What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-31 06:23:19 | COVID-19 – Phishing attacks target employees that come back to the office (lien direct) | Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. Workers are going back to offices after months of remote working and crooks […] | |||
|
2021-05-30 15:58:51 | Interpol has intercepted $83 million from financial cyber crimes (lien direct) | Interpol has intercepted $83 million in illicit funds transferred from victims to the accounts used by crooks. An operation conducted by Interpol, codenamed HAECHI-I, conducted by more than 40 officers in the Asia Pacific region over six months period allowed to intercept a total of USD 83 million in illicit funds transferred from victims to […] | |||
|
2021-05-30 14:33:23 | These 2 attacks allow to alter certified PDF Documents (lien direct) | Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, dubbed Evil Annotation and Sneaky Signature attacks, on certified PDF documents that could potentially allow attackers to modify visible content without invalidating their digital signature. The […] | |||
|
2021-05-30 11:55:17 | Security Affairs newsletter Round 316 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A malware attack hit the Alaska Health Department CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers Zeppelin ransomware gang is back after a temporary pause 13 flaws in Nagios IT […] | Ransomware Malware | ||
|
2021-05-30 09:35:19 | Facefish Backdoor delivers rootkits to Linux x64 systems (lien direct) | Qihoo 360 NETLAB spotted a new backdoor dubbed Facefish that could allow attackers to take over Linux systems and steal sensitive data. Cybersecurity experts from Qihoo 360 NETLAB published details about a new backdoor, dubbed Facefish, which can be used by threat actors to steal login credentials and executing arbitrary commands on Linux systems. The […] | Threat | ||
|
2021-05-29 21:57:58 | FBI will share compromised passwords with HIBP Pwned Passwords (lien direct) | The FBI is going to share compromised passwords discovered during investigations with Have I Been Pwned (HIBP)’s ‘Pwned Passwords’ service. The FBI will share compromised passwords that were discovered during investigations with the ‘Pwned Passwords‘ service implemented by the data breach notification site Have I Been Pwned (HIBP). The Pwned Passwords service allows users to search […] | Data Breach | ★★ | |
|
2021-05-29 20:01:04 | Secure Search is a Browser Hijacker – How to Remove it Now? (lien direct) | Secured Search is a browser hijacker that changes your browser’s settings to promote securedsearch.com, let’s remove it. Secured Search is the same piece of software as ByteFence Secure Browsing. It’s supposedly a tool that improves browsing security and privacy. In reality, it’s a browser hijacker. It alters your browser’s settings to promote securedsearch.com (which is […] | Tool | ||
|
2021-05-29 07:16:23 | SonicWall fixes an NSM On-Prem bug, patch it asap! (lien direct) | SonicWall urges customers to address a post-authentication flaw that affects on-premises versions of the Network Security Manager (NSM). SonicWall urges customers to ‘immediately’ address a post-authentication vulnerability, tracked as CVE-2021-20026, impacting on-premises versions of the Network Security Manager (NSM). The vulnerability rated with an 8.8 severity score could be simply exploited without user interaction. The flaw could […] | Vulnerability | ||
|
2021-05-28 20:16:19 | CVE-2020-15782 flaw in Siemens PLCs allows remote hack (lien direct) | Industrial cybersecurity firm Claroty discovered a new flaw in Siemens PLCs that can be exploited by a remote and unauthenticated attacker to hack the devices. Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782, that could be exploited by remote and unauthenticated attackers to bypass memory protection. The […] | Hack Vulnerability | ||
|
2021-05-28 13:09:48 | China-linked APT groups targets orgs via Pulse Secure VPN devices (lien direct) | Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information. FireEye monitored the activities of two […] | |||
|
2021-05-28 10:56:54 | Microsoft details new sophisticated spear-phishing attacks from NOBELIUM (lien direct) | Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign conducted by NOBELIUM APT. The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST […] | Threat | Solardwinds | ★★ |
|
2021-05-28 09:13:11 | Canada Post disclosed a ransomware attack on a third-party service provider (lien direct) | Canada Post disclosed a ransomware attack on a third-party service provider that exposed shipping information for their customers. Canada Post announced that a ransomware attack on a third-party service provider exposed shipping information for their customers. Canada Post is a Crown corporation that functions as the primary postal operator in Canada, it provides service to more than 16 million Canadian […] | Ransomware | ||
|
2021-05-27 21:25:30 | APT hacked a US municipal government via an unpatched Fortinet VPN (lien direct) | The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN. “The FBI is […] | |||
|
