What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-05 10:12:37 | EMCOR hit by Ryuk ransomware (lien direct) | EMCOR Group (NYSE: EME), a US-based Fortune 500 company specialized in engineering and industrial construction services, disclosed last month a ransomware incident that took down some of its IT systems. The incident took place on February 15 and was identified as an infection with the Ryuk ransomware strain. Details of the attack and the aftermath […] | Ransomware | ||
|
2020-03-05 10:10:57 | J.Crew customer accounts hacked (lien direct) | Clothing giant J.Crew said an unknown number of customers had their online accounts accessed “by an unauthorized party” almost a year ago, but is only now disclosing the incident. The company said in a filing on Tuesday with the California attorney general that the hacker gained access to the customer accounts in or around […] | |||
|
2020-03-04 10:10:57 | Qihoo accuses CIA of hacking (lien direct) | In a brief blog post here published on Monday in English and Chinese, Qihoo said it discovered the spying campaign by comparing samples of malicious software it had discovered against a trove of CIA digital spy tools released by WikiLeaks in 2017. Qihoo – a major cybersecurity vendor whose research is generally followed for […] | |||
|
2020-03-04 10:09:42 | New Cobalt Ulster Malware (lien direct) | A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. The emails were targeting organizations in […] | Malware Threat | ||
|
2020-03-04 10:09:02 | Defence Force data could have been compromised (lien direct) | A highly sensitive military database containing the personal details of tens of thousands of Australian Defence Force (ADF) members was shut down for 10 days due to fears it had been hacked. The ABC can reveal Defence Force Recruiting’s outsourced electronic records system was taken offline and quarantined from other military networks in February, […] | |||
|
2020-03-04 10:07:14 | Android app records web browsing (lien direct) | In February, Google threw 600 apps out of its Play store. Amongst those was an app called Clean Master, a security tool promising antivirus protection and private browsing. It had more than 1 billion installs before it was evicted and, despite Google's ban, is one of Android's most downloaded apps ever and is likely […] | Tool | ||
|
2020-03-04 10:06:29 | Sites face \'insecure\' warning today (lien direct) | Some well-known websites could stop functioning properly on Wednesday, 4 March, after a bug was found in the digital certificates used to secure them. The organisation that issues the certificates revealed that three million need to be immediately revoked. Visitors to affected sites will be greeted with an alert warning them the site is insecure. […] | |||
|
2020-03-03 17:29:49 | HMRC Smishing on the Rise (lien direct) | According to data collected by Griffin Law 1,524,449 fake emails, calls and text messages claiming to be from Her Majesty's Revenue and Customs were reported to HMRC between 2018 and 2019. Fraudulent correspondence purporting to be from HMRC is nothing new, but their delivery appears to have changed. Scams in the form of […] | |||
|
2020-03-03 10:28:50 | Traveller data exposed by wifi-provider (lien direct) | The email addresses and travel details of about 10,000 people who used free wi-fi at UK railway stations have been exposed online. Network Rail and the service provider C3UK confirmed the incident three days after being contacted by BBC News about the matter. The database, found online by a security researcher, contained 146 million […] | |||
|
2020-03-03 10:27:57 | Loqbox data breach (lien direct) | Some customers of credit history-building tool Loqbox have had personal and financial data compromised after the firm was hit by a “sophisticated and complex” cyber attack. Loqbox is a tool which helps those with patchy credit histories build a credit score by buying a ‘digital voucher’ – essential a loan – and then ‘repaying’ […] | Data Breach Tool | ||
|
2020-03-03 10:27:08 | (Déjà vu) NCSC issue smart camera and baby monitor warning (lien direct) | Smart cameras and baby monitors can be watched by criminals over the internet by default, security chiefs warn. The National Cyber Security Centre (NCSC) is advising people to tweak the settings after buying them. Easy-to-guess default passwords might let a hacker secretly observe a home through connected devices, it said. Source: BBC | |||
|
2020-03-03 10:26:27 | Home Office frequently broke GDPR during EU Settlement Scheme (lien direct) | The UK Home Office has breached European data protection regulations at least 100 times in its handling of the EU Settlement Scheme (EUSS). IDs have been lost, documents misplaced, passports have gone missing, and applicant information has been disclosed to third parties without permission in some of the cases, according to a new report. Source: […] | |||
|
2020-03-03 10:25:39 | 600,000 Clubcard holders at risk due to Tesco security issue (lien direct) | Tesco is issuing new cards to 600,000 Clubcard account holders after unearthing a security issue. The supermarket giant said it believed a database of stolen usernames and passwords from other platforms had been tried out on its websites, and may have worked in some cases. No financial data was accessed and its systems have not […] | |||
