What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-02 12:54:24 | Intel unveils Circuit Breaker bug bounty expansion for elite hackers (lien direct) | Intel says its engineers are partnering with security researchers to hunt for vulnerabilities in firmware, GPUs, hypervisors, chipsets, and other products in a new expansion to its bug bounty program. [...] | |||
|
2022-02-02 11:49:49 | KP Snacks giant hit by Conti ransomware, deliveries disrupted (lien direct) | KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets. [...] | Ransomware Guideline | ★★★★ | |
|
2022-02-02 11:29:36 | Microsoft Sentinel adds threat monitoring for GitHub repos (lien direct) | Microsoft says its cloud-native SIEM (Security Information and Event Management) platform now allows to detect potential ransomware activity using the Fusion machine learning model. [...] | Threat | ||
|
2022-02-02 11:02:58 | Business services provider Morley discloses ransomware incident (lien direct) | Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [...] | Ransomware Data Breach Threat | ||
|
2022-02-02 09:46:34 | SEO poisoning pushes malware-laced Zoom, TeamViewer, Visual Studio installers (lien direct) | A new SEO poisoning campaign is underway, dropping the Batloader and Atera Agent malware onto the systems of targeted professionals searching for productivity tool downloads, such as Zoom, TeamViewer, and Visual Studio. [...] | Malware Tool | ||
|
2022-02-02 06:17:31 | UEFI firmware vulnerabilities affect at least 25 computer vendors (lien direct) | Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, and Acer. [...] | |||
|
2022-02-01 17:14:31 | FBI warns of fake job postings used to steal money, personal info (lien direct) | Scammers are trying to steal job seekers' money and personal information through phishing campaigns using fake advertisements posted on recruitment platforms. [...] | |||
|
2022-02-01 16:59:18 | Malicious CSV text files used to install BazarBackdoor malware (lien direct) | A new phishing campaign is using specially crafted CSV text files to infect users' devices with the BazarBackdoor malware. [...] | Malware | ||
|
2022-02-01 15:56:21 | Cloudflare launches a paid public bug bounty program (lien direct) | [...] | |||
|
2022-02-01 14:21:47 | Microsoft Defender now detects Android and iOS vulnerabilities (lien direct) | Microsoft says threat and vulnerability management support for Android and iOS has reached general availability in Microsoft Defender for Endpoint, the company's enterprise endpoint security platform. [...] | Vulnerability Threat | ★★★★ | |
|
2022-02-01 14:00:00 | Cyberspies linked to Memento ransomware use new PowerShell malware (lien direct) | An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called PowerLess and developed using PowerShell. [...] | Ransomware Malware Conference | APT 35 APT 35 | |
|
2022-02-01 13:41:04 | Powerful new Oski variant \'Mars Stealer\' grabbing 2FAs and crypto (lien direct) | A new and powerful malware named 'Mars Stealer' has appeared in the wild, and appears to be a redesign of the Oski malware that shut down development abruptly in the summer of 2020. [...] | Malware | ||
|
2022-02-01 08:24:00 | British Council exposed more than 100,000 files with student records (lien direct) | More than 100,000 files with student records belonging to British Council were found exposed online. An unsecured Microsoft Azure blob found on the internet by cybersecurity firm revealed student IDs, names, usernames and email addresses, and other personal information. [...] | |||
|
2022-02-01 07:27:33 | German petrol supply firm Oiltanking paralyzed by cyber attack (lien direct) | Oiltanking GmbH, a German petrol distributor who supplies Shell gas stations in the country, has fallen victim to a cyberattack that severely impacted its operations. [...] | |||
|
2022-02-01 05:27:49 | (Déjà vu) Telco fined €9 million for hiding cyberattack impact to customers (lien direct) | The Greek data protection supervisory authority has imposed fines of 5,850,000 EUR ($6.55 million) to COSMOTE and 3,250,000 EUR ($3.65 million) to OTE, for leaking sensitive customer communication data due to insufficient security measures. [...] | |||
|
2022-02-01 05:23:14 | Telco fined €9 million for hiding cyberattack impact from customers (lien direct) | The Greek data protection supervisory authority has imposed fines of 5,850,000 EUR ($6.55 million) to COSMOTE and 3,250,000 EUR ($3.65 million) to OTE, for leaking sensitive customer communication data due to insufficient security measures. [...] | |||
