Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-07-29 19:16:50 |
UC San Diego Health Breach Tied to Phishing Attack (lien direct) |
Employee email takeover exposed personal, medical data of students, employees and patients. |
|
|
|
|
2021-07-29 18:39:56 |
CISA\'s Top 30 Bugs: One\'s Old Enough to Buy Beer (lien direct) |
There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do? |
|
|
|
|
2021-07-29 16:25:48 |
Israeli Government Agencies Visit NSO Group Offices (lien direct) |
Authorities opened an investigation into the secretive Israeli security firm. |
|
|
|
|
2021-07-29 13:00:27 |
Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them (lien direct) |
Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them. |
Threat
|
|
|
|
2021-07-28 18:33:02 |
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths (lien direct) |
They're either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling. |
Ransomware
|
|
|
|
2021-07-28 17:44:50 |
Reboot of PunkSpider Tool at DEF CON Stirs Debate (lien direct) |
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON. |
Tool
|
|
|
|
2021-07-28 11:01:33 |
Podcast: Why Securing Active Directory Is a Nightmare (lien direct) |
Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a dizzying array of attack paths, such as in PetitPotam.
|
|
|
|
|
2021-07-27 21:10:11 |
No More Ransom Saves Victims Nearly €1 Over 5 Years (lien direct) |
No More Ransom is collecting decryptors so ransomware victims don't have to pay to get their data back and attackers don't get rich.
|
Ransomware
|
|
|
|
2021-07-27 17:30:28 |
Zimbra Server Bugs Could Lead to Email Plundering (lien direct) |
Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email. |
|
|
|
|
2021-07-27 15:43:56 |
Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers (lien direct) |
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP. |
|
|
|
|
2021-07-27 13:36:21 |
Apple Patches Actively Exploited Zero-Day in iOS, MacOS (lien direct) |
Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system. |
|
|
|
|
2021-07-26 22:09:11 |
Podcast: IoT Piranhas Are Swarming Industrial Controls (lien direct) |
Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure. |
|
|
|
|
2021-07-26 21:08:27 |
Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn (lien direct) |
A comment spammer flooded Babuk's new ransomware forum with gay orgy porn GIFs and demanded $5K in bitcoin. |
Ransomware
|
|
|
|
2021-07-26 19:33:34 |
Microsoft Rushes Fix for \'PetitPotam\' Attack PoC (lien direct) |
Microsoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows systems to reveal password hashes that can be easily cracked. |
|
|
|
|
2021-07-26 15:00:24 |
Malware Makers Using \'Exotic\' Programming Languages (lien direct) |
Sprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to evade detection.
|
Malware
|
|
|
|
2021-07-26 13:00:30 |
The True Impact of Ransomware Attacks (lien direct) |
Keeper's research reveals that in addition to knocking systems offline, ransomware attacks degrade productivity, cause organizations to incur significant indirect costs, and mar their reputations. |
Ransomware
|
|
|
|
2021-07-23 21:52:26 |
Discord CDN and API Abuses Drive Wave of Malware Detections (lien direct) |
Targets of Discord malware expand far beyond gamers. |
Malware
|
|
|
|
2021-07-23 18:52:32 |
5 Steps to Improving Ransomware Resiliency (lien direct) |
Alex Restrepo, cybersecurity researcher at Veritas, lays out the key concepts that organizations should be paying attention to now and implementing today. |
Ransomware
|
|
|
|
2021-07-23 16:24:47 |
FIN7\'s Liquor Lure Compromises Law Firm with Backdoor (lien direct) |
Using a lure relating to a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that may be bent on ransomware deployment. |
Ransomware
|
|
|
|
2021-07-23 12:21:24 |
Kaseya Obtains Universal Decryptor for REvil Ransomware (lien direct) |
The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid. |
Ransomware
|
|
|
|
2021-07-22 21:15:23 |
FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics (lien direct) |
Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn. |
|
|
|
|
2021-07-22 20:53:23 |
Phish Swims Past Email Security With Milanote Pages (lien direct) |
The “Evernote for creatives” is anchoring a rapidly spiking phishing campaign, evading SEGs with ease. |
|
|
|
|
2021-07-22 20:52:45 |
Critical Jira Flaw in Atlassian Could Lead to RCE (lien direct) |
The software-engineering platform is urging users to patch the critical flaw ASAP. |
|
|
|
|
2021-07-22 17:46:25 |
Industrial Networks Exposed Through Cloud-Based Operational Tech (lien direct) |
Critical ICS vulnerabilities can be exploited through leading cloud-management platforms. |
Guideline
|
|
|
|
2021-07-22 16:18:25 |
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day (lien direct) |
Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come: a fix for what makes iPhones easy prey for Pegasus spyware. |
|
|
|
|
2021-07-22 12:57:11 |
Microsoft Issues Windows 10 Workaround Fix for \'SeriousSAM\' Bug (lien direct) |
A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems. |
|
|
|
