What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-16 09:57:57 | Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack (lien direct) | Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack (avsvmcloud[.]com) in an attempt to identify all victims and prevent other systems from being served malicious software. The domain […] | Hack | ||
|
2020-12-16 00:25:32 | PyMICROPSIA Windows malware includes checks for Linux and macOS (lien direct) | Experts discovered a new Windows info-stealer, named PyMICROPSIA, linked to AridViper group that is rapidly evolving to target other platforms. Experts from Palo Alto Networks’s Unit 42 discovered a new Windows info-stealing malware, named PyMICROPSIA, that might be used soon to also target Linux and macOS systems. Experts spotted the PyMICROPSIA info stealer while investigating […] | Malware | ||
|
2020-12-15 21:25:53 | Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices (lien direct) | Experts reported flaws in Medtronic 's MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic's MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. MyCareLink Smart […] | |||
|
2020-12-15 17:22:34 | Norwegian cruise company Hurtigruten was hit by a ransomware (lien direct) | Norwegian cruise company Hurtigruten disclosed a cyber attack that impacted its entire worldwide digital infrastructure. The Norwegian cruise company Hurtigruten announced its entire worldwide digital infrastructure was the victim of a cyber attack. “It’s a serious attack,” said the Hurtigruten’s chief digital officer Ole-Marius Moe-Helgesen in a statement. “The entire worldwide digital infrastructure of Hurtigruten […] | Ransomware | ||
|
2020-12-15 07:18:10 | SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study (lien direct) | Sophos and ReversingLabs released SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10M malware samples. Sophos and ReversingLabs announced the release of SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10 million malware samples. The SoReL-20M database includes a set of curated and labeled samples and security-relevant metadata that […] | Malware | ||
|
2020-12-15 06:38:03 | Apple addressed multiple code execution flaws in iOS and iPadOS (lien direct) | Apple addressed this week serious code execution vulnerabilities that affect its iOS and iPadOS mobile operating systems. Apple released security updates to fix multiple severe code execution vulnerabilities in its iOS and iPadOS mobile operating systems. The IT giant released iOS 14.3 and iPadOS 14.3 version to address eleven security vulnerabilities, including code execution flaws. […] | |||
|
2020-12-14 21:50:16 | SolarWinds confirmes 18,000 customers may have been impacted (lien direct) | 18,000 SolarWinds customers may have been impacted by the attack against its supply chain, the company said in a SEC filing. SolarWinds revealed that 18,000 customers might have been impacted by the cyber attack against its supply chain. The alarming data emerged in a filing with the Securities and Exchange Commission (SEC) on Monday. “On December […] | |||
|
2020-12-14 15:48:14 | Details for 1.9M members of Chinese Communist Party Members leaked (lien direct) | Security experts from Cyble discovered that the details of 1.9 million members of the Chinese Communist Party were leaked on a hacking forum. During routine Dark web monitoring, the experts from Cyble found a post on a Russian-speaking forum offering the details of 1.9 million members of Chinese Communist Party. The huge trove of data, […] | |||
|
2020-12-14 09:24:06 | US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software (lien direct) | Hackers broke into the networks of federal agencies and FireEye by compromising SolarWinds’ Orion Network Management Products. The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. Nation-state actors, allegedly Russia-linked […] | |||
|
2020-12-14 08:13:23 | Robotic Process Automation vendor UiPath discloses data breach (lien direct) | Last week, ZDnet reported in an exclusive that the tech unicorn UiPath admitted having accidentally exposed the personal details of some users. UiPath is a leading Robotic Process Automation vendor providing a complete software platform to help organizations efficiently automate business processes. The startup started reporting the security incident to its customers that had their data […] | Data Breach Guideline | ||
|
2020-12-13 21:48:48 | Pay2Key hackers stole data from Intel\'s Habana Labs (lien direct) | Pay2Key ransomware operators claim to have compromised the network of the Intel-owned chipmaker Habana Labs and have stolen data. Intel-owned AI chipmaker Habana Labs was hacked by Pay2key ransomware operators who claim to have stolen from the company. The group announced the hack on Twitter, they claim to have stolen sensitive data, including information about […] | Ransomware Hack | ||
|
2020-12-13 17:19:51 | Hacked Subway UK marketing system used in TrickBot phishing campaign (lien direct) | Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. Subway UK customers received emails from ‘Subcard’ about the processing […] | Malware Hack | ||
|
