What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-16 13:53:13 | Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack (lien direct) | A ransomware group has hit at least one water company in the United Kingdom, but there is some confusion over whose systems were actually breached. | Ransomware Hack | ||
|
2022-08-16 11:09:42 | Signal Discloses Impact From Twilio Hack (lien direct) | Secure communications services provider Signal on Monday disclosed impact from the recent Twilio hack, after threat actors attempted to re-register the phone numbers of some of its users to new devices. | Hack Threat | ||
|
2022-08-16 10:27:07 | Cyber Firm Darktrace Shares Surge on Possible Takeover (lien direct) | Shares in British cyber security firm Darktrace soared almost a fifth Tuesday, reflecting a possible takeover worth several billion pounds by a US private equity firm. | |||
|
2022-08-15 11:48:00 | Google Boosts Bug Bounty Rewards for Linux Kernel Vulnerabilities (lien direct) | Google is once again boosting the maximum bounty payouts for Linux vulnerabilities reported as part of its open-source Kubernetes-based capture-the-flag (CTF) vulnerability rewards program (VRP). | Vulnerability | Uber | |
|
2022-08-15 10:46:06 | Weaponized PLCs Can Hack Engineering Workstations in Attacks on Industrial Orgs (lien direct) | Researchers have shown how hackers could weaponize programmable logic controllers (PLCs) and use them to exploit engineering workstations running software from several major industrial automation companies. | Hack | ||
|
2022-08-15 09:59:25 | Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware (lien direct) | China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS systems, Trend Micro reports. | Malware | APT 27 | |
|
2022-08-12 17:23:32 | Killnet Releases \'Proof\' of its Attack Against Lockheed Martin (lien direct) | On August 1, Lockheed Martin was supposedly targeted with a DDoS attack delivered by the pro-Russian hacker group Killnet. The information came via the Moscow Times who reported Killnet's claim for responsibility. Newsweek added that Killnet claimed to have stolen Lockheed Martin employee data and threatened to share that data. | |||
|
2022-08-12 13:06:29 | Microsoft Paid $13.7 Million via Bug Bounty Programs Over Past Year (lien direct) | Microsoft this week announced that, over the past 12 months alone, it paid out $13.7 million in rewards as part of its bug bounty programs. | |||
|
2022-08-12 10:43:09 | Zero-Day Vulnerability Exploited to Hack Over 1,000 Zimbra Email Servers (lien direct) | A new zero-day vulnerability affecting Zimbra has been exploited to hack more than 1,000 enterprise email servers, according to incident response firm Volexity. | Hack Vulnerability | ||
|
2022-08-11 17:44:56 | Cisco Patches High-Severity Vulnerability in Security Solutions (lien direct) | Cisco this week announced the release of patches for a high-severity vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that could allow an unauthenticated attacker to leak an RSA private key. | Vulnerability Threat | ||
|
2022-08-11 10:58:37 | Palo Alto Networks Firewalls Targeted for Reflected, Amplified DDoS Attack (lien direct) | Palo Alto Networks is working on fixes for a reflected amplification denial-of-service (DoS) vulnerability that impacts PAN-OS, the platform powering its next-gen firewalls. | Vulnerability | ||
|
2022-08-09 18:08:36 | Already Exploited Zero-Day Headlines Microsoft Patch Tuesday (lien direct) | Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system. | Vulnerability | ||
|
2022-08-09 17:45:28 | ÆPIC Leak: Architectural Bug in Intel CPUs Exposes Protected Data (lien direct) | A group of researchers from several universities and companies has disclosed a new Intel CPU attack method that could allow an attacker to obtain potentially sensitive information. | |||
|
2022-08-09 16:53:48 | AMD Processors Expose Sensitive Data to New \'SQUIP\' Attack (lien direct) | A group of academic researchers on Tuesday published a paper describing the first side-channel attack targeting the scheduler queues of modern processors. | |||
|
2022-08-08 14:29:31 | 7-Eleven Closes Stores in Denmark After Hacker Attack (lien direct) | US convenience store chain, 7-Eleven, said Monday that it had closed its outlets in Denmark after a suspected hacker attack knocked out their cash tills. | |||
|
2022-08-08 13:29:22 | Meta Disrupted Two Cyberespionage Operations in South Asia (lien direct) | Facebook's parent company Meta took action earlier this year against two cross-platform cyberespionage operations that relied on various online services for malware distribution. | Malware | ||
|
2022-08-08 11:17:56 | (Déjà vu) US, Australian Cybersecurity Agencies Publish List of 2021\'s Top Malware (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail the top malware strains of 2021. | Malware | ||
|
2022-08-06 10:11:49 | Twitter Breach Exposed Anonymous Account Owners (lien direct) | A vulnerability in Twitter's software that exposed an undetermined number of owners of anonymous accounts to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday. | Vulnerability | ||
|
