What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-02 11:32:25 | Google Migrating Android to Memory-Safe Programming Languages (lien direct) | Google is seeing a significant decrease in memory safety issues in Android due to the progressive migration to memory-safe programming languages, such as Rust. | ★★★ | ||
|
2022-12-01 17:17:52 | Wipers Are Widening: Here\'s Why That Matters (lien direct) | In the first half of this year, researchers saw a rising trend of wiper malware being deployed in parallel with the Russia-Ukraine war. However, those wipers haven't stayed in one place – they're emerging globally, which underscores the fact that cybercrime knows no borders. | Malware | ★★★ | |
|
2022-12-01 15:40:48 | \'Schoolyard Bully\' Android Trojan Targeted Facebook Credentials of 300,000 Users (lien direct) | Mobile security firm Zimperium is warning of an Android trojan that may have stolen Facebook credentials from a large number of users. | ★★ | ||
|
2022-12-01 15:27:15 | Investors Double Down on Pangea Cyber API Security Bet (lien direct) | Pangea Cyber, an early stage startup working on technology in the API security services space, has banked $26 million in a new funding round led by Google Ventures. | ★★ | ||
|
2022-12-01 11:47:33 | GoTo, LastPass Notify Customers of New Data Breach Related to Previous Incident (lien direct) | LastPass, the company known for its popular password manager, and its affiliate, GoTo, are informing customers about a new data breach that appears to be related to a cybersecurity incident disclosed a few months ago. | Data Breach | LastPass | ★★ |
|
2022-12-01 09:22:15 | Vulnerabilities in Popular Keyboard and Mouse Android Apps Expose User Data (lien direct) | The Synopsys Cybersecurity Research Center (CyRC) is warning of multiple vulnerabilities found in three applications that allow Android users to use their device as a keyboard and mouse. | ★★★ | ||
|
2022-11-30 16:30:22 | One Year Later: Log4Shell Remediation Slow, Painful Slog (lien direct) | Almost exactly a year after the Log4Shell security crisis sent defenders scrambling to reduce attack surfaces, new data shows that remediation has been a long, slow, painful slog for most organizations around the world. | ★★★ | ||
|
2022-11-30 11:07:46 | Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives (lien direct) | A China-linked cyberespionage group tracked as UNC4191 has been observed using self-replicating malware on USB drives to infect targets, and the technique could allow them to steal data from air-gapped systems, Google-owned Mandiant reports. | Malware | ★★★ | |
|
2022-11-29 13:32:35 | Ransomware Gang Takes Credit for Maple Leaf Foods Hack (lien direct) | The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. | Ransomware Hack | ★★★ | |
|
2022-11-29 12:02:35 | Cybercriminals Selling Access to Networks Compromised via Recent Fortinet Vulnerability (lien direct) | Security researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical vulnerability in Fortinet products. | Vulnerability | ★★★ | |
|
2022-11-28 17:45:52 | Virginia County Confirms Personal Information Stolen in Ransomware Attack (lien direct) | Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. | Ransomware Threat | ★★★ | |
|
2022-11-28 17:02:26 | Project Zero Flags \'Patch Gap\' Problems on Android (lien direct) | Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. | ★★ | ||
|
2022-11-28 15:54:53 | Irish Regulator Fines Meta 265 Million Euros Over Data Breach (lien direct) | Ireland's data regulator on Monday slapped Facebook owner Meta with a 265-million-euro ($275-million) fine after details of more than half a billion users were leaked on a hacking website. | Data Breach | ★★★★ | |
|
2022-11-28 15:10:07 | Hack-for-Hire Group Targets Android Users With Malicious VPN Apps (lien direct) | A hack-for-hire group known as Bahamut has been targeting Android users with trojanized versions of legitimate VPN applications, ESET reports. | Bahamut Bahamut | ★★ | |
|
2022-11-28 12:48:49 | Twitter Data Breach Bigger Than Initially Reported (lien direct) | A massive Twitter data breach disclosed a few months ago appears to be bigger than initially reported. | Data Breach | ★★★ | |
|
2022-11-22 11:49:59 | Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue (lien direct) | An anonymous researcher has disclosed several methods that can be used to bypass some of the filters in Cisco's Secure Email Gateway appliance and deliver malware using specially crafted emails. | Malware | ★★★★ | |
|
2022-11-21 18:02:59 | California County Says Personal Information Compromised in Data Breach (lien direct) | The County of Tehama, California, has started informing employees, recipients of services, and affiliates that their personal information might have been compromised in a data breach. | Data Breach | ||
|
2022-11-18 12:31:59 | Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware (lien direct) | A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. | Malware Threat | ||
|
