Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-21 17:00:00 |
Common Magic cible les entités de la zone de conflit Russo-Ukrainien [CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone] (lien direct) |
Des sociétés administratives, d'agriculture et de transport ciblées à Donetsk, Luhansk et Crimée
Administrative, agriculture and transportation firms targeted in Donetsk, Luhansk and Crimea |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-21 16:30:00 |
Les pirates utilisent des packages NuGet pour cibler les développeurs .NET [Hackers Use NuGet Packages to Target .NET Developers] (lien direct) |
JFrog a déclaré que c'était la première instance de packages avec du code malveillant à Nuget
JFrog said this is the first instance of packages with malicious code in NuGet |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-21 10:30:00 |
NCSC lance deux nouveaux outils pour les petites entreprises [NCSC Launches Two New Tools for Small Businesses] (lien direct) |
Les offres sont conçues pour améliorer la sécurité pour des millions d'entreprises
Offerings are designed to improve security for millions of firms |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-21 10:05:00 |
General octets Bitcoin ATMs piratés pour voler des fonds (lien direct) |
L'entreprise exhorte les opérateurs à patcher maintenant
Company urges operators to patch now |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-21 09:40:00 |
Ferrari révèle une attaque de rançon de violation de données (lien direct) |
Le constructeur automobile dit qu'il n'a pas payé ses extorteurs
Carmaker says it didn\'t pay its extorters |
Data Breach
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 17:30:00 |
Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims (lien direct) |
These included a number of government websites: 105 in Chile, 431 in Mexico and 265 in Peru |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 17:00:00 |
KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps (lien direct) |
Microsoft said it saw between 40 and 60 daily attacks in February |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 16:30:00 |
BreachForums Admin Arrested in New York (lien direct) |
Conor Brian Fitzpatrick of Peekskill was apprehended last Wednesday following an FBI investigation |
|
|
★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 10:40:00 |
UK Ransomware Incident Volumes Surge 17% in 2022 (lien direct) |
Jumpsec report identified Karakurt, Lockbit and Vice Society among groups responsible |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 10:00:00 |
"Hinata" Botnet Could Launch Massive DDoS Attacks (lien direct) |
Akamai warns of new Mirai-like botnet written in Go |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-20 09:30:00 |
Scam Robocalls Forecast to Cost $58bn This Year (lien direct) |
Juniper Research says most of the pain will be felt in the US |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 17:30:00 |
Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets (lien direct) |
Most of these apps rely on clipper malware to steal the contents of the Android clipboard |
Malware
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 17:00:00 |
Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips (lien direct) |
Four of these vulnerabilities enabled potential attackers to perform remote code execution |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 16:30:00 |
Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm (lien direct) |
SentinelOne shared details about the new campaign in an advisory published on Thursday |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 10:30:00 |
ICO Reprimands Metropolitan Police for Data Snafu (lien direct) |
Negligence could have caused "significant damage" |
Legislation
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 10:00:00 |
Russian Military Preparing New Destructive Attacks: Microsoft (lien direct) |
Organizations outside Ukraine could be targeted |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-17 09:30:00 |
Vishing Campaign Targets Social Security Administration (lien direct) |
Tens of thousands of mailboxes targeted |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 17:00:00 |
US Government IIS Server Breached via Telerik Software Flaw (lien direct) |
The critical vulnerability allows remote code execution and was assigned a CVSS v3.1 score of 9.8 |
Vulnerability
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 16:30:00 |
ChipMixer Crypto Laundromat Shut Down By German, US Authorities (lien direct) |
The operation seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m) |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 16:00:00 |
UK Joins US, Canada, Others in Banning TikTok From Government Devices (lien direct) |
The Chancellor of the Duchy of Lancaster, Oliver Dowden, confirmed the plans earlier today |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 10:30:00 |
NCSC Calms Fears Over ChatGPT Threat (lien direct) |
Tool won't democratize cybercrime, agency argues |
Tool
Threat
|
ChatGPT
ChatGPT
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 10:10:00 |
BEC Volumes Double on Phishing Surge (lien direct) |
Business email compromise overtakes ransomware |
Ransomware
Studies
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-16 09:30:00 |
Chinese SilkLoader Malware Sold to Russian Cyber-Criminals (lien direct) |
Cobalt Strike beacon loader migrates across criminal ecosystems |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 17:30:00 |
Tick APT Group Hacked East Asian DLP Software Firm (lien direct) |
