Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-12-19 16:10:00 |
Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future (lien direct) |
Trend Micro's latest research paper analyzed ways in which ransomware groups could evolve to stay on top of strengthened cyber-protection measures |
Ransomware
Prediction
|
|
★★★
|
|
2022-12-19 15:30:00 |
Meta Takes Down Over 200 Covert Influence Operations Since 2017 (lien direct) |
The most common location for influence operations was Russia, according to Meta |
|
|
★★★
|
|
2022-12-19 11:30:00 |
Mobile App Users at Risk as API Keys of Email Marketing Services Exposed (lien direct) |
Leaked API keys allow threat actors to perform a variety of unauthorized actions |
Threat
|
|
★★★
|
|
2022-12-19 11:00:00 |
NIST to Scrap SHA-1 Algorithm by 2030 (lien direct) |
The agency said it will stop using SHA-1 in its last remaining specified protocols by December 31 2030 |
|
|
★★★
|
|
2022-12-19 09:30:00 |
API Vulnerabilities Discovered in LEGO Marketplace (lien direct) |
The vulnerabilities, which are now fixed, could have put sensitive customer data at risk |
|
|
★
|
|
2022-12-16 18:00:00 |
Agenda Ransomware Switches to Rust to Attack Critical Infrastructure (lien direct) |
Victim companies have a combined revenue of around $550m |
Ransomware
|
|
★★
|
|
2022-12-16 17:00:00 |
Meta\'s Bug Bounty Program Shows $2m Awarded in 2022 (lien direct) |
The total amount since the program's establishment in 2011 is reportedly $16m |
|
|
★★
|
|
2022-12-16 16:00:00 |
Social Blade Confirms Data Breach Exposing PII on the Dark Web (lien direct) |
The company confirmed the data does not include any credit card information |
Data Breach
|
|
★★
|
|
2022-12-16 11:00:00 |
Two-Thirds of Security Pros Have Burnt Out in Past Year (lien direct) |
Excessive workload is the most common contributing factor |
|
|
★★★
|
|
2022-12-16 10:00:00 |
Former Twitter Employee Gets 42 Months for Saudi Scheme (lien direct) |
Insider was bribed by the Middle East kingdom |
|
|
★★
|
|
2022-12-16 09:30:00 |
OECD Signs "Landmark" Privacy Agreement (lien direct) |
Club of rich countries wants to improve cross-border data flows |
|
|
★★
|
|
2022-12-15 18:00:00 |
Senate Approves Bill Banning TikTok From US Government Devices (lien direct) |
The bill still needs to receive approval from the US House of Representatives |
|
|
★★★★
|
|
2022-12-15 17:00:00 |
NSA, CISA Warn Against Threats to 5G Network Slicing (lien direct) |
Improper network slice management may enable attackers to access data from different network slices |
|
|
★★★
|
|
2022-12-15 16:00:00 |
Loan Scam Campaign \'MoneyMonger\' Exploits Flutter to Hide Malware (lien direct) |
Zimperium said the code was part of an existing campaign previously discovered by K7 Security Labs |
Malware
|
|
★★
|
|
2022-12-15 10:30:00 |
Feds Hit DDoS-for-Hire Services with 48 Domain Seizures (lien direct) |
Six also charged in connection with booter services |
|
|
★★
|
|
2022-12-15 10:00:00 |
Over 85% of Attacks Hide in Encrypted Channels (lien direct) |
Zscaler reveals 20% increase in malicious use of encryption |
|
|
★★★
|
|
2022-12-15 09:30:00 |
Platforms Flooded with 144,000 Phishing Packages (lien direct) |
NuGet, PyPi and npm inundated with malicious packages |
|
|
★★★
|
|
2022-12-14 18:00:00 |
(Déjà vu) Signed Microsoft Drivers Used in Attacks Against Businesses (lien direct) |
In some cases, the threat actor's intent was to ultimately provide SIM-swapping services |
Threat
|
|
★
|
|
2022-12-14 17:00:00 |
AgentTesla Remains Most Prolific Malware in November, Emotet and Qbot Grow (lien direct) |
These are some of the key findings from the latest Check Point Research Most Wanted report |
Malware
|
|
★★
|
|
2022-12-14 16:00:00 |
Apple Fixes Actively Exploited iPhone Zero-Day Vulnerability (lien direct) |
The vulnerability could allow remote code execution (RCE) on a victim's device |
Vulnerability
|
|
★★
|
|
2022-12-14 10:30:00 |
New Google Tool Helps Devs Root Out Open Source Bugs (lien direct) |
Free OSV-Scanner searches transitive dependencies |
Tool
|
|
★
|
|
2022-12-14 10:00:00 |
Loan Fee Fraud Surges by a Fifth as Christmas Approaches (lien direct) |
FCA warns of pressure tactics as cost of living bites |
|
|
★★
|
|
2022-12-14 09:30:00 |
Two Zero-Days Fixed in December Patch Tuesday (lien direct) |
Close to 50 CVEs addressed this month |
|
|
★★
|
|
2022-12-13 18:02:00 |
Twitter Addresses November Data Leak Claims (lien direct) |
No passwords were reportedly exposed, but Twitter prompted users to enable 2FA to protect accounts |
|
|
★★★
|
|
2022-12-13 17:31:00 |
California Hit By Cyber-Attack, LockBit Claims Responsibility (lien direct) |
At the time of writing, the California Budget website remains offline |
