What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-05 13:30:07 | Hackers stole a six-figure amount from Swiss universities (lien direct) | Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. Threat actors have managed to steal employee salary payments at several Swiss universities, including the University of Basel. “According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of […] | Threat | ||
|
2020-10-05 11:10:54 | SLOTHFULMEDIA RAT, a new weapon in the arsenal of a sophisticated threat actor (lien direct) | U.S. DoD and the DHS CISA agency published a malware analysis report for a new malware variant tracked as SLOTHFULMEDIA The U.S. Department of Defense's Cyber National Mission Force (CNMF) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) have published a malware analysis report that provides technical details of a new […] | Malware Threat | ||
|
2020-10-05 07:14:24 | New Ttint IoT botnet exploits two zero-days in Tenda routers (lien direct) | Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting […] | |||
|
2020-10-04 15:39:45 | Visa shares details for two attacks on North American hospitality merchants (lien direct) | Visa revealed that two unnamed North American hospitality merchants have been infected with some strains of point-of-sale (POS) malware. US payments processor Visa revealed that two North American hospitality merchants have been hacked, threat actors infected the systems of the two unnamed organizations with some strains of point-of-sale (POS) malware. According to a security alert […] | Threat | ||
|
2020-10-04 09:35:41 | Security Affairs newsletter Round 284 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Apple addresses four vulnerabilities in macOS Google removes 17 Joker -infected apps from the Play Store Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Mount Locker […] | Industrial | APT 40 | |
|
2020-10-04 08:27:09 | HP Device Manager flaws expose Windows systems to hack (lien direct) | HP published details of three vulnerabilities in the HP Device Manager that could be exploited by attackers to take over Windows systems. HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. The IT giant revealed that an attacker could […] | Hack | ||
|
2020-10-03 19:00:30 | University Hospital New Jersey paid a $670K ransom (lien direct) | University Hospital New Jersey paid a $670,000 ransom this month to prevent the leak of 240 GB of stolen data, including patient information. The University Hospital New Jersey (UHNJ) in Newark (New Jersey) has finally paid a $670,000 ransom to prevent the publishing of 240 GB of stolen data, including patient info. In September, systems […] | ★★★★ | ||
|
2020-10-03 17:00:34 | SILENTFADE a long-running malware campaign targeted Facebook AD platform (lien direct) | Facebook shared details about a long-running ad-fraud campaign that's been ongoing since 2016 targeting Facebook users with SilentFade malware. Facebook detailed an ad-fraud cyberattack that's been ongoing since 2016, crooks are using a malware tracked as SilentFade (short for “Silently running Facebook Ads with Exploits”) to steal Facebook credentials and browser cookies. The social network […] | Malware | ||
|
2020-10-03 12:56:14 | HP bug bounty programs now covers flaws in cartridges (lien direct) | HP is inviting several white hat hackers to find vulnerabilities in its office-class ink and toner cartridges as part of its bug bounty program, HP has expanded the line of products that are covered by this bug bounty program, on Thursday the IT giant invited several white hat hackers to find and report vulnerabilities in […] | |||
|
2020-10-02 21:10:08 | IPStorm botnet evolves to infect Android, Linux, and Mac devices (lien direct) | Researchers from Intezer reported that the IPStorm botnet has evolved to infect other operating systems, including Android, Linux, and Mac devices. The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect other platforms, including Android, Linux, and Mac devices. IPStorm botnet […] | |||
|
2020-10-02 12:12:32 | XDSpy APT remained undetected since at least 2011 (lien direct) | Researchers from ESET uncovered the activity of a new APT group, tracked as XDSpy, that has been active since at least 2011. XDSpy is the name used by ESET researchers to track a nation-state actor that has been active since at least 2011. The APT group, recently discovered by ESET, targeted government and private companies […] | |||
|
2020-10-01 20:00:41 | How to check if an email or a domain was used in Emotet attacks? (lien direct) | Cyber security firm launches a new service that allows users to check if an email domain or address was part of an Emotet spam campaign. Experts worldwide warn about a surge in the Emotet activity, recently Microsoft along Italy and the Netherlands CERT/CSIRT agencies reported a significant increase of Emotet attacks targeting the private sector and public […] | Spam | ||
