What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-10 13:00:00 | New LVI Intel CPU Data Theft Vulnerability Requires Hardware Fix (lien direct) | A novel class of attack techniques against modern Intel processors can allow threat actors to inject malicious data into applications via transient-execution attacks and steal sensitive data according to researchers. [...] | Vulnerability Threat | ||
|
2020-03-09 18:09:13 | Google Play Protect Miserably Fails Android Protection Tests (lien direct) | Google's Play Protect Android mobile threat protection system failed German antivirus testing lab AV-Test real-world tests, scoring zero out of a maximum of six points after very weak malware detection performance. [...] | Malware Threat | ||
|
2020-03-06 14:45:00 | FBI Warns of BEC Attacks Abusing Microsoft Office 365, Google G Suite (lien direct) | The US Federal Bureau of Investigation (FBI) warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks. [...] | Threat | ||
|
2020-02-27 16:09:39 | As Coronavirus Spreads, So Does Covid-19 Themed Malware (lien direct) | Threat actors are still taking advantage of the ongoing COVID-19 global outbreak by attempting to drop Remcos RAT and malware payloads on their targets' computers via malicious files that promise to provide Coronavirus safety measures. [...] | Malware Threat | ||
|
2020-02-26 17:17:52 | Credit Card Skimmer Uses Fake CDNs To Evade Detection (lien direct) | Threat actors have been spotted cloaking their credit card skimmers using fake content delivery network domains as part of an effort to hide them and their exfil traffic in plain sight. [...] | Threat | ||
|
2020-02-26 12:46:38 | DoppelPaymer Hacked Bretagne Télécom Using the Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. [...] | Threat | ||
|
2020-02-20 07:49:17 | New Actors Attack Industrial Control Systems, Old Ones Mature (lien direct) | Industrial control systems (ICS) across the world have become a larger target in 2019 as researchers discovered new threat actors attacking this sector while old ones have evolved and expanded their operations. [...] | Threat | ||
|
2020-02-19 17:24:12 | Microsoft Adds Enterprise Windows 10 Tamper Protection Controls (lien direct) | Microsoft announced today that support for the Windows 10 Tamper Protection feature has been added to Microsoft Defender ATP Threat & Vulnerability Management for additional info on exposed machines in their organization. [...] | Vulnerability Threat | ||
|
2020-02-19 11:35:38 | Over 20,000 WordPress Sites Run Trojanized Premium Themes (lien direct) | A threat actor that has infected more than 20,000 WordPress sites by running the same trick for at least three years: distributing trojanized versions of premium WordPress themes and plugins. [...] | Threat | ||
|
2020-02-19 03:33:00 | DRBControl Espionage Operation Hits Gambling, Betting Companies (lien direct) | An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. [...] | Malware Threat | ||
|
2020-02-18 18:43:37 | Dharma Ransomware Attacks Italy in New Spam Campaign (lien direct) | Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. [...] | Ransomware Spam Threat | ||
|
2020-02-12 10:29:09 | Google Play Protect Blocked 1.9 Billion Malware Installs in 2019 (lien direct) | Google's Play Protect mobile threat protection service blocked the installation of over 1.9 billion malicious apps downloaded from non-Play Store sources in 2019. [...] | Malware Threat | ||
|
2020-01-30 19:16:35 | (Déjà vu) Microsoft Detects New TA505 Malware Attacks After Short Break (lien direct) | Microsoft says that an ongoing TA505 phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] | Malware Threat | ||
|
2020-01-30 19:16:35 | Microsoft Detects New Evil Corp Malware Attacks After Short Break (lien direct) | Microsoft says that an ongoing Evil Corp phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] | Malware Threat | ||
|
2020-01-27 18:35:06 | FBI Releases Alert on Iranian Hackers\' Defacement Techniques (lien direct) | The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers' TTPs to help administrators and users to protect their websites. [...] | Threat | ||
|
2020-01-24 18:13:22 | The Week in Ransomware - January 24th 2020 - Duck for Cover! (lien direct) | Ransomware continues its onslaught against cities, the enterprise, and even houses of worship as threat actors attempt to encrypt as much as they can to earn big payouts. [...] | Ransomware Threat | ||
|
2020-01-17 11:40:37 | Hackers Are Securing Citrix Servers, Backdoor Them for Access (lien direct) | An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access. [...] | Threat | ||
|
2020-01-11 10:00:00 | Android Trojan Kills Google Play Protect, Spews Fake App Reviews (lien direct) | An Android malware strain camouflaged as a system app is used by threat actors to disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more. [...] | Malware Threat | ||
