What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-24 12:03:34 | Zendesk Hacked After Employees Fall for Phishing Attack (lien direct) | >Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company's employees. | Data Breach | ★★ | |
|
2023-01-23 13:49:12 | NSA Publishes Security Guidance for Organizations Transitioning to IPv6 (lien direct) | The National Security Agency (NSA) has published guidance to help the Department of Defense (DoD) and other system administrators identify and mitigate cyber risks associated with transitioning to Internet Protocol version 6 (IPv6). | ★★ | ||
|
2023-01-23 12:10:54 | Companies Impacted by Recent Mailchimp Breach Start Notifying Customers (lien direct) | Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation. | Data Breach | ★★ | |
|
2023-01-23 11:52:59 | Mississippi Creates New Cyber Unit, Names 1st Director (lien direct) | A new unit to handle cybersecurity in Mississippi is in place and has its first director. | ★ | ||
|
2023-01-20 14:29:45 | In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences (lien direct) | Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. | Vulnerability Threat | ★★ | |
|
2023-01-20 14:03:11 | Sophisticated \'VastFlux\' Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted (lien direct) | A sophisticated ad fraud scheme that spoofed over 1,700 applications and 120 publishers peaked at 12 billion ad requests per day before being taken down, bot attack prevention firm Human says. | ★★★ | ||
|
2023-01-20 11:12:05 | Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up: Report (lien direct) | Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands, according to data from Chainalysis. | Ransomware | ★ | |
|
2023-01-20 10:44:51 | A Change in Mindset: From a Threat-based to Risk-based Approach to Security (lien direct) | Bad actors find themselves at a constant advantage. They can determine when, where, and how they will attack an enterprise, using time and patience to pick the moment they want to strike. | ★ | ||
|
2023-01-20 10:25:55 | Ransomware Shuts Hundreds of Yum Brands Restaurants in UK (lien direct) | A ransomware attack forced the parent company of KFC and Taco Bell to close several hundred restaurants in the United Kingdom this week. A government filing posted Thursday says the attack impacted information technology systems. Yum Brands said the attackers took company data, but that there is no evidence customer data was stolen. | Ransomware | ★ | |
|
2023-01-20 01:01:01 | T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts (lien direct) | Wireless carrier T-Mobile on Thursday fessed up to another massive data breach affecting approximately 37 million current postpaid and prepaid customer accounts. | Data Breach | ★★★ | |
|
2023-01-19 16:26:49 | Meta Slapped With 5.5 Million Euro Fine for EU Data Breach (lien direct) | Social media giant Meta has been fined an additional 5.5 million euros ($5.9 million) for violating EU data protection regulations with its instant messaging platform WhatsApp, Ireland's regulator announced Thursday. | Data Breach | ★★ | |
|
2023-01-19 14:05:26 | Credential Leakage Fueling Rise in API Breaches (lien direct) | There is a problem with API security – it isn't working very well, and it's largely down to credential leakage. Most security professionals are confident in their own API credential management; but at the same time, most of the same professionals admit to having experienced a breach effected through compromised API credentials. | ★★★ | ||
|
2023-01-18 11:55:20 | 18k Nissan Customers Affected by Data Breach at Third-Party Software Developer (lien direct) | Nissan North America is informing roughly 18,000 customers that their personal information was exposed in a data breach at a third-party services provider. The breach occurred after data provided by Nissan to the services provider was inadvertently exposed on the internet, the company notes in a notification letter sent to the impacted customers. | Data Breach | ★★ | |
|
2023-01-18 11:18:16 | Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels (lien direct) | 
Norway-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
|
Ransomware Industrial | ★★ | |
|
2023-01-17 14:26:27 | PyPI Users Targeted With \'Wacatac\' Trojan in New Supply Chain Attack (lien direct) | Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload. | ★★★ | ||
|
2023-01-17 13:09:56 | Attackers Can Abuse GitHub Codespaces for Malware Delivery (lien direct) | A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery, Trend Micro reports. | Malware Prediction | ★ | |
|
2023-01-16 13:18:41 | Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems (lien direct) | The US Department of Defense (DoD) is getting ready to launch the third installment of its 'Hack the Pentagon' bug bounty program, which will focus on the Facility Related Controls System (FRCS) network. | Hack | ★★★ | |
|
2023-01-16 11:53:44 | CircleCI Hacked via Malware on Employee Laptop (lien direct) | Software development service CircleCI has revealed that a recently disclosed data breach was the result of information stealer malware being deployed on an engineer's laptop. The incident was initially disclosed on January 4, when CircleCI urged customers to rotate their secret keys. | Data Breach Malware | ★★★ | |
