What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-10 16:17:31 | OneLogin appoints new senior director of trust and security, EMEA (lien direct) | Following the recent opening of its headquarters in Ireland, OneLogin, a global leader in identity and access management, has appointed ex-DocuSign global information security business enablement director, Niamh Vianney Muldoon, as senior director of trust and security, EMEA. The appointment strengthens OneLogin's Dublin team with a senior security expert to help drive sales, engineering and […] | Guideline | ||
|
2020-02-10 10:19:35 | 250 Android Apps with Anubis Malware Targeted by phishing campaign (lien direct) | New attacks discovered by Cofense can perform keylogging, steal data and completely hijack a mobile device. A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom. Source: Threat Post | Malware Threat | ||
|
2020-02-10 10:16:35 | 6.4 million Israelis data exposed by Netanyahu\'s party (lien direct) | A misconfiguration in an election day app developed by Likud, the party of Israeli prime minister Benjamin Netanyahu, may have potentially exposed and compromised the personal details of almost 6,5 million Israeli citizens. The leak was discovered and detailed today by Ran Bar-Zik, an Israeli-born frontend developer for Verizon Media. Source: ZD Net | |||
|
2020-02-10 10:09:30 | Customers wanting answers on parcel delivery delays due to Toll transport hack (lien direct) | Customers awaiting parcel deliveries from transport company Toll say they have been left in the dark about major delays caused by a cyber attack on the company’s IT systems. The company said the hacking occurred 11 days ago and had forced it to shut down “a number of systems across multiple sites and business units”, […] | Hack | ||
|
2020-02-10 10:08:07 | Cleaners used by cyber criminals to hack businesses (lien direct) | Criminal gangs are planting “sleepers” in cleaning companies to allow them to physically access IT infrastructure, a senior cyber-crime police officer has warned. And businesses are being urged to bolster their physical security processes in the face of this growing threat. Source: European Cleaning Journal | Hack | ||
|
2020-02-10 10:05:56 | 25% Of Iranian Internet Taken Down by Powerful Cyber Attack (lien direct) | Hot on the heels of a “serious” cyber-attack that compromised United Nations servers, and in the same week that the head of the European Central Bank, Christine Lagarde, warned of the global financial implications of cyber-attacks, Iran has seemingly come under cyber-attack. Indeed, so powerful was the impact of this alleged attack that the internet was disrupted […] | |||
|
2020-02-07 10:40:04 | (Déjà vu) GIGABYTE Driver exploited by ransomware to kill AV Processes (lien direct) | The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows that is used to terminate antivirus and security software. When performing a network-wide compromise, ransomware attackers need to push out a ransomware executable as quickly as possible and to as many systems as they can […] | Ransomware | ||
|
2020-02-07 10:39:13 | Chinese hacking campaign warning by Malaysia government (lien direct) | A Chinese state-sponsored hacking group has been targeting Malaysian government officials, computer experts with the Malaysian government said on Wednesday.The purpose of the attacks has been to infect computers of government officials with malware and then steal confidential documents from government networks, Malaysia’s Computer Emergency Response Team (MyCERT) said in a security advisory. Source: ZD Net | Malware | ||
|
2020-02-07 10:38:04 | Election hacked by Russians (lien direct) | The Obama administration thought its warnings to Russia about ceasing its electoral interference in 2016 worked, according to the latest instalment of the Senate Intelligence Committee's report into Russian election interference. “Senior administration officials told the Committee that they assessed that their warnings to Russia before the election had the desired effect, and that Russia […] | |||
|
2020-02-07 10:34:34 | Phishing scam spreading fake invoices with malware (lien direct) | A notorious malware campaign is targeting banks and financial institutions in the US and the UK with cyberattacks that are not only destructive in their own right, but could also be used as the basis for future intrusions by other hackers. Emotet started life as a banking trojan, but has also evolved into a botnet, with its criminal operators […] | Malware | ||
