What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-24 09:59:26 | An aggressive malware campaign targets US-based companies with Qakbot to deliver Black Basta Ransomware (lien direct) | >Researchers warn of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. Experts at the Cybereason Global SOC (GSOC) team have observed a surge in Qakbot infections as part of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. In the last two […] | Ransomware Malware Guideline | ||
|
2022-11-22 23:17:10 | 5 API Vulnerabilities That Get Exploited by Criminals (lien direct) | >Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It's no secret that cyber security has become a leading priority for most organizations - especially those in industries that handle sensitive customer information. And as these businesses work towards building robust […] | Guideline | ★★★ | |
|
2022-11-17 10:21:02 | Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police (lien direct) | >A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. “Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal […] | Guideline | ||
|
2022-11-15 10:16:53 | Google to Pay a record $391M fine for misleading users about the collection of location data (lien direct) | >Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location data. Google has agreed to pay $391.5 million to settle with 40 US states for misleading users about the collection of personal location data. The settlement is the largest attorney general-led consumer privacy settlement ever, […] | Guideline | ||
|
2022-11-15 08:46:34 | Previously undetected Earth Longzhi APT group is a subgroup of APT41 (lien direct) | >Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this year, Trend Micro investigated a security breach suffered by a company in Taiwan. Threat actors employed a custom Cobalt Strike loader in the attack. Further analysis, revealed that the same threat actor targeted multiple regions […] | Threat Guideline | APT 41 | ★★★★ |
|
2022-11-13 09:40:52 | (Déjà vu) Lockbit gang leaked data stolen from global high-tech giant Thales (lien direct) | >The Lockbit 3.0 ransomware gang started leaking the information allegedly stolen from the global high-tech company Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust, essential […] | Ransomware Guideline | ||
|
2022-11-08 08:15:03 | US DoJ seizes $3.36B Bitcoin from Silk Road hacker (lien direct) | >The U.S. Department of Justice condemned James Zhong, a hacker who stole 50,000 bitcoins from the Silk Road dark net marketplace. The US Department of Justice announced that a man from Georgia, James Zhong, has pleaded guilty to wire fraud after stealing more than 50,000 bitcoins from the Silk Road. Zhong pled guilty to money […] | Guideline | ||
|
2022-11-01 17:33:53 | LockBit 3.0 gang claims to have stolen data from Thales (lien direct) | >The ransomware group LockBit 3.0 claimed to have stolen data from the French defence and technology group Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust, […] | Ransomware Guideline | ||
|
2022-10-29 14:53:00 | How will Twitter change under Elon Musk? (lien direct) | >Cybhorus CEO Pierluigi Paganini talks to TRT World about Elon Musk completing his $44 billion deal to buy Twitter and what changes he will make to the social media platform. Of course, the first impact will be on the leadership, Elon Musk was critical in the past with Agrawal's leadership. Musk will also take action […] | Guideline | ||
|
2022-10-28 19:47:43 | Multiple vulnerabilities affect the Juniper Junos OS (lien direct) | >Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered in Juniper Networks devices. “Multiple vulnerabilities have been found in the J-Web component of Juniper Networks Junos OS. One or more of these issues could lead to unauthorized local file access, cross-site scripting attacks, path […] | Guideline | ||
|
2022-10-18 14:15:09 | China-linked APT41 group targets Hong Kong with Spyder Loader (lien direct) | >China-linked threat actors APT41 (a.k.a. Winnti) targeted organizations in Hong Kong, in some cases remaining undetected for a year. Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41, Axiom, Barium, Blackfly) is a cyberespionage […] | Threat Guideline | APT 41 APT 17 | |
|
2022-10-07 22:03:12 | VMware fixed a high-severity bug in vCenter Server (lien direct) | >VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday released security patches to address a code execution vulnerability, tracked as CVE-2022-31680 (CVSS score of 7.2), in vCenter Server. The security issue is an unsafe deserialization vulnerability that resides in the platform services controller (PSC). […] | Vulnerability Guideline | ||
|
2022-09-09 16:09:44 | $30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered (lien direct) | >US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity. A joint operation conducted by enforcement and leading organizations in the cryptocurrency industry allowed to recover more than $30 million worth of cryptocurrency stolen by North Korean-linked APT group Lazarus from online video game Axie […] | Guideline | APT 38 | |
|
2022-09-05 08:39:46 | EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web (lien direct) | >Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark […] | Hack Guideline | ||
