What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-09 08:43:59 | Evilnum hackers use the same malware supplier as FIN6, Cobalt (lien direct) | Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. [...] | Malware Threat | ||
|
2020-07-09 06:03:39 | Joker Android malware keeps evading Google Play Store defenses (lien direct) | The threat actor behind the Joker Android malware has once again succeeded to successfully slip spyware infected apps onto the Play Store, Google's official Android app store. [...] | Malware Threat | ||
|
2020-07-06 17:53:30 | Microsoft Defender ATP web content filtering is now free (lien direct) | The new Microsoft Defender Advanced Threat Protection (ATP) Web Content Filtering feature will be provided for free to all enterprise customers without the need for an additional partner license. [...] | Threat | ||
|
2020-07-02 18:24:48 | Microsoft Defender ATP now helps secure network devices (lien direct) | Microsoft Defender Advanced Threat Protection (ATP) can now assess the collective security configuration state of devices on an enterprise network with the help of a new feature dubbed Microsoft Secure Score for Devices. [...] | Threat | ||
|
2020-06-27 14:54:33 | GeoVision access control devices let hackers steal fingerprints (lien direct) | GeoVision, a Taiwanese fingerprint scanner, access control, and surveillance tech manufacturer, fixed critical vulnerabilities in their devices that could be abused by hackers and nation-state threat actors. [...] | Threat | ||
|
2020-06-23 13:47:57 | Microsoft Defender ATP can now protect Linux, Android devices (lien direct) | Microsoft Defender Advanced Threat Protection (ATP) has expanded to non-Windows platforms and is now generally available for enterprise customers using Linux devices and in public preview for those with Android devices. [...] | Threat | ★★★★★ | |
|
2020-06-23 11:38:16 | REvil ransomware scans victim\'s network for Point of Sale systems (lien direct) | REvil ransomware operators have been observed while scanning one of their victim's network for Point of Sale (PoS) servers by researchers with Symantec's Threat Intelligence team. [...] | Ransomware Threat | ★★★★★ | |
|
2020-06-22 15:03:02 | BitDefender fixes bug allowing attackers to run commands remotely (lien direct) | Security solutions are designed to keep an organization safe, but those models crumble when that same software becomes a threat vector for the attackers to exploit. Such is the case with a new Bitdefender remote code execution vulnerability, dubbed CVE-2020-8102, lurking in its Safepay browser component. [...] | Threat | ||
|
2020-06-14 14:02:15 | Attackers impersonate secure messaging site to steal bitcoins (lien direct) | In what can be described as the case of both cybersquatting and phishing, threat actors have created a site that imitates the legitimate secure note sharing service privnote.com to steal bitcoins. [...] | Threat | ||
|
2020-06-12 10:35:14 | Office 365 to offer more info on how it protects your email (lien direct) | Microsoft is working on providing Office 365 Advanced Threat Protection (ATP) users with more information on the route incoming emails take while going through the filtering stack before reaching their inbox, as well as on the effectiveness of any configuration changes. [...] | Threat | ★★★★ | |
|
2020-06-12 03:27:00 | Hackers are quick to notice exposed Elasticsearch servers (lien direct) | Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. [...] | Threat | ||
|
2020-06-10 14:57:37 | Thanos ransomware auto-spreads to Windows devices, evades security (lien direct) | The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. [...] | Ransomware Threat | ||
|
2020-06-10 05:30:00 | Kingminer patches vulnerable servers to lock out competitors (lien direct) | Operators of the cryptojacking botnet Kingminer botnet are trying to keep their business humming by applying hotfixes from Microsoft on vulnerable infected computers to lock out other threat actors thay may claim a piece of their pie. [...] | Threat | ||
|
2020-06-06 09:29:39 | The Week in Ransomware - June 5th 2020 - Threat actors team up (lien direct) | It was quite a busy week with lots of new developments, including ransomware operations teaming up, new extortion tactics, and significant cyberattacks revealed. [...] | Ransomware Threat | ||
|
2020-06-05 06:01:01 | Ongoing eCh0raix ransomware campaign targets QNAP NAS devices (lien direct) | After remaining relatively quiet over the past few months, the threat actors behind the eCh0raix Ransomware have launched a brand new campaign targeting QNAP storage devices. [...] | Ransomware Threat | ||
|
