What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-09-27 03:53:32 | Stratégies pour la protection des ransomwares marchands Strategies for Merchant Ransomware Protection (lien direct) |
Introduction Les attaques de ransomwares sont devenues une menace importante pour les entreprises de toutes tailles, y compris les commerçants qui comptent sur des systèmes de paiement électronique pour leurs opérations.Ces attaques malveillantes peuvent vous enfermer de vos systèmes critiques, crypter vos données et exiger une rançon lourde en échange de la clé de décryptage.Pour protéger votre entreprise et votre client [& # 8230;]
Introduction Ransomware attacks have become a significant threat to businesses of all sizes, including merchants who rely on electronic payment systems for their operations. These malicious attacks can lock you out of your critical systems, encrypt your data, and demand a hefty ransom in exchange for the decryption key. To safeguard your business and customer […] |
Ransomware Threat | ★★ | |
|
2023-09-15 17:03:49 | Le groupe de menaces Storm-0324 étend les vecteurs d'attaque, ciblant les équipes Microsoft Storm-0324 Threat Group Expands Attack Vectors, Targeting Microsoft Teams (lien direct) |
Un groupe de cyber-menaces motivé par financièrement que Microsoft a suivi sous l'alias & # 8220; Storm-0324 & # 8221;élargit ses méthodologies de cyber-attaque.Historiquement, ce groupe a principalement infiltré les systèmes via des vecteurs d'infection par e-mail, transmettant plus tard l'accès aux réseaux compromis à d'autres acteurs malveillants.Ces transferts dégénèrent fréquemment des attaques de ransomwares.En juillet 2023, Storm-0324 a [& # 8230;]
A financially driven cyber threat group that Microsoft has been tracking under the alias “Storm-0324” is expanding its cyber-attack methodologies. Historically, this group primarily infiltrated systems via email-based infection vectors, later passing on access to the compromised networks to other malicious actors. These handoffs frequently escalate to ransomware attacks. As of July 2023, Storm-0324 has […] |
Ransomware Threat | ★★ | |
|
2023-09-15 16:26:36 | Bianlian Threat Group viole les ONG renommée, vole de grandes quantités de données BianLian Threat Group Breaches Renowned NGO, Steals Vast Amounts of Data (lien direct) |
Dans une cyberattaque récente, un groupe de menaces éminent identifié comme Bianlian aurait compromis l'une des ONG les plus importantes du monde, réalisant un alarmant 7 To de données.Ces données comprennent une gamme d'informations sensibles, y compris les dossiers financiers, les détails médicaux, les fichiers RH et les communications par e-mail personnelles.Tandis que le groupe Bianlian l'a fait [& # 8230;]
In a recent cyber-attack, a prominent threat group identified as BianLian has reportedly compromised one of the most significant NGOs on the globe, making off with an alarming 7TB of data. This data encompasses a range of sensitive information, including financial records, medical details, HR files, and personal email communications. While the BianLian group did […] |
Threat Medical | ★★ | |
|
2023-09-04 10:55:28 | Les écoles ont mis en garde contre les menaces de cybersécurité au début d'une nouvelle année académique Schools Warned Of Cybersecurity Threats At The Start Of New Academic Year (lien direct) |
À l'approche de la nouvelle année académique, les chefs d'établissement sont mis en garde par le National Cyber Security Center (NCSC) pour se préparer à des cyberattaques potentielles.Le centre a souligné la nécessité de mettre en œuvre & # 8220; mesures de sécurité appropriées & # 8221;Sauvegarder contre ces menaces et éviter les perturbations.Bien qu'il n'y ait aucune indication actuelle d'un niveau de menace élevé à mesure que les écoles reprennent, [& # 8230;]
As the new academic year approaches, school leaders are being cautioned by the National Cyber Security Centre (NCSC) to prepare for potential cyberattacks. The Centre has emphasized the necessity of implementing “appropriate security measures” to safeguard against these threats and avoid disruptions. While there’s no current indication of an elevated threat level as schools resume, […] |
Threat | ★★ | |
|
