What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-16 15:03:18 | Iran-Linked APT Abuses Slack in Attacks on Asian Airline (lien direct) | The Iran-linked advanced persistent threat (APT) actor MuddyWater was observed deploying a backdoor that abuses Slack on the network of an Asian airline, IBM Security X-Force reports. | Threat | ★★★★★ | |
|
2021-12-14 13:30:39 | Iranian APT Targets Middle East Telecoms Operators in Espionage Campaign (lien direct) | A cyberespionage campaign targeting telecoms operators, IT services organizations, and a utility company in the Middle East and other parts of Asia has been linked to the Iran-nexus advanced persistent threat (APT) actor tracked as MuddyWater, Symantec reports. | Threat | ||
|
2021-12-10 14:00:57 | Fujitsu Retires Tool Targeted by Threat Actors (lien direct) | Japanese tech giant Fujitsu has announced plans to retire the ProjectWEB project information sharing tool after it was targeted by threat actors earlier this year. Designed to aid collaboration between teams, ProjectWEB is a tool that organizations can employ to share project data both within and outside of their environments. | Tool Threat | ||
|
2021-12-09 16:11:33 | Volume of Attacks on IoT/OT Devices Increasing: Microsoft Study (lien direct) | The volume of attacks on IoT and OT devices is increasing and in many cases these systems were specifically targeted by threat actors, according to a new study commissioned by Microsoft. | Threat | ||
|
2021-12-09 12:01:05 | Australian Electricity Provider \'CS Energy\' Hit by Ransomware (lien direct) | Australian electricity provider CS Energy has been hit by a ransomware attack, but the company says electricity generation has not been affected and it has denied claims that the attack was conducted by a state-sponsored threat group. The attack was discovered on November 27 and the company informed the public about the incident a few days later. | Ransomware Threat | ||
|
2021-12-07 13:04:42 | Microsoft Seizes Domains Used by China-Linked APT \'Nickel\' (lien direct) | Microsoft says it has seized control of domains that China-linked threat actor Nickel has been employing in malicious attacks targeting organizations in the United States and worldwide. | Threat | APT 15 | |
|
2021-12-07 11:38:18 | SolarWinds Hackers Use New Malware in Attacks That Serve Russian Interests (lien direct) | The threat group believed to be responsible for the attack on IT management company SolarWinds has developed new malware as it continues to target organizations that possess data relevant to Russian interests. | Malware Threat | ||
|
2021-12-06 17:17:48 | Zoho Confirms New Zero-Day, Ships Exploit Detector (lien direct) | The security problems at enterprise software provider Zoho continue to multiply with confirmation of a new critical authentication bypass vulnerability -- the third in four months -- being exploited in the wild by advanced threat actors. | Vulnerability Threat | ||
|
2021-12-03 11:11:06 | Facebook Expands Advanced Security Program to More Countries (lien direct) | Facebook on Thursday announced that it is on track to make its Facebook Protect security program available globally. The program is meant to help individuals at risk of being targeted by threat actors, including government officials, human rights defenders, and journalists, to better secure their accounts and prevent potential compromise. | Threat | ||
|
2021-12-01 16:14:02 | Prediction Season: What\'s in Store for Cybersecurity in 2022? (lien direct) | The past year has been quite challenging and tiring for many IT and security professionals, as threat actors capitalized on the rapidly changing environment created by accelerated digitalization and cloud transformation in response to the COVID-19 pandemic. | Threat | ||
|
2021-12-01 15:31:29 | Critical Vulnerability Found in More Than 150 HP Printer Models (lien direct) | Multiple Vulnerabilities Found in More Than 150 HP Printer Models; Critical Flaw Could Allow Attackers to Move Laterally Vulnerabilities in more than 150 multi-function printers from HP demonstrate that any type of device that connects to a network can expand the perceived threat surface. | Vulnerability Threat | ||
|
2021-12-01 11:50:49 | Yanluowang Ransomware Targeting U.S. Financial Corporations (lien direct) | Security researchers with Symantec believe that the Yanluowang ransomware is operated by a threat actor that was previously affiliated to the FiveHands group. | Ransomware Threat | ||
|
2021-12-01 11:30:59 | \'WIRTE\' Attacks Targeting Middle Eastern Governments Linked to Hamas Cyberspies (lien direct) | Over the past couple of years, a threat actor tracked as WIRTE has continued its assaults on entities in the Middle East using “living off the land” techniques, Kaspersky reports. | Threat | ||
|
