What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-06 13:03:54 | (Déjà vu) Threat Report Portugal: Q3 2020 (lien direct) | Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution from […] | Malware Threat | ||
|
2020-11-06 10:47:45 | Brazil\'s court system shut down after a massive ransomware attack (lien direct) | This week, Brazil’s Superior Court of Justice has temporarily shut down its operation following a ransomware attack during judgment sessions. Brazil’s Superior Court of Justice was hit by a ransomware attack on Tuesday during judgment sessions, the attack forced a temporary shut down of the court’s information technology network. “The Superior Court of Justice (STJ) announces that the court’s […] | Ransomware | ||
|
2020-11-06 08:18:27 | Prominent Italian firms under attack, Campari is the last one (lien direct) | Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. Campari Group, the Italian beverage giant has been hit by a ransomware attack that forced the company to shut down a large part of its IT network. The […] | Ransomware | ||
|
2020-11-05 21:33:26 | Apple addresses three actively exploited iOS zero-days (lien direct) | Apple released iOS 14.2 that addressed three zero-day vulnerabilities in its mobile OS that have been abused in attacks in the wild. Apple has addressed three iOS zero-day vulnerabilities actively exploited in attacks the wild and affecting iPhone, iPad, and iPod devices. The zero-day vulnerabilities have been fixed by the IT giant with the release of iOS […] | |||
|
2020-11-05 13:57:58 | TELEGRAM LATENCY IN BELARUS: HOW THE NATIONAL PROVIDER CONTROLS THE TRAFFIC (lien direct) | At the end of October 2020, Qurium received reports from users in Belarus that Telegram service was not working properly. Although the service was reachable, an increased latency was noted among the users. Beltelecom, the national telecommunications company in Belarus, fully owned by the Government of Belarus and operated by the Ministry of Telecommunications, controls […] | |||
|
2020-11-05 13:07:10 | New KilllSomeOne APT group leverages DLL side-loading (lien direct) | A new Chinese APT group, tracked as KilllSomeOne, appeared in the threat landscape targeting corporate organizations in Myanmar. A new Chinese APT group, tracked as KilllSomeOne, was spotted by researchers at Sophos. The advanced cyber-espionage group is targeting corporate organizations in Myanmar with DLL side-loading attacks. The name KilllSomeOne comes from the phrase ‘KilllSomeOne’ used […] | Threat | ||
|
2020-11-05 08:36:32 | VMware finally fixed the critical CVE-2020-3992 flaw in ESXi (lien direct) | VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. The CVE-2020-3992 vulnerability is a use-after-free bug issue that affects […] | Vulnerability | ||
|
2020-11-04 23:19:08 | Japanese video game firm Capcom hit by a cyberattack (lien direct) | Japanese video game developer and publisher Capcom has disclosed a cyberattack that impacted business operations over the weekend. Japanese game developer Capcom has admitted to have suffered a cyberattack over the weekend that is impacting business operations. The company has developed multiple multi-million-selling game franchises, including Street Fighter, Mega Man, Darkstalkers, Resident Evil, Devil May Cry, […] | |||
|
2020-11-04 19:25:45 | Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed (lien direct) | Cisco disclosed a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software and the availability of PoC exploit code. Cisco has disclosed a zero-day vulnerability, tracked as CVE-2020-3556, in the Cisco AnyConnect Secure Mobility Client software with the public availability of a proof-of-concept exploit code. The CVE-2020-3556 flaw resided in the interprocess communication (IPC) channel of Cisco AnyConnect […] | Vulnerability | ||
|
2020-11-04 17:06:18 | REvil Ransomware member win the auction for KPot stealer source code (lien direct) | The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction, and the REvil ransomware operators will likely be the only group to bid. KPOT Stealer is a “stealer” malware […] | Ransomware Malware | ||
|
2020-11-04 13:20:25 | Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election (lien direct) | Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. Someone has transferred almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet to another wallet. It is […] | |||
|
2020-11-04 11:45:16 | (Déjà vu) Cyber Defense Magazine – November 2020 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine November 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. 150 PAGESLOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK HERE AND GRAB THIS VERSION AND […] | |||
|
2020-11-04 11:10:39 | Toymaker giant Mattel disclosed a ransomware attack (lien direct) | Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. The good news that the company excluded the theft of […] | Ransomware | ||
|
