What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-07 10:40:53 | 200,000 North Face accounts hacked in credential stuffing attack (lien direct) | Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website. [...] | |||
|
2022-09-07 10:18:39 | New Iranian hacking group APT42 deploys custom Android spyware (lien direct) | A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest. [...] | Malware | APT 42 | |
|
2022-09-07 07:00:00 | Google says former Conti ransomware members now attack Ukraine (lien direct) | Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). [...] | Ransomware Threat | ||
|
2022-09-06 16:40:11 | Moobot botnet is coming for your unpatched D-Link router (lien direct) | The Mirai malware botnet variant known as 'MooBot' has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits. [...] | Malware | ||
|
2022-09-06 15:53:09 | Minecraft is hackers\' favorite game title for hiding malware (lien direct) | Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware. [...] | Malware | ||
|
2022-09-06 11:34:48 | New Linux malware evades detection using multi-stage deployment (lien direct) | A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads. [...] | Malware | ||
|
2022-09-06 07:41:11 | Second largest U.S. school district LAUSD hit by ransomware (lien direct) | Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend. [...] | Ransomware | ||
|
2022-09-05 09:52:03 | (Déjà vu) TikTok denies security breach after hackers leak user data, source code (lien direct) | TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "completely unrelated" to the company. [...] | |||
|
2022-09-05 09:52:03 | TikTok denies hack following leak of user data, source code (lien direct) | TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "completely unrelated" to the company. [...] | Hack | ||
|
2022-09-04 10:07:14 | SharkBot malware sneaks back on Google Play to steal your logins (lien direct) | A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. [...] | Malware | ||
|
2022-09-03 16:39:41 | IRS data leak exposes personal info of 120,000 taxpayers (lien direct) | The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns. [...] | |||
|
2022-09-03 10:12:14 | Malware dev open-sources CodeRAT after being exposed (lien direct) | The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool. [...] | Malware | ||
|
2022-09-02 16:05:55 | BlackCat ransomware claims attack on Italian energy agency (lien direct) | The BlackCat/ALPHV ransomware gang claimed responsibility for an attack that hit the systems of Italy's energy agency Gestore dei Servizi Energetici SpA (GSE) over the weekend. [...] | Ransomware | ||
|
2022-09-02 14:47:17 | Dev backdoors own malware to steal data from other hackers (lien direct) | Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. [...] | Malware | ||
|
2022-09-02 13:23:29 | Samsung discloses data breach after July hack (lien direct) | Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. [...] | Data Breach Hack | ||
|
2022-09-02 12:25:17 | Hive ransomware hits Damart clothing store with $2 million ransom (lien direct) | Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang. [...] | Ransomware | ||
|
2022-09-02 09:12:27 | San Francisco 49ers: Blackbyte ransomware gang stole info of 20K people (lien direct) | NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year. [...] | Ransomware | ||
|
2022-09-01 09:00:00 | Thousands lured with blue badges in Instagram phishing attack (lien direct) | A new Instagram phishing campaign is underway, attempting to scam users of the popular social media platform by luring them with a blue-badge offer. [...] | ★★★★★ | ||
|
2022-09-01 07:14:28 | Neopets says hackers had access to its systems for 18 months (lien direct) | Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members. [...] | Data Breach | ||
|
2022-08-31 13:01:07 | Ragnar Locker ransomware claims attack on Portugal\'s flag airline (lien direct) | The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal, disclosed by the airline last Friday. [...] | Ransomware | ||
|
2022-08-31 12:00:00 | Microsoft found TikTok Android flaw that let hackers hijack accounts (lien direct) | Microsoft found and reported a high severity flaw in the TikTok Android app in February that allowed attackers to "quickly and quietly" take over accounts with one click by tricking targets into clicking a specially crafted malicious link. [...] | |||
|
2022-08-30 18:08:01 | Hackers hide malware in James Webb telescope images (lien direct) | Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [...] | Malware Threat | ||
|
2022-08-30 16:15:18 | Russian streaming platform confirms data breach affecting 7.5M users (lien direct) | Russian media streaming platform 'START' (start.ru) has confirmed rumors of a data breach impacting millions of users. [...] | Data Breach | ||
|
2022-08-30 13:26:40 | Chinese hackers target Australian govt with ScanBox malware (lien direct) | China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...] | Malware Threat | ||
|
2022-08-30 07:00:00 | Google launches open-source software bug bounty program (lien direct) | Google will now pay security researchers to find and report bugs in the latest versions of Google-released open-source software (Google OSS). [...] | |||
|
2022-08-29 14:16:46 | Nelnet Servicing breach exposes data of 2.5M student loan accounts (lien direct) | Nelnet Serving, a Nebraska-based student loan technology services provider, has been breached by unauthorized network intruders who exploited a vulnerability in its systems. [...] | Vulnerability | ||
