What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-16 17:06:18 | Crooks use software skimmer that pretends to be a security firm (lien direct) | Security experts from Sucuri analyzing a software skimmer that is abusing its brand name in order to evade detection. Researchers at Sucuri analyzed a software skimmer that is using their brand name in order to evade detection. The e-skimmer is a base64-encoded JavaScript blob that attackers inject into target webpages. During a routine investigation, the […] | |||
|
2020-11-16 15:18:44 | Lazarus malware delivered to South Korean users via supply chain attacks (lien direct) | North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates. Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA) is behind cyber campaigns targeting South Korean supply chains. According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South […] | Malware Medical | APT 38 | |
|
2020-11-16 07:51:35 | New skimmer attack uses WebSockets to evade detection (lien direct) | Experts spotted a new skimmer attack that used an alternative technique to exfiltrate payment information from payment cards. Researchers from Akamai discovered a new skimmer attack that is targeting several e-stores with a new technique to exfiltrate data. Threat actors are using fake credit card forum and WebSockets to steal the financial and personal information of the […] | Threat | ||
|
2020-11-16 07:26:44 | New Jupyter information stealer appeared in the threat landscape (lien direct) | Russian-speaking threat actors have been using a piece of malware, dubbed Jupyter malware, to steal information from their victims. Researchers at Morphisec have spotted Russian-speaking threat actors that have been using a piece of .NET infostealer, tracked as Jupyter, to steal information from their victims. The Jupyter malware is able to collect data from multiple […] | Malware Threat | ||
|
2020-11-15 14:27:16 | The North Face website suffered a credential stuffing attack (lien direct) | Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack. Outdoor retail giant The North Face has forced a password reset for a number of its customers following a successful credential stuffing attack that took place on October 8th and 9th. Credential stuffing attacks involve botnets […] | |||
|
2020-11-15 13:06:59 | Security Affairs newsletter Round 289 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Creative Office 365 phishing inverts images to avoid detection bots Luxottica data breach exposes info of LensCrafters and EyeMed patients Pwn2Own Tokyo Day 3: Team Flashback crowned Master of Pwn […] | Data Breach | ||
|
2020-11-15 12:13:23 | Chilean-based retail giant Cencosud hit by Egregor Ransomware (lien direct) | Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Cencosud the largest retail company in Chile and the third largest listed […] | Ransomware | ||
|
2020-11-15 11:02:45 | Shiny Hacker hacked Pluto TV service, 3.2M accounts exposed (lien direct) | A hacker has shared 3.2 million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. Pluto TV is an American internet television service, it is an advertiser-supported video on demand (AVOD) service that primarily offers a selection of programming content through digital linear channels designed to emulate the experience of […] | Threat | ||
|
2020-11-14 21:02:30 | Feds investigate Zoom-bombings attack against Gonzaga University Black Student Union (lien direct) | FBI and Spokane police are investigating an incident in which the Gonzaga University Black Student Union was hacked during a Zoom meeting. The FBI and Spokane police are investigating the hack of Gonzaga University Black Student Union. The hackers broke into a Zoom meeting and bombarded participants with racial and homophobic slurs. The attackers have […] | Hack | ||
|
2020-11-14 18:22:37 | Schneider Electric published a security advisory on Drovorub Linux Malware (lien direct) | Schneider Electric is warning customers of the Drovorub Linux malware that was also analyzed recently by the NSA and the FBI. Schneider Electric published a security bulletin to warn customers of the Drovorub Linux malware, the malware was analyzed in a joint alert published in August by NSA and the FBI. According to the US […] | Malware | ||
|
2020-11-14 13:55:18 | CISA Chief Chris Krebs expects to be fired by the White House (lien direct) | Chris Krebs, the director of DHS’ Cybersecurity and Infrastructure Security Agency, expecting to be fired as White House frustrations hit agency protecting elections. Chris Krebs, the director of DHS’ Cybersecurity and Infrastructure Security Agency (CISA) expects the White House to fire him, as the Trump administration continues a purge of officials that are considered disloyal […] | ★★★★★ | ||
|
2020-11-14 11:45:16 | Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware (lien direct) | Biotech research firm Miltenyi Biotec disclosed a ransomware attack that took place in October and affected its IT infrastructure worldwide. Biotech research firm Miltenyi Biotec was hit with a ransomware attack that took place in October and affected its IT infrastructure worldwide. The company announced that it has fully restored systems after the attack, anyway in some […] | Ransomware | ||
|