|
2022-02-01 02:30:00 | (Déjà vu) MuddyWater hacking group targets Turkey in new campaign (lien direct) | The Iranian-backed MuddyWater hacking group is conducting a new malicious campaign targeting private Turkish organizations and governmental institutions. [...] | |||
|
2022-01-31 18:27:27 | FBI warns of 2022 Beijing Olympics cyberattack, privacy risks (lien direct) | The Federal Bureau of Investigation (FBI) warned today that threat actors could potentially target the February 2022 Beijing Winter Olympics and March 2022 Paralympics. However, evidence of such attacks being planned is yet to be uncovered. [...] | Threat | ||
|
2022-01-31 17:49:42 | Microsoft PowerToys adds Mouse and File Explorer utilities (lien direct) | Microsoft has updated PowerToys with three new utilities, including a new mouse crosshair tool to quickly find the pointer on the screen and two new File Explorer add-ons. [...] | Tool | ||
|
2022-01-31 16:15:12 | Samba bug can let remote attackers execute code as root (lien direct) | Samba has addressed a critical severity vulnerability that can let attackers gain remote code execution with root privileges on servers running vulnerable software. [...] | Vulnerability | ||
|
2022-01-31 15:35:52 | 600K WordPress sites impacted by critical plugin RCE vulnerability (lien direct) | Essential Addons for Elementor, a popular WordPress plugin used in over a million sites, has been found to have a critical remote code execution (RCE) vulnerability in version 5.0.4 and older. [...] | Vulnerability | ||
|
2022-01-31 14:28:48 | QNAP: DeadBolt ransomware exploits a bug patched in December (lien direct) | Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks. [...] | Ransomware | ||
|
2022-01-31 13:18:41 | (Déjà vu) CISA adds 8 vulnerabilities to list of actively exploited bugs (lien direct) | The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new. [...] | |||
|
2022-01-31 12:17:55 | Microsoft Office 365 to add better protection for priority accounts (lien direct) | Microsoft is working on updating Microsoft Defender for Office 365 with differentiated protection for enterprise accounts tagged as critical for an organization (i.e., accounts of high-profile employees including executive-level managers, the ones most often targeted by attackers). [...] | |||
|
2022-01-31 11:14:28 | Russian \'Gamaredon\' hackers use 8 new malware payloads in attacks (lien direct) | The Russia-linked hackers known as 'Gamaredon' (aka Armageddon or Shuckworm) were spotted deploying eight custom binaries in cyber-espionage operations against Ukrainian entities. [...] | Malware | ||
|
2022-01-31 10:40:46 | 277,000 routers exposed to Eternal Silence attacks via UPnP (lien direct) | A malicious campaign known as 'Eternal Silence' is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors. [...] | Threat | ||
|
2022-01-30 10:12:24 | Researchers use GPU fingerprinting to track users online (lien direct) | A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking. [...] | |||
|
2022-01-30 10:00:00 | FTC: Americans lost $770 million from social media fraud surge (lien direct) | Americans are increasingly targeted by scammers on social media, according to tens of thousands of reports received by the US Federal Trade Commission (FTC) in 2021. [...] | |||
|
2022-01-29 14:06:50 | (Déjà vu) Windows vulnerability with new public exploits lets you become admin (lien direct) | A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain admin privileges in Windows 10. [...] | Vulnerability | ||
|
2022-01-29 11:08:16 | Over 20,000 data center management systems exposed to hackers (lien direct) | Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks. [...] | |||
|
2022-01-29 10:00:00 | Microsoft: Windows needs at least 8 hours online to update reliably (lien direct) | Microsoft says that Windows devices need to be online for at least eight hours to get the latest updates and have them correctly installed after they're released through Windows Update. [...] | |||
|
2022-01-28 16:57:32 | The Week in Ransomware - January 28th 2022 - Get NAS devices off the Internet (lien direct) | It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. [...] | Ransomware | ||
|
2022-01-28 11:30:00 | US bans major Chinese telecom over national security risks (lien direct) | The Federal Communications Commission (FCC) has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "serious national security concerns." [...] | |||
