What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-10 15:11:45 | Grayfly APT uses recently discovered Sidewalk backdoor (lien direct) | Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage group in an attack aimed at a computer retail company […] | Guideline | APT 41 | |
|
2021-09-10 05:49:03 | International money launderer sentenced to more than 11 years (lien direct) | A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions of dollars stolen in bank fraud schemes. A Canadian man who conspired to launder tens of millions of dollars stolen bank fraud schemes has been sentenced to 140 months in prison. The man is Ghaleb […] | Threat Guideline | ||
|
2021-08-20 07:03:25 | 637 flaws in industrial control system (ICS) products were published in H1 2021 (lien direct) | During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. Industrial cybersecurity firm Claroty published its third Biannual ICS Risk & Vulnerability Report that analyzes the vulnerability landscape relevant to leading automation products used across the ICS domain. The company reported that during the […] | Vulnerability Guideline | ||
|
2021-08-03 08:27:43 | Experts found potential remote code execution in PyPI (lien direct) | A flaw in the GitHub Actions workflow for PyPI 's source repository could be exploited to potentially execute arbitrary code on pypi.org. Security researcher RyotaK disclosed three flaws in PyPI, the most severe one could potentially lead to the compromise of the entire PyPI infrastructure. Python Package Index (PyPI) is the official third-party software repository […] | Guideline | ||
|
2021-07-23 18:34:58 | (Déjà vu) Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet. (lien direct) | Estonian hacker Pavel Tsurkan has pleaded guilty in a United States court to the counts of computer fraud and of creating and operating a proxy botnet. The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse. According to court documents, Pavel Tsurkan (33) operated […] | Guideline | ||
|
2021-07-22 15:33:27 | Group-IB helps Dutch police identify members of phishing developer gang Fraud Family (lien direct) | Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed ‘Fraud Family.’ Group-IB's […] | Threat Guideline | ||
|
2021-07-06 09:14:54 | Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide (lien direct) | Group-IB supported INTERPOL in its Operation Lyrebird that allowed to identify a threat actor presumably responsible for multiple attacks. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has supported INTERPOL in its Operation Lyrebird that resulted in the identification and apprehension of a threat actor presumably responsible for multiple attacks, […] | Guideline | ||
|
2021-07-01 15:16:55 | (Déjà vu) Microsoft found auth bypass, system hijack flaws in Netgear routers (lien direct) | Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. Microsoft researchers discovered multiple vulnerabilities in the firmware of the Netgear DGN-2200v1 series router that can allow attackers to bypass authentication, access stored credentials, and even take over devices. Experts discovered […] | Guideline | ||
|
2021-06-27 11:25:36 | Security Affairs newsletter Round 320 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Norway blames China-linked APT31 for 2018 government hack Poland: The leader of the PiS party blames Russia for […] | Hack Guideline | APT 31 | |
|
2021-06-20 17:55:58 | Poland: The leader of the PiS party blames Russia for the recent attack (lien direct) | Jaroslaw Kaczynski, the leader of the Poland Law and Justice party, blames Russia for the recent cyberattack targeting top Polish politicians. Jaroslaw Kaczynski, the leader of the Poland Law and Justice party (PiS), blames Russia for the recent cyberattack that targeted top Polish politicians. Last week, Poland's parliament had a closed-door session to discuss an unprecedented wave of cyberattacks […] | Guideline | ||
|
2021-05-02 16:00:15 | WeSteal, a shameless commodity cryptocurrency stealer available for sale (lien direct) | The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity cryptocurrency stealers, its author doesn’t masquerade its purpose and promises “the leading way to make money in 2021.” […] | Guideline | ||
|
2021-04-04 15:35:55 | (Déjà vu) Malware attack on Applus blocked vehicle inspections in some US states (lien direct) | A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies is a worldwide leader in the testing, inspection and certification sector, the company was recently hit by a malware cyberattack that impacted vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. […] | Malware Guideline | ||
|
2021-04-02 12:37:02 | Airlift Express Fixes Vulnerabilities in Its E-commerce Store (lien direct) | PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A team of security researchers from PrivacySavvy recently discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. Fortunately, the company has successfully fixed the security loopholes, but the […] | Vulnerability Guideline | ||
