What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-01 13:25:36 | Critical WordPress plugin zero-day under active exploitation (lien direct) | Threat actors are scanning for sites running the Fancy Product Designer plug-in to exploit a zero-day bug allowing them to upload malware. [...] | Threat | ★★★ | |
|
2021-05-29 11:33:44 | New Epsilon Red ransomware hunts unpatched Microsoft Exchange servers (lien direct) | A new ransomware threat calling itself Red Epsilon has been seen leveraging Microsoft Exchange server vulnerabilities to encrypt machines across the network. [...] | Ransomware Threat | ||
|
2021-05-28 13:14:20 | Mexico walls off national lottery sites after ransomware DDoS threat (lien direct) | Access to Mexico's Lotería Nacional and Pronósticos lottery websites are now blocked to IP addresses outside of Mexico after a ransomware gang threatened to perform denial of service attacks. [...] | Ransomware Threat | ||
|
2021-05-28 12:12:21 | Chinese cyberspies are targeting US, EU orgs with new malware (lien direct) | Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. [...] | Malware Threat | ||
|
2021-05-28 08:08:16 | Microsoft: SolarWinds hackers target govt agencies from 24 countries (lien direct) | The Microsoft Threat Intelligence Center (MSTIC) has discovered that the Russian-based SolarWinds hackers are behind an ongoing phishing campaign targeting government agencies worldwide. [...] | Threat | ||
|
2021-05-27 13:37:01 | (Déjà vu) New BazaFlix attack pushes BazarLoader malware via fake movie site (lien direct) | Security researchers found a new BazarCall email phishing campaign that manages to bypass automated threat detection systems to deliver the BazarLoader malware used by the TrickBot gang. [...] | Malware Threat | ||
|
2021-05-27 13:37:01 | New BazaFlix phishing delivers BazarLoader malware via call center (lien direct) | Security researchers found a new BazarCall email phishing campaign that manages to bypass automated threat detection systems to deliver the BazarLoader malware used by the TrickBot gang. [...] | Malware Threat | ||
|
2021-05-25 14:37:16 | Domino\'s India discloses data breach after hackers sell data online (lien direct) | Domino's India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum. [...] | Data Breach Threat | ||
|
2021-05-24 10:02:03 | North Korean hackers behind CryptoCore multi-million dollar heists (lien direct) | Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus. [...] | Threat | APT 38 | |
|
2021-05-19 08:57:01 | Hackers scan for vulnerable devices minutes after bug disclosure (lien direct) | Every hour, a threat actor starts a new scan on the public web for vulnerable systems, moving at a quicker pace than global enterprises when trying to identify serious vulnerabilities on their networks. [...] | Threat | ||
|
2021-05-17 20:57:51 | Student health insurance carrier Guard.me suffers a data breach (lien direct) | Student health insurance carrier guard.me has taken their website offline after a vulnerability allowed a threat actor to access policyholders' personal information. [...] | Data Breach Vulnerability Threat | ||
|
2021-05-17 15:01:35 | FBI spots spear-phishing posing as Truist Bank bank to deliver malware (lien direct) | Threat actors impersonated Truist, the sixth-largest U.S. bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan (RAT) malware. [...] | Malware Threat | ||
|
2021-05-14 10:37:45 | (Déjà vu) DarkSide ransomware servers reportedly seized, operation shuts down (lien direct) | The DarkSide ransomware operation has allegedly shut down after the threat actors lost access to servers and their cryptocurrency was transferred to an unknown wallet. [...] | Ransomware Threat | ||
|
2021-05-14 10:37:45 | DarkSide ransomware servers reportedly seized, REvil restricts targets (lien direct) | The DarkSide ransomware operation has allegedly shut down after the threat actors lost access to servers and their cryptocurrency was transferred to an unknown wallet. [...] | Ransomware Threat | ||
|
2021-05-13 18:24:29 | Chemical distributor pays $4.4 million to DarkSide ransomware (lien direct) | Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. [...] | Ransomware Threat | ||
|
2021-05-13 13:00:00 | (Déjà vu) Microsoft build tool abused to deliver password-stealing malware (lien direct) | Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. [...] | Malware Tool Threat | ||
|
2021-05-13 13:00:00 | Attackers abuse Microsoft dev tool to deploy Windows malware (lien direct) | Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. [...] | Malware Tool Threat | ||
|
2021-05-12 12:49:16 | Microsoft: Threat actors target aviation orgs with new malware (lien direct) | Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans (RATs) deployed using a new and stealthy malware loader. [...] | Malware Threat | ||
|
2021-05-11 13:01:55 | Microsoft Defender ATP now secures networked Linux, macOS devices (lien direct) | Microsoft has added support for identifying and assessing the security configurations of Linux and macOS endpoints on enterprise networks using Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection). [...] | Threat | ||
|
2021-05-06 10:31:45 | New Moriya rootkit used in the wild to backdoor Windows systems (lien direct) | A new stealthy rootkit was used by an unknown threat actor to backdoor targeted Windows systems in a likely ongoing espionage campaign dubbed TunnelSnake and going back to at least 2018. [...] | Threat | ||
|
2021-04-30 02:43:43 | (Déjà vu) Codecov starts notifying customers affected by supply-chain attack (lien direct) | Codecov has now started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by threat actors. [...] | Threat | ||
|
