What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-20 14:29:45 | In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences (lien direct) | Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. | Vulnerability Threat | ★★ | |
|
2023-01-06 15:55:53 | XDR and the Age-old Problem of Alert Fatigue (lien direct) | XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture | Threat | ★★★ | |
|
2023-01-06 13:36:58 | Russian Turla Cyberspies Leveraged Other Hackers\' USB-Delivered Malware (lien direct) | In a recent attack against a Ukrainian organization, Russian state-sponsored threat actor Turla leveraged legacy Andromeda malware likely deployed by other hackers via an infected USB drive, Mandiant reports. | Malware Threat | ★★ | |
|
2022-12-22 09:27:59 | Godfather Android Banking Trojan Targeting Over 400 Applications (lien direct) | The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries, threat intelligence firm Group-IB warns. | Threat | ★★★ | |
|
2022-12-15 12:56:02 | Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG (lien direct) | Australia's TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers. The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG. | Hack Threat | ★★ | |
|
2022-12-08 13:36:43 | Iranian Hackers Deliver New \'Fantasy\' Wiper to Diamond Industry via Supply Chain Attack (lien direct) | An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong Kong, cybersecurity firm ESET reports. | Threat | ★★ | |
|
2022-11-28 17:45:52 | Virginia County Confirms Personal Information Stolen in Ransomware Attack (lien direct) | Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. | Ransomware Threat | ★★★ | |
|
2022-11-18 12:31:59 | Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware (lien direct) | A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. | Malware Threat | ||
|
2022-11-15 15:07:54 | Zendesk Vulnerability Could Have Given Hackers Access to Customer Data (lien direct) | An SQL injection vulnerability in Zendesk Explore could have allowed a threat actor to leak Zendesk customer account information, data security firm Varonis reports. Zendesk Explore is the analytics and reporting service of Zendesk, a popular customer support software-as-a-service solution. | Vulnerability Threat | ||
|
2022-11-07 18:14:23 | Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge (lien direct) | The world's largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. | Malware Threat | ||
|
2022-11-07 11:10:57 | Medibank Confirms Data Breach Impacts 9.7 Million Customers (lien direct) | Australian health insurer Medibank today confirmed that the data of 9.7 million customers was compromised in a recent cyberattack. The incident was identified on October 12, before threat actors could deploy file-encrypting ransomware, but not before they stole data from the company's systems. | Data Breach Threat | ||
|
2022-10-05 10:30:15 | US Government Details Tools Used by APTs in Defense Organization Attack (lien direct) | The NSA, FBI and CISA have issued an alert describing the tools and techniques used by advanced persistent threat (APT) actors in an attack aimed at an unnamed defense industrial base organization in the United States. | Threat | ||
|
2022-09-27 18:44:39 | Researchers Crowdsourcing Effort to Identify Mysterious Metador APT (lien direct) | Cybersecurity sleuths at SentinelLabs are calling on the wider threat hunting community to help decipher a new mysterious malware campaign hitting telcos, ISPs and universities in the Middle East and Africa. | Malware Threat | ||
|
2022-09-27 13:24:21 | New Infostealer Malware \'Erbium\' Offered as MaaS for Thousands of Dollars (lien direct) | Security researchers are warning of a new information stealer named Erbium being distributed under the Malware-as-a-Service (MaaS) model. The threat made its initial appearance in late July, when a Russian speaking threat actor started advertising it on a dark web forum. | Malware Threat | ||
|
2022-09-20 12:34:22 | American Airlines Says Personal Data Exposed After Email Phishing Attack (lien direct) | American Airlines is informing some customers that their personal information may have been compromised after threat actors gained access to employee email accounts. | Threat | ||
|
2022-09-01 14:29:19 | Hardcoded AWS Credentials in 1,800 Mobile Apps Highlight Supply Chain Issues (lien direct) | Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with poor security practices. While Symantec's threat hunting team has looked at both Android and iOS apps, nearly all of the applications containing hardcoded credentials were developed for iOS. | Threat | ||
|
2022-09-01 12:59:12 | Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack (lien direct) | The Ragnar Locker ransomware gang says it has exfiltrated customer data in a cyberattack on Portuguese state-owned flag carrier airline TAP Air Portugal. The incident was initially disclosed on August 26, when TAP announced on Twitter that it managed to foil the cyberattack before the threat actor could access any customer data. | Ransomware Hack Threat | ||
|
