What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-28 15:03:56 | New Zealand-based cryptocurrency exchange Cryptopia hacked again (lien direct) | The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million […] | Threat | ||
|
2021-02-28 10:24:58 | Security Affairs newsletter Round 303 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing […] | Threat | ||
|
2021-02-27 21:48:48 | Experts found a critical authentication bypass flaw in Rockwell Automation software (lien direct) | A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University […] | Vulnerability | ||
|
2021-02-27 17:18:41 | (Déjà vu) Hotarus Corp gang hacked Ecuador\'s Ministry of Finance and Banco Pichincha (lien direct) | ‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from […] | Ransomware | ||
|
2021-02-27 13:55:31 | T-Mobile customers were hit with SIM swapping attacks (lien direct) | The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Crooks conduct SIM swapping attacks to take control of victims’ […] | Data Breach | ||
|
2021-02-26 23:16:23 | New Ryuk ransomware implements self-spreading capabilities (lien direct) | French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks. Experts from French national cyber-security agency ANSSI have spotted a new Ryuk ransomware variant that implements worm-like capabilities that allow within local networks. “On top of its usual functions, this version holds a new attribute […] | Ransomware | ||
|
2021-02-26 17:36:35 | (Déjà vu) Microsoft releases open-source CodeQL queries to assess Solorigate compromise (lien direct) | Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack Microsoft has announced the availability of open-source CodeQL queries that the IT giant used during its investigation into the SolarWinds attack. In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a joint […] | Solardwinds Solardwinds | ||
|
2021-02-26 14:41:43 | Data Breach: Turkish legal advising company exposed over 15,000 clients (lien direct) | Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. The server contained 55,000 court papers regarding over 15,000 legal cases, which affected hundreds of thousands of people. What's Going On? Our online security team has uncovered a massive data breach originating from a misconfigured […] | Data Breach | ||
|
2021-02-26 12:12:24 | Hackers are selling access to Biochemical systems at Oxford University Lab (lien direct) | Hackers have broken into the biochemical systems of an Oxford University lab where researchers are working on the study of Covid-19. Hackers compromised the systems at one of the most advanced biology labs at the Oxford University that is involved in the research on the Covid-19 pandemic. The news was disclosed by Forbes and the […] | |||
|
2021-02-26 09:06:50 | Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack (lien direct) | Dutch Research Council (NWO) confirmed that the recent cyberattack that forced it to take its servers offline was caused by the DoppelPaymer ransomware gang. On February 14, Dutch Research Council (NWO) was hit by a cyber attack that compromised its network and impacted its operations. In response to the incident, the Dutch Research Council (NWO) […] | Ransomware | ||
|
2021-02-26 00:15:33 | China-linked TA413 group target Tibetan organizations (lien direct) | The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked cyberespionage group TA413 targeted Tibetan organizations across the world using a malicious Firefox add-on, dubbed FriarFox, that allowed them to steal Gmail and Firefox browser data and deliver malware on infected systems. “We attribute this […] | Malware | ||
|
2021-02-25 21:41:33 | (Déjà vu) Cisco fixes three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS (lien direct) | Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Cisco released security updates to address over a dozen vulnerabilities affecting multiple products, including three critical flaws impacting its ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. The most severe vulnerability […] | Vulnerability | ||
|
2021-02-25 17:50:39 | North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor (lien direct) | North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The experts discovered the custom backdoor while investigating an […] | APT 38 APT 28 | ||
|
2021-02-25 15:50:16 | (Déjà vu) Google discloses technical details of Windows CVE-2021-24093 RCE flaw (lien direct) | Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093, that can be exploited for remote code execution in the context of the DirectWrite client. DirectWrite […] | Vulnerability | ||
|
