What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-01-27 21:53:32 | USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave (lien direct) | Attackers aim to steal people\'s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.
Attackers aim to steal people\'s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries. |
Threat | ★★★ | |
|
2025-01-24 19:38:35 | Cisco: Critical Meeting Management Bug Requires Urgent Patch (lien direct) | The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited.
The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited. |
Threat | ★★ | |
|
2025-01-23 20:37:53 | Cloudflare CDN Bug Outs User Locations on Signal, Discord (lien direct) | Attackers can use a zero- or one-click flaw to send a malicious image to targets - an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.
Attackers can use a zero- or one-click flaw to send a malicious image to targets - an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive. |
Threat | ★★★ | |
|
2025-01-23 17:57:23 | CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught (lien direct) | The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.
The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices. |
Vulnerability Threat | ★★★ | |
|
2025-01-22 20:49:41 | Chinese Cyberspies Target South Korean VPN in Supply Chain Attack (lien direct) | Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.
Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea. |
Threat | ★★ | |
|
2025-01-21 21:15:18 | DONOT Group Deploys Malicious Android Apps in India (lien direct) | The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country\'s intelligence community.
The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country\'s intelligence community. |
Threat Mobile | ★★★ | |
|
2025-01-17 19:43:18 | US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches (lien direct) | The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon. |
Threat | ★★★ | |
|
2025-01-16 15:00:00 | Strategic Approaches to Threat Detection, Investigation & Response (lien direct) | By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence.
By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence. |
Threat | ★★★ | |
|
2025-01-14 17:50:24 | (Déjà vu) Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks (lien direct) | An ongoing campaign targeting FortiGate devices with management interfaces exposed on the public Internet is leading to unauthorized administrative logins and configuration changes, creating new accounts, and performing SSL VPN authentication.
An ongoing campaign targeting FortiGate devices with management interfaces exposed on the public Internet is leading to unauthorized administrative logins and configuration changes, creating new accounts, and performing SSL VPN authentication. |
Vulnerability Threat | ★★★ | |
|
2025-01-13 21:34:29 | Microsoft Cracks Down on Malicious Copilot AI Use (lien direct) | According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.
According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. |
Tool Threat | ★★★ | |
|
2025-01-13 20:44:00 | Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw (lien direct) | The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware. |
Malware Vulnerability Threat Cloud | ★★★ | |
|
2025-01-13 17:26:08 | Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results (lien direct) | Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.
Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar. |
Malware Threat | ★★★ | |
|
2025-01-10 22:37:54 | Threat Actors Exploit a Critical Ivanti RCE Bug, Again (lien direct) | New year, same story. Despite Ivanti\'s commitment to secure-by-design principles, threat actors - possibly the same ones as before - are exploiting its edge devices for the nth time.
New year, same story. Despite Ivanti\'s commitment to secure-by-design principles, threat actors - possibly the same ones as before - are exploiting its edge devices for the nth time. |
Threat | ★★★ | |
|
2025-01-06 21:12:00 | FireScam Android Spyware Campaign Poses \\'Significant Threat Worldwide\\' (lien direct) | A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.
A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say. |
Malware Threat Mobile | ★★ | |
|
2025-01-02 20:53:57 | VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive (lien direct) | Pas de details / No more details | Threat | ★★★ | |
|
2024-12-30 01:00:00 | Deepfakes, Quantum Attacks Loom Over APAC in 2025 (lien direct) | Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases. |
Tool Threat | ★★ | |
|
2024-12-26 14:00:00 | Emerging Threats & Vulnerabilities to Prepare for in 2025 (lien direct) | From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.
From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months. |
Vulnerability Threat Prediction | ★★★ | |
|
2024-12-20 17:23:44 | US Ban on TP-Link Routers More About Politics Than Exploitation Risk (lien direct) | While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company\'s popular routers is more about geopolitics than actual cybersecurity - and that may not be a bad thing.
