What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-04 12:27:30 | DHS CISA alert provides recommendations on securing Office 365 installs (lien direct) | The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […] | |||
|
2020-05-04 11:15:24 | Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked (lien direct) | Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […] | Hack | ||
|
2020-05-04 07:44:00 | LineageOS servers hacked, attackers exploited unpatched Salt issues (lien direct) | On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. LineageOS is a free and open-source operating system for smartphones, tablet computers, and set-top boxes, […] | |||
|
2020-05-03 19:47:53 | India\'s Jio Coronavirus symptom checker exposed test results (lien direct) | A security glitch in the self-test coronavirus symptom checker developed by India's Jio cell network exposed test results. While Coronavirus was spreading worldwide, India's largest cell network Jio, a subsidiary of Reliance, has developed a coronavirus self-test symptom checker, days before the Indian government imposed a local lockdown to prevent the outbreak. The app was […] | |||
|
2020-05-03 13:01:50 | (Déjà vu) Coronavirus-themed attacks April 26 – May 02, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from April 26 to May 02, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […] | Threat | ||
|
2020-05-03 12:39:23 | Security Affairs newsletter Round 262 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Coronavirus-themed attacks April 19 – April 25, 2020 Crooks target US universities with malware used by nation-state actors Hackers exploit SQL injection zero-day […] | Malware | ||
|
2020-05-03 11:47:17 | Cyber Threats Observatory Gets Improvements (lien direct) | Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […] | Malware | ||
|
2020-05-03 10:07:32 | TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb (lien direct) | A hacker has leaked the details of 15 million users registered on Tokopedia, an Indonesian technology company specializing in e-commerce. Tokopedia is an Indonesian technology company specializing in e-commerce, it currently operates Indonesia’s largest online store. The company has over 4200 employees and accounts for over 90 million active users every month. The hacker claims to have […] | |||
|
2020-05-02 21:58:02 | TrickBot operators exploit COVID-19 as lures (lien direct) | IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages. IBM X-Force researchers uncovered a new COVID-19-themed campaign that is spreading the infamous TrickBot trojan through fake messages. The spam messages pretend to be sent by the Department of Labor's Family and Medical Leave Act (FMLA) and attempt to […] | Spam | ||
|
2020-05-02 17:30:52 | Fake Microsoft Teams notifications aim at stealing Office365 logins (lien direct) | Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the […] | |||
|
2020-05-02 12:37:34 | President Trump\'s executive order bans foreign electrical equipment from national power grid (lien direct) | US power grid will not include any equipment manufactured by foreign states for security reasons, this states the executive order signed by President Trump. This week President Trump signed an executive order that prohibits operators of US power grids to buy and install electrical equipment that has been manufactured outside the US. “I further find that […] | |||
|
2020-05-02 10:28:03 | (Déjà vu) French daily Le Figaro leaks 7.4 Billion records (lien direct) | French daily Le Figaro database accidentally exposed online, the archive included roughly 7.4 billion records containing personal information of employees and users. French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of employees, reporters, and at least 42,000 users. The database was discovered by the Safety Detectives team of […] | |||
|
2020-05-01 17:26:15 | Hackers are targeting recently patched WebLogic security vulnerability (lien direct) | Oracle warns of attacks against recently patched WebLogic security bug Oracle warns of attacks in the wild exploiting a recently patched vulnerability in WebLogic servers for which a PoC code is available on GitHub. IT giant Oracle published a security alert to warn organizations running WebLogic servers of ongoing attacks that exploit the CVE-2020-2883 vulnerability. […] | Vulnerability | ||
|
2020-05-01 14:51:07 | (Déjà vu) Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR (lien direct) | Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. Banco BCR […] | Ransomware | ||
|
2020-05-01 12:42:01 | COVID-19 disinformation and misinformation campaigns continue to proliferate (lien direct) | COVID-19 disinformation and misinformation campaigns continue to proliferate around the world, with potentially harmful consequences for society. During a COVID-19 crisis, while most of the people have to maintain social distancing and work from home, threat cyber are attempting to conduct disinformation and misinformation campaigns. The main difference between misinformation and disinformation is that the […] | Threat | ||