|
|
★★
|
|
2022-12-13 16:00:00 |
Uber Hit By New Data Breach After Attack on Third-Party Vendor (lien direct) |
Company information was stolen from third-party vendor Teqtivity and posted on a dark web forum |
Data Breach
|
Uber
Uber
|
★★
|
|
2022-12-13 10:45:00 |
Experts Warn ChatGPT Could Democratize Cybercrime (lien direct) |
Researchers claim AI bot can write malware and craft phishing emails |
Malware
|
ChatGPT
|
★★★
|
|
2022-12-13 10:10:00 |
Aussie Data Breaches Surge 489% in Q4 2022 (lien direct) |
Country bucks the global trend thanks to high-profile incidents |
Prediction
|
|
★★
|
|
2022-12-13 09:40:00 |
Security Overlooked in Rush to Hybrid Working (lien direct) |
Apogee study finds just 14% consider it a priority |
|
|
★★
|
|
2022-12-12 18:00:00 |
HSE Cyber-Attack Costs Ireland $83m So Far (lien direct) |
A total of roughly 100,000 people had their personal data stolen during the cyber-attack |
|
|
★★★
|
|
2022-12-12 17:00:00 |
Chaos RAT Used to Enhance Linux Cryptomining Attacks (lien direct) |
The main downloader script and further payloads were hosted in different locations |
|
|
★★★
|
|
2022-12-12 16:00:00 |
Royal Ransomware Targets US Healthcare (lien direct) |
Requested ransom payment demands ranged from $250,000 to over $2m |
Ransomware
|
|
★★★
|
|
2022-12-12 11:35:00 |
Transitive Dependencies Account for 95% of Bugs (lien direct) |
Endor Labs warns of dangerous complexities in open source |
|
|
★★
|
|
2022-12-12 10:30:00 |
North Korean Hackers Impersonate Researchers to Steal Intel (lien direct) |
Report associates new intelligence-gathering tactic with Kimsuky group |
|
|
★★★
|
|
2022-12-12 09:40:00 |
Researchers Find 63 Zero-Day Bugs at Latest Pwn2Own (lien direct) |
Competition awards winning participants nearly $1m |
|
|
★★
|
|
2022-12-09 18:00:00 |
Truebot Malware Activity Increases With Possible Evil Corp Connections (lien direct) |
The campaigns observed by Cisco Talos have resulted in the creation of two botnets |
Malware
|
|
★★★
|
|
2022-12-09 17:00:00 |
BEC Attacks Expand Beyond Email and Toward Mobile Devices (lien direct) |
Scammers typically obtain mobile numbers from data breaches, social media and data brokers |
|
|
★★★
|
|
2022-12-09 16:00:00 |
Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions (lien direct) |
Secureworks said the malicious code is written in .NET and comprises a dropper and a payload |
Malware
|
APT 15
|
★★★
|
|
2022-12-09 14:45:00 |
Software Supply Chain Attacks Leveraging Open-Sources Repos Growing (lien direct) |
ReversingLabs found an increasing number of malicious packages in three popular repositories |
|
|
★★★
|
|
2022-12-09 12:00:00 |
#BHEU: UK Government Calls for Industry Input on its Cybersecurity Strategy (lien direct) |
A DCMS official sets out the UK government's cybersecurity strategy during Black Hat Europe 2022 |
|
|
★★
|
|
2022-12-09 10:30:00 |
Government to Fund Security Studies for Hundreds of Students (lien direct) |
Latest move shows urgent need to nurture skills pipeline |
Studies
|
|
★★★
|
|
2022-12-09 10:00:00 |
Security Concerns Scupper Deals for Two-Thirds of Firms (lien direct) |
Global report ties poor security to bottom-line impact |
|
|
★★
|
|
2022-12-09 09:30:00 |
Government Sets Out New Rules to Enhance App Security (lien direct) |
Voluntary code of conduct is designed for developers and app store operators |
|
|
★★
|
|
2022-12-08 18:00:00 |
US Sues TikTok Over Child Safety and Data Security Claims (lien direct) |
The Indiana court said TikTok promoted age-restricted content regardless of a user's age |
|
|
★★★
|
|
2022-12-08 17:00:00 |
Iranian APT Agrius Targets Diamond Industry Worldwide With Fantasy Wiper (lien direct) |
The group conducted supply chain attacks against the diamond industry across three continents |
|
|
★★★
|
|
2022-12-08 16:00:00 |
Apple Introduces New Data Protections to Increase Cloud Security (lien direct) |
The new features will be globally available in 2023, but one of them already is for some US users |
|
|
★★
|
|
2022-12-08 13:30:00 |
#BHEU: Time for Cyber Pros to Shape the Industry\'s Future (lien direct) |
Jen Ellis urges the cyber industry to take a leading role in shaping its future, during Black Hat Europe 2022 |
Guideline
|
|
★★
|
|
2022-12-08 10:30:00 |
Pet Dog Unmasks Drug Trafficker on Encrypted Chat (lien direct) |
Police studied photos sent via EncroChat to reveal users |
|
|
★★★
|
|
2022-12-08 10:00:00 |
Investment Fraud Gang May Have Made $500m (lien direct) |
CryptosLabs has been operating since 2018, says Group-IB |
|
|
★★
|
|
2022-12-08 09:30:00 |
Cyber-criminals Scammed Each Other Out of Millions in 2022 (lien direct) |
Sophos report reveals thriving "sub-economy" on underground sites |
|
|
★★
|