What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-11-15 15:30:00 | Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors (lien direct) | The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation
The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation |
Vulnerability Threat | ★★ | |
|
2024-11-15 13:30:00 | Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist (lien direct) | Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins
Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins |
Legislation | ★★ | |
|
2024-11-15 12:15:00 | watchTowr Finds New Zero-Day Vulnerability in Fortinet Products (lien direct) | The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October |
Vulnerability Threat | ★★ | |
|
2024-11-15 10:00:00 | Ransomware Groups Use Cloud Services For Data Exfiltration (lien direct) | SentinelOne described some of ransomware groups\' favorite techniques for targeting cloud services
SentinelOne described some of ransomware groups\' favorite techniques for targeting cloud services |
Ransomware Cloud | ★★★ | |
|
2024-11-15 08:45:00 | O2\\'s AI Granny Outsmarts Scam Callers with Knitting Tales (lien direct) | Pas de details / No more details | ★★ | ||
|
2024-11-14 17:00:00 | Sitting Ducks DNS Attacks Put Global Domains at Risk (lien direct) | Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations
Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations |
★★ | ||
|
2024-11-14 16:30:00 | Microsoft Power Pages Misconfiguration Leads to Data Exposure (lien direct) | Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users
Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users |
★★ | ||
|
2024-11-14 13:15:00 | Massive Telecom Hack Exposes US Officials to Chinese Espionage (lien direct) | The FBI and CISA have confirmed that US officials\' private communications have been compromised
The FBI and CISA have confirmed that US officials\' private communications have been compromised |
Hack | ★★★ | |
|
2024-11-14 10:15:00 | API Security in Peril as 83% of Firms Suffer Incidents (lien direct) | Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000
Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000 |
★★ | ||
|
2024-11-14 09:30:00 | Bank of England U-turns on Vulnerability Disclosure Rules (lien direct) | The UK\'s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities
The UK\'s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities |
Vulnerability | ★★ | |
|
2024-11-13 18:00:00 | Hive0145 Targets Europe with Advanced Strela Stealer Campaigns (lien direct) | Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic
Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic |
Malware | ★★ | |
|
2024-11-13 17:00:00 | AI Threat to Escalate in 2025, Google Cloud Warns (lien direct) | 2025 could see our biggest AI fears materialize, according to a Google Cloud forecast report
2025 could see our biggest AI fears materialize, according to a Google Cloud forecast report |
Threat Cloud | ★★★ | |
|
2024-11-13 16:00:00 | Lazarus Group Uses Extended Attributes for Code Smuggling in macOS (lien direct) | Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection |
Malware | APT 38 | ★★ |
|
2024-11-13 10:30:00 | Amazon MOVEit Leaker Claims to Be Ethical Hacker (lien direct) | An individual who posted data allegedly stolen via MOVEit from Amazon and other big-name firms claims not to be malicious
An individual who posted data allegedly stolen via MOVEit from Amazon and other big-name firms claims not to be malicious |
★★ | ||
|
2024-11-13 09:30:00 | Microsoft Fixes Four More Zero-Days in November Patch Tuesday (lien direct) | Microsoft has addressed four zero-day vulnerabilities this month, two of which have been exploited
Microsoft has addressed four zero-day vulnerabilities this month, two of which have been exploited |
Vulnerability Threat | ★★★ | |
|
2024-11-12 16:30:00 | TA455\\'s Iranian Dream Job Campaign Targets Aerospace with Malware (lien direct) | The TA455 phishing campaign used fake job offers on LinkedIn to deploy malware
The TA455 phishing campaign used fake job offers on LinkedIn to deploy malware |
Malware | ★★★ | |
|
2024-11-12 15:15:00 | Phishing Tool GoIssue Targets Developers on GitHub (lien direct) | New phishing tool GoIssue targets GitHub, enabling mass phishing, and has been linked to the GitLoker extortion campaign
New phishing tool GoIssue targets GitHub, enabling mass phishing, and has been linked to the GitLoker extortion campaign |
Tool | ★★★ | |
|
2024-11-12 15:00:00 | CISOs Turn to Indemnity Insurance as Breach Pressure Mounts (lien direct) | Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases
Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases |
★★★ | ||
|
2024-11-12 14:00:00 | New Citrix Zero-Day Vulnerability Allows Remote Code Execution (lien direct) | watchTowr has found a flaw in Citrix\'s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops
watchTowr has found a flaw in Citrix\'s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops |
Vulnerability Threat | ★★★ | |
|
2024-11-12 13:00:00 | North Korea Hackers Leverage Flutter to Deliver macOS Malware (lien direct) | Jamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware
Jamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware |
Malware | ★★ | |
|
2024-11-12 09:30:00 | Energy Giant Halliburton Reveals $35m Ransomware Loss (lien direct) | Halliburton has reported a $35m loss associated with an August ransomware breach
Halliburton has reported a $35m loss associated with an August ransomware breach |
Ransomware | ★★★ | |
|
2024-11-11 18:00:00 | WEF présente le cadre pour renforcer les partenariats anti-cybercriminaux (lien direct) | Le Forum économique mondial a partagé des recommandations sur la façon de s'appuyer sur le succès des partenariats existants pour accélérer la perturbation des activités cybercriminales
The World Economic Forum has shared recommendations on how to build on the success of existing partnerships to accelerate the disruption of cybercriminal activities |
★★★ | ||
|
2024-11-11 17:15:00 | La nouvelle variante Remcos Rat cible les utilisateurs de Windows via le phishing [La nouvelle variante Remcos Rat cible les utilisateurs de Windows via le phishing ] (lien direct) | La nouvelle variante Remcos Rat identifiée dans une nouvelle campagne de phishing exploite CVE-2017-0199 via des fichiers Excel malveillants
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files |
★★ | ||
|
2024-11-11 16:30:00 | Fichiers Microsoft Visio utilisés dans les attaques de phishing sophistiquées (lien direct) | Les chercheurs ont découvert une augmentation des attaques de phishing en utilisant des fichiers Visio .vsdx pour échapper aux analyses de sécurité
Researchers have uncovered a surge in phishing attacks using Visio .vsdx files to evade security scans |
★★★ | ||
|
2024-11-11 12:30:00 | L\\\\\\\\\\'UE accélère la cyber-résilience avec un exercice de simulation de crise majeure (lien direct) | Cette année, \\\\\\\\\\\\\\\ \ \ \ onex cyber-attaque de Blue Olex a été hébergée en Italie et a bénéficié du nouvel cyclone de l'UE pour la première fois
This year\\\\\\\\\\\\'s Blue OLEx cyber-attack drill was hosted in Italy and benefited from the new EU-CyCLONe for the first time |
★★★ | ||
|
2024-11-11 10:15:00 | Les retraités ont été avertis des textes d\\\\\\\\\\'escroquerie de paiement du carburant hivernal (lien direct) | Le réseau régional de l'unité du crime organisé (ROCU) britannique a exhorté les personnes âgées à être à la recherche de textes d'escroquerie offrant une subvention de carburant hivernal
The UK Regional Organised Crime Unit (ROCU) Network has urged the elderly to be on the lookout for scam texts offering a winter fuel subsidy |
★★★ | ||
|
2024-11-11 09:30:00 | L\\\\\\\\\\'homme obtient 12,5 ans pour courir le mélangeur de cryptographie Bitcoin Fog (lien direct) | La nationale suédoise-russe Roman Sterlingov a été emprisonnée pendant 12 ans et six mois pour opération de mélangeur de crypto-monnaie notoire Bitcoin Fog Bitcoin
Swedish-Russian national Roman Sterlingov has been jailed for 12 years and six months for operating notorious cryptocurrency mixer Bitcoin Fog |
Legislation | ★★★ | |
|
2024-11-08 16:30:00 | Les hacktivistes pro-russes ciblent la Corée du Sud alors que la Corée du Nord rejoint la guerre de l'Ukraine Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War (lien direct) |
La Corée du Sud a averti que des groupes pro-russes avaient attaqué les sites Web du gouvernement et du secteur privé à la suite du déploiement de soldats nord-coréens en Ukraine
South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine |
★★★ | ||
|
2024-11-08 12:00:00 | Le principal fournisseur de champs pétroliers frappé par une attaque de ransomware Major Oilfield Supplier Hit by Ransomware Attack (lien direct) |
International Energy Solution Provider NewPark Resources a confirmé qu'elle avait été frappée par une attaque de ransomware qui a perturbé les systèmes critiques
International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems |
Ransomware | ★★ | |
|
2024-11-08 10:45:00 | L'acteur nord-coréen déploie une nouvelle campagne de logiciels malveillants contre les entreprises cryptographiques North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms (lien direct) |
