What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-09 21:27:12 | US House reps, staff health data swiped in cyber-heist (lien direct) | Data for sale via dark web, Senate in line of fire, too Health data and other personal information of members of Congress and staff were stolen during a breach of servers run by DC Health Care Link and are now up for sale on the dark web.… | ★★ | ||
|
2023-03-09 18:27:06 | Refreshed from its holiday, Emotet has gone phishing (lien direct) | Notorious botnet starts spamming again after a three-month pause Emotet is back. After another months-long lull since a spate of attacks in November 2022, the notorious malware operation that has already survived a law enforcement takedown and various periods of inactivity began sending out malicious emails on Tuesday morning.… | Malware | ★★ | |
|
2023-03-09 02:26:12 | Suspected Chinese cyber spies target unpatched SonicWall devices (lien direct) | They've been lurking in networks since at least 2021 Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant.… | Malware | ★★★ | |
|
2023-03-08 00:01:13 | These DrayTek routers are under actual attack – and there\'s no patch (lien direct) | Workaround: Throw away kit? If you're still running post-support DrayTek Vigor routers it may be time to junk them, or come up with some other workaround, as a cunning malware variant is setting up shop in the kit.… | Malware | ★★ | |
|
2023-03-07 02:04:40 | EPA orders US states to check cyber security of public water supplies (lien direct) | Don't let miscreants poison the wells The US government is requiring states to assess the cyber security capabilities of their drinking water systems, part of the White House's broader efforts to protect the nation's critical infrastructure from attacks by nation-states and other cyber threats.… | ★★★ | ||
|
2023-03-06 21:45:08 | DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape (lien direct) | Millions extorted from victims, one attack left hospital patient dead German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other "masterminds" behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient.… | Ransomware | ★★ | |
|
2023-03-06 03:01:08 | Where are the women in cyber security? On the dark side, study suggests (lien direct) | Also, Royal ransomware metastasizes to other critical sectors, and this week's critical vulnerabilities In Brief If you can't join them, then you may as well try to beat them – at least if you're a talented security engineer looking for a job and you happen to be a woman. … | Ransomware | ★★★ | |
|
2023-03-03 18:30:40 | Frankenstein malware stitched together from code of others disguised as PyPI package (lien direct) | Crime-as-a-service vendors mix and match components as needed by client A malicious package discovered in the Python Package Index (PyPI) is the latest example of what threat hunters from Kroll called the continued "democratization of cybercrime," with the bad guys creating malware variants from the code of others.… | Malware Threat | ★★ | |
|
2023-03-03 17:00:27 | Can we interest you in a $10 pocket calculator powered by Android 9? (lien direct) | Beware, it only has 3GB free and may go up to – yikes! – $23 A Chinese vendor is offering a pocket calculator that runs a full copy of Android 9 – complete with Wi-Fi. It costs ¥69, about 10 bucks.… | ★★ | ||
|
2023-03-03 11:33:13 | Warning on SolarWinds-like supply-chain attacks: \'They\'re just getting bigger\' (lien direct) | Industry hasn't 'improved much at all' SCSW Back in 2020, Eric Scales led the incident response team investigating a nation-state hack that compromised his company's servers along with those at federal agencies and tech giants including Microsoft and Intel.… | Hack | ★★★ | |
|
2023-03-03 00:32:15 | Crappy insecure software in Biden\'s crosshairs (lien direct) | Just-revealed US cybersecurity strategy 'has fangs' for catching crafty criminals and crummy coders Analysis Technology providers can expect more regulations, while cyber criminals can look for US law enforcement to step up their efforts to disrupt ransomware gangs and other illicit activities, under the Biden administration's computer security plan announced on Thursday.… | Ransomware | ★★★ | |
|
2023-03-02 13:27:00 | Intruder alert: UK retailer WH Smith hit by another data leak (lien direct) | Less than a year after Funky Pigeon sprayed details of greetings cards biz Less than a year after its online greetings card subsidiary Funky Pigeon was attacked, WH Smith has admitted someone broke into its systems.… | ★★ | ||