|
2023-01-16 11:14:57 | Cybersecurity Experts Cast Doubt on Hackers\' ICS Ransomware Claims (lien direct) | A hacktivist group has made bold claims regarding an attack on an industrial control system (ICS) device, but industry professionals have questioned their claims. | Ransomware Industrial | ★★ | |
|
2023-01-13 11:21:01 | Fortinet Says Recently Patched Vulnerability Exploited to Hack Governments (lien direct) | Fortinet reported this week that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations. The security hole impacts the FortiOS SSL-VPN and it can allow a remote, unauthenticated hacker to execute arbitrary code or commands using specially crafted requests. | Hack Vulnerability | ★★★ | |
|
2023-01-12 13:40:37 | The Guardian Confirms Personal Information Compromised in Ransomware Attack (lien direct) | British news organization The Guardian has confirmed that personal information was compromised in a ransomware attack in December 2022. | Ransomware | ★★★ | |
|
2023-01-12 11:16:48 | Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers (lien direct) | Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit. | Hack Vulnerability | ★★ | |
|
2023-01-11 17:35:13 | Cyber Incident Hits UK Postal Service, Halts Overseas Mail (lien direct) | Britain's postal service said it was hit Wednesday by a “cyber incident” that is temporarily preventing it from sending letters or parcels to other countries. | ★★ | ||
|
2023-01-11 16:12:31 | Red Hat Announces General Availability of Malware Detection Service (lien direct) | Red Hat announced on Tuesday the general availability of a malware detection service for Red Hat Enterprise Linux (RHEL) systems. | Malware | ★★ | |
|
2023-01-11 11:53:21 | 251k Impacted by Data Breach at Insurance Firm Bay Bridge Administrators (lien direct) | Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach. | Data Breach | ★★ | |
|
2023-01-10 12:49:25 | PyPI Users Targeted With PoweRAT Malware (lien direct) | Software supply chain security firm Phylum has identified a malicious attack targeting Python Package Index (PyPI) users with the PoweRAT backdoor and information stealer. | Malware | ★★ | |
|
2023-01-10 12:40:03 | Iowa\'s Largest City Cancels Classes Due to Cyber Attack (lien direct) | Iowa's largest school district cancelled classes for Tuesday after determining there was a cyber attack on its technology network. Des Moines Public Schools announced Monday that classes would be cancelled for its 33,000 students after being “alerted to a cyber security incident on its technology network.” | ★★ | ||
|
2023-01-09 17:27:16 | Justices Turn Away Israeli Spyware Maker in WhatsApp Suit (lien direct) | The Supreme Court on Monday rejected an Israeli spyware maker's bid to derail a high-profile lawsuit filed by the WhatsApp messaging service. The justices left in place lower court rulings against the Israeli firm, NSO Group. WhatsApp claims that NSO targeted some 1,400 users of the encrypted messaging service with highly sophisticated spyware. | ★★ | ||
|
2023-01-09 14:15:05 | Air France, KLM Customers Warned of Loyalty Program Account Hacking (lien direct) | Franco-Dutch airline company Air France-KLM has started informing Flying Blue customers of a data breach involving their user accounts. Air France-KLM was formed in 2004, following the merger between Air France and KLM. Flying Blue is their loyalty program, also used by Aircalin, Kenya Airways, TAROM, and Transavia. | Data Breach | ★★★★ | |
|
2023-01-09 13:16:26 | FCC Proposes Tighter Data Breach Reporting Rules for Wireless Carriers (lien direct) | The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers. The updated rules, the FCC says, will fall in line with recent changes in federal and state laws regarding data breaches in other sectors. | Data Breach | ★★★ | |
|
2023-01-06 15:55:53 | XDR and the Age-old Problem of Alert Fatigue (lien direct) | XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture | Threat | ★★★ | |
|
2023-01-06 15:44:09 | Many of 13 New Mac Malware Families Discovered in 2022 Linked to China (lien direct) | More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China. | Malware | ★★★★ | |
|
2023-01-06 13:36:58 | Russian Turla Cyberspies Leveraged Other Hackers\' USB-Delivered Malware (lien direct) | In a recent attack against a Ukrainian organization, Russian state-sponsored threat actor Turla leveraged legacy Andromeda malware likely deployed by other hackers via an infected USB drive, Mandiant reports. | Malware Threat | ★★ | |
|
2023-01-06 10:22:05 | Rackspace Completes Investigation Into Ransomware Attack (lien direct) | Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources. | Ransomware | ★★★ | |
|
2023-01-05 15:55:19 | Zoho Urges ManageEngine Users to Patch Serious SQL Injection Vulnerability (lien direct) | Zoho this week announced patches for a high-severity SQL injection vulnerability in ManageEngine Password Manager Pro, PAM360, and Access Manager Plus. ManageEngine is an enterprise software solution offering management capabilities for endpoints, enterprise services, identity and access, IT operations, and security information and events. | Vulnerability | ★★ | |
