What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-18 11:07:38 | French Dad tries to block his kids internet, wipes out town WiFi (lien direct) | A French father attempting to use a signal jammer to prevent his children from accessing the internet accidentally knocked out an entire town’s internet connection. A complaint was sent to the French Agence Nationale des Fréquences, who are responsible for managing radio frequencies in the country received an unusual complaint (translated) from a mobile phone operator. […] | |||
|
2022-02-18 10:48:50 | Major vape vendor hacked (lien direct) | According to BleepingComputer, Element Vape, a major online vendor of e-cigarettes and vaping kits is serving a credit card skimmer on its live site, presumably after being hacked. The company sells e-cigarettes, vaping equipment, e-liquids and CBD products and has significant presence across the US and Canada. Element Vape’s website is hosting a malicious JavaScript […] | ★★★★ | ||
|
2022-02-18 10:39:49 | Vulnerability found in major WordPress plugin (lien direct) | UpdraftPlus, a WordPress plugin with over 3 million installations, has been patched following the discovery of a vulnerability by security researcher Marc Montpas. The Wordfence Threat Intelligence team explained in a blog post that the vulnerability enables any logged in user, including subscriber-level users, to download backups made with the plugin. The WordPress security company […] | Vulnerability Threat | ||
|
2022-02-17 11:05:55 | Trickbot hits top brands, attacks customers (lien direct) | Trickbot, the bane of many cybersecurity professionals lives’, has begun to target the customers of 60 major institutions including Wells Fargo and Bank of America. The attacks come through web injections and phishing campaigns. Initially, Trickbot was a relatively simple Banking Trojan similar to Zeus, Agent Tesla, Dridex and DanaBot. Following the retirement of the […] | ★★ | ||
|
2022-02-17 10:06:55 | Baltimore tricked out of $375k (lien direct) | The Office of the Inspector General (OIG) has released a report revealing that Baltimore city was tricked out of hundreds of thousands of dollars last year by a cyber-criminal posing as a vendor. After receiving information from Baltimore’s Bureau of Accounting and Payroll Services (BAPS) in regards to a suspected fraudulent Electronic Funds Transfer (EFT), […] | ★★★★ | ||
|
2022-02-16 15:20:43 | Lessons Learned From the 2022 NPM Corruption (lien direct) | Marak Squires is the maintainer of the 'colors' and 'faker' libraries. The two projects accumulate ~23 million weekly downloads and support ~23,000 projects. In January of 2022, he intentionally introduced an infinite loop that bricked every project relying on either one of these libraries. Consequently, GitHub suspended the developer's account. The justification provided by the […] | ★★★★ | ||
|
2022-02-16 11:52:22 | Hackers targeting people with fake Track and Trace texts (lien direct) | Scan text messages claiming to be from NHS Test and Trace have been circulating recently, Cornwall council warns. The messages falsely claim that the recipient has been in close contact with someone that has tested positive for Covid and asks them to click on a link to book a test. The texts are sent from […] | |||
|
2022-02-16 11:36:03 | Google doubles bug bounties (lien direct) | Google has announced that they have doubled the rewards for anyone who can who can demonstrate working exploits for a range of zero-day and one-day vulnerabilities across a variety of platforms. The reward increases are applicable to exploits discovered in the Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF (Kubernetes-based infrastructure for capture the […] | Uber | ||
|
2022-02-16 11:06:54 | 3 out of 5 cyber-attacks in 2021 were malware-free (lien direct) | A new report from CrowdStrike has revealed that ransomware-related data leaks increased by 82% year-on-year in 2021, but three-fifths of cyber attacks involved no malware whatsoever. The security company's 2022 Global Threat Report was put together using an analysis of its own incident response engagements and security telemetry. The report revealed that 62% of attacks used legitimate […] | Malware Threat | ||
|
2022-02-16 10:37:29 | DDoS attack hits Ukraine Defence and Bank Networks (lien direct) | The attacks knocked out the Ukrainian defence ministry’s website and two bank networks were knocked out. According to the internet monitoring organisation NetBlocks, the attack hit on Tuesday afternoon and lasted for several hours. In a statement yesterday, the organisation revealed that “NetBlocks metrics confirm the loss of service to multiple banking and online platforms […] | |||
|
