What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-06-13 12:41:17 | COVID-19 themed attacks increase in Brazil, India, and UK (lien direct) | Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […] | Malware Threat | ||
|
2020-06-10 20:31:27 | Nintendo admitted that hackers have breached 300,000 accounts (lien direct) | Japanese gaming giant Nintendo has confirmed that hackers have breached 300,000 accounts since early April, financial data were not exposed. The Japanese video game giant Nintendo has admitted that threat actors have breached 300,000 accounts since early April. The hackers have gained access to personal information, including birthday and email address, but financial data were […] | Threat | ||
|
2020-06-10 12:00:54 | Japanese car-maker giant Honda hit by a ransomware attack (lien direct) | Japanese carmaker Honda announced it has been hit by a cyberattack that disrupted its business in several countries. The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware. BleepingComputer reported that […] | Ransomware Threat | ||
|
2020-06-09 21:36:11 | (Déjà vu) Hackers target German Task Force for COVID-19 PPE procurement (lien direct) | Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE) against COVID-19. Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE). Threat actors are targeting executives of a German multinational corporation part of a government-private sector task force that […] | Threat | ||
|
2020-06-09 10:12:45 | Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online (lien direct) | A threat actor is offering for sale in a darkweb black-market internal documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). Researchers from cyber threat intelligence firm Cyble reported that a threat actor is offering in a darkweb black-market documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). The company manufactures a variety […] | Threat | ||
|
2020-06-08 21:01:12 | Higaisa threat actors targets organizations using Zeplin platform (lien direct) | A Korean threat actor, tracked as Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The Korean threat actor Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The group is believed to be a […] | Threat | ||
|
2020-06-08 11:20:44 | Google is indexing the phone numbers of WhatsApp users raising privacy concerns (lien direct) | A researcher is warning that Google is indexing the phone numbers of WhatsApp users raising serious privacy concerns. Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers […] | Threat | ||
|
2020-06-06 07:42:39 | eCh0raix ransomware is back and targets QNAP NAS devices again (lien direct) | eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […] | Ransomware Threat | ||
|
2020-06-05 12:42:50 | Multi-platform Tycoon Ransomware employed in targeted attacks (lien direct) | Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […] | Ransomware Threat | ||
|
2020-06-04 20:36:51 | Cycldek APT targets Air-Gapped systems using the USBCulprit Tool (lien direct) | A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […] | Tool Threat | ||
|
2020-06-04 13:32:33 | North Atlantic Council is warning of malicious cyber activities during COVID-19 pandemic (lien direct) | North Atlantic Council issued a statement warning of concerning malicious cyber activities against entities involved in the fight against COVID-19. A statement published by the North Atlantic Council condemns malicious cyber activities that are targeting critical entities involved in the response against the COVID-19 pandemic. Threat actors are targeting healthcare services, hospitals, and research institutes endangering […] | Threat | ||
|
2020-06-04 11:15:48 | Large-scale campaign targets configuration files from WordPress sites (lien direct) | Security experts have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Security researchers from WordFence have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Threat actors attempted to exploit well- known vulnerabilities in unpatched plugins to download configuration files from WordPress […] | Threat | ★★★★ | |
|
2020-06-04 09:42:03 | Hackers hijacked Coincheck \'s domain registrar account and targeted some users (lien direct) | Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Then the attackers used the hijacked domain to launch spear-phishing attacks against […] | Threat | ||
|
2020-06-03 07:56:58 | Russia-linked APT exploited at least 3 Exim flaws in recent attacks (lien direct) | Several flaws in the Exim mail transfer agent (MTA) have been exploited by Russia-linked hackers, hundreds of thousands of servers are still unpatched. Russia-linked threat actors have exploited several vulnerabilities in the Exim mail transfer agent (MTA) in their campaigns. Last week, the U.S. National Security Agency (NSA) warned that Russia-linked APT group tracked Sandworm Team has been […] | Threat | ||
|
2020-06-01 08:20:50 | KingNull leaks DB of Daniel\'s Hosting dark web hosting provider (lien direct) | Earlier this year a hacker breached Daniel’s Hosting, the largest free web hosting provider for dark web hidden services and now leaked its DB. A threat actor has leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider for dark web hidden services. The hacker has stolen the data in March when […] | Threat | ||
|
2020-05-31 11:17:15 | (Déjà vu) Coronavirus-themed attacks May 24 – May 30, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 24 to May 30, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 26 – Hangzhou could permanently adopt COVID-19 […] | Threat | ||
|
2020-05-30 19:29:25 | A new COVID-19-themed campaign targets Italian users (lien direct) | Security researchers uncovered a new COVID-19-themed campaign targeting users of the National Institute for Social Security (INPS). Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early April, threat actors set up a fake […] | Threat | ★★★ | |
|
2020-05-29 09:44:43 | An archive with 20 Million Taiwanese\' citizens leaked in the dark web (lien direct) | Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. According to the experts, the leak includes government data of an entire country, […] | Threat | ||