2022-08-05 15:20:15 | Slack Forces Password Resets After Discovering Software Flaw (lien direct) | Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials. Slack's security response team alerted users to the issue via email and followed up with a blog post warning about the risk of passwords leaking to a skilled attacker. | |||
|
2022-08-04 11:01:42 | Secure Enterprise Browser Startup Talon Raises $100 Million (lien direct) | Enterprise secure browser startup firm Talon Cyber Security has closed a $100 million Series A funding round. The funding was led by Evolution Equity Partners, with participation from Ballistic Ventures, CrowdStrike's Falcon Fund, Merlin Ventures, SYN Ventures and previous investors. The money will be used for further product development and marketing. | |||
|
2022-08-04 11:00:41 | Cyber Readiness Measurement Firm Axio Raises $23 Million (lien direct) | New York-based cyber readiness and risk management firm Axio has raised $23 million in a Series B funding round led by ISTARI, with participation from existing investors NFP Ventures and IA Capital Group. The funds will be used to enhance the company's Axio360 platform and drive international expansion. | |||
|
2022-08-04 10:54:26 | Taiwan Govt Websites Attacked During Pelosi Visit (lien direct) | Major Taiwanese government websites were temporarily forced offline by cyber attacks believed to be linked to China and Russia during US House Speaker Nancy Pelosi's visit to the island, Taipei said Thursday. | |||
|
2022-08-04 10:33:22 | VirusTotal Data Shows How Malware Distribution Leverages Legitimate Sites, Apps (lien direct) | Google-owned malware analysis service VirusTotal has published a report showing how threat actors abuse trust to bypass defenses and deliver their malware. According to data collected by VirusTotal, legitimate websites and applications are often leveraged for malware delivery. | Malware Threat | ||
|
2022-08-03 14:35:29 | Power Electronics Manufacturer Semikron Targeted in Ransomware Attack (lien direct) | German power electronics manufacturer Semikron revealed this week that it has been targeted in a cyberattack. Semikron, which employs 3,000 people across 24 subsidiaries worldwide, makes power modules and systems. Its products are used in motor drives, industrial automation systems, as well as other application areas. | Ransomware | ||
|
2022-08-03 10:26:33 | The Ever-Increasing Issue of Cyber Threats - and the Zero Trust Answer (lien direct) | The benefits of ZTNA make it hard to ignore Ensuring that the right people have access to the proper resources when they need them whilst maintaining security and access controls across multiple data centers and cloud environments is one of the biggest technical challenges any organization faces. | |||
|
2022-08-03 10:10:14 | Nearly $200 Million Stolen From Cryptocurrency Bridge Nomad (lien direct) | Cryptocurrency bridge Nomad has lost nearly all of its funds as a result of a hack described by experts as chaotic. Losses total nearly $200 million, but the company appears hopeful that it will recover at least some of it. | Hack | ||
|
2022-08-03 10:07:14 | UK Clears Norton\'s $8B Avast Cyber Security Takeover (lien direct) | UK regulators on Wednesday gave the provisional nod to US cyber security giant NortonLifeLock's $8-billion purchase of Czech rival Avast, whose London shares surged more than 40 percent in reaction. | |||
|
2022-08-02 10:30:19 | Google Patches Critical Android Flaw Allowing Remote Code Execution via Bluetooth (lien direct) | Google on Monday published a security bulletin describing the latest round of patches for the Android operating system. Three dozen vulnerabilities have been fixed, including a critical issue that can be exploited for remote code execution over Bluetooth. | |||
|
2022-08-01 11:14:38 | Australian Man Charged for Developing Imminent Monitor RAT (lien direct) | The Australian Federal Police announced over the weekend that a 24-year-old man has been charged for allegedly creating and selling a piece of spyware named Imminent Monitor (IM). | ★★ | ||
|
2022-08-01 10:30:47 | Austria Probes Claim Spyware Targeted Law Firms, Banks (lien direct) | Austria said Friday that it was investigating a report that an Austrian company developed spyware targeting law firms, banks and consultancies in at least three countries. | |||
|
2022-07-29 12:02:50 | OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms (lien direct) | Mailing and printing services vendor OneTouchPoint has disclosed a data breach impacting more than 30 healthcare providers and health insurance carriers. Headquartered in Hartland, Wisconsin, OneTouchPoint offers print, marketing execution and supply chain management services to organizations in the healthcare sector. | Data Breach | ||
|
2022-07-29 11:00:03 | Major Cybersecurity Breach of US Court System Comes to Light (lien direct) | The US federal court system suffered a major cybersecurity breach in 2020, House Judiciary chairman Rep. Jerrold Nadler revealed in a public hearing on Thursday. | |||
|
2022-07-28 19:10:37 | Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants (lien direct) | Cybersecurity professionals from Google's threat hunting unit and the University of Toronto's Citizen Lab are upping the pressure on mercenary hacking firms selling high-end surveillance spyware with fresh calls for the U.S. government to urgently clamp down on these businesses. | Threat | ||
