What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-19 15:32:48 | CEO tried funding his startup by asking insiders to deploy ransomware (lien direct) | Likely inspired by the LockBit ransomware gang, a Nigerian threat actor tried their luck with a $1 million payment lure to recruit an insider to detonate a ransomware payload on the company servers. [...] | Ransomware Threat | ||
|
2021-08-16 15:52:44 | T-Mobile confirms servers were hacked, investigates data breach (lien direct) | T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen. [...] | Data Breach Threat | ||
|
2021-08-16 09:06:46 | Hackers behind Iranian wiper attacks linked to Syrian breaches (lien direct) | Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [...] | Malware Threat | ||
|
2021-08-15 18:27:28 | Hacker claims to steal data of 100 million T-mobile customers (lien direct) | A threat actor claims to have hacked T-Mobile's servers and stolen databases containing the personal data of approximately 100 million customers. [...] | Threat | ★★★ | |
|
2021-08-14 10:00:00 | US brokers warned of ongoing phishing attacks impersonating FINRA (lien direct) | The US Financial Industry Regulatory Authority (FINRA) warns US brokerage firms and brokers of an ongoing phishing campaign impersonating FINRA officials and asking them to hand over sensitive information under the threat of penalties. [...] | Threat | ★★★ | |
|
2021-08-12 17:24:22 | (Déjà vu) Microsoft Exchange servers are getting hacked via ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-12 17:24:22 | Hackers now backdoor Microsoft Exchange using ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-11 17:21:22 | (Déjà vu) Hacker behind biggest ever cryptocurrency heist returns stolen funds (lien direct) | The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. [...] | Threat | ||
|
2021-08-11 17:21:22 | Hacker behind biggest cryptocurrency heist ever returns stolen funds (lien direct) | The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. [...] | Threat | ||
|
2021-08-10 15:28:07 | Windows security update blocks PetitPotam NTLM relay attacks (lien direct) | Microsoft has released security updates that block the PetitPotam NTLM relay attack that allows a threat actor to take over a Windows domain. [...] | Threat | ||
|
2021-08-09 18:19:37 | One million stolen credit cards leaked to promote carding market (lien direct) | A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums. [...] | Threat | ||
|
2021-08-09 17:43:03 | FlyTrap malware hijacks thousands of Facebook accounts (lien direct) | A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. [...] | Malware Threat | ||
|
2021-08-07 12:53:34 | Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now (lien direct) | Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. [...] | Threat | ||
|
2021-08-07 10:10:05 | Actively exploited bug bypasses authentication on millions of routers (lien direct) | Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. [...] | Vulnerability Threat | ||
|
2021-08-06 17:16:56 | The Week in Ransomware - August 6th 2021 - Insider threat edition (lien direct) | If there is one thing we learned this week, it's that not only are corporations vulnerable to insider threats but so are ransomware operations. [...] | Ransomware Threat | ||
|
2021-08-06 12:09:58 | Computer hardware giant GIGABYTE hit by RansomEXX ransomware (lien direct) | Taiwanese motherboard maker Gigabyte has suffered a RansomEXX ransomware attack where threat actors threaten to release 112 GB of data if a ransom is not paid. [...] | Ransomware Threat | ||
|
2021-07-30 19:43:44 | The Week in Ransomware - July 30th 2021 - €1 billion saved (lien direct) | Ransomware continues to be active this week, with new threat actors releasing new features, No More Ransom turning five, and a veteran group rebrands. [...] | Ransomware Threat | ||
|
2021-07-23 16:54:03 | New PetitPotam attack allows take over of Windows domains (lien direct) | A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain. [...] | Threat | ||
|
2021-07-23 11:27:27 | Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows (lien direct) | Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters. [...] | Threat | Uber | |
|
2021-07-20 07:27:09 | FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics (lien direct) | The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. [...] | Threat | ||
|
2021-07-18 16:02:20 | New Windows print spooler zero day exploitable via remote print servers (lien direct) | Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. [...] | Vulnerability Threat | ||
|
2021-07-17 11:44:22 | HelloKitty ransomware is targeting vulnerable SonicWall devices (lien direct) | CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [...] | Ransomware Threat | ||
|
2021-07-15 14:57:54 | (Déjà vu) Windows print nightmare continues with malicious driver packages (lien direct) | Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers. [...] | Threat | ||
|
2021-07-15 14:57:54 | Microsoft\'s print nightmare continues with malicious driver packages (lien direct) | Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers. [...] | Threat | ||
|
2021-07-14 08:33:00 | Chinese cyberspies\' wide-scale APT campaign hits Asian govt entities (lien direct) | Kaspersky researchers have revealed an ongoing and large-scale advanced persistent threat (APT) campaign with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities. [...] | Threat | ||
|
2021-07-14 03:32:00 | Trickbot updates its VNC module for high-value targets (lien direct) | The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...] | Ransomware Malware Threat | ||
|
2021-07-13 15:32:23 | Microsoft fixes Windows Hello authentication bypass vulnerability (lien direct) | Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. [...] | Vulnerability Threat | ||
|
2021-07-12 10:17:12 | SolarWinds patches critical Serv-U vulnerability exploited in the wild (lien direct) | SolarWinds is urging customers to patch a remote code execution vulnerability that was exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers. [...] | Vulnerability Threat | ||