2022-02-15 17:17:51 | Small businesses facing upwards of 11 cyberthreats per day per device (lien direct) | BlackBerry Limited has released the 2022 BlackBerry Annual Threat Report, highlighting a cybercriminal underground which it says has been optimised to better target local small businesses. Small businesses will continue to be an epicentre for cybercriminal focus as SMBs facing upward of 11 cyberthreats per device per day, which only stands to accelerate as cybercriminals […] | Threat | ||
|
2022-02-15 11:20:04 | One Identity launches Cloud Infrastructure Entitlement Management (lien direct) | One Identity, the provider of unified identity security, has announced the availability of One Identity Cloud Infrastructure Entitlement Management (CIEM), enabling businesses to support governance and privileged access for cloud infrastructure objects. The company said this innovation along with other new releases such as its Application Governance module and a new connector to Microsoft Teams, […] | |||
|
2022-02-15 11:06:35 | (Déjà vu) Google update fixes zero-day vulnerability (lien direct) | Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, as fix for a high-severity zero-day vulnerability used by cyber-attackers. “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild,” the company said in a security advisory released today. Chrome update will roll out over the coming weeks but it is possible […] | Vulnerability | ||
|
2022-02-15 10:55:59 | Morley companies suffers data breach (lien direct) | A data breach at a business services company based in Saginaw, Michigan may have exposed the personal information of 521,00 people. The attack was detected on August 1 last year when data in the company’s care became unavailable. The breach comes as a direct result of cyber-criminals targeting Morley Companies. Michigan attorney general Dana Nessel confirmed […] | Data Breach | ||
|
2022-02-15 10:22:42 | Ukraine says it has been targeted by Russian cyber-attacks (lien direct) | The Security Service of Ukraine (SSU) says that the attacks aim provoke anxiety and undermine Ukrainian society’s confidence in the state’s ability to defend its citizens. “Ukraine is facing attempts to systemically sow panic, spread fake information and distort the real state of affairs. All this combined is nothing more than another massive wave of […] | |||
|
2022-02-15 10:09:00 | Local authority earmarks $380k for cyber-attack recovery (lien direct) | Following a breach in December, Gloucester City Council has set aside $380k to recover from the incident. The local authority admitted at the time of the attack that it could take up to 6 months fix as servers would need rebuilding. Councillors have admitted, however, that the sum may not be enough to handle the […] | |||
|
2022-02-14 17:19:59 | Scammers increasingly targeting women on dating sites (lien direct) | TSB has released data ahead of Valentine’s day showing how dating sites are “riddled with scammers”. Unfortunately, it has shown that women were targeted in two-thirds of the cases it analysed and the average age of those scammed was 47 years old. The average amount of money swindled from women was £6,300 compared with men […] | ★★ | ||
|
2022-02-14 12:07:49 | (Déjà vu) Croatian phone carrier reports data breach (lien direct) | ‘A1 Hrvatska’, a Croatian phone carrier, has disclosed a data breach exposing the personal information of roughly 200,000 of its customers. The organisation has not provided many details outside the fact that they suffered a cybersecurity incident involving the unauthorised access of one of their user databases containing sensitive personal information. The information leaked includes […] | Data Breach | ||
|
2022-02-14 11:52:32 | Half of all emails in 2021 were spam (lien direct) | Email spam rates averaged 46% over the year globally, according to a new report by Kaspersky. In its new Spam and Phishing in 2021 report, the Russian AV company revealed that spam rates peaked at 48% in June. The majority came from machines in Russia (25%), followed by Germany (14%), the US (10%) and China (9%). […] | Spam | ||
|
2022-02-14 11:39:02 | Major car dealer suffers ransomware attack (lien direct) | Emil Frey, a Swiss car dealer have released a statement confirming that they were hit with a ransomware attack last month. The company, which is ranked as the number 1 car dealership in Europe, showed up on the list of victims for the Hive ransomware on February 1 later confirming that they were attacked in […] | Ransomware | ||
|