|
2023-01-05 13:12:10 | Burger Chain Five Guys Discloses Data Breach Impacting Job Applicants (lien direct) | US burger chain Five Guys has disclosed a data breach impacting job applicants, and the company may be facing a lawsuit over the cybersecurity incident. Five Guys appears to have started informing customers on December 29, when it also notified state authorities about the incident. | Data Breach | ★★ | |
|
2023-01-05 10:25:12 | Play Ransomware Group Used New Exploitation Method in Rackspace Attack (lien direct) | The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this week. | Ransomware | ★★★ | |
|
2023-01-04 14:56:37 | Android\'s First Security Updates for 2023 Patch 60 Vulnerabilities (lien direct) | Google announced on Tuesday the first Android security updates for 2023, which patch a total of 60 vulnerabilities. The first part of the update, which arrives on devices as the 2023-01-01 security patch level, addresses 19 security defects in the Framework and System components. | ★★★ | ||
|
2023-01-04 13:07:13 | Wabtec Says Personal Information Compromised in Ransomware Attack (lien direct) | Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year. The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees. | Ransomware | ★★★ | |
|
2023-01-04 11:25:53 | Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack (lien direct) | A hacker is offering to sell data allegedly stolen from Swedish vehicle manufacturer Volvo Cars following a ransomware attack carried out in late December. | Ransomware | ★★★ | |
|
2023-01-03 18:33:39 | Researcher Says Google Paid $100k Bug Bounty for Smart Speaker Vulnerabilities (lien direct) | Security researcher Matt Kunze says Google paid him a $107,500 bug bounty reward for responsibly reporting vulnerabilities in the Google Home Mini smart speaker. The issues, the researcher says, could have been exploited by an attacker within wireless proximity to create a rogue account on the device and then perform various actions. | ★★★ | ||
|
2023-01-03 12:50:38 | Malware Delivered to PyTorch Users in Supply Chain Attack (lien direct) | Last week's nightly builds of the open source machine learning framework PyTorch were injected with malware following a supply chain attack. Now part of the Linux Foundation umbrella, PyTorch is based on the Torch library and is used for applications in computer vision and natural language processing fields. | Malware | ★ | |
|
2023-01-03 10:37:40 | Ransomware Attack Forces Canadian Mining Company to Shut Down Mill (lien direct) | Canadian Copper Mountain Mining Corporation (CMMC) last week shut down its mill after falling victim to a ransomware attack. Listed on the Toronto Stock Exchange, the firm owns most of the Copper Mountain mine. Located in southern British Columbia, the mine produces an average of 100 million pounds of copper equivalent per year. | Ransomware | ★★★ | |
|
2022-12-29 10:42:45 | Data Breach at Louisiana Healthcare Provider Impacts 270,000 Patients (lien direct) | Southwest Louisiana healthcare provider Lake Charles Memorial Health System (LCMHS) is informing roughly 270,000 patients that their personal and medical information was compromised in a data breach. | Data Breach Medical | ★★ | |
|
2022-12-23 10:38:13 | BetMGM Confirms Breach as Hackers Offer to Sell Data of 1.5 Million Customers (lien direct) | MGM Resorts-owned online sports betting company BetMGM confirmed suffering a data breach the same day hackers offered to sell a database containing the information of 1.5 million BetMGM customers. In a statement posted on its website on December 21, BetMGM said “patron records were obtained in an unauthorized manner”. | Data Breach | ★ | |
|
2022-12-22 21:07:44 | LastPass Says Password Vault Data Stolen in Data Breach (lien direct) | Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords. | Data Breach | LastPass | ★ |
|
2022-12-22 11:38:23 | Ransomware Attack Causes Disruption at British Newspaper The Guardian (lien direct) | British news organization The Guardian on Wednesday announced that a ransomware attack has been causing disruption to behind-the-scenes services. | Ransomware | ★★★ | |
|
2022-12-22 09:27:59 | Godfather Android Banking Trojan Targeting Over 400 Applications (lien direct) | The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries, threat intelligence firm Group-IB warns. | Threat | ★★★ | |
|
2022-12-21 14:54:19 | Cyber Insurance Analytics Firm CyberCube Raises $50 Million (lien direct) | CyberCube, a provider of cyber risk analytics for insurance companies, this week announced that it has raised $50 million in a new funding round that brings the total raised by the firm to $105 million. | ★★ | ||
|
2022-12-21 14:44:57 | Critical Vulnerabilities Found in Passwordstate Enterprise Password Manager (lien direct) | Researchers discovered that the Passwordstate enterprise password manager made by Australian company Click Studios is affected by serious vulnerabilities that could allow an unauthenticated attacker to obtain a user's passwords. | ★★ |
To see everything:
Our RSS (filtrered)