2021-02-25 12:56:41 | Thousands of VMware Center servers exposed online and potentially vulnerable to CVE-2021-21972 flaw (lien direct) | A Chinese security researcher published a PoC code for the CVE-2021-21972 vulnerability in VMware Center, thousands of vulnerable servers are exposed online. A Chinese security researcher published the Proof-of-concept exploit code for the CVE-2021-21972 RCE vulnerability affecting VMware vCenter servers. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi […] | Vulnerability | ||
|
2021-02-24 22:30:52 | Ukraine: nation-state hackers hit government document management system (lien direct) | Ukraine ‘s government attributes a cyberattack on the government document management system to a Russia-linked APT group. The Ukraine ‘s government blames a Russia-linked APT group for an attack on a government document management system, the System of Electronic Interaction of Executive Bodies (SEI EB). According to Ukrainian officials, the hackers aimed at disseminating malicious […] | |||
|
2021-02-24 20:50:54 | A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism (lien direct) | Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. This technique allows botnet operators to make their infrastructure resilient […] | |||
|
2021-02-24 08:48:26 | Airplane manufacturer Bombardier has disclosed a security breach, data leaked online (lien direct) | Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day […] | Ransomware | ||
|
2021-02-23 22:39:22 | VMware addresses a critical RCE issue in vCenter Server (lien direct) | VMware addressed a critical remote code execution flaw, tracked as CVE-2021-21972, in vCenter Server virtual infrastructure management platform. VMware has addressed a critical remote code execution (RCE) vulnerability in the vCenter Server virtual infrastructure management platform, tracked as CVE-2021-21972, that could be exploited by attackers to potentially take control of affected systems. vCenter Server is the centralized […] | Vulnerability | ||
|
2021-02-23 20:56:40 | Twitter removes 100 accounts linked to Russia disseminating disinformation (lien direct) | Twitter removed dozens of accounts allegedly used by Russia-linked threat actors to disseminate disinformation and target western countries. Twitter has removed dozens of accounts used by Russia-linked threat actors that were used to disseminate disinformation and to target the European Union, the United States, and the NATO alliance. Experts believe the accounts were part of […] | Threat | ||
|
2021-02-23 17:12:47 | IBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMS (lien direct) | IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions. IBM has released security updates to address several high- and medium-severity flaws affecting some of its enterprise products, including IBM Java Runtime, IBM Planning Analytics Workspace, and IBM Kenexa LMS On Premise. Two issues, tracked as CVE-2020-14782 and […] | |||
|
2021-02-23 09:36:03 | FIN11 cybercrime group is behind recent wave of attacks on FTA servers (lien direct) | FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […] | |||
|
2021-02-23 07:31:18 | NurseryCam daycare cam service shut down after security breach (lien direct) | Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On Friday, The Register become aware of the compromise of the NurseryCam network. NurseryCam is produced by the companies FootfallCam Ltd and Meta Technologies Ltd. In response to the incident, the company shut down its IoT […] | |||
|
2021-02-22 21:45:45 | Ukraine sites suffered massive attacks launched from Russian networks (lien direct) | Ukraine ‘s government accused unnamed Russian traffic networks as the source of massive attacks on Ukrainian security and defense websites. Today Ukraine accused unnamed Russian internet networks of massive attacks that targeted Ukrainian security and defense websites. The Ukrainian officials did not provide details about the attacks either the damage they have caused. “It was […] | |||
|
2021-02-22 19:01:11 | Georgetown County has yet to recover from a sophisticated cyber attack (lien direct) | The systems of Georgetown County have been hacked at the end of January, and the county staff is still working to rebuild its computer network. The systems of Georgetown County have been hit with a sophisticated cyber attack at the end of January, and the county staff is still working to recover from the incident. […] | |||
|
2021-02-22 12:57:44 | An attacker was able to siphon audio feeds from multiple Clubhouse rooms (lien direct) | An attacker demonstrated this week that Clubhouse chats are not secure, he was able to siphon audio feeds from “multiple rooms” into its own website While the popularity of the audio chatroom app Clubhouse continues to increase experts are questioning the security and privacy level it offers to its users. Recently the company announced it […] | |||
|
2021-02-22 06:28:33 | Researchers uncovered a new Malware Builder dubbed APOMacroSploit (lien direct) | Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was […] | Malware | ||