|
2020-02-07 10:32:11 | Fraudsters disguised as journalists in phishing campaign (lien direct) | In a recently discovered phishing campaign, hackers attempted to steal victims’ passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to London-based security firm Certfa Lab. Source: Bank Info Security | |||
|
2020-02-06 10:46:35 | (Déjà vu) Air-Gapped Computers targeted by exfiltrating data from using screen brightness (lien direct) | It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can’t connect […] | |||
|
2020-02-06 10:45:24 | Return of the CamuBot Banking Trojan attack (lien direct) | The malware is back in targeted attacks against Brazilian banking customers, this time using a new technique that involves mobile app authorization. The CamuBot malware, known for targeting Brazilian bank customers, has returned in a slew of recent offensives. The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims' mobile banking […] | Malware | ||
|
2020-02-06 10:43:25 | (Déjà vu) Personal Information of 654K Medicaid patients exposed in breach (lien direct) | Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC. The non-profit organization is Oregon’s largest Medicaid CCO and it serves the Oregon Health Plan (Medicaid) members in Clackamas, Multnomah, and Washington […] | Data Breach | ||
|
2020-02-06 10:39:00 | Philips Smart Light bug allows hopping to devices on network (lien direct) | Security researchers taking a closer look at the Philips Hue smart bulbs and the bridge device that connects them discovered a vulnerability that helped them compromise more meaningful systems on the local network. The security flaw was discovered is in the ZigBee wireless communication protocol that is used by a wide range of smart home […] | Vulnerability | ||
|
2020-02-06 10:32:56 | Phishing scam circulating about Coronavirus “safety measures” (lien direct) | Firstly, it seems to be a compromised music site with a weird name that doesn't have any obvious connection to any well-known health organisation; secondly, it is an HTTP site, not an HTTPS site, which is sufficiently unusual these days to be suspicious in its own right. Nevertheless, the scam page itself is incredibly simple […] | |||
|
2020-02-05 10:55:45 | Stolen Health Data exposed by Maze ransomware (lien direct) | Recent reports have shown the hacking group behind Maze ransomware has been steadily posting the data of its victims online after the organizations fail to pay the ransom demand. A compiled list of victims shows the data of several healthcare organizations are included in those postings, despite a lack of public reporting of those incidents. […] | Ransomware | ||
|
2020-02-05 10:53:50 | Google apologies for private-video-sharing bug (lien direct) | Google has apologised after finding a bug which meant some people’s private videos were shared with others by mistake. The bug affected Google Takeout, which enables Google Photo users to export the content of their accounts, for four days, between 21 and 25 November 2019. Google said those who used it may have either received […] | |||
|
2020-02-05 10:51:29 | 17,000 yachting industry professionals details exposed in data breach (lien direct) | Crew and Concierge is an international recruitment agency specialising in securing staff for ultra-high-net-worth clients' yachts operating around the world. The server, which was discovered during a Verdict investigation, consisted of over 90,000 files, all of which appeared to relate to individuals on Crew and Concierge's books. It was left exposed on a misconfigured unsecured […] | Data Breach | ||
|
2020-02-05 10:47:51 | (Déjà vu) DDoS attack warning from state voter registration site (lien direct) | The US Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN) released today. “The FBI received reporting indicating a state-level voter registration and voter information website received anomalous Domain Name System (DNS) server requests consistent with a […] | |||
|
2020-02-05 10:38:53 | (Déjà vu) 500,000+ hosts infected with malware cocktail (lien direct) | Attackers are abusing the Bitbucket code hosting service to store seven types of malware threats used in an ongoing campaign that has already claimed more than 500,000 business computers across the world. Systems falling victim to this attack would get infected with multiple payloads that steal data, mine for cryptocurrency, and culminate with delivering STOP […] | Malware | ||