2022-02-14 11:28:15 | Sensitive business addresses published in COVID data breach (lien direct) | The addresses of defence sites, a missile maintenance unit and domestic violence shelters were among the 500,000 addresses leaked by mistake. This is the first major breach of the New South Wales government’s huge store of QR code data. Premier Dominic Perrottet said the information was uploaded in error and “shouldn't have happened”. The mistake […] | Data Breach | ||
|
2022-02-14 11:04:26 | San Francisco 49ers hit with ransomware attack (lien direct) | Mere hours before the Super Bowl kick off, the San Francisco 49ers confirmed they were the most recent victims of the BlackByte ransomware group. In a statement to ZDNet, the team said it “recently became aware of a network security incident” causing disruption to their corporate IT network. “Upon learning of the incident, we immediately initiated […] | Ransomware | ||
|
2022-02-11 17:08:40 | Microsoft fixes Defender flaw (lien direct) | Microsoft has addressed in the Microsoft Defender Antivirus that allowed attackers to plant and execute malicious payloads while avoiding Defender’s malware detection engine. The flaw affected even the latest Windows 10 versions and threat attackers have been able to exploit it since at least 2014. As BleepingComputer previously reported, the flaw resulted from lax security settings […] | Malware Threat | ||
|
2022-02-11 16:07:32 | DomainTools Announces Availability of Iris Detect (lien direct) | DomainTools has announced the availability of DomainTools Iris Detect, an innovative new product designed to discover and monitor domain names spoofing brands, trademarks, or other domains with unprecedented speed, accuracy, and comprehensiveness. Building on the world's largest databases of domain registration and Domain Name System (DNS) data developed by DomainTools and Farsight Security, the discovery engine underpinning Iris Detect […] | |||
|
2022-02-11 12:04:35 | Health data of thousands of Dorset patients leaked by mistake (lien direct) | A new study reports that Dorset Healthcare University NHS Foundation Trust (DHC) experienced the fourth highest number of data breaches in the UK. The trust argues this does not tell the whole story. Security website VPNoverview.com sent out Freedom of Information requests to 229 NHS foundations across the UK regarding data breaches. Of those, 152 […] | |||
|
2022-02-11 10:55:17 | DDoS attacks hit historic peak (lien direct) | Cybersecurity company Kaspersky found that distributed denial of service (DDoS) attacks recorded quarterly peaked towards the end of 2021. The company's DDoS attacks in Q4 2021 Report found the total number of DDoS attacks that occurred in Q4 2021 was 4.65 times higher compared with Q4 the previous year, then showing an increase of 52% […] | ★★★★ | ||
|
2022-02-11 10:38:32 | Nearly $1.3 billion ransom paid to hackers since 2020 (lien direct) | Cryptocurrency experts have warned that ransomware payments will likely surpass both the $602m already identified and the 2020 figure. The Ransomware Crypto Crime Report produced by blockchain investigations and analytics company Chainalysis presents significant insight into industry trends. The report shows that average payment size has soared in recent years. In 2019 it was only […] | Ransomware | ||
|
2022-02-10 16:47:27 | API Security in the spotlight as Salt Security becomes next Black Unicorn (lien direct) | In December 2021, Gartner® reviewed its earlier predictions about API attacks, commenting, “On Target: 2017 Prediction - By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications…. As 2022 approaches, this prediction could arguably be counted as “missed” - but only because we underestimated the steep rise in […] | |||
|
2022-02-10 14:36:29 | Cybersecurity Association of Maryland to set up Centres of Excellence (lien direct) | The Cybersecurity of Maryland, Inc (CAMI) announced today plans to expand its membership program alongside setting up Centres of Excellence. CAMI aims to develop cybersecurity in the Old Line State through collaboration and advocacy. The organisation hopes to foster cooperation in cybersecurity through opportunities for companies across all industries. The organisation announced today that it […] | ★★★★★ | ||
|
2022-02-10 11:18:14 | MageCart attacks hit hundreds of outdated Magento sites (lien direct) | Analysts at Sansec found the source of over 500-ecommerce stores involving a single domain loading a credit card skimmer on all of them. The attack became evident in late January when a Sansec crawler discovered 374 infections in one day, all using the same malware. The domain that loaded the malware, naturalfreshmall[.]com, is currently offline […] | ★★★★ | ||
|