|
2021-04-01 15:30:50 | DeepDotWeb admin pleads guilty to money laundering conspiracy (lien direct) | One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the marketplaces. One of the administrators for the DeepDotWeb dark web portal, Tal Prihar (37), pleads guilty to receiving kickbacks from the operators of the marketplaces for the sale of illegals products. Tal Prihar is a […] | Guideline | ||
|
2021-03-25 13:38:55 | 30 million Americans affected by the Astoria Company data breach (lien direct) | Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data breach Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person that may be looking for discounted car loans, different medical insurance, or even […] | Data Breach Guideline | ||
|
2021-03-22 20:42:43 | Adobe addresses a critical vulnerability in ColdFusion product (lien direct) | Adobe has released security updates to address a critical vulnerability in the ColdFusion product (versions 2021, 2016, and 2018) that could lead to arbitrary code execution. Adobe has released security patches to address a critical vulnerability in Adobe ColdFusion that could be exploited by attackers to execute arbitrary code on vulnerable systems. The issue, tracked as CVE-2021-21087 is […] | Vulnerability Guideline | ||
|
2021-03-19 23:30:18 | (Déjà vu) Russian National pleads guilty to conspiracy to plant malware on Tesla systems (lien direct) | The Russian national who attempted to convince a Tesla employee to plant malware on Tesla systems has pleaded guilty. The U.S. Justice Department announced on Thursday that the Russian national Egor Igorevich Kriuchkov (27), who attempted to convince a Tesla employee to install malware on the company's computers, has pleaded guilty. “A Russian national pleaded guilty in federal court […] | Malware Guideline | ||
|
2021-03-07 12:33:19 | Security Affairs newsletter Round 304 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. EU leaders aim at boosting defense and security, including cybersecurity New Zealand-based cryptocurrency exchange Cryptopia hacked again ByteDance […] | Guideline | ||
|
2021-03-05 08:11:51 | Five privilege escalation flaws fixed in Linux Kernel (lien direct) | Experts found five vulnerabilities in the Linux kernel, tracked as CVE-2021-26708, that could lead to local privilege escalation. Positive Technologies researcher Alexander Popov found five high severity vulnerabilities in the Linux kernel that could lead to local privilege escalation. The Linux kernel vulnerabilities are race conditions that reside in AF_VSOCK implementation, they were implicitly introduced in November […] | Guideline | ||
|
2021-03-02 13:01:14 | (Déjà vu) Alleged China-linked APT41 group targets Indian critical infrastructures (lien direct) | Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between […] | Guideline | APT 41 | |
|
2021-02-28 17:52:36 | EU leaders aim at boosting defense and security, including cybersecurity (lien direct) | During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “We […] | Guideline | ||
|
2021-02-15 09:23:52 | French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine (lien direct) | An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS. Some affiliated with the Egregor RaaS, not the main ransomware gang, have been arrested as a result of a joint operation conducted by law enforcement in Ukraine and France. Authorities did not reveal […] | Ransomware Guideline | ||
|
2021-02-09 20:45:49 | Ukraine\'s police arrested the author of the U-Admin phishing kit (lien direct) | An international operation conducted by Ukraine’s police, along with the US and Australia peers, shut down the world’s largest phishing Service U-Admin. Last week, an international operation conducted by Ukraine’s police, along with the US and Australian authorities, lead to the shut down of the world’s phishing framework U-Admin. The National Police and its Main […] | Guideline | ||
|
2021-02-09 15:18:06 | Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs (lien direct) | The development team behind the NextGen Gallery plugin has addressed two severe CSRF vulnerabilities that could have allowed site takeover. The developers behind the NextGen Gallery plugin have fixed two critical Cross-site request forgery (CSRF) vulnerabilities, their exploitation could lead to a site takeover, malicious redirects, spam injection, phishing, and other malicious activities. The NextGEN […] | Spam Guideline | ||
|
2021-02-03 06:38:44 | Hackers stole personnel records of software developer Wind River (lien direct) | The global leader of embedded system software Wind River Systems discloses a data breach that resulted in the theft of customers’ personal information. Wind River Systems, a global leader in delivering software for smart connected systems, discloses a data breach. The company claims its technology is found in more than 2 billion products, it develops […] | Data Breach Guideline | ||