|
2020-02-04 15:36:42 | One Identity UNITE Conference in Barcelona Tackles Challenges and Solutions in Identity Governance and PAM (lien direct) | London, UK – 4 February 2020 – One Identity, a proven leader in identity-centred security, will host its annual EMEA One Identity UNITE conference from 30th March – 2nd April 2020 at the W Hotel in Barcelona, Spain. Customers, partners and product experts will gather for a three-day event to collaborate, network and learn about […] | Guideline | ||
|
2020-02-04 10:31:22 | (Déjà vu) Phishing Attack with Coronavirus infects US and UK Inboxes (lien direct) | Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus. As people grow concerned about the Wuhan coronavirus, now classified as a global emergency by the World Health Organization, cybercriminals are preying on their fear with phishing emails claiming to have advice on protective safety […] | |||
|
2020-02-04 10:30:04 | (Déjà vu) Victims\' Data sold on Darknet by DoppelPaymer Ransomware (lien direct) | The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim’s stolen files if they do not pay a ransom demand. A new tactic being used by ransomware operators that perform network-wide encryption is to steal a victim’s files before encrypting any devices. They then threaten to publish or sell this data if the […] | Ransomware | ||
|
2020-02-04 10:27:38 | City of Racine offline due to Ransomware knock (lien direct) | The city of Racine, Wis., was hit with a ransomware attack January 31 that knocked most of its non-emergency computer services offline. The Wisconsin-city's website, email system and online payment collection systems were still down as of February 3 and the city police are unable to processes fee payments or provide copies of police and […] | Ransomware | ||
|
2020-02-04 10:24:59 | Videos sent to archives of the wrong users from Google bug (lien direct) | Google has reached out to some users to apologise after a “technical issue” saw videos uploaded to another user’s archives. In an email, the search engine giant said the issue affected the Google “download your data” service — called Google Takeout — for Google Photos in November last year. “Between November 21, 2019, and November […] | |||
|
2020-02-04 10:23:44 | Nintendo hacked and details of unreleased products leaked (lien direct) | A 21-year-old man has admitted hacking Nintendo servers and leaking details about unreleased products. Ryan Hernandez, from Palmdale in California, and an associate used a phishing technique to steal the credentials of a Nintendo employee in 2016, according to records. Phishing refers to obtaining sensitive information such as usernames and passwords by disguising yourself as […] | |||
|
2020-02-03 15:06:15 | (Déjà vu) Over 38,000 Games have been archived for offline play (lien direct) | With Flash being discontinued by the end of the year, over 38,000 Flash games have been archived so that they are available for offline play and historical purposes. In a coordinated announcement by Adobe, Google, Microsoft, Mozilla, and Apple, Adobe stated that by the end of 2020, Flash would no longer be distributed and all […] | |||
|
2020-02-03 15:04:33 | \'George\' is now the most popular password (lien direct) | A new study of stolen passwords reflects the consequences of password overload. The most common type of password is a name, and the most common name password is George, according to a new analysis of compromised credentials found in the Dark Web. Source: Dark Reading | |||
|
2020-02-03 10:38:46 | Hackers toy with Coronavirus fears to spread Emotet (lien direct) | Cybercriminals are exploiting fears over the outbreak of Coronavirus in China, sending out emails with malicious Word attachments purportedly providing updates on preventing infection but in actuality delivering the Emotet trojan. “Patients were reported about the new type of coronavirus-related pneumonia, mainly in Takeshi, China. Patients have been reported in Gifu Prefecture in Japan,Therefore, please […] | |||
|
2020-02-03 10:29:24 | Ethical hacker exposes hacked Indian airline (lien direct) | The airline's hack, compromising the data of more than 1.2 million passengers, including Indian government officials, was first reported by TechCrunch, which learned of the incident through an unnamed security researcher, who referred to his actions as ethical hacking.The individual “brute-forced” into the system by using an easily guessed password, and upon alerting SpiceJet never received a […] | |||