|
2021-02-21 21:00:36 | Experts warn of threat actors abusing Google Alerts to deliver unwanted programs (lien direct) | Experts warn of threat actors using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs. Experts from BleepingComputer are warning of threat actors that are using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs. Bad actors publish posts with titles containing popular keywords to […] | Threat | ||
|
2021-02-21 17:13:53 | (Déjà vu) Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com (lien direct) | A white hat hacker has earned a $5,000 reward from Apple for reporting a stored cross-site scripting (XSS) vulnerability on iCloud.com. The bug bounty hunter Vishal Bharad has earned a $5,000 reward from Apple for reporting a stored cross-site scripting (XSS) vulnerability on iCloud.com. Bharad was searching for cross-site request forgery (CSRF), insecure direct object […] | Vulnerability | ||
|
2021-02-21 14:57:43 | FBI warns of the consequences of telephony denial-of-service (TDoS) attacks (lien direct) | The Federal Bureau of Investigation (FBI) has issued a warning about the risks of telephony denial-of-service (TDoS) attacks on call centers. The United States' Federal Bureau of Investigation (FBI) is warning of the consequences of telephony denial-of-service (TDoS) attacks on call centers, which in some cases could threaten people's lives. TDoS attacks could render telephone systems unavailable […] | |||
|
2021-02-21 10:02:56 | Security Affairs newsletter Round 302 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. PayPal addresses reflected XSS bug in user wallet currency converter The kingpin behind Jokers Stash retires with a […] | |||
|
2021-02-20 23:13:40 | The US Government is going to respond to the SolarWinds hack very soon (lien direct) | The US is going to respond to the SolarWinds supply chain attack within weeks, national security adviser Jake Sullivan told CNN. The US will respond within weeks to the devastating SolarWinds supply cyber attack, national security adviser Jake Sullivan told CNN. “We are in the process now of working through, with the intelligence community and [President […] | Hack | ★★★★ | |
|
2021-02-20 18:46:39 | Sequoia Capital Venture Capital firm discloses a data breach (lien direct) | Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to their information. Sequoia Capital, one of the most prominent venture capital firms that focus on the technology industry, discloses a data breach. The company informed its investors that an unauthorized third party had access to their […] | Data Breach | ||
|
2021-02-20 16:42:40 | SonicWall releases second firmware updates for SMA 100 vulnerability (lien direct) | Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. SonicWall disclosed a security breach on January 22, it blamed sophisticated threat actors for the intrusion. On January, 29 […] | Vulnerability Threat | ||
|
2021-02-20 14:09:20 | Silver Sparrow, a new malware infects Mac systems using Apple M1 chip (lien direct) | Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. Malware researchers at Red Canary uncovered a new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. According to data shared by Malwarebytes, as […] | Malware | ||
|
2021-02-19 22:45:28 | Privacy bug in the Brave browser exposes Tor addresses to user\'s DNS provider (lien direct) | A privacy bug in the Brave Browser caused the leak of the Tor onion URL addresses visited in the Tor mode by the users. A bug in the Private Window with Tor implemented in the Brave web browser could reveal the onion sites visited by the users. The Tor mode implemented in the Brave web […] | |||
|
2021-02-19 18:06:50 | New Masslogger Trojan variant exfiltrates user credentials (lien direct) | MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. MassLogger Windows credential stealer is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. Cisco Talos experts uncovered attacks against users in Turkey, Latvia, and Italy, the […] | |||
|
2021-02-19 12:12:01 | Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning (lien direct) | Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are their next targets. The popular security researcher Patrick Wardle discovered one of the first malware designed to target latest generation of Apple devices using the company M1 chip. The discovery suggests threat actors are tailoring […] | Malware Threat | ||
|
2021-02-19 09:09:48 | Hackers steal credit card data abusing Google\'s Apps Script (lien direct) | Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development platform to steal payment card information from e-stores. Sansec researchers reported that threat actors are abusing Google’s Apps Script business application development platform to steal credit card data provided by customers of e-commerce websites. “Attackers use […] | Threat | ||
