What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-11 10:08:32 | Al Jazeera detected and blocked disruptive cyberattacks (lien direct) | Qatari government-funded international Arabic news channel Al Jazeera announced to have blocked a series of disruptive cyberattacks aimed at its news publishing platform. Qatari government-funded international Arabic news channel Al Jazeera announced to have blocked this week a series of cyberattacks that attempted to disrupt and take over some components of its news publishing platform. […] | |||
|
2021-06-11 09:00:00 | DoJ announced to have shut down Slilpp marketplace in international operation (lien direct) | The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. The US Department of Justice announced to have seized the infrastructure of SlilPP, a popular marketplace used by cybercriminals to buy and sell stolen login credentials. The seizure is the result of a multinational operation involving law enforcement agencies in the […] | |||
|
2021-06-10 21:18:11 | Global Scamdemic: Scams Become Number One Online Crime (lien direct) | Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Group-IB, a global threat hunting and adversarial cyber intelligence company specializing in the investigation and prevention of high-tech cybercrime, has published a comprehensive analysis of fraud cases on a global scale. Group-IB, a global threat hunting and adversarial […] | Threat | ||
|
2021-06-10 20:23:55 | (Déjà vu) Hackers stole data from the network of the gaming giant Electronic Arts (lien direct) | Hackers breached the network of the gaming giant Electronic Arts (EA) and have stolen roughly 780 GB of data, including game source code and tools. Hackers have compromised the network of the gaming giant Electronic Arts (EA) and claim to have stolen approximately 780 GB of data. The stolen data include the source code of the games, […] | |||
|
2021-06-10 16:21:29 | (Déjà vu) JBS paid $11 million to REvil ransomware out of $22.5M requested (lien direct) | The beef producer JBS has admitted to have paid an $11 million ransom to the REvil ransomware gang after the group initially demanded $22.5 million. The meat processing giant JBS confirmed it paid the REvil ransomware gang $11 million in bitcoins to decrypt its files following the attack that took place at the end of […] | Ransomware | ||
|
2021-06-10 14:15:36 | Google Patches Chrome zero-day actively exploited (lien direct) | Google this week addressed 14 vulnerabilities in the Chrome browser, including a zero-day flaw that has been exploited in the wild. Google released security updates to address 14 vulnerabilities in the Chrome browser, including a zero-day issue that has been exploited in the wild. The most severe of these flaws, tracked as CVE-2021-30544, is a […] | |||
|
2021-06-10 12:18:57 | Russia-linked APT breached the network of Dutch police in 2017 (lien direct) | Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17. Russia-linked threat actors breached the internal network of Dutch police in 2017 during the investigation into the MH-17 crash. The intrusion was uncovered by AIVD, the Dutch intelligence service, but was not disclosed by […] | Threat | ||
|
2021-06-09 22:26:35 | Crypto-mining campaign targets Kubeflow installs on a large scale (lien direct) | Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for cryptocurrency. The campaign was first spotted at the end of May, experts noticed the deployment of TensorFlow pods […] | |||
|
2021-06-09 20:39:30 | (Déjà vu) Hackers hit Spain\'s Ministry of Labor and Social Economy (lien direct) | The Spanish Ministry of Labor and Social Economy (MITES) was hit by a cyberattack and is working to restore impacted services. Spain’s Ministry of Labor and Social Economy (MITES) was hit by a cyberattack on Wednesday and is working to restore impacted services. MITES is a ministerial department with an annual budget of almost €39 million, charged […] | |||
|
2021-06-09 13:19:39 | Google fixes a critical Android RCE flaw in the System component (lien direct) | Google's June security bulletin addresses more than 90 vulnerabilities in Android and Pixel devices, including a Critical RCE (CVE-2021-0507). Google's June security bulletin addresses more than 90 vulnerabilities in Android and Pixel devices, including a Critical RCE tracked as CVE-2021-0507 that could allow to take over a device. “The most severe vulnerability in this section […] | Vulnerability | ||
|
2021-06-09 07:48:52 | Microsoft June 2021 Patch Tuesday addresses 6 zero-days actively exploited (lien direct) | Microsoft’s June 2021 Patch Tuesday addressed 50 vulnerabilities, including six zero-day issues that are being actively exploited in the wild. Microsoft’s June 2021 Patch Tuesday addresses 50 vulnerabilities in Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge (Chromium-based and EdgeHTML), SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML Platform, […] | Uber | ||
|
2021-06-08 20:45:52 | 4 issues in Microsoft Office component allow weaponizing docs (lien direct) | Experts found four security flaws in the Microsoft Office suite that cloud allow attackers to weaponize Word and Excel docs. Experts from Check Point discovered four security vulnerabilities in the Microsoft Office suite that an attacker could exploit to craft weaponized Word and Excel documents. Below the list of flaws discovered by the experts: CVE-2021-31179 – […] | |||
