What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-01 16:09:14 | Armis and Eseye joint solution reliably secures connected devices on cellular networks (lien direct) | Global connectivity specialist Eseye and agentless device security platform provider, Armis, have announced the general availability of a joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity. The joint solution addresses how digital transformation has created a new generation of connected […] | ★★ | ||
|
2022-02-01 14:30:51 | One in seven ransom extortion attempts leak key operational data (lien direct) | One in seven ransomware extortion data leaks are revealing technology data critical to business operation, researchers say. In recent years, ransomware has catapulted in severity from its early days as barebone encryption and basic demand for payment. Historically, ransomware was used to infect systems and extort payments from the general public, typically in cryptocurrency such […] | Ransomware | ||
|
2022-02-01 12:14:23 | FBI warn olympians to leave devices at home (lien direct) | The FBI has sent out an alert to warn attendees and athletes going to the Beijing Winter Olympics to leave mobiles and other devices at home due to the risk of potential cybercrime activities at the event. The alert was published yesterday by US law enforcement, who claimed that although they are not aware of […] | |||
|
2022-01-31 16:10:58 | Cyber attacks at an all time high for UK corps (lien direct) | A new survey of 450 top finance and risk professionals at UK-listed companies have found that nearly two-thirds of organisations have experienced a data breach or cyber attack in the first year and a half of the pandemic. The research also found that the rise in cyber attacks led to the loss of money and […] | Data Breach | ||
|
2022-01-31 11:45:04 | $2m Bug Bountry offered to Hackers (lien direct) | Qubit Finance revealed last week that attackers exploited a vulnerability in its QBridge deposit function, resulting in a loss of $80m. The hackers stole a large amount of Ethereum by converting it into Binance coins and exploiting the vulnerability to withdraw the Binance tokens without depositing any of the Ethereum. Qubit has addressed the attackers […] | Vulnerability | ||
|
2022-01-28 16:13:03 | White House: Industrial Control Systems Cybersecurity Initiative to be extended to the water sector (lien direct) | On Thursday 27th of January, the Biden-Harris Administration announced it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the water sector. The Water Sector Action plan outlines surge actions that will take place over the next 100 days to improve the cybersecurity of the sector. The action plan was developed in close partnership […] | |||
|
2022-01-28 15:52:38 | A 19 year old security researcher was able to hack 25+ Teslas. Here\'s what happened (lien direct) | A 19-year-old security researcher named David Colombo detailed how he was able to remotely unlock the doors, open the windows, blast music, and start keyless driving for dozens of Teslas, WIRED reported. The vulnerabilities he exploited to do so aren’t in Tesla software itself, but in a third-party app. Salt Security‘s Michael Isbitsky, technical evangelist, […] | Hack | ||
|
2022-01-28 08:30:07 | Malware source code discovered on GitHub puts millions of IoT devices at risk (lien direct) | The nefarious minds behind a dangerous malware called BotenaGo have uploaded the source code to GitHub on October 16th 2021 according to new research by security researchers at AT&T Alien Labs. This could mean hackers around the world, who now have access to this source code, have the ability to create their own versions of […] | Malware | ||
|
2022-01-27 17:05:20 | FluBot and TeaBot malware targeting androids worldwide (lien direct) | Bitdefender’s Mobile Threat researchers have warned about some newly discovered Flubot and Teabot campaigns. The researchers claim that since December 2021 they have intercepted over 100,000 malicious SMS messages which were aiming to distribute Flubot malware. The researchers have said that they have observed that the attacks are more active in Germany, Spain, Poland, Australia, […] | Malware Threat | ||
|
2022-01-27 12:15:19 | API and database issues cause Discord outage (lien direct) | Discord has announced that it suffered a ‘massive outage’, which affected user login and the voice chat features. The outage begun at 2:49 PM EST and came down to an issue with the application programming interface (API) that interrupted the communication between various services. While this issue was quickly resolved, Discord discovered another problem with […] | |||
|
