What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-29 12:02:35 | Cybercriminals Selling Access to Networks Compromised via Recent Fortinet Vulnerability (lien direct) | Security researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical vulnerability in Fortinet products. | Vulnerability | ★★★ | |
|
2022-11-28 17:45:52 | Virginia County Confirms Personal Information Stolen in Ransomware Attack (lien direct) | Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. | Ransomware Threat | ★★★ | |
|
2022-11-28 17:02:26 | Project Zero Flags \'Patch Gap\' Problems on Android (lien direct) | Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. | ★★ | ||
|
2022-11-28 15:54:53 | Irish Regulator Fines Meta 265 Million Euros Over Data Breach (lien direct) | Ireland's data regulator on Monday slapped Facebook owner Meta with a 265-million-euro ($275-million) fine after details of more than half a billion users were leaked on a hacking website. | Data Breach | ★★★★ | |
|
2022-11-28 15:10:07 | Hack-for-Hire Group Targets Android Users With Malicious VPN Apps (lien direct) | A hack-for-hire group known as Bahamut has been targeting Android users with trojanized versions of legitimate VPN applications, ESET reports. | Bahamut Bahamut | ★★ | |
|
2022-11-28 12:48:49 | Twitter Data Breach Bigger Than Initially Reported (lien direct) | A massive Twitter data breach disclosed a few months ago appears to be bigger than initially reported. | Data Breach | ★★★ | |
|
2022-11-22 11:49:59 | Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue (lien direct) | An anonymous researcher has disclosed several methods that can be used to bypass some of the filters in Cisco's Secure Email Gateway appliance and deliver malware using specially crafted emails. | Malware | ★★★★ | |
|
2022-11-21 18:02:59 | California County Says Personal Information Compromised in Data Breach (lien direct) | The County of Tehama, California, has started informing employees, recipients of services, and affiliates that their personal information might have been compromised in a data breach. | Data Breach | ||
|
2022-11-18 12:31:59 | Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware (lien direct) | A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. | Malware Threat | ||
|
2022-11-18 12:06:24 | Omron PLC Vulnerability Exploited by Sophisticated ICS Malware (lien direct) | A critical vulnerability has not received the attention it deserves | Malware Vulnerability | ||
|
2022-11-18 10:29:12 | Hive Ransomware Gang Hits 1,300 Businesses, Makes $100 Million (lien direct) | The Hive ransomware gang has victimized more than 1,300 businesses, receiving over $100 million in ransom payments over the past year and a half, US government agencies say. | Ransomware | ||
|
2022-11-17 12:21:56 | Hundreds Infected With \'Wasp\' Stealer in Ongoing Supply Chain Attack (lien direct) | Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer. | |||
|
2022-11-17 09:39:05 | Magento Vulnerability Increasingly Exploited to Hack Online Stores (lien direct) | E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores. | Malware Hack Vulnerability | ||
|
2022-11-16 16:54:50 | Cyber Resilience: The New Strategy to Cope With Increased Threats (lien direct) | As part of last month's Cybersecurity Awareness Month, I was traveling around the globe to provide organizations actionable tips on how to strengthen their cybersecurity posture and allow for accelerated recovery from cyberattacks. Through my conversations with hundreds of analysts, system integrators, and secur | |||
|
2022-11-16 14:00:31 | Over 12,000 Cyber Incidents at DoD Since 2015, But Incident Management Still Lacking (lien direct) | The US Government Accountability Office (GAO) this week has published a report detailing issues identified in the Department of Defense's (DoD) cyber incident management processes. | |||
|
2022-11-16 11:57:42 | Google Ready to Roll Out Android Privacy Sandbox in Beta (lien direct) | Google this week announced plans to roll out Android Privacy Sandbox in beta starting early next year, delivering a more private advertising experience to mobile users. | |||
|
2022-11-16 10:54:15 | Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers (lien direct) | A team of researchers from the University of Michigan, University of Pennsylvania and NASA have identified a potentially serious vulnerability in networking technology used in spacecraft, aircraft, and industrial control systems. | Hack Vulnerability | ||
|
2022-11-15 15:07:54 | Zendesk Vulnerability Could Have Given Hackers Access to Customer Data (lien direct) | An SQL injection vulnerability in Zendesk Explore could have allowed a threat actor to leak Zendesk customer account information, data security firm Varonis reports. Zendesk Explore is the analytics and reporting service of Zendesk, a popular customer support software-as-a-service solution. | Vulnerability Threat | ||
|
2022-11-15 14:28:22 | Bishop Fox Adds $46 Million to Series B Funding Round (lien direct) | Continuous attack surface management pioneer Bishop Fox continues to attract the attention of investors with the banking of another $46 million in growth funding led by WestCap. | |||
