la cybersécurité ont décrit vendredi le ransomware comme une menace persistante, mais offraient un optimisme selon lequel les efforts existants et récemment lancés aideraient à lutter contre la pandémie numérique."Je ne sais pas quand ça va à Crest", a déclaré aux journalistes le général de commandement et le chef de la NSA, le général Paul Nakasone
NASHVILLE - Two top federal cybersecurity leaders on Friday described ransomware as a persistent threat but offered optimism that existing and recently launched efforts would help combat the digital pandemic. “I\'m not sure when it\'s going to crest,” U.S. Cyber Command and NSA chief Gen. Paul Nakasone told reporters after his keynote address at the |
Ransomware Threat | ★★ | |
|
2023-05-05 13:08:00 | Le Danemark met en garde contre les espions russes se faisant passer pour des journalistes ou des hommes d'affaires \\ ' Denmark warns of Russian spies posing as \\'journalists or business people\\' (lien direct) |
Le service de sécurité et de renseignement du Danemark a averti que les expulsions de l'année dernière des agents du renseignement russes travaillant sous couverture diplomatique pourraient entraîner une nouvelle vague d'espions infiltrés se faisant passer pour «des journalistes ou des hommes d'affaires».Dans son évaluation annuelle de [la menace d'espionnage pour le Danemark, les îles Féroé et le Groenland] (https://pet.dk/en/publications) publié cette semaine, les politiétés efterretningstJenetes
Denmark\'s security and intelligence service has warned that last year\'s expulsions of Russian intelligence officers working under diplomatic cover could result in a new wave of undercover spies posing as “journalists or business people.” In its annual assessment of [the espionage threat to Denmark, the Faroe Islands and Greenland](https://pet.dk/en/publications) published this week, the Politiets Efterretningstjeneste |
Threat | ★★ | |
|
2023-05-03 12:00:00 | Campagnes de cyber-espionnage ciblant le personnel militaire en Asie du Sud, Meta avertit Cyber-espionage campaigns targeting military personnel in South Asia, Meta warns (lien direct) |
Les pirates liés à l'État au Pakistan ont espionné le personnel militaire en Inde et la Pakistan Air Force en utilisant de fausses applications et sites Web pour compromettre leurs appareils personnels, a annoncé Meta mercredi.La campagne d'espionnage est l'une des trois opérations en Asie du Sud décrites dans le rapport de menace adversaire trimestriel de Meta \\, aux côtés des activités du Bahamut et
State-linked hackers in Pakistan have been spying on military personnel in India and the Pakistan Air Force using fake apps and websites to compromise their personal devices, Meta announced on Wednesday. The espionage campaign is one of three operations in South Asia described in Meta\'s quarterly adversarial threat report, alongside activities by the Bahamut and |
Threat | Bahamut Bahamut | ★★ |
|
2023-04-30 16:51:00 | Iran apt utilisant \\ 'Bellaciao \\' malware contre les cibles aux États-Unis, en Europe et en Asie Iran APT using \\'BellaCiao\\' malware against targets in US, Europe and Asia (lien direct) |
Un groupe de piratage parrainé par l'État iranien a été accusé d'avoir déployé une nouvelle souche de logiciels malveillants nommé Bellaciao contre plusieurs victimes aux États-Unis, en Europe, en Inde, en Turquie et dans d'autres pays.Des chercheurs de la société de cybersécurité Bitdefender [attribuée] (https://www.bitdefender.com/blog/businessinsights/unpacking-bellaciaooo-a-closer-look-at-irans-latest-malware/) le maline à APT35 / APT42 & #8211;également connu sous le nom de Mint Sandstorm ou Charming Kitten & # 8211;un groupe de menaces persistantes avancé qui
An Iranian state-sponsored hacking group has been accused of deploying a new strain of malware named BellaCiao against several victims in the U.S., Europe, India, Turkey and other countries. Researchers from cybersecurity firm Bitdefender [attributed](https://www.bitdefender.com/blog/businessinsights/unpacking-bellaciao-a-closer-look-at-irans-latest-malware/) the malware to APT35/APT42 – also known as Mint Sandstorm or Charming Kitten – an advanced persistent threat group that |
Malware Threat | APT 35 APT 42 | ★★★ |
|
2023-04-27 15:49:00 | Les pirates utilisent la vulnérabilité de l'imprimante Papercut pour répandre les ransomwares de CloP Hackers use PaperCut printer vulnerability to spread Clop ransomware (lien direct) |
Les pirates liés à l'opération de ransomware de CloP exploitent deux vulnérabilités récemment divulguées dans le logiciel de gestion de l'impression Papercut pour voler les données de l'entreprise des victimes.Dans une série de tweets publiés mercredi, Microsoft a déclaré qu'ils attribuaient les attaques à un acteur de menace qu'ils suivent en dentelle Tempest - un groupe dont les activités se chevauchent avec FIN11 et TA505.
