What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-02 15:10:19 | F5 Working on Patch for BIG-IP Flaw That Can Lead to DoS, Code Execution (lien direct) | >A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code. | Vulnerability | ★★★ | |
|
2023-02-02 12:28:04 | HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining (lien direct) | >The sophisticated HeadCrab malware has infected at least 1,200 Redis servers and abused them for cryptomining. | Malware | ★★ | |
|
2023-02-02 12:00:00 | Cyber Insights 2023: Ransomware (lien direct) | >The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions. | Ransomware | ★★ | |
|
2023-02-02 12:00:00 | Cyber Insights 2023: Quantum Computing and the Coming Cryptopocalypse (lien direct) | >The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor's algorithm to crack PKI encryption. | ★★ | ||
|
2023-02-02 12:00:00 | Cyber Insights 2023 | Supply Chain Security (lien direct) | >The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be remediated. | Threat | ★★ | |
|
2023-02-02 12:00:00 | Cyber Insights 2023: Regulations (lien direct) | >The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often in conflict with the second and third. | ★★ | ||
|
2023-02-02 11:25:30 | EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft (lien direct) | >Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information. | ★★ | ||
|
2023-02-01 15:18:54 | Dutch, European Hospitals \'Hit by Pro-Russian Hackers\' (lien direct) | Dutch cyber authorities said several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries' support for Ukraine. | ★★ | ||
|
2023-02-01 14:32:07 | Ransomware Leads to Nantucket Public Schools Shutdown (lien direct) | >Nantucket's public schools shut its doors to students and teachers after a data encryption and extortion attack on its computer systems. | Ransomware | ★★ | |
|
2023-02-01 12:32:01 | Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data (lien direct) | >The Prilex point-of-sale (PoS) malware has been modified to block contactless transactions to force the insertion of credit cards and steal their information. | Malware | ★★★★ | |
|
2023-02-01 12:00:00 | Cyber Insights 2023: Criminal Gangs (lien direct) | >Despite some geopolitical overlaps with state attackers, the majority of cyberattacks still come from simple – or perhaps sophisticated – criminals who are more motivated by money than politics. | Studies | ★★★ | |
|
2023-02-01 12:00:00 | Cyber Insights 2023: The Geopolitical Effect (lien direct) | >While cyber eyes are trained on Russia, we should remember that it is not the West's only cyber adversary. China, Iran, and North Korea will all increase their activity through 2023 under cover of the European war. | ★★★ | ||
|
2023-02-01 12:00:00 | Cyber Insights 2023: ICS and Operational Technology (lien direct) | >The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while cybercriminals have had their restraints reduced. | Industrial | Equifax | ★★★ |
|
2023-02-01 10:38:16 | Google Fi Data Breach Reportedly Led to SIM Swapping (lien direct) | >Google Fi informs customers about a data breach related to the recent T-Mobile cyberattack and some users claim they were targeted in a SIM swapping attack | Data Breach | ★★★ | |
|
2023-01-31 15:30:00 | Cyber Insights 2023: Attack Surface Management (lien direct) | >Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn't seek to protect everything, but concentrates on areas of IT infrastructure that can be attacked. | ★★★ | ||
|
2023-01-31 15:30:00 | Cyber Insights 2023: Artificial Intelligence (lien direct) | >The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool for beneficial improvement is still unknown. | Tool | ★★★ | |
|
2023-01-31 15:30:00 | Cyber Insights 2023: Cyberinsurance (lien direct) | >The question for 2023 and beyond is whether the cyberinsurance industry can make a profit without destroying its market. | ★★ | ||
|
2023-01-31 14:45:17 | Microsoft\'s Verified Publisher Status Abused in Email Theft Campaign (lien direct) | Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft's 'verified publisher' status. | ★★ | ||
|
2023-01-30 16:17:49 | British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers (lien direct) | JD Sports discovers unauthorized access to information from orders placed by customers between 2018 and 2020. | Data Breach | ★★★ | |
|
2023-01-30 12:03:49 | Russia-Linked APT29 Uses New Malware in Embassy Attacks (lien direct) | >Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks. | Malware | APT 29 | ★★ |
|
2023-01-30 11:34:58 | Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability (lien direct) | >A researcher has disclosed the details of a 2FA bypass vulnerability affecting Instagram and Facebook. | Vulnerability | ★★★ | |
|
2023-01-27 14:06:35 | BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws (lien direct) | >The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS). | Guideline | ★★★ | |
|
2023-01-26 14:49:02 | 820k Impacted by Data Breach at Zacks Investment Research (lien direct) | >Zacks Investment Research is informing 820,000 individuals that their personal data was compromised in a data breach. | Data Breach | ★★ | |
|
2023-01-25 15:21:42 | North Korean APT Expands Its Attack Repertoire (lien direct) | >The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by other hackers. | ★★ | ||
|
2023-01-25 12:00:00 | Password Dependency: How to Break the Cycle (lien direct) | >Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That's why it's so critical to break the password dependency cycle. But how can this be done? | Hack | ★ | |
|
2023-01-25 10:31:18 | Riot Games Says Source Code Stolen in Ransomware Attack (lien direct) | >Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack | Ransomware | ★ | |
|
2023-01-24 12:03:34 | Zendesk Hacked After Employees Fall for Phishing Attack (lien direct) | >Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company's employees. | Data Breach | ★★ | |
|
2023-01-23 13:49:12 | NSA Publishes Security Guidance for Organizations Transitioning to IPv6 (lien direct) | The National Security Agency (NSA) has published guidance to help the Department of Defense (DoD) and other system administrators identify and mitigate cyber risks associated with transitioning to Internet Protocol version 6 (IPv6). | ★★ | ||
|
