What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-16 14:05:30 | Ukraine supporters in Germany targeted with PowerShell RAT malware (lien direct) | An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT (remote access trojan) and stealing their data. [...] | Malware Threat | ||
|
2022-05-13 16:58:23 | The Week in Ransomware - May 13th 2022 - A National Emergency (lien direct) | While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...] | Ransomware Malware Threat | ||
|
2022-05-12 17:30:15 | Iranian hackers exposed in a highly targeted espionage campaign (lien direct) | Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. [...] | Threat | APT 34 | |
|
2022-05-12 15:18:45 | Eternity malware kit offers stealer, miner, worm, ransomware tools (lien direct) | Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...] | Ransomware Malware Threat | ||
|
2022-05-12 14:13:52 | Zyxel fixes firewall flaws that could lead to hacked networks (lien direct) | Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...] | Vulnerability Threat | ||
|
2022-02-14 18:34:11 | Google Chrome emergency update fixes zero-day exploited in attacks (lien direct) | Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. [...] | Vulnerability Threat | ||
|
2022-02-10 15:02:17 | Hacking group \'ModifiedElephant\' evaded discovery for a decade (lien direct) | Threat analysts have linked a decade of activity to an APT (advanced persistent threat) actor called 'ModifiedElephant', who has managed to remain elusive to all threat intelligence firms since 2012. [...] | Threat | ||
|
2022-02-09 07:58:50 | Fake Windows 11 upgrade installers infect you with RedLine malware (lien direct) | Threat actors have started distributing fake Windows 11 upgrade installers to users of Windows 10, tricking them into downloading and executing RedLine stealer malware. [...] | Malware Threat | ||
|
2022-02-07 12:05:03 | Google Cloud hypervisor modified to detect cryptominers without agents (lien direct) | Google has announced the public preview of a new Virtual Machine Threat Detection (VMTD) system that can detect cryptocurrency miners and other malware without the need for software agents. [...] | Malware Threat | ||
|
2022-02-06 10:17:34 | Law enforcement action push ransomware gangs to surgical attacks (lien direct) | The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [...] | Ransomware Threat Guideline | ||
|
2022-02-04 19:15:26 | The Week in Ransomware - February 4th 2022 - Critical Infrastructure (lien direct) | Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks. [...] | Ransomware Threat | ||
|
2022-02-04 11:01:14 | HHS: Conti ransomware encrypted 80% of Ireland\'s HSE IT systems (lien direct) | A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack. [...] | Ransomware Threat | ||
|
2022-02-02 11:29:36 | Microsoft Sentinel adds threat monitoring for GitHub repos (lien direct) | Microsoft says its cloud-native SIEM (Security Information and Event Management) platform now allows to detect potential ransomware activity using the Fusion machine learning model. [...] | Threat | ||
|
2022-02-02 11:02:58 | Business services provider Morley discloses ransomware incident (lien direct) | Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [...] | Ransomware Data Breach Threat | ||
|
2022-02-01 14:21:47 | Microsoft Defender now detects Android and iOS vulnerabilities (lien direct) | Microsoft says threat and vulnerability management support for Android and iOS has reached general availability in Microsoft Defender for Endpoint, the company's enterprise endpoint security platform. [...] | Vulnerability Threat | ★★★★ | |
|
2022-01-31 18:27:27 | FBI warns of 2022 Beijing Olympics cyberattack, privacy risks (lien direct) | The Federal Bureau of Investigation (FBI) warned today that threat actors could potentially target the February 2022 Beijing Winter Olympics and March 2022 Paralympics. However, evidence of such attacks being planned is yet to be uncovered. [...] | Threat | ||
|
2022-01-31 10:40:46 | 277,000 routers exposed to Eternal Silence attacks via UPnP (lien direct) | A malicious campaign known as 'Eternal Silence' is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors. [...] | Threat | ||
|
2022-01-28 09:29:31 | Hackers are taking over CEO accounts with rogue OAuth apps (lien direct) | Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. [...] | Threat | ||
|
2022-01-27 13:11:58 | Microsoft warns of multi-stage phishing campaign leveraging Azure AD (lien direct) | Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. [...] | Threat | ★★★ | |
|
2022-01-25 11:31:34 | Google Drive now warns you of suspicious phishing, malware docs (lien direct) | Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks. [...] | Malware Threat | ||
|
2022-01-25 09:59:33 | Segway store hacked to steal customers\' credit cards (lien direct) | Segway's online store was compromised to include a malicious Magecart script that potentially allowed threat actors to steal credit cards and customer information during checkout. [...] | Threat | ||
|
2022-01-19 17:32:23 | Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks (lien direct) | SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network. [...] | Vulnerability Threat | ||
|
2022-01-19 16:25:11 | Marketing giant RRD confirms data theft in Conti ransomware attack (lien direct) | RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack. [...] | Ransomware Threat | ||
|
2022-01-15 11:20:00 | Qlocker ransomware returns to target QNAP NAS devices worldwide (lien direct) | Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide. [...] | Ransomware Threat | ||