2021-05-27 18:09:55 | DHS announces security measures for critical pipeline industry (lien direct) | The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline incident continues to have a serious impact on the critical infrastructure sector. The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for owners and operators of critical pipelines. The new security directive requires critical […] | |||
|
2021-05-27 15:51:30 | (Déjà vu) NASA identified 1,785 cyber incidents in 2020 (lien direct) | NASA identified more than 6,000 cyber-related incidents in the last four years, according to a report published by its Office of Inspector General. The U.S. National Aeronautics and Space Administration (NASA) has identified more than 6,000 cyber-related incidents in the last four years, according to a report published by NASA's Office of Inspector General. The […] | |||
|
2021-05-27 12:43:57 | Hackers compromised Japanese government offices via Fujitsu \'s ProjectWEB tool (lien direct) | Threat actors have compromised offices of multiple Japanese agencies via Fujitsu ‘s ProjectWEB information sharing tool. Threat actors have breached the offices of multiple Japanese agencies after they have gained access to projects that uses the Fujitsu ‘s ProjectWEB information sharing tool. ProjectWEB is a software-as-a-service (SaaS) platform for enterprise collaboration and file-sharing that was […] | Tool Threat | ||
|
2021-05-27 07:38:54 | M1RACLES, the unpatchable bug that impacts new Apple M1 chips (lien direct) | A security expert has discovered a vulnerability in Apple M1 chips, dubbed M1RACLES, that cannot be fixed. Software engineer Hector Martin from Asahi Linux has discovered a vulnerability in the new Apple M1 chips, tracked as CVE-2021-30747, that was named M1RACLES. The expert pointed out that the issue can only be fixed with a redesign […] | Vulnerability | ||
|
2021-05-26 21:29:00 | Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT (lien direct) | Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported that about 50,000 IPs were compromised across multiple Kubernetes clusters in a cryptojacking campaign conducted by TeamTNT group. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. It aims to […] | Uber | ||
|
2021-05-26 17:59:41 | French police seized dark web marketplace Le Monde Parallèle (lien direct) | Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web. It is […] | |||
|
2021-05-26 15:32:57 | Google discovered a new variant of Rowhammer attack dubbed Half-Double (lien direct) | Google experts discovered a new variant of Rowhammer attack against RAM memory cards that bypasses all current defenses Google researchers discovered a new variant of Rowhammer attacks, dubbed “Half-Double,” that allows bypassing all current defenses. In 2015, security researchers at Google's Project Zero team demonstrated how to hijack the Intel-compatible PCs running Linux by exploiting the physical […] | |||
|
2021-05-26 11:39:40 | (Déjà vu) Belgium Interior Ministry said it was hit by a sophisticated cyber attack (lien direct) | The Belgian interior ministry was targeted by a “sophisticated” cyber attack, a spokesman told RTBF public television on Tuesday. The Belgian interior ministry was hit by a “sophisticated” cyber-espionage attack, the news was confirmed by a spokesman to RTBF public television on Tuesday. The Federal Public Service Interior’s communications director, Olivier Maerens, confirmed that the […] | |||
|
2021-05-26 10:08:45 | Another critical bug impacts all VMware vCenter Server installs (lien direct) | VMware addresses a critical remote code execution (RCE) flaw in the Virtual SAN Health Check plug-in that impacts all vCenter Server installs. VMware has released security updates to address a remote code execution (RCE) flaw in vCenter Server that could be exploited by attackers to execute arbitrary code on the installs. vCenter Server is the centralized […] | |||
|
2021-05-26 06:20:14 | Agrius group targets Israel with data-wipers disguised as ransomware (lien direct) | An Iran-linked threat actor tracked as Agrius employed data-wipers disguised as ransomware to destroy targeted IT infrastructure. Researchers from cyber-security firm SentinelOne discovered a new Iran-linked threat actor, tracked as Agrius, which relied on data-wiping malware disguised as ransomware to destroy the targeted systems. In order to hide the real nature of the threat, the […] | Ransomware Malware Threat | ||
|
2021-05-25 21:00:05 | Ivanti fixes high severity flaw in Pulse Connect Secure VPN (lien direct) | A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges. Ivanti addressed a high severity Buffer Overflow vulnerability in Secure VPN appliances that could allow a remote authenticated attacker to execute arbitrary code with elevated privileges. The vulnerability tracked as CVE-2021-22908, has received a CVSS […] | Vulnerability | ||
|
2021-05-25 13:49:16 | Trend Micro fixes 3 flaws in Home Network Security Devices (lien direct) | Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Once activated, the Home Network Security station scans all traffic passing […] | |||
|
2021-05-25 12:28:15 | Apple addresses three zero-day flaws actively exploited in the wild (lien direct) | Apple has addressed three zero-day vulnerabilities in macOS and tvOS actively exploited in the wild by threat actors. Apple has released security updates to address three zero-day vulnerabilities affecting macOS and tvOS which have been exploited in the wild. The macOS flaw has been exploited by the XCSSET malware to bypass security protections. “Apple is […] | Malware Threat | ★★★ | |
