Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-02-08 13:09:54 |
Malicious Dota 2 game modes infected players with malware (lien direct) |
Security researchers have discovered four malicious Dota 2 game modes that were used by a threat actor to backdoor the players' systems. [...] |
Malware
Threat
|
|
★★★
|
|
2023-02-08 09:59:22 |
Drug distributor AmerisourceBergen confirms security breach (lien direct) |
Pharmaceutical distributor AmerisourceBergen confirmed that hackers compromised the IT system of one of its subsidiaries after threat actors began leaking allegedly stolen data. [...] |
Threat
|
|
★★
|
|
2023-02-02 12:56:58 |
North Korean hackers stole research data in two-month-long breach (lien direct) |
A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. [...] |
Threat
|
APT 38
|
★★
|
|
2023-02-01 17:30:45 |
Over 1,800 Android phishing forms for sale on cybercrime market (lien direct) |
A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps [...] |
Threat
|
|
★★
|
|
2023-02-01 09:45:52 |
Hackers use new IceBreaker malware to breach gaming companies (lien direct) |
A previously unknown threat group has been targeting the customer service platforms of online gaming and gambling companies using social engineering to drop its custom implant. [...] |
Malware
Threat
|
|
★★★
|
|
2023-01-26 15:41:44 |
US offers $10M bounty for Hive ransomware links to foreign governments (lien direct) |
The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group (or other threat actors) with foreign governments. [...] |
Ransomware
Threat
|
|
★★
|
|
2023-01-25 14:34:52 |
Hackers auction alleged source code for League of Legends (lien direct) |
Threat actors are auctioning the alleged source code for Riot Game's League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company's developer environment. [...] |
Hack
Threat
|
|
★★
|
|
2023-01-24 18:07:45 |
Ransomware access brokers use Google ads to breach your network (lien direct) |
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks. [...] |
Ransomware
Threat
|
|
★★
|
|
2023-01-21 11:15:30 |
(Déjà vu) Hackers now use Microsoft OneNote attachments to spread malware (lien direct) |
Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [...] |
Malware
Threat
|
|
★★★★★
|
|
2023-01-21 11:15:30 |
Beware: Hackers now use OneNote attachments to spread malware (lien direct) |
Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [...] |
Malware
Threat
|
|
★
|
|
2023-01-19 17:19:22 |
T-Mobile hacked to steal data of 37 million accounts in API data breach (lien direct) |
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs). [...] |
Data Breach
Threat
|
|
★
|
|
2023-01-18 16:11:30 |
MailChimp discloses new breach after employees got hacked (lien direct) |
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. [...] |
Threat
|
|
★
|
|
2023-01-16 11:41:30 |
Malicious \'Lolip0p\' PyPi packages install info-stealing malware (lien direct) |
A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems. [...] |
Malware
Threat
|
|
★★★
|
|
2023-01-11 16:55:47 |
Scattered Spider hackers use old Intel driver to bypass security (lien direct) |
A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD (Bring Your Own Vulnerable Driver) attack to evade detection from EDR (Endpoint Detection and Response) security products. [...] |
Threat
|
|
★★★
|
|
2023-01-11 02:00:00 |
New Dark Pink APT group targets govt and military with custom malware (lien direct) |
Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information. [...] |
Malware
Threat
|
|
★★
|
|
2023-01-03 13:10:01 |
BitRAT malware campaign uses stolen bank data for phishing (lien direct) |
Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures in phishing emails designed to infect targets with the BitRAT remote access trojan, according to cloud security firm Qualys. [...] |
Malware
Threat
|
|
★★
|
|
2022-12-22 17:25:27 |
Leading sports betting firm BetMGM discloses data breach (lien direct) |
Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers. [...] |
Data Breach
Threat
Guideline
|
|
★★★★
|
|
2022-12-20 17:33:13 |
Ransomware gang uses new Microsoft Exchange exploit to breach servers (lien direct) |
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code execution (RCE) on vulnerable servers through Outlook Web Access (OWA). [...] |
Ransomware
Threat
|
|
★★
|
|
2022-12-18 11:07:14 |
Restaurant CRM platform \'SevenRooms\' confirms breach after data for sale (lien direct) |
SevenRooms, a restaurant CRM software and guest manRestaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.agement service provider, has admitted it has suffered a data breach, result of a security incident on one of its vendors. [...] |
Data Breach
Threat
|
|
★★★
|
|
2022-12-15 16:10:28 |
Hackers leak personal info allegedly stolen from 5.7M Gemini users (lien direct) |
Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor. [...] |
Threat
|
|
★★★
|
|
2022-12-14 13:24:00 |
Microsoft patches Windows zero-day used to drop ransomware (lien direct) |
Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. [...] |
Ransomware
Malware
Vulnerability
Threat
|
|
★★
|
|
2022-12-12 13:30:18 |
Uber suffers new data breach after attack on vendor, info leaked online (lien direct) |
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. [...] |
Data Breach
Threat
|
Uber
Uber
|
★
|
|
2022-12-08 15:27:11 |
CommonSpirit Health ransomware attack exposed data of 623,000 patients (lien direct) |
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack. [...] |
Ransomware
Threat
|
|
★★★
|
|
2022-12-08 05:00:00 |
New \'Zombinder\' platform binds Android malware with legitimate apps (lien direct) |
A darknet platform dubbed 'Zombinder' allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality of the original app to evade suspicion. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-05 15:08:49 |
Sneaky hackers reverse defense mitigations when detected (lien direct) |
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. [...] |
Threat
|
|
★★★
|
|
2022-12-01 21:43:44 |
Compromised OEM Android platform certificates used to sign malware (lien direct) |