|
2020-03-02 12:41:04 | Anomali Threat Intelligence Platform (lien direct) | Supplier: Anomali Website: www.anomali.com Price: Based on size of organisation Scores: Performance 5/5 Features 5/5 Value for Money 4.5/5 Ease of Use 4/5 Overall 5/5 Verdict: Anomali weaponizes your cyber security teams by providing all the intelligence they need to detect, assess and mitigate threats. Enterprises that rely on reactive responses to cyber threats are […] | Threat | ||
|
2020-03-02 11:27:44 | BGR India Hacked (lien direct) | Mobile and technology news website BGR India's website was recently hacked and the data collected from the website has been leaked on the dark web. The data included email IDs, passwords and other information of the former employees of the company. Source: Inc 42 | |||
|
2020-03-02 11:20:35 | 1.5 million taxpayers hit by phishing scams confirm HMRC (lien direct) | Fraudsters have targeted UK taxpayers with a total of 1,524,449 phishing emails, calls and text messages purporting to be from Her Majesty’s Revenue and Customs (HMRC) over the last two years, according to official figures. The data reveals the staggering number of suspected fake correspondence reported to HMRC's official complaints email for phishing scams […] | |||
|
2020-03-02 11:19:38 | Visser confirms data breach (lien direct) | A precision parts maker for space and defense contractors has confirmed a “cybersecurity incident,” which TechCrunch has learned was likely caused by ransomware. Visser Precision, a Denver, Colorado-based manufacturer, makes custom parts for a number of industries, including automotive and aeronautics. In a brief statement, the company confirmed it was “the recent target of […] | Data Breach | ||
|
2020-03-02 11:18:48 | Railworks employee data stolen (lien direct) | Railroad construction and maintenance firm Railworks Corp. has disclosed a ransomware attack that may have also resulted in the breach of personally identifiable information. The attack took place on Jan. 27 and email notifications were sent to those affected by the attack between Jan. 30 and Feb. 7. Data potentially stolen in the attack […] | Ransomware | ||
|
2020-03-02 11:17:26 | Hackers target WordPress zero-days plugins (lien direct) | WordPress is, by far, the most widely used website building technology on the internet. According to the most recent statistics, more than 35% of all internet websites run on versions of the WordPress CMS (content management system).Due to its huge number of active installations, WordPress is a massive attack surface. Attempts to hack into WordPress […] | Hack | ||
|
2020-02-28 15:59:08 | Gurucul Launches New Unified Security and Risk Analytics Platform (lien direct) | Gurucul, today announced Gurucul Unified Security & Risk Analytics, the first cloud-native data science driven platform that unifies key Cyber Defence Centre functions to enable contextual, risk-prioritised decisions for automating security controls. Gurucul is exhibiting the industry's first cloud-native security and risk analytics platform for end-to-end protection of borderless IT environments this week at RSA Conference […] | |||
|
2020-02-28 12:40:50 | Ransomware encrypting critical systems (lien direct) | Unfortunately, ransomware is impacting businesses of all sizes across the globe. This means that critical systems and applications are encrypted by malicious actors and will only be decrypted if a ransom is paid. This will effect all but the most prepared enterprises, and as recent reports show, even prepared businesses can suffer. Offline backups of […] | Ransomware | ||
|
2020-02-28 10:31:53 | Ransomware victims backups unsafe (lien direct) | The UK’s cybersecurity agency has updated its guidance on what to do after a ransomware attack, following a series of incidents where organisations were hit with ransomware, but also had their backups encrypted because they had left them connected to their networks. Keeping a backup copy of vital data is a good way of reducing […] | Ransomware | ★★★★ | |
|
2020-02-28 10:31:02 | New figures show government unprepared for Ransomware (lien direct) | Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks. RSA CONFERENCE2020 – San Francisco – Nearly 75% of government employees are concerned about the potential for ransomware attacks against cities across the United States, but only 38% of state and local government workers are trained in […] | Ransomware | ||
|
2020-02-28 10:30:04 | Shark Tank phishing scam victim (lien direct) | Shark Tank’s Barbara Corcoran has lost almost $400,000 to cybercriminals after her office recently fell victim to a phishing scam. The incident began last week when Corcoran’s bookkeeper received an email regarding an invoice related to a real estate renovation. Corcoran explained why her bookkeeper didn’t find the email to be suspicious to PEOPLE, […] | |||
|
2020-02-28 10:28:51 | Microsoft solution to Android malware (lien direct) | Microsoft just announced that it's bringing its Defender anti-virus software to Android and iOS. Although details about how the app will work are still pretty scarce, it's expected the software will offer similar functionality to its desktop counterpart. Microsoft Defender – previously called Windows Defender before the release of the Windows 10 November 2019 […] | Malware | ||
