What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-25 12:36:49 | Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows (lien direct) | Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. [...] | Malware | APT 29 | ★★★ |
|
2022-08-25 10:53:16 | Twilio hackers hit over 130 orgs in massive Okta phishing attack (lien direct) | Threat analysts have discovered the phishing kit responsible for thousands of attacks against 136 high-profile organizations that have compromised 9,931 accounts. [...] | Threat | ||
|
2022-08-25 07:18:40 | PyPI packages hijacked after developers fall for phishing emails (lien direct) | A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email. [...] | Malware | ||
|
2022-08-24 17:39:20 | Quantum ransomware attack disrupts govt agency in Dominican Republic (lien direct) | The Dominican Republic's Instituto Agrario Dominicano has suffered a Quantum ransomware attack that encrypted multiple services and workstations throughout the government agency. [...] | Ransomware | ||
|
2022-08-24 12:36:33 | RansomEXX claims ransomware attack on Sea-Doo, Ski-Doo maker (lien direct) | The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products (BRP), disclosed by the company on August 8, 2022. [...] | Ransomware | ||
|
2022-08-24 11:53:36 | Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams (lien direct) | A new business email compromise (BEC) campaign has been discovered combining sophisticated spear-phishing with Adversary-in-The-Middle (AiTM) tactics to hack corporate executives' Microsoft 365 accounts, even those protected by MFA. [...] | Hack | ||
|
2022-08-24 07:49:00 | (Déjà vu) Plex warns users to reset passwords after a data breach (lien direct) | The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...] | Data Breach | ||
|
2022-08-24 07:49:00 | Plex forces password resets after database access incident (lien direct) | The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...] | |||
|
2022-08-23 18:02:04 | Pirated 3DMark benchmark tool delivering info-stealer malware (lien direct) | Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software. [...] | Malware Tool | ||
|
2022-08-23 07:28:37 | ETHERLED: Air-gapped systems leak data via network card LEDs (lien direct) | Israeli researcher Mordechai Guri has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards. Dubbed 'ETHERLED', the method turns the blinking lights into Morse code signals that can be decoded by an attacker. [...] | |||
|
2022-08-22 14:16:51 | Misconfigured Meta Pixel exposed healthcare data of 1.3M patients (lien direct) | U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script. [...] | Data Breach | ||
|
2022-08-22 11:35:43 | Greek natural gas operator suffers ransomware-related data breach (lien direct) | Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. [...] | Data Breach | ||
|
2022-08-22 10:39:53 | LockBit ransomware blames Entrust for DDoS attacks on leak sites (lien direct) | The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. [...] | Ransomware | ||
|
2022-08-21 12:27:34 | An encrypted ZIP file can have two correct passwords - here\'s why (lien direct) | Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction? [...] | Malware | ||
|
2022-08-20 11:15:30 | WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware (lien direct) | WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan. [...] | Malware | ||
|
2022-08-19 14:58:29 | Grandoreiro banking malware targets manufacturers in Spain, Mexico (lien direct) | The notorious 'Grandoreiro' banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. [...] | Malware | ||
|
2022-08-19 11:10:55 | Russian APT29 hackers abuse Azure services to hack Microsoft 365 users (lien direct) | The state-backed Russian cyberespionage group Cozy Bear has been particularly prolific in 2022, targeting Microsoft 365 accounts in NATO countries and attempting to access foreign policy information. [...] | Hack | APT 29 | |
|
2022-08-18 19:06:42 | (Déjà vu) LockBit claims ransomware attack on security giant Entrust, leaks data (lien direct) | The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust. [...] | Ransomware | ||
|
2022-08-18 19:06:42 | LockBit claims ransomware attack on security giant Entrust (lien direct) | The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust. [...] | Ransomware | ||
|
2022-08-18 15:49:45 | Apple releases Safari 15.6.1 to fix zero-day bug used in attacks (lien direct) | Apple has released Safari 15.6.1 for macOS Big Sur and Catalina to fix a zero-day vulnerability exploited in the wild to hack Macs. [...] | Hack Vulnerability | ||
|
2022-08-18 15:19:28 | Android malware apps with 2 million installs found on Google Play (lien direct) | A new batch of thirty-five Android malware apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices. [...] | Malware | ||
|
2022-08-18 12:00:00 | Google blocks largest HTTPS DDoS attack \'reported to date\' (lien direct) | A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind. [...] | |||
|
2022-08-18 06:00:00 | Amazon fixes Ring Android app flaw exposing camera recordings (lien direct) | Amazon has fixed a high-severity vulnerability in the Amazon Ring app for Android that could have allowed hackers to download customers' saved camera recordings. [...] | Vulnerability | ||
|
2022-08-17 18:35:26 | Apple security updates fix 2 zero-days used to hack iPhones, Macs (lien direct) | Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. [...] | Hack | ||
|
2022-08-17 17:28:33 | BlackByte ransomware gang is back with new extortion tactics (lien direct) | The BlackByte ransomware is back with version 2.0 of their operation, including a new data leak site utilizing new extortion techniques borrowed from LockBit. [...] | Ransomware | ||
|