|
2020-02-03 10:19:02 | Ransomware attacks three law firms over the weekend (lien direct) | Three US law firms were hit with ransomware over the weekend and researchers estimate 50% of US organisations were attacked in the past year. The astonishing growth in cybercrime was revealed in the 'State of the Phish' report from cybersecurity firm Proofpoint. The researchers analysed more than 9 million malicious email, spoke with 600 industry […] | Ransomware | ||
|
2020-01-31 10:51:41 | (Déjà vu) NEC Defence Contracts Info Potentially Compromised in Breach (lien direct) | The Japanese NEC electronics giant was the target of a cyberattack that resulted in unauthorized access to its internal network on Thursday according to information leaked to Japanese newspapers by sources close to the matter. The electronics and information technology giant is a major contractor for Japan’s defense industry, engaged in various defense equipment projects with the Japan […] | |||
|
2020-01-31 10:50:12 | (Déjà vu) Microsoft Announces Xbox Bounty Program With Potential Payout of $20K (lien direct) | Microsoft just announced the launch of an Xbox bug bounty program to allow gamers and security researchers to report security vulnerabilities found in the Xbox Live network and services. Qualified Xbox Bounty Program submissions are eligible for bounty payouts ranging from $500 to $20,000 for a remote code execution submitted via a high-quality report with clear and concise proof of concepts (POCs). […] | |||
|
2020-01-31 10:48:12 | Facebook is prepared to pay up to $550M to settle facial recognition lawsuit (lien direct) | Facebook has agreed to set aside $550 million to settle a class-action lawsuit brought by users who allege the social media company violated the Illinois Biometric Information Privacy Act (BIPA), attorneys for the plaintiffs announced on Wednesday. San Francisco Federal District Court Judge James Donato must still approve the settlement, which the lawyers claim is […] | |||
|
2020-01-31 10:47:11 | Ryuk ransomware impacts websites of DOD contractor (lien direct) | A Ryuk ransomware attack against U.S. Department of Defense contractor Electronic Warfare Associates (EWA) has reportedly affected the electronics company's web server, making several of its websites in accessible. The attack took place last week and impacted the websites for the EWA Government Systems Inc., a subsidiary that sells electronic warfare products; EWA Technologies Inc, […] | Ransomware | ||
|
2020-01-31 10:44:25 | (Déjà vu) TrickBot Uses a New Windows 10 UAC Bypass to Launch Under the Radar (lien direct) | The TrickBot Trojan has switched to a new Windows 10 UAC bypass to execute itself with elevated privileges without showing a User Account Control prompt. Windows uses a security mechanism called User Account Control (UAC) that will display a prompt every time a program is run with administrative privileges. When these prompts are shown, they will […] | |||
|
2020-01-30 10:44:43 | (Déjà vu) New Phishing Service Alerts Companies of Phished Employees (lien direct) | A new service called ‘I Got Phished’ has launched that will alert domain and security administrators when an employee in their organization falls for a phishing attack. Phishing attacks are a common vector for a variety of other attacks such as BEC scams, network intrusions, and even ransomware attacks. Source: Bleeping Computer | Ransomware | ||
|
2020-01-30 10:42:38 | Wawa customer payment card data open for sale (lien direct) | Cybercriminals have attempted to sell customer payment card data likely pilfered from a Wawa POS breach discovered in December. The Pennsylvania-based convenience store and gas station operator said in a release that it had asked its payment card processor, payment card brands and card issuers to tick up their fraud monitoring in light of the latest revelations. Source: SC […] | |||
|
2020-01-30 10:40:32 | Taylor Swift has experienced the highest amounts of malware files (lien direct) | Being nominated for a Grammy doesn't not raise your Q-rating; it also, apparently, increases the likelihood that cybercriminals will appropriate your name or song tracks to trick targets into opening malicious files. Researchers at Kaspersky looked at 14 musical artists who were nominated this year for a major Grammy award and determined that in 2019 there was […] | Malware | ||
