What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-06-15 07:47:41 | Earth Empusa targets minority group with Android ActionSpy spyware (lien direct) | The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Researchers warn that the Earth Empusa (aka POISON CARP/Evil Eye) threat group is targeting the Uyghurs, a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East […] | Threat | ||
|
2020-06-14 21:39:08 | Ransomware attack disrupts operations at Australian beverage company Lion (lien direct) | Systems at Australian beverages company Lion were infected with a ransomware that disrupted to manufacturing processes and customer service. Systems at Australian beverages company Lion were infected with a ransomware, the security breach caused the disruption of manufacturing processes and customer service. Lion is a beverage and food company that operates in Australia and New Zealand, […] | Ransomware | ||
|
2020-06-14 13:37:09 | Tech firms suspend use of \'biased\' facial recognition technology (lien direct) | Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments, the tech giants are also urging for federal laws to regulate the use […] | |||
|
2020-06-14 12:27:59 | (Déjà vu) Coronavirus-themed attacks May 31 – June 13, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected between May 31 and June 13, 2020. June 4, 2020 […] | Threat | ||
|
2020-06-14 11:25:01 | Security Affairs newsletter Round 268 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. British Army launches a new Cyber Regiment Covid-19 Themed attacks Infographic Indian video on demand giant ZEE5 has been hacked A flaw in India Digilocker couldve been exploited to bypass […] | |||
|
2020-06-14 08:08:25 | Maze ransomware gang hacked M&A firm Threadstone Advisors LLP (lien direct) | Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to […] | Ransomware | ||
|
2020-06-13 19:59:16 | Lamphone: spying on conversations by watching a light bulb in the room (lien direct) | Lamphone – Researchers demonstrated how to spy on secret conversations in a room from a nearby remote location just by measuring the amount of light emitted by a light bulb. A team of academics from Israeli Ben-Gurion University of the Negev and the Weizmann Institute of Science demonstrated how to spy on secret conversations in […] | |||
|
2020-06-13 16:42:19 | TroyStealer – A new info stealer targeting Portuguese Internet users (lien direct) | One of the most recent threats is the info stealer TroyStealer, first shared by Abuse.ch on Twitter, and targeting Portuguese users. The world of cybercrime is changing, and more and more malware variants have spread every day. To keep your system safe, one of the things you can do is following a cyber doctrine focused on […] | Malware | ||
|
2020-06-13 14:58:04 | D-Link releases a security firmware update that only fix 3 out 6 issues in DIR-865L home routers (lien direct) | D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Below the list of vulnerabilities affecting the D-Link home routers: CVE-2020-13782: Improper […] | |||
|
2020-06-13 12:41:17 | COVID-19 themed attacks increase in Brazil, India, and UK (lien direct) | Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […] | Malware Threat | ||
|
2020-06-12 22:16:09 | City of Florence to Pay $300,000 Ransom after ransomware attack (lien direct) | Florence City in Alabama will pay a $300,000 ransom worth of Bitcoins after its computer system was infected with a ransomware. The Council of Florence City voted unanimously at an emergency meeting this week pay the ransom requested by attackers that hit the City’s system. The payment will me made using the city's insurance fund […] | Ransomware | ||
|
2020-06-12 13:59:06 | Gamaredon group uses a new Outlook tool to spread malware (lien direct) | Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends […] | Malware Tool | ||
|
2020-06-12 10:05:12 | (Déjà vu) City of Knoxville shuts down IT network after ransomware attack (lien direct) | A ransomware attack that targeted the offices of the City of Knoxville, Tennessee, forced to shut down its entire computer network. The city of Knoxville, Tennessee, has shut down its computer network following a ransomware attack. The attack took place in the night between June 10 and June 11, the malware encrypted multiple systems in the […] | Ransomware Malware | ||
|
2020-06-12 08:10:32 | Austria\'s largest ISP A1 Telekom discloses security breach (lien direct) | A1 Telekom, the leading fixed and mobile network operator in Austria, has admitted to have suffered a security breach, following the revelation of a whistleblower. A1 Telekom Austria is the leading fixed and mobile network operator in Austria, with 5.4 million mobile and 2.3 million fixed-line customers. The company has admitted having suffered a security […] | Guideline | ||
|