|
2020-10-01 17:52:56 | Netwalker ransomware operators leaked files stolen from K-Electric (lien direct) | K-Electric, Pakistan’s largest private power company, did not pay the ransom and the Netwalker ransomware operators have leaked the stolen data. In early September, K-Electric (KE), the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric is the largest power supplier in the […] | Ransomware | ||
|
2020-10-01 11:57:36 | Flaws in leading industrial remote access systems allow disruption of operations (lien direct) | Experts found critical security flaws in two popular industrial remote access systems that could be exploited by threat actors for malicious purposes. Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper […] | Hack Threat Guideline | ||
|
2020-10-01 08:29:34 | Twitter removed around 130 Iranian accounts for interference in US Presidential debate (lien direct) | Twitter removed around 130 Iranian accounts for attempting to disrupt the public recent US Presidential Debate. The social media giant Twitter announced to have removed around 130 Iranian Twitter accounts that attempted to disrupt the public conversation during the recent first Presidential Debate for the US 2020 Presidential Election. The company confirmed that it discovered […] | |||
|
2020-10-01 07:16:11 | North Korea APT group targeted tens of UN Security Council officials (lien direct) | North Korea-linked APT group targeted UN Security Council officials over the past year, states a report from the United Nations organ. A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. The campaign targeted at least 28 UN officials, including at least 11 individuals […] | |||
|
2020-09-30 20:41:30 | (Déjà vu) Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs (lien direct) | Last week, the source code for MS Windows XP and Windows Server 2003 OSs were leaked online, now a developer successfully compiled them. Last week, the source code for Microsoft's Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time […] | |||
|
2020-09-30 17:53:05 | Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison (lien direct) | Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Let’s summarize the criminal activities of the man who was arrested in […] | |||
|
2020-09-30 15:56:43 | Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks (lien direct) | More than 247,000 Microsoft Exchange servers are still vulnerable to attacks exploiting the CVE-2020-0688 RCE issue impacting Exchange Server. The CVE-2020-0688 vulnerability resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers fail to properly create unique keys at install time. “Knowledge of a the validation key allows […] | ★★★★ | ||
|
2020-09-30 13:19:08 | Swiss watchmaker Swatch shuts down IT systems in response to a cyberattack (lien direct) | The Swiss watchmaker giant Swatch Group shut down its systems over the weekend because it was the victim of a cyber attack Swiss watchmaker Swatch Group shut down its IT systems in response to a cyber attack that hit its infrastructure over the weekend. The company turned off its systems to avoid other systems on […] | |||
|
2020-09-30 05:56:25 | Cisco fixes actively exploited issues in IOS XR Network OS (lien direct) | Cisco addressed two actively exploited DoS vulnerabilities that reside in the IOS XR software that runs on multiple carrier-grade routers. Cisco addressed two high severity memory exhaustion DoS vulnerabilities that reside in the IOS XR Network OS that runs on multiple carrier-grade routers. The company confirmed that both vulnerabilities are actively exploited in attacks in the wild. […] | |||
|
2020-09-29 20:11:53 | Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack (lien direct) | US-based Arthur J. Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. US-based Arthur J. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. The company did not provide technical details about the attack, it is not clear how the ransomware […] | Ransomware | ||
|
2020-09-29 12:56:50 | FBI and CISA warn of disinformation campaigns about the hack of voter systems (lien direct) | The FBI and the US CISA issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election. The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint public service announcement to warn of the threat of disinformation campaigns targeting the upcoming 2020 […] | Hack Threat | ||
|
2020-09-29 07:56:36 | QNAP urges users to update NAS firmware and app to prevent infections (lien direct) | While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. The name AgeLocker comes from the use of the […] | Ransomware | ||
|
