What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-18 09:47:42 | CVE-2021-44731 Linux privilege escalation bug affects Canonical\'s Snap Package Manager (lien direct) | Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux […] | |||
|
2022-02-18 08:36:22 | Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug (lien direct) | Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe Commerce and Magento Open Source. Positive Technologies researchers have created a working PoC exploit for the recently patched CVE-2022-24086 vulnerability affecting its Commerce and Magento Open Source products. An attacker could use the exploit to achieve remote code execution from an unauthenticated user. This week, Adobe rolled […] | Vulnerability | ||
|
2022-02-17 23:06:16 | Threat actors leverage Microsoft Teams to spread malware (lien direct) | Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. While the popularity of Microsoft Teams continues to grow, with roughly 270 million monthly active users, threat actors started using it as an attack vector. Starting in January 2022, security researchers from Avanan observed attackers compromising […] | Malware Threat | ||
|
2022-02-17 15:49:36 | Specially crafted emails could crash Cisco ESA devices (lien direct) | Cisco warns of a DoS issue affecting its Email Security Appliance (ESA) product that could be exploited using specially crafted emails. Cisco ESA products are affected by a DoS vulnerability, tracked as CVE-2022-20653, that resides in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for ESA. A remote, unauthenticated attacker […] | |||
|
2022-02-17 14:52:57 | European Data Protection Supervisor call for bans on surveillance spyware like Pegasus (lien direct) | The European Data Protection Supervisor authority called for a ban on the development and the use of Pegasus-like commercial spyware. The European Data Protection Supervisor (EDPS) authority this week called for a ban on the development and the use of surveillance software like the Pegasus spyware in the EU. Pegasus is a surveillance malware developed by […] | Malware | ||
|
2022-02-17 11:01:21 | New Kraken botnet is allowing operators to earn USD 3,000 every month (lien direct) | Researchers spotted a new Golang-based botnet called Kraken that is under active development and supports a lot of backdoor capabilities. Kraken is a new Golang-based botnet discovered in late October 2021 by researchers from threat intelligence firm ZeroFox Intelligence. Experts pointed out that despite having the same name, this botnet should not be confused with the Kraken […] | Threat | ||
|
2022-02-17 08:18:25 | Nation-state actors hacked Red Cross exploiting a Zoho bug (lien direct) | The International Committee of the Red Cross (ICRC) said attackers that breached its network last month exploited a Zoho bug. The International Committee of the Red Cross (ICRC) revealed that the attack that breached its network in January was conducted by a nation-state actor that exploited a Zoho vulnerability. In January, a cyberattack on a […] | |||
|
2022-02-16 21:36:03 | Russia-linked threat actors breached US cleared defense contractors (CDCs) (lien direct) | Russia-linked threat actors have breached the network of U.S. cleared defense contractors (CDCs) since at least January 2020. According to a joint alert published by the FBI, NSA, and CISA, Russia-linked threat actors conducted a cyber espionage campaign aimed at US cleared defense contractors to steal sensitive info related to intelligence programs and capabilities. CDCs […] | Threat | ||
|
2022-02-16 19:29:18 | Trickbot targets customers of 60 High-Profile companies (lien direct) | TrickBot malware is targeting customers of 60 financial and technology companies with new anti-analysis features. The infamous TrickBot malware was employed in attacks against customers of 60 financial and technology companies with new anti-analysis features. The news wave of attacks aimed at cryptocurrency firms, most of them located in the U.S.. Trickbot is a sophisticated, […] | Malware | ||
|
2022-02-16 15:08:35 | Experts disclose details of Apache Cassandra DB RCE (lien direct) | Researchers disclose a now-patched remote code execution (RCE) vulnerability in the Apache Cassandra database software. JFrog researchers publicly disclosed details of a now-patched high-severity security vulnerability (CVE-2021-44521) in Apache Cassandra database software that could be exploited by remote attackers to achieve code execution on affected installations. Apache Cassandra is an open-source NoSQL distributed database used […] | Vulnerability | ||
|
2022-02-16 10:04:57 | CISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugs (lien direct) | The U.S. CISA added to the Known Exploited Vulnerabilities Catalog another 9 security flaws actively exploited in the wild. US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including two recently patched zero-day issues affecting Adobe Commerce/Magento Open Source and Google Chrome. CISA orders all Federal Civilian Executive […] | |||
|
2022-02-16 09:15:44 | VMware fixes flaws demonstrated at Chinese Tianfu Cup hacking contest (lien direct) | VMware addressed several high-severity flaws that were disclosed during China's Tianfu Cup hacking contest. VMware addressed several high-severity vulnerabilities that were demonstrated by Kunlun Lab team during China's Tianfu Cup 2021 hacking contest. The vulnerabilities impact VMware ESXi, Workstation, and Fusion. Below is the list published by the virtualization giant: CVE-2021-22040 – VMware ESXi, Workstation, and […] | |||
|