|
2020-01-09 06:00:00 | TrickBot Gang Created a Custom Post-Exploitation Framework (lien direct) | Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally throughout a network. [...] | Malware Threat | ||
|
2020-01-08 03:30:00 | SNAKE Ransomware Is the Next Threat Targeting Business Networks (lien direct) | Since network administrators didn't already have enough on their plate, they now have to worry about a new ransomware called SNAKE that is targeting their networks and aiming to encrypt all of the devices connected to it [...] | Ransomware Threat | ||
|
2020-01-07 03:30:00 | MP Says Austria Unprepared After Cyberattack on Foreign Ministry (lien direct) | The Austrian State Department' IT systems were under a 'serious attack' suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). [...] | Threat | ||
|
2020-01-06 11:34:41 | US Govt Says Iran\'s Cyberattacks Can Disrupt Critical Infrastructure (lien direct) | The U.S. Department of Homeland Security (DHS) warned in a terrorism threat alert issued through the National Terrorism Advisory System (NTAS) that potential cyberattacks carried out by Iranian-backed actors against the U.S. have the potential to disrupt critical infrastructure. [...] | Threat | ||
|
2019-12-18 09:51:41 | ScreenConnect MSP Software Used to Install Zeppelin Ransomware (lien direct) | Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers. [...] | Ransomware Threat | ★★★★★ | |
|
2019-12-17 18:25:01 | Industrial Cyber-Espionage Campaign Targets Hundreds of Companies (lien direct) | Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. [...] | Threat | ||
|
2019-11-28 23:07:54 | Advanced Hacking Groups Keep Showing Up, Old Ones Evolve (lien direct) | Advancements in the threat landscape are clear from one year to another. Since last year, security researchers have seen new adversaries along with methods of compromise and more overt cyberattacks. [...] | Threat | ||
|
2019-11-22 18:57:26 | The Week in Ransomware - November 22nd 2019 - Leaky Files (lien direct) | This week the biggest news was Maze Ransomware escalating the ransomware threat releasing a victim's stolen data because they did not pay the ransom. [...] | Ransomware Threat | ||
|
2019-11-21 15:32:03 | Card Skimmer Group Replaces Checkout Page to Steal Payment Info (lien direct) | A payment service platform's checkout page was recently cloned by the threat actors behind a web skimming campaign that harvested and stole credit card information from an online shop's customers. [...] | Threat | ||
|
2019-11-20 19:40:13 | Microsoft Warns Customers of DoppelPaymer Ransomware Threat (lien direct) | The Microsoft Security Response Center (MSRC) warned customers of the threat behind ongoing DoppelPaymer ransomware attacks and reminded them about misleading info on how it spreads. [...] | Ransomware Threat Guideline | ||
|
2019-11-14 09:05:16 | New Threat Actor Impersonates Govt Agencies to Deliver Malware (lien direct) | A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments. [...] | Malware Threat | ||
|
2019-11-13 13:28:45 | Microsoft Fixes Windows 10 1809 Issue That Broke Defender ATP (lien direct) | Microsoft resolved a known issue causing Microsoft Defender Advanced Threat Protection (ATP) to stop running and fail to send reporting data on some Windows devices after installing the KB4520062 optional non-security update. [...] | Threat | ||
|
2019-11-08 12:53:10 | New Stealthy Backdoor Used by Platinum APT in Recent Attacks (lien direct) | The advanced persistent threat (APT) group tracked by Microsoft as Platinum is using a new stealthy backdoor malware dubbed Titanium to infiltrate and take control of their targets' systems. [...] | Malware Threat | ||
|
2019-11-05 19:28:50 | DarkUniverse APT Stayed Hidden for 8 Years, Updated Regularly (lien direct) | Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. [...] | Malware Threat | ||
|
2019-11-04 15:39:18 | Malwarebytes 4.0 Released With New UI and Scanning Engine (lien direct) | Malwarebytes has released version 4.0 of their flagship antivirus product and with it comes a new scanning engine, a new user interface, threat statistics and more. [...] | Threat | ||
|
2019-11-04 09:00:00 | Office 365 Breach Detection Capabilities Now in Public Preview (lien direct) | Microsoft announced the release of a new Office 365 Advanced Threat Protection (ATP) features designed to detect breaches, dubbed enhanced compromise detection and response. [...] | Threat | ||
|
2019-10-21 15:29:10 | Russian Hackers Use Iranian Threat Group\'s Tools, Servers as Cover (lien direct) | The Russian-backed Turla cyber-espionage group used stolen malware and hijacked infrastructure from the Iranian-sponsored OilRig to attack targets from dozens of countries according to a joint United Kingdom's National Cyber Security Centre (NCSC) and U.S. National Security Agency (NSA) advisory published today. [...] | Malware Threat | APT 34 | |