Hackers linked to the Clop ransomware operation are exploiting two recently-disclosed vulnerabilities in print management software PaperCut to steal corporate data from victims. In a series of tweets posted Wednesday, Microsoft said they attributed the attacks to a threat actor they track as Lace Tempest - a group whose activities overlap with FIN11 and TA505. |
Ransomware Vulnerability Threat | ★★ | |
|
2023-04-24 14:36:00 | La menace hacktiviste russe sur les pipelines du Canada est \\ 'appel à l'action, \\' Top Cyber Officiel dit Russian hacktivist threat on Canada\\'s pipelines is \\'call to action,\\' top cyber official says (lien direct) |
Un incident de cybersécurité affectant un gazoduc canadien - qui a affirmé des hacktivistes pro-russes et un agent du renseignement aurait pu provoquer une explosion - est «un appel à l'action pour le secteur critique des infrastructures», selon le haut du Canada \\Cyber Officiel.L'incident a été révélé dans une mine de matériel de renseignement américain divulgué qui comprenait un
A cybersecurity incident affecting a Canadian gas pipeline - which pro-Russian hacktivists and an intelligence officer claimed could have caused an explosion - is “a call to action for the critical infrastructure sector,” according to Canada\'s top cyber official. The incident was revealed in a trove of leaked U.S. intelligence materials that included an apparently |
Threat | ★★ | |
|
2023-04-19 13:48:00 | \\ 'Denim Tsunami \\' et \\ 'Mulberry Typhoon \\': Microsoft modifie la façon dont il nomme des groupes de piratage \\'Denim Tsunami\\' and \\'Mulberry Typhoon\\': Microsoft alters the way it names hacking groups (lien direct) |
Les spécialistes de la cybersécurité peuvent avoir du mal à se souvenir de tous les différents noms que les entreprises utilisent pour se référer aux acteurs de la menace - certains utilisent un système numérique, tandis que d'autres utilisent des couleurs, des animaux et des adjectifs comme «fantaisie» et «charmant».Maintenant, ils ont un autre schéma de dénomination à retenir: mardi, Microsoft a annoncé qu'il est passé à partir d'une taxonomie
Cybersecurity specialists may find it hard to remember all the different names companies use to refer to threat actors - some use a number system, while others use colors, animals and adjectives like “fancy” and “charming.” Now they have one more naming scheme to remember: On Tuesday, Microsoft announced that it\'s switching from a taxonomy |
Threat | ★★ | |
|
2023-04-11 20:43:00 | Logiciel israélien Spyware Surveillant les journalistes, les politiciens Israeli spyware software surveilling journalists, politicians (lien direct) |
Un logiciel secrète de la société de logiciels espions israéliens \\ a été utilisé sur des journalistes, des personnalités politiques et un travailleur de la société civile sur trois continents, ont révélé des chercheurs.Tenue de médecine légale numérique [Citizen Lab] (https://cizenlab.ca/2023/04/spyware-vendor-quadream-exploitts-victims-customers/) et [Microsoft Threat Intelligence] (https://www.microsoft.com/ Microsoft Threat] (https://www.microsoft.com/En-US / Sécurité / Blog / 2023/04/11 / DEV-0196-QUADREAMS-KINGSPAWN-Malware-Use-to-Target-Civil-Society-in-Europe-North-America-the-Middle-East-and-Southeast-Asia /) tous deux ont publié mardi des rapports détaillés sur la société israélienne de logiciels espions Quadream, qui a gardé un faible profil public depuis sa fondation dans
A secretive Israeli spyware company\'s software has been used on journalists, political figures and a civil-society worker on three continents, researchers have found. Digital forensics outfit [Citizen Lab](https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/) and [Microsoft Threat Intelligence](https://www.microsoft.com/en-us/security/blog/2023/04/11/dev-0196-quadreams-kingspawn-malware-used-to-target-civil-society-in-europe-north-america-the-middle-east-and-southeast-asia/) both published detailed reports on Tuesday about the Israeli spyware company QuaDream, which has kept a low public profile since its founding in |
Threat | ★★★ | |
|
2023-04-05 12:00:00 | Les pirates se sont présentés comme des journalistes dans des attaques contre des experts en Corée du Nord, dit Google Hackers posed as reporters in attacks on North Korea experts, Google says (lien direct) |