2023-08-23 12:59:35 | St Helens Council Targeted In Suspected Ransomware Attack (lien direct) | Le Conseil d'arrondissement de St Helens à Merseyside a été victime d'une attaque présumée de ransomwares, selon un communiqué officiel publié le lundi 21 août. L'autorité locale a décrit l'incident comme a & # 8220; situation complexe et évolutive, & # 8221;avec des experts en cybersécurité qui enquêtent actuellement sur la violation.L'attaque du ransomware, un type de cyber-menace où les criminels cryptent [& # 8230;]
St Helens Borough Council in Merseyside has fallen victim to a suspected ransomware attack, according to an official statement released on Monday, August 21. The local authority has described the incident as a “complex and evolving situation,” with cybersecurity experts currently investigating the breach. The ransomware attack, a type of cyber threat where criminals encrypt […] |
Ransomware Threat | ★★ | |
|
2023-08-23 12:59:35 | St Helens Council ciblé dans une attaque de ransomware présumée St Helens Council Targeted In Suspected Ransomware Attack (lien direct) |
Le Conseil d'arrondissement de St Helens à Merseyside a été victime d'une attaque présumée de ransomwares, selon un communiqué officiel publié le lundi 21 août. L'autorité locale a décrit l'incident comme a & # 8220; situation complexe et évolutive, & # 8221;avec des experts en cybersécurité qui enquêtent actuellement sur la violation.L'attaque du ransomware, un type de cyber-menace où les criminels cryptent [& # 8230;]
St Helens Borough Council in Merseyside has fallen victim to a suspected ransomware attack, according to an official statement released on Monday, August 21. The local authority has described the incident as a “complex and evolving situation,” with cybersecurity experts currently investigating the breach. The ransomware attack, a type of cyber threat where criminals encrypt […] |
Ransomware Threat | ★★★ | |
|
2023-08-16 12:59:41 | Les forces de police anglaises admettent à une erreur de traitement des données affectant plus de 1 000 personnes English Police Forces Admit to Data Handling Blunder Affecting Over 1,000 People (lien direct) |
Les incidents récents mettent en évidence un modèle de violations de données dans les services de police.Deux principaux forces de police en Angleterre, Norfolk et Suffolk, ont publiquement reconnu les données sensibles à la mauvaise gége.Cette violation a affecté 1 230 personnes, notamment des victimes, des témoins et des suspects liés à des affaires allant de la violence domestique et des infractions sexuelles aux agressions, aux vols et aux crimes de haine.Ces révélations sont venues [& # 8230;]
Recent incidents highlight a pattern of data breaches in police departments. Two leading police forces in England, Norfolk and Suffolk, have publicly acknowledged mishandling sensitive data. This breach affected 1,230 individuals, including victims, witnesses, and suspects related to cases ranging from domestic abuse and sexual offences to assaults, thefts, and hate crimes. These revelations came […] |
Threat | ★★★ | |
|
2023-07-24 11:33:02 | La nouvelle nécessité des vacances d'été: Cyber Hygiène The New Summer Vacation Necessity: Cyber Hygiene (lien direct) |
Ah, vacances d'été.Quelque chose que nous attendons presque tous avec impatience chaque année & # 8211;un temps pour se détendre et réinitialiser.C'est un moment pour les employés de prendre une pause bien méritée du travail et de recharger leurs batteries.C'est aussi un moment pour les cybercriminels de frapper.Dans le paysage des menaces d'aujourd'hui, ce n'est pas seulement un écran solaire et un bain [& # 8230;]
Ah, summer vacation. Something we almost all look forward to each year – a time to relax and reset. It\'s a time for employees to take a much-deserved break from work and recharge their batteries. It\'s also a time for cyber criminals to strike. In today\'s threat landscape, it\'s not just sunscreen and a bathing […] |
Threat | ★★ | |
|
2023-07-24 04:46:53 | Le paysage des menaces par courrier électronique, T1 2023: les plats clés à retenir The Email Threat Landscape, Q1 2023: Key Takeaways (lien direct) |
L'une des préoccupations les plus urgentes de l'ère numérique est l'abondance des cybermenaces de toutes les directions, avec un grand nombre de ces menaces provenant du courrier électronique.Les utilisateurs doivent être conscients des menaces, comment les détecter et les identifier, et comment éviter d'être victimes d'eux.La première étape de [& # 8230;]
One of the most pressing concerns in the digital age is the abundance of cyber threats from all directions, with a large number of those threats coming from email. Users must be aware of what threats exist, how to detect and identify them, and how to avoid falling victim to them. The first step in […] |
