What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-07 07:00:00 | Google says former Conti ransomware members now attack Ukraine (lien direct) | Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). [...] | Ransomware Threat | ||
|
2022-08-30 18:08:01 | Hackers hide malware in James Webb telescope images (lien direct) | Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [...] | Malware Threat | ||
|
2022-08-30 13:26:40 | Chinese hackers target Australian govt with ScanBox malware (lien direct) | China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...] | Malware Threat | ||
|
2022-08-28 13:15:05 | (Déjà vu) Okta one-time MFA passcodes exposed in Twilio cyberattack (lien direct) | The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company. [...] | Hack Threat | ||
|
2022-08-28 13:15:05 | Twilio breach let hackers see Okta\'s one-time MFA passwords (lien direct) | The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company. [...] | Hack Threat | ||
|
2022-08-25 18:33:35 | How \'Kimsuky\' hackers ensure their malware only reach valid targets (lien direct) | The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers. [...] | Malware Threat | ||
|
2022-08-25 16:59:05 | LastPass developer systems hacked to steal source code (lien direct) | Password management firm LastPass was hacked last week, allowing threat actors to steal the company's source code and proprietary technical information. [...] | Threat | LastPass | |
|
2022-08-25 10:53:16 | Twilio hackers hit over 130 orgs in massive Okta phishing attack (lien direct) | Threat analysts have discovered the phishing kit responsible for thousands of attacks against 136 high-profile organizations that have compromised 9,931 accounts. [...] | Threat | ||
|
2022-08-14 10:12:24 | Over 9,000 VNC servers exposed online without a password (lien direct) | Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. [...] | Threat | ★★ | |
|
2022-08-08 14:17:51 | Email marketing firm hacked to steal crypto-focused mailing lists (lien direct) | Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers. [...] | Data Breach Threat | ||
|
2022-08-05 12:00:00 | Twitter confirms zero-day used to expose data of 5.4 million accounts (lien direct) | Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles. [...] | Data Breach Vulnerability Threat | ||
|
2022-08-05 10:40:33 | Facebook finds new Android malware used by APT hackers (lien direct) | Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. [...] | Malware Threat | APT 36 | |
|
2022-08-03 16:35:51 | Windows 11 Smart App Control blocks files used to push malware (lien direct) | Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several new file types threat actors have recently adopted to infect targets with malware in phishing attacks. [...] | Malware Threat | ||
|
2022-08-01 18:33:54 | Over 3,200 apps leak Twitter API keys, some allowing account hijacks (lien direct) | Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users' Twitter accounts that are associated with the app. [...] | Threat | ||
|
2022-07-27 11:09:43 | Microsoft: Windows, Adobe zero-days used to deploy Subzero malware (lien direct) | Microsoft has linked a threat group it tracks as Knotweed to a cyber mercenary outfit (aka private-sector offensive actor) named DSIRF, targeting European and Central American entities using a malware toolset dubbed Subzero. [...] | Malware Threat | ||
|
2022-07-23 12:08:04 | North Korean hackers attack EU targets with Konni RAT malware (lien direct) | Threat analysts have uncovered a new campaign attributed to APT37, a North Korean group of hackers, targeting high-value organizations in the Czech Republic, Poland, and other European countries. [...] | Malware Threat Cloud | APT 37 | |
|
2022-07-22 18:00:35 | Hacker selling Twitter account data of 5.4 million users for $30k (lien direct) | Twitter has suffered a data breach after threat actors used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million accounts, with the data now up for sale on a hacker forum for $30,000. [...] | Data Breach Vulnerability Threat | ||
|
2022-07-19 13:06:41 | Google catches Turla hackers deploying Android malware in Ukraine (lien direct) | Google's Threat Analysis Group (TAG), whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. [...] | Malware Threat | ||
|
2022-07-19 05:30:00 | New CloudMensis malware backdoors Macs to steal victims\' data (lien direct) | Unknown threat actors are using previously undetected malware to backdoor macOS devices and exfiltrate information in a highly targeted series of attacks. [...] | Malware Threat | ||
|
2022-07-16 11:07:04 | Hackers pose as journalists to breach news media org\'s networks (lien direct) | Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors. [...] | Threat | ||
|
2022-07-16 10:11:12 | (Déjà vu) Elastix VoIP systems hacked in massive campaign to install PHP web shells (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | Massive campaign hits Elastix VoIP systems with 500,000 unique malware samples (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-15 13:46:43 | Password recovery tool infects industrial systems with Sality malware (lien direct) | A threat actor is infecting industrial control systems (ICS) to create a botnet through password "cracking" software for programmable logic controllers (PLCs). [...] | Malware Tool Threat | ||
|
2022-07-13 16:50:18 | Bandai Namco confirms hack after ALPHV ransomware data leak threat (lien direct) | Game publishing giant Bandai Namco has confirmed that they suffered a cyberattack that may have resulted in the theft of customers' personal data. [...] | Ransomware Hack Threat | ||
|
2022-07-11 15:24:40 | Ransomware gang now lets you search their stolen data (lien direct) | Two ransomware gangs and a data extortion group have adopted a new strategy to force victim companies to pay threat actors to not leak stolen data. [...] | Ransomware Threat | ||
|
2022-07-06 12:52:48 | (Déjà vu) Marriott confirms another data breach after hotel got hacked (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 12:52:48 | (Déjà vu) Marriott hit by new data breach and a failed extortion attempt (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 12:52:48 | Marriott confirms data breach and a failed extortion attempt (lien direct) | Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...] | Data Breach Threat | ||
|
2022-07-06 10:47:32 | US govt warns of Maui ransomware attacks against healthcare orgs (lien direct) | The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. [...] | Ransomware Threat | ||
|
2022-07-01 15:35:53 | The Week in Ransomware - July 1st 2022 - Bug Bounties (lien direct) | It has been relatively busy this week with new ransomware attacks unveiled, a bug bounty program introduced, and new tactics used by the threat actors to distribute their encryptors. [...] | Ransomware Threat | ||
|
2022-06-30 19:05:11 | Toll fraud malware disables your WiFi to force premium subscriptions (lien direct) | Microsoft is warning that toll fraud malware is one of the most prevalent threats on Android and that it is evolving with features that allow automatic subscription to premium services. [...] | Malware Threat | ||
|
2022-06-30 08:19:10 | Google blocked dozens of domains used by hack-for-hire groups (lien direct) | Google's Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide. [...] | Threat | ||
|
2022-06-30 08:12:24 | AstraLocker 2.0 infects users directly from Word attachments (lien direct) | A lesser-known ransomware strain called AstraLocker has recently released its second major version, and according to threat analysts, its operators engage in rapid attacks that drop its payload directly from email attachments. [...] | Ransomware Threat | ||
|
2022-06-29 06:48:22 | (Déjà vu) Microsoft Azure FabricScape bug let hackers hijack Linux clusters (lien direct) | Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Threat | ||
|
2022-06-29 06:48:22 | Microsoft fixes bug that let hackers hijack Azure Linux clusters (lien direct) | Microsoft has fixed a container escape vulnerability in the Service Fabric (SF) application hosting platform that would allow threat actors to escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Vulnerability Threat | ||
|
2022-06-28 13:18:14 | AMD investigates RansomHouse hack claims, theft of 450GB data (lien direct) | Chip manufacturer AMD says they are investigating a cyberattack after threat actors claimed to have stolen 450 GB of data from the company last year. [...] | Hack Threat | ||
|
2022-06-27 11:39:17 | Microsoft Exchange bug abused to hack building automation systems (lien direct) | A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. [...] | Hack Threat | ||
|
2022-06-26 10:12:06 | Clever phishing method bypasses MFA using Microsoft WebView2 apps (lien direct) | A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...] | Threat | ||
|
2022-06-23 15:28:48 | CISA: Log4Shell exploits still being used to hack VMware servers (lien direct) | CISA warned today that threat actors including state-backed hacking groups are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability. [...] | Hack Threat | ||
|
2022-06-23 13:07:15 | Spyware vendor works with ISPs to infect iOS and Android users (lien direct) | Google's Threat Analysis Group (TAG) revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers (ISPs) to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools. [...] | Threat | ||
|
2022-06-21 07:46:03 | (Déjà vu) Microsoft Exchange servers hacked by new ToddyCat APT gang (lien direct) | An advanced persistent threat (APT) group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. [...] | Threat | ||
|
2022-06-21 07:46:03 | (Déjà vu) New ToddyCat APT group targets Exchange servers in Asia, Europe (lien direct) | An advanced persistent threat (APT) group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. [...] | Threat | ||
|
2022-06-19 10:15:23 | Android-wiping BRATA malware is evolving into a persistent threat (lien direct) | The threat actors operating the BRATA banking trojan have evolved their tactics and incorporated new information-stealing features into their malware. [...] | Malware Threat | ★★★ | |
|
2022-06-16 15:43:57 | New MaliBot Android banking malware spreads as a crypto miner (lien direct) | Threat analysts have discovered a new Android malware strain named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain. [...] | Malware Threat | ||
|
2022-06-16 06:07:20 | Microsoft Office 365 feature can help cloud ransomware attacks (lien direct) | Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage. [...] | Ransomware Threat | ||
|
2022-06-15 15:05:10 | Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike (lien direct) | The threat actor known as 'Blue Mockingbird' has been observed by analysts targeting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. [...] | Threat | ||
|
2022-06-09 08:00:24 | New Symbiote malware infects all running processes on Linux systems (lien direct) | Threat analysts have discovered a new malware targeting Linux systems that operates as a symbiote in the host, blending perfectly with running processes and network traffic to steal account credentials and give its operators backdoor access. [...] | Malware Threat | ★★ | |
|
2022-06-09 07:00:00 | Chinese hacking group Aoqin Dragon quietly spied orgs for a decade (lien direct) | A previously unknown Chinese-speaking threat actor has been uncovered by threat analysts SentinelLabs who were able to link it to malicious activity going as far back as 2013. [...] | Threat | ||
|
2022-06-07 18:43:21 | US: Chinese govt hackers breached telcos to snoop on network traffic (lien direct) | Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data. [...] | Threat | ||
|
2022-06-06 12:56:10 | Ransomware gangs now give victims time to save their reputation (lien direct) | Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. [...] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
