What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-11 07:55:07 | Source code for malware that targets Qiui Cellmate device was leaked online (lien direct) | The source code for the ChastityLock ransomware that was used in attacks aimed at the users of the Qiui Cellmate adult toy is now publicly available. Recently a family of ransomware was observed targeting the users of the Bluetooth-controlled Qiui Cellmate chastity device. Qiui Cellmate made the headlines in October when the researchers at Pen Test Partners […] | Ransomware Malware | ||
|
2021-01-10 21:13:06 | It is time to re-evaluate Cyber-defence solutions (lien direct) | Security expert Stefan Umit Uygur, CEO and Co-Founder at 4Securitas Ltd, provided his vision about the Cyber-defence solutions on the market Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the […] | |||
|
2021-01-10 14:38:04 | New Zealand central bank hit by a cyber attack (lien direct) | A cyber attack hit the New Zealand central bank, sensitive information has been potentially accessed by the intruders The New Zealand central bank announced today that a cyber attack hit its infrastructure. According to the Government organization, one of its data systems has been breached by an unidentified hacker, commercially and personally sensitive information might have […] | |||
|
2021-01-10 12:49:43 | Security Affairs newsletter Round 296 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. NCA arrested 21 customers of the WeLeakInfo service Over 200 million records of Chinese Citizens for Sale on the Darkweb Top data breaches of 2020 – Security Affairs Apex Laboratory […] | |||
|
2021-01-10 10:22:14 | TeamTNT botnet now steals Docker API and AWS credentials (lien direct) | Researchers from Trend Micro discovered that the TeamTNT botnet is now able to steal Docker API logins along with AWS credentials. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since April […] | Malware | ||
|
2021-01-09 18:55:09 | Dassault Falcon Jet hit by Ragnar Locker ransomware gang (lien direct) | Dassault Falcon Jet has disclosed a data breach that exposed personal information belonging to current and former employees. In December Dassault, Dassault Falcon Jet (DFJ) was the victim of a cyber attack that may have exposed personal information belonging to current and former employees. The data security incident also exposed information belonging to employees’ spouses […] | Ransomware Data Breach | ||
|
2021-01-09 14:09:45 | SolarWinds hackers also used common hacker techniques, CISA revealed (lien direct) | CISA revealed that threat actors behind the SolarWinds hack also used password guessing and password spraying in its attacks. Cybersecurity and Infrastructure Security Agency (CISA) revealed that threat actors behind the SolarWinds supply chain attack also employed common hacker techniques to compromise the networks of the targeted organizations, including password guessing and password spraying. “Frequently, […] | Hack Threat | ||
|
2021-01-09 10:51:37 | Twitter has permanently suspended the account of President Donald Trump (lien direct) | Twitter has permanently suspended the account of President Donald Trump on Friday, due to the risk of further incitement of violence. Twitter has permanently suspended President Donald Trump’s account fearing his tweets may trigger a new wave of violence. In response to the attack on the U.S. Capitol, the President's account was initially suspended for […] | |||
|
2021-01-08 22:12:53 | Nvidia releases security updates for GPU display driver and vGPU flaws (lien direct) | Nvidia has released security updates to address high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software. Nvidia has addressed a total of 16 flaws, including high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software. The addressed flaws may lead to denial of service, escalation of privileges, data tampering, or information disclosure. […] | Guideline | ||
|
2021-01-08 18:46:05 | Welcome Bureau of Cyberspace Security and Emerging Technologies (CSET) (lien direct) | United States Department of State approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET). The United States Secretary of State Mike Pompeo approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET) that was first announced in 2019. The CSET Bureau was created to increase the resilience of […] | |||
|
2021-01-08 16:13:55 | Unsecured Git server exposed Nissan North America (lien direct) | A misconfigured Git server is the root cause for the leak of source code of mobile apps and internal tools belonging to Nissan North America. A misconfigured Git server has caused the leak of the source code of mobile apps and internal software used by Nissan North America. The situation is embarrassing because the software […] | |||
|