|
2021-07-21 18:11:31 |
NPM Package Steals Passwords via Chrome\'s Account-Recovery Tool (lien direct) |
In another vast software supply-chain attack, the password-stealer is filching credentials from Chrome on Windows systems via ChromePass. |
Tool
|
|
|
|
2021-07-21 17:31:16 |
Indictments, Attribution Unlikely to Deter Chinese Hacking, Researchers Say (lien direct) |
Researchers are skeptical that much will come from calling out China for the Microsoft Exchange attacks and APT40 activity, but the move marks an important foreign-policy change. |
Industrial
|
APT 40
|
|
|
2021-07-21 15:19:56 |
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows (lien direct) |
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers. |
|
Uber
|
|
|
2021-07-21 13:32:42 |
French Launch NSO Probe After Macron Believed Spyware Target (lien direct) |
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware. |
Guideline
|
|
|
|
2021-07-21 13:00:12 |
Tracking Malware and Ransomware Domains in 2021 (lien direct) |
Ransomware is the threat of 2021. It's impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, we'll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news. |
Ransomware
Malware
Threat
|
|
|
|
2021-07-21 10:00:23 |
MacOS Being Picked Apart by $49 XLoader Data Stealer (lien direct) |
Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and it's selling like hotcakes. |
|
|
|
|
2021-07-20 18:56:23 |
Researchers: NSO Group\'s Pegasus Spyware Should Spark Bans, Apple Accountability (lien direct) |
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. |
|
|
|
|
2021-07-20 17:00:49 |
Law Firm to the Fortune 500 Breached with Ransomware (lien direct) |
Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM. |
Ransomware
|
|
|
|
2021-07-20 13:59:46 |
Why Your Business Needs a Long-Term Remote Security Strategy (lien direct) |
Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches. |
|
|
|
|
2021-07-20 13:31:50 |
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines (lien direct) |
The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. |
|
|
|
|
2021-07-20 13:00:13 |
A New Security Paradigm: External Attack Surface Management (lien direct) |
Advanced EASM solutions are crucial to automating the discovery of the downstream third-party (or fourth-party, or fifth-party, etc.) IT infrastructures that your organization is exposed to, and may be vulnerable to attack, posing a critical risk for your organization. |
|
|
|
|
2021-07-20 12:39:47 |
MosaicLoader Malware Delivers Facebook Stealers, RATs (lien direct) |
The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. |
Malware
Threat
|
|
|
|
2021-07-19 23:12:27 |
What\'s Next for REvil\'s Victims? (lien direct) |
Podcast: Nothing, says a ransomware negotiator who has tips on staying out of the sad subset of victims left in the lurch, mid-negotiation, after REvil's servers went up in smoke. |
Ransomware
|
|
|
|
2021-07-19 21:31:06 |
Unpatched iPhone Bug Allows Remote Device Takeover (lien direct) |
A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier than expected. |
|
|
|
|
2021-07-19 18:48:14 |
Ruthless Attackers Target Florida Condo Collapse Victims (lien direct) |
Hackers are stealing the identities of those lost in the condo-collapse tragedy. |
|
|
|
|
2021-07-19 17:49:50 |
Protecting Phones From Pegasus-Like Spyware Attacks (lien direct) |
Podcast: Can a new SIM card and prepaid service from an MVNO help? Former spyware insider, current mobile white hat hacker Adam Weinberg on how to block spyware attacks. |
|
|
|
|
2021-07-19 15:56:09 |
Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections (lien direct) |
The secretive Israeli firm was allegedly storing 50,000+ mobile phone numbers for activists, journalists, business executives and politicians -- possible targets of iPhone and Android hacking. |
|
|
|
|
2021-07-16 21:10:20 |
Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers (lien direct) |
HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs. |
Ransomware
|
|
|
|
2021-07-16 21:07:15 |
Top CVEs Trending with Cybercriminals (lien direct) |
An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most interested in. |
|
|
|
|
2021-07-16 17:27:45 |
The Evolving Role of the CISO (lien direct) |
Curtis Simpson, CISO at Armis, discusses the top qualities that all CISOs need to possess to excel. |
|
|
|
|
2021-07-16 17:17:19 |
Critical Juniper Bug Allows DoS, RCE Against Carrier Networks (lien direct) |
Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited. |
|
|
|
|
2021-07-16 15:55:57 |
Windows 0-Days Used Against Dissidents in Israeli Broker\'s Spyware (lien direct) |
Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world. |
Malware
|
|
|
|
2021-07-16 11:57:53 |
Microsoft: New Unpatched Bug in Windows Print Spooler (lien direct) |
Another vulnerability separate from PrintNightmare allows for local elevation of privilege and system takeover. |
Vulnerability
|
|
|
|
2021-07-15 20:50:27 |
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases (lien direct) |
The popular e-commerce platform for WordPress has started deploying emergency patches. |
|
|
|