Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-09-09 22:49:27 |
Thousands of Fortinet VPN Account Credentials Leaked (lien direct) |
They were posted for free by former Babuk gang members who've bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit.
|
Ransomware
|
|
|
|
2021-09-09 20:38:41 |
McDonald\'s Email Blast Includes Password to Monopoly Game Database (lien direct) |
Usernames, passwords for database sent in prize redemption emails. |
|
|
|
|
2021-09-09 17:51:24 |
Financial Cybercrime: Why Cryptocurrency is the Perfect \'Getaway Car\' (lien direct) |
John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. |
|
|
|
|
2021-09-09 16:39:13 |
\'Azurescape\' Kubernetes Attack Allows Cross-Container Cloud Compromise (lien direct) |
A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. |
|
Uber
|
|
|
2021-09-09 14:30:56 |
SideWalk Backdoor Linked to China-Linked Spy Group \'Grayfly\' (lien direct) |
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. |
Malware
Guideline
|
APT 41
|
|
|
2021-09-09 12:58:48 |
Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix (lien direct) |
An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. |
Vulnerability
Guideline
|
|
|
|
2021-09-09 11:26:58 |
BladeHawk Attackers Target Kurds with Android Apps (lien direct) |
Pro-Kurd Facebook profiles deliver '888 RAT' and 'SpyNote' trojans, masked as legitimate apps, to perform mobile espionage. |
|
|
|
|
2021-09-08 21:14:06 |
What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast (lien direct) |
There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help. |
Ransomware
|
|
|
|
2021-09-08 19:00:26 |
Tooling Network Detection & Response for Ransomware (lien direct) |
Justin Jett, director of audit and compliance at Plixer, discusses how to effectively use network flow data in the fight against ransomware. |
Ransomware
|
|
|
|
2021-09-08 17:28:35 |
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports (lien direct) |
Australian immunization app bug lets attackers fake vaccine status. |
|
|
|
|
2021-09-08 17:03:06 |
TeamTNT\'s New Tools Target Multiple OS (lien direct) |
The attackers are indiscriminately striking thousands of victims worldwide with their new “Chimaera” campaign. |
|
|
|
|
2021-09-08 12:24:51 |
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows (lien direct) |
Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files. |
Vulnerability
|
|
★★★★
|
|
2021-09-07 22:41:45 |
Ragnar Locker Gang Warns Victims Not to Call the FBI (lien direct) |
Investigators/the FBI/ransomware negotiators just screw everything up, the ransomware gang said, threatening to publish files if victims look for help. |
Ransomware
|
|
|
|
2021-09-07 20:39:19 |
Netgear Smart Switches Open to Complete Takeover (lien direct) |
The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks. |
|
|
|
|
2021-09-07 16:07:58 |
Jenkins Hit as Atlassian Confluence Cyberattacks Widen (lien direct) |
Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed. |
|
|
|
|
2021-09-07 16:07:40 |
ProtonMail Forced to Log IP Address of French Activist (lien direct) |
The privacy-touting, end-to-end encrypted email provider erased its site's “we don't log your IP” boast after France sicced Swiss cops on it. |
|
|
|
|
2021-09-07 12:48:58 |
Authorities Arrest Another TrickBot Gang Member in South Korea (lien direct) |
A hacker known only as “Mr. A” was picked up by authorities at a South Korean airport after getting stuck in the country due to COVID-19 travel restrictions. |
|
|
|
|
2021-09-07 12:00:31 |
Holy Grail of Security: Answers to \'Did XYZ Work?\' – Podcast (lien direct) |
Verizon DBIR is already funny, useful & well-written, and it just got better with mapping to MITRE ATT&CK TTPs. The marriage could finally bring answers to "What are we doing right?" instead of the constant reminders of what's not working in fending off threats. |
|
|
|
|
2021-09-06 15:29:26 |
Human Fraud: Detecting Them Before They Detect You (lien direct) |
Tony Lauro, director of security technology and strategy at Akamai, discusses how to disrupt account takeovers in the exploitation phase of an attack. |
|
|
|
|
2021-09-06 12:00:02 |
IoT Attacks Skyrocket, Doubling in 6 Months (lien direct) |
The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets. |
|
|
|
|
2021-09-03 16:15:26 |
The State of Incident Response: Measuring Risk and Evaluating Your Preparedness (lien direct) |
Grant Oviatt, director of incident-response engagements at Red Canary, provides advice and best practices on how to get there faster. |
|
|
|
|
2021-09-03 16:07:53 |
FIN7 Capitalizes on Windows 11 Release in Latest Gambit (lien direct) |
The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider. |
|
|
|
|
2021-09-03 11:31:13 |
Brute-Force Attacks Target Inboxes for Gift Card Data (lien direct) |
Cybercriminal enterprise is mass testing millions of usernames and passwords per day in a hunt for loyalty card data. |
|
|
|
|
2021-09-02 21:38:40 |
NFT Collector Tricked into Buying Fake Banksy (lien direct) |
An attacker breached the site of famed street artist Banksy to host a fraudulent NFT auction but then gave back the money. |
|
|
|
|
2021-09-02 20:12:24 |
SpyFone & CEO Banned From Stalkerware Biz (lien direct) |
The FTC's first spyware ban nixes a company whose "slipshod" security practices led to exposure of thousands of victims' illegally collected personal data.
