What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-09 01:09:50 | Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen (lien direct) | FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers.
The company said it's actively investigating the breach in coordination with the US Federal Bureau of Investigation (FBI) |
Threat | ||
|
2020-12-07 21:44:01 | NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks (lien direct) | The US National Security Agency (NSA) on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data.
Specifics regarding the identities of the threat actor exploiting the VMware flaw or when these attacks started were not disclosed.
The development comes two weeks after the |
Malware Vulnerability Threat | ||
|
2020-12-07 06:57:40 | Iranian RANA Android Malware Also Spies On Instant Messengers (lien direct) | A team of researchers today unveiled previously undisclosed capabilities of an Android spyware implant-developed by a sanctioned Iranian threat actor-that could let attackers spy on private chats from popular instant messaging apps, force Wi-Fi connections, and auto-answer calls from specific numbers for purposes of eavesdropping on conversations.
In September, the US Department of the Treasury |
Malware Threat | ||
|
2020-12-01 00:54:36 | Nation-State Hackers Caught Hiding Espionage Activities Behind Crypto Miners (lien direct) | A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research.
Attributing the shift to a threat actor tracked as Bismuth, Microsoft's Microsoft 365 Defender Threat Intelligence Team said the group deployed Monero coin miners in attacks that targeted both |
Threat | ||
|
2020-12-01 00:24:40 | 4 Free Online Cyber Security Testing Tools For 2021 (lien direct) | Set of must-have online security tools that we believe may make a real difference to your cybersecurity program and improve your 2021 budget planning.
In September, Gartner published a list of "Top 9 Security and Risk Trends for 2020" putting a bold emphasis on the growing complexity and size of the modern threat landscape.
Incomplete visibility of external Attack surfaces led to the dramatic |
Threat | ||
|
2020-11-24 06:56:39 | Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies (lien direct) | An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.
According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor |
Malware Threat | ||
|
2020-11-16 02:29:40 | Trojanized Security Software Hits South Korea Users in Supply-Chain Attack (lien direct) | Cybersecurity researchers took the wraps off a novel supply chain attack in South Korea that abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems.
Attributing the operation to the Lazarus Group, also known as Hidden Cobra, Slovak internet security company ESET said the state-sponsored threat actor leveraged the |
Threat Medical | APT 38 | |
|
2020-11-13 00:17:13 | Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs (lien direct) | Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises (SMEs) with limited budgets and staff are significantly impacted.
On average, SMEs manage more than a |
Threat Guideline | ||
|
2020-11-09 23:35:03 | Watch Out! New Android Banking Trojan Steals From 112 Financial Apps (lien direct) | Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware.
According to Kaspersky's Global Research and Analysis Team (GReAT), the Brazil-based threat group Guildma |
Threat | ||
|
2020-11-05 02:19:16 | Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies (lien direct) | Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months.
According to findings published by Check Point Research, the threat actors - believed to be located in the Palestinian Gaza Strip - have targeted Sangoma PBX, an |
Hack Threat | ||
|
2020-11-05 00:35:31 | If You Don\'t Have A SASE Cloud Service, You Don\'t Have SASE At All (lien direct) | The Secure Access Service Edge (or SASE) has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform.The capabilities that SASE delivers aren't new and include SD-WAN, threat prevention, remote access, and others that were |
Threat | ||
|
2020-11-03 03:49:37 | New Kimsuky Module Makes North Korean Spyware More Powerful (lien direct) | A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities.
The APT - dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 - has been now linked to as many as three hitherto undocumented malware, |
Threat Cloud | APT 37 | |
|
2020-10-23 03:50:27 | New Framework Released to Protect Machine Learning Systems From Adversarial Attacks (lien direct) | Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems.
Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting ML systems.
Just |
Threat | ||
|
2020-10-14 06:05:01 | FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks (lien direct) | A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion.
According to FireEye's Mandiant threat intelligence team, the collective - known as FIN11 - has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying |
Ransomware Malware Threat | ||
|
2020-10-02 02:59:55 | Researchers Fingerprint Exploit Developers Who Help Several Malware Authors (lien direct) | Writing advanced malware for a threat actor requires different groups of people with diverse technical expertise to put them all together. But can the code leave enough clues to reveal the person behind it?
To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits |
Malware Threat | ||
|
2020-09-30 02:29:01 | Chinese APT Group Targets Media, Finance, and Electronics Sectors (lien direct) | Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China.
Linking the attacks to Palmerworm (aka BlackTech) - likely a China-based advanced persistent threat (APT) - Symantec's Threat Hunter Team said the first wave of activity associated with this campaign began last |
Threat | ||
|
2020-09-28 06:27:05 | Researchers Uncover Cyber Espionage Operation Aimed At Indian Army (lien direct) | Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information.
Dubbed "Operation SideCopy" by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an advanced persistent threat (APT) group that has successfully managed to stay |
Threat | ||
|
2020-09-19 04:24:39 | Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents (lien direct) | Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information.
The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts - one for |
Threat | ||
|
2020-09-18 01:45:03 | U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence (lien direct) | The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors.
According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target |
Malware Threat | ||
|
2020-09-15 02:14:30 | CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities.
"CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information |
Threat | ||
|
2020-09-09 08:21:50 | Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine (lien direct) | We have all heard of the "cybersecurity skills gap" - firms' inability to hire and retain high-level cybersecurity talent.
I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to |
Threat | ||
|
2020-09-02 01:54:16 | New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data (lien direct) | Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit.
In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers.
"For threat actors, |
Threat | ||
|
2020-08-26 02:33:05 | APT Hackers Exploit Autodesk 3D Max Software for Industrial Espionage (lien direct) | It's one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it's an entirely different matter when they are used as "hackers for hire" by competing private companies to make away with confidential information.
Bitdefender's Cyber Threat Intelligence Lab discovered yet another instance of an espionage attack targeting an unnamed international |
Threat | ||
|
2020-08-19 04:36:17 | XDR: The Next Level of Prevention, Detection and Response [New Guide] (lien direct) | One new security technology we keep hearing about is Extended Detection and Response (XDR).
This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control and integration technologies.
Think of XDR as prepackaged EDR, NTA, UEBA (and perhaps other |
Threat | ||
|
2020-07-27 23:57:33 | QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices (lien direct) | Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP's network-attached storage (NAS) appliances.
Called QSnatch (or Derek), the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America.
" |
Malware Threat | ||
|
2020-07-21 08:05:25 | Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions (lien direct) | An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News.
The attacks were observed during the first week of July, coinciding the passage of controversial security law in Hong |
Threat | ||
|
2020-07-17 03:23:46 | Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online (lien direct) | An OPSEC error by an Iranian threat actor has laid bare the inner workings of the hacking group by providing a rare insight into the "behind-the-scenes look into their methods."
IBM's X-Force Incident Response Intelligence Services (IRIS) got hold of nearly five hours worth of video recordings of the state-sponsored group it calls ITG18 (also called Charming Kitten, Phosphorous, or APT35) that |
Threat Conference | APT 35 | ★★★★★ |
|
2020-07-06 04:40:46 | Cato MDR: Managed Threat Detection and Response Made Easy (lien direct) | Lately, we can't help noticing an endless cycle where the more enterprises invest in threat prevention; the more hackers adapt and continue to penetrate enterprises.
To make things worse, detecting these penetrations still takes too long with an average dwell time that exceeds 100 (!) days.
To keep the enterprise protected, IT needs to figure out a way to break this endless cycle without |
Threat | ||
|
2020-07-01 03:43:24 | Use This Definitive RFP Template to Effectively Evaluate XDR solutions (lien direct) | A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response.
Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions.
XDR has been referred to as the next step in the evolution of Endpoint |
Threat | ||
|
2020-06-30 00:45:13 | Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware (lien direct) | Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes.
The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to control compromised machines, cybersecurity firm Bitdefender said in a report shared with The Hacker |
Threat | ||
|
2020-06-25 03:42:20 | Docker Images Containing Cryptojacking Malware Distributed via Docker Hub (lien direct) | With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies.
According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the |
Malware Threat | ||
|
2020-06-23 04:03:32 | VirusTotal Adds Cynet\'s Artificial Intelligence-Based Malware Detection (lien direct) | VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.
VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, |
Malware Threat | ||
|
2020-06-23 01:53:35 | Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards (lien direct) | Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.
According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for |
Threat | ||
|
2020-06-18 02:50:48 | InvisiMole Hackers Target High-Profile Military and Diplomatic Entities (lien direct) | Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage.
The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting in an extensive look into InvisiMole's operations and the group's tactics, tools, and procedures |
Threat | ||
|
2020-06-11 14:35:49 | A Bug in Facebook Messenger for Windows Could\'ve Helped Malware Gain Persistence (lien direct) | Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows.
The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already |
Malware Vulnerability Threat | ||
|
2020-06-04 01:31:39 | New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers (lien direct) | A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday.
The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported custom |
Tool Threat | ||
|
2020-05-21 01:11:42 | Iranian APT Group Targets Governments in Kuwait and Saudi Arabia (lien direct) | Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia.
Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known for its attacks on telecommunication and travel industries in the Middle East to collect personal |
Threat Prediction | APT 39 | |
|
2020-05-12 02:59:54 | Cynet Offers IR Specialists Grants up to $1500 for each IR Engagement (lien direct) | In the past, the autonomous breach protection company Cynet announced that it is making Cynet 360 threat detection and response platform available at no charge for IR (incident response) service providers and consultants.
Today Cynet takes another step and announces a $500 grant for Incident Responders for each IR engagement in which Cynet 360 was used, with an additional $1,000 grant if the |
Threat | ||
|
2020-04-16 05:59:15 | Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository (lien direct) | As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on.
In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 |
Threat | ||
|
2020-04-15 03:40:12 | 49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets (lien direct) | Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are |
Threat | ||
|
2020-04-14 06:52:10 | Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks (lien direct) | Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS.
Dubbed 'SafeBIOS Events & Indicators of Attack' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their |
Tool Threat | ||
|
2020-04-08 03:55:51 | Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild (lien direct) | Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.
The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as |
Malware Threat | ||
|
2020-04-07 01:49:27 | Secure Remote Working During COVID-19 - Checklist for CISOs (lien direct) | Coronavirus crisis introduces a heavy burden on the CISOs with the collective impact of a mass transition to working remotely coupled with a surge of cyberattacks that strive to monetize the general chaos.
Security vendors, unintendedly, contribute to this burden by a relentless generation of noise in the form of attack reports, best practices, tips, and threat landscape analysis.
Here we |
Threat | ||
|
2020-03-24 06:12:09 | How to Provide Remote Incident Response During the Coronavirus Times (lien direct) | While the Coronavirus pandemic continues to strike chaos across the global economies, threat actors keep on launching cyberattacks on organizations from all sizes and verticals.
IR providers face a unique challenge when approached by these organizations since, due to the Coronavirus mass quarantine, conducting incident response engagements by arriving physically to the customers' offices is |
Threat | ||
|
2020-03-18 08:52:53 | How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats (lien direct) | The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations.
Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors.
In light of these insights, Cynet has also shared a few ways to best prepare for the |
Threat | ||
|
2020-03-18 03:38:50 | Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait (lien direct) | As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.
Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own |
Malware Threat | ||
|
2020-03-11 09:57:10 | Beware of \'Coronavirus Maps\' – It\'s a malware infecting PCs to steal passwords (lien direct) | Cybercriminals will stop at nothing to exploit every chance to prey on internet users.
Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks.
Reason Cybersecurity recently released a threat analysis report detailing a new attack that takes advantage of internet users' |
Malware Threat | ||
|
2020-03-03 04:50:15 | Download Guide - Advanced Threat Protection Beyond the AV (lien direct) | At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment.
The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutions (represented by vendors like Crowdstrike and Carbon Black) or Network Traffic Analysis/NDR |
Threat | ||
|
2020-02-21 08:50:15 | Microsoft Brings Defender Antivirus for Linux, Coming Soon for Android and iOS (lien direct) | Almost within a year after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian.
If this news hasn't gotten you excited yet...
Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and |
Threat | ||
|
2020-02-19 03:43:46 | US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences.
The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed |
Ransomware Threat |
To see everything:
Our RSS (filtrered)
