What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-30 10:03:15 | Georgia voter records published (lien direct) | Voter information for more than 4.9 million Georgians, including deceased citizens, has been published on a hacking forum over the weekend, on Saturday. Personal information such as full names, home addresses, dates of birth, ID numbers, and mobile phone numbers were shared online in a 1.04 GB MDB (Microsoft Access database) file. The leaked […] | |||
|
2020-03-30 10:02:27 | Fraudsters target Westpac customers (lien direct) | Scammers have sent out a text message claiming all Westpac accounts have been frozen unless customers click on a link and provide their account details. They tried using the coronavirus chaos to fool unsuspecting Australians with the SMS caps lock title: ‘Important message from Westpac’. ‘For the safety of our customers due to the recent […] | |||
|
2020-03-30 10:00:37 | Fraudulent coronavirus sites removed (lien direct) | More than 180 fraudulent coronavirus websites targeting vulnerable people have been taken down in the UK since the start of the outbreak. Nominet, the national domain name registry, said it had seen a surge in fraudsters spoofing government websites in an attempt to trick Britons into handing over their bank details and private data. […] | |||
|
2020-03-30 10:00:01 | Facebook data collection removed from Zoom iOS app (lien direct) | Video conferencing app Zoom is enjoying a huge spike in users as a result of the COVID-19 pandemic, as massive swathes of the world’s workforce work from home at the same time. You would likely expect that such a rise to popularity might bring some road-bumps along the way, though, and Zoom has announced that […] | |||
|
2020-03-27 14:10:31 | The Great Security Survivor: Experts on Ransomware (lien direct) | If a layman pictures a cyberattack, the likelihood is they picture a ransomware attack: The screens overcome by a malicious message, locking up systems and demanding payment to a shadowy organisation or individual. This cultural ubiquity does not exist in a vacuum: Where other forms of cybercrime have gone in and out of fashion based […] | Ransomware | ||
|
2020-03-27 14:05:28 | 37.9% of Untrained End Users Will Fail a Phishing Test According to KnowBe4 (lien direct) | KnowBe4's new Phishing by Industry Benchmarking Report, published this week, reveals organisation's Phish-Prone percentage (PPP), which indicates how many of their employees are likely to fall for a phishing or social engineering scam. The initial baseline phishing test was administered to organisations that hadn't conducted any KnowBe4 security awareness training. The results indicated a high […] | |||
|
2020-03-27 11:44:16 | Fighting cybercriminals is an ongoing battle (lien direct) | If these uncertain times have proved anything it is that now, more than ever, maintaining cybersecurity is critical to ensuring business as usual; especially as the workforce is moving towards a remote working environment. This means that even the slightest disruption to daily operations can cause catastrophic damage to businesses, many of whom are already […] | |||
|
2020-03-27 11:01:19 | Chubb data stolen by Maze ransomware (lien direct) | Chubb, a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach. The insurance giant told TechCrunch it was investigating a “security incident” involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had “no evidence” the incident […] | Ransomware | ||
|
2020-03-27 11:00:27 | Three customers targeted by phishing attack (lien direct) | Cyber criminals are posing as UK mobile network operator Three as part of a sophisticated phishing campaign designed to extract the financial details of its customers. The attack relies on a well-spoofed HTML document that entices Three customers to hand over everything from their password and personal details to credit card and payment information. Source: […] | |||
|
2020-03-27 10:58:58 | (Déjà vu) Hospitals still targeted by ransomware during Coronavirus pandemic (lien direct) | The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Last week BleepingComputer contacted various ransomware groups and asked if they would target hospitals and other healthcare organizations during the pandemic. Source: Bleeping Computer | Ransomware | ||
|