2020-11-04 00:32:28 | UNC1945, a sophisticated threat actor used Oracle Solaris Zero-Day exploit (lien direct) | A sophisticated threat actor, tracked as UNC1945, has been observed exploiting vulnerabilities in the Oracle Solaris operating systems for over two years. Researchers from FireEye reported that a sophisticated threat actor, tracked as UNC1945, has been observed targeting Oracle Solaris operating systems for over two years. The codename “UNC” used to track the group is […] | Threat | ||
|
2020-11-03 17:44:57 | Adobe addressed 4 critical vulnerabilities in Acrobat products (lien direct) | Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution. Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution. The vulnerabilities impact the Windows and macOS versions of Acrobat DC, […] | ★★ | ||
|
2020-11-03 14:20:50 | Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail (lien direct) | Russian cybercriminal Aleksandr Brovko has been sentenced to eight years in jail for his role in a botnet scheme that caused at least $100 million in financial damage. The Russian cybercriminal Aleksandr Brovko (36) has been sentenced to eight years in jail for his role in a sophisticated botnet scheme that caused at least $100 […] | |||
|
2020-11-03 10:03:26 | Malicious npm library removed from the repository due to backdoor capabilities (lien direct) | The npm security team has removed a malicious JavaScript library named “twilio-npm” from its repository because contained malicious code. The npm security team has removed a malicious JavaScript library named “twilio-npm” from its repository because contained a code for establishing backdoors on the computers of the programmers. Npm is the largest package repository for any […] | |||
|
2020-11-03 08:20:32 | Google fixes the second zero-day in Chrome in 2 weeks actively exploited (lien direct) | Google released Chrome 86.0.4240.183 for Windows, Mac, and Linux to fix 10 security vulnerabilities, including an RCE zero-day exploited in the wild. Google has released Chrome 86.0.4240.183 for Windows, Mac, and Linux that address ten security vulnerabilities including a remote code execution (RCE) zero-day (CVE-2020-16009) exploited by threat actors in the wild. The RCE is […] | Threat | ||
|
2020-11-02 21:53:05 | Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flaw (lien direct) | Oracle issued an out-of-band security update to address a critical remote code execution issue (CVE-2020-14750) impacting multiple Oracle WebLogic Server versions. Oracle issued an out-of-band security update to address a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-14750, which affects several versions of Oracle WebLogic Server. The IT giant assigned to the flaw a severity base score of […] | |||
|
2020-11-02 18:57:57 | Maze ransomware gang shuts down operations, states their press release (lien direct) | The Maze ransomware operators finally announced that they have officially shut down their operations and denies the creation of a cartel. Today the Maze ransomware gang announced that they have officially shut down their operations, the news was anticipated last week. The cybercrime gang announced that it will no longer leak data of new companies […] | Ransomware | ||
|
2020-11-02 16:40:03 | North Korea-Linked APT Group Kimsuky spotted using new malware (lien direct) | North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium, Velvet Chollima) was recently observed using a new malware in attacks aimed at government agencies and human rights activists. The Kimsuky APT […] | Malware Cloud | APT 37 | |
|
2020-11-02 08:45:45 | Hackers stole credit card data from JM Bullion online bullion dealer (lien direct) | JM Bullion, the leading online bullion dealer in the United States, has disclosed a data breach, hackers stole customers’ credit card information. JM Bullion, the online retailer of products made of precious metals (i.e. gold, silver, copper, platinum, and palladium) has disclosed a data breach. JM Bullion has sent a ‘Notice of Data Security Incident‘ to its […] | Guideline | ||
|
2020-11-02 08:31:41 | UK ICO fines hotel chain giant Marriott over data breach (lien direct) | The UK Information Commissioner’s Office fined US hotels group Marriott over the 2018 data breach that affected millions of customers worldwide. The UK Information Commissioner’s Office announced it has fined Marriott £18.4 million ($23.5 million) for multiple data breaches suffered by the company since 2018 that exposed the personal information of its customers. “The ICO has fined […] | Data Breach | ||
|
2020-11-01 18:28:09 | Nuclear Regulation Authority shut down email systems after a cyber attack (lien direct) | Japan's Nuclear Regulation Authority (NRA) issued a warning of temporary suspension of its email systems, likely caused by a cyber attack. The Japan's Nuclear Regulation Authority (NRA) temporarily suspended its email systems, the interruption is likely caused by a cyber attack. The agency published a warning on its website, it is asking people to contact […] | |||
|
2020-11-01 14:56:34 | Maze ransomware is going out of the business (lien direct) | The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. The gang was the […] | Ransomware Threat | ||
|
