Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-01-19 17:00:00 |
ThreatModeler Makes DevSecOps More Accessible With New Marketplace (lien direct) |
The store includes pre-built threat models that can be integrated into a development pipeline |
Threat
|
|
★
|
|
2023-01-17 18:00:00 |
Vice Society Claims Ransomware Attack Against University of Duisburg-Essen (lien direct) |
The threat actor has also reportedly published some stolen data on the dark web |
Ransomware
Threat
|
|
★★
|
|
2023-01-16 16:00:00 |
Qbot Overtakes Emotet in December 2022\'s Most Wanted Malware List (lien direct) |
The findings come from Check Point Software's latest Global Threat Index report |
Malware
Threat
|
|
★★★
|
|
2023-01-09 18:00:00 |
Freejacking Campaign By PurpleUrchin Bypasses Captchas (lien direct) |
The threat actors also deployed more aggressive techniques for mining CPU resources |
Threat
|
|
★★★
|
|
2023-01-09 10:00:00 |
Threat Actors Spread RAT Via Pokemon NFT Card Site (lien direct) |
Phishing page lures unsuspecting users into installing remote access malware |
Malware
Threat
|
|
★★
|
|
2023-01-05 18:00:00 |
Hackers Leverage Compromised Fortinet Devices to Distribute Ransomware (lien direct) |
The findings come from eSentire's Threat Response Unit |
Ransomware
Threat
|
|
★★
|
|
2023-01-04 14:15:00 |
New Phishing Campaign Impersonates Flipper Zero to Target Cyber Professionals (lien direct) |
The threat actor is using an angler phishing technique to leverage the shortage of the popular hacking tool |
Tool
Threat
|
|
★★★★
|
|
2022-12-21 10:00:00 |
Adult Google Ad Fraud Campaign Garnered Millions of Impressions (lien direct) |
Fraudster used "popunders" and obfuscation to generate cash |
Threat
|
|
★★★
|
|
2022-12-20 16:30:00 |
Organizations Warned of New Attack Vector in Amazon Web Services (lien direct) |
Researchers warned that threat actors could potentially exploit Elastic IP transfer and compromise an IP address |
Threat
|
|
★★★
|
|
2022-12-19 11:30:00 |
Mobile App Users at Risk as API Keys of Email Marketing Services Exposed (lien direct) |
Leaked API keys allow threat actors to perform a variety of unauthorized actions |
Threat
|
|
★★★
|
|
2022-12-14 18:00:00 |
(Déjà vu) Signed Microsoft Drivers Used in Attacks Against Businesses (lien direct) |
In some cases, the threat actor's intent was to ultimately provide SIM-swapping services |
Threat
|
|
★
|
|
2022-12-06 16:00:00 |
Threat Actors Use Malicious File Systems to Scale Crypto-Mining Operations (lien direct) |
The hackers used PRoot to increase the scope of their operations to several Linux distributions |
Threat
|
|
★★
|
|
2022-12-06 10:00:00 |
Russian Hackers Use Western Networks to Attack Ukraine (lien direct) |
Lupovis used decoys to find out more about threat actors |
Threat
|
|
★★
|
|
2022-12-02 17:00:00 |
\'Black Proxies\' Enable Threat Actors to Conduct Malicious Activity (lien direct) |
First used as botnets, their lucrative nature turned them into independent criminal enterprises |
Threat
|
|
★★
|
|
2022-12-01 17:00:00 |
Spyware Vendor Variston Exploited N-Days in Chrome, Firefox, Windows (lien direct) |
The claims come from Google's Threat Analysis Group, which published an advisory about the threat |
Threat
|
|
★★★
|
|
2022-11-28 14:15:00 |
Orange Cyberdefense Unveils Its Security Navigator With OT Hacking Demos (lien direct) |
The cybersecurity arm of Orange Business Services (OBS) organized a launch event at its Lyon campus, in France, for its latest annual threat report |
