What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-28 10:00:41 | Evolve as fast as the cybercriminals: Protect your business now, before it\'s too late (lien direct) | According to the 2022 Cyber Threat Report, 2021 saw a global average increase of 105% in the number of ransomware attacks. The 2022 State of the Phish report said that a staggering 82% of UK businesses that experienced a ransomware attack sent payment to the cyber criminals – believing this was the cheapest and easiest […] | Ransomware Threat | ||
|
2022-10-27 09:48:28 | Medibank Admits That All Customer Data Was Exposed (lien direct) | As reported by Medibank, an Australian health insurance giant, every one of its customers had their personal information accessed by ransomware actors-which happened a few days after Medibank had downplayed the aftermath of a recent breach. In a newly issued statement, Medibank admitted that the threat actors might have compromised all of its customers' personal […] | Ransomware Threat | ||
|
2022-09-30 13:10:39 | (Déjà vu) Malicious Campaign Uses Government, Union-Themed Lures to Deliver Cobalt Strike Payloads (lien direct) | Earlier this week, researchers at security firm Cisco Talos discovered a malicious campaign in August 2022 that relied on modularized attack techniques to deliver Cobalt Strike beacons and used them in follow–on attacks. It was reported that the company published a new advisory about the campaign on Wednesday saying the threat actors behind it used a […] | Threat | ||
|
2022-09-13 11:05:40 | Edinburgh\'s Adarma partners with The Princes Trust to support inclusivity in cybersecurity (lien direct) | Adarma, the UK's largest independent cyber threat management company, has today announced a new partnership with The Prince's Trust to launch a 'Get Started in Cybersecurity' programme aimed at empowering individuals between the ages of 21 and 30 with cyber skills training and driving greater inclusivity within the industry. Adarma's CEO, John Maynard, will join […] | Threat | ||
|
2022-09-01 09:55:06 | 1859 Apps Contain Hard-Coded AWS Credentials (lien direct) | Security researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials. This poses a huge security risk. Symantec’s Threat Hunter Team, a part of Broadcom Software, wrote in a report that “over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services.” […] | Threat | ||
|
2022-08-10 09:09:07 | Meta Take Action Against Two Cyber Espionage Operations in South Africa (lien direct) | Action has been taken against two cyber espionage operations in South Africa, according to Meta. Action has been taken against Bitter APT and APT36. The announcement was made by the company last Thursday in its Quarterly Adversarial Threat Report, Second Quarter 2022. In the report, Meta’s Global Threat Intelligence Lead, Ben Ninmo, and Director of […] | Threat Guideline | APT 36 | |
|
2022-07-28 09:20:39 | Microsoft Threat Intelligence Center Links Threat Group to Austrian Spyware Vendor DSRIF (lien direct) | Microsoft has linked the efforts of the threat group Knotweed to an Austrian spyware vendor. The group has so far used the malware dubbed ‘SubZero’ to attack groups in Europe and Central America. The Subzero malware, as used by Knotweed, can be used to hack a target’s phone, computers, network, and internet-connected devices. DSRIF markets […] | Malware Hack Threat | ||
|
2022-07-25 10:18:53 | (Déjà vu) Hacker Selling Twitter Account Data of Millions of Users (lien direct) | A threat actor used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million Twitter accounts. The data from the breach is now up for sale on a hacker forum for $30,000. A threat actor known as ‘devil’ said on a stolen data market that the database contains information […] | Vulnerability Threat | ||
|
2022-07-21 14:10:21 | Salt Security Platform Enhancements Make it Easier to Operationalise API Security (lien direct) | Salt Security, the leading API security company, has announced new enhancements to its next-generation Salt Security API Protection Platform, extending abilities in threat detection and pre-production API testing. The latest features include deeper and earlier insights into attacker behaviours and attack patterns, visual depictions of API call sequences, and support for attack simulation ahead of […] | Threat Guideline | ||
|
2022-07-21 10:13:51 | Russian Adversaries Target Google Drive and DropBox in Latest Campaign (lien direct) | Russian adversaries are taking advantage of trusted cloud services, like Google Drive and DropBox, to deliver malware to businesses and governments, according to new research. Researchers at Palo Alto Networks Unit 42 wrote that the threat actor Cloaked Ursula – AKA the Russian government-linked APT29 or Cozy Bear – is increasingly using online storage services […] | Malware Threat | APT 29 | |
|
2022-07-20 12:54:14 | Copycat DoS App Created by Russian Hackers to Target Ukraine (lien direct) | Researchers have discovered what they believe is the first recorded instance of Android malware distribution by prolific state-sponsored Russian hacking group Turla (aka Venomous Bear, amongst other names). The active persistent threat (APT) group is linked to Russia’s Federal Security Service (FSB), a successor to the KGB. It is currently involved in operations in operations […] | Malware Threat | ||