Threat | ★★★ | |
|
2023-06-25 20:54:29 | Comment les fabricants peuvent-ils cesser d'être la meilleure cible de la cybercriminalité? How Can Manufacturers Stop Being The Top Target For Cyber Crime? (lien direct) |
Historiquement, le secteur des services financiers a été le plus attaqué par les cybercriminels.Pourtant, en 2021, il y a eu un changement substantiel, et une industrie différente est classée au sommet pour la première fois & # 8211;l'industrie manufacturière.Pour la deuxième année consécutive, la fabrication était l'industrie la mieux attaquée selon l'IBM & # 8217; s X-Force Threat Intelligence Index. & # 160; & # 160;[& # 8230;]
Historically, the financial services sector has been the most attacked by cybercriminals. Still, in 2021 there was a substantial shift, and a different industry ranked at the top for the first time – the manufacturing industry. For the second year in a row, manufacturing was the top-attacked industry according to IBM’s X-Force Threat Intelligence Index. […] |
Threat | ★★ | |
|
2023-06-22 09:15:45 | Navigation du paysage cyber-menace: aperçus clés du rapport Trellix Arc \\'s Q1 2023 Navigating the Cyber Threat Landscape: Key Insights from Trellix ARC\\'s Q1 2023 Report (lien direct) |
Au premier trimestre de 2023, le Trellix Advanced Research Center (ARC) a dévoilé un rapport complet de cyber-starreat, fournissant des informations cruciales sur le paysage mondial des menaces en évolution.L'étude analyse méticuleusement les principaux défis auxquels sont confrontés les équipes des CISO et SECOP, examine le paysage mondial de la cybersécurité et explore des incidents de sécurité importants.Selon le rapport, 96% [& # 8230;]
In the first quarter of 2023, the Trellix Advanced Research Center (ARC) has unveiled a comprehensive CyberThreat Report, delivering crucial insights into the evolving global threat landscape. The study meticulously analyses the key challenges faced by CISOs and SecOps teams, examines the global cybersecurity landscape, and explores significant security incidents. According to the report, 96% […] |
Threat | ★★ | |
|
2023-06-20 11:31:20 | Comprendre la cyber-résilience: construire une approche holistique de la cybersécurité Understanding Cyber Resilience: Building a Holistic Approach to Cybersecurity (lien direct) |
Introduction: Dans le monde interconnecté d'aujourd'hui, la menace des cyberattaques est une préoccupation constante pour les organisations de toutes les industries.Tandis que le terme & # 8220; cybersécurité & # 8221;est largement débattu, le concept de cyber-résilience offre une approche plus complète pour atténuer les risques.La cyber-résilience implique non seulement de rendre difficile pour les attaquants d'infiltrer vos systèmes, mais aussi [& # 8230;]
Introduction: In today’s interconnected world, the threat of cyber attacks is a constant concern for organizations across all industries. While the term “cybersecurity” is widely debated, the concept of cyber resilience offers a more comprehensive approach to mitigating risks. Cyber resilience entails not only making it difficult for attackers to infiltrate your systems but also […] |
Threat | ★★ | |
|
2023-06-07 10:30:07 | Une plongée profonde dans le rapport Verizon 2023 DBIR: Erreur humaine, ransomware et exploits log4j A Deep Dive into the Verizon 2023 DBIR Report: Human Error, Ransomware, and Log4j Exploits (lien direct) |
Le rapport Verizon 2023 Data Breach Investigations (DBIR) présente une analyse complète des violations mondiales de données, offrant des informations précieuses sur l'état contemporain des menaces de cybersécurité.Dans cette analyse, nous plongerons dans les principales conclusions du rapport, y compris le rôle répandu de l'erreur humaine, la menace persistante de ransomware et l'impact du log4j [& # 8230;]
The Verizon 2023 Data Breach Investigations Report (DBIR) presents a comprehensive analysis of global data breaches, offering valuable insights into the contemporary state of cybersecurity threats. In this analysis, we will delve into key findings from the report, including the prevalent role of human error, persistent threat of ransomware, and the impact of the Log4j […] |
Data Breach Threat | ★★★ | |
|
2023-06-05 10:41:02 | Comment Android s'empile-t-il vs iOS? How Does Android Stack Up vs iOS? (lien direct) |