2022-11-18 12:06:24 | Omron PLC Vulnerability Exploited by Sophisticated ICS Malware (lien direct) | A critical vulnerability has not received the attention it deserves | Malware Vulnerability | ||
|
2022-11-18 10:29:12 | Hive Ransomware Gang Hits 1,300 Businesses, Makes $100 Million (lien direct) | The Hive ransomware gang has victimized more than 1,300 businesses, receiving over $100 million in ransom payments over the past year and a half, US government agencies say. | Ransomware | ||
|
2022-11-17 12:21:56 | Hundreds Infected With \'Wasp\' Stealer in Ongoing Supply Chain Attack (lien direct) | Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer. | |||
|
2022-11-17 09:39:05 | Magento Vulnerability Increasingly Exploited to Hack Online Stores (lien direct) | E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores. | Malware Hack Vulnerability | ||
|
2022-11-16 16:54:50 | Cyber Resilience: The New Strategy to Cope With Increased Threats (lien direct) | As part of last month's Cybersecurity Awareness Month, I was traveling around the globe to provide organizations actionable tips on how to strengthen their cybersecurity posture and allow for accelerated recovery from cyberattacks. Through my conversations with hundreds of analysts, system integrators, and secur | |||
|
2022-11-16 14:00:31 | Over 12,000 Cyber Incidents at DoD Since 2015, But Incident Management Still Lacking (lien direct) | The US Government Accountability Office (GAO) this week has published a report detailing issues identified in the Department of Defense's (DoD) cyber incident management processes. | |||
|
2022-11-16 11:57:42 | Google Ready to Roll Out Android Privacy Sandbox in Beta (lien direct) | Google this week announced plans to roll out Android Privacy Sandbox in beta starting early next year, delivering a more private advertising experience to mobile users. | |||
|
2022-11-16 10:54:15 | Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers (lien direct) | A team of researchers from the University of Michigan, University of Pennsylvania and NASA have identified a potentially serious vulnerability in networking technology used in spacecraft, aircraft, and industrial control systems. | Hack Vulnerability | ||
|
2022-11-15 15:07:54 | Zendesk Vulnerability Could Have Given Hackers Access to Customer Data (lien direct) | An SQL injection vulnerability in Zendesk Explore could have allowed a threat actor to leak Zendesk customer account information, data security firm Varonis reports. Zendesk Explore is the analytics and reporting service of Zendesk, a popular customer support software-as-a-service solution. | Vulnerability Threat | ||
|
2022-11-15 14:28:22 | Bishop Fox Adds $46 Million to Series B Funding Round (lien direct) | Continuous attack surface management pioneer Bishop Fox continues to attract the attention of investors with the banking of another $46 million in growth funding led by WestCap. | |||
|
2022-11-14 13:52:06 | Aiphone Intercom System Vulnerability Allows Hackers to Open Doors (lien direct) | A vulnerability in Aiphone intercom products allows attackers to breach the entry system and gain access to the building that uses it. Aiphone is one of the largest global manufacturers of intercom systems, including audio and video entry systems for residential and corporate buildings. | Vulnerability | ||
|
2022-11-14 11:59:07 | War \'Wake-up Call\' Spurs EU to Boost Cyber, Army Mobility (lien direct) | The European Union on Thursday unveiled new proposals to help its armies move faster in times of conflict and to boost cyber security, saying that Russia's war on Ukraine is a wake-up call to bolster Europe's defenses. | |||
|
2022-11-11 14:29:31 | Chinese Spyware Targets Uyghurs Through Apps: Report (lien direct) | Cybersecurity researchers said they have found evidence of Chinese spyware in Uyghur-language apps that can track the location and harvest the data of Uyghurs living in China and abroad. | |||
|
2022-11-11 12:18:29 | Google Pays $70k for Android Lock Screen Bypass (lien direct) | Google recently handed out a $70,000 bug bounty reward for an Android vulnerability leading to lock screen bypass, security researcher David Schutz says. | Vulnerability Guideline | ||
|
2022-11-10 11:30:18 | ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (lien direct) | Oil and gas flow computers and remote controllers made by Swiss industrial technology firm ABB are affected by a serious vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers, according to industrial cybersecurity firm Claroty. | Hack Vulnerability | ||
|
2022-11-09 19:18:30 | Microsoft Patches MotW Zero-Day Exploited for Malware Delivery (lien direct) | Microsoft's latest Patch Tuesday updates address six zero-day vulnerabilities, including one related to the Mark-of-the-Web (MotW) security feature that has been exploited by cybercriminals to deliver malware. | Malware | ||
|
2022-11-09 14:01:34 | Attackers Using IPFS for Distributed, Bulletproof Malware Hosting (lien direct) | The InterPlanetary File System (IPFS), considered one of the building blocks of web3, is increasingly being used to provide hidden bulletproof hosting for malware. “Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks,” say researchers at Cisco Talos. | Malware | ||