|
2022-01-14 14:04:10 | (Déjà vu) White House reminds tech giants open source is a national security issue (lien direct) | The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks. [...] | Threat | ||
|
2022-01-13 15:14:32 | BlueNoroff hackers steal crypto using fake MetaMask extension (lien direct) | The North Korean threat actor group known as 'BlueNoroff' has been spotted targeting cryptocurrency startups with malicious documents and fake MetaMask browser extensions. [...] | Threat | ||
|
2022-01-13 13:08:36 | Microsoft Defender weakness lets hackers bypass malware detection (lien direct) | Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. [...] | Malware Threat | ||
|
2022-01-12 11:36:26 | TellYouThePass ransomware returns as a cross-platform Golang threat (lien direct) | TellYouThePass ransomware has re-emerged as a Golang-compiled malware, making it easier to target major platforms beyond Windows, like macOS and Linux. [...] | Ransomware Threat | ||
|
2022-01-10 12:39:58 | Microsoft: powerdir bug gives access to protected macOS user data (lien direct) | Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology to access users' protected data. [...] | Vulnerability Threat | ||
|
2022-01-07 09:29:26 | NHS warns of hackers exploiting Log4Shell in VMware Horizon (lien direct) | UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. [...] | Threat | ||
|
2022-01-06 09:00:00 | Google Docs commenting feature exploited for spear-phishing (lien direct) | A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [...] | Threat | ||
|
2021-12-23 12:47:14 | AvosLocker ransomware reboots in Safe Mode to bypass security tools (lien direct) | Recent AvosLocker ransomware attacks are characterized by a focus on disabling endpoint security solutions that stand in the way of threat actors. [...] | Ransomware Threat | ||
|
2021-12-21 17:37:20 | PYSA ransomware behind most double extortion attacks in November (lien direct) | Security analysts from NCC Group report that ransomware attacks in November 2021 increased over the past month, with double-extortion continuing to be a powerful tool in threat actors' arsenal. [...] | Ransomware Tool Threat | ||
|
2021-12-20 11:33:11 | Log4j vulnerability now used to install Dridex banking malware (lien direct) | Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] | Malware Vulnerability Threat | ||
|
2021-12-20 06:00:00 | Phishing attacks impersonate Pfizer in fake requests for quotation (lien direct) | Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. [...] | Threat | ||
|
2021-12-17 18:37:23 | The Week in Ransomware - December 17th 2021 - Enter Log4j (lien direct) | A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...] | Ransomware Vulnerability Threat | ||
|
2021-12-17 15:25:06 | TellYouThePass ransomware revived in Linux, Windows Log4j attacks (lien direct) | Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. [...] | Ransomware Threat | ||
|
2021-12-17 14:06:08 | Credit card info of 1.8 million people stolen from sports gear sites (lien direct) | Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers. [...] | Threat | ||
|
2021-12-17 13:32:30 | CISA urges VMware admins to patch critical flaw in Workspace ONE UEM (lien direct) | CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [...] | Vulnerability Threat | ||
|
2021-12-16 16:12:45 | Log4j attackers switch to injecting Monero miners via RMI (lien direct) | Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. [...] | Vulnerability Threat | ||
|
2021-12-16 13:39:13 | Google Calendar now lets you block invitation phishing attempts (lien direct) | Google now makes it easy to block unwanted calendar invitations, commonly used by threat actors in phishing and malicious campaigns, from being added to your Google Calendar. [...] | Threat | ||
|
2021-12-15 12:32:55 | State-sponsored hackers abuse Slack API to steal airline data (lien direct) | A suspected Iranian state-supported threat actor is deploying a newly discovered backdoor named 'Aclip' that abuses the Slack API for covert communications. [...] | Threat | ||
|
2021-12-15 10:28:32 | Sites hacked with credit card stealers undetected for months (lien direct) | Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers. [...] | Threat | ||
|
2021-12-14 12:16:08 | Hackers steal Microsoft Exchange credentials using IIS module (lien direct) | Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. [...] | Threat | ||
|
2021-12-12 18:07:20 | Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) | Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] | Malware Vulnerability Threat | ||
|
2021-12-07 18:21:46 | Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) | In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] | Ransomware Malware Threat | ||
|
2021-12-04 12:06:12 | Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) | Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] | Malware Threat | ||
|
2021-12-03 12:40:10 | Fake support agents call victims to install Android banking malware (lien direct) | The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] | Malware Threat | ||
|
2021-11-29 09:40:21 | Panasonic discloses data breach after network hack (lien direct) | Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained access to servers on its network this month. [...] | Data Breach Hack Threat | ||
|
2021-11-26 15:41:42 | IKEA email systems hit by ongoing cyberattack (lien direct) | IKEA is battling an ongoing cyberattack where threat actors are targeting employees in internal phishing attacks using stolen reply-chain emails. [...] | Threat |
To see everything:
Our RSS (filtrered)