Notre récent rapport de menace a montré que, bien que, dans l'ensemble, les détections de menaces globales ont chuté de 13,2%, il y avait une catégorie qui a prospéré: Android.La catégorie a enregistré une croissance remarquable de 57% des détections, entraînée par une augmentation de 163% des logiciels publicitaires et une augmentation de 83% des détections HIDDENAPPS.Alors que les utilisateurs d'Android dans le monde sont ciblés, le [& # 8230;]
Our recent Threat Report showed that while, on the whole, overall threat detections fell by 13.2%, there was one category that thrived: Android. The category registered a remarkable growth of 57% in detections, driven by a 163% increase in Adware and an 83% increase in HiddenApps detections. Whilst Android users worldwide are being targeted, the […] |
Threat | ★★ | |
|
2023-05-18 10:18:31 | Key Metrics In Evaluating DevOps Threat Matrix (lien direct) | Un autre est la violation de CodeCov, où l'attaque a été faite sur leurs images et informations d'identification Docker, et les données privées de milliers de clients ont été volées.Cela montre que les conséquences des attaques réussies peuvent être sévères, comme en témoignent ces incidents très médiatisés. & # 160; En réponse à ces menaces, & # 160; Microsoft & # 160; a mené des recherches approfondies sur les techniques que les acteurs malveillants [& # 8230;]
Another is the codecov breach, where the attack was made on their docker images and credentials, and the private data of thousands of customers were stolen. This shows that the consequences of successful attacks can be severe, as evidenced by these high-profile incidents. In response to these threats, Microsoft has conducted extensive research into the techniques that malicious actors […] |
Threat | ★★ | |
|
2023-05-15 10:54:38 | 5,8 millions de personnes touchées par la violation de données à Pharrica 5.8 Million People Affected by Data Breach at PharMerica (lien direct) |
Le 8 avril, l'organisation de ransomware de message monétaire a attaqué le National Pharmacy Network Pharmerica et sa société mère.L'activité de santé à domicile et communautaire BrightSpring Health.Les acteurs de la menace ont exposé des données de preuves, une déclaration a été obtenue auprès de BrightSpring, et des preuves et des allégations supplémentaires ont été obtenues par message monétaire.Message de l'argent a informé Databreaches le 14 avril [& # 8230;]
On April 8 that the Money Message ransomware organization attacked the national pharmacy network PharMerica and its parent company. The home and community healthcare business BrightSpring Health. Threat actors exposed evidence data, a statement was obtained from BrightSpring, and additional evidence and allegations were gained via Money Message. Money Message informed DataBreaches on April 14 […] |
Ransomware Data Breach Threat | ★★ | |
|
2023-05-04 12:02:59 | Meta déracine les opérations de cyber-espionnage des médias sociaux en Asie du Sud Meta Unravels Social Media Cyber Espionage Operations In South Asia (lien direct) |
Des centaines de faux profils bien développés sur Facebook et Instagram ont été utilisés par trois acteurs de menace distincts pour lancer des assauts séparés contre des utilisateurs d'Asie du Sud.Pour diffuser leurs logiciels malveillants et voler des informations sensibles, chacun de ces APT s'est considérablement appuyé sur l'ingénierie sociale, selon Guy Rosen, le chef de la sécurité de l'information de Meta.Ils ont pu [& # 8230;]
Hundreds of well-developed fake profiles on Facebook and Instagram were used by three separate threat actors to launch separate assaults on users in Southern Asia. To spread their malware and steal sensitive information, each of these APTs leaned significantly on social engineering, according to Guy Rosen, Meta’s chief information security officer. They were able to […] |
Malware Threat | ★★ | |
|
2023-04-29 16:26:26 | Résumé hebdomadaire des nouvelles et des événements cette semaine Weekly Summary Of News And Events This Week (lien direct) |
Un résumé des nouvelles et des événements qui se sont produits cette semaine avec des ransomwares, des violations de données, l'interdiction des développeurs & # 8217;comptes, etc. Pages jaunes Canada Alertes de cyberattaque La cyberattaque Black Basta à des pages jaunes Canada montre la menace continue des cyberattaques et des violations de données aux entreprises et aux organisations.Pour lutter contre ces dangers, des mesures de cybersécurité en cours [& # 8230;]
A summary of news and events that happened this week with ransomware, data breaches, the banning of developers’ accounts, etc. Yellow Pages Canada Alerts of Cyberattack The Black Basta cyber attack on Yellow Pages Canada shows the continued threat of cyber-attacks and data breaches to businesses and organizations. To combat these dangers, ongoing cybersecurity measures […] |
Threat | ★★ | |
|
2023-04-29 12:36:46 | Un regard complet sur les menaces par e-mail en 2023 A Comprehensive Look At Email-Based Threats In 2023 (lien direct) |
Il s'ensuit que les vecteurs ayant une plus grande exposition à Internet attirent également plus d'attention des acteurs de la menace.Pour cette raison, les acteurs malveillants exploitent fréquemment des serveurs de courriels publics, et une grande variété de cyber dangers peuvent se propager à travers eux.Nous avons trouvé des modèles intéressants après avoir examiné un échantillon représentatif de nos e-mails 2022.La sécurité des e-mails 2023 [& # 8230;]
It follows that vectors with greater internet exposure will also attract more attention from threat actors. Because of this, malicious actors frequently exploit public email servers, and a wide variety of cyber dangers can spread through them. We found some interesting patterns after reviewing a representative sample of our 2022 emails. The 2023 Email Security […] |
Threat | ★★ | |
|
2023-04-20 12:06:29 | Raspberry Robin adopte les techniques d'évasion initiées Raspberry Robin Adopts Initiates Evasion Techniques (lien direct) |
Les chercheurs en sécurité de Check Point Research (RCR) ont publié un avis qui détaille les techniques d'évasion uniques employées par des acteurs de la menace qui comptent sur le malware de Raspberry Robin pour éviter la détection.Dans l'avis publié mardi, les experts en RCR expliquent les nouvelles fonctionnalités malveillantes et fournissent des détails techniques sur la façon de se prémunir contre eux.Selon CPR Security [& # 8230;]
Security researchers at Check Point Research (CPR) have released an advisory that details the unique evasion techniques employed by threat actors who rely on the Raspberry Robin malware to avoid detection. In the advisory published on Tuesday, CPR experts explain the novel malware features and provide technical details on how to guard against them. According to CPR security […] |
Malware Threat | ★★ | |
|
2023-04-12 10:11:20 | Top 17 outils de phishing en ligne gratuits Top 17 Free Online Phishing Tools (lien direct) |
Avec l'augmentation des transactions en ligne et de la communication numérique, la menace des escroqueries à phishing est devenue plus répandue que jamais la nécessité d'outils de phishing.Les escroqueries de phishing sont devenues de plus en plus courantes ces dernières années et peuvent menacer considérablement votre sécurité en ligne.Selon le rapport de l'IBM, le phishing constituait 16% des méthodes d'attaque principales utilisées dans [& # 8230;]
With the increase in online transactions and digital communication, the threat of phishing scams has become more prevalent than ever hence the need for phishing tools. Phishing scams have become increasingly common in recent years and can significantly threaten your online security. As per IBM’s report, phishing constituted 16% of the primary attack methods used in […] |
Threat | ★★★ | |
|
2023-04-04 16:06:23 | Arid Viper utilisant des logiciels malveillants améliorés dans les cyberattaques du Moyen-Orient Arid Viper Using Upgraded Malware In Middle East Cyberattacks (lien direct) |
Depuis septembre 2022, les entités palestiniennes sont ciblées par Arid Viper, un acteur de menace observé à l'aide de versions mises à jour de sa boîte à outils malware.Selon Symantec, qui surveille le groupe sous le nom de Mantis, l'adversaire prend des mesures importantes pour maintenir une présence continue sur les réseaux qu'elle cible.Kaspersky, dans un rapport publié en février 2015, [& # 8230;]
Since September 2022, Palestinian entities have been targeted by Arid Viper, a threat actor observed using updated versions of its malware toolkit. According to Symantec, which monitors the group under the name Mantis, the adversary is taking significant measures to sustain a continual presence on the networks it targets. Kaspersky, in a report published in February 2015, […] |
Malware Threat | APT-C-23 | ★★ |
|
