What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-14 13:00:00 | TeamTNT Hits 150K Docker Containers via Malicious Cloud Images (lien direct) | Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says. | Threat | ★★★★ | |
|
2022-09-13 19:43:44 | ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools (lien direct) | Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer. | Threat | ||
|
2022-09-08 17:22:52 | A Pragmatic Response to the Quantum Threat (lien direct) | You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality. | Threat | ||
|
2022-09-07 21:50:17 | Pen Testing Evolves for the DevSecOps World (lien direct) | Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design. | Threat | ★★★ | |
|
2022-09-06 20:44:34 | Mysterious \'Worok\' Group Launches Spy Effort With Obfuscated Code, Private Tools (lien direct) | The threat actor - whose techniques and procedures do not match known groups - has created custom attack tools, including a program that hides scripts in .PNG images. | Threat | ||
|
2022-09-06 20:16:44 | TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks (lien direct) | What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns. | Malware Threat | ||
|
2022-09-06 19:51:08 | As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks (lien direct) | Hours after Los Angeles Unified School District hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector. | Ransomware Threat | ||
|
2022-09-02 14:00:00 | The Makings of a Successful Threat-Hunting Program (lien direct) | Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers. | Threat | ||
|
2022-08-31 20:09:09 | Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack (lien direct) | The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months. | Threat | ||
|
2022-08-24 17:33:27 | VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data (lien direct) | An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks. | Threat | ||
|
2022-08-24 15:30:01 | Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account (lien direct) | In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials. | Threat | ||
|
2022-08-24 14:38:30 | Acronis\' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023 (lien direct) | Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection. | Ransomware Threat Guideline | ||
|
2022-08-24 14:00:00 | Why Empathy Is the Key to Better Threat Modeling (lien direct) | Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams. | Threat | ||
|
2022-08-22 17:31:29 | Secureworks: How To Distinguish Hype From Reality With AI in SecOps (lien direct) | Secureworks' Nash Borges describes how his team has applied AI and ML to threat detection. | Threat | ||
|
2022-08-22 14:31:29 | Cisco: All Intelligence is Not Created Equal (lien direct) | Threat intel has changed over the years and that's changed how customers use it, says Matt Olney, director of Talos threat intelligence and interdiction at Cisco. | Threat | ||
|
2022-08-21 19:31:29 | Mimecast: Mitigating Risk Across a Complex Threat Landscape (lien direct) | Garret O'Hara of Mimecast discusses how companies can bolster security of their Microsoft 365 and Google Workspace environments, since cloud services often add complexity. | Threat | ||
|
2022-08-18 18:34:08 | China\'s APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload (lien direct) | The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access. | Tool Threat | APT 41 | |
|
2022-08-18 01:00:00 | Google Cloud Adds Curated Detection to Chronicle (lien direct) | The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team. | Threat | ||
|
2022-08-17 16:35:51 | \'Operation Sugarush\' Mounts Concerning Spy Effort on Shipping, Healthcare Industries (lien direct) | A suspected Iranian threat actor known as UNC3890 is gathering intel that could be used for kinetic strikes against global shipping targets. | Threat | ★★★★★ | |
|
2022-08-16 19:54:24 | Microsoft Disrupts Russian Group\'s Multiyear Cyber-Espionage Campaign (lien direct) | "Seaborgium" is a highly persistent threat actor that has been targeting organizations and individuals of likely interest to the Russian government since at least 2017, company says. | Threat | ||
|
2022-08-16 14:00:00 | Lessons From the Cybersecurity Trenches (lien direct) | Threat hunting not only serves the greater good by helping keep users safe, it rewards practitioners with the thrill of the hunt and solving of complex problems. Tap into your background and learn to follow your instincts. | Threat | ||
|
2022-08-12 22:00:00 | Cybercriminals Weaponizing Ransomware Data For BEC Attacks (lien direct) | Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks. | Ransomware Threat | ||
|
2022-08-11 16:21:18 | New Cross-Industry Group Launches Open Cybersecurity Framework (lien direct) | 18 companies led by Amazon and Splunk announced the OCSF framework, to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications. | Threat | ||
|
2022-08-11 00:08:11 | New HTTP Request Smuggling Attacks Target Web Browsers (lien direct) | Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says. | Threat | ||
|
2022-08-10 15:47:13 | OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022 (lien direct) | Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers. | Malware Threat | ||
|
2022-08-10 14:46:53 | Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape (lien direct) | New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities. | Malware Threat | ||