|
2020-05-29 08:08:24 | Steganography in targeted attacks on industrial enterprises in Japan and Europe (lien direct) | Threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks, Kaspersky reported. Researchers from Kaspersky's ICS CERT unit reported that threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks. The experts first observed the attacks in early 2020, while in early May, threat actors targeted organizations […] | Threat | ||
|
2020-05-28 21:47:52 | Security breach impacted Cisco VIRL-PE infrastructure (lien direct) | Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. Cisco has disclosed a security incident that impacted part of its VIRL-PE infrastructure, threat actors exploited vulnerabilities in the SaltStack software package to breach six company servers. These issues affect the following Cisco products running a vulnerable […] | Hack Threat | ||
|
2020-05-28 13:14:15 | Google TAG report Q1 details about nation-state hacking and disinformation (lien direct) | Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020. The Google Threat Analysis Group (TAG) is a group inside the Google’s security team that […] | Threat | ||
|
2020-05-25 18:01:53 | Crooks hacked e-shops and threaten to sell SQL databases if ransom not paid (lien direct) | Threat actors are offering for sale more than two dozen SQL databases belonging to e-commerce websites for different countries. Hackers are offering for sale more than two dozen SQL databases stolen from online shops from multiple countries. Threat actors have compromised insecure servers exposed online and after copying the content of their websites they left […] | Threat | ||
|
2020-05-24 20:49:18 | 25 million Mathway user records available for sale on the dark web (lien direct) | A threat actor is offering for sale on a dark web marketplace a database containing 25 million user records belonging to the Mathway. A data breach broker, known as Shiny Hunters, is offering for sale on a dark web marketplace a database that contains 25 million user records for Mathway. Early May, Shiny Hunters attempted to […] | Threat | ||
|
2020-05-24 13:00:31 | (Déjà vu) Coronavirus-themed attacks May 17 – May 23, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 17 to May 23, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 19 – Hackers Target Oil Producers During […] | Threat | ||
|
2020-05-23 17:35:29 | Voter information for 2 millions of Indonesians leaked online (lien direct) | A hacker has leaked the 2014 voter information for close to 2 million Indonesians on a well-known hacker forum and threatens to release 200 million. A threat actor has published the 2014 voter information for close to 2 million Indonesians on a popular hacker forum and threatens to release data for a total of 200 million […] | Threat | ||
|
2020-05-22 13:42:08 | Cyber-Criminal espionage Operation insists on Italian Manufacturing (lien direct) | ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. Introduction During our Cyber Threat Intelligence monitoring we spotted new malicious activities targeting some Italian companies operating worldwide in the manufacturing sector, some of them also part of the automotive production chain. The group behind this activity is […] | Threat | ||
|
2020-05-21 20:00:15 | (Déjà vu) Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware (lien direct) | Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. Threat actors attempted to exploit a zero-day (CVE-2020-12271) in the Sophos XG firewall to spread ransomware to Windows machines, the good news is that the attack was blocked by a hotfix issued […] | Ransomware Threat | ||
|
2020-05-20 09:03:30 | Three flaws in Nitro Pro PDF reader expose businesses to hack (lien direct) | Two vulnerabilities in the Nitro Pro PDF editor could be exploited by threat actors to execute code remotely on vulnerable hosts. Security experts from Cisco Talos have discovered three vulnerabilities in the Nitro Pro PDF editor, two of which rated as critical (CVSS score of 8.8) could be exploited by attackers for remote code execution. Nitro […] | Hack Threat | ||
|
2020-05-18 14:43:59 | Mandrake, a high sophisticated Android spyware used in targeted attacks (lien direct) | Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Mandrake is an advanced cyberespionage platform, but experts believe the attacks are financially motivated. Threat actors behind […] | Threat | ||
|
2020-05-18 10:42:54 | FBI warns US organizations of ProLock ransomware decryptor not working (lien direct) | The FBI issued a flash alert to warn organizations in the United States that the ProLock ransomware decryptor doesn’t work properly. Early this month, the FBI issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. “The decryption key or ‘decryptor’ provided by […] | Ransomware Threat | ||
|
2020-05-17 12:46:02 | (Déjà vu) Coronavirus-themed attacks May 10 – May 16, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 10 to May 16, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 12 – Zeus Sphinx continues to be […] | Threat | ||
|
2020-05-16 13:10:57 | Microsoft is open-sourcing COVID-19 threat intelligence (lien direct) | Microsoft has recently announced that it has made some of its COVID-19 threat intelligence open-source. While the number of Coronavirus-themed attacks continues to increase increased Microsoft announced it is open-sourcing its COVID-19 threat intelligence to help organizations to repeal these threats. “Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, […] | Threat | ||
|
2020-05-15 20:54:30 | Chinese APT Tropic Trooper target air-gapped military Networks in Asia (lien direct) | Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. The Tropic Trooper APT that has been active at least since 2011, it was first spotted in 2015 […] | Threat | APT 23 | |
|
2020-05-15 08:07:19 | (Déjà vu) Threat actors are offering for sale 550 million stolen user records (lien direct) | Threat actors are offering for sale tens of databases on a hacker forum that contains roughly 550 million stolen user records. Security experts from Cyble reported that a threat actor is attempting to sell twenty-nine databases on a hacker forum since May 7. Forum members could also buy each database individually. The archives allegedly contain a total […] | Threat | ||