2020-12-13 15:29:38 | Security Affairs Newsletter is back! (lien direct) | Security Affairs newsletter is back, it is the right time to subscribe to it. Every day I receive several emails asking me to resume the Security Affairs newsletter, for this reason, I decided to open it again for the first 2000 users. Subscribe * indicates required Email Address * First Name Last Name GDPR disclaimer […] | |||
|
2020-12-13 12:52:10 | Security Affairs newsletter Round 293 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. COVID-19 themed attacks October 1 – December 5, 2020 Drug dealers are selling Pfizer COVID vaccines on the darkweb LockBit Ransomware operators hit Swiss helicopter maker Kopter Police arrest two […] | Ransomware | ||
|
2020-12-13 09:58:29 | PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs (lien direct) | Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. PostgreSQL, also known as Postgres, is one of […] | Hack | ||
|
2020-12-12 17:09:24 | NI CompactRIO controller flaw could allow disrupting production (lien direct) | A serious flaw in National Instruments CompactRIO controllers could allow remote attackers to disrupt production processes in an organization. A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. The National Instruments CompactRIO product, a rugged, real-time controller that provides high-performance […] | Vulnerability | ||
|
2020-12-12 12:05:02 | WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack (lien direct) | Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than 500,000 sites. Hackers are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin to reset passwords for admin accounts. The SMTP WordPress plugin is installed on more than 500,000 sites, but […] | Hack Vulnerability | ||
|
2020-12-11 21:35:29 | Spotify reset user passwords after accidentally personal information exposure (lien direct) | Spotify is informing users that their personal information might have been accidentally shared with some of its business partners. Spotify is informing users that their personal information might have been inadvertently shared with some of its business partners for several months. The company filed a notice of breach notice with the California Attorney General. “We deeply regret […] | |||
|
2020-12-11 17:49:36 | Facebook links cyberespionage group APT32 to Vietnamese IT firm (lien direct) | Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. Vietnam-linked APT group APT32, also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on […] | APT 32 | ||
|
2020-12-11 12:11:50 | Threat actors target K-12 distance learning education, CISA and FBI warn (lien direct) | The US Cybersecurity Infrastructure and Security Agency and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector. The US CISA and the FBI warned about the increase in ransomware attacks targeting the US K-12 educational sector aimed at data theft and disruption of distance learning services. The number of […] | Ransomware Threat | ||
|
2020-12-11 10:22:50 | Interview with Massimiliano Brolli, Head of TIM Red Team Research (lien direct) | Interview with Massimiliano Brolli, Head of TIM Red Team Research, which is a team of experts that focus on zero-day hunting. For some time now we have been witnessing a series of undocumented vulnerabilities issued by a TIM IT Security laboratory called Red Team Research RTR, which already has 31 new CVEs to date in […] | |||
|
2020-12-11 06:50:09 | Adrozek malware silently inject ads into search results in multiple browsers (lien direct) | Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages. Users are redirected to […] | Malware | Adrozek | |
|
2020-12-10 19:46:49 | Cisco addresses critical RCE vulnerability in Jabber (lien direct) | Cisco addressed a new critical RCE vulnerability that affects several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco has released security updates to address a critical remote code execution (RCE) flaw affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco Jabber is an instant messaging and web conferencing desktop app that […] | Vulnerability | ||
|
2020-12-10 18:23:03 | (Déjà vu) Expert published PoC exploit code for Kerberos Bronze Bit attack (lien direct) | The proof-of-concept exploit code for the Kerberos Bronze Bit attack was published online, it allows intruders to bypass authentication and access sensitive network services The proof-of-concept exploit code for the Kerberos Bronze Bit attack, tracked as CVE-2020-17049, was published online this week. The hacking technique could be exploited by attackers to bypass the Kerberos authentication […] | |||
|
2020-12-10 14:57:59 | njRAT RAT operators leverage Pastebin C2 tunnels to avoid detection (lien direct) | Threat actors behind the njRAT Remote Access Trojan (RAT) are leveraging active Pastebin Command and Control Tunnels to avoid detection. Researchers from Palo Alto Networks’ Unit 42 reported that operators behind the njRAT Remote Access Trojan (RAT), aka Bladabindi, are leveraging Pastebin Command and Control tunnels to avoid detection. “In observations collected since October 2020, […] | |||
|
2020-12-10 12:14:06 | Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware (lien direct) | Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) has been active since at least 2007 and it has […] | Malware | APT 28 | |
|
