Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-25 16:28:55 |
Hacker leaks 20 million alleged BigBasket user records for free (lien direct) |
A threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed passwords on a popular hacking forum. [...] |
Threat
|
|
|
|
2021-04-19 18:27:46 |
Geico data breach exposed customers\' driver\'s license numbers (lien direct) |
Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month. [...] |
Data Breach
Threat
|
|
|
|
2021-04-19 17:07:40 |
Google Alerts continues to be a hotbed of scams and malware (lien direct) |
Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. [...] |
Malware
Threat
|
|
|
|
2021-04-17 11:08:22 |
(Déjà vu) Microsoft fixes Windows 10 bug that can corrupt NTFS drives (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-04-17 11:08:22 |
(Déjà vu) Microsoft fixes Windows 10 bug that marks drives as corrupted (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-04-16 10:44:37 |
Popular Codecov code coverage tool hacked to steal dev credentials (lien direct) |
Codecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers' continuous integration (CI) environment. [...] |
Tool
Threat
|
|
|
|
2021-04-15 14:19:20 |
Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) |
Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] |
Malware
Threat
|
|
|
|
2021-04-13 09:04:11 |
Watch out for this W-2 phishing scam targeting the 2021 tax season (lien direct) |
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...] |
Threat
|
|
|
|
2021-04-09 14:52:36 |
Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (lien direct) |
Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. [...] |
Ransomware
Threat
Guideline
|
|
|
|
2021-04-09 13:55:00 |
Attackers deliver legal threats, IcedID malware via contact forms (lien direct) |
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] |
Malware
Threat
|
|
|
|
2021-04-07 17:18:42 |
VISA: Hackers increasingly using web shells to steal credit cards (lien direct) |
Global payments processor VISA warns that threat actors are increasingly deploying web shells on compromised servers to exfiltrate credit card information stolen from online store customers. [...] |
Threat
|
|
|
|
2021-04-07 16:06:13 |
REvil ransomware now changes password to auto-login in Safe Mode (lien direct) |
A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords. [...] |
Ransomware
Threat
|
|
|
|
2021-04-07 11:36:59 |
Gigaset Android phones infected by malware via hacked update server (lien direct) |
Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] |
Malware
Threat
|
|
|
|
2021-04-06 18:00:33 |
Windows XP makes ransomware gangs work harder for their money (lien direct) |
A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago. [...] |
Ransomware
Threat
|
|
|
|
2021-04-06 09:00:00 |
Ongoing attacks are targeting unsecured mission-critical SAP apps (lien direct) |
Threat actors are targeting mission-critical SAP enterprise applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. [...] |
Threat
|
|
|
|
2021-04-02 13:04:37 |
FBI and CISA warn of state hackers attacking Fortinet FortiOS servers (lien direct) |
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. [...] |
Threat
|
|
|
|
2021-04-02 07:03:11 |
Ransomware gang wanted $40 million in Florida schools cyberattack (lien direct) |
Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. [...] |
Ransomware
Threat
|
|
|
|
2021-03-31 13:33:45 |
Google: North Korean hackers target security researchers again (lien direct) |
Google's Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts. [...] |
Threat
|
|
|
|
2021-03-31 12:31:49 |
Malware hidden in game cheats and mods used to target gamers (lien direct) |
Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] |
Malware
Threat
|
|
|
|
2021-03-29 03:32:59 |
PHP\'s Git server hacked to add backdoors to PHP source code (lien direct) |
In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [...] |
Threat
|
|
|
|
2021-03-19 11:11:09 |
Computer giant Acer hit by $50 million ransomware attack (lien direct) |
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. [...] |
Ransomware
Threat
|
|
|
|
2021-03-12 14:57:57 |
Scammers promote fake cryptocurrency giveaways via Twitter ads (lien direct) |
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...] |
Threat
|
|
|
|
2021-03-10 10:57:36 |
Norway parliament data stolen in Microsoft Exchange attack (lien direct) |
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. [...] |
Threat
|
|
|
|
2021-03-08 15:06:34 |
Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) |
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] |
Malware
Threat
|
|
|
|
2021-03-02 09:00:00 |
Microsoft 365 Defender Threat Analytics enters public preview (lien direct) |
Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. [...] |
Threat
|
|
|
|
2021-03-02 00:14:00 |
Malicious NPM packages target Amazon, Slack with new dependency attacks (lien direct) |
Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...] |
Vulnerability
Threat
|
|
|
|
2021-03-01 14:29:35 |
