What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-18 03:36:00 | FBI warns of ProLock ransomware decryptor not working properly (lien direct) | Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. [...] | Ransomware Threat | ||
|
2020-05-15 15:23:20 | WordPress malware finds WooCommerce sites for Magecart attacks (lien direct) | Researchers at website security firm Sucuri have discovered a new WordPress malware used by threat actors to scan for and identify WooCommerce online shops with a lot of customers. [...] | Malware Threat | ||
|
2020-05-15 03:00:00 | Microsoft Office 365 ATP getting malware campaign analysis (lien direct) | Microsoft is in the process of expanding the Office 365 Advanced Threat Protection (ATP) capabilities with attack flow overviews of malware attacks targeting organizations. [...] | Malware Threat | ||
|
2020-05-14 14:09:08 | Hacker selling 550 million stolen user records on hacking forum (lien direct) | A threat actor is selling twenty-nine databases on a hacker forum that allegedly contains a combined total of 550 million stolen user records. [...] | Threat | ||
|
2020-05-13 11:11:37 | US warns of Chinese hackers targeting COVID-19 research orgs (lien direct) | Threat actors affiliated to the People's Republic of China (PRC) are attempting to compromise and collect COVID-19 information from organizations in the US health care, pharmaceutical, and research industry sectors. [...] | Threat | ||
|
2020-05-12 08:09:36 | (Déjà vu) Researcher finds 1,236 websites infected with credit card stealers (lien direct) | A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure webshops. [...] | Threat | ||
|
2020-05-12 08:09:36 | Researcher finds 1,236 domains infected with credit card stealers (lien direct) | A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. [...] | Threat | ||
|
2020-05-05 16:38:07 | Cyber volunteers release blocklists for 26,000 COVID-19 threats (lien direct) | The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...] | Malware Threat | ||
|
2020-05-04 17:09:11 | LockBit ransomware self-spreads to quickly encrypt 225 systems (lien direct) | A feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. [...] | Ransomware Threat | ||
|
2020-05-03 13:59:14 | Hacker sells 91 million Tokopedia accounts, cracked passwords shared (lien direct) | A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. [...] | Threat | ||
|
2020-05-01 18:19:52 | The Week in Ransomware - May 1st 2020 - Banishing the Shade (lien direct) | For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...] | Ransomware Threat | ||
|
2020-04-30 11:26:08 | Microsoft Sway abused in PerSwaysion spear-phishing operation (lien direct) | Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials. [...] | Threat | ||
|
2020-04-28 07:24:28 | Lucy malware for Android adds file-encryption for ransomware ops (lien direct) | A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...] | Ransomware Malware Threat | ||
|
2020-04-24 15:56:41 | Phishing attacks target US Payroll Protection Program Loans (lien direct) | With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...] | Threat | ||
|
2020-04-24 12:48:04 | US universities targeted with malware used by state-backed actors (lien direct) | Faculty and students at several U.S. colleges and universities were targeted in phishing attacks with a remote access Trojan (RAT) previously used by Chinese state-sponsored threat actors. [...] | Malware Threat | ||
|
2020-04-23 14:10:33 | NSA: Hackers exploit these vulnerabilities to deploy backdoors (lien direct) | The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly issued an advisory warning of threat actors increasingly exploiting vulnerable web servers to deploy web shells. [...] | Threat | ||
|
2020-04-20 16:45:37 | FBI says that sharing personal info online only helps scammers (lien direct) | The FBI's Charlotte office today warned against the sharing of sensitive personal information on social media as threat actors can take advantage of it to reset passwords and gain full control of accounts and the data stored within. [...] | Threat | ||
|
2020-04-20 13:18:02 | 267 million Facebook profiles sold for $600 on the dark web (lien direct) | Threat actors are selling over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums. While none of these records include passwords, they do contain information that could allow attackers to perform spear phishing or SMS attacks to steal credentials. [...] | Threat | ||
|