2020-12-10 08:52:24 | Attack on Vermont Medical Center is costing the hospital $1.5M a day (lien direct) | The attack that hit the University of Vermont Medical Center at the end of October is costing the hospital about $1.5 million a day. In October, ransomware operators hit the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The ransomware attack took place on October 28 and disrupted services at the UVM Medical Center […] | Ransomware | ||
|
2020-12-09 19:57:49 | European Medicines Agency targeted by cyber attack (lien direct) | The European Medicines Agency (EMA) announced it has been targeted by a cyber attack. The European Medicines Agency (EMA) announced it has been targeted by a cyber attack. The EMA did not provide technical details about the attack, nor whether it will have an impact on its operations while it is evaluating and approving COVID-19 […] | |||
|
2020-12-09 16:02:11 | Crooks hide software skimmer inside CSS files (lien direct) | Security researchers have uncovered a new technique to inject a software skimmer onto websites, the malware hides in CSS files. Security researchers have uncovered a new technique used by threat actors to inject a software skimmer onto websites, the attackers hide the malware in CSS files. Security experts have analyzed multiple Magecart attack techniques over […] | Malware Threat | ||
|
2020-12-09 08:50:54 | (Déjà vu) Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical (lien direct) | Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. The flaws impact multiple products including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Office Services and Web Apps, Exchange […] | |||
|
2020-12-09 08:07:43 | The importance of computer identity in network communications: how to protect it and prevent its theft (lien direct) | The importance of computer identity in network communications: how to protect it and prevent threat actors from spying or stealing on online communications When you fill out a registration form to take advantage of a web service, a virtual personal profile is generated, creating your own IT identity characterized by specific attributes. Even those who […] | Threat | ||
|
2020-12-08 23:00:51 | Top cybersecurity firm FireEye hacked by a nation-state actor (lien direct) | The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The cybersecurity firm FireEye is one of the most prominent cybersecurity firms, it provides products and services to government agencies and companies worldwide. The company made the headlines because it was the victim of a hack, and experts blame […] | |||
|
2020-12-08 19:14:57 | OpenSSL is affected by a \'High Severity\' security flaw, update it now (lien direct) | The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The flaw is a null pointer dereference, successful exploitation could trigger denial-of-service conditions. The vulnerability was reported […] | Vulnerability | ||
|
2020-12-08 17:58:14 | Unauthenticated Command Injection bug opens D-Link VPN routers to hack (lien direct) | An unauthenticated command injection vulnerability could be exploited by threat actors to compromise D-Link VPN routers. Security researchers at Digital Defense discovered three vulnerabilities in D-Link VPN routers, including command injection flaws, and an authenticated crontab injection flaw. The experts initially discovered the flaws in DSR-250 router family running firmware version 3.17, further investigation allowed […] | Hack Vulnerability Threat | ||
|
2020-12-08 14:47:55 | Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering (lien direct) | Russian citizen Alexander Vinnik was sentenced in Paris to five years in prison for money laundering and ordered to pay 100,000 euros in fines. Russian citizen Alexander Vinnik was sentenced in Paris to five years in prison for money laundering and ordered to pay 100,000 euros in fines. The man went on trial in Paris for having […] | |||
|
2020-12-08 12:24:00 | Expert discloses zero-click, wormable flaw in Microsoft Teams (lien direct) | Security expert disclosed technical details about a wormable, cross-platform flaw in Microsoft Teams that could allow stealth attacks. Security researcher Oskars Vegeris from Evolution Gaming has published technical details on a wormable, cross-platform vulnerability in the business communication platform Microsoft Teams. The flaw is a cross-site scripting (XSS) issue that impacts the 'teams.microsoft.com' domain, it […] | Vulnerability | ||
|
2020-12-08 11:26:27 | Critical remote code execution fixed in PlayStation Now (lien direct) | Security flaws in the PlayStation Now cloud gaming Windows application allowed hackers to execute arbitrary code on Windows systems. Bug bounty hunter Parsia Hakimian discovered multiple security flaws in the PlayStation Now (PS Now) cloud gaming Windows application that allowed hackers to execute arbitrary code on Windows devices running vulnerable app versions. The bugs affected PS Now version […] | |||
|
2020-12-08 08:20:03 | QNAP fixed eight flaws that could allow NAS devices takeover (lien direct) | Network-attached storage (NAS) vendor QNAP addressed vulnerabilities that could enable attackers to take over unpatched NAS devices. The Taiwanese vendor QNAP has released security updates to fix eight vulnerabilities that could be exploited by attackers to over unpatched NAS devices. The list of vulnerabilities addressed by QNAP is available here, it includes XSS and command injection issues. […] | |||
|
