What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-12-10 06:00:00 | Chinese hackers use Visual Studio Code tunnels for remote access (lien direct) | Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems. [...]
Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems. [...] |
★★★ | ||
|
2024-12-09 18:00:51 | Ransomware attack hits leading heart surgery device maker (lien direct) | Artivion, a leading manufacturer of heart surgery medical devices, has disclosed a November 21 ransomware attack that disrupted its operations and forced it to take some systems offline. [...]
Artivion, a leading manufacturer of heart surgery medical devices, has disclosed a November 21 ransomware attack that disrupted its operations and forced it to take some systems offline. [...] |
Ransomware Medical | ★★★★ | |
|
2024-12-09 11:38:50 | Romanian energy supplier Electrica hit by ransomware attack (lien direct) | Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still "in progress" earlier today. [...]
Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still "in progress" earlier today. [...] |
Ransomware | ★★ | |
|
2024-12-07 10:12:22 | Anna Jaques Hospital ransomware breach exposed data of 300K patients (lien direct) | Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 316,000 patients. [...]
Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 316,000 patients. [...] |
Ransomware | ★★★ | |
|
2024-12-06 13:54:22 | Ultralytics AI model hijacked to infect thousands with cryptominer (lien direct) | The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]
The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...] |
★★ | ||
|
2024-12-06 11:35:54 | Blue Yonder SaaS giant breached by Termite ransomware gang (lien direct) | The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...]
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...] |
Ransomware Cloud | ★★ | |
|
2024-12-06 06:00:00 | Crypto-stealing malware posing as a meeting app targets Web3 pros (lien direct) | Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]
Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...] |
Malware | ★★ | |
|
2024-12-05 12:17:25 | New Android spyware found on phone seized by Russian FSB (lien direct) | After a Russian programmer was detained by Russia\'s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]
After a Russian programmer was detained by Russia\'s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...] |
Mobile | ★★★ | |
|
2024-12-05 10:02:12 | Latrodectus malware and how to defend against it with Wazuh (lien direct) | Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...]
Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...] |
Malware | ★★★ | |
|
2024-12-04 13:37:32 | BT unit took servers offline after Black Basta ransomware breach (lien direct) | Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach. [...]
Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach. [...] |
Ransomware | ★★ | |
|
2024-12-04 13:26:24 | New DroidBot Android malware targets 77 banking, crypto apps (lien direct) | A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]
A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...] |
Malware Mobile | ★★★ | |
|
2024-12-04 12:31:04 | Solana Web3.js library backdoored to steal secret, private keys (lien direct) | The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets. [...]
The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets. [...] |
★★★ | ||
|
2024-12-04 12:00:00 | Russian hackers hijack Pakistani hackers\' servers for their own attacks (lien direct) | The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156\'s infrastructure to launch their own covert attacks on already compromised networks. [...]
The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156\'s infrastructure to launch their own covert attacks on already compromised networks. [...] |
Threat | ★★★ | |
|
2024-12-04 12:00:00 | Russian hackers hijack Pakistani hackers\\' servers for their own attacks (lien direct) | The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156\'s infrastructure to launch their own covert attacks on already compromised networks. [...]
The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156\'s infrastructure to launch their own covert attacks on already compromised networks. [...] |
Threat | ★★ | |
|
2024-12-04 10:01:11 | Six password takeaways from the updated NIST cybersecurity framework (lien direct) | Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST\'s new guidance that help create strong password policies. [...]
Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST\'s new guidance that help create strong password policies. [...] |
★★ | ||
|
2024-12-03 17:00:24 | Vodka maker Stoli files for bankruptcy in US after ransomware attack (lien direct) | Stoli Group\'s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company\'s remaining distilleries in the country. [...]
Stoli Group\'s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company\'s remaining distilleries in the country. [...] |
Ransomware | ★★ | |
|
2024-12-02 16:11:31 | Korea arrests CEO for adding DDoS feature to satellite receivers (lien direct) | South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser\'s request. [...]
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser\'s request. [...] |
Legislation | ★★★★ | |
|
2024-12-02 13:07:03 | BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (lien direct) | The recently uncovered \'Bootkitty\' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka \'LogoFAIL,\' to infect computers running on a vulnerable UEFI firmware. [...]