|
|
|
|
|
2021-09-02 18:32:18 |
Bluetooth Bugs Open Billions of Devices to DoS, Code Execution (lien direct) |
The BrakTooth set of security vulnerabilities impacts at least 11 vendors' chipsets. |
|
|
|
|
2021-09-02 16:03:51 |
Google Play Sign-Ins Allow Covert Location-Tracking (lien direct) |
A design flaw involving Google Timeline could allow someone to track another device without installing a stalkerware app. |
|
|
|
|
2021-09-02 15:41:13 |
Cisco Patches Critical Authentication Bug With Public Exploit (lien direct) |
There's proof-of-concept code out for the near-maximum critical – rated at 9.8 – authentication bypass bug, but Cisco hasn't seen any malicious exploit yet. |
|
|
|
|
2021-09-02 12:51:59 |
7 Ways to Defend Mobile Apps, APIs from Cyberattacks (lien direct) |
David Stewart, CEO, Approov, discusses the top mobile attack routes the bad guys use and the best defenses organizations can deploy against them. |
|
|
|
|
2021-09-02 12:28:13 |
WhatsApp Photo Filter Bug Allows Sensitive Info to Be Lifted (lien direct) |
Users should be careful whose pics they view and should, of course, update their apps. |
|
|
|
|
2021-09-02 11:28:29 |
Digital State IDs Start Rollouts Despite Privacy Concerns (lien direct) |
Eight states are introducing drivers licenses and identification cards available for use on Apple iPhones and Watches, but critics warn about the dangers of eliminating the use of a paper-based system entirely. |
|
|
|
|
2021-09-02 11:03:23 |
Comcast RF Attack Leveraged Remotes for Surveillance (lien direct) |
IoT vulnerabilities turn remote into listening device, researchers find, which impacted 18 million Xfinity customers. |
|
|
|
|
2021-09-01 17:58:38 |
Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites (lien direct) |
Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. |
|
|
|
|
2021-09-01 15:55:23 |
LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files (lien direct) |
The ransomware gang claims to have pulled off successful attacks against two airlines and one airport with help from its Accenture attack. |
Ransomware
|
|
|
|
2021-09-01 14:40:46 |
BEC Scammers Seek Native English Speakers on Underground (lien direct) |
Cybercrooks are posting help-wanted ads on dark web forums, promising to do the technical work of compromising email accounts but looking for native English speakers to carry out the social-engineering part of these lucrative scams. |
|
|
|
|
2021-09-01 12:17:17 |
Feds Warn of Ransomware Attacks Ahead of Labor Day (lien direct) |
Threat actors recently have used long holiday weekends -- when many staff are taking time off -- as a prime opportunity to ambush organizations. |
Ransomware
Threat
|
|
|
|
2021-08-31 20:35:18 |
Fortress Home Security Open to Remote Disarmament (lien direct) |
A pair of unpatched security vulnerabilities can allow unauthenticated cyberattackers to turn off window, door and motion-sensor monitoring. |
|
|
|
|
2021-08-31 20:33:41 |
Cream Finance DeFi Platform Rooked For $29M (lien direct) |
Cream is latest DeFi platform to get fleeced in rash of attacks. |
|
|
|
|
2021-08-31 20:12:46 |
Proxyware Services Open Orgs to Abuse – Report (lien direct) |
Services that let consumers resell their bandwidth for money are ripe for abuse, researchers warn. |
|
|
|
|
2021-08-31 16:12:26 |
WooCommerce Pricing Plugin Allows Malicious Code-Injection (lien direct) |
The popular Dynamic Pricing and Discounts plugin from Envato can be exploited by unauthenticated attackers. |
|
|
|
|
2021-08-31 15:08:46 |
QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout (lien direct) |
The NAS maker issued two security advisories about the RCE and DoS flaws, adding to a flurry of advisories from the vast array of companies whose products use OpenSSL.
|
|
|
|
|
2021-08-31 13:29:17 |
Top 3 APIs Vulnerabilities: Why Apps are Owned by Cyberattackers (lien direct) |
Jason Kent, hacker-in-residence at Cequence, talks about how cybercriminals target apps and how to thwart them. |
|
|
|
|
2021-08-31 10:42:18 |
LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection (lien direct) |
Researchers from Sophos discovered the emerging threat in July, which exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems. |
Ransomware
Threat
|
|
|
|
2021-08-30 21:46:56 |
HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform (lien direct) |
HPE joins Apple in warning customers of a high-severity Sudo vulnerability. |
|
|
|
|
2021-08-30 20:32:41 |
Army Testing Facial Recognition in Child-Care Centers (lien direct) |
Army looking for AI to layer over daycare CCTV to boost 'family quality of life.' |
|
|
|
|
2021-08-30 19:44:54 |
The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers (lien direct) |
In part one of a two-part series, Akamai's director of security technology and strategy, Tony Lauro, lays out what orgs need to know to defend against account takeover attacks. |
|
|
|
|
2021-08-30 17:31:06 |
Microsoft Exchange \'ProxyToken\' Bug Allows Email Snooping (lien direct) |
The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more. |
|
|
|
|
2021-08-30 15:14:21 |
LockBit Gang to Publish 103GB of Bangkok Air Customer Data (lien direct) |
The airline announced the breach on Thursday, and the ransomware gang started a countdown clock the next day. |
Ransomware
|
|
|
|
2021-08-28 16:58:45 |
T-Mobile\'s Security Is \'Awful,\' Says Purported Thief (lien direct) |
John Binns, claiming to be behind the massive T-Mobile theft of >50m customer records, dissed the security measures of the US's No. 2 wireless biggest carrier. T-Mobile is "humbled," it said, announcing new partnerships with security heavyweights on Friday. |
|
|
★★★
|
|
2021-08-27 20:54:13 |
Parallels Offers \'Inconvenient\' Fix for High-Severity Bug (lien direct) |
Firm offers guidance on how to mitigate a five-months-old privilege escalation bug impacting Parallels Desktop 16 for Mac and all previous versions. |
|
|
|