2023-03-08 10:33:22 | Security 360 Reports Shows That Threat Actors Are Targeting BYOD And Company Devices (lien direct) | Jamf Threat Labs reveals that organisations are still using out-of-date software on devices, exposing them to cyber threats Jamf (NASDAQ: JAMF) today announced the release of its latest Security 360 Report analysing the threats impacting devices used in the modern workplace. A significant finding from the report is that 1 in every 5 devices ran an operating system […] | Threat | ★★★ | |
|
2023-03-07 15:07:35 | Acer\'s Sensitive Data Allegedly For Sale On A Hacker Forum (lien direct) | Taiwan-based computer hardware and electronics company Acer is facing another potential data breach as a threat actor claimed to have posted the company’s sensitive data for sale on a popular hacking forum. According to reports, the data allegedly contains confidential product model documentation, binaries, backend infrastructure, and other sensitive data, which the attacker claims was […] | Data Breach Threat | ★ | |
|
2023-03-06 19:33:22 | An Essential Guide To Threat Modeling Cloud Platform (lien direct) | Threat modeling is a proactive method for locating the points of entry on a system’s attack surface, listing the threats, and putting security measures in place. Its main objective is to guard against security lapses. An illustration of a system’s architecture has always served as the basis for this. Threat modeling technically is not exclusive […] | Threat Cloud | ★★★ | |
|
2023-03-03 10:45:58 | Chick-fil-A Admits Accounts Hacked In “Automated” Attack (lien direct) | Chick-fil-A, an American fast food company, has acknowledged that consumers’ accounts were compromised in a months-long credential stuffing assault, giving threat actors access to personal data and the ability to use saved reward balances. Chick-fil-A started looking into what it called “strange activity” on consumers’ accounts in January. Chick-fil-A created a support page at the […] | Threat | ★ | |
|
2023-02-28 09:42:43 | LastPass DevOps Engineer Breached To Steal Password Vault Data (lien direct) | LastPass DevOps engineers were compromised because they had access to the decryption keys. LastPass detailed an “organized second attack” in which a threat actor took data from Amazon AWS cloud storage servers for two months. Threat actors obtained partially encrypted password vault data and customer data from LastPass in December. The well-known password manager LastPass […] | Threat Cloud | LastPass | ★ |
|
2023-02-24 16:07:11 | New S1deload Malware Hijacking Youtube And Facebook Accounts (lien direct) | A new malware campaign called S1deload Stealer has been discovered by Bitdefender’s Advanced Threat Control (ATC) team, targeting YouTube and Facebook users. The malware infects computers, hijacks social media accounts, and uses devices to mine cryptocurrency. Security researchers discovered that the malware uses DLL sideloading to evade detection. Bitdefender products detected over 600 unique users […] | Malware Threat | ★★★ | |
|
2023-02-15 10:06:57 | RedEyes Hackers Adopts New Malware, Steals Data From Devices (lien direct) | The APT37 threat group targets people for intelligence gathering using the new elusive “M2RAT” malware and steganography. North Korea’s APT37, sometimes referred to as “RedEyes” or “ScarCruft,” is a hacker collective thought to be funded by the government. The hacker gang was observed in 2022 using Internet Explorer zero-day vulnerabilities to distribute a wide range […] | Malware Threat Cloud | APT 37 | ★★ |
|
2023-02-09 10:10:48 | Weee! Acknowledges Data Leak,1.1 million People Impacted (lien direct) | A data breach at the Weee! Asian and Hispanic meal delivery business exposed the private data of 1.1 million clients. Weee! bills itself as the most prominent Asian and Hispanic supermarket in North America, shipping groceries to all 48 states via its network of warehouses. On Monday, a threat actor named “IntelBroker” started leaking information […] | Data Breach Threat | ★★★ | |
|
2023-01-26 09:44:29 | 820K Zacks Investment Research Clients Impacted By Data Breach (lien direct) | The company Zacks Investment Research (Zacks) was infiltrated by hackers last year, allowing them access to 820,000 clients’ sensitive and personal data. The 1978-founded business uses cutting-edge financial data analytics systems to assist stock buyers. A threat actor entered the network between November 2021 and August 2022, according to an internal examination of the incident. […] | Data Breach Threat | ★★ | |
|
2023-01-19 11:05:12 | Mailchimp Reports Data Breach, Employees Records Exposed (lien direct) | Hackers gained access to an internal customer assistance and account administration tool, and the email marketing company MailChimp had another breach that gave threat actors access to the information of 133 customers. According to MailChimp, the attackers used social engineering to trick contractors and workers of the company into giving them access to employee login […] | Threat | ★ | |
|
2023-01-17 10:44:11 | Cyber Threat Landscape Study 2023: Outpost24\'s Honeypot Findings From Over 42 Million Attacks (lien direct) | The Outpost24 research team have released the results of attack data gathered from a network of honeypots deployed to gather actionable threat intelligence. In total, 42 million attacks were registered between January 1st and September 30th 2022, with 20 honeypots evenly distributed around the world. A detailed research report, which is available to view here, uncovered the following key attack […] | Threat | ★★ | |
|
2023-01-11 14:13:11 | Kinsing Malware Hits Kubernetes Clusters By Flawed PostgreSQL (lien direct) | As of late, Kubernetes clusters have been actively breached by the Kinsing malware, which exploits vulnerabilities in container images and misconfigured, exposed PostgreSQL containers. While not new, the Defender for Cloud team at Microsoft has noticed a spike in recent months, suggesting that the threat actors are increasingly focusing on narrow access points. Kinsing is […] | Malware Threat | Uber | ★★ |
|
2023-01-05 10:55:38 | 235 Million Twitter Users Leaked In Biggest Data Leak (lien direct) | A well-known hacker site allegedly dumped a database containing the email addresses of over 235 million Twitter users and is being sold for roughly $200,000. According to a cyber intelligence company, this data leak has the potential to rank among the greatest ever discovered for the social media platform. Threat actors and data breach hunters […] | Data Breach Threat | ★★★ | |
|
2022-12-29 12:13:32 | Digital Assets of $9.9 Million Stolen in BitKeep Cyber Attack (lien direct) | Singapore-based decentralized multi-chain crypto wallet, BitKeep, confirmed on Wednesday that it was the target of a cyberattack that resulted in the theft of an estimated $9.9 million worth of digital assets. The attack, which took place on December 26, 2022, allowed threat actors to distribute fraudulent versions of BitKeep’s Android app in an effort to […] | Threat | ★★★ | |
|
2022-12-24 14:39:50 | Review: 10 Biggest Hacks and Cyber Security Threats of 2022 (lien direct) | In 2022, the threat of cyber-attacks, hacks, and security breaches loomed large, with numerous high-profile incidents impacting companies and individuals alike. The year saw a range of cyber security threats, from data breaches and phishing schemes to DDoS attacks. Both in terms of cybersecurity and business generally, the past couple of years have been anything […] | Threat | ★★ | |
|
2022-12-22 14:03:30 | Brazilian Bank Users Are the Target of a New BrasDex Malware (lien direct) | Cybercriminals have recently launched a new Android trojan called BrasDex that targets Brazilian bank users. This trojan is part of a more extensive, ongoing multi-platform campaign that has been attributed to the threat players behind the Windows banking malware Casbaneiro. Dutch security firm ThreatFabric published a report last week stating that BrasDex has “a very […] | Malware Threat | ★★ | |
|
2022-12-11 16:52:35 | 2023 Cybersecurity Predictions (lien direct) | What types of applications do you anticipate being more vulnerable to cyber incidents. In 2023 due to poor or insecure code? Due to heightened threat activity against targets in the healthcare sector. There was a 69% year-over-year increase in the number of cyber attacks across all sectors in 2022. Unfortunately, I think it will go […] | Threat | ★★★ | |
|
2022-11-14 11:38:04 | UK Banks Bolstering Defences As Russian Cyber Threat Rises (lien direct) | As reported by the Mail on Sunday, Britain’s biggest banks have bolstered their defences against a Russian cyber attack. The plan will mean close co-operation between lenders, so that if hackers took down one bank’s website, its customers would still be able to access their online accounts via another. It involves the use of open banking […] | Threat | ||
|