|
2019-10-17 09:39:47 | Cozy Bear Russian Hackers Spotted After Staying Undetected for Years (lien direct) | Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers. [...] | Malware Threat | APT 29 | |
|
2019-10-16 14:40:20 | Attackers Hide Backdoors and Cryptominers in WAV Audio Files (lien direct) | Attackers behind a new malicious campaign are using WAV audio files to hide and drop backdoors and Monero cryptominers on their targets' systems as BlackBerry Cylance threat researchers discovered. [...] | Threat | ★★★★ | |
|
2019-10-14 09:19:24 | Iranian Hackers Create Credible Phishing to Steal Library Access (lien direct) | The Silent Librarian threat group is constantly updating its tactics and techniques, to the point of using on its login phishing pages info and alerts that is accurate and relevant to potential victims. [...] | Threat | ||
|
2019-10-08 03:28:14 | Hackers Patch Web Browsers to Track Encrypted Traffic (lien direct) | Researchers have found a new piece of malware, likely from an advanced threat group, that can patch Chrome and Firefox browsers to identify the encrypted traffic from a victim's computer. [...] | Threat | ||
|
2019-10-04 14:53:19 | Microsoft Discovers Iranian Hacking Campaign Targeting U.S. Politics (lien direct) | Microsoft says that a state-sponsored Iranian cyber-espionage group tracked as Phosphorus by the Microsoft Threat Intelligence Center (MSTIC) attempted to get account info on over 2,700 of its customers, attack 241 of them, and compromised four accounts between August and September. [...] | Threat Conference | APT 35 | |
|
2019-10-04 10:19:29 | Actively Exploited Android Zero-Day Impacts Google, Samsung Devices (lien direct) | Google's Threat Analysis Group (TAG) says that a new Android zero-day is actively being exploited in the wild in attacks targeting vulnerable Google Pixel, Huawei, Xiaomi, Samsung, Oppo, and Moto devices. [...] | Threat | ||
|
2019-10-03 09:45:21 | Cyber-Spy Group Active Since 2013 Now Tied to Chinese State Actor (lien direct) | Multiple cyber-espionage campaigns that remained unattributed over the years have now been linked to a single threat actor that researchers named PKPLUG, attacking targets across Asia. [...] | Threat | ||
|
2019-10-02 10:02:13 | Threat Group Uses Bit.ly, BlogSpot, Pastebin to Deliver Trojans, RATs (lien direct) | A malicious campaign targeting corporations from all over the world was observed while using a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to deliver Azorult and RevengeRAT malware. [...] | Threat | ||
|
2019-09-30 10:21:34 | eGobbler Malvertiser Uses WebKit Exploit to Infect Over 1 Billion Ads (lien direct) | Roughly 1.16 billion ad impressions have been hijacked in a malvertising campaign operated by a threat group dubbed eGobbler to redirect potential victims to malicious payloads, between August 1 and September 23. [...] | Threat | ||
|
2019-09-27 12:50:42 | Office 365 to Get Automated Incident Response for Hacked Accounts (lien direct) | Microsoft is currently working on adding a new Automated Incident Response playbook to Office 365 Advanced Threat Protection (ATP) to allow Security Operations (SecOps) teams to automatically investigate and remediate hacked accounts. [...] | Threat | ||
|
2019-09-25 18:36:46 | Microsoft to Extend Office 365 ATP Safe Links to Office Online (lien direct) | Microsoft is currently working on extending the Office 365 Advanced Threat Protection (ATP) Safe Links protection to Office Online apps, with the new feature to be released in October. [...] | Threat | ||
|
2019-09-24 11:23:41 | State-Backed Attackers Target US Entities with LookBack Malware (lien direct) | A spear-phishing campaign spanning more than five months has been targeting roughly 17 U.S. utility providers between April 5 and August 29 according to research from Proofpoint's Threat Insight Team. [...] | Malware Threat | ||
|
2019-09-18 06:00:00 | New TortoiseShell Group Hacks 11 IT Providers to Reach Their Customers (lien direct) | A newly discovered threat group that security researchers call TortoiseShell is compromising IT providers in what seems to be supply-chain attacks intended to reach the network of specific customers. [...] | Threat | ||
|
2019-09-17 03:34:35 | Most Cyber Attacks Focus on Just Three TCP Ports (lien direct) | Small to mid-sized businesses can keep safe from most cyberattacks by protecting the ports that threat actors target the most. Three of them stand out in a crowd of more than 130,000 targeted in cyber incidents. [...] | Threat | ||
|
2019-09-12 03:33:03 | Iranian Hackers Hit Over 60 Universities to Get Library Access (lien direct) | Cobalt Dickens, a threat actor associated with the Iranian government, ran a phishing operation in July and August that targeted more than 60 universities in countries on four continents. [...] | Threat |
To see everything:
Our RSS (filtrered)