The hacker breached the DLP company's internal update servers to deliver malware within its network |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 17:00:00 |
"FakeCalls" Android Malware Targets Financial Firms in South Korea (lien direct) |
CPR discovered 2500 samples of the malware, impersonating 20 financial institutions in the region |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 16:30:00 |
Humans Still More Effective Than ChatGPT at Phishing (lien direct) |
The research paper by HoxHunt analyzed 53,127 emails sent to users in over 100 countries |
|
ChatGPT
ChatGPT
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 10:30:00 |
UK Bank Limits Crypto Payments to Smother Fraud (lien direct) |
NatWest warns of "life-changing" customer losses |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 10:00:00 |
Phishing Campaigns Use SVB Collapse to Harvest Crypto (lien direct) |
Experts warn users to be on their guard |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-15 09:30:00 |
Microsoft Patches Two Zero Days This Month (lien direct) |
They include one likely exploited by Russian-linked threat actors |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 17:30:00 |
YoroTrooper Espionage Campaigns Target CIS, EU Countries (lien direct) |
The threat actors mainly targeted organizations across Azerbaijan, Tajikistan and Kyrgyzstan |
Threat
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 17:00:00 |
DEV-1101 Updates Open Source Phishing Kit (lien direct) |
The kit is written in NodeJS and has automated setup and detection evasion capabilities |
Threat
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 16:30:00 |
CISA Creates New Ransomware Vulnerability Warning Program (lien direct) |
The Agency will warn critical infrastructure entities to enable mitigation before an incident |
Ransomware
Vulnerability
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 10:30:00 |
LA Housing Authority Suffers Year-Long Breach (lien direct) |
LockBit ransomware group stole data and encrypted files |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 10:00:00 |
UK Crypto Firm Loses $200m in Cyber-Attack (lien direct) |
Euler Finance suffered "flash loan" attack |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-14 09:30:00 |
MI5 Launches New Agency to Tackle State-Backed Attacks (lien direct) |
National Protective Security Authority begins its work |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 17:30:00 |
Remote Code Execution and Camera Access Flaws Found in Smart Intercoms (lien direct) |
13 vulnerabilities were found in the E11 smart intercom devices by Chinese manufacturer Akuvox |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 17:00:00 |
Dark Pink APT Group Deploys KamiKakaBot Against South Asian Entities (lien direct) |
The relationship between Europe and ASEAN countries is being exploited with social engineering lures |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 16:30:00 |
Infostealers Spread Via AI-Generated YouTube Videos (lien direct) |
Infostealers observed to be delivered via these videos included Vidar, RedLine and Raccoon |
Threat
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 15:30:00 |
Unlocking the Benefits and Trade-Offs of Agentless Cloud Security (lien direct) |
Agentless cloud security solutions were among the most talked-about topics during the Cloud & Cyber Security Expo, set in London on March 8-9, 2023 |
Cloud
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 10:45:00 |
Final Three Sentenced in £70m Money Laundering Case (lien direct) |
London-based group also illegally obtained COVID relief funds |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 10:00:00 |
Investment Fraud is Now Biggest Cybercrime Earner (lien direct) |
Category surged 127% year-on-year, says FBI |
Studies
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-13 09:30:00 |
Blackbaud Settles $3m Charge Over Ransomware Attack (lien direct) |
SEC claims company filed misleading disclosures |
Ransomware
Guideline
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 17:30:00 |
Hadoken Security Group Upgrades Xenomorph Mobile Malware (lien direct) |
The trojan can now start specified applications, show push notifications, steal cookies and more |
Malware
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 17:00:00 |
White House Allocates $3.1bn to Cybersecurity in New Budget (lien direct) |
$145m will go toward making CISA more resilient and defensible |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 16:30:00 |
IceFire Ransomware Targets Linux Enterprise Networks (lien direct) |
The campaign leveraged the exploitation of a flaw in IBM's Aspera Faspex file-sharing software |
Ransomware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 10:30:00 |
FBI Warns of Crypto-Stealing Play-to-Earn Games (lien direct) |
Fake apps are latest scam designed to trick consumers |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 10:00:00 |
UK\'s New Privacy Bill Could Mean More Work for Firms (lien direct) |
Legal experts also question the impact on consumers |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-10 09:30:00 |
Global Cops Take Down NetWire RAT (lien direct) |
Suspected website administrator arrested in Croatia |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-09 17:30:00 |
Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks (lien direct) |
Weekly attacks targeting Ukraine decreased by 44% between October 2022 and February 2023 |
Malware
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2023-03-09 17:00:00 |
8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server (lien direct) |
ScrubCrypt malware obfuscates and encrypts applications to evade antivirus detection |
Malware
|
|
★★
|