|
2020-05-01 10:38:52 | Europol analyses on criminal operations in Europe during COVID-19 Crisis (lien direct) | Threat actors and criminal organizations continue to take advantage of the COVID-19 pandemic to make money, Europol warns. Europol published a report that highlights how criminals organizations are adapting their operations attempting to take advantage of the COVID-19 pandemic. The trend is similar to the one observed during previous financial crises, but the speed of […] | |||
|
2020-05-01 08:38:38 | Over 800K WordPress sites are at risk due to a flaw in Ninja Forms plugin (lien direct) | The development team oh the Ninja Forms WordPress plugin fixed a high severity security flaw that can let attackers take over websites. The developers behind the Ninja Forms WordPress plugin have addressed a Cross-Site Request Forgery (CSRF) vulnerability that could lead to Stored Cross-Site Scripting (Stored XSS) attacks. Ninja Forms is a drag and drop form builder plugin […] | Guideline | ||
|
2020-04-30 21:19:07 | Crooks spread malware via pirated movies during COVID-19 outbreak (lien direct) | Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic. With most people forced to stay at home due to the ongoing COVID-19 pandemic, the popularity of pirate streaming services and movie piracy sites is rocketed. Crooks are attempting to take advantage of COVID-19 pandemic […] | Malware | ||
|
2020-04-30 16:51:45 | Chegg discloses the third data breach in the last two years (lien direct) | The American education technology firm Chegg discloses a security breach, it already sent notifications to its employees The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees. The data breach notification sent on April 28 inform the employee of a security […] | Data Breach | ||
|
2020-04-30 15:25:38 | Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide (lien direct) | Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. Group-IB, a Singapore-based cybersecurity company, has identified a series of sophisticated successful phishing attacks against the management and executives of more than 150 companies around the world. The campaign, dubbed PerSwaysion due to the extensive abuse […] | |||
|
2020-04-30 14:56:43 | Experts found critical flaws in 3 popular e-Learning WordPress Plugins (lien direct) | Security researchers from Check Point Research Team discovered critical vulnerabilities in three popular e-learning plugins for WordPress sites. Security researchers at Check Point Research Team are warning of recently discovered vulnerabilities in some popular online learning management system (LMS) WordPress plugins. The impact could be serious because these WordPress plugins are used for WordPress sites […] | |||
|
2020-04-30 10:43:22 | EventBot, a new Android mobile targets financial institutions across Europe (lien direct) | Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe The malware first appeared in the threat landscape in March, in implements […] | Malware Threat | ||
|
2020-04-30 08:14:58 | RDP brute-force attacks rocketed since beginning of COVID-19 (lien direct) | The number of RDP brute-force attacks is skyrocketing in mid-March due to remote working imposed during the COVID-19 pandemic. Researchers from Kaspersky Lab are observing a significant increase in the number of RDP brute-force attacks since the beginning of the COVID-19 pandemic. Earlier this month, researchers from Shodan reported a 41% increase in the number of RDP […] | ★★★★★ | ||
|
2020-04-29 20:13:12 | Journalist Matthew Keys is now charged with an attack on a magazine (lien direct) | Matthew Keys, a former Reuters journalist, who was sentenced to 2 years in prison for hacking attacks on California media is now charged with an attack on a magazine. Matthew Keys is a former Reuters journalist who was convicted in October 2015 of supporting the Anonymous collective and that was sentenced to 24 months in prison for […] | |||
|
2020-04-29 15:24:54 | Estonian intelligence reports foreign hackers breached Mail.ee email provider (lien direct) | State-sponsored hackers have compromised a small number of accounts of the Estonian email provider Mail.ee belonging to high-profile people. Alleged state-sponsored hackers have hijacked a small number of accounts at the Estonian email provider Mail.ee, they exploited a zero-day vulnerability in the attack. According to the end-of-year report published this month by Estonian Internal Security […] | Vulnerability | ||
|