2022-02-15 22:46:56 | Ukraine: Military defense agencies and banks hit by cyberattacks (lien direct) | Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks. The Ministry of Defense and the Armed Forces of Ukraine and state-owned banks, Privatbank (Ukraine’s largest bank) and Oschadbank were hit by Distributed Denial-of-Service (DDoS) attacks. The website of the Ukrainian Ministry of Defense has been taken down by the wave of […] | |||
|
2022-02-15 20:30:43 | QNAP extends security Updates for some EOL devices (lien direct) | Taiwanese vendor QNAP extended the security update window for some devices that have reached end-of-life (EOL). Taiwanese vendor QNAP extended the security update for some devices that have reached end-of-life (EOL) years ago. The company decided to extend until October this year the security updates for some models that have reached EOL, the decision aims […] | |||
|
2022-02-15 16:32:33 | BlackCat gang claimed responsibility for Swissport ransomware attack (lien direct) | The BlackCat ransomware group (aka ALPHV), claimed responsibility for the attack on Swissport that interfered with its operations. The BlackCat ransomware group (aka ALPHV), has claimed responsibility for the cyberattack on Swissport that impacted its operations, causing flight delays. Swissport International Ltd. is an aviation services company providing airport ground,lounge hospitality and cargo handling services owned by an international group of investors. […] | Ransomware | ||
|
2022-02-15 10:19:57 | Google fixes a Chrome zero-day flaw actively exploited in attacks (lien direct) | Google fixed a high-severity zero-day flaw actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. Google fixed a high-severity zero-day flaw, tracked as CVE-2022-0609, actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. This is the first Chome zero-day fixed this year by Google. The zero-day […] | |||
|
2022-02-15 05:37:15 | Remote sex toys might spice up your love life – but crooks could also get a kick out of them (lien direct) | A CyberNews investigation has revealed that Lovense remote sex toy users might be at risk from threat actors, due to poor security features. Original post: https://cybernews.com/privacy/remote-sex-toys-might-spice-up-your-love-life-but-crooks-could-also-get-a-kick-out-of-them/ Lovense boasts that its teledildonic sex toys will spice up your sexual relationship. By using wireless remote control, you can customize vibrations and adjust them to your body, or […] | Threat | ||
|
2022-02-14 23:42:02 | SSU: Russia-linked actors are targeting Ukraine with \'massive wave of hybrid warfare\' (lien direct) | The Security Service of Ukraine (SSU) said the country is the target of an ongoing “wave of hybrid warfare.” The Security Service of Ukraine (SSU) today revealed the country is the target of an ongoing “wave of hybrid warfare” conducted by Russia-linked malicious actors. Threat actors aim at destabilizing the social contest in the country […] | Threat | ||
|
2022-02-14 21:11:03 | (Déjà vu) BlackByte ransomware breached at least 3 US critical infrastructure organizations (lien direct) | The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. The US Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory with the US Secret Services which revealed that the BlackByte ransomware group has breached at least three organizations from US critical […] | Ransomware | ||
|
2022-02-14 15:03:00 | European Central Bank tells banks to step up defences against nation-state attacks (lien direct) | The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine. The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine and is inviting them to step up defenses. The news was reported by Reuters, citing two unnamed sources. The […] | |||
|
2022-02-14 10:49:04 | Critical Magento zero-day flaw CVE-2022-24086 actively exploited (lien direct) | Adobe addressed a critical vulnerability (CVE-2022-24086) impacting Magento Open Source products that is being actively exploited in the wild. Adobe rolled out security updates to address a critical security vulnerability, tracked as CVE-2022-24086, affecting its Commerce and Magento Open Source products that is being actively exploited in the wild. “Adobe is aware that CVE-2022-24086 has […] | Vulnerability | ||
|
2022-02-14 09:01:23 | Alleged ransomware attack disrupted operations at Slovenia\'s Pop TV station (lien direct) | Last week, a cyberattack hit Pop TV, Slovenia's most popular TV channel, disrupting the operations. Last week, a cyber-attack has disrupted the operations of Pop TV, the Slovenian most popular TV channel. The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening […] | Ransomware | ||
|
2022-02-13 19:34:40 | Organizations paid at least $602 million to ransomware gangs in 2021 (lien direct) | Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. Last week, cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. According to a report published by the blockchain analysis firm […] | Ransomware Threat | ||
|
2022-02-13 14:01:55 | San Francisco 49ers NFL team discloses BlackByte ransomware attack (lien direct) | A ransomware attack hit the corporate IT network of the San Francisco 49ers NFL team, The Record reported. The San Francisco 49ers NFL team has fallen victim to a ransomware attack, the news was reported by The Record. The team disclosed the attack after that the BlackByte ransomware added the team to the list of […] | Ransomware | ||
|
2022-02-13 10:34:35 | Analyzing Phishing attacks that use malicious PDFs (lien direct) | Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks Every day everybody receives many phishing attacks with malicious docs or PDFs. I decided to take a look at one of these files. I did a static analysis and I went straight to the point to make this reading simple and […] | |||
