What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-02 15:20:33 | Cuba Ransomware received over $60M in Ransom payments as of August 2022 (lien direct) | >Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius) have demanded over 145 million U.S. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide […] | ★★ | ||
|
2022-12-02 11:04:39 | Android Keyboard Apps with 2 Million downloads can remotely hack your device (lien direct) | >Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn of three Android keyboard apps with cumulatively two million installs that are affected by multiple flaws (CVE-2022-45477, CVE-2022-45478, CVE-2022-45479, CVE-2022-45480, CVE-2022-45481, CVE-2022-45482, CVE-2022-45483) that can be […] | Hack | ★★★ | |
|
2022-12-01 22:39:51 | New Go-based Redigo malware targets Redis servers (lien direct) | >Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. Threat actors are exploiting a critical vulnerability, tracked as CVE-2022-0543, in Redis (Remote Dictionary Server) servers. Redis (remote dictionary server) […] | Malware Threat | ★★★ | |
|
2022-12-01 12:38:04 | 3 of the Worst Data Breaches in the World That Could Have Been Prevented (lien direct) | >Data breaches can be devastating for organizations, these are 3 of the worst incidents that could have been prevented Data breaches can be devastating for organizations and even entire countries. Eliminating the risk of a data breach is nearly impossible, but some things can be done to reduce it significantly. Here are three of the […] | Data Breach | ★★★ | |
|
2022-12-01 11:02:51 | North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea (lien direct) | >North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and Group123) in attacks aimed at targets in South Korea. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers […] | Cloud | APT 37 | ★★ |
|
2022-12-01 07:33:53 | Lastpass discloses the second security breach this year (lien direct) | >LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new security breach, the attackers had access to a third-party cloud storage service using information stolen in the August 2022 breach. The impacted cloud storage service is […] | Threat | LastPass | ★★★★ |
|
2022-11-30 21:35:49 | Google links three exploitation frameworks to Spanish commercial spyware vendor Variston (lien direct) | >Google's Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. Officially, Variston claims to provide custom security solutions and custom patches for embedded system. The […] | Threat | ★★ | |
|
2022-11-30 11:59:44 | China-linked UNC4191 APT relies on USB Devices in attacks against entities in the Philippines (lien direct) | >An alleged China-linked cyberespionage group, tracked as UNC4191, used USB devices in attacks aimed at Philippines entities. Mandiant researchers spotted an alleged China-linked cyberespionage group, tracked as UNC4191, leveraging USB devices as attack vectors in campaigns aimed at Philippines entities. This campaign has been active dates as far back as September 2021 and targeted public […] | ★★★ | ||
|
2022-11-30 09:06:54 | ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year (lien direct) | >CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar, or Sandisk USB key or any other storage device, it comes with an encryption solution to keep your data safe. The software is developed by a […] | ★★ | ||
|
2022-11-29 22:22:23 | (Déjà vu) Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access (lien direct) | >Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical flaw, tracked as CVE-2022-40684, in Fortinet products. In early October, Fortinet addressed the critical authentication bypass flaw, […] | ★★★ | ||
|
2022-11-29 16:31:33 | CISA adds Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities Catalog (lien direct) | >CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) a critical vulnerability impacting Oracle Fusion Middleware, tracked as CVE-2021-35587 (CVSS 3.1 Base Score 9.8), to its Known Exploited Vulnerabilities Catalog. An unauthenticated attacker with network access via HTTP can exploit […] | Vulnerability | ★★★ | |
|
2022-11-29 10:04:43 | Tips for Gamifying Your Cybersecurity Awareness Training Program (lien direct) | >In today's technological world, educating people about cybersecurity awareness is an absolute necessity. According to one report, 82% of data breaches involved the human element, from social attacks to misuse of technologies. These errors are not always entirely preventable, as some level of human error is inevitable, but proper training in cybersecurity awareness can greatly […] | ★★★ | ||
|
2022-11-29 07:32:22 | Irish data protection commission fines Meta over 2021 data-scraping leak (lien direct) | >Irish data protection commission (DPC) fined Meta for not protecting Facebook’s users’ data from scraping. Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook in 2021 that exposed the data belonging to millions of Facebook users. The Data Protection Commission is also imposing […] | Legislation | ★★★★ | |
