What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-24 22:09:04 | Experts explained how to hack a building controller widely adopted in Russia (lien direct) | A researcher discovered critical flaws that can be exploited by remote attackers to hack a building controller popular in Russia. A researcher has identified critical vulnerabilities that can allegedly be exploited to remotely hack a building controller predominantly used by organizations in Russia. Researcher Jose Bertin discovered critical flaws affecting a controller made by Russian […] | Hack | ||
|
2022-03-24 15:22:53 | Anonymous targets western companies still active in Russia, including Auchan, Leroy Merlin e Decathlon (lien direct) | Anonymous launches its offensive against Wester companies still operating in Russia, it ‘DDoSed’ Auchan, Leroy Merlin e Decathlon websites. Since the start of the Russian invasion of Ukraine on February 24, Anonymous has declared war on Russia and launched multiple cyber-attacks against Russian entities, including Russian government sites, state-run media websites, and energy firms. Anonymous recently declared war on all companies that […] | |||
|
2022-03-24 09:49:13 | Anonymous claims to have hacked the Central Bank of Russia (lien direct) | The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. The popular hacker collective claims to have compromised the systems of the Central Bank of […] | |||
|
2022-03-24 06:34:03 | Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying (lien direct) | The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted. This week Lapsus$ extortion group claimed to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots […] | Data Breach Hack | ||
|
2022-03-23 21:43:36 | Ukrainian enterprises hit with the DoubleZero wiper (lien direct) | Ukraine CERT-UA warns of cyberattack aimed at Ukrainian enterprises using the a wiper dubbed DoubleZero. Ukraine CERT-UA continues to observe malware based attacks aimed at Ukrainian organizations, in a recent alert it warned of attacks employing a wiper dubbed DoubleZero. The government CERT started observing this campaign on March 17, 2022, threat actors launched spear-phishing […] | Malware Threat | ||
|
2022-03-23 15:19:59 | FBI warns of growing risks of Russia-linked attacks on US energy firms (lien direct) | The FBI is warning of risks related to cyber attacks aimed at energy companies of Russia-linked threat actors. The FBI is warning energy companies of the risks of cyber attacks carried out by Russia-linked threat actors, reported The Associated Press. The Associated Press has access to a security advisory issued by the FBI that reports […] | Threat | ||
|
2022-03-23 12:50:03 | China-linked GIMMICK implant now targets macOS (lien direct) | Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked […] | Malware | ||
|
2022-03-23 10:48:49 | It\'s official, Lapsus$ gang compromised a Microsoft employee\'s account (lien direct) | Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Yesterday the cybercrime gang leaked 37GB of source code stolen from […] | |||
|
2022-03-22 23:03:09 | Anonymous hacked Nestlè and leaked 10 GB of sensitive (lien direct) | The popular Anonymous hacktivist collective announced to have hacked Nestlè and leaked 10 GB of sensitive data because the food and beverage giant continued to operate in Russia. The popular Anonymous hacktivist collective recently declared war on all companies that decided to continue to operate in Russia by paying taxes to the Russian government. Nestlè […] | |||
|
2022-03-22 21:01:56 | A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices  (lien direct) | Internet search engine Censys reported a new wave of DeadBolt ransomware attacks targeting QNAP NAS devices. Internet search engine Censys reported that QNAP devices were targeted in a new wave of DeadBolt ransomware attacks. Since January, DeadBolt ransomware operators are targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that […] | Ransomware | ||
|
2022-03-22 16:04:19 | Three critical RCE flaws affect hundreds of HP printer models (lien direct) | Three critical RCE flaws affect hundreds of HP LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. HP issued a security bulletin warning of a buffer overflow vulnerability, tracked as CVE-2022-3942 (CVSS score 8.4), that could lead to remote code execution on vulnerable devices. “Certain HP Print products and Digital Sending products may […] | Guideline | ||
|
2022-03-22 14:31:17 | Lapsus$ extortion gang claims to have stolen sensitive data from Okta (lien direct) | The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […] | Hack Threat | ||
|
2022-03-22 09:56:53 | Lapsus$ extortion gang leaked the source code for some Microsoft projects (lien direct) | The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft's Azure DevOps […] | |||
|
