What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-18 20:05:36 | Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure (lien direct) | The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure. | |||
|
2022-03-18 18:53:40 | DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data (lien direct) | A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says. | |||
|
2022-03-18 17:17:17 | Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet (lien direct) | The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said. | NotPetya NotPetya | ||
|
2022-03-18 14:49:01 | Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops (lien direct) | Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizations' networks for further malicious activity. | Ransomware | ||
|
2022-03-17 19:21:09 | Dev Sabotages Popular NPM Package to Protest Russian Invasion (lien direct) | In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar module. | |||
|
2022-03-17 14:36:04 | Misconfigured Firebase Databases Exposing Data in Mobile Apps (lien direct) | Five percent of the databases are vulnerable to threat actors: It's a gold mine of exploit opportunity in thousands of mobile apps, researchers say. | Threat | ||
|
2022-03-17 13:00:38 | Reporting Mandates to Clear Up Feds\' Hazy Look into Threat Landscape – Podcast (lien direct) | It's about time, AttackIQ's Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck. | Threat | ||
|
2022-03-16 17:32:59 | \'CryptoRom\' Crypto-Scam is Back via Side-Loaded Apps (lien direct) | Scammers are bypassing Apple's App Store security, stealing thousands of dollars' worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs. | |||
|
2022-03-16 16:29:11 | Another Destructive Wiper Targets Organizations in Ukraine (lien direct) | CaddyWiper is one in a barrage of data-wiping cyber-attacks to hit the country since January as the war on the ground with Russia marches on. | |||
|
2022-03-16 04:00:47 | Phony Instagram \'Support Staff\' Emails Hit Insurance Company (lien direct) | The phishing scam tried to steal login credentials by threatening account shutdown, due to users having purportedly shared “fake content.” | |||
|
2022-03-15 19:47:39 | Cyberattacks Against Israeli Government Sites: \'Largest in the Country\'s History\' (lien direct) | DDoS attacks against Israel telecom companies took down government sites, sparking a temporary state of emergency. | |||
|
2022-03-15 16:58:43 | Most QNAP NAS Devices Affected by \'Dirty Pipe\' Linux Flaw (lien direct) | The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP […] | Vulnerability | ||
|
2022-03-15 12:58:59 | Pandora Ransomware Hits Giant Automotive Supplier Denso (lien direct) | Denso confirmed that cybercriminals leaked stolen, classified information from the Japan-based car-components manufacturer after an attack on one of its offices in Germany. | Ransomware | ||
|
2022-03-14 21:50:45 | Staff Think Conti Group Is a Legit Employer – Podcast (lien direct) | The ransomware group's benefits – bonuses, employee of the month, performance reviews & top-notch training – might be better than yours, says BreachQuest's Marco Figueroa. | Ransomware | ||
|
2022-03-14 13:52:37 | Cybercrooks\' Political In-Fighting Threatens the West (lien direct) | They're choosing sides in the Russia-Ukraine war, beckoning previously shunned ransomware groups and thereby reinvigorating those groups' once-diminished power. | Ransomware | ||
|
2022-03-11 18:34:34 | Russia Issues Its Own TLS Certs (lien direct) | The country's citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA. | |||
|
2022-03-11 15:03:20 | Raccoon Stealer Crawls Into Telegram (lien direct) | The credential-stealing trash panda is using the chat app to store and update C2 addresses as crooks find creative new ways to distribute the malware. | |||
|
2022-03-10 19:54:00 | Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers (lien direct) | Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead. | Tool | ||
|
2022-03-10 15:30:19 | Most Orgs Would Take Security Bugs Over Ethical Hacking Help (lien direct) | A new survey suggests that security is becoming more important for enterprises, but they're still falling back on old "security by obscurity" ways. | |||
|
2022-03-10 14:10:04 | Russia May Use Ransomware Payouts to Avoid Sanctions (lien direct) | FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine. | Ransomware | ||
|
2022-03-10 14:00:32 | Multi-Ransomwared Victims Have It Coming–Podcast (lien direct) | Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles. | ★★ | ||
|
2022-03-10 13:00:32 | Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads (lien direct) | The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things. | Malware | ||
|
2022-03-09 21:10:20 | APT41 Spies Broke Into 6 US State Networks via a Livestock App (lien direct) | The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks. | Hack Threat | APT 41 | |
|
2022-03-09 16:00:32 | Most ServiceNow Instances Misconfigured, Exposed (lien direct) | Customers aren't locking down access correctly, leading to ~70 percent of ServiceNow implementations being vulnerable to malicious data extraction. | Guideline | ||
|
2022-03-09 14:07:55 | Russian APTs Furiously Phish Ukraine – Google (lien direct) | Also on the rise: DDoS attacks against Ukrainian sites and phishing activity capitalizing on the conflict, with China's Mustang Panda targeting Europe. | |||
