Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-04-22 09:33:30 |
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave (lien direct) |
For as long as crypto is lucrative, cyberattackers will try to cash in. |
|
|
|
|
2022-04-21 13:27:55 |
Beanstalk DeFi project robbed of $182 million in flash loan attack (lien direct) |
Reserves were drained after the attacker awarded themselves voting rights. |
|
|
|
|
2022-04-21 11:33:31 |
Hive hackers are exploiting Microsoft Exchange Servers in ransomware spree (lien direct) |
In one case, it took them less than 72 hours to infiltrate and hold a company to ransom. |
Ransomware
|
|
|
|
2022-04-21 10:13:11 |
Warrior Trading forced to pay $3 million for \'misleading\' day trading scheme (lien direct) |
The FTC says the firm's owner made "bogus money-making claims." |
|
|
|
|
2022-04-19 09:34:09 |
Lenovo patches UEFI firmware vulnerabilities impacting millions of users (lien direct) |
Three vulnerabilities could be exploited to deploy flash implants and circumvent secure boot. |
|
|
|
|
2022-04-14 12:00:01 |
Meet ZingoStealer: the Haskers Gang\'s new, free malware (lien direct) |
ZingoStealer is able to spread cryptocurrency mining malware. |
Malware
|
|
|
|
2022-04-13 13:05:20 |
Critical vulnerabilities uncovered in hospital robots (lien direct) |
The robots zip around hospitals delivering medicine and other supplies. |
|
|
|
|
2022-04-13 10:52:56 |
Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene (lien direct) |
The botnet borrows a few tricks from Mirai. |
|
|
|
|
2022-04-13 09:22:14 |
Barracuda Networks changes hands with purchase by global investment firm KKR (lien direct) |
KKR is taking over from Thoma Bravo. |
|
|
|
|
2022-04-12 14:00:05 |
These hackers pretend to poach, recruit rival bank staff in new cyberattacks (lien direct) |
Employees looking for new career opportunities are the targets. |
|
|
|
|
2022-04-12 13:00:00 |
Only half of organizations reviewed security policies due to the pandemic: Study (lien direct) |
Investment is expected to increase but existing cybersecurity strategies are lacking. |
|
|
|
|
2022-04-11 13:00:01 |
XSS vulnerability patched in Directus data engine platform (lien direct) |
The platform is described as a "flexible powerhouse for engineers." |
Vulnerability
|
|
|
|
2022-04-08 10:27:21 |
FIN7 hacking group member sentenced to five years behind bars (lien direct) |
He worked as a penetration tester for the criminal outfit. |
|
|
|
|
2022-04-07 09:17:06 |
VMware warns of critical remote code execution bug in Workspace ONE Access (lien direct) |
Other severe vulnerabilities have been resolved. |
|
|
★★★★
|
|
2022-04-07 08:19:00 |
Zoom awarded $1.8 million in bug bounty rewards over 2021 (lien direct) |
The program has paid out $2.4 million since its launch. |
|
|
★★★★★
|
|
2022-04-07 04:00:02 |
Israeli officials are being catfished by AridViper hackers (lien direct) |
APT-C-23 is targeting high-ranking individuals in defense, law, and emergency services. |
|
APT-C-23
|
|
|
2022-04-06 12:00:02 |
This new malware targets AWS Lambda environments (lien direct) |
Denonia malware is abusing servers to run cryptocurrency miners. |
Malware
|
|
|
|
2022-04-06 09:30:03 |
Fake Android shopping apps steal bank account logins, 2FA codes (lien direct) |
Customers of Malaysian banks are being turned into cash cows. |
|
|
|
|
2022-04-05 13:59:41 |
FIN7 hackers evolve operations with ransomware, novel backdoor (lien direct) |
Researchers have explored the shift in the sophisticated group's latest tactics. |
|
|
|
|
2022-04-05 10:50:32 |
GitHub now scans for secret leaks in developer workflows (lien direct) |
The new tool aims to protect developers against API and token exposure. |
Tool
|
|
|
|
2022-04-05 09:44:20 |
US judge sentences men for $1.5 million Apple Gift Card scam (lien direct) |
Apple is also owed over $1 million in damages. |
|
|
|
|
2022-04-04 11:23:00 |
Borat RAT malware: a \'unique\' triple threat that is far from funny (lien direct) |
The malware combines remote access, spyware, and ransomware into one nasty package. |
Ransomware
Malware
Threat
|
|
|
|
2022-04-04 10:13:18 |
Turkey seeks 40,000-year sentences for alleged cryptocurrency exit scammers (lien direct) |
21 suspects are wanted in connection to a defunct Turkish crypto exchange. |
|
|
|
|
2022-04-01 11:54:00 |
Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit (lien direct) |
Log4Shell is being exploited to deploy the kernel rootkit. |
|
APT 19
|
★★★★
|
|
2022-04-01 10:23:05 |
Zyxel urges customers to patch critical firewall bypass vulnerability (lien direct) |
The vendor has issued a severity score of 9.8. |
Vulnerability
|
|
|
|
2022-04-01 09:40:55 |
The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities (lien direct) |