|
2021-01-27 21:36:38 | Emotet Botnet dismantled in a joint international operation (lien direct) | A global operation of law enforcement has dismantled the infrastructure of the infamous Emotet botnet. A global operation of law enforcement, lead by Europol, has dismantled the infrastructure of the infamous Emotet botnet. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. In the middle-August, the malware was […] | Threat Guideline | ||
|
2021-01-23 22:11:27 | ADT employee pleads guilty for accessing cameras installed by the company (lien direct) | A former ADT employee pleads guilty for accessing the cameras he installed at the home of the company’s customers in the Dallas area. Telesforo Aviles (35) is a former ADT employee that pleaded for accessing the cameras he installed at the home of the company’s customers. Every time the man worked at the home of […] | Guideline | ||
|
2021-01-18 18:34:57 | 500K+ records of C-level people from Capital Economics leaked online (lien direct) | Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. CapitalEconomics.com is one of the leading independent economic research companies in the world that provides macroeconomic, financial market and sectoral forecasts and consultancy. […] | Guideline | ||
|
2021-01-15 14:13:30 | Winnti APT continues to target game developers in Russia and abroad (lien direct) | A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41) […] | Threat Guideline | APT 41 APT 41 | |
|
2021-01-08 22:12:53 | Nvidia releases security updates for GPU display driver and vGPU flaws (lien direct) | Nvidia has released security updates to address high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software. Nvidia has addressed a total of 16 flaws, including high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software. The addressed flaws may lead to denial of service, escalation of privileges, data tampering, or information disclosure. […] | Guideline | ||
|
2021-01-05 11:34:43 | Over 500,000 credentials for tens of gaming firm available in the Dark Web (lien direct) | The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked on online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to top 25 gaming firms. The alarm was raised by the threat intelligence firm Kela […] | Threat Guideline | ||
|
2020-12-14 08:13:23 | Robotic Process Automation vendor UiPath discloses data breach (lien direct) | Last week, ZDnet reported in an exclusive that the tech unicorn UiPath admitted having accidentally exposed the personal details of some users. UiPath is a leading Robotic Process Automation vendor providing a complete software platform to help organizations efficiently automate business processes. The startup started reporting the security incident to its customers that had their data […] | Data Breach Guideline | ||
|
2020-11-10 13:22:03 | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike (lien direct) | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and […] | Ransomware Tool Guideline | ||
|
2020-11-02 08:45:45 | Hackers stole credit card data from JM Bullion online bullion dealer (lien direct) | JM Bullion, the leading online bullion dealer in the United States, has disclosed a data breach, hackers stole customers’ credit card information. JM Bullion, the online retailer of products made of precious metals (i.e. gold, silver, copper, platinum, and palladium) has disclosed a data breach. JM Bullion has sent a ‘Notice of Data Security Incident‘ to its […] | Guideline | ||
|
2020-10-30 21:32:29 | Google discloses unpatched Windows zero-day exploited in the wild (lien direct) | Google researchers disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. Security researchers from Google have disclosed a zero-day vulnerability in the Windows operating system, tracked as CVE-2020-17087, that is currently under active exploitation. Ben Hawkes, team lead for Google Project Zero team, revealed on Twitter that the vulnerability […] | Vulnerability Guideline | ||
|
2020-10-16 12:42:06 | (Déjà vu) Adobe fixes Magento flaws that can lead to code execution (lien direct) | Adobe released a series of out-of-band security fixes to address multiple Magento vulnerabilities that lead to code execution, customer list tampering. Adobe has released a series of out-of-band security fixes to address multiple Magento vulnerabilities that lead to code execution, customer list tampering. Eight of the vulnerabilities are considered either critical or important, only one […] | Guideline | ||
|