Threat
|
|
★★
|
|
2022-11-25 18:00:00 |
ConnectWise Fixes XSS Vulnerability that Could Lead to Remote Code Execution (lien direct) |
Threat actors could exploit the flaw to take complete control of the ConnectWise platform |
Vulnerability
Threat
|
|
★★
|
|
2022-11-23 16:00:00 |
Qakbot Infections Linked to Black Basta Ransomware Campaign (lien direct) |
Threat actors obtained admin access in two hours and then deployed ransomware in under 12 hours |
Ransomware
Threat
|
|
|
|
2022-11-23 10:30:00 |
Yanluowang Ransomware\'s Russian Links Laid Bare (lien direct) |
Another dump of chat records provides insight into threat group |
Threat
|
|
★★★★
|
|
2022-11-22 10:00:00 |
Experts Warn Threat Actors May Abuse Red Team Tool Nighthawk (lien direct) |
C2 framework could be the next Cobalt Strike, says Proofpoint |
Tool
Threat
|
|
|
|
2022-11-21 16:00:00 |
Luna Moth Phishing Extortion Campaign Targets Businesses in Multiple Sectors (lien direct) |
It leverages extortion without encryption and has cost victims hundreds of thousands of dollars |
Threat
|
|
★★
|
|
2022-11-18 14:15:00 |
Emerging Threat Actor DEV-0569 Expands Its Toolkit to Deliver Royal Ransomware (lien direct) |
As well as malvertising and phishing links, the new threat actor is now also using contact forms to deliver its payloads, found Microsoft |
Ransomware
Threat
|
|
|
|
2022-11-17 10:10:00 |
US: Iranian Hackers Breached Government with Log4Shell (lien direct) |
Threat actors installed crypto-miner and achieved persistence |
Threat
|
|
|
|
2022-11-14 10:45:00 |
Mass Email Extortion Campaign Claims Server Hack (lien direct) |
Threat actors claim they'll destroy victims' reputation if they don't pay |
Hack
Threat
|
|
|
|
2022-11-11 10:30:00 |
Qatar World Cup Firms Urged to Upgrade Cyber-Threat Model (lien direct) |
Digital Shadows warns of elevated risk from scammers and threat actors |
Threat
|
|
|
|
2022-11-10 16:00:00 |
Majority of Security Managers Lack Threat Intelligence Skills (lien direct) |
The report suggests threat intelligence is a crucial source for vulnerability detection |
Vulnerability
Threat
|
|
★★★★
|
|
2022-11-10 15:45:00 |
The \'Great Resignation\' Caused Insider Threats to Peak in Q3 2022, Kroll Finds (lien direct) |
Kroll's Q3 2022 Threat Landscape report showed an unprecedented increase in insider threats |
Threat
|
|
★★★★★
|
|
2022-11-04 17:00:00 |
Black Basta Ransomware Attacks Linked to FIN7 Threat Actor (lien direct) |
The hacker behind a tool used by Black Basta had access to the source code used by FIN7 |
Ransomware
Tool
Threat
|
|
|
|
2022-11-03 17:00:00 |
Cyber Threat Landscape Shaped by Ukraine Conflict, ENISA Report Reveals (lien direct) |
The EU cybersecurity agency released its 10th annual threat landscape report on November 3, 2022 |
Threat
|
|
|
|
2022-11-01 16:00:00 |
CISA Publishes Multi-Factor Authentication Guidelines to Tackle Phishing (lien direct) |
The guidelines describe methods threat actors use to steal MFA credentials and how to defend against them |
Threat
|
|
|
|
2022-11-01 15:00:00 |
LockBit Dominates Ransomware Campaigns in 2022: Deep Instinct (lien direct) |
The figures come from the 2022 Interim Cyber Threat Report by Deep Instinct |
Ransomware
Threat
|
|
|
|
2022-10-27 17:00:00 |
Kiss-a-Dog Cryptojacking Campaign Targets Docker and Kubernetes (lien direct) |
The threat actors also utilized user and kernel mode rootkits to hide the activity |
Threat
|
Uber
|
|
|
2022-10-26 09:45:00 |
Ransomware Threat Shifts from US to EMEA and APAC (lien direct) |