2020-06-02 14:56:10 | VMware Cloud Director flaw lets hackers take over virtual datacenters (lien direct) | Organizations offering trial accounts for versions of VMware Cloud Director lower than 10.1.0 risk exposing private clouds on their virtualized infrastructure to complete takeover attacks from a threat actor. [...] | Threat | ||
|
2020-05-31 09:35:00 | Office 365 to give detailed info on malicious email attachments (lien direct) | Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. [...] | Malware Threat | ||
|
2020-05-28 13:02:39 | Michigan State University network breached in ransomware attack (lien direct) | Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution's network will be leaked to the public. [...] | Ransomware Threat | ||
|
2020-05-28 11:10:57 | NSA: Russian govt hackers exploiting critical Exim flaw since 2019 (lien direct) | The U.S. National Security Agency (NSA) says that Russian military threat actors tracked as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at least August 2019. [...] | Threat | ★★★ | |
|
2020-05-26 12:23:33 | New [F]Unicorn ransomware hits Italy via fake COVID-19 infection map (lien direct) | A new ransomware threat called [F]Unicorn has been encrypting computers in Italy by tricking victims into downloading a fake contact tracing app that promises to bring real-time updates for COVID-19 infections. [...] | Ransomware Threat | ★★★ | |
|
2020-05-24 09:27:58 | (Déjà vu) Discord client turned into a password stealer by updated malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-24 09:27:58 | Discord client turned into a password stealer by new malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-22 13:56:22 | Voter info for millions of Indonesians shared on hacker forum (lien direct) | A threat actor has shared the 2014 voter information for close to 2 million Indonesians on a well-known hacker forum and claims they will release a total of 200 million at a later date. [...] | Threat | ||
|
2020-05-18 03:36:00 | FBI warns of ProLock ransomware decryptor not working properly (lien direct) | Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. [...] | Ransomware Threat | ||
|
2020-05-15 15:23:20 | WordPress malware finds WooCommerce sites for Magecart attacks (lien direct) | Researchers at website security firm Sucuri have discovered a new WordPress malware used by threat actors to scan for and identify WooCommerce online shops with a lot of customers. [...] | Malware Threat | ||
|
2020-05-15 03:00:00 | Microsoft Office 365 ATP getting malware campaign analysis (lien direct) | Microsoft is in the process of expanding the Office 365 Advanced Threat Protection (ATP) capabilities with attack flow overviews of malware attacks targeting organizations. [...] | Malware Threat | ||
|
2020-05-14 14:09:08 | Hacker selling 550 million stolen user records on hacking forum (lien direct) | A threat actor is selling twenty-nine databases on a hacker forum that allegedly contains a combined total of 550 million stolen user records. [...] | Threat | ||
|
2020-05-13 11:11:37 | US warns of Chinese hackers targeting COVID-19 research orgs (lien direct) | Threat actors affiliated to the People's Republic of China (PRC) are attempting to compromise and collect COVID-19 information from organizations in the US health care, pharmaceutical, and research industry sectors. [...] | Threat | ||
|
2020-05-12 08:09:36 | (Déjà vu) Researcher finds 1,236 websites infected with credit card stealers (lien direct) | A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure webshops. [...] | Threat | ||
|
2020-05-12 08:09:36 | Researcher finds 1,236 domains infected with credit card stealers (lien direct) | A security researcher collected in a span of a few weeks over 1,000 domains infected with payment card skimmers, showing that the MageCart continues to be a prevalent threat that preys on insecure web shops. [...] | Threat | ||
|
2020-05-05 16:38:07 | Cyber volunteers release blocklists for 26,000 COVID-19 threats (lien direct) | The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...] | Malware Threat | ||
|
2020-05-04 17:09:11 | LockBit ransomware self-spreads to quickly encrypt 225 systems (lien direct) | A feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. [...] | Ransomware Threat | ||
|
2020-05-03 13:59:14 | Hacker sells 91 million Tokopedia accounts, cracked passwords shared (lien direct) | A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. [...] | Threat | ||
|
2020-05-01 18:19:52 | The Week in Ransomware - May 1st 2020 - Banishing the Shade (lien direct) | For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...] | Ransomware Threat | ||
|
2020-04-30 11:26:08 | Microsoft Sway abused in PerSwaysion spear-phishing operation (lien direct) | Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials. [...] | Threat | ||
|