Les pirates soutenus par le gouvernement seraient liés à l'armée nord-coréenne ciblée des personnes ayant une expertise en matière de questions politiques de Corée du Nord en se faisant passer pour des journalistes, selon un nouveau rapport.Des chercheurs du groupe d'analyse des menaces de Google (TAG) ont publié mercredi le rapport comme un suivi de One [publié la semaine dernière] (https://www.mandiant.com/resources/blog/apt43-north-korea-cybercrime-espionage) par la société de cybersécurité Mandiant - qui appartient à
Government-backed hackers allegedly connected to the North Korean military targeted people with expertise in North Korea policy issues by posing as journalists, according to a new report. Researchers from Google\'s Threat Analysis Group (TAG) released the report Wednesday as a follow-up to one [published last week](https://www.mandiant.com/resources/blog/apt43-north-korea-cybercrime-espionage) by cybersecurity firm Mandiant - which is owned by |
Threat | APT 43 | ★★★★ |
|
2023-04-04 18:09:00 | Les experts mettent en garde contre le ransomware \\ 'Rorschach \\' Experts warn of fast-encrypting \\'Rorschach\\' ransomware (lien direct) |
Une nouvelle souche de ransomware a alarmé des chercheurs en cybersécurité, qui le décrivent comme un mélange des Ransomwares les plus efficaces actuellement utilisés.Les chercheurs de la société israélienne de cybersécurité Check Point ont qualifié le nouveau ransomware de «Rorschach» et a déclaré que leur équipe de réponse aux incidents l'avait découvert tout en enquêtant sur une attaque impliquant une entreprise basée aux États-Unis.Sergey Shykevich, Group de renseignement sur les menaces
A new ransomware strain has alarmed cybersecurity researchers, who describe it as a mash-up of the most effective ransomwares currently in use. Researchers at Israeli cybersecurity firm Check Point called the new ransomware “Rorschach” and said their incident response team discovered it while investigating an attack involving a U.S.-based company. Sergey Shykevich, threat intelligence group |
Ransomware Threat | ★★★ | |
|
2023-03-30 21:54:00 | Des dizaines d'universités touchées par le logiciel de billetterie du campus Cyberattack [Dozens of universities affected by campus ticketing software cyberattack] (lien direct) |
Les étudiants de dizaines des plus grandes universités et collèges aux États-Unis et au Canada ont été touchés par une cyberattaque ciblant une plate-forme de billetterie en ligne.Un porte-parole de la plate-forme - AudienceView - a déclaré à enregistrer Future News qu'il avait subi une cyberattaque à la mi-février qui n'a affecté que les clients utilisant son produit du campus qui est utilisé
Students at dozens of the biggest universities and colleges in the U.S. and Canada have been affected by a cyberattack targeting an online ticketing platform. A spokesperson for the platform - AudienceView - told Recorded Future News that it suffered a cyberattack in mid-February that only affected customers using its Campus product which is used |
Threat | ★★★ | |
|
2023-03-30 11:55:00 | L'attaque de la chaîne d'approvisionnement contre le fournisseur de téléphones commerciales 3CX pourrait avoir un impact sur des milliers d'entreprises [Supply-chain attack on business phone provider 3CX could impact thousands of companies] (lien direct) |
Les pirates ont peut-être compromis les réseaux de milliers d'entreprises en raison d'une attaque de chaîne d'approvisionnement contre la société de téléphone en entreprise 3CX, ce qui a confirmé jeudi que son application de bureau avait été regroupée de logiciels malveillants.3CX fournit des systèmes de téléphonie de bureau à plus de 12 millions d'utilisateurs quotidiens dans plus de 600 000 entreprises, comme il le prétend sur son site Web,
Hackers may have compromised the networks of thousands of businesses due to a supply-chain attack on the enterprise phone company 3CX, which confirmed on Thursday its desktop app had been bundled with malware. 3CX provides office phone systems to more than 12 million daily users at over 600,000 companies, as it claims on its website, |
Vulnerability Threat Studies | ★★★ | |
|
2023-03-15 13:37:00 | Scammers used compromised police accounts in extortion scheme, prosecutors say (lien direct) |
Two men broke into a federal law enforcement database and a Bangladeshi police officer's email account to conduct extortion schemes, U.S. law enforcement officials say. A federal court in New York [unsealed an indictment](https://www.justice.gov/usao-edny/pr/two-men-charged-breaching-federal-law-enforcement-database-and-posing-police-officers) Tuesday against 19-year-old Sagar Steven Singh and 25-year-old Nicholas Ceraolo, who are accused of illegally collecting personal information about specific people |