|
2021-05-25 10:04:58 | Audio equipment maker Bose Corporation discloses a ransomware attack (lien direct) | The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose Corporation has announced it was the victim of a ransomware attack that took place earlier this year, on March 7. According to the breach notification letter filed by Bose, the […] | Ransomware | ||
|
2021-05-25 06:46:22 | US banks are giving facial recognition a go; EU tightens regulations, FTC updates AI guidelines (lien direct) | US banks are giving the green light to the adoption of facial recognition technology, while authorities provide regulations and updates guidelines Many among the US biggest banks are trying their luck with facial recognition technology. The FTC issues a new set of guidelines about the use of Artificial Intelligence. The European Union’s stance on face […] | |||
|
2021-05-24 21:55:24 | (Déjà vu) French intel found flaws in Bluetooth Core and Mesh specs (lien direct) | Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh Profile specifications that could be used to impersonate legitimate devices during the pairing process and conduct man-in-the-middle (MitM) attacks while within wireless range of vulnerable devices. […] | |||
|
2021-05-24 18:10:21 | Zeppelin ransomware gang is back after a temporary pause (lien direct) | Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran, have resumed their operations after a temporary interruption. Unlike other ransomware, Zeppelin operators do not steal data from the victims and don’t run a leak site. Zeppelin ransomware […] | Ransomware | ||
|
2021-05-24 14:01:31 | 13 flaws in Nagios IT Monitoring Software pose serious risk to orgs (lien direct) | Researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be exploited for malicious purposes. Cybersecurity researchers from Skylight Cyber disclosed technical details about 13 vulnerabilities in the Nagios network monitoring application that could be exploited by threat actors to hijack the infrastructure. Nagios is an open-source IT infrastructure monitoring and […] | Threat | ||
|
2021-05-24 06:16:06 | Anker fixed an issue that caused access to Eufy video camera feeds to random users (lien direct) | A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers. Chinese electronics vendor Anker has recently addressed a bug that mistakenly exposed private information and video streams of customers using its Eufy video cameras. The issue was caused by a misconfiguration, but the vendor told […] | |||
|
2021-05-23 13:25:19 | (Déjà vu) CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers (lien direct) | The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10 and Server systems. Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities in Microsoft including a critical HTTP Protocol Stack Remote Code Execution vulnerability tracked as CVE-2021-31166. The flaw could be exploited by an unauthenticated […] | Vulnerability | ||
|
2021-05-23 12:33:32 | Security Affairs newsletter Round 315 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia MSBuild tool used to deliver RATs filelessly Pakistan-linked Transparent Tribe APT expands its arsenal Two flaws could allow bypassing AMD […] | Ransomware Tool | APT 36 | |
|
2021-05-23 09:09:32 | A malware attack hit the Alaska Health Department (lien direct) | The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of the Alaska health department was forced offline this week by a malware attack. Local authorities launched an investigation into the attack, at the time of this writing, they did not provide details about the intrusion. […] | Malware | ||
|
2021-05-22 20:15:23 | Qlocker ransomware leverages HBS flaw to infect QNAP NAS devices (lien direct) | QNAP warns customers of updating the HBS 3 disaster recovery app to prevent Qlocker ransomware attack. Taiwanese vendor QNAP is warning its customers of updating the HBS 3 disaster recovery app running on their Network Attached Storage (NAS) devices to prevent Qlocker ransomware infections. At the end of April, experts warned of a new strain […] | Ransomware | ||
|
2021-05-22 16:44:58 | Foreign hackers breached Russian federal agencies, said FSB (lien direct) | FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have breached networks of Russian federal agencies. A joint report published by Rostelecom-Solar and the FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have stolen information from Russian federal agencies. The attacks were spotted in 2020, threat actors leveraged […] | Threat | ||
|
2021-05-22 13:53:00 | (Déjà vu) Conti Ransomware hit 16 US health and emergency Services, said FBI (lien direct) | Conti ransomware targeted over 400 organizations worldwide, 290 in the US, and at least 16 healthcare and first responder networks. The Federal Bureau of Investigation (FBI) revealed that the Conti ransomware gang has hit at least 16 healthcare and first responder organizations. According to a flash alert issued by the FBI over 400 organizations worldwide […] | Ransomware | ||
|
