Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-23 09:30:00 |
Seven-Year Mobile Surveillance Campaign Targets Uyghurs (lien direct) |
Scarlet Mimic group uses over 20 Android malware variants |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-23 09:00:00 |
NSA Reveals "Hackers\' Playbook" for OT Attacks (lien direct) |
New report outlines key mitigations for OT owners |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-23 08:30:00 |
Europol "Hackathon" Identifies Scores of Human Trafficking Victims (lien direct) |
Over 100 online platforms checked for illegal activity |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 17:00:00 |
Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers (lien direct) |
Home addresses, driver's licenses and passport numbers were potentially accessed by the attacker |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 16:00:00 |
Morgan Stanley Fined $35m By SEC For Data Security Lapse (lien direct) |
The improper data disposal reportedly started in 2016 and exposed 15 million customers' data |
|
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 15:00:00 |
Russia-Based Hackers FIN11 Impersonate Zoom to Conduct Phishing Campaigns (lien direct) |
Cyfirma said the motive behind the attacks may be financial in nature |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 09:35:00 |
Twitter Password Reset Bug Exposed User Accounts (lien direct) |
Social media firm fixes issue that left sessions open |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 09:05:00 |
Authorized Push Payments Surge to 75% of Banking Fraud (lien direct) |
Social engineering tactics bear fruit for digital scammers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-22 08:35:00 |
Iranian Hackers Hid in Albanian Networks for Over a Year (lien direct) |
CISA report reveals extent of state-backed campaign |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 17:00:00 |
Microsoft Upgrades Windows 11 With New Security Features (lien direct) |
The list includes application control enhancements and vulnerable drivers protection, among others |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 16:00:00 |
350K Open-Source Projects At Risk of Supply Chain Vulnerability (lien direct) |
The flaw resides in the tarfile module, automatically installed in any Python project |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 15:30:00 |
NCSC: British Retailers Need to Move Beyond Passwords (lien direct) |
The UK's national cybersecurity agency also advised organizations on what steps they should take if their brand has been spoofed online |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 15:00:00 |
Multiple Vulnerabilities Discovered in Dataprobe\'s iBoot-PDUs (lien direct) |
They pose a number of risks to Dataprobe, including giving control of the iBoot-PDU to attackers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 11:45:00 |
Two-Fifths of US Consumers Suffer Personal Data Theft (lien direct) |
Those suffering emotional and physical impact surges |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 09:10:00 |
Video Game Publisher Admits Helpdesk Was Hijacked (lien direct) |
Players were sent malicious links disguised as support tickets |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 08:25:00 |
Open Source Repository Attacks Soar 700% in Three Years (lien direct) |
Sonatype says it has detected 95,000 since 2019 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 17:00:00 |
Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access (lien direct) |
Potential attacks resulting from it may include privilege escalation and cross–tenant access |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 17:00:00 |
California Signs Internet Privacy Legislation to Boost Children\'s Safety Online (lien direct) |
The new legislation will implement some of the strictest privacy requirements in the US |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 16:00:00 |
Europol and Bitdefender Jointly Release LockerGoga Decryptor (lien direct) |
LockerGoga targeted several companies in Norway and across the US in 2019 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 15:30:00 |
Grand Theft Auto Publisher Rockstar Games Hacked (lien direct) |
The threat actor 'teapotuberhacker' could be linked to the Lapsus$ hacking group |
Threat
|
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 15:00:00 |
Hackers Admit Destroying InterContinental Hotels Group\'s Data \'For Fun\' (lien direct) |
They tried to conduct a ransomware attack against IHG and upon failing, decided to delete the data |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 14:01:00 |
Quantum Computing Already Putting Data at Risk, Cyber Pros Agree (lien direct) |
In the Deloitte poll, 50.2% of respondents said their organization is at risk of 'harvest now, decrypt later' attacks |
|
Deloitte
Deloitte
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 09:30:00 |
American Airlines Breach Exposes Customer and Staff Information (lien direct) |
An undisclosed number of people have been impacted |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 09:10:00 |
Revolut Breach May Have Hit 50,000+ Customers (lien direct) |
Major phishing risk as personal details are compromised |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 08:40:00 |
