What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-08 15:06:34 | Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) | Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] | Malware Threat | ||
|
2021-03-02 09:00:00 | Microsoft 365 Defender Threat Analytics enters public preview (lien direct) | Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. [...] | Threat | ||
|
2021-03-02 00:14:00 | Malicious NPM packages target Amazon, Slack with new dependency attacks (lien direct) | Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...] | Vulnerability Threat | ||
|
2021-03-01 14:29:35 | World\'s leading dairy group Lactalis hit by cyberattack (lien direct) | Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...] | Threat Guideline | ||
|
2021-03-01 10:14:20 | Tether cryptocurrency firm says docs in $24 million ransom are \'forged\' (lien direct) | USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...] | Threat | ||
|
2021-02-24 08:51:03 | LazyScripter hackers target airlines with remote access trojans (lien direct) | Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). [...] | Threat | ||
|
2021-02-23 08:56:40 | Ukraine: DDoS attacks on govt sites originated from Russia (lien direct) | The National Security and Defense Council (NSDC) of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. [...] | Threat | ||
|
2021-02-22 09:06:36 | Global Accellion data breaches linked to Clop ransomware gang (lien direct) | Threat actors associated with a financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion's legacy File Transfer Appliance and steal data. [...] | Ransomware Threat | ||
|
2021-02-21 09:24:11 | Warning: Google Alerts abused to push fake Adobe Flash updater (lien direct) | Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers. [...] | Threat | ||
|
2021-02-20 12:57:44 | Kroger data breach exposes pharmacy and employee data (lien direct) | Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. [...] | Data Breach Threat | ||
|
2021-02-14 12:12:06 | Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) | This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] | Malware Threat | ||
|
2021-02-10 10:43:45 | Hackers auction alleged stolen Cyberpunk 2077, Witcher source code (lien direct) | Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were stolen in a ransomware attack. [...] | Ransomware Threat | ||
|
2021-02-10 03:30:00 | (Déjà vu) Microsoft fixes Windows 10 bug letting attackers trigger BSOD crashes (lien direct) | Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] | Threat | ||
|
2021-02-10 03:30:00 | Microsoft fixes the Windows 10 console driver crash bug (lien direct) | Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] | Threat | ||
|
2021-02-09 15:42:45 | HelloKitty ransomware behind CD Projekt Red cyberattack, data theft (lien direct) | The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize. [...] | Ransomware Threat | ||
|
2021-02-05 15:14:46 | Malicious extension abuses Chrome sync to steal users\' data (lien direct) | The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. [...] | Threat | ||
|
2021-02-04 13:41:58 | Hackers steal StormShield firewall source code in data breach (lien direct) | Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...] | Data Breach Threat Guideline | ||
|
2021-02-03 22:30:08 | Oxfam Australia investigates data breach after database sold online (lien direct) | Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...] | Data Breach Threat | ||
|
2021-02-02 11:00:00 | Malicious script steals credit card info stolen by other hackers (lien direct) | A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...] | Threat | ||
|
2021-02-01 14:15:30 | Phishing campaign lures US businesses with fake PPP loans (lien direct) | Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a PPP loan to keep their business going during the COVID-19 crisis. [...] | Threat | ||
|
2021-02-01 08:04:01 | Android emulator supply-chain attack targets gamers with malware (lien direct) | ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] | Malware Threat | ||
|
2021-01-26 10:01:27 | Mimecast links security breach to SolarWinds hackers (lien direct) | Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. [...] | Threat | ||
|
2021-01-25 11:54:03 | Australian securities regulator discloses security breach (lien direct) | The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach. [...] | Threat | ||
|
2021-01-24 13:16:39 | Data breach at Buyucoin crypto exchange leaks user info, trades (lien direct) | A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. [...] | Threat | ||
|
2021-01-23 12:14:25 | SonicWall firewall maker hacked using zero-day in its VPN device (lien direct) | Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems. [...] | Vulnerability Threat | ||
|
2021-01-22 14:11:38 | (Déjà vu) Bonobos clothing store suffers a data breach, hacker leaks 70GB database (lien direct) | Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker. [...] | Data Breach Threat | ||
|
2021-01-22 12:47:33 | Intel: Hackers stole unpublished earnings info from corporate site (lien direct) | Intel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results. [...] | Threat | ||
|
2021-01-21 11:22:05 | CHwapi hospital hit by Windows BitLocker encryption cyberattack (lien direct) | The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. [...] | Threat | ||
|
2021-01-19 15:03:33 | Malwarebytes says SolarWinds hackers accessed its internal emails (lien direct) | Cybersecurity firm Malwarebytes today confirmed that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails. [...] | Threat | ||
|
