What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-07 11:31:31 | Hack Allows Drone Takeover Via \'ExpressLRS\' Protocol (lien direct) | A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver. | |||
|
2022-07-06 10:33:35 | Human Error Blamed for Leak of 1 Billion Records of Chinese Citizens (lien direct) | A developer appears to have divulged credentials to a police database on a popular developer forum, leading to a breach and subsequent bid to sell 23 terabytes of personal data on the dark web. | Guideline | ||
|
2022-07-05 12:35:09 | Latest Cyberattack Against Iran Part of Ongoing Campaign (lien direct) | Iran's steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country's rail system. | |||
|
2022-07-05 11:54:21 | Google Patches Actively Exploited Chrome Bug (lien direct) | The heap buffer overflow issue in the browser's WebRTC engine could allow attackers to execute arbitrary code. | |||
|
2022-06-30 17:20:30 | ZuoRAT Can Take Over Widely Used SOHO Routers (lien direct) | Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor. | Threat | ||
|
2022-06-30 11:59:34 | A Guide to Surviving a Ransomware Attack (lien direct) | Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture. | Ransomware | ||
|
2022-06-29 20:18:50 | Leaky Access Tokens Exposed Amazon Photos of Users (lien direct) | Hackers with Amazon users' authentication tokens could've stolen or encrypted personal photos and documents. | |||
|
2022-06-29 13:00:49 | Patchable and Preventable Security Issues Lead Causes of Q1 Attacks (lien direct) | Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. | |||
|
2022-06-28 13:05:00 | Top Six Security Bad Habits, and How to Break Them (lien direct) | Shrav Mehta, CEO, Secureframe, outlines the top six bad habits security teams need to break to prevent costly breaches, ransomware attacks and prevent phishing-based endpoint attacks. | Ransomware | ||
|
2022-06-28 12:42:34 | Mitel VoIP Bug Exploited in Ransomware Attacks (lien direct) | Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim's environments. | Ransomware Threat | ||
|
2022-06-28 12:17:05 | \'Killnet\' Adversary Pummels Lithuania with DDoS Attacks Over Blockade (lien direct) | Cyber collective Killnet claims it won't let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad. | |||
|
2022-06-28 11:57:06 | Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data (lien direct) | CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers. | Vulnerability Threat | ||
|
2022-06-24 11:02:00 | Google Warns Spyware Being Deployed Against Android, iOS Users (lien direct) | The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs. | Malware | ||
|
2022-06-23 12:21:33 | Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug (lien direct) | The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers. | Malware Threat | APT 28 | |
|
2022-06-22 12:49:26 | Gamification of Ethical Hacking and Hacking Esports (lien direct) | Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future. | |||
|
2022-06-22 12:34:57 | Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture (lien direct) | Culture of 'insecure-by-design' security is cited in discovery of bug-riddled operational technology devices. | |||
|
2022-06-22 12:18:33 | Elusive ToddyCat APT Targets Microsoft Exchange Servers (lien direct) | The threat actor targets institutions and companies in Europe and Asia. | Threat | ||
|
2022-06-21 15:19:15 | Modern IT Security Teams\' Inevitable Need for Advanced Vulnerability Management (lien direct) | Traditional vulnerability management programs are outdated, with little to no innovation in the last two decades. Today's dynamic IT environment demands an advanced vulnerability management program to deal with the complex attack surface and curb security risks. | Vulnerability | ||
|
2022-06-21 12:48:21 | Kazakh Govt. Used Spyware Against Protesters (lien direct) | Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders. | |||
|
2022-06-21 12:34:43 | Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack (lien direct) | A reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive. | Ransomware | ||
|
2022-06-21 11:20:48 | Voicemail Scam Steals Microsoft Credentials (lien direct) | Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details. | |||
|
2022-06-17 13:34:04 | China-linked APT Flew Under Radar for Decade (lien direct) | Evidence suggests that a just-discovered APT has been active since 2013. | |||
|
2022-06-16 11:59:09 | State-Sponsored Phishing Attack Targeted Israeli Military Officials (lien direct) | Analysts have uncovered an Iran-linked APT sending malicious emails to top Israeli government officials. | |||
|
2022-06-16 11:24:26 | Ransomware Risk in Healthcare Endangers Patients (lien direct) | Ryan Witt, Proofpoint's Healthcare Cybersecurity Leader, examines the impact of ransomware on patient care. | Ransomware Guideline | ||
|
2022-06-16 10:59:40 | Facebook Messenger Scam Duped Millions (lien direct) | One well crafted phishing message sent via Facebook Messenger ensnared 10 million Facebook users and counting. | |||