2020-06-11 18:09:02 | Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters (lien direct) | Microsoft's Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. Hackers are targeting Kubeflow servers with administration panel exposed online, Microsoft warns. The tech giant has released a report today detailing a novel series of attacks against Kubeflow, a toolkit for deploying machine learning (ML) […] | Tool | Uber | |
|
2020-06-11 14:10:42 | Dark Basin, a hack-for-hire group that remained under the radar for 7 years (lien direct) | A hack-for-hire group tracked as Dark Basin targeted thousands of journalists, advocacy groups, and politicians worldwide over 7 years. Researchers from Citizen Lab uncovered the operations of a hack-for-hire group tracked as Dark Basin that targeted thousands of journalists, elected and senior government officials, advocacy groups, and hedge funds worldwide over 7 years. Dark Basin […] | |||
|
2020-06-11 11:08:41 | Cisco discloses technical details for Firefox code execution flaw (lien direct) | Cisco Talos experts released technical details on a recently addressed vulnerability in Firefox that could be exploited for code execution. Security experts from Cisco Talos have released technical details on a recently addressed vulnerability in Firefox, tracked as CVE-2020-12405, that could be exploited by attackers for remote code execution. The issue is a use-after-free in SharedWorkerService […] | Vulnerability | ||
|
2020-06-11 09:38:21 | SMBleed could allow a remote attacker to leak kernel memory (lien direct) | Microsoft addressed a Server Message Block (SMB) protocol issue, named SMBleed, that could allow an attacker to leak kernel memory remotely, without authentication. Recently released Microsoft June 2020 Patch Tuesday updates also address a vulnerability in the Server Message Block (SMB) protocol dubbed SMBleed (CVE-2020-1206) that could allow an attacker to leak kernel memory remotely, without […] | Vulnerability | ||
|
2020-06-10 23:41:49 | A high-severity flaw affects VMware Workstation, Fusion and vSphere products. (lien direct) | VMware has addressed a high-severity information disclosure vulnerability affecting its Workstation, Fusion and vSphere virtualization products. VMware has addressed a high-severity information disclosure vulnerability, tracked as CVE-2020-3960, that affects its Workstation, Fusion and vSphere virtualization products. The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. ESXi, Workstation and Fusion […] | Vulnerability | ||
|
2020-06-10 22:46:05 | (Déjà vu) Slovak police found wiretapping devices connected to the Govnet government network (lien direct) | Slovak police seized wiretapping devices connected to Govnet government network and arrested four individuals, including the head of a government agency. Slovak National Criminal Agency (NAKA) seized wiretapping devices connected to the Govnet network and arrested four individuals, including the head of a government agency, who was responsible for managing the government network. GOVNET is a network […] | |||
|
2020-06-10 20:31:27 | Nintendo admitted that hackers have breached 300,000 accounts (lien direct) | Japanese gaming giant Nintendo has confirmed that hackers have breached 300,000 accounts since early April, financial data were not exposed. The Japanese video game giant Nintendo has admitted that threat actors have breached 300,000 accounts since early April. The hackers have gained access to personal information, including birthday and email address, but financial data were […] | Threat | ||
|
2020-06-10 12:00:54 | Japanese car-maker giant Honda hit by a ransomware attack (lien direct) | Japanese carmaker Honda announced it has been hit by a cyberattack that disrupted its business in several countries. The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware. BleepingComputer reported that […] | Ransomware Threat | ||
|
2020-06-10 08:04:54 | Microsoft June 2020 Patch Tuesday fix 129 flaws, 11 rated as critical (lien direct) | Microsoft June 2020 Patch Tuesday address 129 vulnerabilities, 11 flaws are rated as Critical while 118 are rated as Important in severity. Microsoft June 2020 Patch Tuesday address 129 vulnerabilities affecting Microsoft Windows, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in IE Mode), ChakraCore, Office and Microsoft Office Services and Web Apps, Windows Defender, […] | |||
|
2020-06-09 21:36:11 | (Déjà vu) Hackers target German Task Force for COVID-19 PPE procurement (lien direct) | Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE) against COVID-19. Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE). Threat actors are targeting executives of a German multinational corporation part of a government-private sector task force that […] | Threat | ||
|
2020-06-09 17:59:00 | (Déjà vu) Adobe fixes critical flaws in Flash Player and Framemaker (lien direct) | Adobe has released security updates to address vulnerabilities in its Flash Player, Framemaker and Experience Manager products. Adobe has released security updates to address ten vulnerabilities in its Adobe Flash Player, Adobe Experience Manager, and Adobe Framemaker products. Four vulnerabilities out of ten are rated as ‘Critical,’ they could allow a remote attacker to execute […] | |||
|
2020-06-09 14:28:56 | Two Critical Remote Code Execution flaws fixed in IBM WebSphere (lien direct) | IBM has addressed two critical vulnerabilities in IBM WebSphere Application Server that could allow a remote attacker to execute arbitrary code. In April, a security researcher who goes online with the moniker ‘tint0’ discovered three serious deserialization issues affecting the IBM WebSphere Application Server. Two of the vulnerabilities (CVE-2020-4450 and CVE-2020-4448) are remote code execution issues that […] | ★★ | ||
|
2020-06-09 10:12:45 | Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online (lien direct) | A threat actor is offering for sale in a darkweb black-market internal documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). Researchers from cyber threat intelligence firm Cyble reported that a threat actor is offering in a darkweb black-market documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). The company manufactures a variety […] | Threat | ||
|
2020-06-09 07:54:56 | The CallStranger UPnP vulnerability affects billions of devices (lien direct) | Security experts discovered a new UPnP vulnerability, dubbed Call Stranger, that affects billions of devices and could be exploited for various malicious activities. Security experts disclosed a new UPnP vulnerability, named Call Stranger, that affects billions of devices and could be exploited for various malicious activities. that affects billions of devices, it could be exploited […] | Vulnerability | ||
|
2020-06-08 21:01:12 | Higaisa threat actors targets organizations using Zeplin platform (lien direct) | A Korean threat actor, tracked as Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The Korean threat actor Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The group is believed to be a […] | Threat | ||
|
2020-06-08 13:55:59 | A flaw in India Digilocker could\'ve been exploited to bypass authentication (lien direct) | Any Indian DigiLocker Account Could’ve Been Accessed Without Password The Indian Government fixed a flaw in the secure document wallet service Digilocker that could have potentially allowed anyone’s access without password. The Indian Government announced to have fixed a critical vulnerability in its secure document wallet service Digilocker that could have potentially allowed a remote attacker […] | |||
|
2020-06-08 11:20:44 | Google is indexing the phone numbers of WhatsApp users raising privacy concerns (lien direct) | A researcher is warning that Google is indexing the phone numbers of WhatsApp users raising serious privacy concerns. Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers […] | Threat | ||
|
2020-06-08 09:11:51 | IBM releases open-source toolkits implementing FHE to process data while encrypted (lien direct) | IBM has released open-source toolkits implementing fully homomorphic encryption (FHE) that allow researchers to process data while it's still encrypted. IBM has released open-source toolkits implementing fully homomorphic encryption (FHE), which allows researchers to process encrypted data without having access to the actual data. The toolkits released by IBM are already available for macOS and […] | |||
|
2020-06-08 07:31:50 | Stealthworker botnet targets Windows and Linux servers (lien direct) | Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […] | Malware | ||
|
2020-06-07 15:13:12 | British Army launches a new Cyber Regiment (lien direct) | British Army has created a new regiment that will be tasked to operate its in-house security operations centre … cybersecurity is a pillar of UK defence strategy! The British Ministry of Defence continues to invest in cybersecurity as part of its strategy, it has launched a new regiment that will take charge of its in-house […] | |||
|
2020-06-07 12:48:43 | Covid-19 Themed attacks Infographic (lien direct) | This infographic includes interesting data related to the Covid-19 themed attacks observed by security researchers and law enforcement in the past months. Pierluigi Paganini (SecurityAffairs – COVID-19, hacking) | |||
|
2020-06-07 11:40:05 | Security Affairs newsletter Round 267 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Anonymous demands justice for George Floyd and threatens attacks ENISA published Proactive detection – Measures and information sources report Over 100K+ WordPress sites using PageLayer plugin exposed to hack Expert […] | Hack | ★★★ | |
|
2020-06-07 11:15:51 | Indian video on demand giant ZEE5 has been hacked (lien direct) | The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. A hacker that goes online with the moniker “John Wick” and “Korean Hackers” claim to have hacked the Indian video on demand giant ZEE5 and now is threatening to sell the database on cybercrime […] | ★★★★★ | ||
|
2020-06-06 22:49:26 | Maze ransomware operators stole data from US military contractor Westech (lien direct) | Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. The LGM-30 Minuteman is a U.S. land-based intercontinental ballistic missile (ICBM), in service with the […] | Ransomware | ||
|
2020-06-06 14:32:55 | Critical flaw could have allowed attackers to control traffic lights (lien direct) | A critical vulnerability in traffic light controllers manufactured by SWARCO could have been exploited by attackers to disrupt traffic lights. A critical vulnerability in traffic light controllers designed by SWARCO could have been exploited by hackers to disrupt traffic lights. SWARCO is the world’s largest manufacturer of signal heads and the number two internationally for […] | Vulnerability | ||
|
2020-06-06 07:42:39 | eCh0raix ransomware is back and targets QNAP NAS devices again (lien direct) | eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […] | Ransomware Threat | ||
|
2020-06-05 19:38:39 | Maze Ransomware leaks files of ST Engineering group (lien direct) | ST Engineering is the last victim of the Maze Ransomware operators that published their data on their leak website. ST Engineering is one of the leading engineering groups worldwide, it specializes in the aerospace, electronics, land systems, and marine sectors. The group operates in more than 100 countries and reported revenue of $7.86b in FY2019. The Maze ransomware operators […] | Ransomware Guideline | ||
|
2020-06-05 18:24:49 | New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain (lien direct) | ZLab malware researchers analyzed the attack chain used to infect Italian speaking victims with the Netwire malware. Introduction Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire (MITRE S0198), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups […] | Malware Tool | ||
|
2020-06-05 13:26:31 | Student loan company that stole millions from consumers leaks sensitive phone calls, SSNs, tax records (lien direct) | Researchers at Cybernews.com recently discovered an unsecured Amazon Simple Storage Service (S3) containing a huge trove of data from a student loan company. Researchers at Cybernews.com recently discovered an unsecured Amazon Simple Storage Service (S3) bucket that contains more than 55,000 call recordings between loan support workers and American consumers with outstanding student loans. This open database also contains […] | |||
|
2020-06-05 12:42:50 | Multi-platform Tycoon Ransomware employed in targeted attacks (lien direct) | Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […] | Ransomware Threat | ||
|
2020-06-05 09:49:56 | Cyber Defense Magazine – July 2020 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine June 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 165 pages of excellent content. Cyber Defense Magazine June 2020 Edition has arrived. Tips, tricks, ideas, secrets and insider information on the best practices in cybersecurity. Please read it and share it with your friends. With much appreciation to […] | |||
|
2020-06-05 09:16:18 | Google reveals that foreign hackers are already targeting Trump and Biden campaigns (lien direct) | Google researchers revealed that campaign staffs for both President Donald Trump and Joe Biden have been targeted recently by foreign hackers. Foreign hackers are targeting campaign staffs for both President Donald Trump and Democratic rival Joe Biden ahead of the November US election. The news was revealed by Google in a series of tweets published […] | |||
|
2020-06-04 20:36:51 | Cycldek APT targets Air-Gapped systems using the USBCulprit Tool (lien direct) | A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […] | Tool Threat | ||
|
2020-06-04 13:32:33 | North Atlantic Council is warning of malicious cyber activities during COVID-19 pandemic (lien direct) | North Atlantic Council issued a statement warning of concerning malicious cyber activities against entities involved in the fight against COVID-19. A statement published by the North Atlantic Council condemns malicious cyber activities that are targeting critical entities involved in the response against the COVID-19 pandemic. Threat actors are targeting healthcare services, hospitals, and research institutes endangering […] | Threat | ||
|
2020-06-04 11:15:48 | Large-scale campaign targets configuration files from WordPress sites (lien direct) | Security experts have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Security researchers from WordFence have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Threat actors attempted to exploit well- known vulnerabilities in unpatched plugins to download configuration files from WordPress […] | Threat | ★★★★ | |
|
2020-06-04 09:42:03 | Hackers hijacked Coincheck \'s domain registrar account and targeted some users (lien direct) | Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Then the attackers used the hijacked domain to launch spear-phishing attacks against […] | Threat |
To see everything:
Our RSS (filtrered)