Sentinellabs a observé le groupe nord-coréen Bluenoroff ciblant les entreprises cryptographiques via une campagne de logiciels malveillants en plusieurs étapes qui utilise un nouveau mécanisme de persistance
SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism |
Malware | ★★ | |
|
2024-11-07 17:15:00 | AndroxGH0st Botnet adopte les charges utiles de Mozi, élargit IoT Reach Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach (lien direct) |
AndroxGH0st Botnet s'est étendu, intégrant les charges utiles de Mozi IoT et ciblant les vulnérabilités du serveur Web
Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities |
Vulnerability | ★★ | |
|
2024-11-07 16:30:00 | Les ransomwares de verrouillage ciblent les secteurs de la santé américaine, de l'informatique et du gouvernement Interlock Ransomware Targets US Healthcare, IT and Government Sectors (lien direct) |
Interlock emploie à la fois des tactiques de «chasse au grand-jeu» et des tactiques à double extorsion contre ses victimes
Interlock employs both “big-game hunting” and double extortion tactics against its victims |
Ransomware Medical | ★★ | |
|
2024-11-07 12:30:00 | Le régulateur britannique demande une protection des données plus forte dans les outils de recrutement d'IA UK Regulator Urges Stronger Data Protection in AI Recruitment Tools (lien direct) |
Un audit de l'ICO des outils de recrutement de l'IA a révélé de nombreux problèmes de confidentialité des données qui peuvent conduire à la discrimination des demandeurs d'emploi et de la confidentialité
An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised |
Tool | ★★★ | |
|
2024-11-07 11:15:00 | Le Canada ordonne la fermeture de la succursale locale de Tiktok sur les problèmes de sécurité Canada Orders Shutdown of Local TikTok Branch Over Security Concerns (lien direct) |
Tiktok Technology Canada, Inc, la filiale du groupe chinois Bytedance, devra cesser ses opérations au Canada
TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada |
★★★★ | ||
|
2024-11-07 10:30:00 | NCSC publie des conseils pour lutter contre la menace de malvertisation NCSC Publishes Tips to Tackle Malvertising Threat (lien direct) |
Le National Cyber Security Center du Royaume-Uni a publié des conseils de malvertisation pour les marques et leurs partenaires publicitaires
The UK\'s National Cyber Security Centre has released malvertising guidance for brands and their ad partners |
Threat | ★★★ | |
|
2024-11-07 09:45:00 | Les salaires de cybersécurité au Royaume-Uni planent au-dessus de l'inflation à mesure que les niveaux de stress augmentent UK Cybersecurity Wages Soar Above Inflation as Stress Levels Rise (lien direct) |
Le rapport CIISEC révèle que le salaire moyen pour les professionnels de la sécurité britannique est maintenant terminé et Pound; 87 000
CIISec report reveals the average wage for UK security professionals is now over £87,000 |
★★★ | ||
|
2024-11-07 09:00:00 | Les défenseurs dépassent les attaquants dans l'adoption de l'IA Defenders Outpace Attackers in AI Adoption (lien direct) |
Robert McArdle de Trend Micro \\ dit que l'utilisation des cybercriminels de l'IA est beaucoup plus limitée que beaucoup ne le réalisent, et les pâtes par rapport aux défenseurs \\ '' utilisation de la technologie
Trend Micro\'s Robert McArdle says cybercriminals use of AI is far more limited than many realize, and pales in comparison to defenders\' use of the technology |
Prediction | ★★ | |
|
2024-11-06 16:30:00 | La cyberattaque sur microlise perturbe les services de suivi DHL et SERCO Cyber-Attack on Microlise Disrupts DHL and Serco Tracking Services (lien direct) |
Une cyberattaque ciblant le fournisseur de télématisation Microlise a perturbé les services de suivi pour des clients clés comme DHL et SERCO
A cyber-attack targeting telematics provider Microlise has disrupted tracking services for key clients like DHL and Serco |
★★★ | ||
|
2024-11-06 15:32:00 | IRISSCON: Les organisations sont toujours victimes de cyberattaques prévisibles IRISSCON: Organizations Still Falling Victim to Predictable Cyber-Attacks (lien direct) |
Les organisations restent non préparées à se défendre contre les attaques connues et prévisibles comme les ransomwares
Organizations remain unprepared to defend against known and predictable attacks like ransomware |
Ransomware | ★★★ | |
|
2024-11-06 14:15:00 | WinOS4.0 MALWWare trouvés dans les applications de jeu, cible les utilisateurs de Windows Winos4.0 Malware Found in Game Apps, Targets Windows Users (lien direct) |