|
2022-01-28 11:20:35 | NCSC alerts UK orgs to brace for destructive Russian cyberattacks (lien direct) | The UK's National Cyber Security Centre (NCSC) is urging organizations to bolster security and prepare for a potential wave of destructive cyberattacks after recent breaches of Ukrainian entities. [...] | |||
|
2022-01-28 10:00:00 | EU to create pan-European cyber incident coordination framework (lien direct) | The European Systemic Risk Board (ESRB) proposed a new systemic cyber incident coordination framework that would allow EU relevant authorities to better coordinate when having to respond to major cross-border cyber incidents impacting the Union's financial sector. [...] | |||
|
2022-01-28 09:29:31 | Hackers are taking over CEO accounts with rogue OAuth apps (lien direct) | Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. [...] | Threat | ||
|
2022-01-28 08:26:48 | Finnish diplomats\' phones infected with NSO Group Pegasus spyware (lien direct) | Finland's Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group's Pegasus spyware in a cyber-espionage campaign. [...] | |||
|
2022-01-28 07:52:12 | Finland warns of Facebook accounts hijacked via Messenger phishing (lien direct) | Finland's National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims' friends in Facebook Messenger chats. [...] | |||
|
2022-01-28 07:05:25 | Microsoft Outlook RCE zero-day exploits now selling for $400,000 (lien direct) | Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in Microsoft Outlook email client. [...] | |||
|
2022-01-28 01:30:00 | QNAP force-installs update after DeadBolt ransomware hits 3,600 devices (lien direct) | QNAP force-updated customer's Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. [...] | Ransomware | ||
|
2022-01-27 16:13:13 | DeepDotWeb admin imprisoned for advertising illegal dark web markets (lien direct) | An Israeli citizen who operated DeepDotWeb (DDW), a news site and review site for dark web sites, has received a sentence of 97 months in prison for money laundering and was ordered to forfeit $8,414,173. [...] | |||
|
2022-01-27 14:28:27 | Taiwanese Apple and Tesla contractor hit by Conti ransomware (lien direct) | Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. [...] | Ransomware | ||
|
2022-01-27 13:31:40 | Lazarus hackers use Windows Update to deploy malware (lien direct) | North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems. [...] | Malware | APT 38 | |
|
2022-01-27 13:11:58 | Microsoft warns of multi-stage phishing campaign leveraging Azure AD (lien direct) | Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. [...] | Threat | ★★★ | |
|
2022-01-27 10:00:00 | Microsoft: Windows 11 now in broad deployment for eligible devices (lien direct) | Microsoft says Windows 11 has now entered the broad deployment phase, making it available for everyone with an eligible device via Windows Update. [...] | |||
|
2022-01-27 09:23:25 | Russian APT29 hackers\' stealthy malware undetected for years (lien direct) | Hackers associated with the Russian Federation Foreign Intelligence Service (SVR) continued their incursions on networks of multiple organizations after the SolarWinds supply-chain compromise using two recently discovered sophisticated threats. [...] | Malware | APT 29 | |
|
2022-01-27 08:12:43 | Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users (lien direct) | Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second (Tbps) distributed denial of service (DDoS) attack targeting an Azure customer from Asia in November. [...] | |||
|
2022-01-27 07:07:48 | 105 million Android users targeted by subscription fraud campaign (lien direct) | A premium services subscription scam for Android has been operating for close to two years. Called 'Dark Herring', the operation used 470 Google Play Store apps and affected over 100 million users worldwide, potentially causing hundreds of millions of USD in total losses. [...] | |||
|
2022-01-26 18:40:10 | Linux version of LockBit ransomware targets VMware ESXi servers (lien direct) | LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines. [...] | Ransomware | ||
|
2022-01-26 15:27:37 | Major Discord outage caused by API and database issues (lien direct) | Discord suffered what they classified as a 'massive outage' that prevented users from logging into the service or using voice chats. [...] |
To see everything:
Our RSS (filtrered)