2021-04-30 02:43:43 | Codecov begins notifying affected customers, discloses IOCs (lien direct) | Codecov has now started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov application interface, state that the company believes the affected repositories were downloaded by threat actors. [...] | Threat | ||
|
2021-04-29 18:00:00 | New ransomware group uses SonicWall zero-day to breach networks (lien direct) | A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets. [...] | Ransomware Threat | ||
|
2021-04-28 09:00:44 | Cyberspies target military organizations with new Nebulae backdoor (lien direct) | A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia. [...] | Threat | ||
|
2021-04-27 10:46:26 | (Déjà vu) MangaDex discloses data breach after stolen database shared online (lien direct) | Manga scanlation site MangaDex disclosed a data breach last week after learning that the site's user database was privately circulating among threat actors. [...] | Data Breach Threat | ||
|
2021-04-27 10:46:26 | MangaDex discloses data breach after stolen data gets shared online (lien direct) | Manga scanlation site MangaDex disclosed a data breach last week after learning that the site's user database was privately circulating among threat actors. [...] | Data Breach Threat | ||
|
2021-04-26 12:54:01 | Microsoft Defender now blocks cryptojacking malware using Intel TDT (lien direct) | Microsoft today announced that Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT). [...] | Malware Threat | ||
|
2021-04-25 16:28:55 | Hacker leaks 20 million alleged BigBasket user records for free (lien direct) | A threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed passwords on a popular hacking forum. [...] | Threat | ||
|
2021-04-19 18:27:46 | Geico data breach exposed customers\' driver\'s license numbers (lien direct) | Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month. [...] | Data Breach Threat | ||
|
2021-04-19 17:07:40 | Google Alerts continues to be a hotbed of scams and malware (lien direct) | Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. [...] | Malware Threat | ||
|
2021-04-17 11:08:22 | (Déjà vu) Microsoft fixes Windows 10 bug that can corrupt NTFS drives (lien direct) | Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] | Threat | ||
|
2021-04-17 11:08:22 | (Déjà vu) Microsoft fixes Windows 10 bug that marks drives as corrupted (lien direct) | Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] | Threat | ||
|
2021-04-16 10:44:37 | Popular Codecov code coverage tool hacked to steal dev credentials (lien direct) | Codecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers' continuous integration (CI) environment. [...] | Tool Threat | ||
|
2021-04-15 14:19:20 | Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) | Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] | Malware Threat | ||
|
2021-04-13 09:04:11 | Watch out for this W-2 phishing scam targeting the 2021 tax season (lien direct) | With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...] | Threat | ||
|
2021-04-09 14:52:36 | Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (lien direct) | Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. [...] | Ransomware Threat Guideline | ||
|
2021-04-09 13:55:00 | Attackers deliver legal threats, IcedID malware via contact forms (lien direct) | Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] | Malware Threat | ||
|
2021-04-07 17:18:42 | VISA: Hackers increasingly using web shells to steal credit cards (lien direct) | Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. [...] | Threat | ||
|
2021-04-07 16:06:13 | REvil ransomware now changes password to auto-login in Safe Mode (lien direct) | A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. [...] | Ransomware Threat | ||
|
2021-04-07 11:36:59 | Gigaset Android phones infected by malware via hacked update server (lien direct) | Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] | Malware Threat | ||
|
2021-04-06 18:00:33 | Windows XP makes ransomware gangs work harder for their money (lien direct) | A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago. [...] | Ransomware Threat | ||
|
2021-04-06 09:00:00 | Ongoing attacks are targeting unsecured mission-critical SAP apps (lien direct) | Threat actors are targeting mission-critical SAP enterprise applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. [...] | Threat | ||
|
2021-04-02 13:04:37 | FBI and CISA warn of state hackers attacking Fortinet FortiOS servers (lien direct) | The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. [...] | Threat | ||
|
2021-04-02 07:03:11 | Ransomware gang wanted $40 million in Florida schools cyberattack (lien direct) | Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. [...] | Ransomware Threat | ||
|
2021-03-31 13:33:45 | Google: North Korean hackers target security researchers again (lien direct) | Google's Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts. [...] | Threat | ||
|
2021-03-31 12:31:49 | Malware hidden in game cheats and mods used to target gamers (lien direct) | Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] | Malware Threat | ||
|
2021-03-29 03:32:59 | PHP\'s Git server hacked to add backdoors to PHP source code (lien direct) | In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [...] | Threat | ||
|
2021-03-19 11:11:09 | Computer giant Acer hit by $50 million ransomware attack (lien direct) | Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. [...] | Ransomware Threat | ||
|
2021-03-12 14:57:57 | Scammers promote fake cryptocurrency giveaways via Twitter ads (lien direct) | Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...] | Threat | ||
|
2021-03-10 10:57:36 | Norway parliament data stolen in Microsoft Exchange attack (lien direct) | Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. [...] | Threat |
To see everything:
Our RSS (filtrered)