|
2021-07-09 14:04:20 | FBI warns cryptocurrency owners, exchanges of ongoing attacks (lien direct) | The Federal Bureau of Investigation (FBI) warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. [...] | Threat Guideline | ||
|
2021-07-07 08:50:19 | Fake Kaseya VSA security update backdoors networks with Cobalt Strike (lien direct) | Threat actors are trying to capitalize on the ongoing Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security updates. [...] | Ransomware Spam Threat | ||
|
2021-07-02 02:56:48 | Microsoft shares mitigations for Windows PrintNightmare zero-day bug (lien direct) | Microsoft says in a newly released security advisory that the Windows Print Spooler zero-day vulnerability known as PrintNightmare has already been exploited in the wild by threat actors. [...] | Vulnerability Threat | ||
|
2021-06-30 19:01:14 | Leaked Babuk Locker ransomware builder used in new attacks (lien direct) | A leaked tool used by the Babuk Locker operation to create custom ransomware executables is now being used by another threat actor in a very active campaign targeting victims worldwide. [...] | Ransomware Tool Threat | ||
|
2021-06-29 17:28:58 | Hackers use zero-day to mass-wipe My Book Live devices (lien direct) | A zero-day vulnerability in Western Digital My Book Live NAS devices allowed a threat actor to perform mass-factory resets of devices last week, leading to data loss. [...] | Vulnerability Threat Guideline | ★★★★ | |
|
2021-06-29 12:23:47 | DoubleVPN servers, logs, and account info seized by law enforcement (lien direct) | Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities. [...] | Threat | ||
|
2021-06-24 08:00:00 | Phishing attack\'s unusual file attachment is a double-edged sword (lien direct) | A threat actor uses an unusual attachment to bypass security software that is a double-edged sword that may work against them. [...] | Threat | ||
|
2021-06-19 13:59:31 | (Déjà vu) South Korea\'s Nuclear Research agency hacked using VPN flaw (lien direct) | South Korea's 'Korea Atomic Energy Research Institute' disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability. [...] | Threat | ||
|
2021-06-19 13:59:31 | South Korea\'s Nuclear Research agency breached using VPN flaw (lien direct) | South Korea's 'Korea Atomic Energy Research Institute' disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability. [...] | Threat | ||
|
2021-06-18 12:48:23 | Fake DarkSide gang targets energy, food industry in extortion emails (lien direct) | Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors. [...] | Ransomware Threat | ||
|
2021-06-17 17:47:15 | (Déjà vu) Eggfree Cake Box suffer data breach exposing credit card numbers (lien direct) | Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers. [...] | Data Breach Threat | ||
|
2021-06-17 17:47:15 | Egg free Cake Box suffer data breach exposing credit card numbers (lien direct) | Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers. [...] | Data Breach Threat | ||
|
2021-06-16 00:19:02 | Peloton Bike+ vulnerability allowed complete takeover of devices (lien direct) | A vulnerability in the Peloton Bike+fitness machine has been fixed that could have allowed a threat actor to gain complete control over the device, including its video camera and microphone. [...] | Vulnerability Threat | ||
|
2021-06-15 17:53:16 | Avaddon ransomware\'s exit sheds light on victim landscape (lien direct) | A new report analyzes the recently released Avaddon ransomware decryption keys to shed light on the types of victims targeted by the threat actors and potential revenue they generated throughout their operation. [...] | Ransomware Threat | ||
|
2021-06-08 14:20:52 | Windows 10 targeted by PuzzleMaker hackers using Chrome zero-days (lien direct) | Kaspersky security researchers discovered a new threat actor dubbed PuzzleMaker, who has used a chain of Google Chrome and Windows 10 zero-day exploits in highly-targeted attacks against multiple companies worldwide. [...] | Threat | ||
|
2021-06-04 14:51:32 | Phishing uses Colonial Pipeline ransomware lures to infect victims (lien direct) | The recent ransomware attack on Colonial Pipeline inspired a threat actor to create create a new phishing lure to trick victims into downloading malicious files. [...] | Ransomware Threat | ||
|
2021-06-04 14:23:21 | (Déjà vu) Attackers are scanning for vulnerable VMware servers, patch now! (lien direct) | Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution (RCE) vulnerability impacting all vCenter deployments and patched by VMware ten days ago. [...] | Vulnerability Threat | ||
|
2021-06-04 14:23:21 | Attackers scan for unpatched VMware vCenter servers, PoC exploit available (lien direct) | Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution (RCE) vulnerability impacting all vCenter deployments and patched by VMware ten days ago. [...] | Vulnerability Threat | ||
|
2021-06-03 11:55:34 | Chinese threat actors hacked NYC MTA using Pulse Secure zero-day (lien direct) | Chinese-backed threat actors breached New York City's Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet. [...] | Threat | ||
|
2021-06-01 15:33:46 | US: Russian threat actors likely behind JBS ransomware attack (lien direct) | The White House has confirmed today that JBS, the world's largest beef producer, was hit by a ransomware attack over the weekend coordinated by a group likely from Russia. [...] | Ransomware Threat | ★★★ | |
|
2021-06-01 13:25:36 | Critical WordPress plugin zero-day under active exploitation (lien direct) | Threat actors are scanning for sites running the Fancy Product Designer plug-in to exploit a zero-day bug allowing them to upload malware. [...] | Threat | ★★★ | |
|
2021-05-29 11:33:44 | New Epsilon Red ransomware hunts unpatched Microsoft Exchange servers (lien direct) | A new ransomware threat calling itself Red Epsilon has been seen leveraging Microsoft Exchange server vulnerabilities to encrypt machines across the network. [...] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