2022-03-22 05:36:02 | Serpent backdoor targets French entities with high-evasive attack chain (lien direct) | A new email campaign aimed at French entities leverages the Chocolatey Windows package manager to deliver the Serpent backdoor. Proofpoint researchers uncovered a targeted attack leveraging an open-source package installer Chocolatey to deliver a backdoor tracked as Serpent. The campaign targeted French entities in the construction, real estate, and government industries. Experts believe the attacks were […] | |||
|
2022-03-22 00:11:05 | Russia-linked InvisiMole APT targets state organizations of Ukraine (lien direct) | Ukraine CERT (CERT-UA) warns of spear-phishing attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine. The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. The messages use an archive named “501_25_103.zip”, which contains a shortcut file. Upon opening […] | |||
|
2022-03-21 21:21:34 | Lapsus$ gang claims to have hacked Microsoft source code repositories (lien direct) | Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Over the last months, the gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado […] | |||
|
2022-03-21 14:40:19 | Italy\'s data privacy watchdog investigates how Kaspersky manages Italian users\' data (lien direct) | Italy’s data privacy watchdog launched an investigation into the “potential risks” associated with the use of Russian antivirus software Kaspersky. Italy’s data privacy watchdog has launched an investigation into potential risks associated with the use of the Kaspersky antivirus. The Italian authority aims at verifying how the Russian company processes the data of Italian users […] | |||
|
2022-03-21 13:03:34 | Hacker leaked a new version of Conti ransomware source code on Twitter (lien direct) | A Ukrainian security researcher has leaked more source code from the Conti ransomware operation to protest the gang’s position on the conflict. Hacker leaked a new version of the Conti ransomware source code on Twitter as retaliation of the gang’s support to Russia The attack against the Conti ransomware and the data leak is retaliation […] | Ransomware | ||
|
2022-03-21 08:03:15 | DirtyMoe modules expand the bot using worm-like techniques (lien direct) | The DirtyMoe botnet continues to evolve and now includes a module that implements wormable propagation capabilities. In June 2021, researchers from Avast warned of the rapid growth of the DirtyMoe botnet (PurpleFox, Perkiler, and NuggetPhantom), which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a […] | |||
|
2022-03-20 15:47:09 | Anonymous leaked data stolen from Russian pipeline company Transneft (lien direct) | Anonymous hacked Omega Company, the in-house R&D unit of Transneft, the Russian oil pipeline giant, and leaked stolen data. Anonymous collective claims it has hacked Omega Company, which is the in-house R&D unit of Transneft, the Russia-based state-controlled oil pipeline company. Transneft is the largest oil pipeline company in the world, the hacktivists have stolen […] | |||
|
2022-03-20 14:26:44 | Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict (lien direct) | This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 – China-linked threat actors are targeting the government of Ukraine Google's TAG team revealed that China-linked APT groups are targeting Ukraine […] | Threat | ||
|
2022-03-20 13:48:25 | Security Affairs newsletter Round 358 by Pierluigi Paganini (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware […] | Ransomware | ||
|
2022-03-20 10:27:35 | EU and US agencies warn that Russia could attack satellite communications networks (lien direct) | FBI, CISA, and the European Union Aviation Safety Agency (EASA) warn of possible threats to international satellite communication (SATCOM) networks. Satellite communication (SATCOM) networks are critical infrastructure for modern society, US and EU agencies warn of possible threats to them. Victor Zhora, Chief Digital Transformation Officer at the State Service of Special Communication and Information […] | |||
|
2022-03-19 17:03:21 | Avoslocker ransomware gang targets US critical infrastructure (lien direct) | The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. The advisory was published in coordination with the US Treasury Department and the Financial Crimes Enforcement Network […] | Ransomware | ||
|
2022-03-19 16:10:54 | Crooks claims to have stolen 4TB of data from TransUnion South Africa (lien direct) | TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release stolen data. TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom payment not to release stolen […] | Threat | ||
|
2022-03-19 13:15:26 | Exotic Lily initial access broker works with Conti gang (lien direct) | Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation. Initial access brokers play an essential role in the cybercrime ecosystem, they provide access to previously […] | Ransomware Threat | ||