|
2022-08-31 22:31:33 | A flaw in TikTok Android app could have allowed the hijacking of users\' accounts (lien direct) | Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking. Microsoft researchers discovered a high-severity flaw (CVE-2022-28799) in the TikTok Android app, which could have allowed attackers to hijack users' accounts with a single click. The experts state that the vulnerability would have required the chaining with other […] | Vulnerability Guideline | ||
|
2022-08-26 23:08:15 | Critical flaw impacts Atlassian Bitbucket Server and Data Center (lien direct) | >Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian fixed a critical flaw in Bitbucket Server and Data Center, tracked as CVE-2022-36804 (CVSS score 9.9), that could be explored to execute malicious code on vulnerable installs The flaw is a command injection vulnerability that can be exploited via […] | Vulnerability Guideline | ||
|
2022-08-17 07:10:07 | ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data (lien direct) | >Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ÆPIC Leak (CVE-2022-21233) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs. ÆPIC Leak works on […] | Guideline | ||
|
2022-07-21 09:22:03 | Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices (lien direct) | >Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices. Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure. Below is the list of Apple […] | Guideline | ||
|
2022-07-18 07:23:20 | Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment (lien direct) | >The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September 2021, the Conti ransomware gang hit high society jeweler Graff and threatens to release private details of world leaders, actors and tycoons The customers of the company are the richest people on the globe, including […] | Ransomware Guideline | ||
|
2022-07-07 07:50:59 | OpenSSL version 3.0.5 fixes a flaw that could potentially lead to RCE (lien direct) | >The development team behind the OpenSSL project fixed a high-severity bug in the library that could potentially lead to remote code execution. The maintainers of the OpenSSL project fixed a high-severity heap memory corruption issue, tracked as CVE-2022-2274, affecting the popular library. This bug makes the RSA implementation with 2048 bit private keys incorrect on such machines and triggers […] | Guideline | ||
|
2022-06-30 14:13:23 | Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker (lien direct) | >A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker. In March, the man was extradited to the United States to face charges […] | Guideline | ||
|
2022-06-28 06:38:41 | Two critical flaws affect CODESYS ICS Automation Software (lien direct) | >CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service (DoS) condition. CODESYS has released security patches to fix eleven 11 vulnerabilities in its ICS Automation Software. CoDeSys is a development environment for programming controller applications according to the international industrial standard IEC 61131-3. The […] | Guideline | ||
|
2022-05-28 13:30:21 | Reuters: Russia-linked APT behind Brexit leak website (lien direct) | >Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the EU, the Reuters reported. According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from Brexit supporters, including […] | Threat Guideline | ||
|
2022-05-25 18:57:20 | Internationa police operation led to the arrest of the SilverTerrier gang leader (lien direct) | >The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT) after a year-long investigation codenamed “Operation Delilah.” SilverTerrier has been active since at least 2014 and focuses on BEC […] | Guideline | ||
|
2022-05-16 10:36:47 | (Déjà vu) Ukrainian national sentenced to 4 years in prison for selling access to hacked servers (lien direct) | >A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian national, has been sentenced to four years in prison for selling access to comprised servers on the dark web. The man was arrested in Poland in October 2020 and pleaded guilty […] | Guideline | ||
|
2022-05-08 08:01:13 | US DoS offers a reward of up to $15M for info on Conti ransomware gang (lien direct) | The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The US Department of State offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The reward is offered under the Department […] | Ransomware Guideline | ||
|
2022-04-11 14:48:18 | SuperCare Health discloses a data breach that Impacted +300K people (lien direct) | SuperCare Health, a leading respiratory care provider in the Western U.S, disclosed a data breach that impacted more than 300,000 individuals. SuperCare Health disclosed a security breach that has led to the exposure of personal information belonging to its patients, patients/members of its partner organizations and others. The company notified impacted individuals and law enforcement […] | Data Breach Guideline | ||
|