The recently uncovered \'Bootkitty\' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka \'LogoFAIL,\' to infect computers running on a vulnerable UEFI firmware. [...] |
Malware | ★★ | |
|
2024-12-01 10:20:30 | Novel phishing campaign uses corrupted Word documents to evade security (lien direct) | A novel phishing attack abuses Microsoft\'s Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state but still be recoverable by the application. [...]
A novel phishing attack abuses Microsoft\'s Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state but still be recoverable by the application. [...] |
★★★ | ||
|
2024-11-30 10:11:21 | SpyLoan Android malware on Google play installed 8 million times (lien direct) | A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...]
A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...] |
Malware Mobile | ★ | |
|
2024-11-29 12:50:55 | Russia arrests cybercriminal Wazawaka for ties with ransomware gangs (lien direct) | Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. [...]
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. [...] |
Ransomware Malware Legislation | ★★ | |
|
2024-11-29 12:19:47 | Bologna FC confirms data breach after RansomHub ransomware attack (lien direct) | Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. [...]
Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. [...] |
Ransomware Data Breach | ★★ | |
|
2024-11-27 16:17:08 | Hackers abuse popular Godot game engine to infect thousands of PCs (lien direct) | Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...]
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...] |
Malware | ★★ | |
|
2024-11-27 12:37:33 | Researchers discover first UEFI bootkit malware for Linux (lien direct) | The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. [...]
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. [...] |
Malware | ★★ | |
|
2024-11-27 11:53:41 | Chinese hackers breached T-Mobile\\'s routers to scope out network (lien direct) | T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network. [...]
T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network. [...] |
★★ | ||
|
2024-11-26 17:30:00 | New NachoVPN attack uses rogue VPN servers to install malicious updates (lien direct) | A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. [...]
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. [...] |
Vulnerability | ★★★ | |
|
2024-11-26 08:26:33 | Hackers exploit critical bug in Array Networks SSL VPN products (lien direct) | America\'s Cyber Defense Agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. [...]
America\'s Cyber Defense Agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. [...] |
Vulnerability Threat | ★★ | |
|
2024-11-25 16:11:09 | Blue Yonder ransomware attack disrupts grocery store supply chain (lien direct) | Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. [...]
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. [...] |
Ransomware | ★★ | |
|
2024-11-25 11:12:22 | Salt Typhoon hackers backdoor telcos with new GhostSpider malware (lien direct) | The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers. [...]
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers. [...] |
Malware | ★★ | |
|
2024-11-22 14:33:54 | Hackers breach US firm over Wi-Fi from Russia in \\'Nearest Neighbor Attack\\' (lien direct) | Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack." [...]
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack." [...] |
APT 28 | ★★★★ | |
|
2024-11-21 15:06:45 | Chinese hackers target Linux with new WolfsBane malware (lien direct) | A new Linux backdoor called \'WolfsBane\' has been discovered, believed to be a port of Windows malware used by the Chinese \'Gelsemium\' hacking group. [...]
A new Linux backdoor called \'WolfsBane\' has been discovered, believed to be a port of Windows malware used by the Chinese \'Gelsemium\' hacking group. [...] |
Malware | ★★ | |
|
2024-11-21 14:46:48 | Over 2,000 Palo Alto firewalls hacked using recently patched bugs (lien direct) | Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerability vulnerabilities. [...]
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerability vulnerabilities. [...] |
Vulnerability Threat | ★★★ | |
|
2024-11-21 13:38:05 | CISA says BianLian ransomware now focuses only on data theft (lien direct) | The BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre. [...]
The BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre. [...] |
Ransomware | ★★ | |
|
2024-11-21 09:38:24 | Fortinet VPN design flaw hides successful brute-force attacks (lien direct) | A design flaw in the Fortinet VPN server\'s logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. [...]
A design flaw in the Fortinet VPN server\'s logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins. [...] |
★★★ | ||
|
2024-11-20 21:20:19 | Cyberattack at French hospital exposes health data of 750,000 patients (lien direct) | A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. [...]
