What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-26 17:19:00 | All You Need to Know About Emotet in 2022 (lien direct) | For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and sophistication. | Malware | ★★★ | |
|
2022-11-26 10:22:00 | U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk (lien direct) | The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. "The FCC is committed to protecting our national | ★★★★ | ||
|
2022-11-26 09:58:00 | Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations (lien direct) | Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities were first detected on November 21, 2022. "While the malware written in .NET is new, its deployment is | Ransomware Malware | ★★ | |
|
2022-11-25 18:42:00 | (Déjà vu) Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw (lien direct) | Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be | Vulnerability Threat | ||
|
2022-11-25 16:45:00 | Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions (lien direct) | An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk. EFI Development Kit, aka EDK, is an open source implementation of the Unified Extensible Firmware Interface (UEFI), which functions as an interface between the operating system and the firmware embedded in | ★★★ | ||
|
2022-11-25 11:36:00 | U.K. Police Arrest 142 in Global Crackdown on \'iSpoof\' Phone Spoofing Service (lien direct) | A coordinated law enforcement effort has dismantled an online phone number spoofing service called iSpoof and arrested 142 individuals linked to the operation. The websites, ispoof[.]me and ispoof[.]cc, allowed the crooks to "impersonate trusted corporations or contacts to access sensitive information from victims," Europol said in a press statement. Worldwide losses exceeded €115 million ($ | ★★★ | ||
|
2022-11-25 10:28:00 | Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation (lien direct) | Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in the arrests of 975 individuals and the closure of more than 1,600 cases. This comprised two fugitives | Legislation | ★★ | |
|
2022-11-24 18:55:00 | New RansomExx Ransomware Variant Rewritten in the Rust Programming Language (lien direct) | The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna. The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although it's expected that a Windows version will | Ransomware Threat | ||
|
2022-11-24 16:47:00 | Millions of Android Devices Still Don\'t Have Patches for Mali GPU Flaws (lien direct) | A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022. "These fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, | ★★★ | ||
|
2022-11-24 16:33:00 | Boost Your Security with Europe\'s Leading Bug Bounty Platform (lien direct) | As 2022 comes to an end, now's the time to level up your bug bounty program with Intigriti. Are you experiencing slow bug bounty lead times, gaps in security skills, or low-quality reports from researchers? Intigriti's expert triage team and global community of ethical hackers are enabling businesses to protect themselves against every emerging cybersecurity threat. Join the likes of Intel, | Guideline | ★★★ | |
|
2022-11-24 16:25:00 | Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps (lien direct) | The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious apps designed to extract sensitive information. The activity, which has been active since January 2022, entails distributing rogue VPN apps through a fake SecureVPN website set up for this purpose, Slovak cybersecurity firm ESET said in a new | Bahamut | ★★★ | |
|
2022-11-24 11:49:00 | This Android File Manager App Infected Thousands of Devices with Sharkbot Malware (lien direct) | The Android banking fraud malware known as SharkBot has reared its head once again on the official Google Play Store, posing as file managers to bypass the app marketplace's restrictions. A majority of the users who downloaded the rogue apps are located in the U.K. and Italy, Romanian cybersecurity company Bitdefender said in an analysis published this week. SharkBot, first discovered towards | Malware | ||
|
2022-11-24 11:36:00 | Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware (lien direct) | Companies based in the U.S. have been at the receiving end of an "aggressive" Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks. "In this latest campaign, the Black Basta ransomware gang is using QakBot malware to create an initial point of entry and move laterally within an organization's network," Cybereason researchers Joakim Kandefelt and | Ransomware Malware Guideline | ||
|
2022-11-23 18:38:00 | 34 Russian Hacker Groups Stole Over 50 Million Passwords with Stealer Malware (lien direct) | As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. "The underground market value of stolen logs and compromised card details is estimated around $5.8 million," Singapore-headquartered Group-IB said in a report shared with The Hacker News. Aside from looting | Malware | ★★★★ | |
|
2022-11-23 18:09:00 | Ducktail Malware Operation Evolves with New Malicious Capabilities (lien direct) | The operators of the Ducktail information stealer have demonstrated a "relentless willingness to persist" and continued to update their malware as part of an ongoing financially driven campaign. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account," WithSecure researcher Mohammad Kazem | Malware | ★★★★ | |
|
2022-11-23 17:43:00 | Top Cyber Threats Facing E-Commerce Sites This Holiday Season (lien direct) | Delivering a superior customer experience is essential for any e-commerce business. For those companies, there's a lot at stake this holiday season. According to Digital Commerce 360, nearly $1.00 of every $4.00 spent on retail purchases during the 2022 holiday season will be spent online, resulting in $224 billion in e-commerce sales. To ensure your e-commerce site is ready for the holiday rush | ★★ | ||
|