2020-12-07 22:23:14 | DoppelPaymer ransomware gang hit Foxconn electronics giant (lien direct) | Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. DoppelPaymer ransomware operators infected the systems at a Mexican facility of Foxconn electronics giant over the Thanksgiving weekend. The plan is located in Ciudad Juárez, Chihuahua, Mexico. The hackers also claim to have stolen unencrypted files before encrypting […] | Ransomware | ||
|
2020-12-07 21:01:18 | Cisco fixes exploitable RCEs in Cisco Security Manager (lien direct) | Cisco released security updates to fix multiple pre-authentication RCE flaws with public exploits affecting Cisco Security Manager. Cisco has released security updates to address multiple pre-authentication remote code execution vulnerabilities with public exploits affecting Cisco Security Manager (CSM). CSM provides a comprehensive management solution for CISCO devices, including intrusion prevention systems and firewalls (i.e. Cisco ASA appliances, Cisco […] | |||
|
2020-12-07 18:00:59 | A ransomware attack hit the Greater Baltimore Medical Center (lien direct) | The Greater Baltimore Medical Center, Maryland, was hit by a ransomware attack that impacted computer systems and operations. The Greater Baltimore Medical Center in Towson, Maryland was a victim of a ransomware attack that impacted its IT systems. At the time of this writing, it is not clear the family of ransomware that hit the healthcare providers, it […] | Ransomware | ||
|
2020-12-07 16:25:00 | Russia-linked hackers actively exploit CVE-2020-4006 VMware flaw, NSA warns (lien direct) | The National Security Agency (NSA) warns that Russia-linked hackers are exploiting a recently patched VMware flaw in a cyberespionage campaign. The US National Security Agency has published a security alert warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their targets. The US intelligence agency is urging companies […] | |||
|
2020-12-07 07:18:07 | US Cyber Command and Australian IWD to develop shared cyber training range (lien direct) | US Cyber Command and the Information Warfare Division (IWD) of the Australian Defense Force to develop a virtual cyber training platform. The United States and Australia have signed a first-ever cyber agreement to develop a virtual cyber training platform, the project will be designed by the U.S. Cyber Command (USCYBERCOM) and the Information Warfare Division […] | |||
|
2020-12-06 23:15:44 | LockBit Ransomware operators hit Swiss helicopter maker Kopter (lien direct) | LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April […] | Ransomware | ||
|
2020-12-06 16:02:01 | Drug dealers are selling Pfizer COVID vaccines on the darkweb (lien direct) | While the United Kingdom announced the distribution of the COVID-19 vaccine to the population drug dealers is selling 'Pfizer COVID Vaccines.' The UK became the first Western country to authorize a Covid-19 vaccine. The UK government announced the distribution of the Pfizer/BioNTech vaccine that has been granted emergency authorization by British regulators. While the first […] | |||
|
2020-12-06 13:16:18 | Security Affairs newsletter Round 292 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A critical flaw in industrial automation systems opens to remote hack Crooks stole 800,000€ from ATMs in Italy with Black Box attack Operators behind Dark Caracal are still alive and […] | Hack | ||
|
2020-12-06 13:02:20 | (Déjà vu) COVID-19 themed attacks October 1 – December 5, 2020 (lien direct) | This post includes the details of the COVID-19 themed attacks launched from October 1 to December 5, 2020. Threat actors exploit the interest in the COVID-19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily basis. Below a list of attacks detected between October 1 to December 5, 2020. October 26 […] | Threat | ||
|
2020-12-06 12:30:25 | Police arrest two people over stealing sensitive data from defense giant (lien direct) | Italian police arrested two people that have stolen 10 GB of confidental and alleged secret data from the defense company Leonardo S.p.A. Italian police have arrested two people that have been accused of stealing 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. Leonardo is a state-owned multinational company and one […] | |||
|
2020-12-05 23:43:40 | COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks (lien direct) | Healthcare organizations like Johnson & Johnson are observing a surge of cyber attacks carried by state-sponsored hackers during COVID-19 pandemic. Nation-state actors are intensifying their attacks against organizations in the healthcare industry, like Johnson & Johnson, that are involved in the development of the COVID-19 vaccine. Johnson & Johnson, along with other COVID-19 research companies, […] | |||
|
2020-12-05 20:58:26 | Human resource consulting giant Randstad hit by Egregor ransomware (lien direct) | Multinational human resource consulting firm Randstad NV announced that they were a victim of the Egregor ransomware. Egregor ransomware operators have breached the network of the multinational human resource consulting firm Randstad NV and have stolen unencrypted files during the attack. Randstad operates in 39 countries and employs over 38,000 people and generated €23.7 billion in revenue for […] | Ransomware |
To see everything:
Our RSS (filtrered)
