What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-18 14:00:50 | Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials (lien direct) | Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific 'ephemeral' aspect of the project-management tool to link to SharePoint phishing pages. | Tool Threat | ||
|
2021-11-17 17:04:01 | Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns (lien direct) | Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving. | Threat | ||
|
2021-11-17 13:44:29 | Phishing Scam Aims to Hijack TikTok \'Influencer\' Accounts (lien direct) | Threat actors used malicious emails to target more than 125 people with high-profile TikTok accounts in an attempt to steal info and lock them out. | Threat | ||
|
2021-11-11 18:48:06 | Cyber-Mercenary Group Void Balaur Attacks High-Profile Targets for Cash (lien direct) | A Russian-language threat group is available for hire, to steal data on journalists, political leaders, activists and from organizations in every sector. | Threat Guideline | ||
|
2021-11-10 14:00:26 | New Android Spyware Poses Pegasus-Like Threat (lien direct) | PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps. | Threat | ||
|
2021-11-08 16:38:05 | Zoho Password Manager Flaw Torched by Godzilla Webshell (lien direct) | A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and […] | Vulnerability Threat | ||
|
2021-11-04 12:51:48 | Magecart Credit Card Skimmer Avoids VMs to Fly Under the Radar (lien direct) | The Magecart threat actor uses a browser script to evade detection by researchers and sandboxes so it targets only victims' machines to steal credentials and personal info. | Threat | ||
|
2021-11-03 18:16:37 | \'Tortilla\' Wraps Exchange Servers in ProxyShell Attacks (lien direct) | The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new "Tortilla" threat actor. | Threat | ★★ | |
|
2021-10-21 19:31:40 | TA551 Shifts Tactics to Install Sliver Red-Teaming Tool (lien direct) | A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. | Ransomware Tool Threat Guideline | ||
|
2021-10-21 17:33:24 | Gigabyte Allegedly Hit by AvosLocker Ransomware (lien direct) | If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds. | Ransomware Threat | ||
|
2021-09-15 13:06:52 | Attackers Impersonate DoT in Two-Day Phishing Scam (lien direct) | Threat actors dangled the lure of receiving funds from the $1 trillion infrastructure bill and created new domains mimicking the real federal site. | Threat | ||
|
2021-09-14 20:29:14 | Microsoft Patches Actively Exploited Windows Zero-Day Bug (lien direct) | On Patch Tuesday, Microsoft fixed 66 CVEs, including an RCE bug in MSHTML under active attack as threat actors passed around guides for the drop-dead simple exploit. | Threat | ||
|
2021-09-10 10:46:17 | Stolen Credentials Led to Data Theft at United Nations (lien direct) | Threat actors accessed the organization's proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks. | Threat | ||
|
2021-09-01 12:17:17 | Feds Warn of Ransomware Attacks Ahead of Labor Day (lien direct) | Threat actors recently have used long holiday weekends -- when many staff are taking time off -- as a prime opportunity to ambush organizations. | Ransomware Threat | ||
|
2021-08-31 10:42:18 | LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection (lien direct) | Researchers from Sophos discovered the emerging threat in July, which exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems. | Ransomware Threat | ||
|
2021-08-26 13:00:11 | Podcast: Ransomware Up x10: Disrupting Cybercrime Suppy Chains an Opportunity (lien direct) | Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2021. | Ransomware Threat | ||
|
2021-08-20 14:09:50 | Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits (lien direct) | Campaign emails company insiders and initially offers 1 million in Bitcoin if they install DemonWare on an organization's network. | Ransomware Threat | ||
|
2021-08-19 16:38:31 | COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate (lien direct) | COVID-19-related exploitation and abuse is on the rise as vaccine data opens new frontiers for threat actors. | Threat | ||
|
2021-08-13 18:56:27 | Exchange Servers Under Active Attack via ProxyShell Bugs (lien direct) | There's an entirely new attack surface in Exchange, a researcher revealed at Black Hat, and threat actors are now exploiting servers vulnerable to the RCE bugs. | Threat | ||
|
2021-08-13 13:31:51 | WordPress Sites Abused in Aggah Spear-Phishing Campaign (lien direct) | The Pakistan-linked threat group's campaign uses compromised WordPress sites to deliver the Warzone RAT to manufacturing companies in Taiwan and South Korea. | Threat | ||
|
2021-08-12 13:59:18 | QR Code Scammers Get Creative with Bitcoin ATMs (lien direct) | Threat actors are targeting everyone from job hunters to Bitcoin traders to college students wanting a break on their student loans, by exploiting the popular technology's trust relationship with users. | Threat | ||
|
2021-08-09 13:00:08 | Cutting Through the Noise from Daily Alerts (lien direct) | The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand the relevance and potential impact of a threat. Learn how Threat Intelligence management plays a role to help prioritize and act fast. | Threat | ||
|
2021-07-29 13:00:27 | Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them (lien direct) | Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them. | Threat | ||
|
2021-07-21 13:00:12 | Tracking Malware and Ransomware Domains in 2021 (lien direct) | Ransomware is the threat of 2021. It's impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, we'll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news. | Ransomware Malware Threat | ||