2022-04-02 06:37:34 | Trend Micro fixed high severity flaw in Apex Central product management console (lien direct) | Trend Micro has fixed a high severity arbitrary file upload flaw, tracked as CVE-2022-26871, in the Apex Central product management console. Cybersecurity firm Trend Micro has addressed a high severity security flaw, tracked as CVE-2022-26871, in the Apex Central product management console. The CVE-2022-26871 vulnerability is an arbitrary file upload issue, its exploitation could lead […] | Vulnerability Guideline | ||
|
2022-03-25 12:12:56 | UK police arrested 7 alleged members of Lapsus$ extortion gang (lien direct) | UK police suspect that a 16-year-old from Oxford is one of the leaders of the popular Lapsus$ extortion group. The City of London Police announced to have arrested seven teenagers suspected of being members of the notorious Lapsus$ extortion gang, which is believed to be based in South America. “Four researchers investigating the hacking group […] | Guideline | ||
|
2022-03-22 16:04:19 | Three critical RCE flaws affect hundreds of HP printer models (lien direct) | Three critical RCE flaws affect hundreds of HP LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. HP issued a security bulletin warning of a buffer overflow vulnerability, tracked as CVE-2022-3942 (CVSS score 8.4), that could lead to remote code execution on vulnerable devices. “Certain HP Print products and Digital Sending products may […] | Guideline | ||
|
2022-02-18 21:52:28 | Google Privacy Sandbox promises to protect user privacy online (lien direct) | Google introduces Privacy Sandbox on Android aimed at leading to more private advertising solutions for mobile users. Google announced Privacy Sandbox on Android to limit user data sharing and prevent the use of cross-app identifiers. The company states that the Privacy Sandbox technologies are still in development. “Privacy Sandbox on Android will strengthen privacy, while […] | Guideline | ||
|
2022-02-03 20:56:59 | (Déjà vu) Cisco fixes critical flaws in its Small Business Routers (lien direct) | Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers. Cisco announced patches for multiple issue affecting its Small Business RV160, RV260, RV340, and RV345 series routers. Some of the bugs fixed by the IT giant could lead to the execution of arbitrary code with root […] | Guideline | ||
|
2022-01-28 10:19:04 | (Déjà vu) Experts devise a technique to bypass Microsoft Outlook Security feature (lien direct) | A researcher devised a technique to bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient. Reegun Richard Jayapaul, SpiderLabs lead threat architect at Trustwave, has devised a technique to bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient. While investigating a malware campaign, […] | Malware Threat Guideline | ||
|
2022-01-21 11:59:14 | MoonBounce UEFI implant spotted in a targeted APT41 attack (lien direct) | Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single […] | Threat Guideline | APT 41 | |
|
2022-01-20 15:05:32 | Crypto.com hack impacted 483 accounts and resulted in a $34 million theft (lien direct) | Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Crypto.com is a cryptocurrency exchange app based in Singapore, the app currently has 10 million users and 3,000 employees. Recently, several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts […] | Hack Guideline | ||
|
2022-01-06 00:12:35 | VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi (lien direct) | VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the hypervisor. VMware released security updates to address a heap-overflow vulnerability, tracked as CVE-2021-22045, in its Workstation, Fusion and ESXi products. VMware has addressed the vulnerability with the release of ESXi670-202111101-SG, ESXi650-202110101-SG, Workstation 16.2.0, and Fusion […] | Vulnerability Guideline | ||
|
2022-01-02 19:24:33 | Lapsus$ ransomware gang hits Impresa, Portugal\'s largest media conglomerate (lien direct) | The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. Impresa owns SIC TV channel, and Expresso newspaper, among other leading media, like several magazine publications. The attack took place during the New Year […] | Ransomware Guideline | ||
|
2021-12-27 18:26:06 | Apache addressed a couple of severe vulnerabilities in Apache HTTP Server (lien direct) | The Apache Software Foundation released Apache HTTP Server 2.4.52 to address a couple of security flaws that can lead to remote code execution. The Apache Software Foundation has released the Apache HTTP Server 2.4.52 to address a couple of vulnerabilities, tracked as CVE-2021-44790 and CVE-2021-44224, that can lead to remote code execution attacks. The CVE-2021-44790 […] | Guideline | ||
|
2021-12-15 20:16:53 | FBI\'s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine (lien direct) | While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware gang operates out of Ukraine. The investigation conducted by FBI on a recent data breach suffered by an Oregon healthcare organization lead to the accidental revelation that the FBI believes that the HelloKitty ransomware gang […] | Ransomware Data Breach Guideline | ||
|
