Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
 |
2023-05-11 13:10:06 |
Détails divulgués pour la chaîne d'exploitation qui permet le piratage des routeurs Netgear Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers (lien direct) |
> Claroty a divulgué les détails de 5 vulnérabilités qui peuvent être enchaînées dans un exploit permettant aux attaquants non authentifiés de pirater les routeurs Netgear.
>Claroty has disclosed the details of 5 vulnerabilities that can be chained in an exploit allowing unauthenticated attackers to hack Netgear routers.
|
Hack
|
|
★★
|
 |
2023-05-10 09:27:41 |
Twitter Celebrity Hacker plaide coupable aux États-Unis Twitter Celebrity Hacker Pleads Guilty in US (lien direct) |
> Joseph James O \\ 'Connor a plaidé coupable pour son rôle dans des plans pour pirater les comptes Twitter de célébrités comme Barack Obama et Elon Musk.
>Joseph James O\'Connor pleaded guilty for his role in schemes to hack the Twitter accounts of celebrities like Barack Obama and Elon Musk.
|
Hack
|
|
★★
|
 |
2023-04-24 11:42:12 |
Un défaut critique dans le produit INEA ICS expose les organisations industrielles aux attaques à distance Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks (lien direct) |
> La vulnérabilité critique trouvée dans INEA RTU peut être exploitée pour pirater à distance les appareils et provoquer des perturbations dans les organisations industrielles.
>Critical vulnerability found in Inea RTU can be exploited to remotely hack devices and cause disruption in industrial organizations.
|
Hack
Vulnerability
Industrial
|
|
★★★★
|
 |
2023-04-20 13:38:56 |
Attaque de la chaîne d'approvisionnement en cascade: 3cx piraté après l'application Trojanisée téléchargée par l'employé Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App (lien direct) |
> 3CX Hack est la première attaque de chaîne d'approvisionnement en cascade connue, la violation commençant après qu'un employé a téléchargé un logiciel compromis d'une autre entreprise.
>3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
|
Hack
|
|
★★★★
|
 |
2023-04-19 09:03:31 |
États-Unis, Royaume-Uni: la Russie exploitant la vieille vulnérabilité pour pirater les routeurs Cisco US, UK: Russia Exploiting Old Vulnerability to Hack Cisco Routers (lien direct) |
> Les agences gouvernementales américaines et britanniques ont émis un avertissement conjoint pour le groupe russe APT28 ciblant les routeurs Cisco en exploitant une ancienne vulnérabilité.
>US and UK government agencies have issued a joint warning for Russian group APT28 targeting Cisco routers by exploiting an old vulnerability.
|
Hack
Vulnerability
|
APT 28
|
★★
|
 |
2023-04-13 10:04:00 |
Les systèmes d'irrigation en Israël perturbés par des attaques de pirates contre les circuits intégrés Irrigation Systems in Israel Disrupted by Hacker Attacks on ICS (lien direct) |
> Les systèmes d'irrigation ont été perturbés récemment en Israël dans une attaque qui montre à nouveau à quel point il est facile de pirater les systèmes de contrôle industriel (ICS).
>Irrigation systems were disrupted recently in Israel in an attack that once again shows how easy it is to hack industrial control systems (ICS).
|
Hack
Industrial
|
|
★★★
|
 |
2023-04-06 13:42:04 |
Les voleurs utilisent un hack d'injection pour voler des voitures Thieves Use CAN Injection Hack to Steal Cars (lien direct) |
> Un haut-parleur portable d'aspect innocent peut masquer un dispositif de piratage qui lance des attaques d'injection de Can, qui ont été utilisées pour voler des voitures.
>An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.
|
Hack
|
|
★★★
|
 |
2023-04-03 13:47:40 |
Vulnérabilité du plugin Elementor Pro exploité pour pirater les sites Web WordPress Elementor Pro Plugin Vulnerability Exploited to Hack WordPress Websites (lien direct) |
> Une vulnérabilité sévère dans le plugin Elementor Pro WordPress est exploitée pour injecter des logiciels malveillants en sites Web vulnérables.
>A severe vulnerability in the Elementor Pro WordPress plugin is being exploited to inject malware into vulnerable websites.
|
Malware
Hack
Vulnerability
|
|
★★
|
 |
2023-04-03 10:13:07 |
Europe, Amérique du Nord le plus touché par le piratage de la chaîne d'approvisionnement 3CX Europe, North America Most Impacted by 3CX Supply Chain Hack (lien direct) |
> L'Europe, les États-Unis et l'Australie semblent être les plus touchées par le hack de chaîne d'approvisionnement 3CX, selon les données de deux sociétés de cybersécurité.