2021-11-30 12:24:19 | North Korean Hackers Use New \'Chinotto\' Malware to Target Windows, Android Devices (lien direct) | Kaspersky has analyzed a new espionage campaign conducted by the threat actor named ScarCruft, and the security firm's researchers have uncovered a previously unknown malware that has been used to target Windows and Android devices. | Malware Threat Cloud | APT 37 | |
|
2021-11-30 11:54:54 | MI6 Spy Chief Says China, Russia, Iran Top UK Threat List (lien direct) | UK spies seek help from tech firms against cyber threats | Threat | ||
|
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 12:32:00 | Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (lien direct) | More than 20 vulnerabilities have been identified by Cisco's Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications. | Threat | ||
|
2021-11-19 11:10:33 | North Korean Hacker Group Intensifies Espionage Campaigns (lien direct) | A North Korea-linked threat actor tracked as TA406 has intensified its attacks in 2021, particularly credential harvesting campaigns, Proofpoint reports. | Threat | ||
|
2021-11-18 18:54:25 | Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (lien direct) | Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets. | Threat | ||
|
2021-11-18 16:23:14 | Acronyms Aside, the SOC of the Future Needs These 3 Capabilities (lien direct) | Every discipline has its acronyms, but I'd venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There's nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. | Threat | ||
|
2021-11-17 15:55:00 | U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws (lien direct) | Iranian Threat Actors Target U.S. Critical Infrastructure, Australian Organizations | Threat | ||
|
2021-11-16 20:33:56 | Mandiant Attributes Ghostwriter APT Attacks to Belarus (lien direct) | The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team. | Threat | ||
|
2021-11-16 15:55:13 | Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (lien direct) | External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. | Threat | ||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat | ||
|
2021-11-10 12:06:35 | The Rising Threat Stemming From Identity Sprawl (lien direct) | Identity sprawl in the age of remote working and business transformation is a threat to cybersecurity | Threat | ||
|
2021-11-08 17:27:54 | US Government Contractor EWA Discloses Data-Theft Breach (lien direct) | U.S. government defense contractor Electronic Warfare Associates (EWA) has started sending out notifications to warn of a data breach that resulted in the theft of Personally Identifiable Information (PII). In early August 2021, the company said a threat actor was able to compromise the EWA email system following a successful phishing attack. | Data Breach Threat | ||
|
2021-11-04 14:55:50 | Ukraine Names Russian FSB Officers Involved in Gamaredon Cyberattacks (lien direct) | Ukraine's security service, the SBU, on Thursday revealed the identities of five individuals allegedly involved in cyberattacks attributed to a Russia-linked threat group named Gamaredon. | Threat | ||
|
2021-11-02 16:05:05 | IBM Security to Acquire ReaQta for xDR Push (lien direct) | IBM Security on Tuesday announced plans to acquire ReaQta, an early-stage European startup in the red-hot autonomous threat detection and response business. Financial terms of the transaction were not released. ReaQta, based in the Netherlands, raised an undisclosed Series A funding round earlier this year. | Threat | ||
|
2021-11-02 12:51:34 | Security Pros Know What They Need to Do, But Constrained by Lack of Resources (lien direct) | A new survey report describes security teams as trapped by a lack of resources into continuing what they have been doing (which, from empirical evidence, clearly is not working) rather than migrating their efforts to what they believe they should be doing (risk analysis and threat modeling). | Threat | ||
|
2021-10-28 12:25:51 | Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software (lien direct) | Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. | Threat | ||
|
2021-10-26 12:28:47 | BillQuick Billing Software Exploited to Hack U.S. Engineering Company (lien direct) | Hackers abused the BillQuick Web Suite billing software to compromise the network of an engineering company in the United States and deploy ransomware, threat detection firm Huntress reports. | Hack Threat | ||
|
2021-10-25 14:54:45 | Changing Approaches to Preventing Ransomware Attacks (lien direct) | Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries | Ransomware Threat | ||
|
2021-10-22 08:51:49 | Cookie Theft Malware Used to Hijack YouTube Accounts (lien direct) | Google says it has disrupted phishing attacks in which threat actors were attempting to use cookie theft malware to hijack YouTube accounts and abuse them to promote cryptocurrency scams. | Malware Threat | ||
|