|
2022-11-28 20:08:00 | A flaw in some Acer laptops can be used to bypass security features (lien direct) | >ESET announced the discovery of a vulnerability impacting Acer laptops that can allow an attacker to deactivate UEFI Secure Boot. ESET researchers announced in a series of tweets the discovery of a vulnerability impacting Acer laptops, the issue can allow an attacker to deactivate UEFI Secure Boot. The experts explained that the flaw, tracked as […] | Vulnerability | ★★★ | |
|
2022-11-28 15:04:34 | Experts found a vulnerability in AWS AppSync (lien direct) | >Amazon Web Services (AWS) fixed a cross-tenant vulnerability that could have allowed attackers to gain unauthorized access to resources. Amazon Web Services (AWS) has addressed a cross-tenant confused deputy problem in its platform that could have allowed threat actors to gain unauthorized access to resources. The problem was reported to the company by researchers from […] | Vulnerability Threat | ★★ | |
|
2022-11-28 08:25:04 | RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia (lien direct) | >Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. The security firm first detected the attacks on November 21 and immediately alerted the CERT US. The ransomware is written in […] | Ransomware | ★★ | |
|
2022-11-27 12:16:06 | (Déjà vu) US FCC bans the import of electronic equipment from Chinese firms (lien direct) | >The U.S. Federal Communications Commission announced it will completely ban the import of electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua. The U.S. Federal Communications Commission (FCC) announced the total ban for telecom and surveillance equipment from Chinese companies Huawei, ZTE, Hytera, Hikvision, and Dahua due to an “unacceptable” national security threat. The US […] | ★★★★★ | ||
|
2022-11-26 21:11:03 | Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches (lien direct) | >The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than five million users. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […] | Data Breach Vulnerability Threat | ★★ | |
|
2022-11-26 00:35:53 | Devices from Dell, HP, and Lenovo used outdated OpenSSL versions (lien direct) | >Researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. Binarly researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. The OpenSSL software library allows secure communications over computer networks against eavesdropping or need to identify the party at the other end. […] | Threat | ★★★★★ | |
|
2022-11-25 13:50:56 | Google fixed the eighth actively exploited #Chrome #zeroday this year (lien direct) | >Google on Thursday released security updates to address a new zero-day vulnerability, tracked as CVE-2022-4135, impacting the Chrome web browser. Google rolled out an emergency security update for the desktop version of the Chrome web browser to address a new zero-day vulnerability, tracked as CVE-2022-4135, that is actively exploited. The CVE-2022-4135 vulnerability is a heap […] | Vulnerability | ||
|
2022-11-25 12:20:08 | Experts investigate WhatsApp data leak: 500M user records for sale (lien direct) | >Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original post published by Cybernews: https://cybernews.com/news/whatsapp-data-leak/ On November 16, an actor posted an ad on a well-known hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers. The dataset […] | ★★★ | ||
|
2022-11-25 10:27:00 | An international police operation dismantled the spoofing service iSpoof (lien direct) | >An international law enforcement operation has dismantled an online phone number spoofing service called iSpoof. An international law enforcement operation that was conducted by authorities in Europe, Australia, the United States, Ukraine, and Canada, with the support of Europol, has dismantled online phone number spoofing service called iSpoof. The iSpoof service allowed fraudsters to impersonate trusted corporations […] | ★★ | ||
|
2022-11-25 06:35:47 | UK urges to disconnect Chinese security cameras in government buildings (lien direct) | >The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive buildings due to security risks. The Government has ordered departments to disconnect the camera from core networks and to consider removing […] | Threat | ★★★★ | |
|
2022-11-24 21:19:37 | RansomExx Ransomware upgrades to Rust programming language (lien direct) | >RansomExx ransomware is the last ransomware in order of time to have a version totally written in the Rust programming language. The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language. The move follows the […] | Ransomware | ||
|