While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company\'s popular routers is more about geopolitics than actual cybersecurity - and that may not be a bad thing. |
Threat | ★★ | |
|
2024-12-20 15:00:00 | How Nation-State Cybercriminals Are Targeting the Enterprise (lien direct) | Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment - it calls for a collaborative effort.
Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment - it calls for a collaborative effort. |
Threat | ★★★ | |
|
2024-12-18 20:23:22 | Recorded Future: Russia\\'s \\'Undesirable\\' Designation Is a Compliment (lien direct) | The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin\'s regime.
The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin\'s regime. |
Threat | ★★ | |
|
2024-12-17 15:00:00 | To Defeat Cybercriminals, Understand How They Think (lien direct) | Getting inside the mind of a threat actor can help security pros understand how they operate and what they\'re looking for - in essence, what makes a soft target.
Getting inside the mind of a threat actor can help security pros understand how they operate and what they\'re looking for - in essence, what makes a soft target. |
Threat | ★★ | |
|
2024-12-16 19:00:00 | The Education Industry: Why Its Data Must Be Protected (lien direct) | The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment.
The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment. |
Threat | ★★ | |
|
2024-12-16 10:22:25 | Microsoft Teams Vishing Spreads DarkGate RAT (lien direct) | A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. |
Malware Threat | ★★ | |
|
2024-12-13 21:56:35 | Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn (lien direct) | Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued. |
Ransomware Vulnerability Threat Patching | ★★ | |
|
2024-12-11 22:47:17 | Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug (lien direct) | The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks.
The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks. |
Vulnerability Threat | ★★★ | |
|
2024-12-11 22:13:51 | Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack (lien direct) | Threat actors punch holes in the company\'s online ordering systems, tripping up doughnut deliveries across the US after a late November breach.
Threat actors punch holes in the company\'s online ordering systems, tripping up doughnut deliveries across the US after a late November breach. |
Threat | ★★★ | |
|
2024-12-11 21:09:31 | Symmetrical Cryptography Pioneer Targets the Post-Quantum Era (lien direct) | Researchers at Cavero have created a correlating numbers mechanism, adding a layer of privacy that even threat actors can\'t gain enough information to breach.
Researchers at Cavero have created a correlating numbers mechanism, adding a layer of privacy that even threat actors can\'t gain enough information to breach. |
Threat | ★★★ | |
|
2024-12-10 22:21:02 | Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday (lien direct) | The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season. |
Vulnerability Threat | ★★★ | |
|
2024-12-10 21:03:08 | \\'Termite\\' Ransomware Likely Behind Cleo Zero-Day Attacks (lien direct) | The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.
The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks. |
Ransomware Vulnerability Threat | ★★ | |
|
2024-12-10 11:00:00 | Sprawling \\'Operation Digital Eye\\' Attack Targets European IT Orgs (lien direct) | A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.
A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack. |
Threat | ★★ | |
|
2024-12-09 22:42:00 | Microsoft NTLM Zero-Day to Remain Unpatched Until April (lien direct) | The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.
The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice. |
Vulnerability Threat | ★★★ | |
|
2024-12-05 22:04:39 | Russia\\'s \\'BlueAlpha\\' APT Hides in Cloudflare Tunnels (lien direct) | Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks. |
Threat Cloud | ★★ | |
|
2024-12-05 15:58:36 | \\'Earth Minotaur\\' Exploits WeChat Bugs, Sends Spyware to Uyghurs (lien direct) | The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.
The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans. |
Threat | ★★★ | |
|
2024-12-04 22:06:31 | CISA Issues Guidance to Telecom Sector on Salt Typhoon Threat (lien direct) | Individuals concerned about the privacy of their communications should consider using encrypted messaging apps and encrypted voice communications, CISA and FBI officials say.
Individuals concerned about the privacy of their communications should consider using encrypted messaging apps and encrypted voice communications, CISA and FBI officials say. |
Threat | ★★★ | |
|
2024-12-04 20:47:46 | Russian FSB Hackers Breach Pakistan\\'s APT Storm-0156 (lien direct) | Parasitic advanced persistent threat Secret Blizzard accesses another APT\'s infrastructure and steals what it has stolen from South Asian government and military targets.