|
2021-06-08 14:15:15 | Spotify, PayPal, GitHub, and other major websites down due to Fastly CDN outage (lien direct) | A large number of popular websites including Reddit, Spotify, PayPal, GitHub, gov.uk, CNN, and the BBC are currently facing problems due to a glitch at Fastly CDN provider. A large number of popular websites, including BCC, CNN, GitHub, gov.uk, HBO Max, PayPal, Reddit, Shopify, Spotify, The Guardian, Twitch, Vimeo, The Guardian, and The New York Times […] | |||
|
2021-06-08 11:41:52 | Trojan Shield, the biggest ever police operation against encrypted communications (lien direct) | Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications. The US Federal Bureau of Investigation (FBI), the Dutch National Police (Politie), and the Swedish Police Authority (Polisen), along with the US Drug Enforcement Administration (DEA) and police from 16 other […] | |||
|
2021-06-08 07:21:57 | US authorities recovered most of the ransom paid by Colonial Pipeline (lien direct) | US officials announced to have recovered most of the $4.3 million ransom that Colonial Pipeline paid to the DarkSide ransomware gang last month. During a video press conference, US officials announced to have recovered most of the $4.3 million ransomware that Colonial Pipeline paid to the DarkSide ransomware gang. The Colonial Pipeline facility in Pelham, […] | Ransomware | ||
|
2021-06-07 21:40:04 | RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries (lien direct) | RockYou2021, the largest password compilation of all time has been leaked on a popular hacker forum, it contains 8.4 billion entries of passwords. Original post at: https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/ What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100GB TXT file […] | |||
|
2021-06-07 19:16:04 | (Déjà vu) Siloscape, first known malware that drops a backdoor into Kubernetes clusters (lien direct) | Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and spread in the Kubernetes cluster. Researchers from Palo Alto Networks have spotted a piece of malware that targets Windows Server containers to execute code on the underlying node and then drop a backdoor into Kubernetes […] | Malware | Uber | |
|
2021-06-07 13:10:27 | Russia behind a massive spear-phishing campaign that hit Ukraine (lien direct) | Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. Three Ukrainian cybersecurity agencies (Ukrainian Secret Service, Ukrainian Cyber Police, and CERT Ukraine), including the Ukrainian Secret Service, warned last week of a “massive” spear-phishing campaign conducted by Russia-linked hackers against its government and organizations in the private […] | Threat | ||
|
2021-06-07 11:34:48 | Experts found an RCE vulnerability in QNAP Q\'center (lien direct) | Researchers at cybersecurity firm Shielder discovered a remote code execution on QNAP Q'center through a manipulated QPKG installation package. Researchers at cybersecurity firm Shielder discovered a remote code execution flaw on QNAP Q'center through a manipulated QPKG installation package. The vulnerability was discovered by the cyber security expert`zi0Black` from Shielder Q'center now provides Q'center Virtual […] | Vulnerability | ||
|
2021-06-07 07:11:30 | Russian cybercrime forums launch contests for cryptocurrency hacks (lien direct) | Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). “Over the past month, operators of one of the top Russian-language cybercrime forums have been running a “contest,” calling for the community […] | |||
|
2021-06-06 12:40:56 | Chinese SharpPanda APT developed a new backdoor in the last 3 years (lien direct) | Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments. Researchers from Check Point Research (CPR) discovered a new backdoor while investigating a cyber espionage campaign conducted by Chinese APT group SharpPanda and aimed at Southeast Asian government’s Ministry of Foreign […] | |||
|
2021-06-06 10:54:39 | Security Affairs newsletter Round 317 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Facefish Backdoor delivers rootkits to Linux x64 systems Interpol has intercepted $83 million from financial cyber crimes These […] | |||
|
2021-06-06 08:39:54 | REvil Ransomware spokesman releases an interview on recent attacks (lien direct) | The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based firms. The recent attack against JBS Foods conducted by REvil ransomware gang (aka Sodinokibi) triggered the response of US authorities, US DoJ announced its decision to equate investigations into ransomware attacks with investigations into terrorism in […] | Ransomware | ||
|
2021-06-05 21:11:46 | US arrested Latvian woman who developed part of Trickbot malware (lien direct) | The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development of the Trickbot malware. The US Department of Justice (DOJ) announced the arrest of Alla Witte (aka Max), a Latvian woman that was charged for her alleged role in the development of the Trickbot malware. […] | Malware | ||
|
2021-06-05 13:37:29 | BlackCocaine Ransomware, a new malware in the threat landscape (lien direct) | Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of […] | Malware Threat | ||
|