2022-11-24 09:59:26 | An aggressive malware campaign targets US-based companies with Qakbot to deliver Black Basta Ransomware (lien direct) | >Researchers warn of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. Experts at the Cybereason Global SOC (GSOC) team have observed a surge in Qakbot infections as part of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. In the last two […] | Ransomware Malware Guideline | ||
|
2022-11-24 08:46:59 | Threat actors exploit discontinues Boa web servers to target critical infrastructure (lien direct) | >Microsoft reported that hackers have exploited flaws in a now-discontinued web server called Boa in attacks against critical industries. Microsoft experts believe that threat actors behind a malicious campaign aimed at Indian critical infrastructure earlier this year have exploited security flaws in a now-discontinued web server called Boa. The Boa web server is widely used across a […] | Threat | ||
|
2022-11-23 21:20:11 | Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site (lien direct) | >Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website. “KILLNET officially recognises the European Parliament as sponsors of homosexualism,” states the group. The attack was launched immediately […] | Threat | ★★★ | |
|
2022-11-23 18:53:23 | Ducktail information stealer continues to evolve (lien direct) | >The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn. In late July 2022, researchers from WithSecure (formerly F-Secure Business) discovered an ongoing operation, named DUCKTAIL, that was targeting individuals and organizations that operate on Facebook's Business and Ads platform. Experts attribute the campaign to a Vietnamese financially motivated […] | Malware | ★★ | |
|
2022-11-23 13:58:24 | Experts claim that iPhone\'s analytics data is not anonymous (lien direct) | Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users. Researchers at software company Mysk discovered that analytics data collected by iPhone include the Directory Services Identifier (DSID), which could allow identifying users. Apple collects both DSID and Apple ID, which means that it can use the […] | ★★★★★ | ||
|
2022-11-23 10:28:38 | Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966 (lien direct) | >Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems. Microsoft Patch Tuesday security updates for November 2022 addressed a privilege escalation vulnerability, tracked as CVE-2022-37966, […] | ★★ | ||
|
2022-11-23 08:15:59 | Exclusive – Quantum Locker lands in the Cloud (lien direct) | >The gang behind Quantum Locker used a particular modus operandi to target large enterprises relying on cloud services in the NACE region. Executive Summary Incident Insights During the latest weeks, the Belgian company Computerland shared insights with the European threat intelligence community about Quantum TTPs adopted in recent attacks. The shared information revealed Quantum gang […] | Threat | ★★ | |
|
2022-11-22 23:17:10 | 5 API Vulnerabilities That Get Exploited by Criminals (lien direct) | >Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It's no secret that cyber security has become a leading priority for most organizations - especially those in industries that handle sensitive customer information. And as these businesses work towards building robust […] | Guideline | ★★★ | |
|
2022-11-22 19:04:22 | Researcher warns that Cisco Secure Email Gateways can easily be circumvented (lien direct) | >A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. An anonymous researcher publicly disclosed a series of techniques to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. The researcher pointed out […] | Malware | ★★★ | |
|
2022-11-22 15:20:06 | Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem (lien direct) | >Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing […] | Malware Threat | ★★★★ | |
|
2022-11-22 10:56:32 | Two Estonian citizens arrested in $575M cryptocurrency fraud scheme (lien direct) | >Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were arrested in Tallinn, Estonia, after being indicted in the US for running a fraudulent cryptocurrency Ponzi scheme that caused more than $575 million in losses. According to the indictment, Sergei Potapenko and Ivan Turõgin, both […] | ★★★★ | ||
|
2022-11-22 08:39:56 | Emotet is back and delivers payloads like IcedID and Bumblebee (lien direct) | >The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. The Emotet banking trojan has been active at least since 2014, the botnet is […] | Malware | ★★★ | |
|
2022-11-21 21:19:22 | Expert published PoC exploit code for macOS sandbox escape flaw (lien direct) | >A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła (@_r3ggi) of SecuRing published technical details and proof-of-concept (PoC) code for a macOS sandbox escape vulnerability tracked as CVE-2022-26696 (CVSS score of 7.8). In a wrap-up published by Regula, the researcher observed that the problem is caused […] | Vulnerability | ||
|
2022-11-21 14:33:21 | Google won a lawsuit against the Glupteba botnet operators (lien direct) | >Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. This week, Google announced it has won a nearly year-long legal battle against the Glupteba botnet. Glupteba is a highly sophisticated botnet composed of millions of compromised Windows devices. Unlike other botnets, Gluteba leverages cryptocurrency blockchains as a command-and-control mechanism […] | |||
|
2022-11-21 11:41:21 | Google provides rules to detect tens of cracked versions of Cobalt Strike (lien direct) | >Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine. The Beacon includes a wealth of functionality for the attacker, including, but not limited to […] | Tool | ||
|
2022-11-21 08:31:12 | Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild (lien direct) | >Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence firm Cyble announced the discovery of three new ransomware families named AXLocker, Octocrypt, and Alice Ransomware. The AXLocker ransomware encrypts victims’ files and steals Discord tokens from the infected machine. The analysis of the code […] | Ransomware Threat | ||
|
2022-11-20 19:39:40 | PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online (lien direct) | >Proof-of-concept exploit code for two actively exploited Microsoft Exchange ProxyNotShell flaws released online. Proof-of-concept exploit code has been released online for two actively exploited vulnerabilities in Microsoft Exchange, known as ProxyNotShell. The two flaws are: they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell […] | Ransomware | ★★★★ | |
|
2022-11-19 19:27:12 | DEV-0569 group uses Google Ads to distribute Royal Ransomware (lien direct) | >Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware. Researchers from the Microsoft Security Threat Intelligence team warned that a threat actor, tracked as DEV-0569, is using Google Ads to distribute various payloads, including the recently discovered Royal ransomware. The DEV-0569 group carries out […] | Ransomware Threat | ||
|
2022-11-19 15:56:56 | Black Friday and Cyber Monday, crooks are already at work (lien direct) | >Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema. Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday. The experts noticed that between October 26 and November 6, the rate of unsolicited […] | Threat | ★★★★ | |
|
2022-11-19 09:22:01 | New improved versions of LodaRAT spotted in the wild (lien direct) | >Cisco Talos spotted multiple updated versions of LodaRAT that were deployed alongside other malware families, including RedLine and Neshta. Researchers from Cisco Talos have monitored the LodaRAT malware over the course of 2022 and recently discovered multiple updated versions that have been deployed alongside other malware families, including RedLine and Neshta. The versions include new […] | Malware | ||
|
2022-11-18 21:35:51 | Atlassian fixed 2 critical flaws in Crowd and Bitbucket products (lien direct) | >Atlassian addressed this week two critical vulnerabilities impacting its Crowd and Bitbucket products. Atlassian announced the release of security updates to address critical-severity vulnerabilities in its identity management platform, Crowd Server and Data Center, and in the Bitbucket Server and Data Center, a self-managed solution that provides source code collaboration for professional teams. The vulnerability in […] | Vulnerability | ||
|
2022-11-18 11:30:22 | Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies (lien direct) | >Hive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022. The threat actors behind the Hive ransomware-as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. cybersecurity and intelligence authorities. “As of November 2022, […] | Ransomware Threat | ||
|
2022-11-18 08:24:14 | Ongoing supply chain attack targets Python developers with WASP Stealer (lien direct) | >A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer. Checkmarx researchers uncovered an ongoing supply chain attack conducted by a threat actor they tracked as WASP that is targeting Python developers. The attackers are using Python packages to distribute a polymorphic malware called W4SP […] | Malware Threat | ||
|
2022-11-18 06:19:04 | China-based Fangxiao group behind a long-running phishing campaign (lien direct) | >A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. The sophisticated phishing campaign exploits the reputation of international brands and targets businesses in multiple industries, including […] | |||
|
2022-11-17 22:25:09 | Two public schools in Michigan hit by a ransomware attack (lien direct) | >Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. The public schools started experiencing a systems outage affecting critical operating […] | Ransomware | ||
|
2022-11-17 16:32:32 | Magento and Adobe Commerce websites under attack (lien direct) | >Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands […] | Vulnerability |
To see everything:
Our RSS (filtrered)