2021-10-19 21:42:01 | U.S. Government Issues Urgent Warning on BlackMatter Ransomware (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint advisory to warn organizations of an increased threat posed by the BlackMatter ransomware gang. | Ransomware Threat | ||
|
2021-10-19 21:31:23 | Nation-State APT Targets Afghans With New Toolset (lien direct) | A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning from anti-malware vendor Symantec. | Threat | ||
|
2021-10-15 13:22:31 | Russia-Linked TA505 Back at Targeting Financial Institutions (lien direct) | Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies. The attacks target organizations across multiple sectors in Canada, the United States, Hong Kong, Europe, and more, and have seen low detection rates in Google's VirusTotal scanning engine. | Malware Threat | ||
|
2021-10-15 12:47:22 | Nations Vow to Combat Ransomware at US-Led Summit (lien direct) | Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit. | Ransomware Threat | ||
|
2021-10-13 13:43:00 | Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (lien direct) | Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations, researchers with the NCC Group reveal. | Threat | ||
|
2021-10-13 12:20:12 | Apple Points to Android Malware Infections in Argument Against Sideloading on iOS (lien direct) | Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users. | Malware Threat | ||
|
2021-10-12 15:08:23 | Cybereason Partners With Google Chronicle on XDR Product (lien direct) | Extended Detection and Response (XDR) is touted as the security solution for the increasingly complex modern IT ecosphere. The principle is to extend EDR threat hunting beyond the endpoint and across the entire infrastructure. Cybereason has announced a partnership with Google Chronicle – the latter to provide ecosphere data, and the former to provide the threat hunting capability. | Threat | ||
|
2021-10-11 17:04:04 | Microsoft Exposes Iran-linked APT Targeting U.S., Israeli Defense Tech Sectors (lien direct) | Threat hunters at Microsoft are raising the alarm about a new Iran-linked threat actor caught using password-spraying techniques to break into defense technology companies in the United States, Israel and parts of the Middle East. | Threat | ||
|
2021-10-07 14:55:55 | Iran-linked MalKamak Hackers Targeting Aerospace, Telcos With ShellClient RAT (lien direct) | Operation GhostShell Believed to be Linked to Iranian Threat Actor | Threat | ||
|
2021-10-06 11:04:46 | What\'s in a Threat Group Name? An Inside Look at the Intricacies of Nation-State Attribution (lien direct) | Understanding the naming conventions of various threat groups can help us better understand the overall threat landscape | Threat | ||
|
2021-10-05 10:00:07 | NSA\'s Rob Joyce Explains \'Sand and Friction\' Security Strategy (lien direct) | News Analysis: The newly minted director of cybersecurity at NSA offers a candid assessment of the nation-state threat landscape and argues that adding “sand and friction” to adversary operations is a winning strategy. | Threat | ||
|
2021-09-30 13:25:16 | New CISA Tool Helps Organizations Assess Insider Threat Risks (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week released a tool to help organizations assess their insider threat risk posture. | Tool Threat | ||
|
2021-09-29 13:39:51 | COVID-19\'s Healthcare Feeding Frenzy for Cybercriminals (lien direct) | The COVID-19 pandemic has enlarged the threat landscape for all industry sectors; but none more so than healthcare. The primary areas of concern include insecure working from home, and stress related lax behavior at the office. | Threat | ||
|
2021-09-28 17:28:54 | Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (lien direct) | Microsoft on Monday published a blog post detailing a piece of malware used by the threat actor behind the SolarWinds attack to exfiltrate data from compromised servers. | Malware Threat | ||
|
2021-09-27 13:53:24 | UK-Based Threat Detection Firm SenseOn Raises $20 Million (lien direct) | SenseOn, a UK-based threat detection company, today announced that it has raised $20 million in Series A funding to scale its AI-based cybersecurity platform business. | Threat | ||
|
2021-09-27 08:38:40 | Threat Actor Targets Indian Government With Commercial RATs (lien direct) | A threat actor is employing commercial remote access Trojans (RATs) in a series of malicious attacks targeting Indian government and military personnel, Cisco's Talos security researchers warn. | Threat | ||
|
2021-09-24 14:44:43 | Google Says Threat Actors Using New Code Signing Tricks to Evade Detection (lien direct) | Financially motivated threat actors have started using new code signing tricks to increase the chances of their software evading detection on Windows systems, Google's Threat Analysis Group reported on Thursday. | Threat |
To see everything:
Our RSS (filtrered)
