What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-22 09:11:33 | SolarWinds victims revealed after cracking the Sunburst malware DGA (lien direct) | Security researchers have shared lists of organizations where threat actors deployed Sunburst/Solarigate malware, after ongoing investigations of the SolarWinds supply chain attack. [...] | Malware Threat | Solardwinds Solardwinds | |
|
2020-12-21 09:17:57 | New SUPERNOVA backdoor found in SolarWinds cyberattack analysis (lien direct) | While analyzing artifacts from the SolarWinds Orion supply-chain attack, security researchers discovered another backdoor that is likely from a second threat actor. [...] | Threat | ★★★ | |
|
2020-12-21 02:15:00 | Physical addresses of 270K Ledger owners leaked on hacker forum (lien direct) | A threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free. [...] | Threat | ||
|
2020-12-18 11:56:14 | NSA warns of hackers forging cloud authentication information (lien direct) | An advisory from the U.S. National Security Agency is providing Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging authentication information. [...] | Threat | ||
|
2020-12-17 14:01:12 | Ransomware masquerades as mobile version of Cyberpunk 2077 (lien direct) | A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare. [...] | Ransomware Threat | ||
|
2020-12-16 12:26:00 | Emulated mobile devices used to steal millions from US, EU banks (lien direct) | Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. [...] | Threat | ||
|
2020-12-15 13:50:00 | New Windows malware may soon target Linux, macOS devices (lien direct) | Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. [...] | Malware Threat | ||
|
2020-12-13 13:19:18 | Intel\'s Habana Labs hacked by Pay2Key ransomware, data stolen (lien direct) | Intel-owned AI processor developer Habana Labs has suffered a cyberattack where data was stolen and leaked by threat actors. [...] | Threat | ||
|
2020-12-12 10:02:02 | Adobe releases final Flash Player update, warns of 2021 kill switch (lien direct) | After 24 years of fun games and abuse by threat actors, Adobe has released their final Flash Player update and thanked everyone for the fantastic content that they have released over the years. [...] | Threat | ||
|
2020-12-08 16:58:18 | FireEye reveals that it was hacked by a nation state APT group (lien direct) | Leading cybersecurity company FireEye disclosed today that it was hacked by a threat actor showing all the signs of a state-sponsored hacking group. [...] | Threat Guideline | ||
|
2020-12-08 11:35:00 | Credit card stealing malware bundles backdoor for easy reinstall (lien direct) | An almost impossible to remove malware set to automatically activate on Black Friday was deployed on multiple Magento-powered online stores by threat actors according to researchers at Dutch cyber-security company Sansec. [...] | Malware Threat | ||
|
2020-12-07 10:03:52 | NSA: Russian state hackers exploit new VMware vulnerability to steal data (lien direct) | The National Security Agency (NSA) warns that Russian state-sponsored threat actors are exploiting a recently patched VMware vulnerability to steal sensitive information after deploying web shells on vulnerable servers. [...] | Vulnerability Threat | ||
|
2020-12-04 02:02:02 | BlackShadow hackers extort Israeli insurance company for $1 million (lien direct) | Threat actors are extorting an Israeli insurance company by demanding almost $1 million in bitcoin to stop leaking the company's stolen data. [...] | Threat | ||
|
2020-12-03 09:54:26 | Hackers target EU Commission, COVID-19 cold chain supply orgs (lien direct) | IBM X-Force warned of threat actors actively targeting organizations associated with the COVID-19 vaccine cold chain in a large scale spear-phishing campaign that has started three months ago, in September 2020. [...] | Threat | ||
|
2020-12-02 17:10:46 | HMRC phishing scam abuses mail service to bypass spam filters (lien direct) | Threat actors are exploiting legitimate SendGrid mailing service to send HMRC phishing emails that bypass spam filters. [...] | Spam Threat | ||
|
2020-12-02 03:25:00 | Cyberespionage APT group hides behind cryptomining campaigns (lien direct) | An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts. [...] | Threat | ||
|
2020-08-04 12:47:18 | Vulnerable perimeter devices: a huge attack surface (lien direct) | With the increase of critical gateway devices deployed to support off-premise work, companies across the world have to adapt to a new threat landscape where perimeter and remote access devices are now in the first line. [...] | Threat | ||
|