|
2022-11-14 13:52:06 | Aiphone Intercom System Vulnerability Allows Hackers to Open Doors (lien direct) | A vulnerability in Aiphone intercom products allows attackers to breach the entry system and gain access to the building that uses it. Aiphone is one of the largest global manufacturers of intercom systems, including audio and video entry systems for residential and corporate buildings. | Vulnerability | ||
|
2022-11-14 11:59:07 | War \'Wake-up Call\' Spurs EU to Boost Cyber, Army Mobility (lien direct) | The European Union on Thursday unveiled new proposals to help its armies move faster in times of conflict and to boost cyber security, saying that Russia's war on Ukraine is a wake-up call to bolster Europe's defenses. | |||
|
2022-11-11 14:29:31 | Chinese Spyware Targets Uyghurs Through Apps: Report (lien direct) | Cybersecurity researchers said they have found evidence of Chinese spyware in Uyghur-language apps that can track the location and harvest the data of Uyghurs living in China and abroad. | |||
|
2022-11-11 12:18:29 | Google Pays $70k for Android Lock Screen Bypass (lien direct) | Google recently handed out a $70,000 bug bounty reward for an Android vulnerability leading to lock screen bypass, security researcher David Schutz says. | Vulnerability Guideline | ||
|
2022-11-10 11:30:18 | ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (lien direct) | Oil and gas flow computers and remote controllers made by Swiss industrial technology firm ABB are affected by a serious vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers, according to industrial cybersecurity firm Claroty. | Hack Vulnerability | ||
|
2022-11-09 19:18:30 | Microsoft Patches MotW Zero-Day Exploited for Malware Delivery (lien direct) | Microsoft's latest Patch Tuesday updates address six zero-day vulnerabilities, including one related to the Mark-of-the-Web (MotW) security feature that has been exploited by cybercriminals to deliver malware. | Malware | ||
|
2022-11-09 14:01:34 | Attackers Using IPFS for Distributed, Bulletproof Malware Hosting (lien direct) | The InterPlanetary File System (IPFS), considered one of the building blocks of web3, is increasingly being used to provide hidden bulletproof hosting for malware. “Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks,” say researchers at Cisco Talos. | Malware | ||
|
2022-11-09 11:20:55 | Google Reveals Spyware Vendor\'s Use of Samsung Phone Zero-Day Exploits (lien direct) | Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still had a zero-day status. | |||
|
2022-11-09 01:29:57 | Hackers Leak Australian Health Records on Dark Web (lien direct) | Hackers on Wednesday began leaking sensitive medical records stolen from an Australian health insurer with nearly 10 million customers, including the prime minister, after the firm refused to pay a ransom. | ★★ | ||
|
2022-11-08 12:28:40 | Google Patches High-Severity Privilege Escalation Vulnerabilities in Android (lien direct) | Rolling out this week, Android's November 2022 security updates patch over 40 vulnerabilities, including multiple high-severity escalation of privilege bugs. | ★★ | ||
|
2022-11-08 11:13:43 | Ransomware Gang Threatens to Publish Medibank Customer Information (lien direct) | On Monday, shortly after Australian health insurer Medibank said it will not pay a ransom following a recent cyberattack, the BlogXX/REvil ransomware gang threatened to make stolen Medibank customer information public. | Ransomware | ||
|
2022-11-07 18:14:23 | Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge (lien direct) | The world's largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. | Malware Threat | ||
|
2022-11-07 14:10:41 | SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach (lien direct) | Texas-based IT management solutions provider SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit over the data breach disclosed by the company in 2020. | Data Breach | ||
|
2022-11-07 13:38:48 | FBI Warns of Hacktivist DDoS Attacks, But Says Impact Limited (lien direct) | The Federal Bureau of Investigation (FBI) has issued an alert to encourage organizations to proactively implement distributed denial-of-service (DDoS) attack defenses in the wake of hacktivist assaults, but says incidents so far have had little impact. | |||
|
2022-11-07 11:27:43 | Nation-State Hacker Attacks on Critical Infrastructure Soar: Microsoft (lien direct) | According to Microsoft's 2022 Digital Defense Report, nation-state hacker attacks on critical infrastructure have soared, largely due to Russian cyber operations targeting Ukraine and its allies. | |||
|
2022-11-07 11:10:57 | Medibank Confirms Data Breach Impacts 9.7 Million Customers (lien direct) | Australian health insurer Medibank today confirmed that the data of 9.7 million customers was compromised in a recent cyberattack. The incident was identified on October 12, before threat actors could deploy file-encrypting ransomware, but not before they stole data from the company's systems. | Data Breach Threat | ||