2020-09-29 07:15:18 | Maritime transport and logistics giant CMA CGM hit with ransomware (lien direct) | The French maritime transport and logistics giant CMA CGM S.A. revealed it was the victim of a malware attack that affecting some servers on its network. CMA CGM S.A., a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. The company is present in over 160 countries through 755 […] | Ransomware Malware | ||
|
2020-09-29 07:08:20 | Ransomware attack on Tyler Technologies might be worse than initially thought (lien direct) | Customers of Tyler Technologies are reporting finding suspicious logins and previously unseen remote access tools on their infrastructure Tyler Technologies, Inc. is the largest provider of software to the United States public sector. The company last week disclosed a ransomware attack, and now its customers are reporting finding suspicious logins and previously unseen remote access tools […] | Ransomware | ||
|
2020-09-28 18:01:01 | UHS hospitals hit by Ryuk ransomware attack (lien direct) | Universal Health Services (UHS) healthcare providers has reportedly shut down systems at healthcare facilities after a Ryuk ransomware attack. Universal Health Services (UHS), one of the largest hospital and healthcare services providers, has shut down systems at healthcare facilities in the United States after they were infected with the Ryuk ransomware. The attack cyber-attack took […] | Ransomware | ||
|
2020-09-28 15:52:24 | REvil ransomware operators are recruiting new affiliates (lien direct) | REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. The REvil Ransomware (Sodinokibi) operators have deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business. Some hacker forum allows members to deposit funds that can […] | Ransomware | ||
|
2020-09-28 09:30:47 | Putin proposes new information security collaboration to US, including no-hack pact for election (lien direct) | Putin is proposing a new cyber security collaboration with the United States, including a no-hack pact for the upcoming Presidential election. Russian Government has published a statement by President Vladimir Putin that proposes to the United States a comprehensive program of measures for restoring the Russia – US cooperation in information security. Russia was accused of interfering in the 2016 US presidential […] | |||
|
2020-09-28 08:08:45 | Mount Locker ransomware operators demand multi-million dollar ransoms (lien direct) | The operators behind new ransomware dubbed Mount Locker have adopted the same tactic of other gangs threatening the victims to leak stolen data. A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to BleepingComputer, the ransomware operators are demanding multi-million dollar ransoms. Like other ransomware operators, Mount […] | Ransomware | ||
|
2020-09-28 05:33:29 | Unknown FinSpy Mac and Linux versions found in Egypt (lien direct) | Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. The new versions employed in this campaign allow its operators to […] | |||
|
2020-09-27 13:33:55 | Google removes 17 Joker -infected apps from the Play Store (lien direct) | Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. The Joker malware is a malicious code camouflaged as a system app and […] | Malware | ||
|
2020-09-27 10:37:50 | Security Affairs newsletter Round 283 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. IPG Photonics high-performance laser developer hit with ransomware Mozi Botnet is responsible for most of the IoT Traffic Alleged Activision hack, 500,000 Call Of Duty players impacted DHS CISA orders […] | Ransomware | ||
|
2020-09-27 09:48:41 | Apple addresses four vulnerabilities in macOS (lien direct) | Apple this week released security updates to address a total of four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. Apple on Thursday announced to have patched four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. “This document describes the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave.” […] | |||
|
2020-09-27 09:28:15 | Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT (lien direct) | Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18 […] | Industrial | APT 40 | |
|
2020-09-26 18:02:40 | A powerful DDoS attack hit Hungarian banks and telecoms services (lien direct) | Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. According to telecoms firm Magyar Telekom, the attack took place on Thursday and was launched from servers in Russia, […] | |||
|
2020-09-26 16:06:03 | Victims of ThunderX ransomware can recover their files for free (lien direct) | Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the […] | Ransomware Threat | ||
|