2020-11-13 23:40:48 | New TroubleGrabber malware targets Discord users (lien direct) | TroubleGrabber is a recently discovered credential stealer that spreads via Discord attachments and uses Discord webhooks to exfiltrate data Netskope security researchers have spotted a new credential stealer dubbed TroubleGrabber that spreads via Discord attachments and uses Discord webhooks to transfer stolen data to its operators. The malware the same functionalities used by other malware that target […] | Malware | ||
|
2020-11-13 21:27:01 | Hacker stole $2 million worth of Dai cryptocurrency from Akropolis (lien direct) | Threat actors have stolen $2 million worth of Dai cryptocurrency from the cryptocurrency borrowing and lending service Akropolis. Cryptocurrency borrowing and lending service Akropolis disclosed a “flash loan” attack, hackers have stolen roughly $2 million worth of Dai cryptocurrency. The attack took place on November 12, in response to the attack the platform halted all […] | |||
|
2020-11-13 17:18:12 | Three APT groups have targeted at least seven COVID-19 vaccine makers (lien direct) | At least the three nation-state actors have targeted seven COVID-19 vaccine makers, they are Strontium, Lazarus Group, and Cerium, Microsoft warns. Microsoft revealed that at least three APT groups have targeted seven companies involved in COVID-19 vaccines research and treatments. “In recent months, we've detected cyberattacks from three nation-state actors targeting seven prominent companies directly […] | Medical | APT 38 APT 28 APT 43 | |
|
2020-11-13 10:13:08 | Vertafore data breach exposed data of 27.7 million Texas drivers (lien direct) | Vertafore announced that information of 27.7 million Texas drivers has been exposed in a data breach caused by a human error. Vertafore announced that information of 27.7 million Texas drivers has been accidentally exposed due to a human error. The company disclosed this security breach this week, data was stored on an unsecured external storage […] | Data Breach | ||
|
2020-11-13 08:24:40 | Security flaws in Schneider Electric PLCs allow full take over (lien direct) | Schneider Electric released advisories for multiple flaws, including issues that can allow taking control of Modicon M221 PLCs. Schneider Electric released security advisories for multiple vulnerabilities impacting various products, including four issues that can be exploited by attackers to take control of Modicon M221 programmable logic controllers (PLCs). Four encryption and authentication issues in Modicon […] | |||
|
2020-11-12 21:56:17 | Swedish court suspended the ban on Huawei equipment (lien direct) | A Swedish administrative court has suspended the ban on Huawei equipment from the national 5G network. A Swedish administrative court ins Stockholm has suspended the decision to ban Huawei equipment from the country’s 5G network. In October, Sweden announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The ban aims at […] | |||
|
2020-11-12 18:01:01 | 46M accounts were impacted in the data breach of children\'s online playground Animal Jam (lien direct) | The popular children’s online playground Animal Jam has suffered a data breach that affected more than 46 million accounts. Animal Jam is a safe, award-winning online playground for kids created by WildWorks. Kids aging 7 through 11 can play games, personalize their favorite animal, learn fun facts, and so much more. Animal Jam currently has […] | Data Breach | ||
|
2020-11-12 15:37:23 | Costaricto APT: Cyber mercenaries use previously undocumented malware (lien direct) | CostaRicto APT is targeting South Asian financial institutions and global entertainment companies with undocumented malware. Blackberry researchers have documented the activity of a hackers-for-hire group, dubbed CostaRicto, that has been spotted using a previously undocumented piece of malware to target South Asian financial institutions and global entertainment companies. “During the past six months, the BlackBerry Research […] | Malware | ||
|
2020-11-12 12:00:48 | New modular ModPipe POS Malware targets restaurants and hospitality sectors (lien direct) | Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700, which is a management suite widely used in restaurant and hospitality sectors. The backdoor outstands […] | Malware | ||
|
2020-11-12 08:09:25 | Google addresses two new Chrome zero-day flaws (lien direct) | Google has released Chrome version 86.0.4240.198 that addresses two additional zero-day vulnerabilities that were exploited in the wild. Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three weeks. Both zero-day flaws, […] | |||
|
2020-11-11 23:22:51 | The alleged decompiled source code of Cobalt Strike toolkit leaked online (lien direct) | The alleged decompiled source code for the Cobalt Strike post-exploitation toolkit has been leaked online in a GitHub repository. The decompiled source code for the Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Cobalt Strike is a legitimate penetration testing toolkit and threat emulation software that allows attackers to deploy […] | Threat | ||
|
2020-11-11 21:32:33 | Former Microsoft worker sentenced to nine years in prison for stealing $10+ million (lien direct) | A former Microsoft worker was sentenced to nine years in prison for a scheme to steal $10 million in digital currency. Volodymyr Kvashuk (26), a former Microsoft software engineer, was sentenced this week to nine years in prison for a scheme to steal $10 million in digital currency. Kvashuk is a Ukrainian citizen living in […] | |||
|
2020-11-11 19:04:39 | Google and Mozilla fixed issues exploited at 2020 Tianfu Cup hacking contest (lien direct) | Mozilla and Google have already fixed the critical flaws in Firefox and Chrome exploited by bug bounty hunters at 2020 Tianfu Cup hacking contest. Mozilla and Google have already addressed the critical Firefox and Chrome vulnerabilities that were recently exploited by white hat hackers at the 2020 Tianfu Cup hacking contest. The vulnerability in Chrome exploited […] | Vulnerability | ||
|
2020-11-11 17:30:19 | Muhstik botnet adds Oracle WebLogic and Drupal exploits (lien direct) | Muhstik botnet leverages known web application exploits to compromise IoT devices, now it targeting Oracle WebLogic, Drupal. Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig, cgmining and with DDoS-for-hire services. The botnet leverages IRC servers for […] | |||
|
2020-11-11 14:24:04 | Ragnar Locker ransomware gang advertises Campari hack on Facebook (lien direct) | Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attackers threaten to release the stolen […] | Ransomware Hack Threat | ||
|
2020-11-11 10:36:46 | EU bodies agree on new EU export rules for dual-use technology (lien direct) | The European Union this week agreed to tighten up rules for the sale and export of dual-use technology. European Parliament votes to tighten up rules for the sale and export of surveillance and encryption technology. EU lawmakers and the European Council aim to update controls for the sale of dual-use solutions such as surveillance spyware, […] | |||
|
2020-11-11 08:26:29 | Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation (lien direct) | Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. Microsoft Patch Tuesday updates for November 2020 address 112 vulnerabilities in multiple products, including Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer (IE), Edge (EdgeHTML-based and Chromium-based), ChakraCore, Exchange Server, […] | |||
|
2020-11-10 21:54:15 | Adobe fixes flaws in Connect and Reader Mobile (lien direct) | Adobe addressed vulnerabilities in its Reader Mobile and Connect products, none of them is rated as critical severity. Adobe has released security patches to address vulnerabilities in its Reader Mobile and Connect products. “Adobe has published security bulletins for Adobe Connect (APSB20-69) and Adobe Reader Mobile (APSB20-71). Adobe recommends users update their product installations to […] | |||
|
2020-11-10 18:50:46 | Flaws in WordPress Ultimate Member plugin expose 25K sites to hack (lien direct) | Multiple critical vulnerabilities affecting the Ultimate Member plugin could be easily exploited to potentially takeover up to 25K websites. Multiple critical vulnerabilities in the Ultimate Member plugin could be easily exploited to take over websites, the issue potentially impact up to 100K installs. The Ultimate Member WordPress plugin allows admins to easily manage membership to […] | Hack | ||
|
2020-11-10 15:11:50 | Malicious NPM project steals browser info and Discord accounts (lien direct) | Security researchers discovered today an npm package that contains malicious code designed to steal sensitive Discord and browser files. Sonatype researcher Ax Sharma discovered an npm package, dubbed discord.dll, that contains malicious code designed to steal sensitive files from a user’s browsers and Discord application. The malicious JavaScript library was uploaded to the npm packet repository […] | |||
|
2020-11-10 13:22:03 | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike (lien direct) | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and […] | Ransomware Tool Guideline | ||
|
2020-11-10 11:03:26 | Tetrade hackers target 112 financial apps with Ghimob banking Trojan (lien direct) | Researchers from Kaspersky Lab spotted a new Android banking Trojan, dubbed Ghimob, that is able to steal data from 112 financial Apps Ghimob is a new Android banking Trojan discovered by Kaspersky that is able to steal data from 112 financial apps. In July, cybersecurity researchers from Kaspersky Lab have detailed four different families of […] | |||
|
2020-11-10 08:30:45 | Prestige reservation platform exposes millions of hotel guests (lien direct) | Millions of hotel guests worldwide were impacted by a data leak caused by a misconfigured S3 bucket used by Prestige Software's Cloud Hospitality. Researchers at Website Planet discovered a misconfigured S3 bucket used by the Prestige Software's Cloud Hospitality that exposed millions of hotel guests worldwide. The reservation system Prestige Software's “Cloud Hospitality” allows operators […] | |||
|
2020-11-09 19:17:40 | xHunt hackers hit Microsoft Exchange with two news backdoors (lien direct) | While investigating a cyber attack on the Microsoft Exchange server of an organization in Kuwait, experts found two new Powershell backdoors. Security experts from Palo Alto Networks have spotted two never-before-detected Powershell backdoors while investigating an attack on Microsoft Exchange servers at an organization in Kuwait. Experts attribute the attack to a known threat actor […] | Threat | ||
|
2020-11-09 15:30:37 | Compal, the Taiwanese giant laptop manufacturer hit by ransomware (lien direct) | The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. Compal Electronics is a Taiwanese original design manufacturer (ODM), handling the production of notebook computers, monitors, tablets and televisions for a variety of clients around the world, including Apple Inc., Acer, Lenovo, Dell, Toshiba, Hewlett-Packard and Fujitsu. […] | Ransomware | ||