|
2022-07-14 10:28:29 | $8million Worth of Ethereum Stolen in Large Scale Uniswap Phishing Campaign (lien direct) | During an attack earlier this week, Uniswap, a popular decentralised cryptocurrency exchange, lost close to $8million worth of Ethereum. The cyberattack has impacted many investors in digital assets. The threat actors used the lure of free UNI tokens (airdrops) to trick victims into approving a transaction that gave hackers full access to wallets. The trap […] | Threat | ||
|
2022-07-13 10:44:43 | (Déjà vu) New Callback Phishing Attacks Sees Hackers Impersonate Cybersecurity Firms (lien direct) | Hackers are impersonating well-known cybersecurity companies in callback phishing emails to gain initial access to corporate networks. CrowdStrike have been recently targeted. Most phishing campaigns embed malicious links that lead to landing pages that steal login credentials or emails that include harmful attachments to install malware. Over the past year, threat actors have increasingly used […] | Threat Guideline | ||
|
2022-07-12 09:55:56 | (Déjà vu) Rolling-PWN Attacks Allow Hackers to Unlock Honda Cars Remotely (lien direct) | Security researchers have found that several modern Honda car models have a vulnerable rolling code mechanism that allows the cars to be unlocked and, sometimes, the engine to be started remotely. Named Rolling-PWN, the weakness enables replay attacks in which a threat actor intercepts the codes from the keyfob to the car and uses them […] | Threat | ||
|
2022-07-11 15:14:50 | Security Culture: fear of cyber warfare driving initiatives (lien direct) | KnowBe4, the provider of security awareness training and simulated phishing platform, has conducted a survey during Infosecurity Europe, which evaluated the opinions of nearly 200 security professionals towards security culture, or more specifically: the ideas, customs and social behaviours of an organisation that influence their security practices. The research found the threat of cyber warfare […] | Threat | ||
|
2022-07-04 10:17:26 | Threat Actor Group Claims Responsibility for High Profile University Hacks (lien direct) | Reportedly, CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. Used by a TA to get clicks […] | Hack Threat | ||
|
2022-07-04 10:03:31 | Microsoft Issue Updated Warning Against Known Cloud Threat Actor Group (lien direct) | Microsoft’s Security Intelligence team have issued a new warning against a known cloud threat actor group. Active since early 2017 and tracked as 8220, the group have now updated its malware toolset to breach Linux servers to install crypto miners as part of a long-running campaign. On Thursday, Microsoft wrote in a Twitter thread, “the […] | Malware Threat | ||
|
2022-06-29 12:11:21 | The Top Mobile Security Threats of 2022 (lien direct) | Whether you are ordering food online, booking a doctor’s appointment, or checking your balance, you are doing it through your phone. For many years we believed that we had a valid reason to trust our phone with sensitive information. Today, we have to acknowledge that this isn’t completely true and examine the risks inherent in […] | Threat | ||
|
2022-06-29 10:47:40 | (Déjà vu) Evilnum Hackers Return With New Activity Targeting International Migration Campaigns (lien direct) | The Evilnum hacking group have been targeting European organisations that are involved in international migration, showing renewed signs of malicious activity within the group. Evilnum is an advanced persistent threat (APT) that has been active since at least 2019 and had its campaign and tools exposed in 2020. In 2020, ESET published a technical report […] | Tool Threat | ||
|
2022-06-28 13:18:04 | Cybersecurity is complex – but it doesn\'t need to be costly or complicated (lien direct) | The pandemic tested the business resilience of every organisation. Small and medium sized enterprises (SMEs) had to maximise their digital footprint to keep operational, service their customers and survive. Just as companies are starting to return to some semblance of new normal, another threat is on the horizon. The pandemic has fuelled an increase in […] | Threat | ||
|
2022-06-28 09:13:17 | Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware (lien direct) | The ransomware-as-a-service (RaaS) Black Basta has struck 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the cybersecurity landscape. The speed at which it has accumulated victims in such a short time frame has made it a prominent new threat for the cybersecurity of governments […] | Ransomware Threat | ||
|
2022-06-22 13:58:30 | Ukrainian cybersecurity officials disclose two new hacking campaigns (lien direct) | Cybersecurity officials from the Computer Emergency Response Team of Ukraine (CERT-UA) exposed two new hacking campaigns against targets there this week. One utilized a phony tax collection document purportedly sent by the national tax agency and the other using a malicious document that discussed the threat of nuclear attack from Russia. The officials warned that […] | Threat | ||