|
2022-03-08 21:42:06 | Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday (lien direct) | The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug. | ★★★★★ | ||
|
2022-03-08 15:56:36 | The Uncertain Future of IT Automation (lien direct) | While IT automation is growing, big challenges remain. Chris Hass, director of information security and research at Automox, discusses how the future looks. | |||
|
2022-03-08 15:14:09 | Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infratructure (lien direct) | The 'TLStorm' vulnerabilities, found in APC Smart-UPS products, could allow attackers to cause both cyber and physical damage by taking down critical infrastructure. | |||
|
2022-03-08 14:52:05 | Bug in the Linux Kernel Allows Privilege Escalation, Container Escape (lien direct) | A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel. | |||
|
2022-03-07 21:30:12 | Novel Attack Turns Amazon Devices Against Themselves (lien direct) | Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers. | |||
|
2022-03-07 19:28:36 | Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak (lien direct) | The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked. | Ransomware | ||
|
2022-03-07 17:46:39 | Nvidia\'s Stolen Code-Signing Certs Used to Sign Malware (lien direct) | Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. | Malware | ||
|
2022-03-07 16:19:15 | Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape (lien direct) | Both vulnerabilities are use-after-free issues in Mozilla's popular web browser. | |||
|
2022-03-04 22:46:59 | Massive Meris Botnet Embeds Ransomware Notes from REvil (lien direct) | Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL. | Ransomware | ||
|
2022-03-04 16:56:27 | Free HermeticRansom Ransomware Decryptor Released (lien direct) | Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists. | Ransomware | ||
|
2022-03-03 17:18:44 | Phishing Campaign Targeted Those Aiding Ukraine Refugees (lien direct) | A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians. | |||
|
2022-03-03 16:31:36 | Russia Leaks Data From a Thousand Cuts–Podcast (lien direct) | It's not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server. | Ransomware | ||
|
2022-03-03 14:00:53 | Securing Data With a Frenzied Remote Workforce–Podcast (lien direct) | Stock the liquor cabinet and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.” | |||
|
2022-03-02 22:50:09 | TeaBot Trojan Haunts Google Play Store, Again (lien direct) | Malicious Google Play apps have circumvented censorship by hiding trojans in software updates. | |||
|
2022-03-02 18:14:49 | Conti Ransomware Decryptor, TrickBot Source Code Leaked (lien direct) | The decryptor spilled by ContiLeaks won't work with recent victims. Conti couldn't care less: It's still operating just fine. Still, the dump is a bouquet's worth of intel. | Ransomware | ||
|
2022-03-01 21:44:32 | (Déjà vu) RCE Bugs in Hugely Popular VoIP Apps: Patch Now! (lien direct) | The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations. | |||
|
2022-03-01 21:44:32 | RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now! (lien direct) | The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations. | |||
|
2022-03-01 17:55:46 | Daxin Espionage Backdoor Ups the Ante on Chinese Malware (lien direct) | Via node-hopping, the espionage tool can reach computers that aren't even connected to the internet. | Malware Tool | ||
|
2022-03-01 16:55:47 | Ukraine Hit with Novel \'FoxBlade\' Trojan Hours Before Invasion (lien direct) | Microsoft detected cyberattacks launched against Ukraine hours before Russia's tanks and missiles began to pummel the country last week. | |||
|
2022-03-01 10:57:23 | Microsoft Accounts Targeted by Russian-Themed Credential Harvesting (lien direct) | Malicious emails warning Microsoft users of "unusual sign-on activity" from Russia are looking to capitalizing on the Ukrainian crisis. | |||
|
2022-02-28 21:00:32 | Ukraine-Russia Cyber Warzone Splits Cyber Underground (lien direct) | A pro-Ukraine Conti member spilled 13 months of the ransomware group's chats, while cyber actors are rushing to align with both sides. | Ransomware | ||
|
2022-02-28 17:23:49 | Toyota to Close Japan Plants After Suspected Cyberattack (lien direct) | The plants will shut down on Tuesday, halting about a third of the company's global production. Toyota doesn't know how long the 14 plants will be unplugged. | |||
|
2022-02-25 21:32:15 | TrickBot Takes a Break, Leaving Researchers Scratching Their Heads (lien direct) | The infamous trojan is likely making some major operational changes, researchers believe. | |||
|
2022-02-25 19:46:57 | Microsoft Exchange Bugs Exploited by \'Cuba\' Ransomware Gang (lien direct) | The ransomware gang known as Cuba is increasingly shifting to exploiting Exchange bugs – including crooks' favorites, ProxyShell and ProxyLogon – as initial infection vectors. | Ransomware | ||
|
2022-02-25 00:29:32 | White House Denies Mulling Massive Cyberattacks Against Russia (lien direct) | The options reportedly included tampering with trains, electric service and internet connectivity, hampering Russia's military operations in Ukraine. |
To see everything:
Our RSS (filtrered)