2022-02-10 11:00:59 | Rapper accused of laundering billions worth of bitcoin (lien direct) | A TikTok rapper and her husband have been charged with conspiring to launder $4.5bn worth of bitcoin. The bitcoin was stolen from a virtual currency exchange in 2016 in the biggest crypto-heist the world has ever seen. Heather Morgan, 31, and Ilya' Dutch' Lichtenstein, 34, both of New York, New York, were arrested in Manhattan on […] | |||
|
2022-02-09 11:51:25 | Safer Internet Day 2022 – How Can The Online World Be Safer Place? (lien direct) | The 8th of February marked the 19th Safer Internet Day which saw over 200 countries take a collaborative stance to make the Internet a safer and better place for all, particularly for younger people. Over the past 18 months, online activity sky-rocketed due to the disruptions caused by the pandemic. With many faced with lockdowns, […] | |||
|
2022-02-09 11:09:07 | Molerats hackers deploy new malware (lien direct) | The APT group tracked as TA402 but widely known as Molerats has been observed using a new implant dubbed ‘NimbleMamba’. This comes as part of a cyber-espionage campaign leveraging geofencing and URL redirects to legitimate websites. Proofprint discovered the campaign and their analysts observed three variations of the infection chain, all targeting governments in Middle […] | Malware | ||
|
2022-02-09 10:57:38 | Cryptocurrency organisations hit with fake job offers (lien direct) | North Korean threat actors, known as the Lazarus group have been posting fake job listings to target the cryptocurrency vertical in the US, UK, Germany, Singapore and more. Lazarus hackers, also known as HIDDEN COBRA by the United States Intelligence Community and Zinc by Microsoft, have targeted cryptocurrency organisations in the past. The North Koreans are […] | Threat Medical | APT 38 APT 28 | ★★ |
|
2022-02-09 10:42:23 | Ransomware gang affiliate sentenced to 7 years (lien direct) | Following a guilty plea on January 31, Netwalker ransomware gang affiliate Sebastien Vachon-Desjardin was sentenced to seven years in prison for his involvement with the group by an Ontario court. Vachon-Desjardins reportedly pleaded guilty to give charges regarding “theft of computer data, extortion, the payment of cryptocurrency ransoms, and participating in the activities of a […] | Ransomware Guideline | ★★★★ | |
|
2022-02-08 11:16:13 | Russia arrests hacking group (lien direct) | According to Russian media, 6 men have been arrested at the request of the Ministry of Internal Affairs of the Russian Federation. The men are suspected of stealing and selling credit cards online. “The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against […] | ★★ | ||
|
2022-02-08 11:06:15 | QBot steals data in 30 minutes (lien direct) | Qbot, also known as Qakbot or QuakBot, has recently returned to lightning speed attacks, with analysts reporting that it only takes 30 minutes from infection to steal emails and credentials. A new report by DFIR suggests that Qbot was carrying out data-snatching operations in October 2021. It is now believed that the threat actors behind […] | Threat | ||
|
2022-02-08 10:52:20 | (Déjà vu) Washington suspects POLARIS breach (lien direct) | The Washington State Department of Licensing (DOL) has closed down their Professional Online Licensing and Regulatory Information System (POLARIS) as a precaution against suspicious activity. The system stores information regarding license holders and applicant. The information varies but may include Social Security numbers, dates of birth, drivers licence numbers and a range of other personally […] | |||
|
2022-02-08 10:38:41 | (Déjà vu) DPD Parcel tracking flaw may have exposed customer data (lien direct) | DPD Groups‘ package tracking system has potentially been exploited to access the personally identifiable details of its clients. DPD Group, a parcel delivery service with a global presence that ships around two billion parcels annually worldwide requires customers to track their parcels by entering a parcel code and a post code. Pen Test Partners researchers […] | |||
|
2022-02-07 12:25:02 | Cybersecurity compliance still not a priority for many (lien direct) | The most consistent data point in the IBM i Marketplace Survey Results over recent years has been the ever-present cybersecurity threat. This year is no exception. The study shows that 62% of organisations consider cybersecurity a number one concern as they plan their IT infrastructure. 22% cite regulations and compliance in their top five. While companies that […] | |||
|
2022-02-07 11:33:17 | BlackCat gang (ALPHV) linked with BlackMatter/Darkside ransomware operations (lien direct) | The BlackCat ransomware operation, also known as ALPHV has confirmed their former involvement in the notorious BlackMatter/Darkside ransomware operations. BlackCat/ALPHV, launched in November 2021, is a new feature-rich ransomware operation developed, somewhat unusually, in the Rust programming language. The ransomware executable is highly customizable, with different encryption methods and options allowing for attacks on a […] | Ransomware | ||