2022-01-25 12:57:07 | OpenSea loophole allows purchase of NFTs for discounted prices (lien direct) | Yesterday, Elliptic, a blockchain security company, alongside multiple other users, took to Twitter to speak out about a bug found in OpenSea, an NFT marketplace. A flaw in the platform has allowed attackers to buy NFTs for a price much lower than what is listed on the platform. The issue affects Mutant Ape Yacht Club, […] | ★★★★★ | ||
|
2022-01-25 11:29:11 | Belarus Hacktivists launch ransomware on Railway (lien direct) | In protest of President Alexander Lukashenko and Russian troop movements through the country, Belarussian hacktivists have launched a ransomware attack against the railway systems. The Cyber-Partisans announced their attack on Twitter on Monday, along with a list of demands in exchange for the encryption keys. The attack has crippled the system and disrupted ticket sales, […] | Ransomware | ||
|
2022-01-25 11:09:32 | AT&T Cybersecurity Insights Report: Securing the Edge (lien direct) | The 11th annual AT&T Cybersecurity Insights Report has been released today. Entitled Securing the Edge, it contains important insight into how organisations globally are architecting and securing edge initiatives, as well as some guidance on security essentials at the edge. “We are seeing organisations moving away from centralised computing models to decentralised ones, like edge, and […] | |||
|
2022-01-25 10:13:21 | Has that password been compromised? (lien direct) | Password security has many well-debated weaknesses but one that gets surprisingly little attention is how organisations can know whether and when theirs have been compromised by outsiders. This lack of interest is surprising. Almost all cyberattacks today, including ransomware attacks, exploit stolen or leaked credentials (a password + username), which makes any compromise a critical incident in the making. The traditional defence is to change […] | Ransomware | ||
|
2022-01-24 13:16:36 | (Déjà vu) Seventeen vulnerabilities added to Known Exploited Vulnerabilities Catalog (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) this week have added seventeen actively exploited vulnerabilities to the Known Exploited Vulnerabilities Catalog. These latest vulnerabilities bring the catalog up to a total of 341 vulnerabilities, and 10 of the newest 17 must be patched by the first week of February. In the list of 17 vulnerabilities, […] | |||
|
2022-01-24 12:41:07 | MPs say some illegal content could evade new Online Safety Bill (lien direct) | The government has claimed that its newly introduced Online Safety Bill will make the UK “the safest place in the world to be online”, but some have criticised the bill, warning that it doesn’t go far enough to combat things like cyber-flashing, child abuse or violence against women and girls. The BBC reported that […] | |||
|
2022-01-24 11:53:43 | FBI alert: malicious QR codes stealing money (lien direct) | This week, Americans have been warned to watch out for maliciously crafted QR codes aimed at stealing credentials and financial information. The FBI posted this warning on their Internet Crime Complaint Center (IC3) last week. In the statement, the law enforcement agency said: “Cybercriminals are tampering with QR codes to redirect victims to malicious sites […] | |||
|
2022-01-20 10:54:37 | Red Cross Hack exposes data of 515,000 (lien direct) | It has been reported that the International Committee of the Red Cross has recently suffered a cyber-attack, during which the data of more that 515,000 vulnerable people was accessed and seized. Some of the individuals affected recently fled conflicts. The ICRC confirmed the attack in a published statement: “A sophisticated cybersecurity attack against computer servers […] | Hack | ||
|
2022-01-18 11:31:52 | Spoof Nintendo sites advertising discounted Switch consoles (lien direct) | A new scam website has been impersonating Nintendo’s official website, pretending to sell discounted Nintendo Switch consoles. Last week, the Japanese video game company warned customers to be wary of the scam. Nintendo rarely warns customers of such issues, so it has been said that this gives insight into the severity of the scams. On […] | |||
|
2022-01-18 11:13:32 | DHL most imitated brand in phishing scams (lien direct) | In Q4 of 2021, DHL was threat actors’ preferred brand to imitate when launching phishing campaigns. This pushed Microsoft into second place and Google into fourth. These findings were unsurprising as the last three months of the year include holidays such as Black Friday, Cyber Monday and Christmas; holidays that hackers frequently exploit as victims […] | Threat | ||
|