2022-08-24 15:39:43 | New Air Gap-Jumping Attack Uses Ultrasonic Tones and Smartphone Gyroscope (lien direct) | A researcher from the Ben-Gurion University of the Negev in Israel has shown how a threat actor could stealthily exfiltrate data from air-gapped computers using ultrasonic tones and smartphone gyroscopes. | Threat | ||
|
2022-08-19 13:44:03 | China\'s Winnti Group Hacked at Least 13 Organizations in 2021: Security Firm (lien direct) | Chinese state-sponsored threat group Winnti compromised at least 13 organizations globally in 2021, spanning across multiple sectors, cybersecurity firm Group-IB says. | Threat | ||
|
2022-08-19 13:08:25 | Ransomware Group Threatens to Leak Data Stolen From Security Firm Entrust (lien direct) | LockBit ransomware threat actors have taken credit for the recent attack on cybersecurity firm Entrust and they are threatening to leak the stolen files. | Ransomware Threat | ||
|
2022-08-18 14:49:49 | Russian Use of Cyberweapons in Ukraine and the Growing Threat to the West (lien direct) | 
|
Threat | ||
|
2022-08-18 12:54:17 | North Korean Hackers Use Fake Job Offers to Deliver New macOS Malware (lien direct) | Researchers with cybersecurity company ESET have observed a new macOS malware sample developed by the infamous North Korean advanced persistent threat (APT) actor Lazarus. | Malware Threat | APT 38 | |
|
2022-08-16 11:09:42 | Signal Discloses Impact From Twilio Hack (lien direct) | Secure communications services provider Signal on Monday disclosed impact from the recent Twilio hack, after threat actors attempted to re-register the phone numbers of some of its users to new devices. | Hack Threat | ||
|
2022-08-11 17:44:56 | Cisco Patches High-Severity Vulnerability in Security Solutions (lien direct) | Cisco this week announced the release of patches for a high-severity vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that could allow an unauthenticated attacker to leak an RSA private key. | Vulnerability Threat | ||
|
2022-08-04 10:33:22 | VirusTotal Data Shows How Malware Distribution Leverages Legitimate Sites, Apps (lien direct) | Google-owned malware analysis service VirusTotal has published a report showing how threat actors abuse trust to bypass defenses and deliver their malware. According to data collected by VirusTotal, legitimate websites and applications are often leveraged for malware delivery. | Malware Threat | ||
|
2022-07-28 19:10:37 | Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants (lien direct) | Cybersecurity professionals from Google's threat hunting unit and the University of Toronto's Citizen Lab are upping the pressure on mercenary hacking firms selling high-end surveillance spyware with fresh calls for the U.S. government to urgently clamp down on these businesses. | Threat | ||
|
2022-07-20 15:03:45 | Google, EU Warn of Malicious Russian Cyber Activity (lien direct) | Russia-linked Turla threat actor spotted using Android malware for first time Google and the European Union have issued separate warnings this week over Russian cyberattacks and misinformation campaigns. | Malware Threat | ||
|
2022-07-19 13:20:21 | Ongoing \'Roaming Mantis\' Smishing Campaign Hits Over 70,000 Users in France (lien direct) | A Chinese threat actor named Roaming Mantis has been targeting Android users in France with the MoqHao malware in a new smishing campaign, security researchers with Sekoia warn. | Malware Threat | ||
|
2022-07-18 12:10:24 | PLC and HMI Password Cracking Tools Deliver Malware (lien direct) | Tools advertised as being capable of cracking passwords for HMIs, PLCs and other industrial products have been found to exploit a zero-day vulnerability, and threat actors are using these tools to deliver malware. | Malware Threat | ||
|
2022-07-07 12:34:33 | US: North Korean Hackers Targeting Healthcare Sector With Maui Ransomware (lien direct) | US government agencies this week issued a joint advisory to warn of North Korean threat actors using the Maui ransomware in attacks targeting the healthcare and public health sector. | Ransomware Threat | ||
|
2022-07-07 10:01:47 | Marriott Confirms Small-Scale Data Breach (lien direct) | International hotel chain Marriott has confirmed that an unknown threat actor has accessed data on a computer at one of its hotels. | Data Breach Threat | ||
|
2022-06-30 12:31:52 | SOHO Routers in North America and Europe Targeted With \'ZuoRAT\' Malware (lien direct) | A remote access trojan (RAT) targeting small office/home office (SOHO) devices has remained undetected for nearly two years, according to security researchers with Black Lotus Labs, the threat intelligence arm of Lumen Technologies. | Malware Threat | ||
|
2022-06-28 14:21:59 | Chinese Threat Actor Targets Rare Earth Mining Companies in North America, Australia (lien direct) | Mandiant's security researchers have been tracking influence campaigns that a Chinese threat actor named Dragonbridge has been conducting against rare earth mining companies in Australia, Canada, and the United States. | Threat | ||
|
2022-06-24 12:21:16 | Black Basta Ransomware Becomes Major Threat in Two Months (lien direct) | 
|
Ransomware Threat | ||
|
2022-06-24 10:30:56 | US Agencies Warn Organizations of Log4Shell Attacks Against VMware Products (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers. | Vulnerability Threat | ★★ | |
|