World\'s leading dairy group Lactalis hit by cyberattack (lien direct) |
Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...] |
Threat
Guideline
|
|
|
|
2021-03-01 10:14:20 |
Tether cryptocurrency firm says docs in $24 million ransom are \'forged\' (lien direct) |
USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...] |
Threat
|
|
|
|
2021-02-24 08:51:03 |
LazyScripter hackers target airlines with remote access trojans (lien direct) |
Security researchers analyzing multiple sets of malicious emails believe they uncovered activity belonging to a previously unidentified actor that fits the description of an advanced persistent threat (APT). [...] |
Threat
|
|
|
|
2021-02-23 08:56:40 |
Ukraine: DDoS attacks on govt sites originated from Russia (lien direct) |
The National Security and Defense Council (NSDC) of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. [...] |
Threat
|
|
|
|
2021-02-22 09:06:36 |
Global Accellion data breaches linked to Clop ransomware gang (lien direct) |
Threat actors associated with a financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion's legacy File Transfer Appliance and steal data. [...] |
Ransomware
Threat
|
|
|
|
2021-02-21 09:24:11 |
Warning: Google Alerts abused to push fake Adobe Flash updater (lien direct) |
Threat actors are using Google Alerts to promote a fake Adobe Flash Player updater that installs other unwanted programs on unsuspecting users' computers. [...] |
Threat
|
|
|
|
2021-02-20 12:57:44 |
Kroger data breach exposes pharmacy and employee data (lien direct) |
Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. [...] |
Data Breach
Threat
|
|
|
|
2021-02-14 12:12:06 |
Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) |
This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict.
The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] |
Malware
Threat
|
|
|
|
2021-02-10 10:43:45 |
Hackers auction alleged stolen Cyberpunk 2077, Witcher source code (lien direct) |
Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were stolen in a ransomware attack. [...] |
Ransomware
Threat
|
|
|
|
2021-02-10 03:30:00 |
(Déjà vu) Microsoft fixes Windows 10 bug letting attackers trigger BSOD crashes (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-02-10 03:30:00 |
Microsoft fixes the Windows 10 console driver crash bug (lien direct) |
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. [...] |
Threat
|
|
|
|
2021-02-09 15:42:45 |
HelloKitty ransomware behind CD Projekt Red cyberattack, data theft (lien direct) |
The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize. [...] |
Ransomware
Threat
|
|
|
|
2021-02-05 15:14:46 |
Malicious extension abuses Chrome sync to steal users\' data (lien direct) |
The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions. [...] |
Threat
|
|
|
|
2021-02-04 13:41:58 |
Hackers steal StormShield firewall source code in data breach (lien direct) |
Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...] |
Data Breach
Threat
Guideline
|
|
|
|
2021-02-03 22:30:08 |
Oxfam Australia investigates data breach after database sold online (lien direct) |
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...] |
Data Breach
Threat
|
|
|
|
2021-02-02 11:00:00 |
Malicious script steals credit card info stolen by other hackers (lien direct) |
A threat actor has infected an e-commerce store with a custom credit card skimmer designed to siphon data stolen by a previously deployed Magento card stealer. [...] |
Threat
|
|
|
|
2021-02-01 14:15:30 |
Phishing campaign lures US businesses with fake PPP loans (lien direct) |
Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a PPP loan to keep their business going during the COVID-19 crisis. [...] |
Threat
|
|
|
|
2021-02-01 08:04:01 |
Android emulator supply-chain attack targets gamers with malware (lien direct) |
ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] |
Malware
Threat
|
|
|
|
2021-01-26 10:01:27 |
Mimecast links security breach to SolarWinds hackers (lien direct) |
Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. [...] |
Threat
|
|
|
|
2021-01-25 11:54:03 |
Australian securities regulator discloses security breach (lien direct) |
The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach. [...] |
Threat
|
|
|
|
2021-01-24 13:16:39 |
Data breach at Buyucoin crypto exchange leaks user info, trades (lien direct) |
A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. [...] |
Threat
|
|
|
|
2021-01-23 12:14:25 |
SonicWall firewall maker hacked using zero-day in its VPN device (lien direct) |
Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems. [...] |
Vulnerability
Threat
|
|
|
|
2021-01-22 14:11:38 |
(Déjà vu) Bonobos clothing store suffers a data breach, hacker leaks 70GB database (lien direct) |
Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker. [...] |
Data Breach
Threat
|
|
|
|
2021-01-22 12:47:33 |
Intel: Hackers stole unpublished earnings info from corporate site (lien direct) |
Intel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results. [...] |
Threat
|
|
|