|
2022-02-07 11:11:16 | Sensitive information of over 500k people leaked (lien direct) | Morley Companies has announced that it was hit with a ransomware attack last year that resulted in the sensitive information of more than 500,000 people being leaked. The organisation provides business services to dozens of Fortune 500 companies. In a press release, the company said the ransomware attack began on August 1 and made their data […] | Ransomware | ||
|
2022-02-07 10:39:58 | $4.4 million stolen in attack on blockchain infrastructure (lien direct) | Hackers stole $4.4 million from the blockchain infrastructure company Meter in a cyberattack on Saturday. The company manages infrastructure allowing smart contracts to scale and travel through heterogonous blockchain networks. Both Meter and Moonriver networks were affected. The company said it manages an infrastructure that allows smart contracts to scale and travel through heterogeneous blockchain […] | |||
|
2022-02-04 16:36:50 | Ransomware gangs and supply chain vulnerabilities: Nozomi Networks Labs reports on the current threat landscape (lien direct) | While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organizations are fighting back with targeted remediation efforts A new OT/IoT security trends report from Nozomi Networks Labs finds cyber threats have becoming a never-ending reality for critical business operations. In a review of the threat […] | Vulnerability Threat | ★★★★ | |
|
2022-02-04 16:33:23 | Russia-Ukraine escalation of tensions: FBI calls for reports of uptick in cyber activit (lien direct) | The FBI is asking US businesses to report any uptick in Russian hacking threats — the latest effort to prepare for potential Russian cyberattacks on US organizations amid Russia’s troop buildup on Ukraine’s border, CNN reported this week. “Have you identified any efforts by known or suspected Russian [hacking groups] to test exploitation capabilities, develop new malware […] | Malware | ★★★★★ | |
|
2022-02-04 15:29:27 | Edgescan partners with Manicode to revolutionise secure coding courses (lien direct) | Edgescan, the provider of the most comprehensive fullstack vulnerability management solution, today announces a partnership with Manicode Security, the secure coding education company. With a combination of lecture, security testing demonstration, and code review, Manicode classes are sure to entertain and educate app, web services, and mobile software developers and architects to the practices of […] | Vulnerability | ||
|
2022-02-04 11:11:20 | Zimbra zero-day vulnerability exploited to steal emails (lien direct) | Attacks linked to a Chinese threat actor have exploited a Zimbra’s zero-day vulnerability and are stealing emails linked to European government and media. Researchers say that at the time of writing the exploit has no available patch. Zimbra says that more than 200,000 businesses from over 140 countries are using its software, including over 1,000 […] | Vulnerability Threat | ||
|
2022-02-04 11:02:08 | Pharma employee credentials exposed (lien direct) | Employees and executives from the top 20 pharma companies on the Fortune 500 list have had their credentials exposed, new research suggests. Constella Intelligence identified 9,030 breaches/leakages and 4,549,871 exposed records-including attributes like email addresses, passwords, phone numbers, addresses, and even credit card and banking information-related to employee corporate credentials from the companies analysed. The circulation […] | |||
|
2022-02-04 10:51:03 | US Federal government creates cybersecurity incident review board (lien direct) | The Department of Homeland Security has announced a new Cyber Safety Review Board bringing together cybersecurity experts from public and private organizations to “review and assess significant cybersecurity events.” The board was part of the executive order that President Joe Biden signed last year. Experts have long called for a federal organisation for cybersecurity incidents […] | |||
|
2022-02-03 11:20:40 | KP snacks hit with ransomware attack (lien direct) | KP Snacks, purveyor of iconic British snacks such as Skips and Butterkist, has been hit with a ransomware attack threatening to impact deliveries at least until the end of March. The company announced that Conti, an incredibly effective Russian-speaking group, is behind the attack. As is typical for the gang, they stole data in a […] | Ransomware |
To see everything:
Our RSS (filtrered)