|
2022-06-15 13:59:37 | DragonForce Gang Unleash Hacks Against Govt. of India (lien direct) | In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India. | Hack | ||
|
2022-06-15 13:37:23 | Travel-related Cybercrime Takes Off as Industry Rebounds (lien direct) | Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists. | |||
|
2022-06-15 13:00:03 | In Cybersecurity, What You Can\'t See Can Hurt You (lien direct) | The dangers to SMBs and businesses of all sizes from cyberattacks are well known. But what's driving these attacks, and what do cybersecurity stakeholders need to do that they're not already doing? | |||
|
2022-06-14 11:08:27 | Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach (lien direct) | Attackers gained access to private account details through an email compromise incident that occurred in April. | Data Breach | ||
|
2022-06-14 10:55:47 | Linux Malware Deemed \'Nearly Impossible\' to Detect (lien direct) | Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access. | Malware | ||
|
2022-06-13 12:36:20 | Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers (lien direct) | Researchers demonstrated a possible way to track individuals via Bluetooth signals. | |||
|
2022-06-10 13:27:12 | U.S. Water Utilities Prime Cyberattack Target, Experts (lien direct) | Environmentalists and policymakers warn water treatment plants are ripe for attack. | |||
|
2022-06-10 11:02:29 | Potent Emotet Variant Spreads Via Stolen Email Credentials (lien direct) | The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns. | Malware | ||
|
2022-06-09 17:44:03 | Feds Forced Travel Firms to Share Surveillance Data on Hacker (lien direct) | Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution. | |||
|
2022-06-08 13:36:22 | Taming the Digital Asset Tsunami (lien direct) | Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively. | |||
|
2022-06-08 13:05:39 | Paying Ransomware Paints Bigger Bullseye on Target\'s Back (lien direct) | Ransomware attackers often strike targets twice, regardless of whether the ransom was paid. | Ransomware | ||
|
2022-06-08 11:17:40 | Black Basta Ransomware Teams Up with Malware Stalwart Qbot (lien direct) | The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found. | Ransomware Malware | ||
|
2022-06-07 13:25:11 | Cyber Risk Retainers: Not Another Insurance Policy (lien direct) | The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk. | |||
|
2022-06-07 12:45:27 | Conducting Modern Insider Risk Investigations (lien direct) | Insider Risk Management requires a different approach than to those from external threats. IRM is unique from other domains of security in that the data sources which serve as inputs are as often people as they are tools. Shifting the analyst's mindset when handling risks presented by insiders requires us to move through the stages of inquiry, investigation, and determining outcomes. | |||
|
2022-06-07 12:45:00 | Follina Exploited by State-Sponsored Hackers (lien direct) | A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets. | Vulnerability | ||
|
2022-06-07 11:21:47 | Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw (lien direct) | The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. | Tool Vulnerability | ||
|
2022-06-03 13:46:55 | Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again (lien direct) | Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.' | Hack Threat | ||
|
2022-06-03 12:42:41 | Evil Corp Pivots LockBit to Dodge U.S. Sanctions (lien direct) | The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity. | Tool | ||
|
2022-06-02 13:08:55 | Cybercriminals Expand Attack Radius and Ransomware Pain Points (lien direct) | Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks. | Ransomware | ||
|
2022-06-02 11:44:57 | Scammers Target NFT Discord Channel (lien direct) | Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links. | |||
|
2022-06-02 11:18:47 | International Authorities Take Down Flubot Malware Network (lien direct) | The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020. | Malware | ||
|
2022-06-02 10:20:25 | Being prepared for adversarial attacks (lien direct) | There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s […] | Threat | ||
|
2022-06-01 10:38:37 | Microsoft Releases Workaround for \'One-Click\' 0Day Under Active Attack (lien direct) | Threat actors already are exploiting vulnerability, dubbed 'Follina' and originally identified back in April, to target organizations in Russia and Tibet, researchers said. | Threat | ||
|
2022-05-31 12:24:44 | EnemyBot Malware Targets Web Servers, CMS Tools and Android OS (lien direct) | Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot. | Malware Tool | ||
|
2022-05-31 11:38:14 | ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats (lien direct) | The malvertiser's use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. | Threat |
To see everything:
Our RSS (filtrered)