2020-09-26 10:20:26 | Hackers stole more than $150 million from KuCoin cryptocurrency exchange (lien direct) | Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. Deposits and withdrawals have been temporarily suspended while the company is investigating the security incident. “We […] | |||
|
2020-09-25 21:57:23 | Source Code of Windows XP, Server 2003 leaked (lien direct) | The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on bulletin board website 4chan. The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time that […] | |||
|
2020-09-25 19:02:54 | Twitter warns developers of possible API keys leak (lien direct) | Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. According to the social media firm, […] | |||
|
2020-09-25 16:38:07 | Cisco fixes 34 High-Severity flaws in IOS and IOS XE software (lien direct) | Cisco patched 34 high-severity flaws affecting its IOS and IOS XE software, some of them can be exploited by a remote unauthenticated attacker. Cisco on Thursday released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. The IT giant issued 25 advisories as part of the September 2020 semiannual IOS and IOS […] | |||
|
2020-09-25 14:39:55 | Fortinet VPN with default certificate exposes 200,000 businesses to hack (lien direct) | According to SAM Seamless Network, over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN […] | Hack | ||
|
2020-09-25 09:40:59 | CISA says federal agency compromised by malicious cyber actor (lien direct) | Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and exfiltrated data. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and threat actors exfiltrated data. CISA published a detailed incident report related to the incident but didn’t disclose the name of the […] | Threat | ||
|
2020-09-25 07:36:12 | Polish police shut down major group of hackers in the country (lien direct) | Polish police dismantled a major group of hackers that was behind several criminal activities, including ransomware attacks, and banking fraud. Polish authorities have dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores, and even making bomb threats at the […] | Ransomware Malware | ||
|
2020-09-24 17:39:15 | Alien Android banking Trojan, the powerful successor of the Cerberus malware (lien direct) | Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Researchers from ThreatFabric have discovered and analyzed a new strain of Android malware, tracked as Alien, that implements multiple features allowing it to steal credentials from 226 applications. Alien first appeared in […] | Malware | ||
|
2020-09-24 14:19:02 | Instagram RCE gave hackers remote access to your device (lien direct) | Facebook has addressed a critical vulnerability in Instagram that could lead to remote code execution and turn the smartphone into a spying device. Facebook has fixed a critical remote code execution vulnerability in Instagram that could lead to the hijack of smartphone cameras, microphones, and more. The vulnerability, tracked as CVE-2020-1895, was discovered by Check Point, […] | Vulnerability Guideline | ||
|
2020-09-24 08:42:19 | Hackers are using Zerologon exploits in attacks in the wild (lien direct) | Microsoft is warning of threat actors that are actively using the Windows Server Zerologon exploits in attacks in the wild. Microsoft has published a series of Tweets to warn of attackers that are actively exploiting the Windows Server Zerologon in attacks in the wild. The IT giant is urging Windows administrators to install the released […] | Threat | ||
|
2020-09-24 07:01:03 | Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns (lien direct) | Experts worldwide warn about a surge in the Emotet activity, this time the alerts are from Microsoft, Italy and the Netherlands agencies. Two weeks ago, cybersecurity agencies across Asia and Europe warned of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of […] | Spam | ||
|
2020-09-23 20:35:44 | Data for 600K customers of U.S. fitness chains Town Sports leaked online (lien direct) | The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. US fitness chain Town Sports has suffered a data breach, a database belonging to the company containing the personal information of over 600,000 people was exposed on the Internet. Town Sports International Holdings is an […] | |||
|
2020-09-23 17:25:42 | Rogue employees at Shopify accessed customer info without authorization (lien direct) | E-commerce platform provider Shopify revealed that two members of its support staff accessed customer information without authorization. E-commerce platform provider Shopify on Tuesday confirmed that two employees of its support staff were accessing customer information without authorization. “Recently, Shopify became aware of an incident involving the data of less than 200 merchants. We immediately launched […] |
To see everything:
Our RSS (filtrered)