|
2020-05-13 14:26:13 | Chancellor Merkel has \'hard evidence\' of Russian hackers targeted her (lien direct) | German Chancellor Angela Merkel revealed that she is the target of an “outrageous” cyber espionage campaign carried out by Russia. German Chancellor Angela Merkel revealed that Russia-linked threat actors were targeting her in an “outrageous” cyberespionage campaign. “I can honestly say that it pains me. Every day I try to build a better relationship with […] | Threat | ||
|
2020-05-11 07:58:49 | Sodinokibi ransomware uses MS API to encrypt open and locked files (lien direct) | Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process. Many applications lock files to prevent […] | Ransomware Malware Threat | ||
|
2020-05-10 11:56:39 | (Déjà vu) Coronavirus-themed attacks May 03 – May 09, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 03 to May 09, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Below […] | Threat | ||
|
2020-05-08 10:52:24 | Cisco fixes High Severity issues in ASA and FTD products (lien direct) | Cisco addresses tens of flaws in multiple products, including 12 high severity issues in Adaptive Security Appliance and Firepower Threat Defense. Cisco released security updates to address 34 flaws in multiple products, including 12 high severity vulnerabilities that affect Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). Most of the vulnerabilities fixed by Cisco […] | Threat | ||
|
2020-05-06 09:59:34 | Data belonging 44 Million Pakistani mobile users leaked online (lien direct) | A threat actor is offering a database apparently belonging to Pakistan’s leading telecom service, it includes data of 44 Million Pakistani mobile users. The threat actor is leaking the database of Pakistan’s leading telecom service Mobilink’s (now @jazzpk). The database contains personally-identifiable and subscription information for 44,000,000 Pakistanis, including customer full names, home addresses (city, […] | Threat Guideline | ||
|
2020-05-05 13:30:53 | GoDaddy discloses a data breach, web hosting account credentials exposed (lien direct) | GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. Headquartered in Scottsdale, Arizona, the Internet domain registrar and web hosting company claims to have over […] | Threat | ★★★★★ | |
|
2020-05-04 23:09:04 | Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files (lien direct) | Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […] | Spam Threat | ★★ | |
|
2020-05-03 13:01:50 | (Déjà vu) Coronavirus-themed attacks April 26 – May 02, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from April 26 to May 02, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […] | Threat | ||
|
2020-05-01 12:42:01 | COVID-19 disinformation and misinformation campaigns continue to proliferate (lien direct) | COVID-19 disinformation and misinformation campaigns continue to proliferate around the world, with potentially harmful consequences for society. During a COVID-19 crisis, while most of the people have to maintain social distancing and work from home, threat cyber are attempting to conduct disinformation and misinformation campaigns. The main difference between misinformation and disinformation is that the […] | Threat | ||
|
2020-04-30 10:43:22 | EventBot, a new Android mobile targets financial institutions across Europe (lien direct) | Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe The malware first appeared in the threat landscape in March, in implements […] | Malware Threat | ||
|
2020-04-29 11:55:39 | Google found zero-click vulnerabilities in Apple\'s multimedia processing components (lien direct) | Google Project Zero white-hat hackers have disclosed zero-click vulnerabilities affecting multiple Apple operating systems. White-hat hackers at Google Project Zero team have discovered several zero-click vulnerabilities impacting multiple Apple’s multimedia processing components is several Apple operating systems. Multimedia processing components could be a privileges entry point for threat actos that attempt to hack into the […] | Hack Threat | ||
|
2020-04-28 15:22:58 | SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE (lien direct) | Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. The 21st of March, the website received a Denial of Service attack after the publishing of an […] | Threat | ||
|
2020-04-27 22:26:40 | (Déjà vu) Shade Ransomware gang shut down operations and releases 750K decryption keys (lien direct) | The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware, the operators behind the threat have shut down their operations and released over 750,000 decryption keys. The cybercrime gang also apologized for the damages they have caused their […] | Ransomware Threat | ||
|
2020-04-26 11:12:35 | (Déjà vu) Coronavirus-themed attacks April 19 – April 25, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from April 19 to April 25, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […] | Threat | ||
|
2020-04-26 09:23:44 | (Déjà vu) Crooks target US universities with malware used by nation-state actors (lien direct) | Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Faculty and students at several U.S. universities and colleges were targeted in phishing attacks, threat actors attempted to infect the victims’ systems with a remote access Trojan (RAT) previously used by Chinese state-sponsored hackers. The […] | Malware Threat | ||
|
2020-04-25 19:40:44 | Bad actor sells Huiying Medical Technology\'s source code for AI-assisted COVID-19 detection (lien direct) | Experts from Cyble identified a threat actor attempting to sell Huiying Medical Technology's source code for AI-assisted COVID-19 detection and experimental data. Researchers from the data breach notification firm Cyble have identified a credible bad actor that goes online with moniker 'THE0TIME' claiming to have gained access to Huiying Medical Technology's COVID-19 detection's technology. “As part of […] | Data Breach Threat |
To see everything:
Our RSS (filtrered)