|
2023-03-01 21:30:06 | It\'s official: BlackLotus malware can bypass Secure Boot on Windows machines (lien direct) | The myth 'is now a reality' BlackLotus, a UEFI bootkit that's sold on hacking forums for about $5,000, can now bypass Secure Boot, making it the first known malware to run on Windows systems even with the firmware security feature enabled.… | Malware | ★★ | |
|
2023-02-28 06:59:07 | US Marshals Service leaks \'law enforcement sensitive information\' in ransomware incident (lien direct) | It's not just another data breach when the victim oversees witness protection programs The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a “major” breach of its information security defenses allowed a ransomware infection and exfiltration of “law-enforcement sensitive information”.… | Ransomware Data Breach | ★ | |
|
2023-02-27 04:59:09 | Global finance wonks worry financial services too invested in outsourcers, Big Tech (lien direct) | Not keen on crypto, either – and looking forward to consistent language on cyber incidents Finance ministers from the G20 bloc have put their names to a document that expresses concern financial services industries have become worryingly reliant on Big Tech, and their resilience could suffer as a result.… | ★★ | ||
|
2023-02-24 15:30:11 | Rugged satellite messaging phone Bullitt fired out ahead of MWC (lien direct) | Plus Bluetooth gadget that gives your Android or iPhone the same ability MWC Ruggedized handset maker Bullitt Group has lifted the lid on its first smartphone with satellite messaging ahead of MWC next week, as well as a Bluetooth dongle from Motorola that provides the same capability for any iOS or Android phone.… | ★★★ | ||
|
2023-02-24 07:27:08 | European Commission bans TikTok from staff gadgets (lien direct) | Cyber Europe cyber worried about cyber threats, doesn't cyber use the other C word (China) The European Commission on Thursday banned the use of the TikTok short video app on corporate devices and on the personal devices of employees enrolled in the commission's mobile device management service.… | ★★ | ||
|
2023-02-23 23:30:05 | Suspected Russian NLBrute malware boss extradited to US (lien direct) | Dariy Pankov accused of infiltrating systems, selling tool and passwords to other miscreants A Russian national accused of developing the NLBrute brute-force hacking tool has made his first court appearance this week in Florida over accusations that he used the tool to spawn a criminal empire.… | Malware Tool | ★★★ | |
|
2023-02-22 23:59:24 | Microsoft deploys AI search bot to Bing, Edge, and Skype mobile apps (lien direct) | Cap on daily interactions also lifted slightly – to 60 questions per day Microsoft is integrating its Bing chatbot into iOS and Android apps, allowing users to access AI-powered search features on mobile devices. … | ★★ | ||
|
2023-02-22 20:30:12 | No, ChatGPT didn\'t win a hacking competition prize…yet (lien direct) | $20k Pwn2Own prize for the humans, zero for the AI It was bound to happen sooner or later. For the first time ever, bug hunters used ChatGPT in a successful Pwn2Own exploit, helping the researchers to hack software used in industrial applications and win $20,000.… | Hack Industrial | ChatGPT | ★★★ |
|
2023-02-21 05:14:22 | APNIC calls in lawyers to handle election code of conduct breach allegations (lien direct) | Threats to voters also reported as vote for regional internet registry heats up Regional internet registry the Asia Pacific Network Information Centre (APNIC) has appointed external lawyers to consider allegations of multiple breaches of its election nominee code of conduct, including threats related to the election.… | ★★ | ||
|
2023-02-20 22:00:08 | Humans strike back at Go-playing AI systems (lien direct) | Amateur fleshbag defeats synthetic in 14 of 15 games Think that puny humans don't stand a chance when playing strategy games against an AI? You may have to think again. One person in the US beat an AI at the ancient game of Go by simply distracting it from the attack he was making, a tactic that would be unlikely to work on another meatbag.… | ★★ | ||
|
2023-02-20 20:30:11 | DNA testing biz vows to improve infosec after criminals break into database it forgot it had (lien direct) | Settles lawsuit with two states after wider leak that affected millions A DNA diagnostics company will pay $400,000 and tighten its security in the wake of a 2021 attack where criminals broke into its network and swiped personal data on over two million people from a nine-year-old "legacy" database the company forgot it had.… | ★★ | ||