2020-11-01 11:26:11 | Security Affairs newsletter Round 287 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. HPE addresses critical auth bypass issue in SSMC console Is the Abaddon RAT the first malware using Discord as C&C? New Emotet attacks use a new template urging recipients to […] | Malware | ||
|
2020-11-01 11:11:49 | A data breach broker is selling account databases of 17 companies (lien direct) | A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from 17 companies. A data breach broker is selling account databases containing a total of 34 million user records stolen from 17 companies. The threat actor is advertising the stolen data since October 28 on a […] | Data Breach Threat | ||
|
2020-11-01 09:29:59 | 103,000 machines are still vulnerable to SMBGhost attacks (lien direct) | Eight months after Microsoft issued a patch for the critical SMBGhost issues over 100,000 systems exposed online are still vulnerable to this attack. In March, Microsoft has addressed the critical SMBGhost vulnerability (CVE-2020-0796) in the Server Message Block (SMB) protocol. “A remote code execution vulnerability exists in the way that the Microsoft Server Message Block […] | Vulnerability | ||
|
2020-10-31 21:22:18 | REvil ransomware gang hacked gaming firm Gaming Partners International (lien direct) | The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). Gaming Partners International (GPI) is a full-service supplier of gaming furniture and equipment for casinos worldwide. The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before […] | Ransomware | ||
|
2020-10-31 19:15:53 | Companies paid $4.2M bug bounties for XSS flaws in 2020 (lien direct) | Cross-Site Scripting (XSS) issues are the most common vulnerabilities that received the highest amount of rewards on the HackerOne vulnerability reporting platform. Cross-Site Scripting (XSS) is the most common vulnerability type and received the highest amount of rewards on the HackerOne vulnerability reporting platform. XSS vulnerabilities accounted for 18% of all flaws reported by bug […] | Vulnerability | ||
|
2020-10-31 16:39:09 | Emotet operators are running Halloween-themed campaigns (lien direct) | Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party. The Emotet banking trojan has […] | Spam Malware Threat | ||
|
2020-10-30 23:50:54 | Operation Earth Kitsune: hackers target the Korean diaspora (lien direct) | Experts uncovered a new watering hole attack, dubbed Operation Earth Kitsune, targeting the Korean diaspora that exploits flaws in web browsers. Researchers at Trend Micro have disclosed details about a new watering hole campaign, dubbed Operation Earth Kitsune, targeting the Korean diaspora that exploits flaws in web browsers such as Google Chrome and Internet Explorer […] | |||
|
2020-10-30 21:32:29 | Google discloses unpatched Windows zero-day exploited in the wild (lien direct) | Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […] | Vulnerability Guideline | ||
|
2020-10-30 18:17:41 | 5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy (lien direct) | Organizations and security incidents in Kubernetes environments, these are 5 key components of the control plane that demand special attention Organizations are no strangers to security incidents in their Kubernetes environments. In its State of Container and Kubernetes Security Fall 2020 survey, StackRox found that 90% of respondents had suffered a security incident in their […] | Uber | ||
|
2020-10-30 12:11:36 | DoppelPaymer ransomware gang leaked Hall County, Georgia, voter info (lien direct) | The DoppelPaymer ransomware operators have released data that was stolen from Hall County, Georgia earlier this month. The DoppelPaymer ransomware operators have published online data that was stolen from Hall County, Georgia earlier this month. The attack took place on October 7, it hit Hall County, in the northern part of the state and it […] | Ransomware | ||
|
2020-10-30 09:27:25 | Brooklyn & Vermont US hospitals hit by ransomware attacks (lien direct) | Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network are the last victims of the Ryuk ransomware operators. Ryuk ransomware operators continue the target the US healthcare industry, the last victims in order of time are the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The […] | Ransomware | ||
|
2020-10-30 08:25:17 | Threat actors are actively exploiting Zerologon flaw, Microsoft warns (lien direct) | Microsoft researchers are warning that threat actors are continuing to actively exploit the ZeroLogon vulnerability in attacks in the wild. Microsoft is warning that threat actors are actively exploiting the ZeroLogon vulnerability in the Netlogon Remote Protocol. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client […] | Vulnerability Threat | ||
|
2020-10-29 21:59:29 | US Cyber Command details implants used in attacks on parliaments and embassies (lien direct) | US Cyber Command published technical details on malware implants used by Russia-linked APTs on multiple parliaments, embassies US Cyber Command shared technical details about malware implants employed by Russian hacking groups in attacks against multiple ministries of foreign affairs, national parliaments, and embassies. Experts from the US Cyber Command’s Cyber National Mission Force (CNMF) unit […] | Malware | ||