|
2022-11-04 12:58:37 | Ransomware Group Threatens to Leak Data Stolen From Car Parts Giant Continental (lien direct) | The notorious LockBit ransomware group is threatening to publish files allegedly stolen from German car parts giant Continental. On its Tor-based leak website, the group says all files - the exact quantity of data or its type is not being specified - will be published on November 4, three hours after the publication of this article. | Ransomware | ||
|
2022-11-03 19:14:10 | Offense Gets the Glory, but Defense Wins the Game (lien direct) | When it comes to cybercriminals, defense evasion remains the top tactic globally. In fact, it was the most employed tactic by malware developers in the past six months – and they're often using system binary proxy execution to do so. Hiding malicious intentions is one of the most important actions for adversaries. Therefore, they are attempting to evade defenses by masking malicious intention and attempting to hide commands using a legitimate certificate. | Malware | ||
|
2022-11-03 10:14:02 | Over 250 US News Websites Deliver Malware via Supply Chain Attack (lien direct) | Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers. | Malware | ||
|
2022-11-02 14:03:34 | Religious Minority Persecuted in Iran Targeted With Sophisticated Android Spyware (lien direct) | Kaspersky is warning of a previously unknown espionage campaign targeting the Persian-speaking religious minority Bahaʼi with Android spyware. As part of the campaign, victims were lured to a VPN application claiming to provide access to Bahaʼi religious resources that are banned in Iran. | |||
|
2022-11-02 11:30:41 | Hackers Stole Source Code, Personal Data From Dropbox Following Phishing Attack (lien direct) | Dropbox revealed on November 1 that it recently suffered a data breach where malicious actors gained access to some source code and personal information belonging to employees and customers. | Data Breach | ||
|
2022-11-01 12:10:08 | Bed Bath & Beyond Investigating Data Breach After Employee Falls for Phishing Attack (lien direct) | Bed Bath & Beyond revealed last week in an SEC filing that it recently suffered a data breach after an employee fell victim to a phishing attack. | Data Breach | ||
|
2022-10-31 16:08:14 | Bearer, Notebook Labs, Protexxa Raise Millions in Seed Funding (lien direct) | Bearer, Notebook Labs, and Protexxa, three cybersecurity startups dealing with data security, web3 identity, and enterprise cyber hygiene, respectively, have announced raising a combined total of over $10 million in seed funding. | |||
|
2022-10-31 13:15:12 | Label Giant Multi-Color Corporation Discloses Data Breach (lien direct) | Label printing giant Multi-Color Corporation (MCC) has started informing employees that their personal information might have been compromised in a recent cyberattack. | Data Breach | ||
|
2022-10-28 14:53:56 | Indianapolis Low-Income Housing Agency Hit by Ransomware (lien direct) | The federal agency that provides low-income housing in Indianapolis is facing a ransomware attack that's delayed its ability to send out rent payments to landlords, a top agency official says. | Ransomware | ||
|
2022-10-28 13:12:07 | Twilio Says Employees Targeted in Separate Smishing, Vishing Attacks (lien direct) | Enterprise communications firm Twilio has concluded its investigation into the recent data breach and revealed on Thursday that its employees were targeted in smishing and vishing attacks on two separate occasions. | Data Breach | ||
|
2022-10-28 10:37:29 | Apple Paid Out $20 Million via Bug Bounty Program (lien direct) | Apple has launched a new security research blog and website, which will also be the new home of the company's bug bounty program. | |||
|
2022-10-28 09:08:13 | Slovak, Polish Parliaments Hit by Cyberattacks (lien direct) | Cyberattacks hit the Slovak and Polish parliaments on Thursday, bringing down the voting system in Slovakia's legislature, parliamentary authorities said. "The attack was multi-directional, including from inside the Russian Federation," the Polish Senate said in a statement. | |||
|
2022-10-27 10:46:52 | Industrial Ransomware Attacks: New Groups Emerge, Manufacturing Pays Highest Ransom (lien direct) | Industrial organizations continue to be a top target for ransomware attacks, and reports published by cybersecurity companies this week reveal some recent trends. | Ransomware | ||
|
2022-10-26 14:33:08 | Drizly Agrees to Tighten Data Security After Alleged Breach (lien direct) | Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators' allegations that its security failures exposed the personal information of some 2.5 million customers. | |||
|
2022-10-26 11:51:05 | Data Breach Victims Sue Rhode Island Transit Agency, Insurer (lien direct) | Two people whose personal information was compromised in a data breach at Rhode Island's public bus service that affected about 22,000 people sued the agency and a health insurer on Tuesday seeking monetary damages and answers. | Data Breach |
To see everything:
Our RSS (filtrered)