2020-04-28 07:24:28 | Lucy malware for Android adds file-encryption for ransomware ops (lien direct) | A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...] | Ransomware Malware Threat | ||
|
2020-04-24 15:56:41 | Phishing attacks target US Payroll Protection Program Loans (lien direct) | With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...] | Threat | ||
|
2020-04-24 12:48:04 | US universities targeted with malware used by state-backed actors (lien direct) | Faculty and students at several U.S. colleges and universities were targeted in phishing attacks with a remote access Trojan (RAT) previously used by Chinese state-sponsored threat actors. [...] | Malware Threat | ||
|
2020-04-23 14:10:33 | NSA: Hackers exploit these vulnerabilities to deploy backdoors (lien direct) | The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly issued an advisory warning of threat actors increasingly exploiting vulnerable web servers to deploy web shells. [...] | Threat | ||
|
2020-04-20 16:45:37 | FBI says that sharing personal info online only helps scammers (lien direct) | The FBI's Charlotte office today warned against the sharing of sensitive personal information on social media as threat actors can take advantage of it to reset passwords and gain full control of accounts and the data stored within. [...] | Threat | ||
|
2020-04-20 13:18:02 | 267 million Facebook profiles sold for $600 on the dark web (lien direct) | Threat actors are selling over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums. While none of these records include passwords, they do contain information that could allow attackers to perform spear phishing or SMS attacks to steal credentials. [...] | Threat | ||
|
2020-04-17 16:31:26 | Microsoft: Trickbot in hundreds of unique COVID-19 lures per week (lien direct) | TrickBot is, at the moment, the malware showing up in the highest number of unique COVID-19 related malicious emails and attachments delivered to potential victims' inboxes based on Microsoft's Office 365 Advanced Threat Protection (ATP) data. [...] | Malware Threat | ||
|
2020-04-09 05:00:00 | Hackers struggle morally and economically over Coronavirus (lien direct) | With the Coronavirus pandemic in full swing, threat actors are torn about how they should operate during the pandemic, and like everyone else, are also seeing a downturn in the underground hacker marketplace. [...] | Threat | ||
|
2020-04-08 12:52:32 | Microsoft: No surge in malicious attacks, only more COVID-19 lures (lien direct) | Microsoft says that the volume of malicious attacks hasn't increased but, instead, threat actors have repurposed infrastructure used in previous attacks and rethemed attack campaigns to exploit fears surrounding the COVID-19 pandemic. [...] | Threat | ||
|
2020-03-27 05:42:49 | Russian-Speaking Hackers Attack Pharma, Manufacturing Companies in Europe (lien direct) | Malware belonging to Russian-speaking threat actors was used in attacks in late January against at least two European companies in the pharmaceutical and manufacturing industries. [...] | Malware Threat | ||
|
2020-03-25 17:28:55 | WordPress Malware Distributed via Pirated Coronavirus Plugins (lien direct) | The threat actors behind the WordPress WP-VCD malware have started to distribute modified versions of Coronavirus plugins that inject a backdoor into a web site. [...] | Malware Threat | ||
|
2020-03-24 09:52:31 | Unknown Hackers Use New Milum RAT in WildPressure Campaign (lien direct) | A new piece of malware that shows no similarities with samples used in known campaigns is currently used to attack computers in various organizations. Researchers named the threat Milum and dubbed the operation WildPressure. [...] | Malware Threat | ||
|
2020-03-17 14:06:00 | Nation-Backed Hackers Spread Crimson RAT via Coronavirus Phishing (lien direct) | A state-sponsored threat actor is attempting to deploy the Crimson Remote Administration Tool (RAT) onto the systems of targets via a spear-phishing campaign using Coronavirus-themed document baits disguised as health advisories. [...] | Tool Threat | ||
|
2020-03-12 15:59:57 | Office 365 ATP To Block Email Domains That Fail Authentication (lien direct) | Microsoft is working on including a new Office 365 Advanced Threat Protection (ATP) feature that would block email sender domains automatically if they fail DMARC authentication as part of an effort to make Office 365 ATP secure by default. [...] | Threat | ||
|
2020-03-12 08:23:52 | Advanced Russian Hackers Use New Malware in Watering Hole Operation (lien direct) | Two previously undocumented pieces of malware, a downloader and a backdoor, were used in a watering hole operation attributed to the Russian-based threat group Turla. [...] | Malware Threat |
To see everything:
Our RSS (filtrered)
