What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-16 05:00:03 | Ransomware Diaries: Undercover with the Leader of Lockbit (lien direct) |  An unusual announcement appeared in Russian Dark Web forums in June of 2020. Amid the hundreds of ads offering stolen credit card numbers and batches of personally identifiable information there was a Call for Papers. “We're kicking off the summer PAPER CONTEST,” it read. “Accepted article topics include any methods for popuring shells, malware and [… |
Ransomware Malware Guideline | ★★★ | |
|
2023-01-13 19:30:34 | Fortinet warns of hackers targeting governments through VPN vulnerability (lien direct) |  Fortinet published an advisory this week warning that a critical vulnerability is being exploited by an “advanced actor” to target government networks. Fortinet published an advisory about the bug – CVE-2022-42475 – and it quickly garnered widespread attention due to its 9.8 CVSS score, ease of use and the large number of FortiOS versions affected. [… |
Vulnerability | ★★★ | |
|
2023-01-13 17:11:59 | Europol takes down call centers that scammed Germans out of €2 million (lien direct) |  International police arrested scammers selling fake cryptocurrency in Europe, Australia, and Canada, Europol announced Thursday. During a cross-border investigation launched in June 2022, police arrested 14 suspects in Serbia and one in Germany. More than 260 other suspects, including people in Bulgaria and Cyprus, have been questioned and some are awaiting prosecution. The criminal network [… |
★★★ | ||
|
2023-01-13 14:10:35 | Cisco warns of two vulnerabilities affecting end-of-life routers (lien direct) |  Cisco warned customers this week that it will not release software updates or workarounds to address two vulnerabilities affecting a line of routers that were last sold in 2020. The popular routers – Cisco Small Business RV016, RV042, RV042G and RV082 – are affected by CVE-2023-20025 and CVE-2023-20026. Cisco said it is aware that proof-of-concept [… |
★★ | ||
|
2023-01-13 14:00:51 | Meta sues \'surveillance service\' for creating fake accounts and scraping user data (lien direct) |  Meta has filed a legal action against a surveillance service which it accused of creating fake accounts on Instagram and Facebook for the purpose of scraping user data. Voyager Labs “improperly collected data from Facebook, Instagram and other websites,” the social media giant alleged on Thursday. The company “developed and used proprietary software to launch [… |
★★★ | ||
|
2023-01-12 21:19:14 | CISA adds recently-announced Microsoft zero-day to exploited vulnerability catalog (lien direct) |  The Cybersecurity and Infrastructure Security Agency added a recently revealed bug to its known exploited vulnerability list this week after Microsoft confirmed it was being used in attacks. CISA ordered all federal civilian agencies to patch CVE-2023-21674 by January 31. The bug – first unveiled in Microsoft's initial Patch Tuesday release of 2023 – affects [… |
Vulnerability | ★★ | |
|
2023-01-12 20:34:59 | Nakasone: Foreign surveillance program helped fend off cyberattacks (lien direct) |  NSA Director Gen. Paul Nakasone said Thursday that the special targeted internet surveillance program for non-U.S. citizens known as Section 702 has played an “irreplaceable” role in helping the agency fend off ransomware attacks and prevent weapons components from reaching adversaries, as well as being used to identify threats to U.S. troops. “702 has helped [… |
Ransomware | ★★★ | |
|
2023-01-12 19:29:55 | Millions of Aflac, Zurich insurance customers in Japan have data leaked after breach (lien direct) |  The Japanese customers of two large insurance companies have had their personal information leaked after the breach of a third-party service provider. Neither company would say if the two breaches were connected, and the attacked provider has not been named. But each company released statements this week warning their customers that their information was made [… |
★★★ | ||
|
2023-01-12 18:45:31 | Pro-Russia hackers use Telegram, GitHub to attack Czech presidential election (lien direct) |  A group of pro-Russian hackers is using Telegram and GitHub to launch distributed denial-of-service attacks against Ukraine and several NATO countries. Researchers at SentinelOne said that as recently as this week they found the group – called NoName057(16) – targeting the websites of candidates in the 2023 Czech presidential election as well as businesses and [… |
★★★ | ||
|
2023-01-12 17:48:12 | France fines TikTok €5 million for not offering \'refuse all\' button on website\'s cookie banner (lien direct) |  TikTok has been issued a fine of €5 million (about $5.4 million) by the French data protection regulator because it made it difficult for users to opt out of being tracked on its website – a breach of data protection laws. The CNIL (Commission nationale de l'informatique et des libertés) announced the penalty on Thursday, [… |
★★★ | ||
|
2023-01-12 16:36:54 | \'Dark Pink\' hackers target state and military organizations in Asia, Europe (lien direct) |  A new hacking group dubbed “Dark Pink” is targeting government, military, religious and non-profit organizations in Asia and Europe with phishing emails, according to new research. The group's core goal, according to a report by Group-IB, is corporate espionage, as hackers have exfiltrated files, microphone audio and messenger data from infected devices. The group was [… |
