What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-06 12:52:48 | Marriott confirms data breach and a failed extortion attempt (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 10:47:32 | US govt warns of Maui ransomware attacks against healthcare orgs (lien direct) | The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. [...] | Ransomware Threat | ||
|
2022-07-05 18:20:47 | New RedAlert Ransomware targets Windows, Linux VMware ESXi servers (lien direct) | A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. [...] | Ransomware | ||
|
2022-07-05 13:55:21 | NPM supply-chain attack impacts hundreds of websites and apps (lien direct) | An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise thousands of downstream desktop apps and websites. [...] | |||
|
2022-07-04 13:56:49 | Google patches new Chrome zero-day flaw exploited in attacks (lien direct) | Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022. [...] | Vulnerability | ||
|
2022-07-03 10:09:00 | Microsoft Defender adds network protection for Android, iOS devices (lien direct) | Microsoft has announced the introduction of a new Microsoft Defender for Endpoint (MDE) feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks. [...] | |||
|
2022-07-02 11:36:48 | Rogue HackerOne employee steals bug reports to sell on the side (lien direct) | A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. [...] | Vulnerability | ||
|
2022-07-01 15:35:53 | The Week in Ransomware - July 1st 2022 - Bug Bounties (lien direct) | It has been relatively busy this week with new ransomware attacks unveiled, a bug bounty program introduced, and new tactics used by the threat actors to distribute their encryptors. [...] | Ransomware Threat | ||
|
2022-06-30 19:05:11 | Toll fraud malware disables your WiFi to force premium subscriptions (lien direct) | Microsoft is warning that toll fraud malware is one of the most prevalent threats on Android and that it is evolving with features that allow automatic subscription to premium services. [...] | Malware Threat | ||
|
2022-06-30 14:04:11 | Macmillan shuts down systems after likely ransomware attack (lien direct) | Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. [...] | Ransomware | ||
|
2022-06-30 12:59:02 | Microsoft Exchange servers worldwide backdoored with new malware (lien direct) | A newly discovered lightweight and persistent malware was used by attackers to backdoor Microsoft Exchange servers belonging to government and military organizations from Europe, the Middle East, Asia, and Africa. [...] | Malware | ||
|
2022-06-30 10:57:51 | Ukraine targeted by almost 800 cyberattacks since the war started (lien direct) | Ukrainian government and private sector organizations have been the target of 796 cyberattacks since the start of the war on February 24, 2022, when Russia invaded Ukraine. [...] | |||
|
2022-06-30 10:31:59 | Russian hacktivists take down Norway govt sites in DDoS attacks (lien direct) | Norway's National Security Authority (NSM) published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service (DDoS) attacks. [...] | |||
|
2022-06-30 09:00:00 | XFiles info-stealing malware adds support for Follina delivery (lien direct) | The XFiles info-stealer malware has added a delivery module that exploits CVE-2022-30190, aka Follina, for dropping the payload on target computers. [...] | Malware | ||
|
2022-06-30 08:19:10 | Google blocked dozens of domains used by hack-for-hire groups (lien direct) | Google's Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide. [...] | Threat | ||
|
2022-06-30 08:12:24 | AstraLocker 2.0 infects users directly from Word attachments (lien direct) | A lesser-known ransomware strain called AstraLocker has recently released its second major version, and according to threat analysts, its operators engage in rapid attacks that drop its payload directly from email attachments. [...] | Ransomware Threat | ||
|
2022-06-30 06:05:16 | OpenSea discloses data breach, warns users of phishing attacks (lien direct) | OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a data breach on Wednesday and warned users of potential phishing attacks targeting them in the coming days. [...] | Data Breach | ||
|
2022-06-29 17:23:36 | Walmart denies being hit by Yanluowang ransomware attack (lien direct) | American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. [...] | Ransomware | ||
|
2022-06-29 14:44:56 | Avaya sysadmin indicted for illegally generating, selling VoIP licenses (lien direct) | Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering. [...] | |||
|
2022-06-29 13:53:15 | New YTStealer malware steals accounts from YouTube Creators (lien direct) | A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack their channels. [...] | Malware | ||
|
2022-06-29 12:30:00 | CISA warns of hackers exploiting PwnKit Linux vulnerability (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild. [...] | Vulnerability | ||
|
2022-06-29 12:00:19 | Thunderbird 102 released with highly anticipated features, bug fixes (lien direct) | Mozilla has announced the release of Thunderbird 102, one of the world's most popular open-source email clients with an estimated userbase of over 25 million. [...] | |||
|
2022-06-29 11:27:21 | Ukraine arrests cybercrime gang operating over 400 phishing sites (lien direct) | The Ukrainian cyberpolice force arrested nine members of a criminal group that operated over 400 phishing websites crafted to appear like legitimate EU portals offering financial assistance to Ukrainians. [...] | |||
|
2022-06-29 09:06:36 | CISA warns orgs to switch to Exchange Online Modern Auth until October (lien direct) | CISA has urged government agencies and private sector organizations using Microsoft's Exchange cloud email platform to expedite the switch from Basic Authentication legacy authentication methods without multifactor authentication (MFA) support to Modern Authentication alternatives. [...] | ★★★★★ | ||
|
2022-06-29 08:30:00 | Google Workspace now alerts of critical changes to admin accounts (lien direct) | Google Workspace (formerly G Suite) has been updated to notify admins of highly sensitive changes to configurations, including those made to single sign-on (SSO) profiles and admin accounts. [...] | |||