|
2020-11-09 10:22:51 | E-commerce platform X-Cart hit by a ransomware attack (lien direct) | The e-commerce software platform X-Cart suffered a ransomware attack at the end of October, e-stores hosted by the company went down. At the end of October, the e-commerce software platform X-Cart suffered a ransomware attack, the infection brought down customers’ e-stores hosted by the company on its platform. The software and services company X-Cart was recently acquired […] | Ransomware | ||
|
2020-11-09 08:46:59 | FBI warns of attacks on unsecured SonarQube used by US govt agencies and businesses (lien direct) | The FBI warns that threat actors are abusing misconfigured SonarQube applications to steal source code from US government agencies and businesses. The Federal Bureau of Investigation has issued an alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and businesses. The alert, coded […] | Threat | ||
|
2020-11-09 08:26:07 | Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others (lien direct) | Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. The Tianfu Cup is the most important hacking contest held in China, the […] | Hack | ||
|
2020-11-08 15:29:12 | (Déjà vu) Pwn2Own Tokyo Day 3: Team Flashback crowned Master of Pwn (lien direct) | On the third day of the Pwn2Own Tokyo 2020 bug bounty hunters hacked a Synology NAS and had multiple partial successes. We are on day three of the popular Pwn2Own Tokyo hacking competition that due to the COVID-19 pandemic has been arranged as a virtual event. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, […] | |||
|
2020-11-08 14:06:43 | Security Affairs newsletter Round 288 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. 103,000 machines are still vulnerable to SMBGhost attacks A data breach broker is selling account databases of 17 companies Maze ransomware is going out of the business Nuclear Regulation Authority […] | Ransomware Data Breach | ||
|
2020-11-08 12:56:19 | Luxottica data breach exposes info of LensCrafters and EyeMed (lien direct) | A data breach suffered by Luxottica has exposed the personal and health information of patients of LensCrafters, Target Optical, and EyeMed. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world's largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, […] | Data Breach | ||
|
2020-11-08 10:20:24 | Creative Office 365 phishing inverts images to avoid detection bots (lien direct) | Experts spotted a creative Office 365 phishing campaign that inverts images used as backgrounds for landing pages to avoid getting flagged as malicious. Researchers at WMC Global have spotted a new creative Office 365 phishing campaign that has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by security […] | |||
|
2020-11-07 22:21:09 | 20 million Bigbasket user records available on the dark web (lien direct) | Bigbasket, a prominent online grocery store in India, allegedly suffered a data breach, details of over 20 million people available in the darkweb. Grocery e-commerce website Bigbasket has allegedly suffered a data breach, according to cyber intelligence firm Cyble, the details of over 20 million people available in the darkweb. BigBasket was founded by Alibaba […] | |||
|
2020-11-07 19:43:46 | (Déjà vu) Pwn2Own Tokyo Day two: TP-Link router and Synology NAS hacked (lien direct) | On the second day of the Pwn2Own Tokyo 2020 hacking competition, bug bounty hunters hacked a TP-Link router and a Synology NAS. Day 2 of the popular Pwn2Own Tokyo hacking competition is concluded, due to the COVID-19 pandemic the competition has been arranged as a virtual event. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from […] | |||
|
2020-11-07 17:27:56 | Ransomware operators target CVE-2020-14882 WebLogic flaw (lien direct) | At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. At the end of October, threat actors have started scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the […] | Ransomware Vulnerability Threat | ||
|
2020-11-06 22:29:16 | RansomExx ransomware now targets also Linux systems (lien direct) | The RansomExx Ransomware gang is expanding its operations by creating a new version that is able to infect Linux machines. RansomExx ransomware operators are expanding their operations by developing a Linux version of their malware. Kaspersky researchers have analyzed the Linux version of the RansomExx ransomware, also tracked as Defray777. This week the RansomExx ransomware has been […] | Ransomware | ||
|
2020-11-06 18:17:54 | Pwn2Own Tokyo Day one: NETGEAR Router, WD NAS Device hacked (lien direct) | Pwn2Own Tokyo 2020 hacking competition is started, bug bounty hunters already hacked a NETGEAR router and a Western Digital NAS devices. The popular Pwn2Own Tokyo hacking competition is started and due to the COVID-19 pandemic, the competition has been arranged as a virtual event. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, […] | |||
|
2020-11-06 16:18:46 | US authorities behind $1 billion Bitcoin transaction of Silk Road funds (lien direct) | The United States announced the seizure of $1 billion worth of Bitcoin stolen by an individual from the Silk Road marketplace. On November 3, The United States this week announced that it has seized $1 billion worth of Bitcoin stolen by an individual from the Silk Road marketplace over half a decade ago. “The United […] |
To see everything:
Our RSS (filtrered)