>Europe, the United States and Australia seem to be the most impacted by the 3CX supply chain hack, according to data from two cybersecurity firms.
|
Hack
|
|
★★
|
 |
2023-03-31 11:15:07 |
Mandiant enquêtant sur le piratage 3CX car les preuves montrent que les attaquants ont eu accès pendant des mois [Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months] (lien direct) |
> Plusieurs sociétés de cybersécurité ont publié des articles de blog, des avis et des outils pour aider les organisations qui pourraient avoir été frappées par l'attaque de la chaîne d'approvisionnement 3CX.
>Several cybersecurity companies have published blog posts, advisories and tools to help organizations that may have been hit by the 3CX supply chain attack.
|
Hack
|
|
★★
|
 |
2023-03-20 14:35:48 |
Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes (lien direct) |
>Cryptocurrency ATM maker General Bytes discloses a security incident resulting in the theft of millions of dollars' worth of crypto-coins.
|
Hack
|
|
★★
|
 |
2023-03-13 14:32:01 |
CISA Warns of Plex Vulnerability Linked to LastPass Hack (lien direct) |
>CISA has added vulnerabilities in Plex Media Server and VMware NSX-V to its Known Exploited Vulnerabilities catalog.
|
Hack
Vulnerability
|
LastPass
LastPass
|
★★★
|
 |
2023-03-10 09:30:00 |
Acronis Clarifies Hack Impact Following Data Leak (lien direct) |
>Acronis said a single customer's account was compromised after a hacker leaked gigabytes of information on a cybercrime forum.
|
Hack
|
|
★★
|
 |
2023-02-28 11:41:25 |
Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites (lien direct) |
A critical vulnerability in the Houzez premium WordPress theme and plugin has been exploited in the wild.
|
Hack
Vulnerability
|
|
★★★
|
 |
2023-02-22 13:30:01 |
R1Soft Server Backup Manager Vulnerability Exploited to Deploy Backdoor (lien direct) |
Hackers have been exploiting a vulnerability tracked as CVE-2022-36537 to hack hundreds of R1Soft servers.
|
Hack
Vulnerability
|
|
★★★
|
 |
2023-02-20 15:17:21 |
Coinbase Attack Linked to Group Behind Last Year\'s Twilio, Cloudflare Hacks (lien direct) |
Coinbase was recently targeted in a sophisticated phishing attack and the cryptocurrency exchange linked the hack to the 0ktapus group.
|
Hack
|
|
★★
|
 |
2023-02-20 10:09:07 |
GoDaddy Says Recent Hack Part of Multi-Year Campaign (lien direct) |
>GoDaddy recently discovered a hacker attack where a sophisticated threat group infected websites and servers with malware.
|
Hack
Threat
|
|
★
|
 |
2023-02-10 11:37:22 |
Documents, Code, Business Systems Accessed in Reddit Hack (lien direct) |
Reddit says its systems were hacked following a sophisticated phishing attack aimed at employees.
|
Hack
|
|
★★★
|
 |
2023-02-08 15:00:27 |
Australian Man Sentenced for Scam Related to Optus Hack (lien direct) |
>Australian authorities sentence Sydney man for using leaked data stolen from wireless carrier Optus to conduct SMS scams.
|
Hack
|
|
★★★
|
 |
2023-02-08 13:18:38 |
Siemens License Manager Vulnerabilities Allow ICS Hacking (lien direct) |
>The Siemens Automation License Manager is affected by two serious vulnerabilities that could be chained to hack industrial control systems (ICS).
|
Hack
Industrial
|
|
★★
|
 |
2023-01-25 12:00:00 |
Password Dependency: How to Break the Cycle (lien direct) |
>Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That's why it's so critical to break the password dependency cycle. But how can this be done?
|
Hack
|
|
★
|
 |
2023-01-16 13:18:41 |
Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems (lien direct) |
The US Department of Defense (DoD) is getting ready to launch the third installment of its 'Hack the Pentagon' bug bounty program, which will focus on the Facility Related Controls System (FRCS) network.
|
Hack
|
|
★★★
|
 |
2023-01-13 11:21:01 |
Fortinet Says Recently Patched Vulnerability Exploited to Hack Governments (lien direct) |
Fortinet reported this week that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations.