|
2022-07-27 19:54:39 | Victim of Private Spyware Warns It Can be Used Against US (lien direct) | Months after her father was lured back to Rwanda under false pretenses and jailed, Carine Kanimba discovered her own phone had been hacked using private spyware. | |||
|
2022-07-27 15:20:37 | Mailing List Provider WordFly Scrambling to Recover Following Ransomware Attack (lien direct) | Mailing list provider WordFly has been offline for more than two weeks after ransomware encrypted data on some of its systems. WordFly provides digital marketing for arts, culture, entertainment, and sports organizations, offering email and SMS marketing, forms, and surveys, among other options. | Ransomware | ★★ | |
|
2022-07-27 14:10:49 | IBM Security: Cost of Data Breach Hitting All-Time Highs (lien direct) | A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher. | Data Breach | ||
|
2022-07-27 11:15:16 | Dozens of \'Luca Stealer\' Malware Samples Emerge After Source Code Made Public (lien direct) | Security researchers have observed an uptick in new Luca Stealer samples after the malware's source code was made public. Coded in Rust, the malware was initially observed in early July 2022, when its developer posted the source code on cybercrime forums, likely in an effort to boost their reputation. | Malware | ||
|
2022-07-27 01:46:42 | Wawa Agrees to Payment, Security Changes for \'19 Data Breach (lien direct) | A Pennsylvania-based convenience store chain will pay $8 million to several states over a 2019 data breach that involved some 34 million payment cards, authorities announced Tuesday. | Data Breach | ||
|
2022-07-26 20:12:01 | European Lawmaker Targeted With Cytrox Predator Surveillance Spyware (lien direct) | A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there are fresh reports linking the hack attempt to a known North Macedonia spyware vendor. | Hack | ||
|
2022-07-26 10:29:13 | Data Stolen in Breach at Security Company Entrust (lien direct) | Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files. | Data Breach | ||
|
2022-07-25 13:20:58 | Uber Settles With Federal Investigators Over 2016 Data Breach Coverup (lien direct) | Uber has entered a non-prosecution agreement to resolve a criminal investigation into the manner in which the company handled a 2016 data breach that impacted 57 million users and drivers. | Data Breach | Uber | |
|
2022-07-25 12:40:35 | 1,000 Organizations Exposed to Remote Attacks by FileWave MDM Vulnerabilities (lien direct) | Vulnerabilities affecting a mobile device management (MDM) product from FileWave exposed many organizations to remote attacks, according to industrial cybersecurity firm Claroty. | |||
|
2022-07-25 10:43:03 | Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak (lien direct) | Atlassian has warned customers that a vulnerability in Questions for Confluence will likely be used in attacks after someone made public a piece of information needed to exploit a recently addressed vulnerability. | Vulnerability | ||
|
2022-07-25 00:51:25 | T-Mobile Settles to Pay $350M to Customers in Data Breach (lien direct) | T- Mobile has agreed to pay $350 million to customers affected by a class action lawsuit filed after the company disclosed last August that personal data like social security numbers had been stolen in a | Data Breach Hack | ||
|
2022-07-22 15:30:23 | Chrome Flaw Exploited by Israeli Spyware Firm Also Impacts Edge, Safari (lien direct) | A recently patched Chrome vulnerability that appears to have been exploited by an Israeli spyware company also impacts Microsoft's Edge and Apple's Safari web browsers. | Vulnerability | ||
|
2022-07-22 15:22:47 | Intezer Documents Powerful \'Lightning Framework\' Linux Malware (lien direct) | Security researchers at Intezer are documenting the discovery of a powerful piece of Linux malware that can stay undetected and has the ability to install rootkits. | Malware | ||
|
2022-07-21 13:31:37 | USCYBERCOM Releases IoCs for Malware Targeting Ukraine (lien direct) | The United States Cyber Command (USCYBERCOM) this week released indicators of compromise (IoCs) associated with malware families identified in recent attacks targeting Ukraine. | Malware | ||
|
2022-07-21 12:40:22 | Exploitation of Recent Chrome Zero-Day Linked to Israeli Spyware Company (lien direct) | An actively exploited Chrome zero-day that Google patched on July 4 has been linked to an Israeli spyware company and used in targeted attacks aimed at entities in the Middle East. | |||
|
2022-07-20 15:03:45 | Google, EU Warn of Malicious Russian Cyber Activity (lien direct) | Russia-linked Turla threat actor spotted using Android malware for first time Google and the European Union have issued separate warnings this week over Russian cyberattacks and misinformation campaigns. | Malware Threat | ||
|
2022-07-20 08:37:31 | Belgium Says Chinese APTs Targeted Interior, Defense Ministries (lien direct) | Belgium on Monday accused Chinese state-sponsored hackers of launching cyberattacks against its interior and defense ministries. Belgium noted in a statement that it has detected cyber intrusions from hacking groups tracked as APT27, APT30, APT31, and Gallium. | APT 30 APT 27 APT 31 |
To see everything:
