What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-21 17:37:20 | PYSA ransomware behind most double extortion attacks in November (lien direct) | Security analysts from NCC Group report that ransomware attacks in November 2021 increased over the past month, with double-extortion continuing to be a powerful tool in threat actors' arsenal. [...] | Ransomware Tool Threat | ||
|
2021-12-20 11:33:11 | Log4j vulnerability now used to install Dridex banking malware (lien direct) | Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] | Malware Vulnerability Threat | ||
|
2021-12-20 06:00:00 | Phishing attacks impersonate Pfizer in fake requests for quotation (lien direct) | Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. [...] | Threat | ||
|
2021-12-17 18:37:23 | The Week in Ransomware - December 17th 2021 - Enter Log4j (lien direct) | A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...] | Ransomware Vulnerability Threat | ||
|
2021-12-17 15:25:06 | TellYouThePass ransomware revived in Linux, Windows Log4j attacks (lien direct) | Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. [...] | Ransomware Threat | ||
|
2021-12-17 14:06:08 | Credit card info of 1.8 million people stolen from sports gear sites (lien direct) | Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers. [...] | Threat | ||
|
2021-12-17 13:32:30 | CISA urges VMware admins to patch critical flaw in Workspace ONE UEM (lien direct) | CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [...] | Vulnerability Threat | ||
|
2021-12-16 16:12:45 | Log4j attackers switch to injecting Monero miners via RMI (lien direct) | Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. [...] | Vulnerability Threat | ||
|
2021-12-16 13:39:13 | Google Calendar now lets you block invitation phishing attempts (lien direct) | Google now makes it easy to block unwanted calendar invitations, commonly used by threat actors in phishing and malicious campaigns, from being added to your Google Calendar. [...] | Threat | ||
|
2021-12-15 12:32:55 | State-sponsored hackers abuse Slack API to steal airline data (lien direct) | A suspected Iranian state-supported threat actor is deploying a newly discovered backdoor named 'Aclip' that abuses the Slack API for covert communications. [...] | Threat | ||
|
2021-12-15 10:28:32 | Sites hacked with credit card stealers undetected for months (lien direct) | Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers. [...] | Threat | ||
|
2021-12-14 12:16:08 | Hackers steal Microsoft Exchange credentials using IIS module (lien direct) | Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. [...] | Threat | ||
|
2021-12-12 18:07:20 | Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) | Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] | Malware Vulnerability Threat | ||
|
2021-12-07 18:21:46 | Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) | In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] | Ransomware Malware Threat | ||
|
2021-12-04 12:06:12 | Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) | Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] | Malware Threat | ||
|
2021-12-03 12:40:10 | Fake support agents call victims to install Android banking malware (lien direct) | The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] | Malware Threat | ||
|
2021-11-29 09:40:21 | Panasonic discloses data breach after network hack (lien direct) | Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained access to servers on its network this month. [...] | Data Breach Hack Threat | ||
|
2021-11-26 15:41:42 | IKEA email systems hit by ongoing cyberattack (lien direct) | IKEA is battling an ongoing cyberattack where threat actors are targeting employees in internal phishing attacks using stolen reply-chain emails. [...] | Threat | ||
|
2021-11-24 13:42:37 | Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds (lien direct) | A newly discovered Iranian threat actor is stealing Google and Instagram credentials belonging to Farsi-speaking targets worldwide using a new PowerShell-based stealer dubbed PowerShortShell by security researchers at SafeBreach Labs. [...] | Threat | ||
|
2021-11-23 16:35:51 | Threat actors find and compromise exposed services in 24 hours (lien direct) | Researchers set up 320 honeypots to see how quickly threat actors would target exposed cloud services and report that 80% of them were compromised in under 24 hours. [...] | Threat | ||
|
2021-11-20 12:55:47 | Microsoft Exchange servers hacked in internal reply-chain attacks (lien direct) | Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...] | Malware Threat | ||
|
2021-11-18 09:47:45 | North Korean cyberspies target govt officials with custom malware (lien direct) | A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. [...] | Malware Threat | ||
|
2021-11-18 08:46:51 | FBI warns of APT group exploiting FatPipe VPN zero-day since May (lien direct) | The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets' networks. [...] | Threat | ||
|
2021-11-17 03:33:33 | Threat actors offer millions for zero-days, developers talk of exploit-as-a-service (lien direct) | While mostly hidden in private conversations, details sometimes emerge about the parallel economy of vulnerability exploits on underground forums, revealing just how fat of a wallet some threat actors have. [...] | Vulnerability Threat | ||
|
2021-11-16 13:11:31 | Microsoft warns of the evolution of six Iranian hacking groups (lien direct) | The Microsoft Threat Intelligence Center (MSTIC) has presented an analysis of the evolution of several Iranian threat actors at the CyberWarCon 2021, and their findings show increasingly sophisticated attacks. [...] | Threat | ||
|
2021-11-12 12:14:17 | FTC shares ransomware defense tips for small US businesses (lien direct) | The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [...] | Ransomware Threat | ||
|
2021-11-12 11:04:02 | These are the top-level domains threat actors like the most (lien direct) | Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites. [...] | Threat | ||
|
2021-11-10 17:19:06 | HPE says hackers breached Aruba Central using stolen access key (lien direct) | HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations. [...] | Threat | ||
|
2021-11-10 16:30:44 | FBI warns of Iranian hackers looking to buy US orgs\' stolen data (lien direct) | The Federal Bureau of Investigation (FBI) warned private industry partners of attempts by an Iranian threat actor to buy stolen information regarding US and worldwide organizations. [...] | Threat | ||
|
2021-11-10 10:52:26 | TrickBot teams up with Shatak phishers for Conti ransomware attacks (lien direct) | A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. [...] | Ransomware Threat | ||
|
2021-11-10 10:36:47 | Microsoft patches Excel zero-day used in attacks, asks Mac users to wait (lien direct) | During this month's Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. [...] | Vulnerability Threat | ||
|
2021-11-08 16:40:29 | Robinhood discloses data breach impacting 7 million customers (lien direct) | Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers. [...] | Data Breach Threat | ||
|
2021-11-05 10:59:33 | US defense contractor Electronic Warfare hit by data breach (lien direct) | US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system and stole files containing personal information. [...] | Data Breach Threat | ||
|
2021-11-04 12:39:34 | Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware (lien direct) | A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk Ransomware. [...] | Ransomware Threat | ||
|
2021-11-01 13:25:00 | Kaspersky\'s stolen Amazon SES token used in Office 365 phishing (lien direct) | Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. [...] | Threat | ||
|
2021-10-26 15:45:30 | Spammers use Squirrelwaffle malware to drop Cobalt Strike (lien direct) | A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...] | Malware Threat | ||
|
2021-10-20 12:59:16 | Political-themed actor using old MS Office flaw to drop multiple RATs (lien direct) | A novel threat actor with unclear motives has been discovered running a crimeware campaign which delivers multiple Windows and Android RATs (remote access tools) through the exploitation of CVE-2017-11882. [...] | Threat | ||
|
2021-10-19 12:40:15 | Acer hacked twice in a week by the same threat actor (lien direct) | Acer has suffered a second cyberattack in just a week by the same hacking group that says other regions are vulnerable. [...] | Threat | ||
|
2021-10-19 09:00:00 | FBI warns of fake govt sites used to steal financial, personal data (lien direct) | The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. [...] | Threat | ||
|
2021-10-19 08:00:00 | New Karma ransomware group likely a Nemty rebrand (lien direct) | Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang. [...] | Ransomware Threat | ||
|
2021-10-19 05:12:07 | (Déjà vu) Microsoft issues advisory for Surface Pro 3 TPM bypass vulnerability (lien direct) | Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments. [...] | Vulnerability Threat | ||
|
2021-10-19 05:12:07 | Microsoft fixes Surface Pro 3 TPM bypass with public exploit code (lien direct) | Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets that enables threat actors to introduce malicious devices within enterprise environments. [...] | Vulnerability Threat | ||
|
2021-10-14 06:00:00 | New Yanluowang ransomware used in targeted enterprise attacks (lien direct) | A new and still under development ransomware strain is being used in highly targeted attacks against enterprise entities as Broadcom's Symantec Threat Hunter Team discovered. [...] | Ransomware Threat | ||
|
2021-10-11 11:52:27 | Microsoft: Iran-linked hackers target US defense tech companies (lien direct) | Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. [...] | Threat | ||
|
2021-10-10 13:16:30 | FontOnLake malware infects Linux systems via trojanized utilities (lien direct) | A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] | Malware Threat | ||
|
2021-10-07 19:38:57 | Google warns 14,000 Gmail users targeted by Russian hackers (lien direct) | Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. [...] | Threat | APT 28 | |
|
2021-10-06 15:42:54 | Hackers use stealthy ShellClient malware on aerospace, telco firms (lien direct) | Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018. [...] | Malware Threat | ||
|
2021-10-01 10:32:26 | Hackers rob thousands of Coinbase customers using MFA flaw (lien direct) | Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication security feature. [...] | Vulnerability Threat | ||
|
2021-09-30 15:32:05 | Fake Amnesty International Pegasus scanner used to infect Windows (lien direct) | Threat actors are trying to capitalize on the recent revelations on Pegasus spyware from Amnesty International to drop a less-known remote access tool called Sarwent. [...] | Tool Threat | ||
|
2021-09-30 12:38:43 | JVCKenwood hit by Conti ransomware claiming theft of 1.5TB data (lien direct) | JVCKenwood has suffered a Conti ransomware attack where the threat actors claim to have stolen 1.7 TB of data and are demanding a $7 million ransom. [...] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
