Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-05-30 14:53:18 |
Zero-Day \'Follina\' Bug Lays Older Microsoft Office Versions Open to Attack (lien direct) |
Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports. |
Malware
|
|
|
|
2022-05-27 10:32:07 |
Critical Flaws in Popular ICS Platform Can Trigger RCE (lien direct) |
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks. |
|
|
|
|
2022-05-26 10:30:11 |
Cybergang Claims REvil is Back, Executes DDoS Attacks (lien direct) |
Actors claiming to be the defunct ransomware group are targeting one of Akami's customers with a Layer 7 attack, demanding an extortion payment in Bitcoin. |
Ransomware
|
|
|
|
2022-05-25 13:18:17 |
Link Found Connecting Chaos, Onyx and Yashma Ransomware (lien direct) |
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. |
Ransomware
Malware
|
|
|
|
2022-05-25 12:45:59 |
Verizon Report: Ransomware, Human Error Among Top Security Risks (lien direct) |
2022's DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. |
|
|
|
|
2022-05-24 13:59:14 |
Fronton IOT Botnet Packs Disinformation Punch (lien direct) |
Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda. |
|
|
|
|
2022-05-23 12:47:12 |
Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches (lien direct) |
Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments. |
|
|
|
|
2022-05-23 12:07:56 |
Snake Keylogger Spreads Through Malicious PDFs (lien direct) |
Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug. |
|
|
|
|
2022-05-20 12:42:26 |
Closing the Gap Between Application Security and Observability (lien direct) |
Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. |
|
|
|
|
2022-05-20 11:11:36 |
380K Kubernetes API Servers Exposed to Public Internet (lien direct) |
More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. |
|
Uber
|
|
|
2022-05-19 13:03:37 |
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover (lien direct) |
Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. |
Vulnerability
|
|
|
|
2022-05-18 14:36:57 |
DOJ Says Doctor is Malware Mastermind (lien direct) |
The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. |
Malware
|
|
★★★
|
|
2022-05-18 14:01:22 |
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days (lien direct) |
Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. |
Patching
|
|
|
|
2022-05-18 13:54:23 |
April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell (lien direct) |
Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild. |
|
|
|
|
2022-05-17 13:53:19 |
Sysrv-K Botnet Targets Windows, Linux (lien direct) |
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. |
|
|
|
|
2022-05-17 13:19:40 |
iPhones Vulnerable to Attack Even When Turned Off (lien direct) |
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware. |
|
|
|
|
2022-05-16 11:46:39 |
Microsoft\'s May Patch Tuesday Updates Cause Windows AD Authentication Errors (lien direct) |
Microsoft's May Patch Tuesday update is triggering authentication errors. |
|
|
|
|
2022-05-13 12:06:33 |
Threat Actors Use Telegram to Spread \'Eternity\' Malware-as-a-Service (lien direct) |
An account promoting the project-which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules-has more than 500 subscribers. |
Threat
Ransomware
|
|
|
|
2022-05-12 13:01:07 |
Malware Builder Leverages Discord Webhooks (lien direct) |
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. |
Malware
|
|
★★★
|
|
2022-05-12 11:57:42 |
You Can\'t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius (lien direct) |
Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company's attack surface and the "blast radius" of a potential attack. |
|
|
★★★★
|
|
2022-05-12 10:45:06 |
Novel \'Nerbian\' Trojan Uses Advanced Anti-Detection Tricks (lien direct) |
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. |
Malware
|
|
★★
|
|
2022-05-11 12:13:51 |
Novel Phishing Trick Uses Weird Links to Bypass Spam Filters (lien direct) |
A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains. |
Spam
|
|
★★★
|
|
2022-05-11 11:12:11 |
Actively Exploited Zero-Day Bug Patched by Microsoft (lien direct) |
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments. |
|
|
★★★★
|
|
2022-05-11 11:02:21 |
Ransomware Deals Deathblow to 157-year-old College (lien direct) |
Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. |
Ransomware
|
|
★★★★
|
|
2022-05-10 12:35:15 |
Hackers Actively Exploit F5 BIG-IP Bug (lien direct) |
The bug has a severe rating of 9.8, public exploits are released. |
|
|
★★★★
|
|
2022-05-10 11:54:03 |
Conti Ransomware Attack Spurs State of Emergency in Costa Rica (lien direct) |
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks. |
Threat
Ransomware
|
|
★★★★
|
|
2022-05-10 00:24:18 |
Low-rent RAT Worries Researchers (lien direct) |
Researchers say a hacker is selling access to quality malware for chump change. |
Malware
|
|
★★★
|
|
2022-05-09 17:23:35 |
FBI: Rise in Business Email-based Attacks is a $43B Headache (lien direct) |
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. |
|
|
★★★
|
|
2022-05-09 10:43:12 |
Podcast: The State of the Secret Sprawl (lien direct) |
In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe. |
|
|
|
|
2022-05-06 11:10:22 |
USB-based Wormable Malware Targets Windows Installer (lien direct) |
Activity dubbed 'Raspberry Robin' uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. |
Threat
Malware
|
|
★★★★
|
|
2022-05-05 13:00:02 |
CANs Reinvent LANs for an All-Local World (lien direct) |
A close look at a new type of network, known as a Cloud Area Network. |
|
|
|
|
2022-05-05 12:48:08 |
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems (lien direct) |
The vulnerability is 'critical' with a CVSS severity rating of 9.8 out of 10. |
Vulnerability
|
|
|
|
2022-05-05 12:20:10 |
VHD Ransomware Linked to North Korea\'s Lazarus Group (lien direct) |
Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said. |
Ransomware
Medical
|
APT 38
APT 28
|
|
|
2022-05-04 17:32:12 |
China-linked APT Caught Pilfering Treasure Trove of IP (lien direct) |
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data. |
Threat
|
|
|
|
2022-05-04 13:24:00 |
Attackers Use Event Logs to Hide Fileless Malware (lien direct) |
A sophisticated campaign utilizes a novel anti-detection method. |
Malware
|
|
|
|
2022-05-04 10:27:47 |
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk (lien direct) |
A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices. |
|
|
|
|
2022-05-03 12:42:35 |
Mozilla: Lack of Security Protections in Mental-Health Apps Is \'Creepy\' (lien direct) |
Popular apps to support people's psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses. |
|
|
|
|
2022-05-02 12:41:25 |
Bad Actors Are Maximizing Remote Everything (lien direct) |
Aamir Lakhani, global security strategist and researcher at FortiGuard Labs, zeroes in on how adversaries are targeting 'remote everything'. |
|
|
|
|
2022-05-02 12:15:36 |
Deep Dive: Protecting Against Container Threats in the Cloud (lien direct) |
A deep dive into securing containerized environments and understanding how they present unique security challenges. |
|
|
|
|
2022-04-29 12:33:51 |
Security Turbulence in the Cloud: Survey Says… (lien direct) |
Exclusive Threatpost research examines organizations' top cloud security concerns, attitudes towards zero-trust and DevSecOps. |
|
|
|
|
2022-04-29 11:51:05 |
Cyberespionage APT Now Identified as Three Separate Actors (lien direct) |
The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets. |
Threat
|
|
|
|
2022-04-28 13:14:10 |
Attacker Breach \'Dozens\' of GitHub Repos Using Stolen OAuth Tokens (lien direct) |
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations. |
Threat
|
|
|
|
2022-04-28 12:46:12 |
Cyberattacks Rage in Ukraine, Support Military Operations (lien direct) |
At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine's digital infrastructure. |
|
|
|
|
2022-04-27 19:53:37 |
Emotet is Back From \'Spring Break\' With New Nasty Tricks (lien direct) |
The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default. |
|
|
|
|
2022-04-27 12:11:25 |
Millions of Java Apps Remain Vulnerable to Log4Shell (lien direct) |
Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. |
|
|
|
|
2022-04-26 12:29:51 |
Firms Push for CVE-Like Cloud Bug System (lien direct) |
Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk.
|
|
|
|
|
2022-04-26 11:38:17 |
Nation-state Hackers Target Journalists with Goldbackdoor Malware (lien direct) |
A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight. |
Malware
Cloud
|
APT 37
|
|
|
2022-04-25 13:32:43 |
Lapsus$ Hackers Target T-Mobile (lien direct) |
No government and customer data was accessed.
|
|
|
|
|
2022-04-22 11:16:21 |
Zero-Trust For All: A Practical Guide (lien direct) |
How to use zero-trust architecture effectively in today's modern cloud-dependent infrastructures. |
|
|
★★★★
|
|
2022-04-22 10:56:16 |
Skeletons in the Closet: Security 101 Takes a Backseat to 0-days (lien direct) |
Nate Warfield, CTO at Prevailion, discusses the dangers of focusing on zero-day security vulnerabilities, and how security teams are being distracted from the day-to-day work that prevents most breaches. |
|
|
|