2020-04-17 16:31:26 | Microsoft: Trickbot in hundreds of unique COVID-19 lures per week (lien direct) | TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims' inboxes based on Microsoft's Office 365 Advanced Threat Protection (ATP) data. [...] | Malware Threat | ||
|
2020-04-09 05:00:00 | Hackers struggle morally and economically over Coronavirus (lien direct) | With the Coronavirus pandemic in full swing, threat actors are torn about how they should operate during the pandemic, and like everyone else, are also seeing a downturn in the underground hacker marketplace. [...] | Threat | ||
|
2020-04-08 12:52:32 | Microsoft: No surge in malicious attacks, only more COVID-19 lures (lien direct) | Microsoft says that the volume of malicious attacks hasn't increased but, instead, threat actors have repurposed infrastructure used in previous attacks and rethemed attack campaigns to exploit fears surrounding the COVID-19 pandemic. [...] | Threat | ||
|
2020-03-27 05:42:49 | Russian-Speaking Hackers Attack Pharma, Manufacturing Companies in Europe (lien direct) | Malware belonging to Russian-speaking threat actors was used in attacks in late January against at least two European companies in the pharmaceutical and manufacturing industries. [...] | Malware Threat | ||
|
2020-03-25 17:28:55 | WordPress Malware Distributed via Pirated Coronavirus Plugins (lien direct) | The threat actors behind the WordPress WP-VCD malware have started to distribute modified versions of Coronavirus plugins that inject a backdoor into a web site. [...] | Malware Threat | ||
|
2020-03-24 09:52:31 | Unknown Hackers Use New Milum RAT in WildPressure Campaign (lien direct) | A new piece of malware that shows no similarities with samples used in known campaigns is currently used to attack computers in various organizations. Researchers named the threat Milum and dubbed the operation WildPressure. [...] | Malware Threat | ||
|
2020-03-17 14:06:00 | Nation-Backed Hackers Spread Crimson RAT via Coronavirus Phishing (lien direct) | A state-sponsored threat actor is attempting to deploy the Crimson Remote Administration Tool (RAT) onto the systems of targets via a spear-phishing campaign using Coronavirus-themed document baits disguised as health advisories. [...] | Tool Threat | ||
|
2020-03-12 15:59:57 | Office 365 ATP To Block Email Domains That Fail Authentication (lien direct) | Microsoft is working on including a new Office 365 Advanced Threat Protection (ATP) feature that would block email sender domains automatically if they fail DMARC authentication as part of an effort to make Office 365 ATP secure by default. [...] | Threat | ||
|
2020-03-12 08:23:52 | Advanced Russian Hackers Use New Malware in Watering Hole Operation (lien direct) | Two previously undocumented pieces of malware, a downloader and a backdoor, were used in a watering hole operation attributed to the Russian-based threat group Turla. [...] | Malware Threat | ||
|
2020-03-10 13:00:00 | New LVI Intel CPU Data Theft Vulnerability Requires Hardware Fix (lien direct) | A novel class of attack techniques against modern Intel processors can allow threat actors to inject malicious data into applications via transient-execution attacks and steal sensitive data according to researchers. [...] | Vulnerability Threat | ||
|
2020-03-09 18:09:13 | Google Play Protect Miserably Fails Android Protection Tests (lien direct) | Google's Play Protect Android mobile threat protection system failed German antivirus testing lab AV-Test real-world tests, scoring zero out of a maximum of six points after very weak malware detection performance. [...] | Malware Threat | ||
|
2020-03-06 14:45:00 | FBI Warns of BEC Attacks Abusing Microsoft Office 365, Google G Suite (lien direct) | The US Federal Bureau of Investigation (FBI) warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks. [...] | Threat | ||
|
2020-02-27 16:09:39 | As Coronavirus Spreads, So Does Covid-19 Themed Malware (lien direct) | Threat actors are still taking advantage of the ongoing COVID-19 global outbreak by attempting to drop Remcos RAT and malware payloads on their targets' computers via malicious files that promise to provide Coronavirus safety measures. [...] | Malware Threat | ||
|
2020-02-26 17:17:52 | Credit Card Skimmer Uses Fake CDNs To Evade Detection (lien direct) | Threat actors have been spotted cloaking their credit card skimmers using fake content delivery network domains as part of an effort to hide them and their exfil traffic in plain sight. [...] | Threat | ||
|
2020-02-26 12:46:38 | DoppelPaymer Hacked Bretagne Télécom Using the Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. [...] | Threat | ||
|