|
2022-08-29 13:19:02 | Windows malware delays coinminer install by a month to evade detection (lien direct) | A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries. [...] | Malware | ||
|
2022-08-28 13:15:05 | (Déjà vu) Okta one-time MFA passcodes exposed in Twilio cyberattack (lien direct) | The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company. [...] | Hack Threat | ||
|
2022-08-28 13:15:05 | Twilio breach let hackers see Okta\'s one-time MFA passwords (lien direct) | The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company. [...] | Hack Threat | ||
|
2022-08-27 11:14:07 | Fake \'Cthulhu World\' P2E project used to push info-stealing malware (lien direct) | Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims. [...] | Malware | ||
|
2022-08-26 16:32:59 | The Week in Ransomware - August 26th 2022 - Fighting back (lien direct) | We saw a bit of ransomware drama this week, mostly centered around LockBit, who saw their data leak sites taken down by a DDoS attack after they started leaking the allegedly stolen Entrust data. [...] | Ransomware | ||
|
2022-08-26 15:30:34 | (Déjà vu) DoorDash discloses new data breach tied to Twilio hackers (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach | ★★★★ | |
|
2022-08-26 15:30:34 | DoorDash discloses new data breach tied to Twilio hack (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach Hack | ||
|
2022-08-26 12:20:04 | Twilio breach let hackers gain access to Authy 2FA accounts (lien direct) | Twilio's investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices. [...] | |||
|
2022-08-25 18:33:35 | How \'Kimsuky\' hackers ensure their malware only reach valid targets (lien direct) | The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers. [...] | Malware Threat | ||
|
2022-08-25 16:59:05 | LastPass developer systems hacked to steal source code (lien direct) | Password management firm LastPass was hacked last week, allowing threat actors to steal the company's source code and proprietary technical information. [...] | Threat | LastPass | |
|
2022-08-25 12:36:49 | Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows (lien direct) | Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. [...] | Malware | APT 29 | ★★★ |
|
2022-08-25 10:53:16 | Twilio hackers hit over 130 orgs in massive Okta phishing attack (lien direct) | Threat analysts have discovered the phishing kit responsible for thousands of attacks against 136 high-profile organizations that have compromised 9,931 accounts. [...] | Threat | ||
|
2022-08-25 07:18:40 | PyPI packages hijacked after developers fall for phishing emails (lien direct) | A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email. [...] | Malware | ||
|
2022-08-24 17:39:20 | Quantum ransomware attack disrupts govt agency in Dominican Republic (lien direct) | The Dominican Republic's Instituto Agrario Dominicano has suffered a Quantum ransomware attack that encrypted multiple services and workstations throughout the government agency. [...] | Ransomware | ||
|
2022-08-24 12:36:33 | RansomEXX claims ransomware attack on Sea-Doo, Ski-Doo maker (lien direct) | The RansomEXX ransomware gang is claiming responsibility for the cyberattack against Bombardier Recreational Products (BRP), disclosed by the company on August 8, 2022. [...] | Ransomware | ||
|
2022-08-24 11:53:36 | Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams (lien direct) | A new business email compromise (BEC) campaign has been discovered combining sophisticated spear-phishing with Adversary-in-The-Middle (AiTM) tactics to hack corporate executives' Microsoft 365 accounts, even those protected by MFA. [...] | Hack | ||
|
2022-08-24 07:49:00 | (Déjà vu) Plex warns users to reset passwords after a data breach (lien direct) | The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...] | Data Breach | ||
|
2022-08-24 07:49:00 | Plex forces password resets after database access incident (lien direct) | The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...] | |||
|
2022-08-23 18:02:04 | Pirated 3DMark benchmark tool delivering info-stealer malware (lien direct) | Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software. [...] | Malware Tool | ||
|
2022-08-23 07:28:37 | ETHERLED: Air-gapped systems leak data via network card LEDs (lien direct) | Israeli researcher Mordechai Guri has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards. Dubbed 'ETHERLED', the method turns the blinking lights into Morse code signals that can be decoded by an attacker. [...] | |||
|
2022-08-22 14:16:51 | Misconfigured Meta Pixel exposed healthcare data of 1.3M patients (lien direct) | U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script. [...] | Data Breach | ||
|
2022-08-22 11:35:43 | Greek natural gas operator suffers ransomware-related data breach (lien direct) | Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. [...] | Data Breach | ||
|
2022-08-22 10:39:53 | LockBit ransomware blames Entrust for DDoS attacks on leak sites (lien direct) | The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. [...] | Ransomware | ||
|
2022-08-21 12:27:34 | An encrypted ZIP file can have two correct passwords - here\'s why (lien direct) | Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction? [...] | Malware |
To see everything:
Our RSS (filtrered)
