Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-02 17:00:00 |
\'Black Proxies\' Enable Threat Actors to Conduct Malicious Activity (lien direct) |
First used as botnets, their lucrative nature turned them into independent criminal enterprises |
Threat
|
|
★★
|
|
2022-12-02 16:00:00 |
Hackers Use Archive Files and HTML Smuggling to Bypass Detection Tools (lien direct) |
HP's latest report suggests 44% of malware was delivered via archive files in Q3 2022 |
Malware
|
|
★★★
|
|
2022-12-02 14:30:00 |
Industry Coalition Urges Congress to Hold off on SBOMs Requirements for Defense Contractors (lien direct) |
The coalition outlined the need to refine SBOM requirements before making it an obligation for defense contractors |
|
|
★★
|
|
2022-12-02 10:45:00 |
NATO Launches Massive Cyber-Defense Exercise (lien direct) |
Annual Cyber Coalition effort helps nations develop and share best practice |
|
|
★★★★
|
|
2022-12-02 10:15:00 |
Cuba Ransomware Actors Pocket $60m (lien direct) |
Number of US victims has doubled over the past year |
Ransomware
|
|
★★★
|
|
2022-12-02 09:40:00 |
Trojan Steals Facebook Details from Over 300K Victims (lien direct) |
"Schoolyard Bully" has been active since 2018 |
|
|
★★★
|
|
2022-12-01 18:00:00 |
Hackers Target Colombia\'s Healthcare System With Ransomware (lien direct) |
The attack disrupted IT operations, websites and scheduling of medical appointments |
Ransomware
|
|
★★★
|
|
2022-12-01 17:00:00 |
Spyware Vendor Variston Exploited N-Days in Chrome, Firefox, Windows (lien direct) |
The claims come from Google's Threat Analysis Group, which published an advisory about the threat |
Threat
|
|
★★★
|
|
2022-12-01 16:07:00 |
(Déjà vu) WhatsApp Files on Dark Web Show Millions of Records For Sale (lien direct) |
The list went on sale for four days and is now being distributed for free among dark web users |
|
|
★★★
|
|
2022-12-01 11:00:00 |
UK Extends NIS Regulations to IT Managed Service Providers (lien direct) |
The UK strengthens its regulations on Network and Information Systems (NIS) to better prevent software supply chain attacks |
|
|
★★
|
|
2022-12-01 10:00:00 |
Researchers Accidentally Crash Cryptomining Botnet (lien direct) |
Akamai reveals how a simple syntax error stopped it sending commands |
|
|
★★★
|
|
2022-11-30 18:30:00 |
Majority of US Defense Contractors Not Meeting Basic Cybersecurity Requirements (lien direct) |
87% of DoD contractors are failing to meet the basic level of compliance ahead of CMMC coming into force next year |
|
|
★★★
|
|
2022-11-30 18:00:00 |
Australian Parliament Passes Privacy Penalty Bill (lien direct) |
The higher penalties and extended powers will become effective after the bill receives royal assent |
|
|
★★
|
|
2022-11-30 17:00:00 |
China-Based Hackers Target Southeast Asia With USB-Based Malware (lien direct) |
UNC4191 operations have affected several entities in Southeast Asia but also in the US, Europe and Asia Pacific Japan |
Malware
|
|
★★★
|
|
2022-11-30 16:00:00 |
Zero-Day Flaw Discovered in Quarkus Java Framework (lien direct) |
The flaw has a CVSS v3 base score rating of 9.8 and can be found in the Dev UI Config Editor |
|
|
★★★
|
|
2022-11-30 12:00:00 |
Businesses Increasing Cyber Spend Without Clear Strategy, Fastly Finds (lien direct) |
As businesses aim to spend more on cybersecurity, Fastly warns that many do so without a clear strategy |
|
|
★★
|
|
2022-11-30 10:30:00 |
Let\'s Encrypt Issues Three Billionth Certificate (lien direct) |
Free certificate authority serves over 300 million websites |
|
|
★★★
|
|
2022-11-30 10:00:00 |
Most Small Biz IaaS Users Seeing Surge in Attacks (lien direct) |
A further 67% were hit by ransomware in past year |
Ransomware
|
|
★★
|
|
2022-11-30 09:30:00 |
New "Icefall" Bugs Include Critical DoS Flaw (lien direct) |
Millions of OT devices may be affected |
|
|
★★
|
|
2022-11-29 18:12:00 |
Oracle Fusion Middleware Vulnerability Actively Exploited in the Wild: CISA (lien direct) |
The bug allows unauthenticated attackers with network access to compromise Oracle Access Manager |
Vulnerability
|
|
★★★★
|
|
2022-11-29 17:00:00 |
PII May Have Been Stolen in Virginia County Ransomware Attack (lien direct) |
A W-2 form was reportedly published on a dark web forum with stolen, sensitive data |
Ransomware
|
|
★★★
|
|
2022-11-29 16:00:00 |
US Census Bureau Head Fends Off Critics of \'Differential Privacy\' Tool (lien direct) |
Santos defended differential privacy against prominent researchers |
Tool
|
|
★★
|
|
2022-11-29 10:45:00 |
Police Shutter 13,000 Sites in Piracy Crackdown (lien direct) |
Fourteen detained as part of Europol operation |
Legislation
|
|
★★★★
|
|
2022-11-29 10:30:00 |
Ireland\'s DPC Fines Meta €265m Following Large-Scale Data Leak (lien direct) |
The fine followed an inquiry into data processing by Meta in response to a major data breach |
Legislation
|
|
★★★
|
|
2022-11-29 09:30:00 |
Web App and API Attacks Surge 257% in Financial Services (lien direct) |
Data and credentials at risk in the vertical |
|
|
★★★
|
|