WinOS4.0 Malware, dérivé de GH0Strat, cible les utilisateurs de Windows via des applications liées au jeu, permettant à la télécommande des systèmes affectés
Winos4.0 malware, derived from Gh0strat, targets Windows users via game-related applications, enabling remote control of affected systems |
Malware | ★★ | |
|
2024-11-06 13:30:00 | Un buste massif de la cybercriminalité nigériane voit 130 arrêtés Massive Nigerian Cybercrime Bust Sees 130 Arrested (lien direct) |
La police nigériane a arrêté 113 personnes étrangères et leurs 17 collaborateurs nigérians pour leur implication présumée dans les cybercrimes de haut niveau
The Nigerian police have arrested 113 foreign individuals and their 17 Nigerian collaborators for their alleged involvement in high-level cybercrimes |
Legislation | ★★★ | |
|
2024-11-06 11:00:00 | Google Cloud pour imposer une authentification multifactor d'ici 2025 Google Cloud to Mandate Multifactor Authentication by 2025 (lien direct) |
Google veut assurer une transition en douceur vers le MFA requis sur tous les comptes de cloud Google avec un déploiement progressif en 2025
Google wants to ensure a smooth transition towards required MFA across all Google Cloud accounts with a phased rollout running throughout 2025 |
Cloud | ★★★ | |
|
2024-11-06 10:15:00 | Suspect de piratage de flocons de neige arrêté au Canada Snowflake Hacking Suspect Arrested in Canada (lien direct) |
Un homme soupçonné d'avoir violé des centaines de comptes de flocon de neige a été arrêté
A man suspected of breaching hundreds of Snowflake accounts has been arrested |
★★ | ||
|
2024-11-06 09:45:00 | L'opération mondiale élimine 22 000 IPS malveillants Global Operation Takes Down 22,000 Malicious IPs (lien direct) |
Interpol affirme qu'une opération de police internationale a fermé 22 000 IPS liées à la cybercriminalité
Interpol claims an international policing operation has shuttered 22,000 IPs connected with cybercrime |
★★★ | ||
|
2024-11-05 17:15:00 | ClickFix exploite les utilisateurs avec de fausses erreurs et un code malveillant ClickFix Exploits Users with Fake Errors and Malicious Code (lien direct) |
ClickFix exploite les faux messages d'erreur sur plusieurs plates-formes, telles que Google Meet et Zoom
ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom |
★★ | ||
|
2024-11-05 16:30:00 | ToxicPanda Malware cible les applications bancaires sur les appareils Android ToxicPanda Malware Targets Banking Apps on Android Devices (lien direct) |
ToxicPanda Malware cible les applications bancaires sur Android, se propageant à l'Italie, au Portugal et en Espagne
ToxicPanda malware targets banking apps on Android, spreading through Italy, Portugal and Spain |
Malware Mobile | ★★★ | |
|
2024-11-05 14:00:00 | Les électeurs américains ont demandé à utiliser des sources officielles pour les informations électorales US Voters Urged to Use Official Sources for Election Information (lien direct) |
Un avis conjoint du gouvernement américain a mis en garde contre l'augmentation des efforts d'influence étrangère conçus pour saper la légitimité de l'élection présidentielle
A joint US government advisory warned about increasing foreign influence efforts designed to undermine the legitimacy of the Presidential Election |
★★ | ||
|
2024-11-05 11:30:00 | Les pirates pakistanais ciblaient des entités indiennes de haut niveau utilisant un rat personnalisé Pakistani Hackers Targeted High-Profile Indian Entities using Custom RAT (lien direct) |
APT36 a évolué son cheval de Troie à distance à distance, Elizarat, ainsi que l'introduction d'une nouvelle charge utile de voleur appelé Apolostealer
APT36 evolved its remote access trojan, ElizaRAT, along with introducing a new stealer payload called ApoloStealer |
APT 36 | ★★ | |
|
2024-11-05 10:15:00 | Les fans d'Oasis perdent jusqu'à & livre; 1000 chacun pour les escrocs de billets Oasis Fans Losing Up to £1000 Each to Ticket Scammers (lien direct) |
La Lloyds Bank a révélé que les fans d'Oasis comprennent la grande majorité des victimes d'escroquerie avec lesquelles il traite
Lloyds Bank has revealed that Oasis fans comprise the vast majority of ticket scam victims it deals with |
★★ | ||
|
2024-11-05 09:30:00 | Les friteuses chinoises peuvent espionner les consommateurs, lesquels?Avertissements Chinese Air Fryers May Be Spying on Consumers, Which? Warns (lien direct) |
A qui?Le rapport décrit de graves problèmes de confidentialité avec les produits de dispositif intelligent, y compris les frites à air
A Which? report outlines serious privacy concerns with smart device products including air fryers |
★★★ |
To see everything:
Our RSS (filtrered)