2022-06-23 14:27:35 | Security Orchestration: Beware of the Hidden Financial Costs (lien direct) | Among the many improvements in cybersecurity technology and tools we've seen over the last few years, one of the most significant has been the inclusion of security automation and orchestration capabilities in solution categories beyond SOAR platforms. SIEM providers acquired stand-alone SOAR platforms, and endpoint detection and response (EDR) solutions broadened to include automation and orchestration capabilities to accelerate threat detection and response. | Tool Threat | ★★★★★ | |
|
2022-06-22 10:28:39 | New \'ToddyCat\' APT Targets High-Profile Entities in Europe, Asia (lien direct) | Kaspersky has detailed the activity of ToddyCat, a relatively new advanced persistent threat (ATP) actor that has been targeting high-profile entities in Europe and Asia for more than a year and a half. | Threat | ||
|
2022-06-21 13:04:25 | Flagstar Bank Data Breach Affects 1.5 Million Customers (lien direct) | Michigan-based Flagstar Bank, which has more than 150 branches across several US states, has disclosed a data breach that involved threat actors accessing files containing the personal information of 1.5 million individuals. | Data Breach Threat | ||
|
2022-06-20 10:10:17 | Breach at Eye Care Software Vendor Hits Millions of Patients (lien direct) | The personal information of millions of individuals may have been stolen by threat actors as a result of a data breach at Eye Care Leaders, a firm that provides electronic health record and practice management solutions. | Data Breach Threat Guideline | ||
|
2022-06-17 10:27:04 | Costa Rica Chaos a Warning That Ransomware Threat Remains (lien direct) | Teachers unable to get paychecks. Tax and customs systems paralyzed. Health officials unable to access medical records or track the spread of COVID-19. A country's president declaring war against foreign hackers saying they want to overthrow the government. | Ransomware Threat | ||
|
2022-06-16 10:21:43 | Using the Defense Readiness Index to Improve Security Team Skills (lien direct) | The challenges organizations face in developing cyber skills have never been more acute. Too often, security teams find themselves locked into reactive modes, continuously responding to immediate threats without being afforded the time to learn from them, so there's no opportunity to cross-train and upskill is missed. | Threat | ||
|
2022-06-15 09:04:08 | Microsoft to Acquire Cyber Threat Analysis Company Miburo (lien direct) | Microsoft on Tuesday announced that it's acquiring Miburo, a New York-based cyber threat analysis and research company that specializes in foreign information operations. Miburo provides analysis, consulting and training services. The startup's research team detects and attributes influence campaigns across over a dozen languages. | Threat | ★★★★★ | |
|
2022-06-14 12:10:06 | Chinese Cyberespionage Group Starts Using New \'PingPull\' Malware (lien direct) | A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports. | Malware Threat | ||
|
2022-06-13 11:09:48 | Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability (lien direct) | A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft. | Vulnerability Threat | ||
|
2022-06-10 13:46:32 | 38 Tech Leaders Sign Cyber Resilience Pledge (lien direct) | The Coalition to Reduce Cyber Risk (CR2) announced this week that it has been joined by 37 organizations across eight countries in signing a pledge to improve cyber resilience and combat threats such as ransomware. | Threat | ★★★★★ | |
|
2022-06-09 13:00:28 | US Details Chinese Attacks Against Telecoms Providers (lien direct) | Several US government agencies have issued a joint cybersecurity advisory to provide information on the techniques and tactics that China-linked threat actors have been using to compromise telecom companies and network services providers. | Threat | ||
|
2022-06-08 16:28:56 | Snowflake Launches Cybersecurity Workload to Find Threats Across Massive Data Sets (lien direct) | Data cloud company Snowflake (NYSE: SNOW) is the latest enterprise technology firm looking to help fuel the massive data lakes that power enterprise security programs. | Threat | ||
|
2022-06-03 12:17:57 | Lebanese Threat Actor \'Polonium\' Targets Israeli Organizations (lien direct) | Microsoft says it has uncovered and disabled the OneDrive infrastructure of a Lebanon-based threat actor targeting organizations in Israel. | Threat | ||
|
2022-06-03 10:00:06 | Atlassian Confluence Servers Hacked via Zero-Day Vulnerability (lien direct) | Atlassian scrambling to patch Confluence Server zero-day exploited by multiple threat groups Atlassian customers have been warned that hackers are exploiting a Confluence Server zero-day vulnerability. The flaw is currently unpatched and it appears to have been exploited by multiple threat groups. | Vulnerability Threat | ||
|
2022-06-01 15:32:22 | ReliaQuest to Buy Digital Shadows for $160 Million (lien direct) | Fresh off a $300 million funding round and a billion-dollar valuation, security operations vendor ReliaQuest on Wednesday announced plans to acquire threat intelligence startup Digital Shadows in a deal valued at $160 million. | Threat |
To see everything:
Our RSS (filtrered)