★★★ | ||
|
2023-01-12 14:30:07 | British NFT Investments says hackers stole $250,000 worth of assets (lien direct) |  NFT Investments, a British company that as its name suggests invests in companies developing non-fungible tokens (NFTs), announced on Thursday that it lost $250,000 of assets in a cyberattack. The company, which describes itself as working with “entrepreneurs to develop NFT assets,” disclosed the incident through the London Stock Exchange's (LSE) Regulatory News Service as [… |
★★ | ||
|
2023-01-11 22:11:24 | Twitter says leaked data on 200 million users was likely publicly available info (lien direct) |  Twitter on Wednesday addressed long-simmering rumors that hackers stole the information of more than 200 million users, claiming that there is “no evidence” the information being sold on the dark web came from the exploitation of a vulnerability in the company's systems. The social media giant - which was purchased by Tesla CEO Elon Musk [… |
Vulnerability | ★★ | |
|
2023-01-11 20:56:40 | House Reps introduce bill to fund research into cybersecurity and energy infrastructure (lien direct) |  A bill to fund research into the cybersecurity needs of the country's energy infrastructure was introduced by two members of Congress on Wednesday. Congresswoman Deborah Ross (D-NC) and Congressman Mike Carey (R-OH) said the Energy Cybersecurity University Leadership Act will offer grants and other forms of funding to graduate students and postdoctoral researchers focusing on [… |
Guideline | ★★ | |
|
2023-01-11 18:41:41 | New York state adds $35 million to 2023 cybersecurity budget as attacks soar (lien direct) |  New York Governor Kathy Hochul is adding an additional $35 million in funding to the state's $61.9 million cybersecurity budget for this year, while also creating a new team focusing on protecting critical infrastructure. This week, Hochul said she decided to add the additional funding to the budget because the “frequency, magnitude, and impact of [… |
★★ | ||
|
2023-01-11 17:24:01 | The Guardian confirms criminals accessed staff data in ransomware attack (lien direct) |  The Guardian has confirmed that the cyber incident it experienced in December was a criminal ransomware attack and that the attackers are believed to have accessed staff data. An email detailing the attack, seen by The Record, explains that the newspaper “detected suspicious activity on our networks on Tuesday 20th December, resulting in our decision [… |
Ransomware | ★★ | |
|
2023-01-11 16:55:51 | \'StrongPity\' hackers created fake video-chat app to spy on users (lien direct) |  Suspected nation-state hackers from the StrongPity group have created a malicious Android video chat app that can record users’ phone calls, collect SMS messages, and steal data from dozens of mobile apps, according to new research. Hackers distributed the malicious app through a website impersonating a real video-chat service called Shagle, which provides encrypted communications [… |
★★ | ||
|
2023-01-11 16:47:18 | Royal Mail \'experiencing severe service disruption\' following \'cyber incident\' (lien direct) |  Royal Mail, the British postage and courier company, announced on Wednesday it was “experiencing severe service disruption” following a “cyber incident.” The nature of the incident has not been disclosed but the company said its teams “are working around the clock to resolve this disruption and we will update you as soon as we have [… |
★★★ | ||
|
2023-01-11 14:13:22 | Chinese \'government-controlled company\' accused of stealthily buying UK semiconductor start-up (lien direct) |  Updated at 9:46 am EST to include a statement from Flusso. The British government has been accused of dropping the ball by allowing a company with alleged ties to the Chinese government to acquire a semiconductor start-up against the United Kingdom's national interests. Flusso, a company which was spun out of the University of Cambridge’s […] |
★★ | ||
|
2023-01-11 06:00:00 | Life during wartime: Ukraine \'has to be ready for new more powerful and complex\' cyberattacks (lien direct) |  Blackouts in Kyiv can be sudden. Some are scheduled as part of the government's attempts to manage energy usage, although even the scheduled cuts can begin early and end late. And then there are the emergency blackouts, which can last several days and usually follow Russian attacks on Ukraine's power grid. These unexpected blackouts have [… |
★★ | ||
|
2023-01-10 22:05:29 | Iowa school district cancels classes another day due to cyberattack (lien direct) |  One of the biggest school districts in Iowa plans to shutter its doors again on Wednesday after canceling classes today due to a cyberattack. On Monday, Des Moines Public Schools – which serves 30,000 students and has nearly 5,000 staff members – said it preemptively took the school district's internet and network services offline in [… |
★★ | ||
|
2023-01-10 21:24:30 | Microsoft Exchange bugs top list of exploited vulnerabilities affecting financial sector (lien direct) |  Two bugs affecting Microsoft products topped a survey of exploited vulnerabilities being used to target the U.S. financial services sector, according to new research. Researchers at the cybersecurity company LookingGlass examined public internet-facing assets from over 7 million IP addresses belonging to the sector in November 2022 – finding that a seven-year-old Remote Code Execution [… |
★★★ |
To see everything:
