What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-04-24 08:00:03 | Mozilla offers bigger rewards for Firefox flaws under its bug bounty program (lien direct) | Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. Mozilla announced some major changes to its bug bounty program that was first launched in 2004. The organization paid out $965,750 for roughly 350 vulnerabilities, the average payout for each issue was […] | |||
|
2020-04-23 21:48:10 | Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak (lien direct) | A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Juan Andres Guerrero-Saade, a former Kaspersky and Google researcher, uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in […] | |||
|
2020-04-23 18:29:49 | Vietnam-linked APT32 group launches COVID-19-themed attacks against China (lien direct) | The Vietnam-linked cyberespionage group tracked as APT32 carried out hacking campaigns against Chinese entities to collect intelligence on the COVID-19 crisis. Vietnam-linked APT group APT32, also known as OceanLotus and APT-C-00, carried out cyber espionage campaigns against Chinese entities to gather intelligence on the COVID-19 crisis. The APT32 group has been active since at least 2012, […] | APT 32 | ||
|
2020-04-23 14:34:13 | Microsoft issued Out-of-Band advisory to address Autodesk FBX flaws (lien direct) | Microsoft released an out-of-band advisory to address security vulnerabilities affecting Autodesk FBX vulnerabilities in Office, Office 365, and Paint 3D. Researchers from Autodesk discovered multiple vulnerabilities that affect the Autodesk FBX software development kit (SDK), the issues could lead to code execution and trigger denial of service conditions. Microsoft confirmed that the issues in the Autodesk […] | Guideline | ||
|
2020-04-23 10:34:06 | State-sponsored hackers are using COVID-19 lures, Google warns (lien direct) | Google warns that nation-backed hackers are exploiting the COVID-19 pandemic to organizations involved in the fight against the pandemic. Google is warning that nation-state actors are exploiting the COVID-19 (Coronavirus) pandemic to target health care organizations and entities involved in the fight against the pandemic. Google's Threat Analysis Group (TAG) shared its latest findings related […] | Threat | ||
|
2020-04-23 08:28:03 | Uptick in RPA Software Adoption Reveals Need for Anti-Hacking Training (lien direct) | With smart-working many companies turn to tools like robotic process automation (RPA software) to help make adjustments on the business processes … is it secure? In response to the Coronavirus pandemic, many companies have adjusted how they do business. As they shift to remote work and establish new policies, some companies find these changes to […] | |||
|
2020-04-22 22:52:20 | Hacking Apple iPhones and iPads by sending emails to the victims (lien direct) | Two zero-day flaws in the default mailing app pre-installed on iPhones and iPads allow attackers to hack the devices just by sending emails. Experts at cybersecurity firm ZecOps have discovered two zero-day vulnerabilities in iPhone and iPad devices that have been exploited in a series of attacks that targeted iOS high-profile users since at least January 2018. […] | Hack | ||
|
2020-04-22 16:32:59 | COVID-19 – Neo-Nazis spread a list of credentials for Gates Foundation, NIH, and WHO employees (lien direct) | Nearly 25,000 email credentials allegedly from NIH, WHO, Gates Foundation and other organizations involved in the containment of COVID-19 pandemic are dumped online While the principal organizations engaged in the fight against COVID-19 are the targets of conspiracy theories, a data dump containing email credentials from the Gates Foundation, World Health Organization (WHO), Center for […] | |||
|
2020-04-22 11:24:23 | DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom (lien direct) | The City of Torrance of the Los Angeles metropolitan area, California, is the last victim of the DoppelPaymer Ransomware, hackers also stole its data. On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. The City of Torrance is located in the […] | Ransomware | ||
|
2020-04-22 09:48:23 | A new Insomnia iOS exploit used to spy on China\'s Uyghur minority (lien direct) | Security researchers from Volexity discovered a new Insomnia iOS exploit that was being used to spy on China’s Uyghur minority. The Uyghur group is a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East Asia. “The Uyghurs are recognized by the Chinese government only as a regional […] | |||
|
2020-04-22 07:43:09 | China-linked Winnti APT targets South Korean Gaming firm (lien direct) | China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. […] | |||
|
2020-04-21 16:21:46 | OpenSSL Project fixed high-severity CVE-2020-1967 DoS issue in OpenSSL (lien direct) | The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. This is the first issue addressed in OpenSSL in […] | Vulnerability | ||
|
2020-04-21 14:16:44 | Expert discloses 4 zero-days in IBM Data Risk Manager (lien direct) | A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the […] | |||
|
2020-04-21 12:35:04 | Spearphishing attacks hit the oil and gas industry sector (lien direct) | Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. Crooks are targeting organizations in the oil and gas industry sector with targeted spearphishing campaigns impersonating shipment companies and engineering contractors. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware. Agent Tesla is […] | |||
|
2020-04-21 08:21:17 | How to Protect Against COVID-19 Email Scams (lien direct) | The increasing number of news articles circulating on the internet in the wake of COVID-19 has resulted in the rise of Phishing attacks which feed on people's fears. Phishing emails have been driven up to 600% since the end of February as cybercriminals capitalize on people's fears. COVID-19 phishing emails have been said to make […] | |||
|
2020-04-20 21:22:03 | 267 Million Facebook identities available for 500 euros on the dark web (lien direct) | Over 267 million Facebook profiles are offered for sale on dark web sites and hacker forums, the dump is offered for £500 ($623) and doesn’t include passwords. Hackers are offering for sale over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums, the archive doesn’t include passwords. Early March, the […] | |||
|
2020-04-20 16:36:29 | Threat Report Portugal Q1 2020 (lien direct) | Threat Report Portugal Q1 2020: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is a novel open sharing database with the ability to collect indicators from multiple sources, developed by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution from the community. This makes it a reliable and trustworthy and […] | Malware Threat | ||
|
2020-04-20 15:43:41 | Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console (lien direct) | Cybercriminals have abused LED light control console to launch malicious attacks, Microsoft's security experts warn. Microsoft researchers shared details of a new incident discovered in Taiwan, where crooks abused LED light control consoles to launch malicious attacks. Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used […] | Ransomware Malware Threat | ||
|
2020-04-20 14:03:21 | US Government concerned by cyber attacks on Czech hospitals during COVID19 crisis (lien direct) | US Secretary of State Mike Pompeo expressed concerns for cyber cyber attacks that have targeted Czech hospitals involved in the fight against the Coronavirus. US Secretary of State Mike Pompeo expressed concerns for cyber cyber attacks that recently hit Czech hospitals involved in the fight against the Coronavirus. “As the world battles the COVID-19 pandemic, […] | |||
|
2020-04-20 12:03:01 | Proposed government Coronavirus contact tracing app leaked data (lien direct) | A contact tracking app for the Coronavirus proposed to the government of the Netherlands is affected by security issues that could expose user data. Technologies play a crucial role in the containment of the Coronavirus outbreak, especially contact tracing applications that could pose a threat to user privacy. The app, called Covid19 Alert, was one […] | Threat | ||
|
2020-04-20 07:03:48 | Uniswap and Lendf.me hacked, attacker stole $25 million worth of cryptocurrency (lien direct) | Hackers have stolen more than $25 million worth of cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. Bad news from cryptocurrency industry, hackers have stolen more than $25 million in cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. According to the experts, the two attacks could be linked, the same hacker […] | |||
|
2020-04-19 22:24:58 | (Déjà vu) Tor Project cut a third of its staff due to the Coronavirus (lien direct) | The Tor Project cut a third of its staff due to the economic impact of the ongoing Coronavirus outbreak, 13 staffers out of 35 left the team. The ongoing Coronavirus outbreak has a significant impact on the Tor Project that was forced to cut a third of its staff due to the economic impact of […] | |||
|
2020-04-19 14:36:04 | Popular Webkinz World online children\'s game hacked, 23M credentials leaked (lien direct) | ZDNet reported that a hacker has leaked 23 million credentials from the Webkinz World online children’s game. Webkinz are stuffed animals that have a playable online counterpart, www.webkinz.com, in “Webkinz World.” Webkinz were originally released by the Canadian toy company Ganz on April 29, 2005. Each Webkinz toy has an attached tag with a unique “Secret Code” printed on it […] | |||
|
2020-04-19 13:18:25 | Cyberattack reports quadrupled during Coronavirus outbreak, FBI warns (lien direct) | The FBI announced that the number of cybercrime reports is spiked since the beginning of the Coronavirus (COVID-19) pandemic. Speaking at the Aspen Institute, FBI Deputy Assistant Director Tonya Ugoretz, announced that the bureau has observed a spike in cybercrime reports since the beginning of the Coronavirus pandemic. The FBI official explained that the number […] | |||
|
2020-04-19 11:39:19 | (Déjà vu) Coronavirus-themed attacks April 12 – April 18, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. April 14 – Crooks target Healthcare facilities involved […] | Threat | ||
|
2020-04-19 10:31:19 | Security Affairs newsletter Round 260 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs A new e-skimmer found on WordPress site using the WooCommerce plugin Coronavirus-themed attacks April 05 – April 11, 2020 Thousands Zoom credentials available on a Dark Web forum 500,000+ Zoom accounts available for sale on the Dark Web […] | ★★★ | ||
|
2020-04-19 08:56:34 | Are Maze operators behind the attack on the IT services giant Cognizant? (lien direct) | IT services giant Cognizant suffered a ransomware attack on Friday, according to BleepingComputer company was hit by the Maze Ransomware crew. Information technologies services giant Cognizant is the last victim of a ransomware attack, according to BleepingComputer the attack was launched by the Maze Ransomware gang. Cognizant is an American multinational corporation that provides IT services, it is […] | Ransomware | ||
|
2020-04-18 16:30:52 | Hacker claims to have stolen 39 million Aptoide app store users (lien direct) | Hacker claims to have breached the Aptoide app store users early this month and now leaked 20 million records out of 39 million Aptoide user records. A hacker has leaked this week details of 20 million users of the Aptoide app store, the claims to have breached the store early this months and to be […] | |||
|
2020-04-18 15:13:33 | Coronavirus-themed campaign targets energy sector with PoetRAT (lien direct) | Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. Cisco Talos researchers have uncovered a new Coronavirus-themed campaign employing a previously-undiscovered RAT tracked as PoetRAT. The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, […] | ★★★★ | ||
|
2020-04-18 08:36:58 | Trickbot is the most prolific malware operation using COVID-19 themed lures (lien direct) | TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. The analysis of Microsoft Office 365 ATP data revealed that TrickBot is, at the moment, the malware operation with the highest number of unique COVID-19-themed malicious emails and attachments. Microsoft experts revealed that this campaign […] | Malware Threat | ||
|
2020-04-17 21:41:29 | (Déjà vu) Experts shed the light on the mysterious critical VMware vCenter Server issue (lien direct) | Security firm Guardicore released technical information on a critical VMware vCenter Server vulnerability recently disclosed by VMware. Earlier this month, VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 vulnerability […] | Vulnerability | ||
|
2020-04-17 17:26:14 | Cisco addresses critical issues in IP Phones and UCS Director (lien direct) | Cisco released security patches to address numerous flaws in its products, including critical severity issues that affect IP Phones and UCS Director. The critical vulnerability fixed by Cisco affects IP Phones and resides on the webserver, the flaw could be exploited by a remote, unauthenticated attacker to execute code with root privileges. The flaw, tracked as CVE-2020-3161, […] | Vulnerability | ||
|
2020-04-17 15:05:04 | A Brand New Ursnif/ISFB Campaign Targets Italian Organizations (lien direct) | Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe. Recently, we have identified a new variant that is targeting Italian organizations. The malspam messages use […] | |||
|
2020-04-17 11:01:37 | Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week (lien direct) | Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also […] | Malware | ||
|
2020-04-17 08:28:04 | Mastering Communication in Cyber Intelligence Activities: A Concise User Guide (lien direct) | by Boris Giannetto and Pierluigi Paganini Communication is key in intelligence activities. On the one hand, it is essential to transfer to a number of recipients the knowledge coming from information acquisition and analysis (“intelligence communication”); on the other hand, it is crucial to understand and control the communication connected with the activities carried out (“communication […] | |||
|
2020-04-17 07:36:10 | Syria-linked APT group SEA targets Android users with COVID19 lures (lien direct) | Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. The campaign aimed at users in Syria and surrounding regions was spotted by experts from mobile security firm […] | |||
|
2020-04-16 20:42:45 | Shipping giant MSC discloses a malware-based attack (lien direct) | The shipping giant Mediterranean Shipping Company (MSC) was victim of a malware-based attack that caused an outage recently. The shipping giant Mediterranean Shipping Company (MSC) discloses a malware-based attack that took place on April 10. The incident affected the company’s data center and took down its website, msc.com, and its myMSC customer and vendor portal. “The […] | |||
|
2020-04-16 15:40:26 | Hunting the coronavirus in the dark web – A month later (lien direct) | At the end of February, I analyzed major black marketplaces searching for anything related to the Coronavirus outbreak, a month later things are completely changed. At the end of February, I published the analysis of major black marketplaces searching for anything related to the Coronavirus outbreak. While the COVID19 pandemic was spreading a global scale, specific goods became victims […] | |||
|
2020-04-16 12:55:40 | Linksys force password reset to prevent Router hijacking (lien direct) | Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks, in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites […] | |||
|
2020-04-16 10:22:17 | U.S. offers up to $5 Million rewards for info on North Korea-linked operations (lien direct) | The United States agencies released a joint advisory warning of ‘significant cyber threat’ posed by North Korea-linked hackers to the global financial sector. The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released a joint advisory that is warning organizations worldwide about the ‘significant cyber threat’ posed by the North Korean nation-state […] | |||
|
2020-04-16 08:07:35 | Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker (lien direct) | Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker. The threat is not new, hackers are again attacking clients of Portuguese banking organizations via a specially crafted Android Trojan-Banker from phishing campaigns launched from Brazil. The last occurrence this line was recorded on March 13rd, 2020, where a similar Trojan-Banker was disseminated targeting other […] | Threat | ||
|
2020-04-15 22:43:09 | A zero-day exploit for Zoom Windows RCE offered for $500,000 (lien direct) | Hackers are selling two zero-day exploits for critical issues affecting the video conferencing software Zoom that would allow attackers to spy on communications. Hackers are offering for sale an exploit for a zero-day remote code execution vulnerability affecting the Windows client for Zoom. The zero-day exploit goes for $500,000, hackers are also offering another exploit code […] | Vulnerability | ||
|
2020-04-15 17:30:46 | Coronavirus-themed attack: Experts uncovered flight refund scam (lien direct) | Experts at email security firm Mimecast has uncovered a flight refund scam that attempts to exploit the ongoing coronavirus outbreak. Researchers at email security firm Mimecast have uncovered a new flight refund scam that attempts to exploit the ongoing Coronavirus outbreak. The campaign is simple as effective, scammers attempt to target individuals that are waiting […] | |||
|
2020-04-15 14:09:24 | Google removed 49 Chrome Extensions that were hijacking cryptocurrency wallets (lien direct) | Google has removed 49 new Chrome browser extensions from its official Web Store that hide the code to hijack cryptocurrency wallets. Google has removed 49 new Chrome browser extensions from its official Web Store that contain the code to steal sensitive information and hijack cryptocurrency wallets. The Chrome browser extensions were discovered by researchers from […] | |||
|
2020-04-15 09:20:32 | How much is the phish? Underground market of phishing kits is booming – Group-IB (lien direct) | The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. Group-IB, a Singapore-based cybersecurity company, has found out that phishing kits are the new bestsellers of the underground market, with the number of phishing kit ads on underground forums and their […] | |||
|
2020-04-15 09:04:01 | (Déjà vu) Russia-linked Energetic Bear APT behind San Francisco airport attacks (lien direct) | Security researchers from ESET revealed that the infamous Russian hacker group known as Energetic Bear is behind the hack of two San Francisco International Airport (SFO) websites. Researchers from ESET believe that the attacks against two San Francisco International Airport (SFO) websites were carried out by the Russian cyber-espionage group known as Energetic Bear (aka […] | Hack | ||
|
2020-04-14 23:02:39 | Microsoft addresses three Windows issues actively exploited (lien direct) | Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. 17 vulnerabilities are rated critical, the remaining ones are […] | |||
|
2020-04-14 19:34:04 | Adobe addresses five issues in ColdFusion, After Effects, Digital Editions (lien direct) | Adobe has addressed five minor vulnerabilities in its ColdFusion, After Effects and Digital Editions products. Adobe has addressed five vulnerabilities in its ColdFusion, After Effects and Digital Editions products. “Adobe has published security bulletins for Adobe ColdFusion (APSB20-18), Adobe After Effects (APSB20-21) and Digital Editions (APSB20-23). Adobe recommends users update their product installations to the latest versions […] | |||
|
2020-04-14 15:25:41 | Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware (lien direct) | PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Experts from Paloalto Unit 42 published a report that analyzes the cross-section between the various types of Coronavirus-themed attacks aimed at organizations in different industries. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that […] | Ransomware | ||
|
2020-04-14 12:02:21 | (Déjà vu) 4 Million Quidd account details shared on hacking forums (lien direct) | Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019. Quidd, the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. The details of around […] | Data Breach |
To see everything:
Our RSS (filtrered)