2022-11-23 14:58:00 | Hackers Exploiting Abandoned Boa Web Servers to Target Critical Industries (lien direct) | Microsoft on Tuesday disclosed the intrusion activity aimed at Indian power grid entities earlier this year likely involved the exploitation of security flaws in a now-discontinued web server called Boa. The tech behemoth's cybersecurity division said the vulnerable component poses a "supply chain risk that may affect millions of organizations and devices." The findings build on a prior report | ★★★★ | ||
|
2022-11-23 13:16:00 | Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation (lien direct) | Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The network, which originated from the U.S., primarily singled out Afghanistan, Algeria, Iran, Iraq, Kazakhstan, Kyrgyzstan, | ★★★ | ||
|
2022-11-23 11:10:00 | Nighthawk Likely to Become Hackers\' New Post-Exploitation Tool After Cobalt Strike (lien direct) | A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2." However, there are no | Tool Threat | ★★★★ | |
|
2022-11-22 23:06:00 | This Malware Installs Malicious Browser Extensions to Steal Users\' Passwords and Cryptos (lien direct) | A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX. Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its standalone features that enable it to access website visits, steal credentials and clipboard data, and even swap cryptocurrency addresses via an | Malware | ★★★★ | |
|
2022-11-22 18:00:00 | Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware (lien direct) | A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. "These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised fake | Malware | ★★★ | |
|
2022-11-22 17:37:00 | Here\'s How to Ensure Your Incident Response Strategy is Ready for Holiday Hackers (lien direct) | The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities. The holiday season is upon us and with it a slew of cybersecurity scams preying on end-user vulnerabilities. Because employees often use their business emails and cell phones as their primary point of contact, these scams quickly become a threat to | Threat | ★★ | |
|
2022-11-22 15:15:00 | Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns (lien direct) | The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors. The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery (TOAD), wherein the victims are social engineered into making a phone call through phishing emails containing invoices and subscription-themed lures. Palo Alto | Threat | ★★★ | |
|
2022-11-22 14:40:00 | U.S. Authorities Seize Domains Used in \'Pig butchering\' Cryptocurrency Scams (lien direct) | The U.S. Justice Department (DoJ) on Monday announced the takedown of seven domain names in connection to a "pig butchering" cryptocurrency scam. The fraudulent scheme, which operated from May to August 2022, netted the actors over $10 million from five victims, the DoJ said. Pig butchering, also called Sha Zhu Pan, is a type of scam in which swindlers lure unsuspecting investors into sending | ★★★ | ||
|
2022-11-21 20:46:00 | Daixin Ransomware Gang Steals 5 Million AirAsia Passengers\' and Employees\' Data (lien direct) | The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net. The threat actors allegedly claim to have obtained the personal data associated with five million | Ransomware Threat | ★★★ | |
|
2022-11-21 19:54:00 | Notorious Emotet Malware Returns With High-Volume Malspam Campaign (lien direct) | The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee. "Hundreds of thousands of emails per day" have been sent since early November 2022, enterprise security company Proofpoint said last week, adding, "the new activity suggests Emotet is returning to its full functionality acting as a delivery | Malware | ||
|
2022-11-21 18:30:00 | Been Doing It The Same Way For Years? Think Again. (lien direct) | [Want Bob to stop complaining? Change your practices.] [Don't delay change – it can cost you] ["Always done it that way"? Think again.] [Why you should think again about doing it the old way] [Why you should think again about doing it the same old way] As IT professionals, we all reach a certain point in our IT career where we realize that some of our everyday tasks are done the same way year | |||
|
2022-11-21 15:32:00 | Google Wins Lawsuit Against Russians Linked to Blockchain-based Glupteba Botnet (lien direct) | Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The U.S. District Court for the Southern District of New York imposed monetary sanctions against the defendants and their U.S.-based legal counsel. The defendants have also been asked to pay Google's attorney fees. The defendants' move to press | |||
|
2022-11-21 11:12:00 | Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild (lien direct) | Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012. The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest version of Cobalt Strike is version 4.7.2. Cobalt | Tool Threat | ||
|
2022-11-19 19:00:00 | Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022 (lien direct) | The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018. The Digital Personal Data Protection Bill, 2022, as it's called, aims to secure personal data, while also seeking users' consent in what the draft claims is "clear and plain language" describing the exact kinds of | |||
|
2022-11-19 12:54:00 | Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware (lien direct) | A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. "Observed DEV-0569 attacks show a pattern of continuous innovation, with | Ransomware Malware Threat | ||
|
2022-11-19 10:30:00 | Chinese \'Mustang Panda\' Hackers Actively Targeting Governments Worldwide (lien direct) | A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world. The primary targets of the intrusions from May to October 2022 included counties in the Asia Pacific region such as Myanmar, Australia, the Philippines, Japan, and Taiwan, cybersecurity firm Trend Micro | Threat | ||
|