2021-01-08 09:48:08 | Ezuri memory loader used in Linux and Windows malware (lien direct) | Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T's Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. The Ezuri memory loader tool allows to load and execute a payload directly into […] | Malware Tool Threat | ||
|
2021-01-07 23:30:56 | FBI alert warns private organizations of Egregor ransomware attacks (lien direct) | The US Federal Bureau of Investigation (FBI) issued a security alert warning private sector companies of Egregor ransomware attacks. The US FBI has issued a Private Industry Notification (PIN) to warn private organizations of Egregor ransomware attacks. The Egregor ransomware first appeared on the threat landscape in September 2020, since then the gang claimed to […] | Ransomware Threat | ||
|
2021-01-07 22:27:30 | Ryuk ransomware operations already made over $150M (lien direct) | The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. According to a joint report published by security firms Advanced-intel and HYAS, Ryuk operators […] | Ransomware | ||
|
2021-01-07 18:24:41 | North Korea-linked APT37 targets South with RokRat Trojan (lien direct) | Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government. On December 7 2020 researchers from Malwarebytes uncovered a campaign targeting the South Korean government with a variant of the RokRat RAT. The experts found a malicious document uploaded to Virus Total related to a […] | Threat | APT 37 | |
|
2021-01-07 14:23:56 | Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack (lien direct) | An expert found multiple serious vulnerabilities in Fortinet's FortiWeb web application firewall (WAF) that could expose corporate networks to hack. Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet's FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks. The flaws, tracked as CVE-2020-29015, CVE-2020-29016, CVE-2020-29018, and […] | Hack | ||
|
2021-01-07 13:05:11 | US Govt kicked off \'Hack the Army 3.0\' bug bounty program (lien direct) | The U.S. government is going to launch the ‘Hack the Army 3.0’ bug bounty program in collaboration with the HackerOne platform. The U.S. government launched Hack the Army 3.0, the third edition of its bug bounty program, in collaboration with the HackerOne platform. The second Hack the Army bug bounty program ran between October 9 and November […] | Hack | ||
|
2021-01-06 23:02:23 | SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes (lien direct) | The US DoJ revealed that threat actors behind the SolarWinds attack have gained access to roughly 3% of the department’s O365 mailboxes. The US Department of Justice (DoJ) published a press release to confirm that the threat actors behind the SolarWinds supply chain attack were able to access thousands of mailboxes of its employees. “On […] | Threat | ||
|
2021-01-06 21:56:50 | WhatsApp will share your data with Facebook and its companies (lien direct) | WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving them no choice. This is bad news for WhatsApp users and their privacy, the company is notifying them that starting February 8, 2021, they will be requested to share their data with Facebook companies. Curiously […] | |||
|
2021-01-06 18:24:20 | Google fixed a critical Remote Code Execution flaw in Android (lien direct) | Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google released an Android security update that addresses 43 flaws, including a critical remote code execution vulnerability in the Android System component tracked as CVE-2021-0316. Google addressed the flaws with the release of Security patch levels […] | Vulnerability | ||
|
2021-01-06 16:02:12 | Fake Trump sex video used to spread QNode RAT (lien direct) | Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. Security experts from Trustwave uncovered a malspam campaign that is delivering the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. The spam messages use the subject “GOOD LOAN OFFER!!” […] | Spam | ||
|
2021-01-06 12:15:31 | (Déjà vu) Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack (lien direct) | Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be exploited by […] | Hack Vulnerability | ||
|
2021-01-06 00:00:17 | FBI, CISA, ODNI and NSA blames Russia for SolarWinds hack (lien direct) | A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain attack. The US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. On behalf of President Trump, the four agencies were part of the task force […] | Hack | ||
|
2021-01-05 21:09:10 | New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users (lien direct) | Researchers uncovered a large scale operation targeting cryptocurrency users with a previously undetected multiplatform RAT named ElectroRAT. Security researchers from Intezer uncovered a large scale operation targeting cryptocurrency users with a previously undetected RAT named ElectroRAT. The campaign was uncovered in December, but according to the experts is active since at least January 2020. The […] | |||
|