2021-05-22 11:54:17 | (Déjà vu) Air India suffered a data breach, 4.5 million customers impacted (lien direct) | Air India disclosed a data breach that impacted roughly 4.5 million of its customers, two months after its Passenger Service System provider SITA was hacked. Air India has disclosed a data breach that impacted 4.5 million of its customers, exposed data includes the personal information of customers registered between August. 26, 2011 and February. 3, 2021. Customers’ […] | Data Breach | ||
|
2021-05-21 22:14:17 | Report: how cybercriminals abuse API keys to steal millions (lien direct) | CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. Original post available here: https://cybernews.com/security/report-how-cybercriminals-abuse-api-keys-to-steal-millions/ CyberNews researchers found that cybercriminals are able to abuse cryptocurrency exchange API keys and steal cryptocurrencies from their victims' accounts without being granted withdrawal rights. At the same time, more than $1,000,000 in cryptocurrency is being […] | |||
|
2021-05-21 19:47:00 | Indonesia \'s government confirms social security data breach for some citizens (lien direct) | Indonesia has launched an investigation into a possible security incident that caused the leak of social security data for more than 270 million citizens. Indonesia’s Communication and Information Ministry has confirmed a leak of social security data, it attempted to downplay the incident explaining that it only impacted a small portion of the population. The authorities […] | Data Breach | ||
|
2021-05-21 15:02:43 | Insurance giant CNA Financial paid a $40 million ransom (lien direct) | The US insurance giant CNA Financial reportedly paid a $40 million ransom to restore access to its files following a ransomware attack. CNA Financial, one of the largest insurance companies in the US, reportedly paid a $40 ransom to restore access to its files following a ransomware attack that took place in March. According to Bloomberg, […] | Ransomware | ||
|
2021-05-21 10:55:26 | Bitcoins of DarkSide ransomware gang still locked in hacker forum\'s escrow (lien direct) | After DarkSide ransomware gang shut down operations, multiple affiliates have complained about not receiving the payments for successful breaches. The decision of the DarkSide ransomware gang to shut down operations is causing chaos among its network of affiliates, who have complained about not receiving the payments for their successful breaches. The affiliated are asking the […] | Ransomware | ||
|
2021-05-21 06:30:20 | Microsoft SimuLand, an open-source lab environment to simulate attack scenarios (lien direct) | Microsoft released SimuLand, an open-source tool that can be used to build lab environments to simulate attacks and verify their detection. Microsoft has released SimuLand, an open-source lab environment that allows to reproduce the techniques used in real attack scenarios. The tool could be used to test and improve Microsoft solutions, including Microsoft 365 Defender, […] | Tool | ||
|
2021-05-20 20:39:41 | STRRAT RAT spreads masquerading as ransomware (lien direct) | Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The RAT was designed to steal data from victims while masquerading as a ransomware attack. The Java-based STRRAT RAT […] | Ransomware Malware | ||
|
2021-05-20 14:11:35 | A dozen Android apps exposed data of 100M+ users (lien direct) | Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers from Check Point have discovered 23 Android applications that exposed the personal data of more than 100 million users due to misconfigurations of third-party cloud services. The experts pointed out that the misconfiguration also expose […] | |||
|
2021-05-20 09:56:20 | Privacy Concerns On Cookies Storing Personal Information (lien direct) | Which are privacy concerns on the way organizations collect personal information through the use of cookies? Data is constantly being tracked, stored and processed right under our noses, and it is quite frightening to know just how much data a company might have on you. They may not have your deepest darkest secrets (or maybe […] | |||
|
2021-05-20 08:42:09 | Russian citizen Anton Bogdanov sentenced to 5 years for cyber tax fraud scheme (lien direct) | Russian hacker Anton Bogdanov was sentenced to 5 years’ imprisonment for attempting to steal $1.5 million in tax refunds by hacking into tax preparation firms. The Russian citizen Anton Bogdanov (35), aka Kusok, was sentenced by a US Chief District Judge to 5 years of prison for wire fraud conspiracy and computer intrusions. The man attempted […] | |||
|
2021-05-20 07:04:09 | Blind SQL Injection flaw in WP Statistics impacted 600K+ sites (lien direct) | Experts discovered a Time-Based Blind SQL Injection vulnerability in the WP Statistics plugin which is installed on over 600,000 WordPress sites. Researchers from the Wordfence Threat Intelligence discovered a Time-Based Blind SQL Injection vulnerability in WP Statistics, which is a WordPress plugin with over 600,000 active installs. The plugin was developed by VeronaLabs, it provides complete […] | Vulnerability Threat | ||
|
2021-05-19 18:39:44 | Google addresses 4 zero-day flaws in Android exploited in the wild (lien direct) | Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the wild. Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild. The four vulnerabilities impact Qualcomm GPU and Arm […] |
To see everything:
Our RSS (filtrered)