|
2020-10-29 19:10:33 | FBI, CISA alert warns of imminent ransomware attacks on healthcare sector (lien direct) | FBI and the DHS's CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The FBI, the DHS's Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks […] | Ransomware | ||
|
2020-10-29 10:36:40 | Russia-linked Turla APT hacked European government organization (lien direct) | Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting […] | Threat | ||
|
2020-10-29 08:28:32 | Iran-linked Phosphorous APT hacked emails of security conference attendees (lien direct) | Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. Microsoft revealed that Iran-linked APT Phosphorus (aka APT35, Charming Kitten, Newscaster, and Ajax Security Team) successfully hacked into the email accounts of multiple high-profile individuals and attendees at this year’s Munich Security Conference and the Think 20 (T20) summit. “Today, we're sharing […] | Conference | APT 35 | |
|
2020-10-28 22:08:59 | TrickBot operators employ Linux variants in attacks after recent takedown (lien direct) | A few days after the TrickBot takedown, Netscout researchers spotted a new TrickBot Linux variant that was used by its operators. A few days ago, Microsoft's Defender team, FS-ISAC, ESET, Lumen's Black Lotus Labs, NTT, and Broadcom's cyber-security division Symantec joined the forces and announced a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. Microsoft has taken […] | |||
|
2020-10-28 13:14:17 | Trump campaign website defaced by scammers (lien direct) | Hackers broke into a website used in Donald Trump ‘s campaign website on Tuesday, the news is worrying because comes a few days before Election Day. Hackers defaced a website used in Donald Trump’s campaign website, donaldjtrump.com, displaying the following message: “This site was seized.” “The world has had enough of the fake-news spreaded daily […] | |||
|
2020-10-28 08:46:36 | Steelcase office furniture giant hit by Ryuk ransomware attack (lien direct) | Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading. Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture […] | Ransomware Malware | ||
|
2020-10-27 21:15:38 | Enel Group suffered the second ransomware attack this year (lien direct) | Multinational energy company Enel Group has been hit by Netwalker ransomware operators that are asking a $14 million ransom. Systems at the multinational energy company Enel Group has been infected with Netwalker ransomware, it is the second ransomware attack suffered by the energy giant this year. Netwalker ransomware operators are asking a $14 million ransom […] | Ransomware | ||
|
2020-10-27 17:07:22 | Google removes a set of 21 malicious apps from the Play Store (lien direct) | Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads. Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads. The following malicious apps were spotted by researchers from cybersecurity firm Avast: Shoot Them Crush […] | |||
|
2020-10-27 13:24:47 | Fragomen law firm data breach exposed Google employee\'s data (lien direct) | Immigration law firm Fragomen has disclosed a data breach that exposed current and former Google employees’ personal information. Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP, one of the most prominent US law firms covering immigration law, disclosed a data breach. The security breach exposed current and former Google employees’ personal information after […] | Data Breach | ||
|
2020-10-27 12:03:10 | Hacker was identified after the theft of $24 million from Harvest Finance (lien direct) | A threat actor has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance. A hacker has stolen approximately $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance, a web portal that lets users finding the farming opportunities that will maximize their yield(APY) returns. The hack took place earlier today […] | Hack Threat | ||
|
2020-10-27 08:23:27 | Over 100 irrigation systems left exposed online without protection (lien direct) | Researchers found more than 100 smart irrigation systems running ICC PRO that were left exposed online without a password last month. Security experts from the Israeli security firm Security Joes discovered more than 100 irrigation systems running ICC PRO that were left exposed online without protection. ICC PRO is a top-shelf smart irrigation system designed by Motorola. […] | |||
|
2020-10-26 22:02:42 | Nitro PDF data breach might impact major companies, including Microsoft, Google, and Apple (lien direct) | Nitro PDF suffered a massive data breach that impacts many major organizations, including Apple, Chase, Citibank, Google, and Microsoft. A massive data breach suffered by the Nitro PDF might have a severe impact on well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. Nitro Software, Inc. develops commercial software used to create, edit, sign, and […] | Data Breach |
To see everything:
Our RSS (filtrered)