2020-03-27 10:58:22 | Phishing emails up 667% in less than a month (lien direct) | Phishing emails have spiked by over 600% since the end of February as cyber-criminals look to capitalize on the fear and uncertainty generated by the COVID-19 pandemic, according to Barracuda Networks. The security vendor observed just 137 incidents in January, rising to 1188 in February and 9116 so far in March. Around 2% of the […] | |||
|
2020-03-27 10:57:35 | (Déjà vu) 40,000 State-Sponsored Attacks in 2019 according to Google (lien direct) | Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. One of the reasons behind this notable drop in the number of government-backed hacking incidents is the increasingly effective protections Google sets up to protect […] | Malware | ||
|
2020-03-26 16:25:50 | Is SaaS the future of cybersecurity? (lien direct) | A security software-as-a-service solution that continuously scans the entirety of an organisation's digital assets is perhaps the clearest indicator of how much the cybersecurity world has changed since the old days, when one ad-hoc penetration test and an antivirus would do the trick. We asked Eoin Keary, CEO and founder of edgescan, to tell us […] | |||
|
2020-03-26 10:49:35 | Ransomware Gangs Join group to Leak Data (lien direct) | In recent days, Nefilim, CLOP and Sekhmet have become the latest ransomware operations to launch data-leaking sites, as Bleeping Computer first reported on Tuesday. CLOP has been tied to an attack against Maastricht University in the Netherlands that resulted in the institution paying attackers a ransom of 30 bitcoins (now worth about $200,000). Nefilim […] | Ransomware | ||
|
2020-03-26 10:47:45 | Cloud Storage Exposes Information on 270,000 Users (lien direct) | Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor's research team recently found a serious breach in an open Amazon S3 bucket owned by secure cloud storage provider Data Deposit Box. The leak exposed detailed information about 270,000 private files uploaded by customers through the company's secure cloud storage service. The database also […] | |||
|
2020-03-26 10:44:25 | Cisco, Citrix Flaws Exploited by Chinese Hackers (lien direct) | Researchers say that APT41's exploits are part of one of the broadest espionage campaigns they've seen from a Chinese-linked actor “in recent years.” Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” […] | Threat Guideline | APT 41 | |
|
2020-03-26 10:43:29 | Brazilian data protection regulations threatened (lien direct) | The COVID-19 crisis will likely result in the postponement of the go-live date for Brazil’s general data protection regulations. According to industry observers, the pandemic is seen as a fair justification to delay the go-live date for the regulations, which are due to be enforced in August 2020. A bill authored by congressman Carlos […] | |||
|
2020-03-26 10:42:23 | 400 Professionals Volunteer to Fight Coronavirus Hacking (lien direct) | An international group of nearly 400 volunteers with expertise in cybersecurity formed on Wednesday to fight hacking related to the novel coronavirus. Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp. and Amazon.com Inc. […] | Threat | ||
|
2020-03-25 14:57:02 | Executives Believe Employees are the Greatest Threat to Critical Infrastructure Security According to Nozomi Networks (lien direct) | Over 400 C-level executives from critical infrastructure organisations across North America, Europe and Asia/Pacific were surveyed in a report sponsored in part by Nozomi Networks titled “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure”. The report found that most (88%) critical infrastructure organisations have, or are currently, integrating their IT, OT, IoT […] | Threat | ||
|
2020-03-25 11:15:29 | (Déjà vu) GE Discloses Data Breach (lien direct) | Fortune 500 technology giant General Electric (GE) disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE’s service providers. GE is a multinational operating in a wide range of tech segments including aviation, power, healthcare, and renewable energy, and it […] | Data Breach | ||
|
2020-03-25 11:14:47 | Middle East firms face cyber espionage attempts from Russian hackers (lien direct) | As per Trend Micro's research, since May 2019, a Russian state-sponsored notorious cyber espionage threat group called Pawn Storm (also known as Fancy Bear or APT28) has been scanning servers for reusing previously compromised emails. The compromised email addresses are used to carry out phishing campaigns, targeted mainly at defense firms from the Middle […] | Threat | APT 28 | |