|
2022-03-19 10:51:07 | Emsisoft releases free decryptor for the victims of the Diavol ransomware (lien direct) | Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft has released a free decryption tool to help Diavol ransomware victims recover their files without paying a ransom. In January, the FBI officially linked the Diavol ransomware operation to the infamous TrickBot […] | Ransomware Tool | ||
|
2022-03-18 21:12:47 | China-linked threat actors are targeting the government of Ukraine (lien direct) | Google’s TAG team revealed that China-linked APT groups are targeting Ukraine 's government for intelligence purposes. Google’s Threat Analysis Group (TAG) researchers uncovered cyberespionage operations conducted by the Chinese People’s Liberation Army (PLA) and other China-linked APT groups and that targeted Ukraine ‘s government to gather info on the ongoing conflict. Below is the tweet […] | Threat | ||
|
2022-03-18 15:41:34 | Caketap, a new Unix rootkit used to siphon ATM banking data (lien direct) | Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945). The China-linked hacking group has been active since at least 2016, according […] | |||
|
2022-03-18 14:38:12 | Red TIM Research (RTR) team discovers a bug on Ericsson Network Manager (lien direct) | TIM Red Team Research (RTR) researchers discovered a new flaw on Ericsson Network Manager, aka Ericsson flagship network product. TIM Red Team Research (RTR) team discovered a new vulnerability affecting Ericsson Network Manager, which is known as Ericsson flagship network product. Ericsson Network Manager and network OSS As mentioned, we're talking about an Ericsson flagship […] | Vulnerability | ||
|
2022-03-18 12:43:23 | Russia-linked Cyclops Blink botnet targeting ASUS routers (lien direct) | The recently discovered Cyclops Blink botnet, which is believed to be a replacement for the VPNFilter botnet, is now targeting the ASUS routers. The recently discovered Cyclops Blink botnet is now targeting the ASUS routers, reports Trend Micro researchers. The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other […] | Malware | VPNFilter | |
|
2022-03-18 06:32:57 | (Déjà vu) Microsoft releases open-source tool for checking MikroTik Routers compromise (lien direct) | Microsoft released an open-source tool to secure MikroTik routers and check for indicators of compromise for Trickbot malware infections. Microsoft has released an open-source tool, dubbed RouterOS Scanner, that can be used to secure MikroTik routers and check for indicators of compromise associated with Trickbot malware infections. “This analysis has enabled us to develop a […] | Malware Tool | ||
|
2022-03-18 00:16:37 | node-ipc NPM Package sabotage to protest Ukraine invasion (lien direct) | The developer behind the popular “node-ipc” NPM package uploaded a destructive version to protest Russia’s invasion of Ukraine. RIAEvangelist, the developer behind the popular “node-ipc” NPM package, shipped a new version that wipes Russia, Belarus systems to protest Russia’s invasion of Ukraine. The Node-ipc node module allows local and remote inter-process communication with support for Linux, […] | |||
|
2022-03-17 16:50:47 | Anonymous continues to support Ukraine against the Russia (lien direct) | The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days. Yesterday Anonymous announced the hack of the website of […] | Hack | ||
|
2022-03-17 12:50:02 | Ukraine SBU arrested a hacker who supported Russia during the invasion (lien direct) | The Security Service of Ukraine (SBU) announced the arrest of a “hacker” who helped Russian Army during the invasion. The Security Service of Ukraine (SBU) announced to have arrested a hacker who provided technical support to Russian troops during the invasion, the man provided mobile communication services inside the Ukrainian territory. The man has broadcasted […] | |||
|
2022-03-17 11:16:02 | B1txor20 Linux botnet use DNS Tunnel and Log4J exploit (lien direct) | Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured […] | Malware Vulnerability | ||
|
2022-03-16 22:44:40 | Russia\'s disinformation uses deepfake video of Zelenskyy telling people to lay down arms (lien direct) | Russian disinformation continues, this time it used a deepfake video of Zelenskyy inviting Ukrainians to ‘lay down arms.’ A deepfake video of the Ukrainian president Volodymyr Zelenskyy telling its citizens to lay down arms is the last example of disinformation conducted by Russia-linked threat actors. The fake video shows President Zelenskyy saying ‘It turned out […] | Threat | ||
|
2022-03-16 21:33:24 | (Déjà vu) CISA adds 15 new flaws to the Known Exploited Vulnerabilities Catalog (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the […] | |||
|