2021-12-14 08:11:54 | Google fixed the 17th zero-day in Chrome since the start of the year (lien direct) | Google has released Chrome 96.0.4664.110 to address a high-severity zero-day vulnerability, tracked as CVE-2021-4102, exploited in the wild. Google released security updates to address five vulnerabilities in the Chrome web browser, including a high-severity zero-day flaw, tracked as CVE-2021-4102, exploited in the wild. The CVE-2021-4102 flaw is a use-after-free issue in the V8 JavaScript and WebAssembly engine, its exploitation could lead to the execution […] | Guideline | ||
|
2021-11-10 15:42:21 | Citrix addresses a critical flaw in ADC, Gateway (lien direct) | Citrix addressed two vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, one of them is a critical issue leading to DoS. Citrix has released security updates to address two vulnerabilities in ADC, Gateway, and SD-WAN, including a critical flaw, tracked as CVE-2021-22955, that can be exploited to trigger a denial of service (DoS) condition. The CVE-2021-22955 […] | Guideline | ||
|
2021-11-09 08:17:46 | US DoS offers a reward of up to $10M for leaders of REvil ransomware gang (lien direct) | The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department of State offers up to $10 million for information that can lead to the identification or location of individuals in key leadership positions in the REvil/Sodinokibi ransomware operation. The US government also offers $5 million […] | Ransomware Guideline | ||
|
2021-11-05 00:16:30 | US Gov offers a reward of up to $10M for info on DarkSide leading members (lien direct) | The US government offers up to a $10,000,000 reward for information leading to the identification or arrest of DarkSide gang members. The US government wants to dismantle the DarkSide ransomware operation and its rebrands and it is offering up to a $10,000,000 reward for information leading to the identification or arrest of members of the gang […] | Guideline | ||
|
2021-11-04 18:37:22 | Expert found a critical remote code execution bug in Linux Kernel (lien direct) | A critical heap-overflow vulnerability, tracked as CVE-2021-43267, in Linux Kernel can allow remote attackers to takeover vulnerable installs. A SentinelOne researcher discovered a critical remote code execution vulnerability, tracked as CVE-2021-43267, resides in the Transparent Inter Process Communication (TIPC) module of the Linux kernel. The flaw is a critical heap-overflow issue that could lead to […] | Guideline | ||
|
2021-10-31 09:30:41 | Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham (lien direct) | Conti ransomware gang hit high society jeweller Graff and threatens to release private details of world leaders, actors and tycoons The latest attack of the Conti ransomware gang makes the headlines, the threat actors hit high society jeweller Graff and asked the payment of a multi-million ransom to avoid leaking details of world leaders, actors […] | Ransomware Threat Guideline | ||
|
2021-10-26 06:51:12 | Kansas Man pleads guilty to hacking the Post Rock Rural Water District (lien direct) | Kansas man Wyatt Travnichek admitted in court to tampering with the computer systems at the Post Rock Rural Water District. Kansas man Wyatt A. Travnichek pleaded guilty to tampering with the computer system at a drinking water treatment facility at the Post Rock Rural Water District. The man also pleaded guilty to one count of […] | Guideline | ||
|
2021-10-23 20:24:38 | (Déjà vu) Cisco SD-WAN flaw could lead to arbitrary code execution, patch it now! (lien direct) | Cisco fixes an OS command-injection flaw, tracked as CVE-2021-1529, in Cisco SD-WAN that could allow privilege escalation and lead to arbitrary code execution. Cisco addressed a high-severity OS command-injection vulnerability, tracked as CVE-2021-1529, in Cisco SD-WAN that could allow privilege escalation and lead to arbitrary code execution. Cisco SD-WAN is a cloud-delivered overlay WAN architecture […] | Guideline | ||
|
2021-10-12 14:17:43 | GitKraken flaw lead to the generation of weak SSH keys (lien direct) | Git GUI client GitKraken team fixed a flaw that lead to the generation of weak SSH keys, users are recommended to revoke and renew their keys. The development team behind the Git GUI client GitKraken has fixed a vulnerability that was leading to the generation of weak SSH keys. The developers addressed the flaw with […] | Vulnerability Guideline | ||
|
2021-10-10 14:17:40 | Medtronic recalls some controllers used with some of its insulin pumps over cyberattack risks (lien direct) | Medical device maker Medtronic recalled the remote controllers used with some of its insulin pumps because of dangerous vulnerabilities. Medical device maker Medtronic has recalled the remote controllers used with some of its insulin pumps because of they are affected by severe vulnerabilities that could lead to injury or death of the patients. An attacker can exploit the vulnerabilities […] | Guideline | ||
|
2021-09-19 11:57:41 | Why Edward Snowden is urging users to stop using ExpressVPN? (lien direct) | The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. Last week the Israeli cybersecurity firm Kape Technologies has acquired the industry’s leading virtual private networks ExpressVPN, as part of a $936 million deal. Kape announced that the acquisition will more than double its overall customer base, from almost 3 million customers to more than […] | Guideline |
To see everything:
Our RSS (filtrered)