2021-01-05 14:04:51 | Healthcare organizations faced a 45% increase in attacks since November (lien direct) | According to a new report published by Check Point, organizations in the healthcare industry have faced a 45% increase in attacks since November. Check Point researchers reported a surge in the number of attacks against organizations in the healthcare industry, +45% since November. This is more than double the overall increase observed by the experts […] | |||
|
2021-01-05 11:34:43 | Over 500,000 credentials for tens of gaming firm available in the Dark Web (lien direct) | The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked on online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to top 25 gaming firms. The alarm was raised by the threat intelligence firm Kela […] | Threat Guideline | ||
|
2021-01-05 09:09:41 | How to bypass the Google Audio reCAPTCHA with a new version of unCaptcha2 attack (lien direct) | A German security researcher demonstrated how to break, once again, the Google Audio reCAPTCHA with Google’s own Speech to Text API. Back in 2017, researchers from the University of Maryland demonstrated an attack method, dubbed unCaptcha, against Google’s audio-based reCAPTCHA v2. The system receives the audio challenge, downloads it, and submits it to Speech To […] | |||
|
2021-01-05 00:29:29 | Experts linked ransomware attacks to China-linked APT27 (lien direct) | Researchers from security firms Profero and Security Joes linked a series of ransomware attacks to the China-linked APT27 group. Security researchers from security firms Profero and Security Joes investigated a series of ransomware attacks against multiple organizations and linked them to China-linked APT groups. The experts attribute the attacks to the Chinese cyberespionage group APT27 […] | Ransomware | APT 27 APT 27 | |
|
2021-01-04 22:52:14 | Apex Laboratory disclose data breach after a ransomware attack (lien direct) | At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach. Apex Laboratory, Inc. is a clinical laboratory that has been providing home laboratory services to homebound and Nursing Home patients in the NY Metropolitan Area for over 20 years. The at-home laboratory services provider Apex Laboratory disclosed a ransomware attack, the […] | Ransomware Data Breach | ||
|
2021-01-04 15:19:53 | British Court rejects the US\'s request to extradite Julian Assange (lien direct) | A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country. WikiLeaks founder Julian Assange should not be extradited to the US to stand trial, the Westminster Magistrates’ Court has rejected the US government’s request to extradite him on charges related to illegally obtaining and sharing […] | |||
|
2021-01-04 08:49:19 | New alleged MuddyWater attack downloads a PowerShell script from GitHub (lien direct) | Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub. Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub. This PowerShell script is also used by threat actors to download a legitimate image file from image hosting […] | Malware Threat | ||
|
2021-01-03 14:52:32 | Over 200 million records of Chinese Citizens for Sale on the Darkweb (lien direct) | During a routine Dark web monitoring, the Research team at Cyble found threat actors selling 200 million+ Records of Chinese Citizens. During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from […] | Threat | ||
|
2021-01-03 14:15:06 | Top data breaches of 2020 – Security Affairs (lien direct) | Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks. Below […] | |||
|
2021-01-03 11:25:18 | Security Affairs newsletter Round 295 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. HackerOne announces first bug hunter to earn more than $2M in bug bounties SolarWinds releases updated advisory for SUPERNOVA backdoor Vermont Hospital confirmed the ransomware attack E-commerce app 21 Buttons […] | Ransomware | ||
|
2021-01-03 09:56:13 | NCA arrested 21 customers of the WeLeakInfo service (lien direct) | NCA arrested 21 people in the UK as part of an operation targeting customers of WeLeakInfo service that advertised stolen personal credentials. 21 people have been arrested in the UK as part of an operation against customers of the WeLeakInfo[.]com service that had been previously selling access to data from data breaches. WeLeakInfo.com was a […] | |||
|
2021-01-03 09:21:19 | (Déjà vu) COVID-19 themed attacks December 19, 2020– January 02, 2021 (lien direct) | This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021. 25 December, 2020 – North Korea-linked Lazarus APT targets the COVID-19 research The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID19 research. 30 December, 2020 – US Treasury […] | APT 38 APT 28 | ||
|
2021-01-02 18:32:26 | Ticketmaster will pay $10 Million fine over hacking a competitor (lien direct) | Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The news is disturbing, Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems […] | ★★★★★ | ||