2022-01-17 11:47:01 | Alleged REvil hackers charged in court (lien direct) | Eight people have been charged by Moscow court for their alleged involvement in the REvil ransomware gang, Russian News Agency (TASS) reported. The arrests were made as part of a larger raid on Friday across 25 locations in Moscow, St. Petersburg and Lipetsk. The men were charged on Saturday with violating Part 2 of Article […] | Ransomware | ||
|
2022-01-17 11:46:59 | Millions of UK Wi-Fi routers are vulnerable to security threats (lien direct) | Researchers at Broadband Genie have found that millions of Wi-Fi routers in the UK are left vulnerable to threats because their owners don’t take the basic security measures to protect them. Broadband Genie surveyed 1,320 broadband users, with 88% stating that they have never updated their Wi-Fi router’s firmware, while 84% have never even bothered […] | ★★★★ | ||
|
2022-01-17 11:11:42 | Romance Fraudster who Targeted more than 650 Victims has been Convicted for Two Years (lien direct) | A London-based cyber fraudster who targeted 670 women, including one who was terminally ill, has been arrested by UK police and pleaded guilty to fraud and money laundering charges. Taking more than £20,000 from his marks, Osagie Aigbonohan operated out of a flat in Abbey Wood, London. Police arrested Aigbonohan in July 2021 after […] | Guideline | ★★★ | |
|
2022-01-14 16:04:19 | The FCC propose new rules for data breach reporting (lien direct) | The Federal Communications Commission (FCC) has called for more in-depth requirements for data breach reporting in the telecommunications industry. The proposal follows the recent increase of attacks seen in the telecommunications sector. The proposal was shared on Wednesday by the Chairwoman of the FCC, Jessica Rosenworcel, in a Notice of Proposed Rulemaking (NPRM). The proposal […] | Data Breach | ★★★★★ | |
|
2022-01-14 15:40:09 | Ukrainian government targeted in cyberattack (lien direct) | Over a dozen Ukrainian government website have been down since Friday, following a cyber-attack that also targeted the embassies. Among the embassies impacted were the UK, US and Sweden, as well as the foreign and education ministries. It is still unclear who is behind the attack. Before the website went down a message appeared on […] | |||
|
2022-01-13 14:02:59 | Lazarus Group, Cobalt Gang and FIN7 the Worst Threat Actors Targeting the Financial Services Sector (lien direct) | A new industry report by Blueliv, an Outpost24 company, has deep dived into the evolving threat landscape that is surrounding the financial services sector. Using advanced threat intelligence gathered by Blueliv's Threat Compass; the 'Follow the Money' report reveals the main cyber threats and the culprits behind these malicious attacks to forewarn these vital institutions. Threat intelligence gathered by Blueliv from the dark web and deep web showed that the main cyberthreats targeting the industry included: Phishing, […] | Threat | APT 38 | |
|
2022-01-13 10:46:50 | EU to launch Cyberattack simulations on supply chains (lien direct) | Later this week, EU governments will be staging a large-scale cyberattack against multiple of the member states. The attacks will specifically target supply chains and will aim to push governments to coordinate public communications and a diplomatic response. This exercise will last around six weeks and its purpose is to test Europe’s stress resilience, strengthen […] | |||
|
2022-01-12 11:28:55 | Several EA accounts compromised by phishing mails (lien direct) | Recently, it has been revealed that several EA Sports accounts were compromised by hackers via phishing techniques. The threat-actors exploited EA’s live chat, targeting high-profile players for account takeover. The attackers utilised social engineering methods, exploiting errors within the customer experience team and using this to bypass two-factor authentication. As a result, EA has released […] | |||
|
2022-01-11 15:32:35 | KITEWORKS AND TOTEMO JOIN FORCES TO DELIVER MOST COMPREHENSIVE PRIVATE CONTENT COMMUNICATIONS PLATFORM (lien direct) | London, UK, January 11, 2022 – Kiteworks, which governs and protects sensitive digital content moving within, into, and out of global enterprises, announced today that Kiteworks and totemo, the leading email encryption gateway provider used by hundreds of the largest multinational enterprises in the German, Austrian, and Swiss markets, have joined forces. Integration of totemo's email encryption […] | Guideline | ||
|