2020-07-30 14:52:16 | EU sanctions Russian espionage unit, Chinese and North Korean firms (lien direct) | The Council of the European Union today announced sanctions imposed on a Russian military espionage unit, as well as on front companies for Chinese and North Korean threat groups involved in cyber-attacks targeting the EU and its member states. (6f4c434995edef0548165457c4d90ce3)[...] | Threat | ||
|
2020-07-29 13:00:00 | BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows (lien direct) | A severe vulnerability exists in almost all signed versions of GRUB2 bootloader used by most Linux systems. When properly exploited, it could allow threat actors to compromise an operating system's booting process even if the Secure Boot verification mechanism is active. (d6e07de8573fc9018707f22eee885a5d)[...] | Malware Vulnerability Threat | ||
|
2020-07-28 11:50:12 | Hacker leaks 386 million user records from 18 companies for free (lien direct) | A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. [...] | Threat | ||
|
2020-07-28 03:33:33 | Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux (lien direct) | Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. [...] | Malware Threat | ||
|
2020-07-27 18:43:07 | Office 365 adds new features to help identify malicious spam (lien direct) | Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...] | Spam Threat | ||
|
2020-07-20 12:58:28 | Office 365 adds new security configuration analysis feature (lien direct) | Microsoft is working on a new Office 365 Advanced Threat Protection (ATP) feature which will make it easy to determine your security policies settings' effectiveness when compared to recommended settings. [...] | Threat | ||
|
2020-07-13 15:10:34 | Microsoft extends security for Azure Storage file shares, data lakes (lien direct) | Microsoft today announced that advanced threat protection for Azure Storage now also allows customers to protect data stored in Azure Files file shares and Azure Data Lake Storage Gen2 API data stores. [...] | Threat | ||
|
2020-07-10 13:02:53 | eToro accounts peddled by the thousands on cybercrime forums (lien direct) | A threat actor is peddling 62,000 active eToro accounts on a known cybercrime forum. They are also likely collaborating with REvil ransomware on the corporate intrusion front. [...] | Ransomware Threat | ||
|
2020-07-09 14:56:28 | (Déjà vu) Conti ransomware shows signs of being Ryuk\'s successor (lien direct) | The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing. [...] | Ransomware Malware Threat | ||
|
2020-07-09 14:56:28 | Conti ransomware shows signs of being a Ryuk successor (lien direct) | The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing. [...] | Ransomware Malware Threat | ||
|
2020-07-09 08:43:59 | Evilnum hackers use the same malware supplier as FIN6, Cobalt (lien direct) | Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. [...] | Malware Threat | ||
|
2020-07-09 06:03:39 | Joker Android malware keeps evading Google Play Store defenses (lien direct) | The threat actor behind the Joker Android malware has once again succeeded to successfully slip spyware infected apps onto the Play Store, Google's official Android app store. [...] | Malware Threat | ||
|
2020-07-06 17:53:30 | Microsoft Defender ATP web content filtering is now free (lien direct) | The new Microsoft Defender Advanced Threat Protection (ATP) Web Content Filtering feature will be provided for free to all enterprise customers without the need for an additional partner license. [...] | Threat | ||
|
2020-07-02 18:24:48 | Microsoft Defender ATP now helps secure network devices (lien direct) | Microsoft Defender Advanced Threat Protection (ATP) can now assess the collective security configuration state of devices on an enterprise network with the help of a new feature dubbed Microsoft Secure Score for Devices. [...] | Threat | ||
|
2020-06-27 14:54:33 | GeoVision access control devices let hackers steal fingerprints (lien direct) | GeoVision, a Taiwanese fingerprint scanner, access control, and surveillance tech manufacturer, fixed critical vulnerabilities in their devices that could be abused by hackers and nation-state threat actors. [...] | Threat | ||
|
2020-06-23 13:47:57 | Microsoft Defender ATP can now protect Linux, Android devices (lien direct) | Microsoft Defender Advanced Threat Protection (ATP) has expanded to non-Windows platforms and is now generally available for enterprise customers using Linux devices and in public preview for those with Android devices. [...] | Threat | ★★★★★ | |
|