Threat | ★★★ | |
|
2023-03-15 12:17:00 | Ransomware gang exploited a zero-day in Microsoft security feature, Google says (lien direct) |
Financially motivated hackers are using a previously undocumented bug in Microsoft's SmartScreen security feature to spread the Magniber ransomware, according to a new report. The cybercriminals have been able to exploit the zero-day vulnerability in SmartScreen since December, researchers from Google's Threat Analysis Group (TAG) said. The Google team [reported](https://blog.google/threat-analysis-group/magniber-ransomware-actors-used-a-variant-of-microsoft-smartscreen-bypass/) its findings about the bug |
Ransomware Vulnerability Threat Threat | ★★ | |
|
2023-03-14 18:20:00 | New threat group hacked EU healthcare agency and embassies, researchers say (lien direct) |
A new hacking group is targeting European countries and organizations in an espionage campaign that began in June 2022, according to new research. Cisco's Talos cybersecurity team calls the new group “YoroTrooper” and said it has already successfully compromised accounts connected to a “critical” European Union healthcare agency and the World Intellectual Property Organization (WIPO). |
Threat | ★★★ | |
|
2023-03-14 14:11:00 | Hackers target South Asian government entities with KamiKakaBot malware (lien direct) |
Suspected government-backed hackers are attacking military and government organizations in South Asia with malware called KamiKakaBot that is designed to steal sensitive information. Researchers from Amsterdam-based cybersecurity firm EclecticIQ [attributed](https://blog.eclecticiq.com/dark-pink-apt-group-strikes-government-entities-in-south-asian-countries#A1) the attacks to the advanced persistent threat (APT) group Dark Pink. The group's previous victims include military, government, religious and non-profit organizations in Cambodia, Indonesia, |
Malware Threat | ★★ | |
|
2023-03-13 23:02:00 | Analysts tracking $197 million theft from DeFi lender Euler Finance (lien direct) |
Hackers reportedly stole $197 million in cryptocurrency from the decentralized finance (DeFi) platform Euler Finance in the latest flash loan attack to target the industry. Euler Labs did not respond to requests for comment but [confirmed](https://twitter.com/eulerfinance/status/1635218198042918918) the attack on Monday morning. It released a second statement in the afternoon saying law enforcement has been contacted |
Threat | ★★★ | |
|
2023-03-13 18:25:00 | Death registry system in Hawaii had data breach, health department says (lien direct) |
Hawaii's Department of Health says it is sending out breach notification letters after a cyberattack in January gave hackers limited access to the state's death registry. Officials [warned Friday](https://health.hawaii.gov/news/newsroom/department-of-health-to-send-notifications-regarding-unauthorized-access-to-electronic-death-registry-system/) that although death certificates were not accessed, people who recently had a death in the family should “remain vigilant about any remaining unsettled matters such as |
Threat | ★★★ | |
|
2023-03-13 10:43:00 | Estonian official says parliamentary elections were targeted by cyberattacks (lien direct) |
Estonia's parliamentary elections this month were unsuccessfully targeted by cyberattacks, one of the country's leading cybersecurity officials told The Record. The elections marked the first time that the majority of Estonians cast ballots using the country's [internet voting system](https://www.youtube.com/watch?v=uz9CUK0Ii6Q). While officials in countries like the United Kingdom have domestically warned that such systems introduce risks |
Threat Guideline | ★★★ | |
|
2023-03-07 13:05:00 | Israel blames state-sponsored Iranian hackers for ransomware attack on university (lien direct) |
Israeli cybersecurity officials on Tuesday blamed hackers sponsored by the Iranian government for a ransomware attack on the country's leading technology university.
The attack in February forced the Israel Institute of Technology, also known as Technion, to postpone exams and shut down its IT systems. The incident followed what Israeli defense officials said were dozens of attempted Iranian cyberattacks over the past year.