2020-04-29 11:55:39 | Google found zero-click vulnerabilities in Apple\'s multimedia processing components (lien direct) | Google Project Zero white-hat hackers have disclosed zero-click vulnerabilities affecting multiple Apple operating systems. White-hat hackers at Google Project Zero team have discovered several zero-click vulnerabilities impacting multiple Apple’s multimedia processing components is several Apple operating systems. Multimedia processing components could be a privileges entry point for threat actos that attempt to hack into the […] | Hack Threat | ||
|
2020-04-29 07:56:08 | (Déjà vu) Adobe addresses several critical flaws in Illustrator, Bridge, and Magento (lien direct) | Adobe released security updates for Adobe Illustrator, Bridge, and Magento that fix several issues, including multiple remote code execution flaws. Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands […] | |||
|
2020-04-28 19:39:51 | PhantomLance, a four-year-long cyberespionage spying campaign (lien direct) | Kaspersky Lab uncovered an ongoing cyberespionage campaign, dubbed PhantomLance, that employed malicious apps hosted on the official Google Play. Kaspersky has spotted an ongoing campaign, dubbed PhantomLance, that employed malicious spying apps hosted by Google Play. The campaign has been active for at least four, experts discovered “dozens” of malicious apps in Google Play, some of which […] | |||
|
2020-04-28 15:22:58 | SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE (lien direct) | Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. The 21st of March, the website received a Denial of Service attack after the publishing of an […] | Threat | ||
|
2020-04-28 13:09:55 | Experts warn of deliveries scams that use a COVID-19 theme (lien direct) | Kaspersky experts uncovered a new wave of phishing scams that use a COVID-19 theme and impersonate shipping carriers, including FedEx, UPS, and DHL. The COVID-19 outbreak is forcing people to work from home and make shopping online causing a consequent increase in the number of home deliveries. Crooks are attempting to exploit the crisis and […] | FedEx | ★★★★ | |
|
2020-04-28 10:35:13 | Outlaw is Back, a New Crypto-Botnet Targets European Organizations (lien direct) | The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations Introduction During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers. The Linux malware is the well-known “Shellbot”, it is a crimetool belonging […] | Malware | ★★★ | |
|
2020-04-28 09:03:11 | 100k+ WordPress sites exposed to hack due to a bug in Real-Time Find and Replace plugin (lien direct) | A bug in the Real-Time Find and Replace WordPress plugin could allow hackers to hackers to create rogue admin accounts on over 100,000 sites. A vulnerability in the Real-Time Find and Replace WordPress plugin could be exploited by attackers to create rogue admin accounts. The Real-Time Find and Replace WordPress plugin is currently installed on over 100,000 sites, it […] | Hack Vulnerability | ||
|
2020-04-27 22:26:40 | (Déjà vu) Shade Ransomware gang shut down operations and releases 750K decryption keys (lien direct) | The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware, the operators behind the threat have shut down their operations and released over 750,000 decryption keys. The cybercrime gang also apologized for the damages they have caused their […] | Ransomware Threat | ||
|
2020-04-27 16:43:21 | Group-IB helps to detain operators of scam-service issuing fake passes to move around Moscow amid COVID-19 virus lockdown (lien direct) | Group-IB helped Russian Police in detaining the operators of a fraudulent online service, selling fake digital passes to move around Moscow amid COVID-19 lockdown. Group-IB, an international cybersecurity company, and the Moscow Department of Information Technology have helped Moscow police in identifying and detaining the operators of a fraudulent online service, selling fake digital passes […] | |||
|
2020-04-27 14:07:24 | Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns (lien direct) | The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. Israel's National Cyber Directorate announced to have received reports of […] | |||
|
2020-04-27 09:52:56 | Hacking Microsoft Teams accounts with a GIF image (lien direct) | Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. Microsoft has addressed a vulnerability in Teams workplace video chat and collaboration platform that could have allowed attackers to take Team accounts by sending participants a malicious link to an […] | Vulnerability | ||
|
2020-04-27 07:54:46 | Previously undetected VictoryGate Botnet already infected 35,000 devices (lien direct) | Experts managed to sinkhole several C2 servers of the VictoryGate botnet that already infected over 35,000 devices and propagates via infected USB devices. The VictoryGate botnet is active since at least May 2019, the botnet is more active in Latin America the most. More than 90% of the infected devices are located in Peru. Experts from […] | |||
|
2020-04-26 12:55:37 | Hackers exploit SQL injection zero-day issue in Sophos firewall (lien direct) | Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild. Sophos was informed […] | Vulnerability | ||