|
2020-01-30 10:38:58 | 6.7M records exposed by Cornerstone Payment Systems database left open (lien direct) | Cornerstone Payment Systems, which processes payments for pro-life groups, churches, ministries and other organizations with a similar Christian bent, left a database unprotected, exposing 6.7 million records from 2013 until the present. Source: SC Magazine | |||
|
2020-01-30 10:37:17 | Social Insurance Numbers targeted by phishing scam (lien direct) | A different phone scam is doing the rounds and is now targeting a cache of information, rather than just cash. Dilshad Burman with a Canadian newcomer who was conned into parting with her Social Insurance Number. Source: City News | |||
|
2020-01-29 13:58:59 | A massive 50% of critical flaws in enterprise environments due to outdated or unsupported components, more than doubling last year (lien direct) | Bulletproof has released its Annual Cybersecurity Industry Report that shows that half of the most pervasive of critical flaws – which offer hackers an easy route into an organisation – are down to outdated components, such as unpatched or unsupported software. However, this number has jumped significantly from 22% over the previous year, indicating a widespread […] | |||
|
2020-01-29 11:04:26 | Gatewatcher and Nozomi Networks Team to Deliver Advanced OT and IoT Cybersecurity Solutions for Global industry (lien direct) | PARIS, 28 January 2020 — The French leading security software company Gatewatcher and Nozomi Networks, the leader in OT and IoT security, today announced they have partnered to meet rising demands for integrated cybersecurity in mixed IT, OT and IoT environments. Gatewatcher and Nozomi Networks will work together to help industrial organizations and critical national […] | Guideline | ||
|
2020-01-29 10:14:56 | Unauthorized entry allowed on Zoom calls due to ID flaw (lien direct) | CheckPoint last year found a now patched flaw in Zoom Meeting that allowed researchers to predict meeting ID numbers enabling them to enter private conversations. The vulnerability was found last year and patched by Zoon Video Communications in July 2019, but the company has only just now reported on the issue. Source: SC Magazine | Vulnerability | ||
|
2020-01-29 10:13:21 | (Déjà vu) Cloudvisory introduces FireEye (lien direct) | FireEye has announced the acquisition of Texas-based Cloudvisory, hoping its new addition will boost the cloud security capabilities of FireEye Helix. The company said it would give customers with a single operations platform to monitor multi-cloud environments, hybrid-cloud firewalls, and integrate container security. Source: ZD Net | |||
|
2020-01-29 10:10:43 | Ransomware attacks Canadian Military Contractor (lien direct) | Ransomware attackers claimed to stolen 60GB of data from Canadian defence contractor after ransomware attack in December 2018. The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction. The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers […] | Ransomware Threat | ||
|
2020-01-29 10:09:44 | New YouTube Phishing Streams (lien direct) | Hardware wallet creator Ledger has issued a warning to clients to be vigilant of Youtube accounts designed as phishing scams. According to a tweet published Jan. 27, Ledger claimed to be facing phishing attacks by way of hacked YouTube accounts. The company reiterated that they are not affiliated with the series of video streams and […] | |||
|
2020-01-28 16:49:43 | Data Privacy Day 2020: The View From the Frontline (lien direct) | Privacy Day, or Data Protection Day in Europe, was instituted to raise awareness on the importance of upholding data protection best practice. The recent institution of privacy regulations such as GDPR and CCPA made organisations reflect on how they store and use consumers’ personal information across the board, marking a significant milestone in the way […] | |||
|
2020-01-28 13:36:12 | How increased collaboration can prevent phishing attacks against corporate executives (lien direct) | Cyber defence is often focused on protecting the digital assets of an organisation, such as its networks, endpoints and databases, as well as assets exposed on the internet, such as company websites. However, what many fail to realise is that there is yet another class of assets that need to be considered – company executives. […] |
To see everything:
Our RSS (filtrered)