2021-06-05 12:17:41 | DoJ: Investigations into ransomware attacks must have similar priority as terrorism (lien direct) | The U.S. Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake of the Colonial Pipeline hack. The U.S. Department of Justice plans to equate investigations into ransomware attacks with investigations into terrorism in the wake of the Colonial Pipeline hack. Colonial Pipeline before, and recently the […] | Ransomware | ||
|
2021-06-05 08:52:04 | (Déjà vu) US CISA published a guide to better use the MITRE ATT&CK framework (lien direct) | The U.S. CISA announced the availability of a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. In 2018, MITRE announced the […] | Threat | ||
|
2021-06-04 21:44:06 | Hackers scan for VMware vCenter servers vulnerable to CVE-2021-21985 RCE (lien direct) | Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware. Threat actors are actively scanning the Internet for VMware vCenter servers affected by a critical remote code execution (RCE) vulnerability tracked as CVE-2021-21985. The CVE-2021-21985 flaw is caused by the lack of input validation in […] | Vulnerability Threat | ||
|
2021-06-04 18:17:12 | Necro Python bot now enhanced with new VMWare, server exploits (lien direct) | Operators behind the Necro Python botnet have added new features to their bot, including VMWare and server exploits. Experts from Cisco Talos have recently observed a new Necro Python bot campaign and noticed that its developers have improved its capabilities. The Necro Python bot, aka FreakOut, has been in development since 2015 and early this […] | |||
|
2021-06-04 11:44:19 | China-linked attackers breached Metropolitan Transportation Authority (MTA) using Pulse Secure zero-day (lien direct) | China-linked APT breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. China-linked threat actors breached the network of the New York City’s Metropolitan Transportation Authority (MTA) network exploiting a Pulse Secure zero-day. The intrusion took place in April, but attackers did not cause any damage because they were […] | Threat | ||
|
2021-06-04 09:57:11 | The dark web index 2021, report (lien direct) | PrivacyAffairs released the Dark Web Index 2021, the document provides the prices for illegal services/products available in the black marketplaces. Over the last couple of years, we’ve all had our attention fixed on one of two things: the global pandemic and the previous year’s presidential elections. Both issues are essential, and the pandemic has changed […] | |||
|
2021-06-04 07:21:45 | Trend Micro details CVE-2021-30724 privilege escalation flaw in macOS, iOS (lien direct) | Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724, that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the […] | |||
|
2021-06-03 18:16:54 | Cisco fixes High-severity issues in Webex, SD-WAN, ASR 5000 software (lien direct) | Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. Cisco has addressed multiple vulnerabilities in its products, including high-risk flaws in Webex Player, SD-WAN software, and ASR 5000 series software. The IT giant fixed three high-severity vulnerabilities (CVE-2021-1503, CVE-2021-1526, CVE-2021-1502) affecting Webex Player for Windows and […] | |||
|
2021-06-03 14:42:15 | Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications (lien direct) | Researchers found multiple flaws in the Realtek RTL8170C Wi-Fi module that could be exploited to elevate privileges and hijack wireless communications. Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. The Realtek RTL8710C module is based on a […] | |||
|
2021-06-03 12:52:24 | (Déjà vu) FBI confirmed that JBS was hit by the REvil ransomware gang (lien direct) | The US FBI announced that REvil ransomware gang (also known as Sodinokibi) is behind the attack that hit JBS Foods. On May 30, the American food processing giant JBS Foods, the world's largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants of […] | Ransomware | ||
|
2021-06-03 05:41:55 | AMT Games data breach: Millions of Users\' Messages, Account IDs, and IP Addresses Exposed (lien direct) | WizCase's security team discovered an unsecured ElasticSearch server owned by AMT Games which exposed 1.47 TB of data. This leak exposed users' email addresses, IP addresses, Facebook data, and more to potential attack. The leaked data numbers in the millions and was accessible to anyone who possessed the link. There was no need for a password or […] | |||
|
2021-06-03 05:35:28 | Cyber Defense Magazine – June 2021 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine June 2021 Edition has arrived. We hope you enjoy this month's edition…packed with over 129 pages of excellent content. Cyber Defense Magazine June 2021 129 PAGES GRAB THIS VERSION TO HELP FUND OUR OPERATIONS:CLICK HERE FOR PDF DOWLOAD Here’s our online flipbook & MOBILE version:CLICK HERE FOR FLIPBOOK Here’s our online Yumpu […] | |||
|
2021-06-02 18:20:37 | Critical 0day in the Fancy Product Designer WordPress plugin actively exploited (lien direct) | A critical zero-day vulnerability in the Fancy Product Designer WordPress plugin exposes more than 17,000 websites to attacks. Researchers from the Wordfence team at WordPress security company Defiant warn that a critical zero-day vulnerability, tracked as CVE-2021-24370, in the Fancy Product Designer WordPress plugin is actively exploited in the wild. Fancy Product Designer is a […] | Vulnerability | ||