2022-11-19 10:00:00 | Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products (lien direct) | Australian software company Atlassian has rolled out security updates to address two critical flaws affecting Bitbucket Server, Data Center, and Crowd products. The issues, tracked as CVE-2022-43781 and CVE-2022-43782, are both rated 9 out of 10 on the CVSS vulnerability scoring system. CVE-2022-43781, which Atlassian said was introduced in version 7.0.0 of Bitbucket Server and Data Center, | Vulnerability | ★★★ | |
|
2022-11-18 18:43:00 | Meta Reportedly Fires Dozens of Employees for Hijacking Users\' Facebook and Instagram Accounts (lien direct) | Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday. Some of these cases involved bribery, the publication said, citing sources and documents. Included among those fired were contractors who worked as security guards at the social media | ★★★★★ | ||
|
2022-11-18 18:23:00 | LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities (lien direct) | The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities," Cisco Talos researcher Chris Neal said in a write-up published Thursday. Aside from being dropped | Malware Tool Threat | ★★★ | |
|
2022-11-18 17:37:00 | Threat hunting with MITRE ATT&CK and Wazuh (lien direct) | Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay dormant in an organization's infrastructure, extending their access while waiting for the right | Threat | ||
|
2022-11-18 13:17:00 | Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide (lien direct) | The threat actors behind the Hive ransomware-as-a-service (RaaS) scheme have launched attacks against over 1,300 companies across the world, netting the gang $100 million in illicit payments as of November 2022. "Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information | Ransomware Threat | ||
|
2022-11-18 10:36:00 | W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack (lien direct) | An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. "The attack seems related to cybercrime as the attacker | Malware Threat | ||
|
2022-11-17 18:06:00 | Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign (lien direct) | A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017. "It targets businesses in multiple verticals including retail, banking, | Threat | ★★ | |
|
2022-11-17 15:41:00 | FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva (lien direct) | A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. Vyacheslav Igorevich Penchukov, who went by online pseudonyms "tank" and "father," is said to have been involved in the day-to-day operations of the group | Malware | ★★★★ | |
|
2022-11-17 15:30:00 | 100 Apps, Endless Security Checks (lien direct) | On average, organizations report using 102 business-critical SaaS applications, enabling operations of most departments across an organization, such as IT and Security, Sales, Marketing, R&D, Product Management, HR, Legal, Finance, and Enablement. An attack can come from any app, no matter how robust the app is.Without visibility and control over a critical mass of an organization's entire SaaS | |||
|
2022-11-17 12:28:00 | High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices (lien direct) | Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems. Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices and defeat security constraints. The two high-severity issues, which were reported to F5 on August 18, 2022, are as follows - | |||
|
2022-11-17 11:52:00 | Iranian Hackers Compromised a U.S. Federal Agency\'s Network Using Log4Shell Exploit (lien direct) | Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), come in response to incident response efforts undertaken by the authority from mid-June through mid-July 2022 | Vulnerability Threat | ||
|
2022-11-17 11:26:00 | North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor (lien direct) | Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel | |||
|
2022-11-16 18:34:00 | Researchers Discover Hundreds of Amazon RDS Instances Leaking Users\' Personal Data (lien direct) | Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show. "Leaking PII in this manner provides a potential treasure trove for threat actors – either during the reconnaissance phase of the cyber kill chain or extortionware/ransomware campaigns," researchers Ariel | Threat | ||
|
2022-11-16 17:49:00 | 7 Reasons to Choose an MDR Provider (lien direct) | According to a recent survey, 90% of CISOs running teams in small to medium-sized enterprises (SMEs) use a managed detection and response (MDR) service. That's a 53% increase from last year. Why the dramatic shift to MDR? CISOs at organizations of any size, but especially SMEs, are realizing that the threat landscape and the way we do cybersecurity are among the many things that will never look | Threat | ||
|
2022-11-16 13:05:00 | Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers (lien direct) | Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers. "In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April," Fortinet | Malware | ||
|
2022-11-16 10:54:00 | Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023 (lien direct) | Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year. "The Privacy Sandbox Beta will be available for ad tech and app developers who wish to test the ads-related APIs as part of their solutions," the company said. To that end, developers will need to complete an enrollment process in order | |||
|
2022-11-15 22:31:00 | Critical RCE Flaw Reported in Spotify\'s Backstage Software Catalog and Developer Platform (lien direct) | Spotify's Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), that came to light last | Vulnerability | ||
|
2022-11-15 22:03:00 | PCSpoof: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft (lien direct) | Credit: Marina Minkin A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that's used in safety-critical infrastructure, potentially causing the failure of systems powering spacecraft and aircraft. Dubbed PCspooF by a group of academics and researchers from the University of Michigan, the University of Pennsylvania, and the NASA | Vulnerability |
To see everything:
Our RSS (filtrered)