Parasitic advanced persistent threat Secret Blizzard accesses another APT\'s infrastructure and steals what it has stolen from South Asian government and military targets. |
Threat | ★★★ | |
|
2024-12-04 20:06:00 | Pegasus Spyware Infections Proliferate Across iOS, Android Devices (lien direct) | The notorious spyware from Israel\'s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones.
The notorious spyware from Israel\'s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones. |
Threat Mobile | ★★ | |
|
2024-12-03 20:25:34 | Decade-Old Cisco Vulnerability Under Active Exploit (lien direct) | Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability.
Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability. |
Vulnerability Threat | ★★ | |
|
2024-12-03 16:19:13 | Venom Spider Spins Web of New Malware for MaaS Platform (lien direct) | A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group\'s cybercriminal tool set.
A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group\'s cybercriminal tool set. |
Malware Tool Threat | ★★ | |
|
2024-11-27 14:00:00 | Russian Script Kiddie Assembles Massive DDoS Botnet (lien direct) | Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices - and enterprise servers.
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices - and enterprise servers. |
Malware Tool Threat | ★★ | |
|
2024-11-26 21:36:42 | \\'RomCom\\' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor (lien direct) | The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. |
Vulnerability Threat | ★★★ | |
|
2024-11-26 20:13:20 | Salt Typhoon Builds Out Malware Arsenal With GhostSpider (lien direct) | The APT, aka Earth Estries, is one of China\'s most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.
The APT, aka Earth Estries, is one of China\'s most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected. |
Malware Threat | ★★★ | |
|
2024-11-20 20:35:09 | China\\'s \\'Liminal Panda\\' APT Attacks Telcos, Steals Phone Data (lien direct) | In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way. |
Threat | ★★★ | |
|
2024-11-20 15:05:05 | Apple Urgently Patches Actively Exploited Zero-Days (lien direct) | Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.
Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309. |
Threat | ★★★ | |
|
2024-11-20 14:14:02 | \\'Water Barghest\\' Sells Hijacked IoT Devices for Proxy Botnet Misuse (lien direct) | An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use.
An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use. |
Vulnerability Threat | ★★ | |
|
2024-11-18 17:11:38 | Palo Alto Networks Patches Critical Zero-Day Firewall Bug (lien direct) | The security vendor\'s Expedition firewall appliance\'s PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.
The security vendor\'s Expedition firewall appliance\'s PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet. |
Tool Vulnerability Threat | ★★ | |
|
2024-11-13 22:34:56 | Zero-Days Win the Prize for Most Exploited Vulns (lien direct) | Among the top exploited zero-day vulnerabilities were bugs found in systems from Citrix and Cisco.
Among the top exploited zero-day vulnerabilities were bugs found in systems from Citrix and Cisco. |
Vulnerability Threat | ★★★ | |
|
2024-11-12 22:41:11 | 2 Zero-Day Bugs in Microsoft\\'s Nov. Update Under Active Exploit (lien direct) | The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack.
The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack. |
Vulnerability Threat | ★★ | |
|
2024-11-12 19:46:24 | CrowdStrike Spends to Boost Identity Threat Detection (lien direct) | Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise.
Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise. |
Threat | ★★★ | |
|
2024-11-12 16:31:25 | Citrix Issues Patches for Zero-Day Recording Manager Bugs (lien direct) | There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."
There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE." |
Vulnerability Threat | ★★★ | |
|
2024-11-12 15:09:12 | Citrix \\'Recording Manager\\' Zero-Day Bug Allows Unauthenticated RCE (lien direct) | The unpatched security vulnerability, which doesn\'t have a CVE yet, is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter.
The unpatched security vulnerability, which doesn\'t have a CVE yet, is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter. |
Vulnerability Threat | ★★ |
To see everything:
Our RSS (filtrered)