|
2020-03-25 11:13:17 | Hospitals in Spain targeted by Netwalker ransomware (lien direct) | Hospitals in Spain have been targeted with coronavirus-themed phishing lures by attackers looking to lock-down their systems with Netwalker ransomware. Local reports indicate that medical centres have been receiving emails purporting to offer “information on COVID-19”, but with PDF attachments that activate the ransomware, commonly associated with computer crime groups in Eastern Europe. Source: Computing.com | Ransomware | ||
|
2020-03-25 11:10:13 | Microsoft warns Windows users of unfixable hack attack (lien direct) | MICROSOFT has warned of hackers exploiting a new vulnerability that can be found in all supported versions of Windows. If successfully manipulated by a cyber-criminal, it would be possible for them to run malware on a victim’s device. Source: The Sun | Malware Hack Vulnerability | ||
|
2020-03-25 11:09:28 | HHS website vulnerability leads to Coronavirus-themed phishing attack (lien direct) | A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability found on the U.S. Department of Health and Human Services' website, HHS.gov. As defined by Trustwave here, an open redirect occurs when a website's “parameter values (the portion of URL after “?”) in an HTTP […] | Malware Vulnerability | ||
|
2020-03-24 09:54:55 | COVID-19 UK app \'must respect privacy rights\' (lien direct) | UK health chiefs are being urged to safeguard people’s privacy as they develop an app to help tackle the coronavirus pandemic. An open letter published by a group of “responsible technologists” warns that if corners are cut, the public’s trust in the NHS will be undermined. And it urges those in charge to be more […] | |||
|
2020-03-24 09:54:17 | COVID-19 misinformation tweets removed by Twitter (lien direct) | Twitter has emphasised that while it attempts to curb any misinformation about COVID-19, it is unable to take “enforcement action on every tweet”. “As we communicated last week, COVID-19 is affecting our content moderation capacities in unique ways, and we’re adjusting to meet the challenge. Right now, we’re focused on content that has the highest […] | |||
|
2020-03-24 09:53:31 | Microsoft say unpatched Windows Zero-Day flaws are being exploited (lien direct) | Attackers are exploiting unpatched Windows zero day flaws, Microsoft said in a Monday security advisory. The company said “limited targeted attacks” could leverage two unpatched remote code executive (RCE) vulnerabilities in Windows “when the Windows Adobe Type Manager Library improperly handles a specially crafted multi-master font – Adobe Type 1 PostScript format.” Source: SC Magazine | |||
|
2020-03-24 09:52:47 | Ready-made ICS hacking tools available, warn FireEye (lien direct) | FireEye security researchers warn that the proliferation of hacking tools with capabilities for targeting industrial control systems (ICS) is lowering the entry bar for attackers and increasing risks for organizations operating in the industrial sector. In a study published today, the US cybersecurity firm said it analyzed all the hacking tools with ICS targeting capabilities […] | |||
|
2020-03-24 09:52:01 | Ransomware attack at Finastra (lien direct) | Finastra, a bank technology company in London that has more than 9,000 customers, including 90 of the top 100 global banks, was working Monday to bring servers back online that were hit by a ransomware attack late last week. Some U.S. bank customers are affected by the incident, which occurred Friday. The company says it […] | Ransomware | ||
|
2020-03-23 12:44:40 | Employees spending extra 2h working during COVID-19 mandated remote work (lien direct) | New data from NordVPN Teams shows a massive spike since March 11 in business VPN usage worldwide in the wake of the global coronavirus pandemic. This directly correlates with the mass increase in remote work globally. The fundamental shift in work location will have enormous ramifications on digital business, the economy, and cybersecurity. Key numbers: […] | |||
|