|
2022-02-13 09:43:14 | Security Affairs newsletter Round 353 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of […] | |||
|
2022-02-12 23:32:12 | Organizations are addressing zero-day vulnerabilities more quickly, says Google (lien direct) | Organizations are addressing zero-day vulnerabilities more quickly, compared to last year, Google's Project Zero reported. According to Google's Project Zero researchers, organizations are addressing zero-day vulnerabilities more quickly, compared to last year. Software vendors took an average of 52 days to address vulnerabilities reported from Project Zero while 3 years ago the average was of […] | |||
|
2022-02-12 18:32:09 | CISA, FBI, NSA warn of the increased globalized threat of ransomware (lien direct) | CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. Cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Almost any sector was hit by sophisticated, high-impact ransomware attacks, including the Defense Industrial […] | Ransomware Threat | ||
|
2022-02-12 11:46:51 | (Déjà vu) Croatian phone carrier A1 Hrvatska discloses data breach (lien direct) | Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted roughly 200,000 customers. Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted 10% of its customers, roughly 200,000 people. Threat actors had access to sensitive personal information of the customers, including names, personal identification numbers, physical addresses, and […] | Data Breach Threat | ||
|
2022-02-11 23:08:42 | FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors (lien direct) | FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. FritzFrog is a sophisticated botnet that was involved in attacks against SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. […] | |||
|
2022-02-11 21:43:40 | (Déjà vu) CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog (lien direct) | The U.S. CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen more flaws to the Known Exploited Vulnerabilities Catalog. The 'Known Exploited Vulnerabilities Catalog' is a list of known vulnerabilities that threat actors have abused in attacks […] | Threat | ||
|
2022-02-11 13:15:24 | Apple addressed a third zero-day in 2022, which is actively exploited (lien direct) | Apple addressed a new WebKit zero-day affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild. Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22620, in the WebKit affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild. This is the third zero-day vulnerability fixed by the IT giant […] | Vulnerability | ||
|
2022-02-11 05:40:55 | Spanish police dismantled SIM swapping gang who stole money from victims\' bank accounts (lien direct) | Spanish National Police arrested eight alleged members of a crime ring specialized in SIM swapping attacks. Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Crooks conduct SIM swapping attacks to take control of victims' […] | |||
|
2022-02-10 15:19:33 | Threat actors compromised +500 Magento-based e-stores with e-skimmers (lien direct) | Experts uncovered a mass Magecart campaign that compromised over 500 e-store running the Magento 1 eCommerce platform. Researchers from cybersecurity firm Sansec uncovered a massive Magecart campaign that already compromised more than 500 online stores running the Magento 1 eCommerce platform. Threat actors behind this campaign deployed a digital skimmer that was being loaded from the naturalfreshmall(.)com domain. […] | Threat | ||
|
2022-02-10 13:50:17 | Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents (lien direct) | The Uptycs threat research team has been observing an increase in utilization of regsvr32.exe heavily via various types of Microsoft Office documents. The full report that includes Indicators of Compromise (IOCs) is available here: https://www.uptycs.com/blog/attackers-increasingly-adopting-regsvr32-utility-execution-via-office-documents During our analysis of these malware samples, we have identified that some of the malware samples belonged to Qbot and […] | Malware Threat | ★★★★★ | |
|
2022-02-10 12:11:18 | How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit? (lien direct) | IPv6 became imperative after developers discovered that IPv4 had a finite number and addresses. How does an IPv6 Proxy work? Technological advancements have come a long way – from when internet utility was very limited to when internet connection was achieved only through internet protocol (IP) version 4 (IPv4) addresses to this modern age where […] | |||
|
2022-02-10 11:55:48 | Spyware, ransomware and Nation-state hacking: Q&A from a recent interview (lien direct) | I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? What will cyber security look like now that those tools are all over the internet? In the last decade, we have observed a progressive weaponization […] | Ransomware | ||
|
2022-02-10 10:22:28 | Critical RCE flaws in PHP Everywhere WordPress plugin affect thousands of sites (lien direct) | WordPress plugin PHP Everywhere is affected by three critical issues that can be exploited to execute arbitrary code on affected systems. Wordfence experts found three critical remote code execution vulnerabilities in the PHP Everywhere WordPress plugin, all the issues have received a CVSS score of 9.9. The plugin that allows WordPress admins to insert PHP code […] | |||
|