|
2020-02-28 10:23:14 | (Déjà vu) Remote Access Trojan used by Norton Lifelock Scam (lien direct) | Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes. The malicious activity has the hallmarks of a seasoned threat actor familiar with evasion techniques and offensive security […] | Tool Threat | ||
|
2020-02-27 10:27:15 | Huawei and Defense Department officials share a stage at RSA (lien direct) | A Huawei executive and a US Department of Defense official got onstage together Wednesday at the RSA Conference in San Francisco, and the conversation got heated. Katie Arrington, an official in charge of acquisition at the Defense Department, insisted that lawmakers and President Donald Trump had good reason to remove Huawei products from government […] | ★★★★ | ||
|
2020-02-27 10:26:31 | (Déjà vu) Bretagne Télécom hacked using Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. Bretagne Télécom is a privately held French cloud hosting and enterprise telecommunications company that provides telephony, Internet and networking, hosting, and cloud computing services to roughly 3,000 customers, operating […] | Ransomware Threat | ★★★★★ | |
|
2020-02-27 10:25:01 | Ransomware attack on Redcar council (lien direct) | A council has admitted its IT service was targeted by hackers, who scrambled files and made a demand for money. Systems at Redcar and Cleveland Council have been down for almost three weeks after the ransomware attack. It said it had been prioritising frontline services and has now built a new server and website, as […] | Ransomware | ||
|
2020-02-27 10:24:14 | Clearview AI, Hacked (lien direct) | Clearview AI, the company whose database has amassed over 3 billion photos, has suffered a data breach, it has emerged. The data stolen in the hack included the firm's entire customer list–which will include multiple law enforcement agencies–along with information such as the number of searches they had made and how many accounts they'd set […] | Hack | ||
|
2020-02-26 10:19:08 | (Déjà vu) WordPress Vulnerabilities Attacked (lien direct) | Cybercriminals are taking advantage of the recent security flaws reported recently in popular WordPress plugins and are targeting websites that still run vulnerable versions. At least two threat actors are actively attacking unpatched variants of ThemeGrill Demo Importer, Profile Builder, and Duplicator plugins which are installed on.What the three WordPress components have in common are […] | Threat | ||
|
2020-02-26 10:17:24 | Ergo foil ransomware attack (lien direct) | Irish IT services group Ergo is forecasting further growth as it reported revenues of €85.2 million last year as the company said it recently foiled a major ransomware attack. Ergo said it immediately moved to lock down servers late last Wednesday after becoming aware of a serious security incident. It was able to recover most […] | Ransomware | ||
|
2020-02-26 10:15:57 | Data breach at FCA (lien direct) | The Financial Conduct Authority has admitted it had revealed the confidential details of consumers on its website in a data breach last year.In a statement published today (February 25) the regulator said it had referred itself to the Information Commissioner's Office over the incident, which occurred in November 2019. In response to a Freedom of […] | Data Breach | ||
|
2020-02-26 10:13:46 | (Déjà vu) 123 Million Records Leaked by Decathlon (lien direct) | French sports giant Decathlon has leaked over 123 million records via an improperly secured ElasticSearch server, according to security researchers Noam Rotem and Ran Locar at VPNmentor. The two spotted the database on February 12 and notified the company four days later. (They say they typically need “days of investigation before we understand what's at […] | |||
|
2020-02-26 10:12:23 | Data breach admitted by Samsung (lien direct) | Samsung has been breached, and a “small number” of users were able to access other people's personal data. The South Korean tech giant confirmed the breach, following user reports of unexplained Find My Mobile notifications. Find My Mobile is a Samsung app that comes pre-loaded with its Android devices and can only be disabled, not […] | Data Breach | ||
|
2020-02-26 10:12:15 | With mobile phishing on the rise, demand for mobile security has increased (lien direct) | Mobile security specialists Lookout has announced a record fiscal year, which ended January 31, 2020 which it says has been driven by the high demand for mobile protection. Enterprises are seeking Phishing, App Defence, and Mobile Endpoint Security solutions – all of which is provided and powered by the Lookout Security cloud, the world's largest […] | |||
|
2020-02-25 13:00:14 | Nozomi Networks Wins Award for OT & IoT Cybersecurity Innovation (lien direct) | Nozomi Networks Inc. is proud to announce it has won the Market Leader: Operational Technology (OT) & Internet of Things (IoT) Cybersecurity award from Cyber Defense Magazine (CDM). “We're thrilled to receive this coveted cybersecurity award from Cyber Defense Magazine,” said Nozomi Networks CEO Edgard Capdevielle. “It's an honour to be recognised not only […] | Guideline | ||
|