A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. [...] |
Data Breach Threat Medical | ★★ | |
|
2024-11-20 15:56:59 | Fintech giant Finastra investigates data breach after SFTP hack (lien direct) | Finastra has confirmed it warned customers of a cybersecurity incident after a threat actor began selling allegedly stolen data on a hacking forum. [...]
Finastra has confirmed it warned customers of a cybersecurity incident after a threat actor began selling allegedly stolen data on a hacking forum. [...] |
Data Breach Hack Threat | ★★ | |
|
2024-11-20 11:44:42 | New Ghost Tap attack abuses NFC mobile payments to steal money (lien direct) | Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed \'Ghost Tap,\' which relays NFC card data to money mules worldwide. [...]
Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed \'Ghost Tap,\' which relays NFC card data to money mules worldwide. [...] |
Mobile | ★★★ | |
|
2024-11-19 15:09:14 | Ford rejects breach allegations, says customer data not impacted (lien direct) | Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...] |
Data Breach Threat | ★★ | |
|
2024-11-19 12:00:32 | Helldown ransomware exploits Zyxel VPN flaw to breach networks (lien direct) | The new \'Helldown\' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. [...]
The new \'Helldown\' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. [...] |
Ransomware Vulnerability | ★★ | |
|
2024-11-19 08:30:00 | Microsoft launches Zero Day Quest hacking event with $4 million in rewards (lien direct) | Microsoft announced today at its Ignite annual conference in Chicago, Illinois, that it\'s expanding its bug bounty programs with Zero Day Quest, a new hacking event focusing on cloud and AI products and platforms. [...]
Microsoft announced today at its Ignite annual conference in Chicago, Illinois, that it\'s expanding its bug bounty programs with Zero Day Quest, a new hacking event focusing on cloud and AI products and platforms. [...] |
Threat Cloud Conference | ★★ | |
|
2024-11-18 15:59:42 | US space tech giant Maxar discloses employee data breach (lien direct) | Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. [...]
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. [...] |
Data Breach | ★★★ | |
|
2024-11-18 12:05:41 | Fake Bitwarden ads on Facebook push info-stealing Chrome extension (lien direct) | Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. [...]
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. [...] |
★★ | ||
|
2024-11-17 11:25:36 | Phishing emails increasingly use SVG attachments to evade detection (lien direct) | Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. [...]
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection. [...] |
Malware Threat | ★★★ | |
|
2024-11-16 15:14:21 | Fake AI video generators infect Windows, macOS with infostealers (lien direct) | Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. [...]
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. [...] |
Malware | ★★ | |
|
2024-11-16 10:30:29 | GitHub projects targeted with malicious commits to frame researcher (lien direct) | GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker\'s true intentions. [...]
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker\'s true intentions. [...] |
★★ | ||
|
2024-11-15 17:04:18 | NSO Group used another WhatsApp zero-day after being sued, court docs say (lien direct) | Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. [...]
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. [...] |
Vulnerability Threat | ★★★ | |
|
2024-11-15 14:39:01 | Botnet exploits GeoVision zero-day to install Mirai malware (lien direct) | A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...]
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...] |
Malware Vulnerability Threat | ★★ | |
|
2024-11-15 11:36:42 | Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist (lien direct) | A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five years in prison by U.S. authorities. [...]
A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five years in prison by U.S. authorities. [...] |
Hack Legislation | ★★ | |
|
2024-11-14 15:47:57 | New Glove infostealer malware bypasses Chrome\\'s cookie encryption (lien direct) | New Glove Stealer information-stealing malware can bypass Google Chrome\'s Application-Bound (App-Bound) encryption to steal browser cookies. [...]
New Glove Stealer information-stealing malware can bypass Google Chrome\'s Application-Bound (App-Bound) encryption to steal browser cookies. [...] |
Malware | ★★ | |
|
2024-11-14 10:01:11 | The true (and surprising) cost of forgotten passwords (lien direct) | Password resets are more expensive for your organization than you may realize. Learn more from Specops Software on why password resets are so expensive and how a self-service password reset solution can save you money. [...]
Password resets are more expensive for your organization than you may realize. Learn more from Specops Software on why password resets are so expensive and how a self-service password reset solution can save you money. [...] |
★★ |
To see everything:
Our RSS (filtrered)