|
2022-11-09 11:20:55 | Google Reveals Spyware Vendor\'s Use of Samsung Phone Zero-Day Exploits (lien direct) | Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still had a zero-day status. | |||
|
2022-11-09 01:29:57 | Hackers Leak Australian Health Records on Dark Web (lien direct) | Hackers on Wednesday began leaking sensitive medical records stolen from an Australian health insurer with nearly 10 million customers, including the prime minister, after the firm refused to pay a ransom. | ★★ | ||
|
2022-11-08 12:28:40 | Google Patches High-Severity Privilege Escalation Vulnerabilities in Android (lien direct) | Rolling out this week, Android's November 2022 security updates patch over 40 vulnerabilities, including multiple high-severity escalation of privilege bugs. | ★★ | ||
|
2022-11-08 11:13:43 | Ransomware Gang Threatens to Publish Medibank Customer Information (lien direct) | On Monday, shortly after Australian health insurer Medibank said it will not pay a ransom following a recent cyberattack, the BlogXX/REvil ransomware gang threatened to make stolen Medibank customer information public. | Ransomware | ||
|
2022-11-07 18:14:23 | Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge (lien direct) | The world's largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. | Malware Threat | ||
|
2022-11-07 14:10:41 | SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach (lien direct) | Texas-based IT management solutions provider SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit over the data breach disclosed by the company in 2020. | Data Breach | ||
|
2022-11-07 13:38:48 | FBI Warns of Hacktivist DDoS Attacks, But Says Impact Limited (lien direct) | The Federal Bureau of Investigation (FBI) has issued an alert to encourage organizations to proactively implement distributed denial-of-service (DDoS) attack defenses in the wake of hacktivist assaults, but says incidents so far have had little impact. | |||
|
2022-11-07 11:27:43 | Nation-State Hacker Attacks on Critical Infrastructure Soar: Microsoft (lien direct) | According to Microsoft's 2022 Digital Defense Report, nation-state hacker attacks on critical infrastructure have soared, largely due to Russian cyber operations targeting Ukraine and its allies. | |||
|
2022-11-07 11:10:57 | Medibank Confirms Data Breach Impacts 9.7 Million Customers (lien direct) | Australian health insurer Medibank today confirmed that the data of 9.7 million customers was compromised in a recent cyberattack. The incident was identified on October 12, before threat actors could deploy file-encrypting ransomware, but not before they stole data from the company's systems. | Data Breach Threat | ||
|
2022-11-04 12:58:37 | Ransomware Group Threatens to Leak Data Stolen From Car Parts Giant Continental (lien direct) | The notorious LockBit ransomware group is threatening to publish files allegedly stolen from German car parts giant Continental. On its Tor-based leak website, the group says all files - the exact quantity of data or its type is not being specified - will be published on November 4, three hours after the publication of this article. | Ransomware | ||
|
2022-11-03 19:14:10 | Offense Gets the Glory, but Defense Wins the Game (lien direct) | When it comes to cybercriminals, defense evasion remains the top tactic globally. In fact, it was the most employed tactic by malware developers in the past six months – and they're often using system binary proxy execution to do so. Hiding malicious intentions is one of the most important actions for adversaries. Therefore, they are attempting to evade defenses by masking malicious intention and attempting to hide commands using a legitimate certificate. | Malware | ||
|
2022-11-03 10:14:02 | Over 250 US News Websites Deliver Malware via Supply Chain Attack (lien direct) | Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers. | Malware | ||
|
2022-11-02 14:03:34 | Religious Minority Persecuted in Iran Targeted With Sophisticated Android Spyware (lien direct) | Kaspersky is warning of a previously unknown espionage campaign targeting the Persian-speaking religious minority Bahaʼi with Android spyware. As part of the campaign, victims were lured to a VPN application claiming to provide access to Bahaʼi religious resources that are banned in Iran. | |||
|
2022-11-02 11:30:41 | Hackers Stole Source Code, Personal Data From Dropbox Following Phishing Attack (lien direct) | Dropbox revealed on November 1 that it recently suffered a data breach where malicious actors gained access to some source code and personal information belonging to employees and customers. | Data Breach | ||
|
2022-11-01 12:10:08 | Bed Bath & Beyond Investigating Data Breach After Employee Falls for Phishing Attack (lien direct) | Bed Bath & Beyond revealed last week in an SEC filing that it recently suffered a data breach after an employee fell victim to a phishing attack. | Data Breach |
To see everything:
Our RSS (filtrered)