2020-02-25 10:34:04 | (Déjà vu) Data from nearly 60 apps vulnerable to Racoon Malware (lien direct) | An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer. The malware scene is constantly changing and what used to be top of the line a few years ago is now available for a modest price by comparison and a much richer set […] | Malware | ||
|
2020-02-25 10:33:20 | Federal Data Protection Agency Proposed by New U.S Legislation (lien direct) | The United States lags behind much of the world in having yet to establish some sort of a data protection agency at the national level. Several attempts at federal data privacy standards have been floated in recent years, but failed to gather traction. Senator Kirsten Gillibrand is taking another pass at the issue, but is […] | |||
|
2020-02-25 10:32:33 | (Déjà vu) Victim\'s Data could be exposed on DoppelPaymer Ransomware site (lien direct) | The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted. A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them […] | Ransomware | ||
|
2020-02-25 10:30:23 | New Cisco security platform (lien direct) | Managing complex multivendor environments is a reality for companies today - and it’s become chief information security officers’ (CISO) worst enemy. To help solve this problem, Cisco has developed SecureX, a cloud-native platform that increases the productivity of security teams. SecureX unifies visibility, identifies unknown threats, and automates workflows to strengthen customers’ security across […] | |||
|
2020-02-25 10:29:18 | (Déjà vu) New Malware Hides Traffic Using DNS (lien direct) | A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. Typically when a malware phones home to receive commands that should be executed, it will do so over the HTTP/S protocols for ease of use and communication. Source: Bleeping […] | Malware | ||
|
2020-02-24 16:19:30 | Securonix Announces New Analytics Sandbox Capability (lien direct) | Securonix, Inc. today announced the launch of the Securonix Analytics Sandbox capability, which provides an isolated test or QA environment within the production setup. This enables security operations teams to test, tune, and validate new use cases prior to pushing them to live production. “Security operations teams are in a catch 22 – they must […] | |||
|
2020-02-24 11:18:42 | Tyler “Ninja” Blevins\' Twitter account hacked (lien direct) | Fortnite star Tyler “Ninja” Blevins’ Twitter account is the latest high profile account to get taken over by hackers. After gaining control of Ninja’s Twitter account, the majority of the tweets were posted related to promoting the hacker’s Twitter account, telling Ninja’s followers to go and follow the account @OwenBreh – an account that […] | |||
|
2020-02-24 11:17:45 | Eight Google Play Store Apps found to contain \'Haken\' malware (lien direct) | Researchers identified eight malicious Android apps, mostly camera utilities, and children's games, that were spreading a new data-stealing malware strain that also signs victims up for expensive premium services. The malware, named Haken, was found in apps is in the Google Play marketplace. Since it was discovered, victims have claimed that the malware signs them […] | Malware | ||
|
2020-02-24 11:16:26 | (Déjà vu) Lighthouse Pagespeed brought to Firefox (lien direct) | Google has brought its popular Lighthouse extension used by over 400,000 users to Mozilla Firefox so that web developers can test the browser’s performance against submitted web pages. Lighthouse is an open-source tool for testing the performance of web pages through Google’s PageSpeed Insights API and was released as an extension for Google Chrome […] | Tool | ||
|
2020-02-24 11:15:12 | (Déjà vu) New Chrome Feature Raises Concern (lien direct) | With the release of Google Chrome 80, Google quietly slipped in a new feature that allows users to create a link directly to a specific word or phrase on a page. A Brave Browser researcher, though, sees this as a potential privacy risk and is concerned Google added it too quickly. Source: Bleeping Computer | |||
|
2020-02-24 11:14:08 | Trust \'violated\' by data breach, say Slickwraps (lien direct) | Slickwraps has revealed a data breach impacting over 850,000 user accounts, admitting its mistake in permitting customer records to become public. Slickwraps is an online store that offers skins for a variety of smartphones, tablets, gaming consoles, and laptops. Last week, the company said in a blog post that on February 21, Slickwraps discovered that […] | Data Breach | ||
|
2020-02-21 17:08:46 | The RSA survival guide (lien direct) | By Javvad Malik, security awareness advocate at KnowBe4 A colleague of mine is attending RSA for the first time (hi James). I was going to write him some tips on preparing and surviving RSA, but thought that like him, many others may be attending RSA for the first time. Therefore, as someone who has attended […] | |||
|
2020-02-21 15:09:46 | MGM Hotel Hack Leaves 10.6M Guests\' Personal Data Exposed (lien direct) | 10.6 million people who had stayed at MGM Resorts have had their personal data published on a hacking forum, it was revealed this week. According to ZD Net the leaked personal data included names, addresses, phone numbers, emails and dates of birth. It is thought that the recent breach stems from an earlier incident which […] | Hack |
To see everything:
Our RSS (filtrered)