|
2021-06-02 16:12:29 | $280 million stolen per month from crypto transactions (lien direct) | CyberNews researchers found that front-runners are abusing decentralized cryptocurrency exchanges by draining hundreds of millions in crypto from trader transactions on the Ethereum network. Unsuspecting traders can lose as much as $280 million to front-runners each month. Original post on CyberNews: https://cybernews.com/crypto/flash-boys-2-0-front-runners-draining-280-million-per-month-from-crypto-transactions/ As the price of bitcoin and Ether reached unprecedented highs in the past […] | |||
|
2021-06-02 15:32:55 | Database, source code allegedly related to bulletproof hosting, once Parler\'s service provider, up for sale on hacker forum (lien direct) | Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. Group-IB, a global threat hunting and adversary-centric cyber intelligence company specializing in investigating and preventing hi-tech cybercrimes, has discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum on […] | Threat | ||
|
2021-06-02 09:08:39 | Exploit broker Zerodium is looking for Pidgin 0day exploits (lien direct) | Zero-day exploit broker Zerodium is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. Zero-day exploit broker Zerodium announced it is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. The company will pay up to $100,000 for zero-days in Pidgin, which is a free and open-source multi-platform instant […] | Tool | ||
|
2021-06-02 07:46:43 | US seizes 2 domains used by APT29 in a recent phishing campaign (lien direct) | The US DoJ seized two domains used by APT29 group in recent attacks impersonating the U.S. USAID to spread malware. The US Department of Justice (DoJ) and the Federal Bureau of Investigation have seized two domains used by the Russia-linked APT29 group in spear-phishing attacks that targeted government agencies, think tanks, consultants, and NGOs. Russia-linked […] | APT 29 | ||
|
2021-06-01 22:03:01 | (Déjà vu) JBS attack has likely a Russian origin (lien direct) | White House spokeswoman speculates threat actors behind the JBS ransomware attack have a Russian origin. The American food processing giant JBS Foods, the world's largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants of the company worldwide, including facilities located […] | Ransomware Threat | ||
|
2021-06-01 19:26:50 | New Epsilon Red Ransomware appears in the threat landscape (lien direct) | Researchers spotted a new piece of ransomware named Epsilon Red that was employed at least in an attack against a US company. Researchers from Sophos spotted a new piece of ransomware, named Epsilon Red, that infected at least one organization in the hospitality sector in the United States. The name Epsilon Red comes from an […] | Ransomware Threat | ||
|
2021-06-01 15:18:32 | (Déjà vu) American food processing giant JBS Foods halts production after cyberattack (lien direct) | The American food processing company and meat producer JBS Foods was forced to shut down production at multiple sites worldwide following a cyberattack. The American food processing giant JBS Foods, the world’s largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants […] | |||
|
2021-06-01 13:09:49 | Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram (lien direct) | The popular Russian hacker Pavel Sitnikov was arrested by Russian authorities on charges of distributing malware via his Telegram channel. Pavel Sitnikov (@Flatl1ne), a prominent figure of the hacking underground, was arrested earlier this month by Russian authorities on charges of distributing malware via his Freedom F0x Telegram channel. The Russian hacker is a member […] | Malware | ||
|
2021-06-01 07:07:18 | Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale. (lien direct) | “Prometheus” and “Grief” – a multi-billion dollar ransomware market obtained two new emerging players. In today’s world, information and data means money and the people that are stealing the information have now reached new levels of sophistication. The number of cases reported has exploded in the last few years and continue to grow rapidly. Prometheus […] | Ransomware | ||
|
2021-05-31 21:04:00 | Swedish Health Agency discloses hacking attempts (lien direct) | The Swedish Public Health Agency has shut down the country’s infectious diseases database, SmiNet, last week after multiple hacking attempts. The Swedish Public Health Agency was forced to shut down its infectious diseases database, named SmiNet, in response to a series of hacking attempts. The Swedish Agency cannot report complete data from Wednesday at 4 […] | |||
|
2021-05-31 18:27:50 | Denmark intel helped US NSA to spy on European politicians (lien direct) | Denmark's foreign secret service allowed the US NSA to spy on European politicians through a Danish telecommunications hub. Journalists from Danish broadcaster DR recently received a document titled the Dunhammer Report, which included the findings of an investigation conducted by the Danish authorities on the spying operation. DR shared the report with other news agencies across Europe, […] | |||
|
2021-05-31 09:18:22 | Experts devised a new attack to bypass Microsoft PatchGuard (lien direct) | A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as […] |
To see everything:
Our RSS (filtrered)