2022-03-16 13:28:18 | Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud (lien direct) | FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the organization’s Duo MFA. The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) warned that Russia-linked threat actors have gained access to a non-governmental organization (NGO) cloud by exploiting misconfigured default multifactor […] | Threat | ||
|
2022-03-16 07:21:15 | Hacker breaches key Russian ministry in blink of an eye (lien direct) | In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Original post at https://cybernews.com/cyber-war/hacker-breaches-key-russian-ministry-in-blink-of-an-eye/ Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. However, his experiment is a […] | |||
|
2022-03-15 22:40:26 | CVE-2022-0778 DoS flaw in OpenSSL was fixed (lien direct) | OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researchers Tavis Ormandy. An attacker can trigger the vulnerability by crafting […] | Vulnerability | ||
|
2022-03-15 16:06:53 | Critical flaws affect Veeam Data Backup software (lien direct) | Veeam addressed two critical vulnerabilities impacting the Backup & Replication product for virtual environments. Veeam has released security patches to fix two critical vulnerabilities, tracked as CVE-2022-26500 and CVE-2022-26501 (CVSS score of 9.8), impacting the Backup & Replication solution for virtual environments. The solution implements data backup and restore capabilities for virtual machines running on […] | |||
|
2022-03-15 12:37:17 | The German BSI agency recommends replacing Kaspersky antivirus software (lien direct) | German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. The Agency warns the cybersecurity firm could be implicated in hacking attacks during the ongoing Russian invasion of Ukraine. According […] | |||
|
2022-03-15 11:32:01 | Dirty Pipe Linux flaw impacts most QNAP NAS devices (lien direct) | Taiwanese vendor QNAP warns most of its NAS devices are impacted by high severity Linux vulnerability dubbed ‘Dirty Pipe.’ Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by the recently discovered Linux vulnerability ‘Dirty Pipe.’ An attacker with local access can exploit the high-severity vulnerability Dirty Pipe to […] | Vulnerability | ||
|
2022-03-15 05:33:53 | CaddyWiper, a new data wiper hits Ukraine (lien direct) | Experts discovered a new wiper, tracked as CaddyWiper, that was employed in attacks targeting Ukrainian organizations. Experts at ESET Research Labs discovered a new data wiper, dubbed CaddyWiper, that was employed in attacks targeting Ukrainian organizations. The security firm has announced the discovery of the malware with a series of tweets: “This new malware erases […] | Malware | ||
|
2022-03-14 21:51:17 | A massive DDoS attack hit Israel, government sites went offline (lien direct) | Many Israel government websites were offline after a cyberattack, defense sources claim that this is the largest-ever attack that hit the country. Israeli media reported that a massive DDoS attack has taken down many Israel government websites. The Jerusalem Post attributed the attack to an allegedly Iran-linked threat actor that claimed responsibility for the attack. Multiple […] | Threat | ||
|
2022-03-14 14:48:11 | Ukraine is using Clearview AI\'s facial recognition during the conflict (lien direct) | Ukraine’s defense ministry began using Clearview AI's facial recognition technology to uncover Russian assailants, combat misinformation and identify the dead. Ukraine’s defense ministry announced it will use the AI's facial recognition technology offered by Clearview. Clearview’s chief executive Hoan Ton-That confirmed the news to Reuters, the technology will allow the Ukrainian military to uncover Russian […] | |||
|
2022-03-14 12:51:03 | Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft (lien direct) | Anonymous claims to have hacked the systems of the German subsidiary of Russian energy giant Rosneft and stole 20TB of data. The Anonymous hacker collective claimed to have hacked the German branch of the Russian energy giant Rosneft. In hacktivists announced to have stolen 20 terabytes of data from the company. According to the German […] | |||
|
2022-03-14 10:04:11 | Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats (lien direct) | Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats Introduction A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no significant differences and sophistication in contrast to other well-known trojans such as Maxtrilha, URSA, and Javali, an analysis […] | |||
|
2022-03-14 08:09:12 | Russia-Ukraine cyber conflict poses critical infrastructure at risk (lien direct) | While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk. Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk. Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial […] | Threat |
To see everything:
Our RSS (filtrered)