2022-11-11 11:55:16 | Malware Campaign Redirects 15,000 Sites (lien direct) | It has been reported that security researchers have spotted an intriguing malware campaign designed to increase the search engine rankings of spam websites under the control of threat actors. | Spam Malware Threat | ||
|
2022-11-10 13:40:53 | Advanced RAT AgentTesla Revealed As Most Widespread Malware In October (lien direct) | It has been reported that info-stealing malware accounted for the three most widespread variants in October, comprising nearly a fifth (16%) of global detections, according to Check Point. The security vendor's Global Threat Index for October 2022 is compiled from hundreds of millions of its own threat intelligence sensors, installed across customer networks, endpoints and mobile devices. | Malware Threat | ||
|
2022-11-02 14:14:23 | (Déjà vu) Dropbox Says It Has Been Breached By Hackers, Experts Reactions (lien direct) | Dropbox has suffered a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The company discovered the attackers breached the account on October 14 when GitHub notified it of suspicious activity that started one day before the alert was […] | Threat | ||
|
2022-10-17 09:44:06 | Riskiest IoT Devices – Cameras, VoIP And Video Conferencing (lien direct) | In a report released Wednesday, Forescout's research team, Vedere Labs, have updated their findings on the riskiest devices in enterprise networks in 2022. By analyzing the millions of IoT devices in Forescout's Device Cloud, they identified recurring attack vectors and how threat actors are taking advantage of the increased proliferation of devices throughout every enterprise. […] | Threat | ||
|
2022-09-30 14:33:47 | How To Outsmart Increasingly Complex Cyber Attacks (lien direct) | Threat detection is harder today than it was two years ago. Next year will be harder than this year. Why? It's a compounding effect from skills shortages and threat varieties that's making it more challenging for any one product to handle key security wins. And cyber security is a constantly evolving sector with 2022 a devastating […] | Threat | ||
|
2022-09-23 13:14:19 | Microsoft Exchange Hack (lien direct) | Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails. The attacker then used this inbound connector and transport rules designed to help evade detection to deliver phishing emails through the compromised Exchange servers. | Hack Threat | ||
|
2022-09-22 17:23:44 | Organisations Need To Adopt Predictive And Proactive Threat Detection Software To Counter Cyber-attacks (lien direct) | As technology evolves, we often think of the benefits it can brings to organisations with new software and programmes being created to enhance society as a whole. But we often overlook the fact that these new, innovative products and systems are also available to those who want to do harm – specifically cyber criminals. In […] | Threat | ||
|
2022-09-22 17:14:20 | Credential Stuffing Accounts For One-third Of Global Login Attempts, Okta Finds (lien direct) | Okta's global State of Secure Identity Report has found that credential stuffing is the top threat against customer accounts, outpacing legitimate login traffic in some countries. The report presents trends, examples and observations unearthed from the billions of authentications on Okta's Auth0 platform. Credential stuffing is when attacks take advantage of the practice of password […] | Threat | ||
|
2022-09-21 14:52:54 | Rockstar GTA Leak – Dark Web Research (lien direct) | Following news that Rockstar Games have been hacked, resulting in a data leak (https://www.bbc.co.uk/news/technology-62960828), Louise Ferrett, Threat Intelligence Analyst at Searchlight Security has found by scanning the dark web that: “Users on cybercriminal and dark web forums are pointing to a member of LAPSUS$ as the perpetrator of the cyberattack against Rockstar that has led to the leak of […] | Threat | ||
|
2022-09-15 12:48:44 | Unpatched And Outdated Medical Devices Provide Cyber Attack Opportunities (lien direct) | According to a new report, the FBI has identified an increasing number of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security features. Cyber threat actors exploiting medical device vulnerabilities adversely impact healthcare facilities' operational functions, patient safety, data confidentiality, and data integrity. Medical device vulnerabilities predominantly […] | Threat |
To see everything:
Our RSS (filtrered)