SonicWall figures show overall attacks trending down |
Threat
|
|
|
|
2022-10-21 13:10:00 |
NCSC CEO Calls for International Standards on IoT Security (lien direct) |
Lindy Cameron argues that smart cities are becoming an attractive target for threat actors, including nation states |
Threat
|
|
|
|
2022-10-20 09:00:00 |
NCSC Updates Early Warning Threat Intelligence (lien direct) |
UK security agency makes it easier to assess credibility of alerts |
Threat
|
|
|
|
2022-10-17 15:00:00 |
Ransom Cartel Linked to Russia-Based REvil Ransomware Group (lien direct) |
The collection became increasingly clear through the tools used by both threat actors |
Ransomware
Threat
|
|
|
|
2022-10-07 16:02:00 |
RCE on Log4j Among Top CVEs Exploited By Chinese-Backed Hackers (lien direct) |
In a joint advisory, three US agencies, NSA, CISA and FBI, warned about Chinese threat actors |
Threat
|
|
|
|
2022-10-06 17:00:00 |
(Déjà vu) FBI and CISA Publish Advisory on Malicious Cyber Activity Against Election Infrastructure (lien direct) |
Threat actors trying to compromise elections are unlikely to result in large-scale disruptions |
Threat
|
|
|
|
2022-09-29 10:00:00 |
Mobile, Cloud and Email Are Top Threat Vectors For 2023 (lien direct) |
PwC study finds organizations have a long way to go on security |
Threat
|
|
|
|
2022-09-28 17:00:00 |
WatchGuard Report: Malware Decreases but Encrypted Malware Up in Q2 2022 (lien direct) |
This could reflect threat actors shifting their tactics to rely on more elusive malware |
Malware
Threat
|
|
|
|
2022-09-20 15:30:00 |
Grand Theft Auto Publisher Rockstar Games Hacked (lien direct) |
The threat actor 'teapotuberhacker' could be linked to the Lapsus$ hacking group |
Threat
|
Uber
|
|
|
2022-09-20 08:40:00 |
Uber Blames Lapsus$ for Breach (lien direct) |
Threat actor bombarded Uber contractor with 2FA requests |
Threat
|
Uber
Uber
|
|
|
2022-09-12 17:00:00 |
US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies (lien direct) |
Iran would have directed several networks of cyber threat actors in support of its political goals |
Threat
|
|
|
|
2022-09-08 13:20:00 |
Researchers Reveal New Iranian Threat Group APT42 (lien direct) |
Group has been active since at least 2015 |
Threat
|
APT 42
|
|
|
2022-09-06 12:00:00 |
Half of Firms Report Supply Chain Ransomware Compromise (lien direct) |
Study highlights threat detection challenge for many organizations |
Ransomware
Threat
|
|
|
|
2022-09-02 11:00:00 |
New Ransomware Group BianLian Activity Exploding (lien direct) |
The threat actor using the common Go programming language and a custom toolkit claims twenty victims |
Ransomware
Threat
|
|
|
|
2022-08-23 16:30:00 |
CISA Adds Palo Alto Networks\' PAN-OS Vulnerability to Catalog (lien direct) |
The flaw would allow a network-based unauthenticated threat actor to perform DoS attacks |
Vulnerability
Threat
|
|
|
|
2022-08-11 11:00:00 |
#BHUSA: New Open Source Group Set to Streamline Threat Detection (lien direct) |
New open source project set to reduce operational pain for SecOps analysts |
Threat
|
|
|
|
2022-08-10 17:30:00 |
DeathStalker\'s VileRAT Continues to Target Foreign and Crypto Exchanges (lien direct) |
The campaign is not only ongoing, the threat actors increased its efforts to compromise targets using VileRAT |
Threat
|
|
|
|
2022-08-03 10:00:00 |
T-Mobile Retailer Guilty of $25m Fraud Scheme (lien direct) |
Case highlights continued threat from social engineering |
Threat
|
|
|