2020-03-23 09:53:32 | 200 million Americans exposed by data breach (lien direct) | Huge data breach included personal information on more than 200 million Americans. Equally as bad, it’s unclear where the data came from. Researchers have noticed that detailed personal information of more than 200 million Americans was exposed in a data breach. This is the latest in a long list of data security incidents over […] | Data Breach | ||
|
2020-03-23 09:52:40 | Norwegian Cruise Line suffers data breach (lien direct) | The world’s third largest cruise line, Norwegian Cruise Line, has suffered a data breach, the British security firm DynaRisk says, adding that the email addresses and passwords of nearly 27,000 travel agents had been exposed as a result. DynaRisk said its researchers had found a breached database from the NCL travel agents’ portal on […] | Data Breach | ||
|
2020-03-23 09:51:34 | 538 million Weibo users\' data for sale (lien direct) | The personal details of more than 538 million users of Chinese social network Weibo are currently available for sale online, according to ads seen by ZDNet and corroborating reports from Chinese media. In ads posted on the dark web and other places, a hacker claims to have breached Weibo in mid-2019 and obtained a […] | |||
|
2020-03-23 09:50:44 | Maze ransomware attack on British medical firm (lien direct) | The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm’s computer systems. Cyber gangsters have attacked the computer systems of a medical research company on standby to carry out trials of a possible future vaccine for […] | Ransomware | ||
|
2020-03-23 09:49:58 | WHO launches Coronavirus Whatsapp service (lien direct) | The World Health Organization (WHO) has launched a chatbot on WhatsApp to provide information on the coronavirus (COVID-19) pandemic sweeping the planet. To interact with it, users will need to message the WHO account on +41 79 475 22 09 and send the word ‘Hi’ to begin chatting, after which, a list of prompts is […] | |||
|
2020-03-20 16:33:52 | Cybersecurity Vendors Offer Free Products To Help Organisations As Employees Work From Home (lien direct) | With an unprecedented number of businesses having to quickly change the way they work, here is what some of the cybersecurity community are doing to help make sure the change is as secure and safe as possible: OneLogin will be offering the OneLogin Trusted Experience Platform for free to educators who are moving to a […] | |||
|
2020-03-20 11:05:30 | Bitcoin Ransomware Attacks at Record High (lien direct) | Bitcoin and crypto-related ransomware attacks hit a record high in the United Kingdom last year. According to a report by Bitcoinist and records obtained under the Freedom of Information Act (FOI), UK authorities received 562 reports from victims of devices that were hijacked by crypto-related ransomware. Source: CryptoGlobe | Ransomware | ||
|
2020-03-20 11:04:23 | Ransomware gang will stop hospital attacks (lien direct) | The notorious Maze ransomware gang announced Wednesday that it will not attack any healthcare organizations during the COVID-19 pandemic. The pandemic has put a strain hospitals and public health agencies in recent weeks as governments across the globe struggle to contain the spread of COVID-19, also known as the new coronavirus. Some security vendors have […] | Ransomware | ||
|
2020-03-20 11:03:42 | (Déjà vu) Phishing attempts impersonate WHO to deliver HawkEye Malware (lien direct) | An ongoing phishing campaign delivering emails posing as official messages from the Director-General of the World Health Organization (WHO) is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. This spam campaign started today according to researchers at IBM X-Force Threat Intelligence who spotted it and it has already delivered several waves […] | Spam Malware Threat | ||
|
2020-03-20 11:02:57 | Linux tool developed by Google to tackle USB keystroke attacks (lien direct) | Google has developed a tool for Linux machines that combats USB keystroke injection attacks by flagging suspicious keystroke speeds and blocking devices classified as malicious. Keystroke injection attacks can execute malicious commands via a thumb drive connected to a host machine, by running code that mimics keystrokes entered by a human user. Source: Daily Swig | Tool | ||
|