|
2021-07-20 12:39:47 | MosaicLoader Malware Delivers Facebook Stealers, RATs (lien direct) | The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. | Malware Threat | ||
|
2021-07-07 17:46:07 | MacOS Targeted in WildPressure APT Malware Campaign (lien direct) | Threat actors enlist compromised WordPress websites in campaign targeting macOS users. | Malware Threat | ||
|
2021-07-07 14:47:41 | Fake Kaseya VSA Security Update Drops Cobalt Strike (lien direct) | Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft update along with a SecurityUpdates.exe. | Threat | ||
|
2021-07-01 19:09:44 | Defeating Ransomware-as-a-Service? Think Intel-Sharing (lien direct) | Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, explains the rise of RaaS and the critical role of threat intel in effectively defending against it. | Threat | ||
|
2021-06-30 16:08:46 | Zero-Day Used to Wipe My Book Live Devices (lien direct) | Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability. | Threat | ||
|
2021-06-25 13:20:08 | Hackers Crack Pirated Games with Cryptojacking Malware (lien direct) | Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices. | Malware Threat | ||
|
2021-06-23 15:39:06 | Critical Palo Alto Cyber-Defense Bug Allows Remote \'War Room\' Access (lien direct) | Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses. | Threat | ||
|
2021-06-08 21:45:12 | Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits, 50 Flaws (lien direct) | Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack. | Malware Threat | ||
|
2021-06-03 12:00:56 | Then and Now: Securing Privileged Access Within Healthcare Orgs (lien direct) | Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape. | Threat | ||
|
2021-05-27 13:56:20 | Fujitsu SaaS Hack Sends Govt. of Japan Scrambling (lien direct) | Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities. | Hack Threat | ||
|
2021-05-26 12:01:14 | \'Privateer\' Threat Actors Emerge from Cybercrime Swamp (lien direct) | 'Privateers' aren't necessarily state-sponsored, but they have some form of government protection while promoting their own financially-motivated criminal agenda, according to Cisco Talos. | Threat | ||
|
2021-05-26 12:00:32 | A Peek Inside the Underground Ransomware Economy (lien direct) | Threat hunters weigh in on how the business of ransomware, the complex relationships between cybercriminals, and how they work together and hawk their wares on the Dark Web. | Ransomware Threat | ||
|
2021-05-25 16:41:28 | Trend Micro Bugs Threaten Home Network Security (lien direct) | The security vendor's network management and threat protection station can open the door to code execution, DoS and potential PC takeovers. | Threat | ||
|
2021-05-24 16:23:14 | FBI Analyst Indicted for Theft of Osama bin Laden Threat Intel (lien direct) | An FBI employee allegedly made off with top-secret documents, keeping them in her home for more than a decade. | Threat | ||
|
2021-05-21 18:25:13 | Building SIEM for Today\'s Threat Landscape (lien direct) | Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses the elements involved in creating a modern SIEM strategy for remote work and cloud-everything. | Threat | ||
|
2021-05-20 12:10:44 | Apple Exec Calls Level of Mac Malware \'Unacceptable\' (lien direct) | Company is using threat of attacks as defense in case brought against it by Epic Games after Fortnite was booted from the App Store for trying to circumvent developer fees. | Malware Threat | ★★★★ | |
|
2021-05-11 14:45:48 | DarkSide Wanted Money, Not Disruption from Colonial Pipeline Attack (lien direct) | Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors. | Ransomware Threat | ||
|
2021-05-10 17:37:44 | Lemon Duck Cryptojacking Botnet Changes Up Tactics (lien direct) | The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. | Threat | ||
|
2021-04-30 11:49:34 | Microsoft Warns 25 Critical Vulnerabilities in IoT, Industrial Devices (lien direct) | Azure Defender security team discovers that memory allocation is a systemic problem that can allow threat actors to execute malicious code remotely or cause entire systems to crash. | Threat | ||
|
2021-04-27 11:45:01 | Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses (lien direct) | A variant of Mac No. 1 threat Shlayer since January already has been exploiting the vulnerability, which allows payloads to go unchecked through key OS security features. | Threat | ||
|
2021-04-22 13:17:56 | Telegram Platform Abused in \'ToxicEye\' Malware Campaigns (lien direct) | Even if the app is not installed or in use, threat actors can use it to spread malware through email campaigns and take over victims' machines, new research has found. | Malware Threat | ||
|
2021-04-21 12:00:41 | Novel Email-Based Campaign Targets Bloomberg Clients with RATs (lien direct) | Attacks dubbed 'Fajan' by researchers are specifically targeted and appear to be testing various threat techniques to find ones with the greatest impact. | Threat | ||
|
2021-04-15 12:19:13 | Attackers Target ProxyLogon Exploit to Install Cryptojacker (lien direct) | Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. | Threat | ||
|
2021-03-23 16:39:43 | Podcast: Microsoft Exchange Server Attack Onslaught Continues (lien direct) | Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week. | Threat | ||
|
2021-03-18 19:42:21 | Trojanized Xcode Project Slips MacOS Malware to Apple Developers (lien direct) | In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects. | Malware Threat | ||
|
2021-03-18 14:53:23 | Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter (lien direct) | The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform. | Threat |
To see everything:
Our RSS (filtrered)