|
2021-02-18 20:13:20 | SolarWinds hackers had access to components used by Azure, Intune, and Exchange (lien direct) | Microsoft announced that SolarWinds hackers could have had access to repositories containing some components used by Azure, Intune, and Exchange. Microsoft announced that the threat actors behind the SolarWinds supply chain attack could have had access to repositories containing the source code for a limited number of components used by Azure, Intune, and Exchange. In […] | Threat | ||
|
2021-02-18 17:10:54 | WatchDog botnet targets Windows and Linux servers in cryptomining campaign (lien direct) | PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. WatchDog is one of the largest and longest-lasting Monero cryptojacking operations uncovered by security experts, […] | |||
|
2021-02-18 07:07:30 | The OpenSSL Project addressed three vulnerabilities (lien direct) | The OpenSSL Project addressed three vulnerabilities, including two denial-of-service (DoS) issues and a bug in the SSLv2 rollback protection. The OpenSSL Project released security patches to address three vulnerabilities, two denial-of-service (DoS) flaws, and an incorrect SSLv2 rollback protection issue. The fist vulnerability, tracked as CVE-2021-23841, is a NULL pointer dereference issue that can be […] | |||
|
2021-02-17 22:25:42 | US DoJ charges three members of the North Korea-linked Lazarus APT group (lien direct) | The US DOJ charged three members of the North Korea-linked Lazarus Advanced Persistent Threat (APT) group. The U.S. Justice Department indicted three North Korean military intelligence officials, members of the Lazarus APT group, for their involvement in cyber-attacks, including the theft of $1.3 billion in money and crypto-currency from organizations around the globe. The indictment […] | Threat | APT 38 APT 28 | |
|
2021-02-17 18:24:04 | ScamClub malvertising gang abused WebKit zero-day to redirect to online gift card scams (lien direct) | Malvertising gang ScamClub has exploited an unpatched zero-day vulnerability in WebKit-based browsers in a campaign aimed at realizing online gift card scams. The Malvertising gang ScamClub has abused an unpatched zero-day vulnerability in WebKit-based browsers to bypass security measures and redirect users from legitimate sites to websites hosting online gift card scams. The malvertising campaign […] | Vulnerability | ||
|
2021-02-17 12:42:57 | Centreon says that recently disclosed campaigns only targeted obsolete versions of its open-source software (lien direct) | French software firm Centreon announced this week that the recently disclosed supply chain attack did not impact its paid customers. The French security agency ANSSI recently warned of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates […] | |||
|
2021-02-17 07:17:32 | Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware (lien direct) | Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication. Although exists a strong adoption of technologies with the goal of protecting the final user such as plugins, tokens, e-tokens, two-factor-authentication mechanisms, CHIP, PIN […] | Malware | ||
|
2021-02-16 22:11:50 | Telegram flaw could have allowed access to users secret chats (lien direct) | Experts at Shielder disclosed a flaw in the Telegram app that could have exposed users’ secret messages, photos, and videos to remote attackers. Researchers at cyber security firm Shielder discovered a critical flaw affecting iOS, Android, and macOS versions of the instant messaging app Telegram. The experts discovered that sending a sticker to a Telegram user could […] | |||
|
2021-02-16 15:55:38 | Hackers abusing the Ngrok platform phishing attacks (lien direct) | Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost. ngrok is a cross-platform application used to […] | Threat | ||
|
2021-02-16 09:52:27 | Popular SHAREit app is affected by severe flaws yet to be fixed (lien direct) | Multiple vulnerabilities in the popular file-sharing app SHAREit have yet, to be addressed, experts from Trend Micro warned. SHAREit is a popular file-sharing Android app with more than one billion downloads, experts from Trend Micro discovered multiple unpatched vulnerabilities in its code. The vulnerabilities impact the Android version of SHAREit, a mobile app that allows users […] | |||
|
2021-02-16 08:16:00 | A new Bluetooth overlay skimmer block chip-based transactions (lien direct) | Experts discovered a new Bluetooth overlay skimmer that interferes with the ability of the terminal to read chip-based cards, forcing the use of the stripe. The popular investigator Brian Krebs reported the discovery of a new Bluetooth overlay skimmer that interfered with the terminal's ability to read chip-based cards, forcing the use of the magnetic […] |
To see everything:
Our RSS (filtrered)