2020-02-20 07:49:17 | New Actors Attack Industrial Control Systems, Old Ones Mature (lien direct) | Industrial control systems (ICS) across the world have become a larger target in 2019 as researchers discovered new threat actors attacking this sector while old ones have evolved and expanded their operations. [...] | Threat | ||
|
2020-02-19 17:24:12 | Microsoft Adds Enterprise Windows 10 Tamper Protection Controls (lien direct) | Microsoft announced today that support for the Windows 10 Tamper Protection feature has been added to Microsoft Defender ATP Threat & Vulnerability Management for additional info on exposed machines in their organization. [...] | Vulnerability Threat | ||
|
2020-02-19 11:35:38 | Over 20,000 WordPress Sites Run Trojanized Premium Themes (lien direct) | A threat actor that has infected more than 20,000 WordPress sites by running the same trick for at least three years: distributing trojanized versions of premium WordPress themes and plugins. [...] | Threat | ||
|
2020-02-19 03:33:00 | DRBControl Espionage Operation Hits Gambling, Betting Companies (lien direct) | An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. [...] | Malware Threat | ||
|
2020-02-18 18:43:37 | Dharma Ransomware Attacks Italy in New Spam Campaign (lien direct) | Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. [...] | Ransomware Spam Threat | ||
|
2020-02-12 10:29:09 | Google Play Protect Blocked 1.9 Billion Malware Installs in 2019 (lien direct) | Google's Play Protect mobile threat protection service blocked the installation of over 1.9 billion malicious apps downloaded from non-Play Store sources in 2019. [...] | Malware Threat | ||
|
2020-01-30 19:16:35 | (Déjà vu) Microsoft Detects New TA505 Malware Attacks After Short Break (lien direct) | Microsoft says that an ongoing TA505 phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] | Malware Threat | ||
|
2020-01-30 19:16:35 | Microsoft Detects New Evil Corp Malware Attacks After Short Break (lien direct) | Microsoft says that an ongoing Evil Corp phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] | Malware Threat | ||
|
2020-01-27 18:35:06 | FBI Releases Alert on Iranian Hackers\' Defacement Techniques (lien direct) | The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers' TTPs to help administrators and users to protect their websites. [...] | Threat | ||
|
2020-01-24 18:13:22 | The Week in Ransomware - January 24th 2020 - Duck for Cover! (lien direct) | Ransomware continues its onslaught against cities, the enterprise, and even houses of worship as threat actors attempt to encrypt as much as they can to earn big payouts. [...] | Ransomware Threat | ||
|
2020-01-17 11:40:37 | Hackers Are Securing Citrix Servers, Backdoor Them for Access (lien direct) | An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access. [...] | Threat | ||
|
2020-01-11 10:00:00 | Android Trojan Kills Google Play Protect, Spews Fake App Reviews (lien direct) | An Android malware strain camouflaged as a system app is used by threat actors to disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more. [...] | Malware Threat | ||
|
2020-01-09 06:00:00 | TrickBot Gang Created a Custom Post-Exploitation Framework (lien direct) | Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally throughout a network. [...] | Malware Threat | ||
|
2020-01-08 03:30:00 | SNAKE Ransomware Is the Next Threat Targeting Business Networks (lien direct) | Since network administrators didn't already have enough on their plate, they now have to worry about a new ransomware called SNAKE that is targeting their networks and aiming to encrypt all of the devices connected to it [...] | Ransomware Threat | ||
|
2020-01-07 03:30:00 | MP Says Austria Unprepared After Cyberattack on Foreign Ministry (lien direct) | The Austrian State Department' IT systems were under a 'serious attack' suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). [...] | Threat | ||
|
2020-01-06 11:34:41 | US Govt Says Iran\'s Cyberattacks Can Disrupt Critical Infrastructure (lien direct) | The U.S. Department of Homeland Security (DHS) warned in a terrorism threat alert issued through the National Terrorism Advisory System (NTAS) that potential cyberattacks carried out by Iranian-backed actors against the U.S. have the potential to disrupt critical infrastructure. [...] | Threat | ||
|
2019-12-18 09:51:41 | ScreenConnect MSP Software Used to Install Zeppelin Ransomware (lien direct) | Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers. [...] | Ransomware Threat | ★★★★★ |
To see everything:
Our RSS (filtrered)