2022-11-28 18:00:00 |
Elon Musk Unveils End-to-End Encrypted DMs For Twitter 2.0 (lien direct) |
The E2EE feature was first spotted by mobile researcher Jane Manchun Wong earlier this month |
|
|
★★★
|
|
2022-11-28 17:00:00 |
Phishing Campaign Impersonating UAE Ministry of Human Resources Grows (lien direct) |
New cluster of phishing domains registered using similar naming schemes discovered |
|
|
★★★★★
|
|
2022-11-28 16:00:00 |
Millions of Twitter Accounts Potentially Compromised (lien direct) |
The breach affected any account with the "Let others find you by your phone" option enabled |
|
|
★★★★
|
|
2022-11-28 14:15:00 |
Orange Cyberdefense Unveils Its Security Navigator With OT Hacking Demos (lien direct) |
The cybersecurity arm of Orange Business Services (OBS) organized a launch event at its Lyon campus, in France, for its latest annual threat report |
Threat
|
|
★★
|
|
2022-11-28 10:45:00 |
Belgian Police Under Fire After Major Ransomware Leak (lien direct) |
Crime reports dating back 15 years are made public |
Ransomware
|
|
★★
|
|
2022-11-28 10:10:00 |
Russian Sandworm Hackers Linked to New Ransomware Blitz (lien direct) |
Ukrainian targets are on the receiving end of RansomBoggs variant |
Ransomware
|
|
★★
|
|
2022-11-28 09:30:00 |
African Police Bust $800K Fraud Schemes (lien direct) |
International operation lasted four months |
|
|
★★★
|
|
2022-11-25 18:00:00 |
ConnectWise Fixes XSS Vulnerability that Could Lead to Remote Code Execution (lien direct) |
Threat actors could exploit the flaw to take complete control of the ConnectWise platform |
Vulnerability
Threat
|
|
★★
|
|
2022-11-25 17:15:00 |
Google Releases Chrome Patch to Fix New Zero-Day Vulnerability (lien direct) |
The high-severity vulnerability refers to a heap buffer overflow in the GPU component |
Vulnerability
|
|
★★★
|
|
2022-11-25 16:15:00 |
Remote Code Execution Vulnerability Found in Windows Internet Key Exchange (lien direct) |
The discovered vulnerabilities could have been exploited to target almost 1000 systems |
Vulnerability
|
|
|
|
2022-11-25 10:00:00 |
Experts Find 1600+ Malicious Docker Hub Images (lien direct) |
Shared repository is also a hidden source of malware |
|
|
★★★
|
|
2022-11-24 16:00:00 |
Bahamut Spyware Group Compromises Android Devices Via Fake VPN Apps (lien direct) |
The app used as part of the campaign was a trojanized version of SoftVPN or OpenVPN |
Mobile
|
Bahamut
Bahamut
|
★★
|
|
2022-11-24 15:00:00 |
SharkBot Malware Found in Android File Manager Apps With Thousands of Downloads (lien direct) |
The apps are no longer available on the Play Store, but can be found in third-party stores |
Malware
|
|
|
|
2022-11-24 13:30:00 |
Sonder confirms data breach, documents and other PII potentially compromised (lien direct) |
The company reportedly learned of unauthorized access to one of its systems on November 14 |
|
|
★★★★
|
|
2022-11-24 10:45:00 |
Cyber Essentials Scheme Set for April 2023 Update (lien direct) |
UK best practice security framework to offer new guidance |
|
|
★★
|
|
2022-11-24 10:10:00 |
UK Cops Lead Action Against Fraud Site that Made £100m+ (lien direct) |
Over 100 admins and users of iSpoof site arrested |
|
|
★★★
|
|
2022-11-24 09:30:00 |
Russian DDoS Briefly Downs European Parliament Site (lien direct) |
Parliament had declared Russia a state-sponsor of terrorism |
|
|
★★
|
|
2022-11-23 18:45:00 |
Panaseer Launches Guidance on Security Controls Ahead of EU\'s New Legislation (lien direct) |
The cybersecurity monitoring firm offers 18 recommendations on security controls to help organizations anticipate tougher cybersecurity regulations |
|
|
★★★
|
|
2022-11-23 18:00:00 |
CISA Updates Guidelines to Increase Resilience of Infrastructure Planning (lien direct) |
They expand the framework's scope by adding new resources and tools to support SLTT partners |
|
|
★★★
|
|
2022-11-23 17:00:00 |
Meta Removes Pro-US Accounts in Middle East and Central Asia (lien direct) |
The operation relied on many internet services, including Telegram, Twitter, YouTube and others |
|
|
★★★
|
|
2022-11-23 16:00:00 |
Qakbot Infections Linked to Black Basta Ransomware Campaign (lien direct) |
Threat actors obtained admin access in two hours and then deployed ransomware in under 12 hours |
Ransomware
Threat
|
|
|
|
2022-11-23 10:30:00 |
Yanluowang Ransomware\'s Russian Links Laid Bare (lien direct) |
Another dump of chat records provides insight into threat group |
Threat
|
|
★★★★
|
|
2022-11-23 10:00:00 |
UK Privacy Tsar Defends Controversial Enforcement Strategy (lien direct) |
Information commissioner wants to avoid "money-go-round" of government fines |
|
|
★★★
|
|
2022-11-23 09:30:00 |
Dozens of Russian Groups Steal 50 Million User Passwords (lien direct) |
Info-stealing malware infected nearly one million devices in 2022 |
Malware
|
|
★★★
|
|
2022-11-22 18:00:00 |
Ducktail Hacker Group Evolves, Targets Facebook Business Accounts (lien direct) |
Activity observed since early September featured new avenues to spear-phish targets |
|
|
★★★
|