2022-02-10 08:53:45 | US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns (lien direct) | The Federal Bureau of Investigation (FBI) warns of an escalation in SIM swap attacks that caused millions of losses. The Federal Bureau of Investigation (FBI) observed an escalation in SIM swap attacks aimed at stealing millions from the victims by hijacking their mobile phone numbers. The FBI reported that US citizens have lost more than […] | |||
|
2022-02-09 22:23:06 | CISA warns to address SAP ICMAD flaw immediately (lien direct) | The US CISA warns to address a severe security vulnerability dubbed ICMAD impacting SAP business apps using ICM.. Internet Communication Manager Advanced Desync (ICMAD) is a memory pipes (MPI) desynchronization vulnerability tracked as CVE-2022-22536. An unauthenticated remote attacker could exploit this issue by sending a simple HTTP request to a vulnerable instance and take over it. […] | Vulnerability | ||
|
2022-02-09 16:51:32 | (Déjà vu) Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online (lien direct) | The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums. The master decryption keys for the Maze, Egregor, and Sekhmet ransomware families were released on the BleepingComputer forums by the alleged malware developer. The Maze group was considered one of the most prominent ransomware operations […] | Ransomware Malware | ||
|
2022-02-09 14:50:47 | Microsoft February 2022 Patch Tuesday security updates fix a zero-day (lien direct) | Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products, including a zero-day bug. Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products including Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office […] | |||
|
2022-02-09 12:01:40 | (Déjà vu) Google February 2022 Android security updates fix remote escalation bug (lien direct) | Google February 2022 Android security updates address two critical flaws, including a remote escalation of privilege. Google has released the February 2022 Android security updates that address two critical vulnerabilities, one of them is a remote escalation of privilege that requires no user interaction for its exploitation. The vulnerability, tracked as CVE-2021-39675, only affects the System […] | |||
|
2022-02-09 09:16:36 | The Pirate Bay clones target millions of users with malware and malicious ads (lien direct) | CyberNews researchers discovered five clones of The Pirate Bay serving malicious ads to more than seven million users each month. Original Post @ https://cybernews.com/security/the-pirate-bay-clones-target-millions-of-users-with-malware-and-malicious-ads/ CyberNews security researchers discovered five malicious domains masquerading as alternatives to The Pirate Bay. These domains were serving malicious ads to more than seven million users each month. Malvertising, also known […] | Malware | ||
|
2022-02-08 22:30:26 | US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack (lien direct) | The law enforcement seized $3.6 billion worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. Law enforcement Ilya Lichtenstein (34) and his wife, Heather Morgan (31), were arrested for alleged conspiracy to launder $4.5 Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. Law enforcement also seized over $3.6 billion in cryptocurrency […] | Hack | ||
|
2022-02-08 17:40:06 | Vodafone Portugal hit by a massive cyberattack (lien direct) | A cyberattack hit Vodafone Portugal causing severe outages in the country of its communication and television services. Vodafone Portugal suffered a major cyberattack that caused service outages in the country, media reported the temporary disruption of 4G/5G communications and television services. “Vodafone was the target of a network disruption that began on the night of […] | |||
|
2022-02-08 14:40:04 | (Déjà vu) Data of +6K Puma employees stolen in December Kronos Ransomware attack (lien direct) | Data belonging to 6,632 Puma employees was stolen in a December 2021 ransomware attack that hit Ultimate Kronos Group (UKG). Data of 6,632 Puma employees was stolen in a ransomware attack that hit HR management platform Ultimate Kronos Group (UKG) in December. Potentially exposed data includes names, Social Security numbers, and other personal information. The […] | Ransomware | ||
|
2022-02-08 11:57:45 | Russian police arrested six people involved in the theft and selling of stolen credit cards (lien direct) | Russian police arrested six people individuals, allegedly members of a crime ring involved in the theft and selling of stolen credit cards. Another success of Russian police that arrested six people allegedly members of a crime gang involved in the theft and selling of stolen credit cards. The arrests were ordered by the Ministry of […] | |||
|
2022-02-08 08:35:39 | Roaming Mantis SMSishing campaign now targets Europe (lien direct) | The Roaming Mantis SMS phishing campaign is now targeting Android and iPhone users in Europe with malicious apps and phishing pages. Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. Roaming Mantis is a credential theft and malware campaign that leverages smishing to distribute malicious Android apps in the format of […] | Malware | ||
|
2022-02-07 19:13:06 | (Déjà vu) Avast released a free decryptor for TargetCompany ransomware (lien direct) | Cybersecurity firm Avast has released a decryption tool to allow victims of TargetCompany ransomware to recover their files for free. Czech cybersecurity software firm Avast has released a decryption tool that could allow victims of the TargetCompany ransomware to recover their files for free under certain circumstances. The experts warn that the decryptor consumes most of the […] | Tool |
To see everything:
Our RSS (filtrered)