2022-01-11 13:21:36 | Cyber attacks on corporations hit record breaking highs (lien direct) | New data has found that the number of global weekly cyberattacks has reached the highest record to date. The data has shown that there were 925 attempts per organization in Q4 2021. The data also revealed that the number of attempted attacks has been on a steady increase since Q2 2020, having seen 50% more […] | ★★★★ | ||
|
2022-01-11 11:43:30 | How banks can help counter Human Trafficking (lien direct) | Today marks National Human Trafficking Awareness Day. While predominately recognised in the US, it is for sure a global issue that banks can help address with the right technology and training, according to Brian Ferro, director of AML at Feedzai and certified anti-money laundering specialist. More than 40 million people are trapped in modern-day slavery, […] | |||
|
2022-01-11 11:19:31 | £92m lost to romance scammers in 2021 (lien direct) | Users of dating sites have been warned to be weary of romance scams between Christmas Day and Valentine’s Day. This is because during this time, scammers are out in full force seeking to establish contact and build rapport with victims and extort them for money. According to the National Fraud Intelligence Bureau (NFIB), just last […] | |||
|
2022-01-11 10:21:52 | DDoS Attacks Increasing Again (lien direct) | Distributed denial-of-service (DDoS) attacks are increasingly being accompanied by huge demands against their marks, according to an annual survey from Cloudflare. Ransom-motivated DDoS attacks increased 29% year-on-year and 175% between Q3 2021 and Q4 2021, according to the research on cyberattack trends showing that companies must do more to prevent DDoS attack vectors. The manufacturing […] | |||
|
2022-01-10 12:49:54 | NPM libraries \'colors\' and \'faker\' corrupted (lien direct) | Applications using the open-source libraries ‘colors’ and ‘faker’ have been breaking and printing gibberish. These libraries serve hundreds of thousands of projects, with millions of weekly downloads for open-source projects like Amazon’s Cloud Development Kit. Projects that were using the code began to print messages, including text, such as ‘LIBERTY LIBERTY LIBERTY’, to the surprise […] | |||
|
2022-01-10 11:25:50 | The latest on the Log4j vulnerability (lien direct) | The threat posed by the Log4j vulnerability hasn’t gone away over the holidays, with the UK’s National Health Service (NHS) issuing a warning that hackers are actively targeting the security flaw and recommending that organisations within the health service apply the necessary updates in order to protect themselves. “Affected organisations should review the VMware Horizon […] | Vulnerability Threat | ||
|
2022-01-10 10:59:54 | Cyberattack causes jail lockdown (lien direct) | An emergency notice was filed by Bernalillo County in federal court last week, after a ransomware attack affected the Metropolitan Detention Center. The incident made it impossible for the MDC to comply with terms of a settlement agreement in a lawsuit over the jail conditions. The attack impacted the offices and systems in a variety […] | Ransomware | ||
|
2022-01-05 12:17:46 | DatPiff\'s users\' data available on hacking forum (lien direct) | Around 7.5 million DatPiff users‘ account credentials and emails are available to download on RaidForum, a popular hacking forum. DatPiff is a mixtape hosting site that allows users to upload or download samples for free. The site has gained over 15 million users since launching in 2005. It appears that DatPiff’s users’ data has been […] | |||
|
2022-01-04 14:29:33 | Exchange Server Bug Fixed (lien direct) | Messages from corporate emails were being undelivered at the start of the new year due to a Microsoft Exchange Server bug. Microsoft published an update on 1st January 2022, stating that emails were getting stuck in transport queues of on-premise Exchange Servers. This problem was caused by a “date check failure” in the servers malware […] | Malware | ||
|
2022-01-04 13:44:32 | Vulnerability lets anyone send emails from Uber.com (lien direct) | Researcher Seif Elsallamy recently discovered a vulnerability in Uber’s emailing system, which allows anyone to send an email on behalf of the company. If exploited, threat actors would be able to email the 57 million Uber users and drivers whose data was leaked in the 2016 data breach. Uber has been made aware of the […] | Vulnerability Threat | Uber Uber | |
|
2022-01-04 12:44:43 | Broward Health data breach exposes data of 1,357,879 individuals (lien direct) | Broward Health, a Florida-based healthcare system with over thirty locations, has suffered a significant data breach impacting over a million individuals. The incident took place last October, and Broward Health was able to identify the intrusion four days after the compromise. Authorities were informed immediately, and employees were invited to reset their credentials. It now […] | Data Breach | ||