2020-10-15 20:11:03 | Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek (lien direct) | The Egregor ransomware gang has hit the game developer Crytek and leaked files allegedly stolen from the systems of the gaming firm Ubisoft. A previously unknown ransomware gang dubbed Egregor has hit the game developer Crytek and leaked files allegedly stolen from the internal network of another leading gaming firm, Ubisoft. A few days ago, the Egregor […] | Ransomware Guideline | ||
|
2020-10-13 11:23:31 | Leading Law firm Seyfarth Shaw discloses ransomware attack (lien direct) | Seyfarth Shaw, one of the leading global legal firms announced that it was a victim of an “aggressive malware” attack, likely a ransomware attack. Seyfarth Shaw LLP is an international AmLaw 100 law firm headquartered in Chicago, Illinois, its clients include over 300 of the Fortune 500 companies, and its practice reflects virtually every industry and segment of the economy. […] | Ransomware Guideline | ||
|
2020-10-01 11:57:36 | Flaws in leading industrial remote access systems allow disruption of operations (lien direct) | Experts found critical security flaws in two popular industrial remote access systems that could be exploited by threat actors for malicious purposes. Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper […] | Hack Threat Guideline | ||
|
2020-09-24 14:19:02 | Instagram RCE gave hackers remote access to your device (lien direct) | Facebook has addressed a critical vulnerability in Instagram that could lead to remote code execution and turn the smartphone into a spying device. Facebook has fixed a critical remote code execution vulnerability in Instagram that could lead to the hijack of smartphone cameras, microphones, and more. The vulnerability, tracked as CVE-2020-1895, was discovered by Check Point, […] | Vulnerability Guideline | ||
|
2020-09-20 09:13:26 | IPG Photonics high-performance laser developer hit with ransomware (lien direct) | IPG Photonics, a leading U.S. manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. The company was founded in 1990 in Russia by physicist Valentin Gapontsev, it employs over 4,000 people […] | Ransomware Guideline | ||
|
2020-09-17 09:59:53 | APT41 actors charged for attacks on more than 100 victims globally (lien direct) | US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The United States Department of Justice this week announced indictments against five Chinese nationals believed to be members of the cyber-espionage group known as APT41 (Winnti, Barium, Wicked Panda and Wicked Spider). US authorities are […] | Guideline | APT 41 | |
|
2020-09-10 19:19:19 | Colocation data centers giant Equinix data hit by Netwalker Ransomware (lien direct) | Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Equinix, one of the leaders in the global colocation data center market share, with 205 data centers in 25 countries on five continents, was hit by Netwalker ransomware operators. The popular cybercrime gang is demanding a […] | Ransomware Guideline | ||
|
2020-09-02 09:29:10 | MAGMI Magento plugin flaw allows remote code execution on a vulnerable site (lien direct) | Researchers discovered multiple vulnerabilities in the MAGMI Magento plugin that could lead to remote code execution on a vulnerable Magento site. Tenable published a research advisory for two vulnerabilities impacting the Magento Mass Import (MAGMI) plugin. The flaws were discovered by Enguerran Gillier of the Tenable Web Application Security Team. MAGMI is a Magento database […] | Guideline | ||
|
2020-08-28 20:36:08 | Former Cisco employee pleads guilty to hacking, damaging company systems (lien direct) | A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announced […] | Guideline | ||
|
2020-08-28 07:59:21 | Cisco addresses ten high-risk issues in NX-OS software (lien direct) | Cisco addressed ten high-risk vulnerabilities in NX-OS software, including some issues that could lead to code execution and privilege escalation. Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS […] | Guideline | ||
|
2020-08-27 09:32:08 | Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere (lien direct) | Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security […] | Guideline | ||
|
2020-08-20 17:52:14 | Shared memory flaw in IBM Db2 can lead to Information Disclosure (lien direct) | IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […] | Vulnerability Guideline | ||
|
2020-08-10 14:58:32 | Nefilim ransomware operators claim to have hacked the SPIE group (lien direct) | Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services. The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to […] | Ransomware Threat Guideline | ||
|
2020-08-01 18:55:13 | (Déjà vu) The author of FastPOS PoS malware pleads guilty (lien direct) | A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. Chiochiu was a member of the Infraud global cybercrime organization involved in stealing and selling credit card […] | Malware Guideline |
To see everything:
Our RSS (filtrered)