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications were utilized by threat actors to sign apps containing malware. [...] |
Malware
Threat
|
|
★★★
|
|
2022-12-01 13:45:32 |
(Déjà vu) New Redigo malware drops stealthy backdoor on Redis servers (lien direct) |
A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution. [...] |
Malware
Threat
|
|
★★★
|
|
2022-11-30 19:14:39 |
GoTo says hackers breached its dev environment, cloud storage (lien direct) |
Remote access and collaboration company GoTo disclosed today that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service. [...] |
Threat
|
|
★★★
|
|
2022-11-30 12:00:00 |
Google discovers Windows exploit framework used to deploy spyware (lien direct) |
Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company. [...] |
Threat
|
|
★★★★★
|
|
2022-11-25 12:18:23 |
Vice Society ransomware claims attack on Cincinnati State college (lien direct) |
The Vice Society ransomware operation has claimed responsibility for a cyberattack on Cincinnati State Technical and Community College, with the threat actors now leaking data allegedly stolen during the attack. [...] |
Ransomware
Threat
|
|
★★
|
|
2022-11-24 10:29:49 |
Hackers modify popular OpenVPN Android app to include spyware (lien direct) |
A threat actor associated with cyberespionage operations since at least 2017 has been luring victims with fake VPN software for Android that is a trojanized version of legitimate software SoftVPN and OpenVPN. [...] |
Threat
|
|
|
|
2022-11-10 14:17:25 |
Worok hackers hide new malware in PNGs using steganography (lien direct) |
A threat group tracked as 'Worok' hides malware within PNG images to infect victims' machines with information-stealing malware without raising alarms. [...] |
Malware
Threat
|
|
|
|
2022-11-03 15:36:50 |
RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam (lien direct) |
The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. [...] |
Malware
Threat
|
|
|
|
2022-11-02 16:35:15 |
(Déjà vu) Hundreds of U.S. news sites push malware in supply-chain attack (lien direct) |
The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] |
Malware
Threat
|
|
|
|
2022-11-02 16:35:15 |
Hundreds of U.S. news sites hit in SocGholish supply-chain attack (lien direct) |
The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] |
Malware
Threat
|
|
|
|
2022-11-01 17:15:20 |
Dropbox discloses breach after hacker stole 130 GitHub repositories (lien direct) |
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. [...] |
Threat
|
|
|
|
2022-11-01 11:29:25 |
New SandStrike spyware infects Android devices via malicious VPN app (lien direct) |
Threat actors are using a newly discovered spyware known as SandStrike and delivered via a malicious VPN application to target Persian-speaking Android users. [...] |
Threat
|
|
|
|
2022-10-18 17:49:08 |
Ransom Cartel linked to notorious REvil ransomware operation (lien direct) |
Threat analysts have connected the pieces that link the Ransom Cartel RaaS (ransomware-as-a-service) to the REvil gang, one of the most notorious and prolific ransomware groups in recent years. [...] |
Ransomware
Threat
|
|
|
|
2022-10-17 16:51:38 |
Malware dev claims to sell new BlackLotus Windows UEFI bootkit (lien direct) |
A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. [...] |
Tool
Threat
|
|
|
|
2022-10-16 10:07:14 |
New PHP information-stealing malware targets Facebook accounts (lien direct) |
Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...] |
Malware
Threat
|
|
|
|
2022-10-13 10:05:10 |
What the Uber Hack can teach us about navigating IT Security (lien direct) |
The recent Uber cyberattack shows us the myriad tactics employed by threat actors to breach corporate networks. Learn more about these tactics used and how to navigate IT Security. [...] |
Hack
Threat
|
Uber
Uber
|
|
|
2022-10-12 11:16:30 |
New npm timing attack could lead to supply chain attacks (lien direct) |
Security researchers have discovered an npm timing attack that reveals the names of private packages so threat actors can release malicious clones publicly to trick developers into using them instead. [...] |
Threat
|
|
|
|
2022-10-11 05:30:00 |
Hacking group POLONIUM uses \'Creepy\' malware against Israel (lien direct) |
Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] |
Malware
Threat
|
|
|
|
2022-10-10 16:24:51 |
Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) |
The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] |
Malware
Threat
|
|
|
|
2022-10-08 11:18:09 |
ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach (lien direct) |
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting the company's stolen files on their data leak site. [...] |
Threat
|
|
|
|
2022-09-23 07:17:34 |
Train to become an ethical hacker with this $35 course deal (lien direct) |
The point is, if you want to advance your career in IT and get a better handle on cyber threat mitigation, then The 2023 Complete Cyber Security Ethical Hacking Certification Bundle is a great place to start. It's convenient, it's fun, and since it's on sale, it's very easy to afford. [...] |
Threat
|
|
|
|
2022-09-21 14:44:10 |
FBI: Iranian hackers lurked in Albania\'s govt network for 14 months (lien direct) |
The Federal Bureau of Investigation (FBI) and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months. [...] |
Threat
|
|
|
|
2022-09-20 10:06:03 |
Top 8 takeaways from the VMWare Cybersecurity Threat Report (lien direct) |
VMware has recently released the 2022 edition of its annual Global Incident Response Threat Report. It is critically important for IT professionals to understand these trends and what they could mean for your organization's cyber security efforts. Let's break down VMware's 8 key findings and offer meaningful insights into each. [...] |
Threat
|
|
|
|
2022-09-09 10:00:00 |
Lampion malware returns in phishing attacks abusing WeTransfer (lien direct) |
The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...] |
Malware
Threat
|
|
|
|
2022-09-08 15:28:21 |
GIFShell attack creates reverse shell using Microsoft Teams GIFs (lien direct) |
A new attack technique called 'GIFShell' allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs. [...] |
Threat
|
|
|