2022-08-17 13:01:42 | North Korean hackers use signed macOS malware to target IT job seekers (lien direct) | North Korean hackers from the Lazarus group have been using a signed malicious executable for macOS to impersonate Coinbase and lure in employees in the financial technology sector. [...] | Malware Medical | APT 38 | |
|
2022-08-17 12:11:18 | (Déjà vu) Malicious PyPi packages turn Discord into password-stealing malware (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 12:11:18 | A dozen PyPI packages turn Discord into an info-stealing backdoor (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 10:00:00 | Malware devs already bypassed Android 13\'s new security feature (lien direct) | Android malware developers are already adjusting their tactics to bypass a new 'Restricted settings' security feature introduced by Google in the newly released Android 13. [...] | Malware | ||
|
2022-08-16 12:46:53 | New MailChimp breach exposed DigitalOcean customer email addresses (lien direct) | DigitalOcean is warning customers that a recent MailChimp security breach exposed the email addresses of some customers, with a small number receiving unauthorized password resets. [...] | APT 32 | ||
|
2022-08-16 10:02:01 | The Benefits of Making Password Strength More Transparent (lien direct) | Google is in the process of developing a password strength indicator for its Chrome browser. The good news is that there is an easy way of starting users down the road to using strong passwords even before the new version of Chrome is released. [...] | |||
|
2022-08-16 05:05:03 | (Déjà vu) Hackers attack UK water supplier but extort wrong company (lien direct) | South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. [...] | |||
|
2022-08-16 05:05:03 | (Déjà vu) Hackers attack UK water supplier but extort wrong victim (lien direct) | South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. [...] | |||
|
2022-08-16 05:05:03 | Hackers attack UK water supplier with 1.6 million customers (lien direct) | South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. [...] | |||
|
2022-08-15 20:06:24 | Argentina\'s Judiciary of Córdoba hit by PLAY ransomware attack (lien direct) | Argentina's Judiciary of Córdoba has shut down its IT systems after suffering a ransomware attack, reportedly at the hands of the new 'Play' ransomware operation. [...] | Ransomware | ||
|
2022-08-15 18:03:24 | Malicious PyPi packages aim DDoS attacks at Counter-Strike servers (lien direct) | A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server. [...] | |||
|
2022-08-15 17:46:24 | Twilio hack exposed Signal phone numbers of 1,900 users (lien direct) | Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month. [...] | Data Breach Hack | ||
|
2022-08-14 10:12:24 | Over 9,000 VNC servers exposed online without a password (lien direct) | Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. [...] | Threat | ★★ | |
|
2022-08-13 11:08:16 | Google fined $60 million over Android location data collection (lien direct) | The Australian Competition and Consumer Commission (ACCC) announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. [...] | Guideline | ★★★★ | |
|
2022-08-13 10:12:06 | SOVA malware adds ransomware feature to encrypt Android devices (lien direct) | The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...] | Ransomware Malware | ★★★ | |
|
2022-08-12 16:45:00 | Chinese hackers backdoor chat app with new Linux, macOS malware (lien direct) | Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems. [...] | Malware | ★★★★ | |
|
2022-08-12 13:44:23 | Twilio: 125 customers affected by data breach, no passwords stolen (lien direct) | Cloud communications giant Twilio, the owner of the highly popular two-factor authentication (2FA) provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week. [...] | |||
|
2022-08-11 15:32:34 | Zimbra auth bypass bug exploited to breach over 1,000 servers (lien direct) | An authentication bypass Zimbra security vulnerability is being exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide. [...] | Vulnerability | ||
|
2022-08-11 12:18:40 | UK NHS service recovery may take a month after MSP ransomware attack (lien direct) | Managed service provider (MSP) Advanced confirmed that a ransomware attack on its systems caused the disruption of emergency services (111) from the United Kingdom's National Health Service (NHS). [...] | Ransomware | ||
|
2022-08-10 18:21:40 | 7-Eleven Denmark confirms ransomware attack behind store closures (lien direct) | 7-Eleven Denmark has confirmed that a ransomware attack was behind the closure of 175 stores in the country on Monday. [...] | Ransomware | ||
|
2022-08-10 14:04:44 | Hacker uses new RAT malware in Cuba Ransomware attacks (lien direct) | A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool. [...] | Ransomware Malware | ★★★★★ | |
|
2022-08-10 12:50:17 | Phishing attack abuses Microsoft Azure, Google Sites to steal crypto (lien direct) | A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites. [...] | |||
|
2022-08-09 13:28:10 | Cloudflare employees also hit by hackers behind Twilio breach (lien direct) | Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack very similar to the one that led to Twilio's network being breached last week. [...] | |||
|
2022-08-09 11:00:05 | Maui ransomware operation linked to North Korean \'Andariel\' hackers (lien direct) | The Maui ransomware operation has been linked to the North Korean state-sponsored hacking group 'Andariel,' known for using malicious cyber activities to generate revenue and causing discord in South Korea. [...] | Ransomware | ||
|
2022-08-09 10:02:04 | Hackers install Dracarys Android malware using modified Signal app (lien direct) | Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations targeting users from New Zealand, India, Pakistan, and the United Kingdom. [...] | Malware |
To see everything:
Our RSS (filtrered)