|
2022-08-09 15:26:02 | Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale (lien direct) | New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations. | Threat | ||
|
2022-08-09 14:00:00 | Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks (lien direct) | Machine-learning algorithms alone may miss signs of a successful attack on your organization. | Threat | ||
|
2022-08-08 19:00:00 | 10 Malicious Code Packages Slither into PyPI Registry (lien direct) | The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. | Malware Threat | ||
|
2022-08-08 14:00:00 | Pipeline Operators Are Headed in the Right Direction, With or Without TSA\'s Updated Security Directives (lien direct) | A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better. | Threat | ||
|
2022-08-05 16:38:36 | A Ransomware Explosion Fosters Thriving Dark Web Ecosystem (lien direct) | For the right price, threat actors can get just about anything they want to launch a ransomware attack - even without technical skills or any previous experience. | Ransomware Threat | ★★ | |
|
2022-08-04 20:36:33 | Time to Patch VMware Products Against a Critical New Vulnerability (lien direct) | A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines. | Vulnerability Threat | ||
|
2022-08-03 17:00:00 | Zero-Day Defense: Tips for Defusing the Threat (lien direct) | Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust. | Threat | ||
|
2022-08-02 17:05:52 | Microsoft Intros New Attack Surface Management, Threat Intel Tools (lien direct) | Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts. | Threat | ||
|
2022-08-02 16:00:00 | VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware (lien direct) | Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal. | Malware Threat | ||
|
2022-08-02 15:24:02 | Incognia Mobile App Study Reveals Low Detection of Location Spoofing in Dating Apps (lien direct) | With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety. | Threat | ||
|
2022-07-28 16:41:06 | APT-Like Phishing Threat Mirrors Landing Pages (lien direct) | By dynamically mirroring an organization's login page, threat actors are propagating legitimate-looking phishing attacks that encourage victims to offer up access to the corporate crown jewels. | Threat | ||
|
2022-07-28 09:00:00 | In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement (lien direct) | With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections. | Malware Threat | ||
|
2022-07-25 20:35:41 | Rare \'CosmicStrand\' UEFI Rootkit Swings into Cybercrime Orbit (lien direct) | The firmware threat offers ultimate stealth and persistence - and may be distributed via tainted firmware components in a supply chain play, researchers theorize. | Threat | ||
|
2022-07-25 19:47:15 | Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs (lien direct) | Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT. | Ransomware Malware Threat | ||
|
2022-07-22 16:43:09 | Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments (lien direct) | Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology. | Ransomware Malware Threat | ||
|
2022-07-22 15:46:10 | (Déjà vu) Phishing Bonanza: Social Engineering Savvy Skyrockets as Malicious Actors Cash In (lien direct) | The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates. | Threat | ||
|
2022-07-20 19:46:17 | Lax Security Fuels Massive 8220 Gang Botnet Army Surge (lien direct) | The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say. | Threat | APT 17 | |
|
2022-07-20 19:40:45 | \'AIG\' Threat Group Launches with Unique Business Model (lien direct) | The rapidly growing Atlas Intelligence Group relies on cyber-mercenaries to carry out its missions. | Threat | ||
|
2022-07-20 18:17:28 | Mutare Voice Network Threat Survey Shows Nearly Half of Organizations Experienced Vishing or Social Engineering Attacks in Past Year (lien direct) | Unsecured voice traffic, skyrocketing adoption of Teams-centric enterprise collaboration tools widen enterprise cybersecurity gaps and increase risk of breach. | Threat | ||
|
2022-07-20 15:05:49 | Chaotic LAPSUS$ Group Goes Quiet, but Threat Likely Persists (lien direct) | The LAPSUS$ group emerged with a big splash at the end of 2021, targeting companies, including Okta, with a "reckless and disruptive" approach to hacking. | Threat | ||
|
2022-07-14 20:43:13 | DHS Review Board Deems Log4j an \'Endemic\' Cyber Threat (lien direct) | Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. | Vulnerability Threat | ||
|
2022-07-14 13:33:18 | The Next Generation of Threat Detection Will Require Both Human and Machine Expertise (lien direct) | To be truly effective, threat detection and response need to combine the strengths of people and technology. | Threat | ||
|
2022-07-12 20:00:00 | Understanding the Omdia Threat Detection Data Lifecycle (lien direct) | Data quality is key in an effective TDIR solution. Omdia's threat detection data lifecycle highlights the considerations for effective data-driven threat detection | Threat | ||
|
2022-07-08 14:00:00 | Zero Trust Bolsters Our National Defense Against Rising Cyber Threats (lien direct) | The Colonial Pipeline and JBS attacks, among others, showed us our national resilience is only as strong as public-private sector collaboration. | Threat |
To see everything:
Our RSS (filtrered)