2020-06-23 11:38:16 | REvil ransomware scans victim\'s network for Point of Sale systems (lien direct) | REvil ransomware operators have been observed while scanning one of their victim's network for Point of Sale (PoS) servers by researchers with Symantec's Threat Intelligence team. [...] | Ransomware Threat | ★★★★★ | |
|
2020-06-22 15:03:02 | BitDefender fixes bug allowing attackers to run commands remotely (lien direct) | Security solutions are designed to keep an organization safe, but those models crumble when that same software becomes a threat vector for the attackers to exploit. Such is the case with a new Bitdefender remote code execution vulnerability, dubbed CVE-2020-8102, lurking in its Safepay browser component. [...] | Threat | ||
|
2020-06-14 14:02:15 | Attackers impersonate secure messaging site to steal bitcoins (lien direct) | In what can be described as the case of both cybersquatting and phishing, threat actors have created a site that imitates the legitimate secure note sharing service privnote.com to steal bitcoins. [...] | Threat | ||
|
2020-06-12 10:35:14 | Office 365 to offer more info on how it protects your email (lien direct) | Microsoft is working on providing Office 365 Advanced Threat Protection (ATP) users with more information on the route incoming emails take while going through the filtering stack before reaching their inbox, as well as on the effectiveness of any configuration changes. [...] | Threat | ★★★★ | |
|
2020-06-12 03:27:00 | Hackers are quick to notice exposed Elasticsearch servers (lien direct) | Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. [...] | Threat | ||
|
2020-06-10 14:57:37 | Thanos ransomware auto-spreads to Windows devices, evades security (lien direct) | The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. [...] | Ransomware Threat | ||
|
2020-06-10 05:30:00 | Kingminer patches vulnerable servers to lock out competitors (lien direct) | Operators of the cryptojacking botnet Kingminer botnet are trying to keep their business humming by applying hotfixes from Microsoft on vulnerable infected computers to lock out other threat actors thay may claim a piece of their pie. [...] | Threat | ||
|
2020-06-06 09:29:39 | The Week in Ransomware - June 5th 2020 - Threat actors team up (lien direct) | It was quite a busy week with lots of new developments, including ransomware operations teaming up, new extortion tactics, and significant cyberattacks revealed. [...] | Ransomware Threat | ||
|
2020-06-05 06:01:01 | Ongoing eCh0raix ransomware campaign targets QNAP NAS devices (lien direct) | After remaining relatively quiet over the past few months, the threat actors behind the eCh0raix Ransomware have launched a brand new campaign targeting QNAP storage devices. [...] | Ransomware Threat | ||
|
2020-06-02 14:56:10 | VMware Cloud Director flaw lets hackers take over virtual datacenters (lien direct) | Organizations offering trial accounts for versions of VMware Cloud Director lower than 10.1.0 risk exposing private clouds on their virtualized infrastructure to complete takeover attacks from a threat actor. [...] | Threat | ||
|
2020-05-31 09:35:00 | Office 365 to give detailed info on malicious email attachments (lien direct) | Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. [...] | Malware Threat | ||
|
2020-05-28 13:02:39 | Michigan State University network breached in ransomware attack (lien direct) | Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution's network will be leaked to the public. [...] | Ransomware Threat | ||
|
2020-05-28 11:10:57 | NSA: Russian govt hackers exploiting critical Exim flaw since 2019 (lien direct) | The U.S. National Security Agency (NSA) says that Russian military threat actors tracked as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at least August 2019. [...] | Threat | ★★★ | |
|
2020-05-26 12:23:33 | New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map (lien direct) | A new ransomware threat called [F]Unicorn has been encrypting computers in Italy by tricking victims into downloading a fake contact tracing app that promises to bring real-time updates for COVID-19 infections. [...] | Ransomware Threat | ★★★ | |
|
2020-05-24 09:27:58 | (Déjà vu) Discord client turned into a password stealer by updated malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-24 09:27:58 | Discord client turned into a password stealer by new malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-22 13:56:22 | Voter info for millions of Indonesians shared on hacker forum (lien direct) | A threat actor has shared the 2014 voter information for close to 2 million Indonesians on a well-known hacker forum and claims they will release a total of 200 million at a later date. [...] | Threat |
To see everything:
Our RSS (filtrered)