|
2022-01-04 12:12:43 | New iOS vulnerability DoS bug revealed (lien direct) | A new denial of service (DoS) vulnerability dubbed “doorLock” was recently revealed in Apple HomeKit, impacting iOS 14.7 through 15.2. Apple HomeKit is a software framework that lets iPhone and iPad users control smart home appliances from their devices. According to the researcher who disclosed the details, Apple has been aware of the vulnerability since […] | Vulnerability | ||
|
2021-12-24 12:12:42 | The IT Security Guru Buyer\'s Guide 2022 (lien direct) | Cybersecurity and compliance are now essential pillars within the modern enterprise. They are integral to the business continuity and legal responsibility of every organization, large or small. What's more, these obligations are exponentially more complex than they were just 5 years ago. However, since these are relatively new obligations that means finding the best vendors […] | ★★★★★ | ||
|
2021-12-24 11:41:17 | Flaw behind Gatekeeper bypass fixed on macOS (lien direct) | Apple has fixed the macOS vulnerability that could be exploited by unsigned and unauthorized script-based apps to bypass macOS security protocols on fully patched systems. The flaw was identified as CVE-2021-30853, and the vulnerability has been addressed on macOS 11.6. | Vulnerability | ||
|
2021-12-24 11:32:34 | (Déjà vu) Unique cyber-attacks declined for the first time in 3 years (lien direct) | New data has found that unique cyber-attacks have declined for the first time since 2018. The research has shown that in Q3 2021 there has been a 4.8% decline in unique attacks, which is the first decline recorded since 2018. The researchers have said that this reduction was mainly due to a decline in ransomware […] | Ransomware | ||
|
2021-12-24 11:24:05 | New CoinSpot phishing campaign discovered (lien direct) | A new phishing campaign is targeting CoinSpot cryptocurrency exchange users in order to steal two-factor authentication (2FA) codes. The threat actors are sending emails from a Yahoo email address, which replicates CoinSpot emails, asking recipients to cancel or confirm a withdrawal transaction. The researchers who discovered the campaign said “the threat actor observed here been […] | Threat | Yahoo Yahoo | |
|
2021-12-23 12:09:51 | Monongalia Health System victim to BEC attack (lien direct) | Monongalia Health System, Inc., a health system for three hospitals based in West Virginia, USA, has been hit by a business email compromise (BEC) scam. The health system provider was unaware that their cybersecurity defences had been infiltrated. They were alerted by a vendor who had reported not receiving payment in July 2021. Since alerted […] | |||
|
2021-12-23 11:56:33 | World\'s top cybsersecurity agencies warn of Apache vulnerability threats (lien direct) | The Fives Eyes intelligence alliance have warned that threat actors are actively exploiting an Apache vulnerability in the Log4j logging library. The Five Eyes alliance, consisting of cybersecurity agencies in US, UK, Australia, Canada and New Zealand, announced in a joint statement on Wednesday that, “sophisticated cyber threat actors are actively scanning networks to potentially […] | Vulnerability Threat | ||
|
2021-12-23 11:18:29 | Belgium\'s Military hit by cyber attack (lien direct) | The Belgium Defense Ministry has announced that it has experienced a cyberattack after threat actors exploited a Log4j vulnerability. The attack took place on December 16 and was confirmed this week. According to a Belgium military spokesman, Commander Olivier Séverin, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s […] | Threat | ||
|
2021-12-22 15:23:05 | What\'s in store for cybersecurity in 2022? (lien direct) | As 2021 draws to an end, it's safe to say it was an eventful year from a cybersecurity perspective. Ransomware became the go-to for cybercriminal gangs and insecure databases still plagued organisations. So, what's on the horizon for 2022? More of the same or will hackers turn their attentions elsewhere? We asked some security experts […] | Ransomware | ||
|
2021-12-22 10:23:46 | Just Dance latest cyber-attack victim (lien direct) | Popular gaming platform Ubisoft has this week confirmed a cyber attack, which affected the IT infrastructure of Just Dance. The gaming giant explained in a statement, that the attack was brought on by a misconfiguration, which was quickly fixed upon identification. However, before the remediation was issued, unauthorised individuals were able to access and potentially […] |
To see everything:
Our RSS (filtrered)