|
2021-01-02 14:40:26 | Top stories of 2020 (lien direct) | Below the list of the top stories of 2020. December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware BleepingComputer researchers confirmed that Garmin has received the […] | Ransomware Hack | ||
|
2021-01-02 13:54:45 | FBI warns swatting attacks on owners of smart devices (lien direct) | The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called “swatting” attacks. Swatting attacks consist of hoax calls made to emergency services, typically reporting […] | |||
|
2021-01-02 10:45:02 | AutoHotkey-Based credential stealer targets bank in the US and Canada (lien direct) | Experts spotted a new credential stealer written in AutoHotkey (AHK) scripting language that is targeting the US and Canadian bank customers. Security experts from Trend Micro have discovered a new credential stealer written in AutoHotkey (AHK) scripting language that is targeting the US and Canadian bank customers as part of an ongoing campaign that has […] | |||
|
2021-01-01 21:57:35 | Facebook ads used to steal 615000+ credentials in a phishing campaign (lien direct) | Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims' login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. Threat actors are using Facebook ads to redirect users to Github accounts hosting phishing pages used to steal victims’ login credentials. The campaign targeted more than […] | Threat | ||
|
2021-01-01 17:58:23 | Expert found a secret backdoor in Zyxel firewall and VPN (lien direct) | Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS score of 7.8, it could be exploited […] | Vulnerability | ||
|
2021-01-01 16:03:02 | Today Adobe Flash Player reached the end of life (EOL) (lien direct) | Today Adobe Flash Player has reached its end of life (EOL), its vulnerabilities were exploited by multiple threat actors in attacks in the wild over the years. Adobe Flash Player has reached the end of life (EOL) today, over the years, threat actors have exploited multiple vulnerabilities in the popular software. Adobe will no longer […] | Threat | ||
|
2021-01-01 13:25:50 | Alleged docs relating to Covid-19 vaccine leaked in darkweb (lien direct) | Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb. While the pandemic is spreading on a […] | Threat | ||
|
2020-12-31 21:46:01 | (Déjà vu) SolarWinds hackers gained access to Microsoft source code (lien direct) | The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft products. The threat actors behind the SolarWinds attack could have compromised a small number of internal accounts and used at least one of them to view source code in a number of source code repositories. […] | Threat | ||
|
2020-12-31 18:48:52 | (Déjà vu) Threat actor is selling 368.8 million records from 26 data breaches (lien direct) | A data breach broker is selling user records allegedly from twenty-six data breaches on a hacker forum. Security experts from Bleeping Computer reported that a threat actor is selling user records allegedly stolen from twenty-six companies on a hacker forum. The total volume of data available for sale is composed of 368.8 million stolen user […] | Data Breach Threat | ||
|
2020-12-31 14:20:49 | New Golang-based Crypto worm infects Windows and Linux servers (lien direct) | Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers. The malware has been active since early December targeting public-facing services, including MySQL, Tomcat admin panel and Jenkins that are protected with weak passwords. The worm […] | Malware | ||
|
2020-12-31 10:52:10 | Emotet campaign hits Lithuania\'s National Public Health Center and several state institutions (lien direct) | An Emotet campaign hit Lithuania, the malware has infected systems at the National Center for Public Health (NVSC) and several municipalities. A large-scale Emotet campaign hit Lithuania, the malware has infected the networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities. “The National Cyber Security Center under the Ministry of National Defense […] | Malware | ||
|
2020-12-30 23:13:06 | (Déjà vu) T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed (lien direct) | T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has disclosed a data breach exposing customers’ account’s information. The T-Mobile security staff discovered “malicious, unauthorized access” to their systems. “We are reaching out to let you know about a security incident we recently identified and […] | Data Breach | ||
|
2020-12-30 20:51:35 | CISA demands US govt agencies to update SolarWinds Orion software (lien direct) | US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end of the year. The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its official guidance to order US federal agencies to update the SolarWinds Orion platforms by the end of the year. According to […] |
To see everything:
Our RSS (filtrered)