Hackers from a previously unknown group calling itself DarkBit claimed responsibility in a note left on Technion's systems demanding 80 bitcoins ($1.7 million at the time) to enable the university to recover its files.
The note was unusually ideological, criticizing “an apartheid regime” and stating: “They should pay for their lies and crimes, their names and shames. They should pay for occupation, war crimes against humanity, killing the people (not only Palestinians' bodies, but also Israelis' souls) and destroying the future and all dreams we had.”
Israel's National Cyber Directorate on Tuesday attributed the attack to a threat group tracked as MuddyWater, which last year U.S. Cyber Command linked to the Iranian Ministry of Intelligence and Security.
British and American authorities subsequently issued a warning about the hacking group, saying it was targeting a “range of government and private-sector organizations across sectors - including telecommunications, defense, local government, and oil and natural gas - in Asia, Africa, Europe, and North America.”
While Israel and Iran have never been in a declared war against each other, the countries have repeatedly blamed each other for cyberattacks targeting civilian infrastructure, including a steel plant in Iran. Iranian hackers have been blamed for attacks on water systems in Israel.
The attack on the university in Haifa is not the first time that Iranian state-sponsored hackers have been linked to ransomware incidents. A French-Venezuelan cardiologist called Moises Luis Zagala Gonzalez was charged by the U.S. Department of Justice last year with developing the Thanos ransomware and allegedly boasting about it being used by Iranian government-linked hackers.
Another advisory issued in 2022 by cyber authorities in the United Kingdom, United States, Australia and Canada - members of the Five Eyes intelligence alliance - warned that “cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps are exploiting vulnerabilities to launch ransomware operations against multiple sectors.” |
Ransomware Threat Guideline | ★★ | |
|
2023-03-03 19:57:24 | U.S. government warns of Royal ransomware attacks against critical infrastructure (lien direct) |  The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory Thursday warning vulnerable organizations of an increased threat posed by Royal ransomware. The guidance is the second warning the U.S. government has issued about Royal ransomware in recent months. In December, the U.S. Department of Health and Human Services (HHS) warned hospitals [… |
Ransomware Threat | ★★★ | |
|
2023-03-01 00:34:26 | Victims of MortalKombat ransomware can now decrypt their locked files for free (lien direct) |  Cybersecurity firm Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023. The malware has been used on dozens of victims across the U.S., United Kingdom, Turkey and the Philippines, according to a recent report from Cisco. Bogdan Botezatu, director of threat research and reporting [… |
Ransomware Malware Threat | ★★ | |
|
2023-02-27 20:04:31 | More trouble from an APT with Colombia and Ecuador on its mind (lien direct) |  The advanced persistent threat (APT) group known as Blind Eagle or APT-C-36 continues to phish with official-looking PDFs, researchers say |
Threat | APT-C-36 | ★★★ |
|
2023-02-16 15:04:20 | War brought big spikes in cyberattacks on Ukraine, NATO allies, Google says (lien direct) |  Google's Threat Analysis Group reports that cyberattacks on Ukraine and its supporters increased aggressively as Russia waged war |
Threat | ★★ | |
|
2023-02-09 15:28:22 | New hacking group targets Pakistan\'s Navy and maritime industry (lien direct) |  A previously unknown hacking group is using espionage tools to target Pakistan’s Navy, according to new research. Dmitry Bestuzhev, a threat Researcher at BlackBerry, told The Record that the group – which they named “NewsPenguin” – is a targeted attack group focused on militaries and the defense industry. The group used the upcoming Pakistan International […] |
Threat | ★★ | |
|
2023-01-19 00:01:00 | British and Ukrainian cyber officials meet in London for threat intelligence talks (lien direct) |  Senior cybersecurity officials from the United Kingdom and Ukraine met for several hours on Wednesday to discuss threat intelligence relating to Russian cyberattacks. The bilateral talks between National Cyber Security Centre (NCSC) staff and a delegation from Ukraine's State Service of Special Communications and Information Protection (SSSCIP) and its Computer Emergency Response Team (CERT-UA) covered [… |
Threat | ★★★ | |
|
2023-01-17 17:36:03 | China proposes UN treaty criminalizes \'dissemination of false information\' (lien direct) |  China has proposed that a new international convention on cybercrime should criminalize the “dissemination of false information” during negotiations in Vienna about the provisions of the United Nations treaty. The proposal is likely to be contested by Western states who will see it as a threat to human rights standards and an attempt by the [… |
Threat | ★★ |
To see everything:
Our RSS (filtrered)
