What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-11 18:30:13 | Sonatype spots another PyPI package behaving badly (lien direct) | Identity of a real person was used to lend credence to a package that dropped cryptominer in memory Sonatype has unearthed yet more malware lurking on PyPI, this time a fileless Linux nasty designed to mine Monero and using the identity of a real person to lend credibility to the package.… | Malware | ||
|
2022-08-11 05:59:10 | Cisco admits corporate network compromised by gang with links to Lapsus$ (lien direct) | Voice-phished their way in, but Switchzilla claims no damage done Cisco disclosed on Wednesday that its corporate network was accessed by cyber-criminals in May after an employee's personal Google account was compromised – an act a ransomware gang named "Yanluowang" has now claimed as its work.… | Ransomware | ||
|
2022-08-10 22:00:55 | Google tells Apple to \'fix text messaging\' in bid to promote RCS protocol (lien direct) | iMessage talks to Android users via outdated SMS/MMS, ad giant complains Google has launched a campaign to pressure Apple to adopt Rich Communications Services (RCS), a protocol used by most mobile industry vendors but not the iPhone maker.… | |||
|
2022-08-10 16:00:06 | Google\'s bug bounty boss: Finding and patching vulns? \'Totally useless\' (lien direct) | Disclosing exploits, however, will earn you $100k Simply finding vulnerabilities and patching them "is totally useless," according to Google's Eduardo Vela, who heads the cloud giant's product security response team.… | Patching | ||
|
2022-08-10 14:23:11 | Cloudflare: Someone tried to pull the Twilio phishing tactic on us too (lien direct) | Attack was foiled by content delivery network's hardware security keys Cloudflare says it was subject to a similar attack to one made on comms company Twilio last week, but in this case it was thwarted by hardware security keys that are required to access applications and services.… | |||
|
2022-08-10 10:32:05 | Businesses should dump Windows for the Linux desktop (lien direct) | It makes perfect sense for enterprises as well as enthusiasts. Just ask GitLab Opinion I've been preaching the gospel of the Linux desktop for more years than some of you have been alive. However, unless you argue that the Linux desktop includes Android smartphones and ChromeOS laptops, there will be no year of the Linux desktop.… | |||
|
2022-08-08 17:45:05 | Twilio customer data exposed after its staffers got phished (lien direct) | Comms giant says several other firms targeted in 'sophisticated attack' Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack.… | |||
|
2022-08-08 11:45:08 | Slack leaked hashed passwords from its servers for years (lien direct) | Users who created shared invitation links for their workspace had login details slip out among encrypted traffic Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users.… | |||
|
2022-08-08 09:03:13 | Yeah, we\'ll just take that first network handshake. What could possibly go wrong? (lien direct) | Almost taking the fall for another person's mistake Who, Me? Brickbats and bouquets are the way of things in the world of IT. Consider today's Who, Me? entry where our hero nearly fell on his sword when a bug bounty might have been more appropriate.… | |||
|
2022-08-08 06:31:12 | Dark Utilities C2 service draws thousands of cyber criminals (lien direct) | Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launching earlier this year, and will likely expand its client list in the coming months.… | |||
|
2022-08-05 19:43:59 | Nomad to crypto thieves: Please give us back 90%, keep 10% as a reward. Deal? (lien direct) | The Feds may see things differently Cryptocurrency bridge Nomad sent a message to the looters who drained nearly $200 million in tokens from its coffers earlier this week: return at least 90 percent of the ill-gotten gains, keep 10 percent as a bounty for discovering the security flaw, and Nomad will consider this a "white-hat" hack, as opposed to plain old theft, and not take legal action.… | |||
|
2022-08-05 13:00:11 | Major outage at IT service provider forces NHS 111 call handlers to use \'pen and paper\' (lien direct) | Suspected security attack at Advanced takes down part of server estate that hosted range of apps Tech services provider Advanced has taken part of its infrastructure offline as it tries to contain a suspected security incident, with a range of hosted applications not available to health customers, including NHS 111 emergency services.… | |||
|
2022-08-04 23:45:04 | Bloke robbed of $800,000 in cryptocurrency by fake wallet app wants payback from Google (lien direct) | I got played via the Play store Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store.… | |||
|
2022-08-04 19:27:14 | Specs leak of 5.7GHz AMD Ryzen 7000 chips with double the L2 cache (lien direct) | These might be the 5nm Zen 4 desktop processors due to land this quarter AMD's Ryzen 7000 desktop processors will reportedly top 5.7 GHz in the case of the Zen giant's top-of-the-line 7950X, when they launch later this quarter.… | |||
|
2022-08-04 13:00:09 | US aims to step up security for federal datacenters: Both physical and cyber (lien direct) | Bit barns threatened by malware flingers, but fire, storms, or bad guys arriving at the sites are also bad news Proposed legislation in the US will seek to ensure greater protection for government datacenters from the threat of cyberattacks, but also physical dangers such as natural disasters and terrorism.… | Malware Threat | ||
|
2022-08-04 12:23:31 | Taiwanese military reports DDoS in wake of Pelosi visit (lien direct) | Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors.… | |||
|
2022-08-04 06:31:14 | Student crashes Cloudflare beta party, redirects email, bags a bug bounty (lien direct) | Simple to exploit, enough to pocket $3,000 A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email.… | Vulnerability | ||
|
2022-08-01 07:27:07 | Akamai: We stopped record DDoS attack in Europe (lien direct) | A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently hammered over a 30-day period.… | |||
|
2022-08-01 00:30:12 | Spyware developer charged by Australian Police after 14,500 sales (lien direct) | PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more Asia In Brief Australia's federal police (AFP) on Friday charged a man with creating and profiting from spyware that allowed total remote control of victims' computers.… | |||
|
2022-07-29 19:39:27 | Feds put $10m bounty on Putin pal accused of bankrolling US election troll farm (lien direct) | Just in time for the midterms The Feds have put up a $10 million reward for information about foreign interference in US elections in general, and more specifically a Russian oligarch and close friend of President Vladimir Putin accused of funding an organization that meddled in the 2016 presidential elections.… | |||
|
2022-07-29 07:05:12 | BreachForums booms on the back of billion-record Chinese data leak (lien direct) | Plenty of recent users appear to be from China, and hoping for more leaks of local data The popularity of stolen data bazaar BreachForums surged after it was used to sell a giant database of stolen information describing Chinese citizens, threat intelligence firm Cybersixgill said on Thursday.… | Threat | ||
|
2022-07-29 04:29:08 | US court system suffered \'incredibly significant attack\' – sealed files at risk (lien direct) | Effects still being felt today across US government The United States' federal court system "faced an incredibly significant and sophisticated cyber security breach, one which has since had lingering impacts on the department and other agencies."… | |||
|
2022-07-27 22:33:07 | FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft (lien direct) | Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices.… | |||
|
2022-07-27 21:58:53 | We\'re likely only seeing \'the tip of the iceberg\' of Pegasus spyware use against the US (lien direct) | House intel chair raises snoop tool concerns as Google and others call for greater crack down Google and internet rights groups have called on Congress to weigh in on spyware, asking for sanctions and increased enforcement against so-called legit surveillanceware makers.… | Tool | ||
|
2022-07-27 19:30:14 | US puts $10 million bounty on North Korean cyber-crews (lien direct) | Kim will be shaking in his shoes The US is offering up to $10 million for information on members of state-sponsored North Korean threat groups, double the amount that the State Department announced in April.… | Threat | ||
|
2022-07-27 16:45:11 | Knotweed Euro cyber mercenaries attacking private sector, says Microsoft (lien direct) | Reports seeing 'offensive actor' flinging SubZero malware Microsoft has published an analysis of a Europe-based "private-sector offensive actor" with a view to helping its customers spot signs of attacks by money-hungry gangsters.… | |||
|
2022-07-27 10:31:09 | Weak data protection helped China attack US Federal Reserve, report says (lien direct) | Details of adversarial tradecraft detailed, includes many email accounts China's cyber espionage activities are extensive and sophisticated but when the Middle Kingdom tried to steal sensitive economic data from the US Fed, poor security meant its operatives didn't have to dip too far into their bags of tricks.… | |||
|
2022-07-27 05:03:08 | Vietnamese attacker circumvents Facebook security with \'DUCKTAIL\' malware (lien direct) | Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts.… | Malware Guideline | ||
|
2022-07-26 17:00:08 | Luca Stealer malware spreads rapidly after code handily appears on GitHub (lien direct) | Cool, another Rust project ... Oh A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.… | Malware | ||
|
2022-07-26 14:26:53 | Ransomware less popular this year, but malware up: SonicWall cyber threat report (lien direct) | Be ready for a rebound, and protect yourself with patching and segmentation SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.… | Ransomware Malware Threat Patching | ||
|
2022-07-26 07:30:06 | LockBit ransomware gang claims it ransacked Italy\'s tax agency (lien direct) | Miscreants boast of 78GB haul, officials say everything's fine The LockBit ransomware crew is claiming to have stolen 78GB of data from Italy's tax agency and is threatening to leak it if a ransom isn't paid by July 31.… | Ransomware | ||
|
2022-07-25 17:00:55 | Cyber-mercenaries for hire represent shifting criminal business model (lien direct) | Emerging threat group offers a broad range of attack services An emerging and fast-growing threat group is using a unique business model to offer cybercriminals a broad range of services that span from leaked databases and distributed denial-of-service (DDoS) attacks to hacking scripts and, in the future, potentially ransomware.… | Threat | ||
|
2022-07-25 09:30:11 | Intel bags deal to make chips for MediaTek, that other Android processor designer (lien direct) | This will be the x86 giant's first major foundry customer Intel will manufacture chips for Taiwanese chip designer MediaTek, making the latter the first major silicon customer for Intel's revitalized contract chip manufacturing business.… | |||
|
2022-07-22 21:44:22 | Microsoft closes off two avenues of attack: Office macros, RDP brute-forcing (lien direct) | Blockade against web-sourced VBA scripts is back on by default Microsoft is shutting the door on a couple of routes cybercriminals have used to attack users and networks.… | |||
|
2022-07-22 06:45:07 | Microsoft sunsets Windows\' built-in data leak prevention tech (lien direct) | The alternative is a paid subscription service. What's the bet it's more expensive than the current offering? Microsoft has announced it will “sunset” the Windows Information Protection data leak prevention offering baked into its client operating system.… | ★★★ | ||
|
2022-07-21 20:29:10 | US Cyber Command spots another 20 malware strains targeting Ukraine (lien direct) | Plus Mandiant, Cisco Talos uncover digital espionage US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months.… | Malware | ||
|
2022-07-20 23:56:43 | Suspected Gozi malware gang \'CIO\' extradited to US on fraud, hacking charges (lien direct) | Euro man allegedly known as 'Virus' faces years behind bars if convicted A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges.… | Malware | ||
|
2022-07-20 20:36:03 | (Déjà vu) Google: Kremlin-backed goons spread Android malware disguised as pro-Ukraine app (lien direct) | Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… | Malware | ||
|
2022-07-20 20:36:03 | Google: Kremlin-backed goons spread Andriod malware disguised as pro-Ukraine app (lien direct) | Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… | Malware | ||
|
2022-07-20 03:15:14 | Belgium says Chinese cyber gangs attacked its government and military (lien direct) | China, as usual, says it just wants a peaceful and prosperous internet The government of Belgium has claimed it detected three Chinese Advanced Persistent Threat actors attacking its public service and defence forces.… | Threat | ||
|
2022-07-19 11:15:07 | Walmart-controlled flight booking service suffers substantial data leak (lien direct) | India's Cleartrip is being very opaque about what happened An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers.… | |||
|
2022-07-18 19:12:53 | Botnet malware disguises itself as password cracker for industrial controllers (lien direct) | Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.… | Malware | ||
|
2022-07-18 01:15:11 | Alibaba execs hauled in to discuss Shanghai Police data leak (lien direct) | Plus: Weibo cracks down on political puns; Singaporean crypto biz Vauld restructures; Philippines fights Facebook rumors Asia In Brief Senior execs from Alibaba Cloud were summoned to discuss the data leak that saw information pertaining to a billion Chinese citizens sold on the dark web, according to Nikkei and The Wall Street Journal.… | |||
|
2022-07-16 14:34:10 | North Koreans spotted harassing SMBs with malware (lien direct) | Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more In brief SMBs, beware: Microsoft said this week it has discovered a North Korean crew targeting small businesses with ransomware since September of last year.… | Ransomware Malware | ||
|
2022-07-15 02:28:01 | Meet Mantis, the tiny shrimp that launched 3,000 DDoS attacks (lien direct) | Watch out for deadly pinchers after that record-breaking attack The botnet behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack is now named after a tiny shrimp.… | |||
|
2022-07-13 21:06:50 | 1.9m patient records exposed in healthcare debt collector ransomware attack (lien direct) | The P in PFC now stands for Pwned Professional Finance Company, a Colorado-based debt collector whose customers include hundreds of US hospitals, medical clinics, and dental groups, recently disclosed that more than 1.9 million people's private data – including names, addresses, social security numbers and health records – was exposed during a ransomware infection.… | Ransomware | ||
|
2022-07-12 16:00:14 | Older AMD, Intel chips vulnerable to data-leaking \'Retbleed\' Spectre variant (lien direct) | Speculative execution side-channels continue to haunt silicon world Older AMD and Intel chips are vulnerable to yet another Spectre-based speculative-execution attack that exposes secrets within kernel memory despite defenses already in place. Mitigating this side channel is expected to take a toll on performance.… | |||
|
2022-07-12 15:00:10 | Hive to end support for variety of smart home gadgets in 2025 (lien direct) | Company says it is pivoting to systems 'that'll help get us closer to achieving Net Zero' Home automation platform Hive plans to terminate key products in its line, including the Hive View cameras, HomeShield, and Leak products.… | |||
|
2022-07-12 14:30:14 | NYC issues super upbeat PSA for surviving the nuclear apocalypse (lien direct) | It's the end of the world as we know it, and you'll be fine Ever the optimist, New York has reminded its citizens of what they should do in the event of a nuclear attack. And not just any nuclear attack either, but the "big one."… | |||
|
2022-07-12 02:45:10 | Twitter claims Elon Musk bailed from sale with \'invalid and wrongful\' reasons (lien direct) | Tesla chief seemingly responds with ... a Chuck Norris meme that shows all the brilliance of the CEO mindset Twitter has fired back at Elon Musk's allegations the micro-blogging network is in breach of its agreement to be acquired, claiming the billionaire is the one at fault and vowing to see the deal through to a conclusion.… |
To see everything:
Our RSS (filtrered)