|
2023-02-20 02:27:10 | GoDaddy joins the dots and realizes it\'s been under attack for three years (lien direct) | Also: Russia may legalize hacking; Oakland declares ransomware emergency; the CVEs you should know about this week In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.… | Ransomware | ★★★★ | |
|
2023-02-19 23:32:24 | Toshiba COO dumped over entertainment expenses scandal (lien direct) | PLUS: Chinese province to buy four million servers; Google Cloud's nine-day APAC network glitch; and more Asia In Brief Amid an investigation into his entertainment expenses, the chief operating officer of scandal-ridden Japanese tech giant Toshiba, Goro Yanase, resigned last week.… | ★★ | ||
|
2023-02-19 09:00:07 | If you\'re struggling to secure email forwarding, it\'s not you, it\'s ... the protocols (lien direct) | Eggheads prove they can mimic messages and bag bug bounty bucks Analysis Over the past two decades, efforts have been made to make email more secure. Alas, defensive protocols implemented during this period, such as SPF, DKIM, and DMARC, remain unable to deal with the complexity of email forwarding and differing standards, a study has concluded.… | ★★ | ||
|
2023-02-17 22:30:06 | (Déjà vu) FBI contains \'isolated cyber incident\' on its network (lien direct) | Move along, totally nothing to see here The FBI has confirmed a cyber "incident" that reportedly involved computer systems being used to investigate child sexual exploitation.… | ★★ | ||
|
2023-02-17 22:30:06 | FBI says its contained an \'isolated cyber incident\' on its network (lien direct) | Move along, nothing to see here The FBI confirmed a cyber "incident" that reportedly involved computer systems being used to investigate child sexual exploitation.… | ★★ | ||
|
2023-02-17 10:30:08 | Cry Havoc and let slip dogs of war ... there\'s an upgraded malware server in town (lien direct) | ThreatLabz finds free alternative to Cobalt Strike and other tools used in the wild There's a fresh open-source command-and-control (C2) framework on the loose, dubbed Havoc, as an alternative to the popular Cobalt Strike, and other mostly legitimate tools, that have been abused to spread malware.… | Malware | ★★ | |
|
2023-02-17 05:15:06 | Norway finds a way to recover crypto North Korea pinched in Axie heist (lien direct) | Meanwhile South Korea's Do Kwon is sought for fraud by US authorities Norwegian authorities announced on Thursday that they had recovered $5.9 million of cryptocurrency stolen in the Axie Infinity hack – an incident widely held to have been perpetrated by the Lazarus Group, which has links to North Korea.… | Hack Medical | APT 38 | ★★★ |
|
2023-02-16 22:26:09 | Google\'s big security cert log overhaul broke Android apps. Now it\'s hit undo (lien direct) | Devs missed warnings plus tons of code relying on a lone open source maintainer Google this week reversed an overhaul of one of its security-related file formats after the transition broke Android apps.… | ★★ | ||
|
2023-02-16 01:30:06 | ESXiArgs ransomware fights off Team America\'s data recovery script (lien direct) | Want a clue to what you're dealing with? Check the ransom note That didn't take long.… | Ransomware | ★★ | |
|
2023-02-15 15:30:14 | ASML says Chinese employee stole data as US sanctions bite (lien direct) | CEO speaks out against export restrictions, saying they will hold back semiconductor advances ASML has claimed that a former employee in China stole data about its technology, which may have led to a breach of export controls.… | ★★ | ||
|
2023-02-15 07:29:10 | Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hack (lien direct) | Gone in 60 seconds using a USB-A plug and brute force instead of a key Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths.… | Hack Guideline | ★★ | |
|
2023-02-14 22:25:14 | Microsoft delivers 75-count box of patches for Valentine\'s Day (lien direct) | Adobe, SAP, Intel, AMD, Android also show up with bouquet of fixes Patch Tuesday Happy Patch Tuesday for February, 2023, which falls on Valentine's Day.… | ★★ | ||
|
2023-02-14 17:00:08 | Google lets a few Android devices into its Privacy Sandbox (lien direct) | Chocolate Factory's ad tech renovation is moving ahead, like it or not Google on Tuesday began rolling out a beta test of its Privacy Sandbox software for a small portion of Android 13 devices to learn how its purportedly privacy-protecting ad tech actually performs.… | ★★ | ||
|