2020-03-20 11:02:10 | Report reveals APT28 email scanning activities (lien direct) | For the past year, one of Russia’s top state-sponsored hacking units has spent its time scanning and probing the internet for vulnerable email servers, according to a report published yesterday by cyber-security firm Trend Micro. The report deals with the activities of APT28, also known as Fancy Bear, Sednit, and Pawn Storm. Source: ZD Net | APT 28 | ||
|
2020-03-19 11:16:35 | Password managers vulnerable to fake app attacks (lien direct) | Security experts recommend using a complex, random and unique password for every online account, but remembering them all would be a challenging task. That's where password managers come in handy. Encrypted vaults are accessed by a single master password or PIN, and they store and autofill credentials for the user. However, researchers at the […] | |||
|
2020-03-19 11:15:14 | Caution advised when tracking COVID-19\'s spread (lien direct) | Privacy advocates advise caution when tracking the movements of patients or those infected with the new coronavirus, as an effort to minimize the pandemic's effect. Authorities in the United States and Israel are eyeing ways to use mobile-phone and other location-based data to help control the spread of the new coronavirus COVID-19, raising serious […] | |||
|
2020-03-19 11:13:31 | France warns of ransomware gang (lien direct) | France’s cyber-security agency issued an alert this week warning about a new ransomware gang that’s been recently seen targeting the networks of local government authorities. The alert, issued by France’s CERT team, points to a rising number of attacks carried out with a new version of the Mespinoza ransomware strain, also known as the […] | Ransomware | ||
|
2020-03-19 11:12:38 | Facebook Charged Over Data Privacy Breach (lien direct) | The Australian Information Commissioner lodged Federal Court proceedings against the social media giant, Facebook. The Information Commissioner found Facebook guilty of data privacy breach, which was also in conjunction with a breach of the country's Privacy Act 1988. The breach affected 311,127 Australian Facebook users. If proven guilty, a maximum civil penalty of up to […] | |||
|
2020-03-19 11:11:49 | (Déjà vu) Support for FTP protocol removed by Firefox (lien direct) | Mozilla has announced plans today to remove support for the FTP protocol from Firefox. Going forward, users won’t be able to download files via the FTP protocol and view the content of FTP links/folders inside the Firefox browser.” We’re doing this for security reasons,” said Michal Novotny, a software engineer at the Mozilla Corporation, the […] | |||
|
2020-03-18 10:51:03 | Six-Month Data Breach on Guitar Site (lien direct) | A Florida company that offers guitar lessons online to millions of students around the world has suffered a data breach.Unauthorized access of TrueFire’s computer system went on for six months before the breach was detected on January 10, 2020. In a data breach notification letter dated March 9, 2020, and signed by TrueFire Chief Customer […] | Data Breach | ||
|
2020-03-18 10:49:37 | New Malware Lets Hackers Control Browsing (lien direct) | Security researchers at Kaspersky recently posted a warning of new Android malware that can steal cookies and gain control of its victims' accounts. According to researchers, when the two malware modifications are combined, they can be used for stealing cookies collected by social media networking sites, as well as browsers themselves. [Hindustan Times] After that, […] | Malware | ||
|
2020-03-18 10:48:32 | (Déjà vu) Crimson RAT spread via Coronavirus Phishing (lien direct) | A state-sponsored threat actor is attempting to deploy the Crimson Remote Administration Tool (RAT) onto the systems of targets via a spear-phishing campaign using Coronavirus-themed document baits disguised as health advisories. This nation-backed cyber-espionage is suspected to be Pakistan-based and it is currently tracked under multiple names including APT36, Transparent Tribe, ProjectM, Mythic Leopard, and […] | Tool Threat | APT 36 | ★★ |
|
2020-03-18 10:47:36 | Monitor Minor Stalkerware Discovered (lien direct) | Stalkerware called Monitor Minor gives users the ability to creep on a target's missives swapped via Instagram, Skype and Snapchat. Researchers are sending up a red flag over the distribution of an aggressive stalkerware app called Monitor Minor. In a report released Monday, researchers said the Android version of the app gives stalkers near absolute […] |
To see everything:
Our RSS (filtrered)