|
2022-06-29 07:00:00 | Amazon fixes high-severity vulnerability in Android Photos app (lien direct) | Amazon has confirmed and fixed a vulnerability in its Photos app for Android, which has been downloaded over 50 million times on the Google Play Store. [...] | Vulnerability | ||
|
2022-06-29 06:48:22 | (Déjà vu) Microsoft Azure FabricScape bug let hackers hijack Linux clusters (lien direct) | Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Threat | ||
|
2022-06-29 06:48:22 | Microsoft fixes bug that let hackers hijack Azure Linux clusters (lien direct) | Microsoft has fixed a container escape vulnerability in the Service Fabric (SF) application hosting platform that would allow threat actors to escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Vulnerability Threat | ||
|
2022-06-28 18:37:49 | Windows 10 KB5014666 update brings new printing features, bug fixes (lien direct) | Microsoft has released the optional KB5014666 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. [...] | |||
|
2022-06-28 17:49:21 | Evilnum hackers return in new operation targeting migration orgs (lien direct) | The Evilnum hacking group is showing renewed signs of malicious activity, targeting European organizations that are involved in international migration. [...] | |||
|
2022-06-28 17:11:01 | New Firefox privacy feature strips URLs of tracking parameters (lien direct) | Mozilla Firefox 102 was released today with a new privacy feature that strips parameters from URLs that are used to track you around the web. [...] | |||
|
2022-06-28 16:10:41 | Microsoft 365 now prevents data leaks with new session timeouts (lien direct) | Microsoft announced today the general availability of tenant-wide idle session timeout for Microsoft 365 web apps to protect confidential data on shared or non-company devices left unattended. [...] | |||
|
2022-06-28 13:18:14 | AMD investigates RansomHouse hack claims, theft of 450GB data (lien direct) | Chip manufacturer AMD says they are investigating a cyberattack after threat actors claimed to have stolen 450 GB of data from the company last year. [...] | Hack Threat | ||
|
2022-06-28 12:29:07 | MITRE shares this year\'s list of most dangerous software bugs (lien direct) | MITRE shared this year's list of the top 25 most common and dangerous weaknesses impacting software throughout the previous two calendar years. [...] | |||
|
2022-06-28 11:33:09 | New ZuoRAT malware targets SOHO routers in North America, Europe (lien direct) | A newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT has been used to target remote workers via small office/home office (SOHO) routers across North America and Europe undetected since 2020. [...] | Malware | ||
|
2022-06-28 10:41:53 | FBI: Stolen PII and deepfakes used to apply for remote tech jobs (lien direct) | The Federal Bureau of Investigation (FBI) warns of an increase in complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions. [...] | |||
|
2022-06-28 10:02:01 | Breaking Down the Zola Hack and Why Password Reuse is so Dangerous (lien direct) | In May of 2022, the wedding planning and registry site Zola suffered a major security breach due to a credential stuffing attack. due to password reuse. Here's what happened and what could have been done to prevent the attack. [...] | Hack | ||
|
2022-06-28 09:39:28 | Raccoon Stealer is back with a new version to steal your passwords (lien direct) | The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. [...] | Malware | ||
|
2022-06-28 09:00:00 | (Déjà vu) Malicious Messenger chatbots used to steal Facebook accounts (lien direct) | A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. [...] | |||
|
2022-06-28 09:00:00 | Messenger chatbots now used to steal Facebook accounts (lien direct) | A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. [...] | |||
|
2022-06-28 06:39:23 | Over 900,000 Kubernetes instances found exposed online (lien direct) | Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. [...] | Uber | ||
|
2022-06-27 15:44:22 | Bank of the West found debit card-stealing skimmers on ATMs (lien direct) | The Bank of the West is warning customers that their debit card numbers and PINs have been stolen by skimmers installed on several of the bank's ATMs. [...] | |||
|
2022-06-27 14:30:15 | Android malware \'Revive\' impersonates BBVA bank\'s 2FA app (lien direct) | A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. [...] | Malware | ||
|
2022-06-27 14:00:18 | (Déjà vu) US, Brazil seize 272 websites used to illegally download music (lien direct) | The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] | |||
|
2022-06-27 14:00:18 | US seizes websites used to illegally download and stream music (lien direct) | The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] | |||
|
2022-06-27 12:40:00 | Microsoft will fix Windows RRAS, VPN issues for all users in July (lien direct) | Microsoft has finally confirmed Internet connectivity issues affecting servers with Routing and Remote Access Service (RRAS) enabled after installing Windows updates released as part of this month's Patch Tuesday. [...] | |||
|
2022-06-27 12:31:49 | Vice Society claims ransomware attack on Med. University of Innsbruck (lien direct) | The Vice Society ransomware gang has claimed responsibility for last week's cyberattack against the Medical University of Innsbruck, which caused severe IT service disruption and the alleged theft of data. [...] | Ransomware | ||
|
2022-06-27 11:39:17 | Microsoft Exchange bug abused to hack building automation systems (lien direct) | A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. [...] | Hack Threat | ||
|
2022-06-27 11:09:44 | LockBit 3.0 introduces the first ransomware bug bounty program (lien direct) | The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. [...] | Ransomware | ||
|
2022-06-27 10:08:37 | Microsoft: Recent Windows updates caused Edge freeze issues (lien direct) | Microsoft says it addressed a known issue that was causing all Microsoft Edge tabs running IE mode to stop responding if one of the opened sites displayed a modal dialog box after issuing a window.focus call. [...] |
To see everything:
Our RSS (filtrered)