The security hole impacts the FortiOS SSL-VPN and it can allow a remote, unauthenticated hacker to execute arbitrary code or commands using specially crafted requests.
|
Hack
Vulnerability
|
|
★★★
|
 |
2023-01-12 11:16:48 |
Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers (lien direct) |
Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit.
|
Hack
Vulnerability
|
|
★★
|
 |
2022-12-15 12:56:02 |
Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG (lien direct) |
Australia's TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.
The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG.
|
Hack
Threat
|
|
★★
|
 |
2022-12-08 12:01:56 |
CloudSEK Blames Hack on Another Cybersecurity Company (lien direct) |
Digital risk protection company CloudSEK claims that another cybersecurity firm is behind a recent data breach resulting from the compromise of an employee's Jira account.
As part of the targeted cyberattack, an unknown party used session cookies for the employee's Jira account to gain access to various types of internal data.
|
Data Breach
Hack
|
|
★★
|
 |
2022-12-05 17:45:25 |
SIM Swapper Who Stole $20 Million Sentenced to Prison (lien direct) |
Nicholas Truglia, of Florida, was sentenced to 18 months in prison last week for stealing more than $20 million in a SIM swapping scheme.
According to the indictment, in January 2018, Truglia, now aged 25, participated in a scheme to hack into online accounts in an effort to steal cryptocurrency. He pleaded guilty in late 2021.
|
Hack
Guideline
|
|
★★
|
 |
2022-12-02 11:56:50 |
Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws (lien direct) |
Researchers at industrial cybersecurity firm Nozomi Networks have discovered three vulnerabilities in Mitsubishi Electric's GX Works3 engineering workstation software that could be exploited to hack safety systems.
|
Hack
|
|
★★★
|
 |
2022-11-29 13:32:35 |
Ransomware Gang Takes Credit for Maple Leaf Foods Hack (lien direct) |
The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods.
The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems.
|
Ransomware
Hack
|
|
★★★
|
 |
2022-11-17 09:39:05 |
Magento Vulnerability Increasingly Exploited to Hack Online Stores (lien direct) |
E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores.
|
Malware
Hack
Vulnerability
|
|
|
 |
2022-11-16 10:54:15 |
Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers (lien direct) |
A team of researchers from the University of Michigan, University of Pennsylvania and NASA have identified a potentially serious vulnerability in networking technology used in spacecraft, aircraft, and industrial control systems.
|
Hack
Vulnerability
|
|
|
 |
2022-11-10 11:30:18 |
ABB Oil and Gas Flow Computer Hack Can Prevent Utilities From Billing Customers (lien direct) |
Oil and gas flow computers and remote controllers made by Swiss industrial technology firm ABB are affected by a serious vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers, according to industrial cybersecurity firm Claroty.
|
Hack
Vulnerability
|
|
|
 |
2022-10-24 12:24:52 |
In Israel, Albanian PM to Meet Cyber Chief After Iran Hack (lien direct) |
Albanian Prime Minister Edi Rama arrived in Israel on Sunday for an official visit that will include a meeting with Israeli cyber defense officials, the Israeli Foreign Ministry said.
|
Hack
|
|
|
 |
2022-10-07 10:57:25 |
Binance Bridge Hit by $560 Million Hack (lien direct) |
Hackers have exploited a cross-chain bridge to divert more than $560 million worth of cryptocurrency from Binance Bridge.
Operating on the Binance Coins (BNB) Smart Chain, Binance Bridge is a blockchain bridge designed to help with the transfer of information and assets between blockchains.
|
Hack
|
|
|
 |
2022-10-06 17:06:34 |
Australian Police Make First Arrest in Optus Hack Probe (lien direct) |
A police investigation of a cyberattack on an Australian telecommunications company in which the personal data of more than one third of Australia's population was stolen has resulted in its first arrest, investigators said Thursday.
|
Hack
|
|
★★★
|
 |
2022-10-05 10:27:39 |
(Déjà vu) Seattle Woman Gets Probation for Massive Capital One Hack (lien direct) |
A former Seattle tech worker convicted of several charges related to a massive hack of Capital One bank and other companies in 2019 was sentenced Tuesday to time served and five years of probation.
|
Hack
|
|
|
 |
2022-10-04 01:10:35 |
Report: Mexico Continued to Use Spyware Against Activists (lien direct) |
The Mexican government or army has allegedly continued to use spyware designed to hack into the cellphones of activists, despite a pledge by President Andrés Manuel López Obrador to end such practices.
|
Hack
|
|
|
 |
2022-09-28 15:29:22 |
Fast Company Hack Impacts Website, Apple News Account (lien direct) |
American business magazine Fast Company has confirmed that its Apple News account was hijacked after hackers compromised its content management system (CMS).