The flaws can be exploited to execute code on vulnerable controllers and workstations. |
|
|
|
|
2022-03-31 14:52:41 |
Meet BlackGuard: a new infostealer peddled on Russian hacker forums (lien direct) |
Sophisticated, but potentially cheap. |
|
|
|
|
2022-03-31 12:00:02 |
Cybersecurity managers with a direct line to executive boards set the tone for investment: study (lien direct) |
Moody's examines how incident response and defense have implications for the market. |
|
|
|
|
2022-03-31 09:23:10 |
Globant admits to data breach after Lapsus$ releases source code (lien direct) |
The hacking group criticized Globant's "poor security practices." |
Data Breach
|
|
|
|
2022-03-30 11:25:23 |
As Lapsus$ comes back from \'vacation,\' Sitel clarifies position on data breach (lien direct) |
Lapsus$ also claims to have compromised a software solutions provider. |
Data Breach
|
|
|
|
2022-03-30 09:40:44 |
This new ransomware targets data visualization tool Jupyter Notebook (lien direct) |
Misconfigured environments are the entry point for the ransomware strain. |
Ransomware
Tool
|
|
|
|
2022-03-29 12:00:00 |
Transparent Tribe APT returns to strike India\'s government and military (lien direct) |
The development of custom malware indicates the group is trying to "compromise even more victims." |
Malware
|
APT 36
|
|
|
2022-03-29 11:09:00 |
Ukraine destroys five bot farms that were spreading \'panic\' among citizens (lien direct) |
Over 100,000 fake accounts were allegedly used to spread misinformation about Russia's invasion. |
|
|
|
|
2022-03-29 11:00:02 |
Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners (lien direct) |
Three backdoors and four miners have been detected in new attacks. |
|
|
|
|
2022-03-28 13:00:00 |
Hundreds more packages found in malicious npm \'factory\' (lien direct) |
Over 600 malicious packages were published in only five days. |
|
|
|
|
2022-03-28 09:57:58 |
Sophos patches critical remote code execution vulnerability in Firewall (lien direct) |
Sophos Firewall is a network protection solution for the enterprise market. |
Vulnerability
|
|
|
|
2022-03-25 13:23:59 |
UK police arrest seven individuals suspected of being hacking group members (lien direct) |
The youngest suspect is 16 years old. |
|
|
|
|
2022-03-25 12:22:24 |
Frosties NFT operators arrested over $1.1 million \'rug pull\' scam (lien direct) |
Investors hand over their cryptocurrency. Project developers vanish. |
|
|
|
|
2022-03-25 11:44:45 |
Avast acquires SecureKey Technologies in authentication, identity management push (lien direct) |
The Canadian company specializes in digital identity services. |
|
|
|
|
2022-03-24 13:00:02 |
Vidar spyware is now hidden in Microsoft help files (lien direct) |
The malware is being spread through an interesting phishing tactic. |
Malware
|
|
★★★
|
|
2022-03-24 10:52:51 |
Mustang Panda hacking group takes advantage of Ukraine crisis in new attacks (lien direct) |
Just as criminals seized on the pandemic, this group is trying to capitalize on Russia's invasion of Ukraine. |
|
|
|
|
2022-03-24 08:58:26 |
Malicious npm packages target Azure developers to steal personal data (lien direct) |
Typosquatting and automatic tools are the weapons of choice. |
|
|
|
|
2022-03-23 16:08:00 |
Okta names Sitel in Lapsus$ security incident impacting up to 366 customers (lien direct) |
The analogy "walking away from your computer at a coffee shop" has been used to describe the incident. |
|
|
|
|
2022-03-23 13:00:09 |
This is how much the average Conti hacking group member earns a month (lien direct) |
While ransom payments can reach millions of dollars, it isn't as much as you'd think. |
|
|
|
|
2022-03-22 12:28:54 |
Social engineering attacks to dominate Web3, the metaverse (lien direct) |
Researchers offer their thoughts on the most prevalent threats faced by emerging technologies. |
|
|
|
|
2022-03-22 10:08:00 |
Okta says breach evidence posted by Lapsus$ hackers linked to January \'security incident\' (lien direct) |
Okta claims there is no proof of current malicious activity on its networks. |
|
|
|
|
2022-03-21 12:49:36 |
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers (lien direct) |
InvisiMole has been collaborating with the Gamaredon APT for years. |
|
|
|
|
2022-03-21 11:41:25 |
New Conti ransomware source code leaked (lien direct) |
The individual responsible is targeting Conti after the group announced its loyalty to Russia during the invasion of Ukraine. |
Ransomware
|
|
|
|
2022-03-21 11:10:19 |
Suspected DarkHotel APT resurgence targets luxury Chinese hotels (lien direct) |
Hospitality firms in Macao, China, are bearing the brunt of targeted cyberattacks. |
|
|
|
|
2022-03-18 12:00:00 |
Franchises, partnerships emerge in Ransomware-as-a-Service operations (lien direct) |
Researchers detail the movers and shakers in the space over 2021. |
|
|
|