2023-01-23 12:10:54 | Companies Impacted by Recent Mailchimp Breach Start Notifying Customers (lien direct) | Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation. | Data Breach | ★★ | |
|
2023-01-23 11:52:59 | Mississippi Creates New Cyber Unit, Names 1st Director (lien direct) | A new unit to handle cybersecurity in Mississippi is in place and has its first director. | ★ | ||
|
2023-01-20 14:29:45 | In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences (lien direct) | Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. | Vulnerability Threat | ★★ | |
|
2023-01-20 14:03:11 | Sophisticated \'VastFlux\' Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted (lien direct) | A sophisticated ad fraud scheme that spoofed over 1,700 applications and 120 publishers peaked at 12 billion ad requests per day before being taken down, bot attack prevention firm Human says. | ★★★ | ||
|
2023-01-20 11:12:05 | Ransomware Revenue Plunged in 2022 as More Victims Refuse to Pay Up: Report (lien direct) | Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands, according to data from Chainalysis. | Ransomware | ★ | |
|
2023-01-20 10:44:51 | A Change in Mindset: From a Threat-based to Risk-based Approach to Security (lien direct) | Bad actors find themselves at a constant advantage. They can determine when, where, and how they will attack an enterprise, using time and patience to pick the moment they want to strike. | ★ | ||
|
2023-01-20 10:25:55 | Ransomware Shuts Hundreds of Yum Brands Restaurants in UK (lien direct) | A ransomware attack forced the parent company of KFC and Taco Bell to close several hundred restaurants in the United Kingdom this week. A government filing posted Thursday says the attack impacted information technology systems. Yum Brands said the attackers took company data, but that there is no evidence customer data was stolen. | Ransomware | ★ | |
|
2023-01-20 01:01:01 | T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts (lien direct) | Wireless carrier T-Mobile on Thursday fessed up to another massive data breach affecting approximately 37 million current postpaid and prepaid customer accounts. | Data Breach | ★★★ | |
|
2023-01-19 16:26:49 | Meta Slapped With 5.5 Million Euro Fine for EU Data Breach (lien direct) | Social media giant Meta has been fined an additional 5.5 million euros ($5.9 million) for violating EU data protection regulations with its instant messaging platform WhatsApp, Ireland's regulator announced Thursday. | Data Breach | ★★ | |
|
2023-01-19 14:05:26 | Credential Leakage Fueling Rise in API Breaches (lien direct) | There is a problem with API security – it isn't working very well, and it's largely down to credential leakage. Most security professionals are confident in their own API credential management; but at the same time, most of the same professionals admit to having experienced a breach effected through compromised API credentials. | ★★★ | ||
|
2023-01-18 11:55:20 | 18k Nissan Customers Affected by Data Breach at Third-Party Software Developer (lien direct) | Nissan North America is informing roughly 18,000 customers that their personal information was exposed in a data breach at a third-party services provider. The breach occurred after data provided by Nissan to the services provider was inadvertently exposed on the internet, the company notes in a notification letter sent to the impacted customers. | Data Breach | ★★ | |
|
2023-01-18 11:18:16 | Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels (lien direct) | 
Norway-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
|
Ransomware Industrial | ★★ | |
|
2023-01-17 14:26:27 | PyPI Users Targeted With \'Wacatac\' Trojan in New Supply Chain Attack (lien direct) | Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload. | ★★★ | ||
|
2023-01-17 13:09:56 | Attackers Can Abuse GitHub Codespaces for Malware Delivery (lien direct) | A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery, Trend Micro reports. | Malware Prediction | ★ | |
|
2023-01-16 13:18:41 | Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems (lien direct) | The US Department of Defense (DoD) is getting ready to launch the third installment of its 'Hack the Pentagon' bug bounty program, which will focus on the Facility Related Controls System (FRCS) network. | Hack | ★★★ | |
|
2023-01-16 11:53:44 | CircleCI Hacked via Malware on Employee Laptop (lien direct) | Software development service CircleCI has revealed that a recently disclosed data breach was the result of information stealer malware being deployed on an engineer's laptop. The incident was initially disclosed on January 4, when CircleCI urged customers to rotate their secret keys. | Data Breach Malware | ★★★ | |
|
2023-01-16 11:14:57 | Cybersecurity Experts Cast Doubt on Hackers\' ICS Ransomware Claims (lien direct) | A hacktivist group has made bold claims regarding an attack on an industrial control system (ICS) device, but industry professionals have questioned their claims. | Ransomware Industrial | ★★ | |
|
2023-01-13 11:21:01 | Fortinet Says Recently Patched Vulnerability Exploited to Hack Governments (lien direct) | Fortinet reported this week that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations. The security hole impacts the FortiOS SSL-VPN and it can allow a remote, unauthenticated hacker to execute arbitrary code or commands using specially crafted requests. | Hack Vulnerability | ★★★ | |
|
2023-01-12 13:40:37 | The Guardian Confirms Personal Information Compromised in Ransomware Attack (lien direct) | British news organization The Guardian has confirmed that personal information was compromised in a ransomware attack in December 2022. | Ransomware | ★★★ | |
|
2023-01-12 11:16:48 | Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers (lien direct) | Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit. | Hack Vulnerability | ★★ | |
|
2023-01-11 17:35:13 | Cyber Incident Hits UK Postal Service, Halts Overseas Mail (lien direct) | Britain's postal service said it was hit Wednesday by a “cyber incident” that is temporarily preventing it from sending letters or parcels to other countries. | ★★ | ||
|
2023-01-11 16:12:31 | Red Hat Announces General Availability of Malware Detection Service (lien direct) | Red Hat announced on Tuesday the general availability of a malware detection service for Red Hat Enterprise Linux (RHEL) systems. | Malware | ★★ |
To see everything:
Our RSS (filtrered)
