What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-03 14:12:01 | Cisco Releases Guides for Analyzing Compromised Devices (lien direct) | Cisco has released new guides to help first responders collect forensic evidence from potentially compromised or tampered with IOS, IOS XE, ASA, and Firepower Threat Defense (FTD) devices. | Threat | ||
|
2019-09-02 15:14:03 | TrickBot Tricks U.S. Users into Sharing their PIN Codes (lien direct) | The threat actor behind the infamous TrickBot botnet has added new functionality to their malware to request PIN codes from mobile users, Secureworks reports. | Malware Threat | ★★★ | |
|
2019-08-28 14:59:00 | Researchers Analyze Tools Used by \'Hexane\' Attackers Against Industrial Firms (lien direct) | Security researchers from Secureworks have analyzed several tools used by the Hexane threat actor in attack campaigns against industrial organizations over the past several months. | Threat | ||
|
2019-08-27 17:30:02 | Dridex Operator Updates Tactics and Targets (lien direct) | The threat actor behind the infamous Dridex and Locky malware families has updated tactics and expanded its target list in recent campaigns, Trend Micro reports. | Malware Threat | ||
|
2019-08-26 14:34:02 | The Growing Threat of Deepfake Videos (lien direct) | Deepfakes are a growing threat. They are primarily a social engineering tool. That means they will increasingly be used in phishing attacks, BEC attacks, reputation attacks, and public opinion attacks (such as election meddling). Existing methods in all these areas are already successful; but the arrival of deepfake videos will take them to a different level. | Threat | ||
|
2019-08-23 17:36:00 | US Wants Woman Accused in Capital One Hack to Stay Locked Up (lien direct) | A woman accused of hacking Capital One and at least 30 other organizations is a flight risk, a threat and should be kept locked up until her trial, U.S. prosecutors said in court documents filed ahead of a Friday detention hearing in Seattle. | Hack Threat | ||
|
2019-08-23 15:31:04 | Black Hat 2019: Bounties, Breaches and Deepfakes, Oh My! (lien direct) | Black Hat 2019 recently wrapped in Las Vegas, where somewhere between 15,000 and 20,000 experts descended to experience the latest developments in the world of cybersecurity. While we saw the expected releases of new threat research, vulnerabilities and breakdowns on nation-state level attacks, the reason I, and many others, attend this annual conference is to see what trends are emerging, and be surprised by the unexpected. | Threat | ||
|
2019-08-19 11:55:00 | Organizations Expose Sensitive Data via Malware Analysis Sandboxes (lien direct) | Researchers at UK-based threat intelligence firm Cyjax have studied files submitted to three popular online malware analysis sandboxes and found that many of the publicly accessible files contain sensitive information. | Malware Threat | ||
|
2019-08-12 15:37:00 | \'Cloud Atlas\' Cyberspies Use Polymorphic Malware in Government Attacks (lien direct) | The Cloud Atlas threat group has continued conducting cyber espionage operations and its recent attacks have involved a new piece of polymorphic malware. | Malware Threat | ||
|
2019-08-02 15:13:03 | Nine Distinct Threat Groups Targeting Industrial Systems: Dragos (lien direct) | The number of tracked threat groups targeting industrial control systems (ICS) environments has risen to nine, industrial cybersecurity firm Dragos reveals in a new report. | Threat | ||
|
2019-08-01 11:01:02 | \'Hexane\' Threat Actor Targeting Industrial Organizations (lien direct) | Security researchers from industrial cybersecurity firm Dragos say they have identified a new threat actor targeting industrial control systems (ICS) related entities in the oil and gas and telecommunications sectors. | Threat | ||
|
2019-07-31 14:31:03 | Mobile Malware and Mobile Attackers are Getting More Sophisticated (lien direct) | For many years, the primary threat to mobile devices was click-jacking and adware. But as the mobile device has become more deeply embedded in everybody's life, as mobile banking has increased and the amalgamation of personal data on devices has grown, so has the attraction of the mobile device increased for both cyber criminals and even nation states. | Malware Threat | ||
|
2019-07-25 11:02:05 | Using Threat Trends to Protect Network Resources (lien direct) | The Threat Landscape is Evolving Faster Than the Usual Rate of Security Review Leveraging threat intelligence to improve an organization's security posture should be an essential component of any security strategy. So as I spend time with organizations from around the world to discuss their security challenges, I am surprised to learn how few do this. | Threat | ||
|
2019-07-23 14:31:00 | China-Linked Threat Actor Using New Backdoor (lien direct) | The China-linked threat actor known as APT15 has been using a previously undocumented backdoor for more than two years, ESET's security researchers have discovered. | Threat | APT 15 | |
|
2019-07-22 13:38:05 | Questions to Ask Before Choosing a Threat Intelligence RFI Service (lien direct) | Much like deep & dark web (DDW) coverage and anti-fraud solutions, request for intelligence (RFI) services have quickly become both ubiquitous and prone to misleading claims in the threat intelligence market. | Threat Guideline | ||
|
2019-07-19 16:52:00 | The Growing Threat of Targeted Ransomware (lien direct) | Ransomware targeting organizations is a growing threat. The extent of that threat is not always obvious. Except for the healthcare sector, disclosure of a ransomware attack is not generally required -- so victims will not necessarily report an incident. This is exacerbated by those victims who simply pay up and recover their files without the problem becoming obvious. | Ransomware Threat | ||
|
2019-07-18 11:47:02 | StrongPity Targets Victims with Malicious WinBox Installer (lien direct) | A recently discovered ongoing campaign attributed to the StrongPity threat actor abuses malicious WinBox installers to infect victims, AT&T's Alien Labs security researchers reveal. | Threat | ||
|
2019-07-17 14:40:02 | SLUB Backdoor Spreads via Newly Patched Vulnerability (lien direct) | The threat actor behind the SLUB backdoor has started abusing a recently patched Internet Explorer vulnerability for distribution purposes, Trend Micro's security researchers reveal. | Vulnerability Threat | ||
|
2019-07-16 13:52:01 | Russia-linked Hackers Use New Trojans in Recent Attacks (lien direct) | Russia-linked threat group Turla has released new variants of the KopiLuwak Trojan in attacks detected since the beginning of this year, Kaspersky's security researchers reveal. | Threat | ★★★★★ | |
|
2019-07-11 09:47:02 | Buhtrap Group Used Windows Zero-Day in Government Attack (lien direct) | One of the two Windows zero-day vulnerabilities fixed by Microsoft with its July 2019 Patch Tuesday updates was used by a threat group known as Buhtrap to target a government organization in Eastern Europe, according to cybersecurity firm ESET. | Threat | ||
|
2019-07-03 15:35:04 | Dridex Operators Use New Trojan Downloader (lien direct) | The threat actor best known for operating the Dridex banking Trojan and the Locky ransomware has started using a new downloader in June, Proofpoint reports. | Ransomware Threat | ||
|
2019-07-02 16:54:00 | Threat Actor Targets Libyans with Malware via Facebook (lien direct) | A threat group has been targeting mobile and desktop users in Libya with malware through Facebook pages, Check Point has discovered. | Malware Threat | ||
|
2019-07-02 04:54:05 | Researchers Analyze Vietnamese Hackers\' Suite of RATs (lien direct) | BlackBerry Cylance security researchers have analyzed a suite of remote access Trojans (RATs) that the Vietnam-linked threat actor OceanLotus has been using in attacks for the past three years. | Threat | APT 32 | |
|
2019-07-01 15:30:00 | Threat Actor Poisons OpenPGP Certificates (lien direct) | Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. | Threat | ||
|
2019-06-20 18:11:01 | Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group (lien direct) | Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group | Threat | APT 34 | |
|
2019-06-20 14:06:05 | Indegy Launches Industrial Cybersecurity-as-a-Service Offering (lien direct) | Indegy on Thursday announced the general availability of CIRRUS, a new industrial cybersecurity-as-a-service (ICSaaS) offering. CIRRUS is designed to help organizations of all sizes monitor and protect their operational technology (OT) environments using cloud technologies and real-time threat intelligence sharing. | Threat | ||
|
2019-06-14 11:43:02 | Hackers Behind \'Triton\' Malware Target Electric Utilities in US, APAC (lien direct) | Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting - in addition to oil and gas organizations - electric utilities in the United States and the Asia-Pacific (APAC) region. | Malware Threat | ||
|
2019-06-11 12:13:02 | Artificial Intelligence Threat Detection Firm Vectra Raises $100 Million (lien direct) | San Jose, Calif-based network threat detection and response firm Vectra has closed a $100 million Series E funding round led by TCV and supported by existing investors. This brings the total raised since the firm was founded in 2010 by James Harlacher and Mark Abene to $222.5 million. Vectra uses artificial intelligence to detect 'in-progress' cyber-attacks on the network. | Threat | ||
|
2019-06-10 15:32:01 | Fighting Fraud With Threat Intelligence: Debunking Common Misconceptions (lien direct) | The Composition of a Fraud Team or Function is Often Overlooked in Threat Intelligence Market | Threat | ||
|
2019-06-10 13:52:03 | The Dark Net, a Major Threat but Also a Resource (lien direct) | Criminal use of, and threats from, the dark net are growing. At the same time, criminals are going darker through direct end-to-end encryption for direct communication with service buyers and potential buyers. But the dark net also has its uses. | Threat | ||
|
2019-06-08 01:10:00 | Facebook to Cut off Huawei to Comply With U.S. Sanctions (lien direct) | Facebook said Friday it would cut off Huawei from its popular social networking apps to comply with US sanctions, further isolating the Chinese tech giant considered a national security threat by Washington. | Threat | ||
|
2019-05-31 15:02:00 | Researchers Dissect PowerShell Scripts Used by Russia-Linked Hackers (lien direct) | Security researchers from ESET have analyzed several PowerShell scripts used by the Russia-linked Turla threat group in recent attacks. | Threat | ||
|
2019-05-30 11:49:01 | Threat Intelligence Firm Recorded Future Acquired for $780 Million (lien direct) | Threat intelligence provider Recorded Future announced on Thursday that Insight Partners has agreed to acquire a controlling interest in the company, in addition to the minority stake previously owned by Insight. The all-cash transaction values Recorded Future at more than $780 million. | Threat | ||
|
2019-05-22 13:25:01 | Hunters.AI Emerges From Stealth With $5.4M in Seed Funding (lien direct) | Hunters.AI, an Israel-based company specializing in autonomous threat hunting, on Wednesday emerged from stealth mode and announced that it raised $5.4 million in seed funding from YL Ventures and Blumberg Capital. | Threat | ★★★ | |
|
2019-05-20 12:09:01 | How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web (lien direct) | Deep & dark web (DDW) communities have long been must-have data sources for threat intelligence programs, but only recently has the market caught up with this need. | Threat | ||
|
2019-05-15 16:34:05 | The Shortcomings of Network Monitoring in Fighting ICS Threats (lien direct) | Passive and Active Threat Detection is Needed to Secure Operational Technology (OT) Environments | Threat | ||
|
2019-05-13 15:29:00 | North Korea-Linked \'ScarCruft\' Adds Bluetooth Harvester to Toolkit (lien direct) | A North Korea-linked threat group tracked as ScarCruft, APT37 and Group123 continues to evolve and expand its toolkit, Kaspersky Lab reported on Monday. | Threat Cloud | APT 37 | |
|
2019-05-10 06:11:04 | U.S. Government Details ELECTRICFISH Malware Used by North Korea (lien direct) | The U.S. Department of Homeland Security (DHS) on Thursday published a malware analysis report detailing another piece of malware used by threat actors linked to the North Korean government. | Malware Threat | ||
|
2019-05-07 16:41:01 | How the Life of a Security Threat Can Inform Your Defense Strategy (lien direct) | Despite many improvements to security technology, information sharing, ease-of-use, and reduction in cost over time, we have yet to see a meaningful reduction in breaches. Why? The answer may have something to do with how organizations respond to a breach beyond the moment it's discovered. | Threat | ||
|
2019-05-07 13:36:03 | Turla Uses Sophisticated Backdoor to Hijack Exchange Mail Servers (lien direct) | The Russia-linked threat group known as Turla has been using a sophisticated backdoor to hijack Microsoft Exchange mail servers, ESET reported on Tuesday. | Threat | ||
|
2019-04-10 08:55:04 | Triton Hackers Focus on Maintaining Access to Compromised Systems: FireEye (lien direct) | The tools and techniques used by the threat group behind the notorious Triton malware show that the hackers are focused on maintaining access to compromised systems, according to FireEye. | Malware Threat | ||
|
2019-04-09 15:36:04 | Get Ready for the First Wave of AI Malware (lien direct) | While viruses and malware have stubbornly stayed as a top-10 “things I lose sleep over as a CISO,” the overall threat has been steadily declining for a decade. Unfortunately, WannaCry, NotPetya, and an entourage of related self-propagating ransomware abruptly propelled malware back up the list and highlighted the risks brought by modern inter-networked business systems and the explosive growth of unmanaged devices. | Ransomware Malware Threat | NotPetya Wannacry | |
|
2019-04-09 14:26:01 | Duqu Remained Active After Operations Were Exposed in 2011 (lien direct) | The discovery of Duqu 1.5 shows that the threat actor behind the malware did not go dark - as previously believed - after their operations were exposed by security researchers in 2011. | Malware Threat | ||
|
2019-04-08 13:47:05 | Chat Services: Be Diligent With This Must-Have Data Source for Intelligence Programs (lien direct) | Deep & Dark Web (DDW) forums and marketplaces have long served as hubs for illicit activity and, consequently, as invaluable data sources for defenders looking to combat such activity. However, threat actors continue to be drawn to the immediacy-and in many cases, the enhanced security and privacy-of encrypted chat services such as Telegram and Discord. | Threat | ||
|
2019-04-04 15:40:05 | Build Versus Buy: Threat Intelligence and Digital Risk (lien direct) | An increasing reliance on online digital technologies, driven in no small part by the many operational benefits they deliver, has prompted organizations to consider investing in capabilities that protect against the digital risks that can often characterize their adoption. Unfortunately, when it comes to digital risk there is no universal remedy for establishing maturity. | Threat | ||
|
2019-03-27 15:55:03 | Nearly Half of ICS Devices Protected by Kaspersky Targeted in 2018 (lien direct) | Nearly half of the industrial control system (ICS) computers protected by Kaspersky Lab were targeted by malware and other threats in 2018, according to the company's latest industrial threat landscape report. | Malware Threat | ||
|
2019-03-27 13:32:02 | ASUS Patches Hijacked System Update Utility (lien direct) | ASUS says it has released a fix for the Live Update utility that threat actors abused in Operation ShadowHammer supply chain attack to deliver malware to hundreds of users. | Malware Threat | ||
|
2019-03-22 15:43:03 | Microsoft Launches Defender ATP Endpoint Security for macOS (lien direct) | Microsoft Brings Defender Advanced Threat Protection to macOS | Threat | ||
|
2019-03-21 19:33:02 | Threat Hunting Tips to Improve Security Operations (lien direct) | From Ferdinand Magellan to Lewis and Clark to Neil Armstrong – humans have an innate desire to understand the unknown. In security operations, we see this phenomenon every day in several forms, one of which is threat hunting. Threat hunting is not triggered by an event, but by the unknown. It is the practice of proactively and iteratively searching for abnormal indications within networks and systems. | Threat | ||
|
2019-03-15 15:50:03 | Hackers Bypass MFA on Cloud Accounts via IMAP Protocol (lien direct) | Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports. | Threat |
To see everything:
Our RSS (filtrered)