|
2020-04-26 11:12:35 | (Déjà vu) Coronavirus-themed attacks April 19 – April 25, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from April 19 to April 25, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […] | Threat | ||
|
2020-04-26 10:14:01 | Security Affairs newsletter Round 261 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Are Maze operators behind the attack on the IT services giant Cognizant? Coronavirus-themed attacks April 12 – April 18, 2020 Cyberattack reports quadrupled […] | |||
|
2020-04-26 09:23:44 | (Déjà vu) Crooks target US universities with malware used by nation-state actors (lien direct) | Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Faculty and students at several U.S. universities and colleges were targeted in phishing attacks, threat actors attempted to infect the victims’ systems with a remote access Trojan (RAT) previously used by Chinese state-sponsored hackers. The […] | Malware Threat | ||
|
2020-04-25 19:40:44 | Bad actor sells Huiying Medical Technology\'s source code for AI-assisted COVID-19 detection (lien direct) | Experts from Cyble identified a threat actor attempting to sell Huiying Medical Technology's source code for AI-assisted COVID-19 detection and experimental data. Researchers from the data breach notification firm Cyble have identified a credible bad actor that goes online with moniker 'THE0TIME' claiming to have gained access to Huiying Medical Technology's COVID-19 detection's technology. “As part of […] | Data Breach Threat | ||
|
2020-04-25 17:06:39 | Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware (lien direct) | The legal dispute between Facebook and NSO group continues even after the Israeli surveillance firm filed a motion to dismiss the case earlier this month. Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are […] | |||
|
2020-04-25 12:32:52 | Zscaler saw 30,000% increase in Coronavirus-themed attacks (lien direct) | Researchers at Zscaler observed an increase of 30,000% in Coronavirus-themed attacks in March when compared to the beginning of 2020. Researchers from Zscaler observed an increase of 30,000% in Coronavirus-themed attacks in March when compared to the beginning of 2020. In January experts started observing first attacks using COVID-19-related lures and themes, just two months later […] | |||
|
2020-04-25 08:59:58 | Experts found Symlink race issues in 28 antivirus products (lien direct) | Security experts from RACK911 Labs discovered “symlink race” vulnerabilities in 28 of the most popular antivirus products. Security researchers from RACK911 Labs disclose the discovery of “symlink race” issues in 28 of the most popular antivirus products. The flaws affect 28 products running on major OSs, including Linux, Mac, and Windows. “A symlink race is a kind […] | |||
|
2020-04-24 20:10:38 | Nintendo confirms that hackers might have hijacked 160,000 user accounts (lien direct) | Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. The company launched an investigation after it has received several […] | |||
|
2020-04-24 15:36:02 | Hoaxcalls Botnet expands the target list and adds new DDoS capabilities (lien direct) | The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. DDoS protection services provider Radware warns the Hoaxcalls Internet of Things (IoT) botnet has expanded the list of targeted devices, the experts also noticed that the operators implemented new distributed denial of service (DDoS) capabilities. […] | |||
|
2020-04-24 13:17:10 | South Korean and US payment card details worth nearly $2M up for sale in the underground (lien direct) | Group-IB experts discovere a dump containing details for nearly 400,000 payment card records uploaded to a popular darknet cardshop on April 9. Singapore, 24/04/2020 – Group-IB, a Singapore-based cybersecurity company, has detected a dump containing details for nearly 400,000 payment card records uploaded to a popular darknet cardshop on April 9. The database was comprised almost entirely of the payment records related to banks […] | |||
|
2020-04-24 12:17:55 | SeaChange video delivery software solutions provider hit by Sodinokibi ransomware (lien direct) | The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. The crew has published images of the data they claim to have stolen before encrypting the […] | Ransomware | ||
|
2020-04-24 10:27:02 | NSA and ASD issue a report warning of web shells deployments (lien direct) | A joint report released by the U.S. NSA and the Australian Signals Directorate (ASD) warns of attackers increasingly exploiting vulnerable web servers to deploy web shells. A joint report published by the U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) is warning of bad actors increasingly exploiting vulnerable web servers to deploy […] |
To see everything:
Our RSS (filtrered)