2023-02-14 01:30:08 | Second Soyuz springs a leak, astronauts stuck on ISS for an extra month (lien direct) | Trust us tovarishch, we're just going to do a few more checks Russia's space agency will hold off returning three astronauts from the International Space Station as it works with NASA to investigate a coolant leak issue that impacted an uncrewed freighter spacecraft last weekend.… | ★★ | ||
|
2023-02-14 00:30:11 | Pepsi Bottling Ventures says info-stealing malware swiped sensitive data (lien direct) | That's not what I like Crooks have breached Pepsi Bottling Ventures' network and, after deploying info-stealing malware, made off with sensitive personal and financial information according to a notification sent to consumers.… | Malware | ★ | |
|
2023-02-13 12:38:07 | LockBit\'s Royal Mail ransom deadline flies by. No data released (lien direct) | Also: Russian wiper malware authors turn to data theft, plus this week's critical vulns in brief The notorious LockBit ransomware gang has taken credit for an attack on the Royal Mail – but a deadline it gave for payment has come and gone with nothing exposed to the web except the group's claims.… | Ransomware Malware | ★★ | |
|
2023-02-11 02:16:08 | Ransomware crooks steal 3m+ patients\' medical records, personal info (lien direct) | All that data coming soon to a darkweb crime forum near you? Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.… | Ransomware Medical | ★★★ | |
|
2023-02-10 07:24:07 | US, UK slap sanctions on Russians linked to Conti, Ryuk, Trickbot malware (lien direct) | Any act that sends so much as a ruble to seven named netizens now forbidden The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan.… | Ransomware Malware | ★★ | |
|
2023-02-09 16:46:14 | Apple complains UK watchdog wants to make iOS a \'clone\' of Android (lien direct) | Move means possibility of new WebKit-free iPhone browsers is even more likely The UK competition watchdog's proposed iOS remedies in a probe of its "substantial and entrenched market power" in the mobile ecosystem "would effectively turn Apple into a clone of Android," the iPhone maker told the CMA.… | ★★ | ||
|
2023-02-08 21:30:12 | Among the thousands of ESXiArgs ransomware victim orgs? FBI and CISA to the rescue (lien direct) | The malware has hit more than 3,800 servers globally, according to the Feds The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak.… | Ransomware Malware | ★★★ | |
|
2023-02-08 06:30:14 | Suspect in Finnish psychotherapy center blackmail hack arrested (lien direct) | Suomi sentence expected for shrink records theft French police have arrested a 25-year-old Finnish man accused of hacking a psychotherapy clinic, stealing more than 22,000 patients' therapy notes, demanding ransom payments from them and also leaking this very private info on a Tor website.… | Hack | ★★★ | |
|
2023-02-07 03:00:11 | Surprise! China\'s top Android phones collect way more info (lien direct) | Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… | Studies | ★★★ | |
|
2023-02-06 23:59:08 | Embarrassment as US cyber ambassador\'s Twitter account is hacked (lien direct) | 'Perils of the job' we're told A top US cyber diplomat said his Twitter account was compromised over the weekend.… | General Information | ★★★ | |
|
2023-02-05 12:00:11 | Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears (lien direct) | From frameworks to new federal offices it's time to get busy The hack of SolarWinds' software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?.… | Hack Threat | ★★ | |
|
2023-02-04 00:27:06 | HeadCrab bots pinch 1,000+ Redis servers to mine coins (lien direct) | We devoting full time to floating under /etc A sneaky botnet dubbed HeadCrab that uses bespoke malware to mine for Monero has infected at least 1,200 Redis servers in the last 18 months.… | Malware | ★★★ | |
|
2023-02-03 20:25:08 | Fast-evolving Prilex POS malware can block contactless payments (lien direct) | ... forcing users to insert their cards into less-secure PIN systems The reasons businesses and consumers like contactless payment transactions – high security and speed – are what make those systems bad for cybercriminals.… | Malware | ★★ | |
|
2023-02-03 07:30:10 | LockBit claims responsibility for ION ransomware attack but US/UK hounds are sniffing (lien direct) | Crims put a February 4 deadline for software provider to pay up UK regulators are investigating a cyberattack against financial technology firm ION, while the LockBit ransomware gang has threatened to publish the stolen data on February 4 if the software provider doesn't pay up.… | Ransomware | ★★ |
To see everything:
