What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-26 17:09:46 | KashmirBlack, a new botnet in the threat landscape that rapidly grows (lien direct) | Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. Security experts from Imperva have spotted a new sophisticated botnet, tracked as KashmirBlack is believed to have already infected hundreds of thousands of websites by exploiting vulnerabilities in their content management system (CMS) platforms. […] | Threat | ||
|
2020-10-26 11:54:10 | Finnish psychotherapy center Vastaamo suffered a shocking security breach (lien direct) | Private Finnish psychotherapy center Vastaamo suffered a security breach, hackers are now demanding ransom to avoid the leak of sensitive data they have stolen. Finland's interior minister summoned an emergency meeting Sunday after the private Finnish psychotherapy center Vastaamo suffered a security breach that caused the exposure of patient records. To worse the situation the […] | |||
|
2020-10-26 09:21:45 | Ransomware attack disabled Georgia County Election database (lien direct) | A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. It is a common process to validate absentee ballots sent by […] | Ransomware | ||
|
2020-10-26 08:18:20 | COVID-19 vaccine manufacturer suffers a data breach (lien direct) | Dr. Reddy's, the Indian contractor for Russia's “Sputinik V” COVID-19 vaccine was hit with a cyber-attack that forced the company to close its plants. Indian COVID-19 vaccine manufacturer Dr. Reddy's Laboratories was hit with a cyber attack that forced it to shut down its plants in Brazil, India, Russia, the U.K., and the U.S.. According […] | Data Breach | ||
|
2020-10-25 15:38:52 | Is the Abaddon RAT the first malware using Discord as C&C? (lien direct) | Abaddon is the first RAT that uses the freeware instant messaging and VoIP app and digital distribution platform Discord as a command & control server. Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The […] | Malware | ||
|
2020-10-25 14:30:34 | HPE addresses critical auth bypass issue in SSMC console (lien direct) | HPE fixed a remote authentication bypass vulnerability in HPE StoreServ Management Console (SSMC) data center storage management solution. Hewlett Packard Enterprise (HPE) has addressed a maximum severity (rated 10/10) remote authentication bypass vulnerability, tracked as CVE-2020-7197, affecting the HPE StoreServ Management Console (SSMC) data center storage management solution. HPE SSMC is a management and reporting console for HPE Primera (data storage for […] | Vulnerability | ||
|
2020-10-25 09:44:25 | New Emotet attacks use a new template urging recipients to upgrade Microsoft Word (lien direct) | Emotet operators have started using a new template this week that pretends to be a Microsoft Office message urging a Microsoft Word update. Researchers this week observed Emotet attacks employing a new template that pretends to be a Microsoft Office message urging the recipient to update their Microsoft Word to add a new feature. Emotet […] | |||
|
2020-10-24 17:56:22 | Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users (lien direct) | Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. The bait message uses fake notifications […] | |||
|
2020-10-24 13:31:03 | Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware (lien direct) | The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts is a collection of mountain and lakeside resorts, ski areas, and attractions spanning from British Columbia to Maine. The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division […] | Ransomware | ★★★ | |
|
2020-10-24 11:30:22 | (Déjà vu) US Treasury imposes sanctions on a Russian research institute behind Triton malware (lien direct) | US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. “Today, the Department of the Treasury's Office of Foreign Assets Control (OFAC) designated, pursuant to […] | Malware | ||
|
2020-10-23 18:20:39 | Sopra Steria hit by the Ryuk ransomware gang (lien direct) | French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected French IT outsourcer Sopra Steria has been hit by a ransomware attack, while the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware. “A cyber attack was detected on the Sopra Steria […] | Ransomware Malware | ||
|
2020-10-23 16:05:04 | Iran-Linked Seedworm APT target orgs in the Middle East (lien direct) | The Iran-linked cyber espionage group tracked as Seedworm started using a new downloader and is conducting destructive attacks. The Iran-linked cyber-espionage group Seedworm (aka MuddyWater MERCURY, and Static Kitten) was observed using a new downloader in a new wave of attacks. Security experts pointed out that the threat actor started conducting destructive attacks. Also referred to […] | Threat | ||
|
2020-10-23 11:10:59 | FBI and CISA joint alert blames Russia\'s Energetic Bear APT for US government networks hack (lien direct) | The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. The Energetic Bear […] | Hack | ||
|
2020-10-23 05:51:40 | US whistleblower Edward Snowden received permanent residency by Russian authorities (lien direct) | The popular US whistleblower Edward Snowden has been granted permanent residency in Russia, the announcement was made by his lawyer. The former CIA employee and National Security Agency contractor Edward Snowden (37) has been granted permanent residency in Russia, his lawyer announced on Thursday. In 2013, Edward Snowden shed the light on the mass surveillance […] | |||
|
2020-10-22 19:21:47 | EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack (lien direct) | The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The Council of the European Union announced sanctions imposed on Russian military intelligence officers, belonging to the 85th Main Centre for Special Services (GTsSS), for their role in the 2015 attack on the German Federal Parliament (Deutscher […] | Hack | ||
|
2020-10-22 16:34:13 | Cisco addresses 17 high-severity flaws in security appliances (lien direct) | Security Advisory Bundled Publication for October 2020 – Cisco announced the release of patches for 17 high-severity flaws in its security appliances. Cisco announced the release of security patches for 17 high-severity vulnerabilities in its security appliances as part of its Security Advisory Bundled Publication for October 2020. The vulnerability impacts Adaptive Security Appliance (ASA), […] | Vulnerability | ||
|
2020-10-22 13:10:21 | Taiwanese vendor QNAP issues advisory on Zerologon flaw (lien direct) | Taiwanese vendor QNAP published an advisory to warn customers that certain versions of its NAS OS (QTS) are affected by the Zerologon vulnerability. The Taiwanese vendor QNAP has published an advisory to warn customers that certain versions of the operating system for its network-attached storage (NAS) devices, also known as of QTS, are affected by […] | |||
|
2020-10-22 08:19:11 | ENISA Threat Landscape Report 2020 (lien direct) | According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. I'm proud to present the ENISA Threat Landscape Report 2020, the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020. The 8th annual ENISA Threat Landscape […] | Threat | ||
|
2020-10-22 07:26:22 | VMware fixes several flaws in its ESXi, Workstation, Fusion and NSX-T (lien direct) | VMware patched several flaws in its ESXi, Workstation, Fusion and NSX-T products, including a critical code execution vulnerability. VMware has fixed several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including a critical flaw that allows arbitrary code execution. The critical vulnerability, tracked as CVE-2020-3992, is a use-after-free issue that affects the OpenSLP service […] | |||
|
2020-10-21 18:33:15 | Adobe releases a new set of out-of-band patches for its products (lien direct) | Adobe has released a second out-of-band security update to address critical vulnerabilities affecting several products. Adobe has released a second out-of-band security update to fix critical vulnerabilities that impact numerous products of the IT giant. The flaws impact Adobe Illustrator, Dreamweaver, Marketo, Animate, After Effects, Photoshop, Premiere Pro, Media Encoder, InDesign, and the Creative Cloud […] | |||
|
2020-10-21 14:57:23 | Sweden bans Huawei and ZTE from building its 5G infrastructure (lien direct) | Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The Swedish Post and Telecom Authority announced this week that four wireless carriers bidding for frequencies […] | |||
|
2020-10-21 12:55:22 | Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day (lien direct) | Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […] | Vulnerability | ||
|
2020-10-21 06:42:20 | Hackers are targeting CVE-2020-3118 flaw in Cisco devices (lien direct) | Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the CVE-2020-3118 high severity vulnerability that affects multiple carrier-grade routers running the Cisco IOS XR Software. The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR […] | Vulnerability | ||
|
2020-10-21 06:00:10 | Microsoft took down 120 of 128 Trickbot servers in recent takedown (lien direct) | Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers. Microsoft's Defender team, FS-ISAC, ESET, Lumen's Black Lotus Labs, NTT, and Broadcom's cyber-security division Symantec joined the forces and announced last week a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. Even if […] | |||
|
2020-10-20 19:28:50 | NSA details top 25 flaws exploited by China-linked hackers (lien direct) | The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the […] | |||
|
2020-10-20 15:14:59 | How Automation can help you in Managing Data Privacy (lien direct) | The global data privacy landscape is changing and everyday we can see new regulations emerge. These regulations are encouraging organizations to be better custodians of the consumers data and create a healthier space for data privacy. In order to do so organizations will need to rework their operations and revamp their processes in order to […] | |||
|
2020-10-20 14:40:53 | MMO game Street Mobster leaking data of 1.9 million users due to critical vulnerability (lien direct) | Researchers discovered that MMO game Street Mobster is leaking data of 1.9 million users due to SQL Injection critical vulnerability. Attackers could exploit the SQL Injection flaw to compromise the game's database and steal user data. Original Post: https://cybernews.com/street-mobster-game-leaking-data-of-2-million-players The CyberNews.com Investigation team discovered a critical vulnerability in Street Mobster, a browser-based massively multiplayer online […] | Vulnerability | ||
|
2020-10-20 11:13:53 | Nefilim ransomware gang published Luxottica data on its leak site (lien direct) | The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world's largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass […] | Ransomware | ||
|
2020-10-20 10:15:22 | Pay it safe: Group-IB aids Paxful in repelling a series of web-bot attacks (lien direct) | Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering a wave of web-bot and social engineering attacks, and customer account takeovers. Powered with Group-IB's solution for online fraud prevention Secure […] | Threat | ||
|
2020-10-20 07:30:53 | U.S. Charges Russia GRU Intelligence Officers for notorious attacks, including NotPetya (lien direct) | The U.S. DoJ announced charges against six Russian intelligence officers for their role in several major cyberattacks carried out over the last years. The U.S. Department of Justice announced charges against six members of Russia's GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. The defendants are Yuriy […] | NotPetya | ||
|
2020-10-19 22:28:09 | GravityRAT malware also targets Android and macOS (lien direct) | Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. GravityRAT is a malware strain known for checking the CPU temperature of Windows computers […] | Malware | ||
|
2020-10-19 15:48:01 | Alexander Vinnik, the popular cyber criminal goes on trial in Paris (lien direct) | The Russian citizen Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135 million euros using ransomware. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware. Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged […] | |||
|
2020-10-19 14:18:18 | (Déjà vu) The forum of the popular Albion Online game was hacked (lien direct) | Albion Online game maker discloses a data breach, hackers gained access to the company forum database by exploiting a known vulnerability. Albion Online (AO) is a free medieval fantasy MMORPG developed by Sandbox Interactive, a studio based in Berlin, Germany A threat actor has breached the forum of Albion Online and stole usernames and password hashes from its database. According to […] | Threat | ||
|
2020-10-19 09:41:19 | New Emotet campaign uses a new \'Windows Update\' attachment (lien direct) | After a short pause, a new Emotet malware campaign was spotted by the experts on October 14th, crooks began using a new ‘Windows Update’ attachment. After a short interruption, a new Emotet malware campaign was spotted by the experts in October. Threat actors began using new Windows Update attachments in a spam campaign aimed at […] | Spam Malware Threat | ||
|
2020-10-19 08:02:04 | Fooling self-driving cars by displaying virtual objects (lien direct) | Researchers from the Ben-Gurion University of the Negev demonstrated how to fool self-driving cars by displaying virtual objects. A group of researchers from the Ben-Gurion University of the Negev demonstrated that it is possible to fool self-driving cars by displaying virtual objects (phantoms). The experts define as phantom a depthless visual object used to deceive […] | |||
|
2020-10-19 07:17:53 | Hackers claim to have compromised 50,000 home cameras and posted footage online (lien direct) | A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. Some footages were published on adult sites, experts reported that crooks are offering […] | |||
|
2020-10-18 21:01:11 | FIN11 gang started deploying ransomware to monetize its operations (lien direct) | The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. The group carried out multiple high-volume operations targeting companies across the world, most of them in North America and Europe. In recent attacks, the […] | Ransomware | ||
|
2020-10-18 15:04:32 | (Déjà vu) Microsoft released out-of-band Windows fixes for 2 RCE issues (lien direct) | Microsoft released two out-of-band security updates to address remote code execution (RCE) bugs in the Microsoft Windows Codecs Library and Visual Studio Code. Microsoft has released two out-of-band security updates to address two remote code execution (RCE) vulnerabilities that affect the Microsoft Windows Codecs Library and Visual Studio Code. The two vulnerabilities, tracked as CVE-2020-17022 and CVE-2020-17023, have been rated […] | |||
|
2020-10-18 13:43:26 | Iran-linked Silent Librarian APT targets universities again (lien direct) | Iran-linked cyberespionage group Silent Librarian has launched a new phishing campaign aimed at universities around the world. Iran-linked APT group Silent Librarian has launched another phishing campaign targeting universities around the world. The Silent Librarian, also tracked as Cobalt Dickens and TA407, targeted tens of universities in four continents in the last couple of years. In […] | |||
|
2020-10-18 09:24:29 | Security Affairs newsletter Round 286 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Hackers targeted the US Census Bureau network, DHS report warns Tyler Technologies finally paid the ransom to receive the decryption key Underestimating the FONIX – Ransomware as a Service could […] | Ransomware | ||
|
2020-10-18 09:08:52 | QQAAZZ crime gang charged for laundering money stolen by malware gangs (lien direct) | Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. 20 members of the multinational cybercriminal group QQAAZZ were charged this week in the US, Portugal, Spain, and the UK for providing money-laundering services. The arrests are the result of an unprecedented international law enforcement operation, coordinated by […] | Malware | ||
|
2020-10-17 17:13:23 | Four npm packages found opening shells and collecting info on Linux, Windows systems (lien direct) | On Thursday, four JavaScript packages have been removed from the npm portal because they have been found containing malicious code. NPM staff removed four JavaScript packages from the npm portal because were containing malicious code. Npm is the largest package repository for any programming language. The four packages, which had a total of one thousand of downloads, are: plutov-slack-client […] | |||
|
2020-10-17 15:08:49 | Google warned users of 33,015 nation-state attacks since January (lien direct) | Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of attacks from nation-state actors. Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts. Google sent 11,856 government-backed phishing […] | |||
|
2020-10-17 13:30:08 | UK NCSC recommends organizations to fix CVE-2020-16952 SharePoint RCE flaw asap (lien direct) | The U.K. National Cyber Security Centre (NCSC) issued an alert to urge organizations to patch CVE-2020-16952 RCE vulnerability in MS SharePoint Server. The U.K. National Cyber Security Centre (NCSC) issued an alert to warn of the risks of the exploitation for the CVE-2020-16952 remote code execution (RCE) vulnerability in Microsoft SharePoint Server and urges organizations to address […] | Vulnerability | ||
|
2020-10-16 21:50:57 | Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seen (lien direct) | The Google Cloud team revealed that in September 2017 it has mitigated DDoS attack that reached 2.54 Tbps, the largest DDoS attack of ever. The Google Cloud team revealed that back in September 2017 it has mitigated a powerful DDoS attack that clocked at 2.54 Tbps. This attack is the largest distributed denial of service attack recorded to […] | |||
|
2020-10-16 19:55:34 | Juniper fixes tens of flaws affecting the Junos OS (lien direct) | Juniper Networks has addressed tens of vulnerabilities, including serious flaws that can be exploited to take over vulnerable systems. Juniper Networks has addressed tens of vulnerabilities, including serious issues that can be exploited to take control of vulnerable systems. The vendor has published 40 security advisories related to security vulnerabilities in the Junos OS operating system […] | |||
|
2020-10-16 17:16:59 | Britain\'s information commissioner fines British Airways for 2018 Hack (lien direct) | Britain's information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. The hackers potentially accessed the personal data of approximately 429,612 customers and staff. Exposed data included names, addresses, […] | Data Breach Hack | ||
|
2020-10-16 14:15:35 | Breach at Dickey\'s Barbecue Pit compromises 3 million Cards (lien direct) | Dickey’s Barbecue Pit, the largest barbecue restaurant chain in the US, suffered a POS breach, card details for 3 Million customers were posted online. Dickey's Barbecue Pit is a family-owned American barbecue restaurant chain, the company suffered a POS breach and card details of more than three million customers have been posted on the carding portal […] | |||
|
2020-10-16 12:42:06 | (Déjà vu) Adobe fixes Magento flaws that can lead to code execution (lien direct) | Adobe released a series of out-of-band security fixes to address multiple Magento vulnerabilities that lead to code execution, customer list tampering. Adobe has released a series of out-of-band security fixes to address multiple Magento vulnerabilities that lead to code execution, customer list tampering. Eight of the vulnerabilities are considered either critical or important, only one […] | Guideline | ||
|
2020-10-16 10:02:36 | Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135 (lien direct) | The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. “A buffer overflow vulnerability in SonicOS allows a […] | Vulnerability |
To see everything:
Our RSS (filtrered)