2021-01-18 13:30:00 | Microsoft Defender to enable full auto-remediation by default (lien direct) | Microsoft will enable fully automated threat remediation by default for Microsoft Defender for Endpoint customers who have opted into public previews starting next month, on February 16, 2021. [...] | Threat | ||
|
2021-01-15 13:43:34 | Hackers leaked altered Pfizer data to sabotage trust in vaccines (lien direct) | The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. [...] | Threat | ||
|
2021-01-14 16:47:21 | Verified Twitter accounts hacked in $580k \'Elon Musk\' crypto scam (lien direct) | Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active. [...] | Threat | ||
|
2021-01-14 13:05:44 | NSA advises companies to avoid third party DNS resolvers (lien direct) | The US National Security Agency (NSA) says that companies should avoid using third party DNS resolvers to block threat actors' DNS traffic eavesdropping and manipulation attempts and to block access to internal network information. [...] | Threat | ||
|
2021-01-13 16:24:52 | CISA: Hackers bypassed MFA to access cloud service accounts (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts. [...] | Threat | ||
|
2021-01-12 13:38:05 | Microsoft patches Defender antivirus zero-day exploited in the wild (lien direct) | Microsoft has addressed a zero-day vulnerability in the Microsoft Defender antivirus, exploited in the wild by threat actors before the patch was released. [...] | Vulnerability Threat | ||
|
2021-01-12 10:33:25 | Mimecast discloses Microsoft 365 SSL certificate compromise (lien direct) | Email security company Mimecast has disclosed today that a "sophisticated threat actor" compromised one of the certificates the company issues for customers to securely connect Microsoft 365 Exchange to their services. [...] | Threat | ||
|
2021-01-10 15:43:43 | New Zealand Reserve Bank suffers data breach via hacked storage partner (lien direct) | The Reserve Bank of New Zealand, known as Te Pūtea Matua, has suffered a data breach after threat actors hacked a third-party hosting partner. [...] | Data Breach Threat | ||
|
2021-01-07 19:17:11 | Ryuk ransomware Bitcoin wallets point to $150 million operation (lien direct) | Security researchers following the money circuit from Ryuk ransomware victims into the threat actor's pockets estimate that the criminal organization made at least $150 million. [...] | Ransomware Threat | ||
|
2021-01-07 15:05:47 | (Déjà vu) Scammer extorts site owners using porn backlinks threat (lien direct) | Website owners are receiving emails threatening to ruin their reputation if they do not post a five-star review for a cryptocurrency exchange. [...] | Threat | ||
|
2021-01-07 15:05:47 | (Déjà vu) SEO scammer extorts site owners using porn backlinks threat (lien direct) | Website owners are receiving emails threatening to ruin their reputation if they do not post a five-star review for a cryptocurrency exchange. [...] | Threat | ||
|
2021-01-06 09:44:47 | Trump bans China-linked apps for collecting Americans\' data (lien direct) | United States President Donald Trump has signed an executive order banning eight Chinese apps considered to be a threat to US national security, economy, and foreign policy. [...] | Threat | ||
|
2021-01-06 03:00:00 | Hackers start exploiting the new backdoor in Zyxel devices (lien direct) | Threat actors are actively scanning the Internet for open SSH devices and trying to login to them using a new recently patched Zyxel hardcoded credential backdoor. [...] | Threat | ||
|
2021-01-05 15:56:56 | US govt says Russian state hackers likely behind SolarWinds hack (lien direct) | The Cyber Unified Coordination Group (UCG) said today that a Russian-backed Advanced Persistent Threat (APT) group is likely behind the SolarWinds hack. [...] | Hack Threat | ||
|
2021-01-05 09:05:51 | Hacker posts data of 10,000 American Express accounts for free (lien direct) | A threat actor has posted data of 10,000 American Express credit card holders on a hacker forum for free. In the same forum post, the actor is also claiming to sell more data of Mexican banking customers of American Express, Santander, and Banamex. [...] | Threat | ★★★★★ | |
|
2021-01-05 07:10:51 | Ryuk ransomware is the top threat for the healthcare sector (lien direct) | Healthcare organizations continue to be a prime target for cyberattacks of all kinds, with ransomware incidents, Ryuk in particular, being more prevalent. [...] | Ransomware Threat | ||
|
2020-12-31 14:52:04 | Microsoft: SolarWinds hackers accessed our source code (lien direct) | The threat actors behind the SolarWinds attack could breach internal Microsoft accounts to view the source code for Microsoft products. [...] | Threat | ||
|
2020-12-25 14:08:50 | CrowdStrike releases free Azure security tool after failed hack (lien direct) | Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials. [...] | Hack Tool Threat Guideline | ||
|
2020-12-24 10:20:49 | NetGalley discloses data breach after website was hacked (lien direct) | The NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information. [...] | Data Breach Threat | ||
|
2020-12-23 14:34:40 | Microsoft 365 admins can now get security incident email alerts (lien direct) | Microsoft has added support for security incident email notifications to the Microsoft 365 Defender enterprise threat protection solution. [...] | Threat | ||
|
2020-12-22 12:45:00 | SolarWinds hackers breached US Treasury officials\' email accounts (lien direct) | US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack. [...] | Threat |
To see everything:
Our RSS (filtrered)