Uber Blames Lapsus$ for Breach (lien direct) |
Threat actor bombarded Uber contractor with 2FA requests |
Threat
|
Uber
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-17 14:30:00 |
New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems (lien direct) |
It tried to trick victims into clicking on malicious files as part of a fake Amazon job assessment |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-17 13:00:00 |
CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws (lien direct) |
Four of the CVEs posted are from 2013, and one is from 2010 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 09:30:00 |
Allies Warn of Iranian Ransom Attacks Using Log4Shell (lien direct) |
US authorities indict and sanction in fresh crackdown |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 09:00:00 |
Uber Hacker May Have Compromised Secret Bug Reports (lien direct) |
Attacker looks to have admin access to cloud accounts |
|
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 08:30:00 |
Crypto Scams Soar as Domains Surge 335% (lien direct) |
Most fake domains are registered in Russia |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 17:12:00 |
Webworm Attackers Deploy Modified RATs in Espionage Attacks (lien direct) |
The group reportedly developed customized versions of Trochilus, Gh0st RAT and 9002 RAT |
|
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 16:28:00 |
Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence (lien direct) |
APT groups have leveraged Notepad++ plugins for nefarious purposes in the past |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 15:42:00 |
YouTube Users Targeted By RedLine Self-Spreading Stealer (lien direct) |
RedLine can steal usernames, passwords, cookies, bank card details and autofill data from browsers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 09:50:00 |
User Alert as Phishing Campaigns Exploit Queen\'s Passing (lien direct) |
Experts urge the public not to fall for classic scams |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 09:10:00 |
Cybercrime Forum Admins Steal from Site Users (lien direct) |
Report reveals there's no honor among thieves |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 08:30:00 |
Cybercrime Fears for Children as Cost-of-Living Bites (lien direct) |
UK parents concerned about repercussions of soaring inflation |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 08:00:00 |
ISACA: Ensuring Digital Trust Key to Digital Transformation Success (lien direct) |
ISACA's State of Digital Trust 2022 report highlights increasing importance of digital trust across businesses |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 17:00:00 |
Vulnerabilities Found in Airplane WiFi Devices, Passengers\' Data Exposed (lien direct) |
The flaws affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 16:00:00 |
SparklingGoblin APT Targeted Hong Kong University With New Linux Backdoor (lien direct) |
Eset also said the same university was targeted during student protests in May 2020 |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 15:00:00 |
FormBook Knocks Off Emotet As Most Used Malware in August (lien direct) |
The report also suggested the Android spyware Joker took third place in the mobile index |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 09:20:00 |
Four-Fifths of Firms Hit by Critical Cloud Security Incident (lien direct) |
Data leaks, breaches and intrusions caused headaches over past year |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 08:50:00 |
DDoS Attacks on UK Firms Surge During Ukraine War (lien direct) |
Overall incidents fell in H1 2022, according to FOI data |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 08:40:00 |
Microsoft Fixes Two Zero-Days This Patch Tuesday (lien direct) |
Redmond passes 1000 CVEs for the year already |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 17:00:00 |
iOS 16 Launches With Lockdown Mode, Spyware Protection, Safety Check (lien direct) |
iOS 16 supports iPhone devices starting from the iPhone 8 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 16:00:00 |
ShadowPad-Associated Hackers Targeted Asian Governments (lien direct) |
The attacks have been underway since early 2021 and appear focused on intelligence gathering |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 15:00:00 |
Hackers Steal Steam Credentials With \'Browser-in-the-Browser\' Technique (lien direct) |
Some of the Steam accounts stolen were reportedly valued between $100,000 and $300,000 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 09:55:00 |
Ransomware Gang Hacks VoIP for Initial Access (lien direct) |
Mitel MiVoice appliance bug exploited in sophisticated attack |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 09:20:00 |
Iranian Hackers Launch Renewed Attack on Albania (lien direct) |
Prime Minister warns of disruption at border crossings |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 08:45:00 |
Researchers Warn of 674% Surge in Deadbolt Ransomware (lien direct) |
Malware continues to infect QNAP devices |
Ransomware
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 17:00:00 |
US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies (lien direct) |
Iran would have directed several networks of cyber threat actors in support of its political goals |
Threat
|
|
|