The monthly magazine focuses on business, technology, and design. In addition to its online version, the magazine publishes six print issues each year.
|
Hack
|
|
★★★★★
|
 |
2022-09-27 12:24:20 |
Defense Giant Elbit Confirms Data Breach After Ransomware Gang Claims Hack (lien direct) |
Elbit Systems of America, a subsidiary of Israeli defense giant Elbit Systems, has confirmed suffering a data breach, a few months after a ransomware gang claimed to have hacked the company's systems.
|
Ransomware
Data Breach
Hack
|
|
|
 |
2022-09-26 10:50:50 |
Hacktivist Attacks Show Ease of Hacking Industrial Control Systems (lien direct) |
Hacktivists might not know a lot about industrial control systems (ICS), but they're well aware of the potential implications of these devices getting compromised. That is why some groups have been targeting these systems - which are often unprotected and easy to hack - to draw attention to their cause.
|
Hack
|
|
|
 |
2022-09-21 10:35:00 |
iBoot Power Distribution Unit Flaws Allow Hackers to Remotely Shut Down Devices (lien direct) |
Critical vulnerabilities discovered by researchers in Dataprobe's iBoot power distribution unit (PDU) can allow malicious actors to remotely hack the product and shut down connected devices, potentially causing disruption within the targeted organization.
|
Hack
|
|
|
 |
2022-09-19 10:24:11 |
GTA 6 Videos and Source Code Stolen in Rockstar Games Hack (lien direct) |
The Rockstar Games hacker also claims to be behind the recent Uber breach
|
Hack
|
Uber
Uber
|
|
 |
2022-09-12 11:34:17 |
Vulnerability in BackupBuddy Plugin Exploited to Hack WordPress Sites (lien direct) |
A recently resolved vulnerability in the BackupBuddy WordPress plugin has been exploited in malicious attacks since late August, Defiant's Wordfence team warns.
|
Hack
Vulnerability
|
|
|
 |
2022-09-01 12:59:12 |
Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack (lien direct) |
The Ragnar Locker ransomware gang says it has exfiltrated customer data in a cyberattack on Portuguese state-owned flag carrier airline TAP Air Portugal.
The incident was initially disclosed on August 26, when TAP announced on Twitter that it managed to foil the cyberattack before the threat actor could access any customer data.
|
Ransomware
Hack
Threat
|
|
|
 |
2022-08-26 14:40:34 |
DoorDash Data Compromised Following Twilio Hack (lien direct) |
Food delivery company DoorDash revealed on Thursday that customer and employee data has been exposed as a result of a recent breach at a third-party vendor.
DoorDash said hackers abused a third-party vendor's access to its systems. The attacker abused DoorDash's internal tools and gained access to the information of 'a small percentage of individuals'.
|
Hack
|
|
★★★★★
|
 |
2022-08-24 14:56:27 |
Plex Confirms Database Breach, Data Theft (lien direct) |
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted passwords.
|
Hack
|
|
|
 |
2022-08-16 13:53:13 |
Ransomware Group Claims Access to SCADA in Confusing UK Water Company Hack (lien direct) |
A ransomware group has hit at least one water company in the United Kingdom, but there is some confusion over whose systems were actually breached.
|
Ransomware
Hack
|
|
|
 |
2022-08-16 11:09:42 |
Signal Discloses Impact From Twilio Hack (lien direct) |
Secure communications services provider Signal on Monday disclosed impact from the recent Twilio hack, after threat actors attempted to re-register the phone numbers of some of its users to new devices.
|
Hack
Threat
|
|
|
 |
2022-08-15 10:46:06 |
Weaponized PLCs Can Hack Engineering Workstations in Attacks on Industrial Orgs (lien direct) |
Researchers have shown how hackers could weaponize programmable logic controllers (PLCs) and use them to exploit engineering workstations running software from several major industrial automation companies.
|
Hack
|
|
|
 |
2022-08-12 10:43:09 |
Zero-Day Vulnerability Exploited to Hack Over 1,000 Zimbra Email Servers (lien direct) |
A new zero-day vulnerability affecting Zimbra has been exploited to hack more than 1,000 enterprise email servers, according to incident response firm Volexity.
|
Hack
Vulnerability
|
|
|