|
2022-06-22 10:31:08 | (Déjà vu) New Phishing Attack Infects Devices With Cobalt Strike (lien direct) | Security researchers have discovered a new malicious spam campaign that delivers the ‘Matanbuchus’ malware to drop Cobalt Strike beacons on compromised machines. Cobalt Strike is a penetration testing suite that is frequently used by threat actors for lateral movement and to drop additional payloads. First spotted in February 2021 in advertisements on the dark web, […] | Spam Malware Threat | ||
|
2022-06-20 09:33:21 | WordPress Update Millions of Sites to patch a Critical Vulnerability Affecting the Ninja Forms Plugin (lien direct) | Content management system (CMS) provider WordPress has forcibly updated over a million sites in order to patch a critical vulnerability affecting the Ninja Forms plugin. The Wordfence threat intelligence team spotted the flaw in June and documented it in an advisory by the company on Thursday. The document said that the code injection vulnerability made […] | Vulnerability Threat | ||
|
2022-06-17 10:41:03 | (Déjà vu) Chinese Hackers Exploited Critical Security Vulnerability in Sophos Firewall (lien direct) | A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos’ firewall product that came to public attention earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. Volexity said in a report, “the attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form […] | Vulnerability Threat | ||
|
2022-06-16 10:02:48 | Hackers Exploit Old Telerik Flaws to Deploy Cobalt Strike (lien direct) | ‘Blue Mockingbird’, a threat actor, targets Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. The attacker leverages the CVE-2019-18935 flaw, a critical severity (CVSS v3.1: 9.8) deserialisation that leads to remote code execution in the Telerik UI library for ASP.NET AJAX. In May 2020, the same […] | Threat Guideline | ||
|
2022-06-15 09:33:58 | Ransomware Gang Develops New Website That Allows Victims To Search For Their Data (lien direct) | BlackCat, the ALPHV ransomware gang, has created a website that allows customers and employees of their victim to check if their data was stolen in an attack. Ransomware gangs typically quietly steal corporate data and harvest everything of value. After they’ve done this, the threat actor starts to encrypt devices. The hackers then, in a […] | Ransomware Threat | ||
|
2022-06-14 13:18:40 | Searchlight Security appoints Cylance and Blackberry\'s Eric Milam to lead its dark web intelligence product strategy (lien direct) | Searchlight Security appointed Eric Milam as their new Executive Vice President of Product. Milam is a renowned cybersecurity expert who brings deep expertise in threat intelligence and research, a decisive leadership style, and a creative approach to cyber-security problem-solving and solution design. Milam has worked previously as a VP of Research & Intelligence at Blackberry […] | Threat Guideline | ||
|
2022-06-14 09:45:15 | 45% of cybersecurity pros are considering quitting the industry due to stress (lien direct) | The results of the third edition of the annual Voice of SecOPs Report found that 45% of respondents in C-suite and senior cybersecurity roles were considering exiting the industry due to stress and incessant threats from ransomware. 46% of those surveyed knew someone in the past year who left due to stressors. Threats from ransomware […] | Ransomware Threat | ||
|
2022-06-13 11:20:02 | Russia Reportedly Warns of “Direct Military Clash” if Cyber-Attacks on its Infrastructure Continue (lien direct) | Reportedly, the Russian government has warned the U.S. and its allies that continued cyber-attacks on its infrastructure risks a “direct military clash.” The threats follow reports from last week that Russia’s Ministry of Construction, Housing and Utilities website had been hacked and replaced with a message stating “Glory to Ukraine” on its homepage. A foreign […] | Threat | ||
|
2022-06-13 09:39:51 | (Déjà vu) Organisations in Australia and Southeast Asia Targeted by Aoqin Dragon For Over 10 Years (lien direct) | A new advanced persistent threat (APT) actor, reportedly based in China and dubbed Aoqin Dragon, has been linked to several hacking attacks across Australia and Southeast Asia against education, government and telecom entities since 2013. Sentinel Labs, threat researchers, published a blog post on Thursday outlining the events. Joey Chen, threat intelligence researcher at SentinelOne, […] | Threat | ||
|
2022-06-10 11:13:04 | New Linux Malware Dubbed “Almost Impossible” To Detect Found (lien direct) | A new form of Linux malware that is “almost impossible” to detect has been found in a joint research effort by BlackBerry Threat Research & Research team and Intezer security researcher Joakim Kennedy. It has been dubbed Symbiote. A blog post on the malware was released on Thursday. It has been called Symbiote because of […] | Malware Threat | ||
|
2022-06-08 11:17:44 | New NHS Digital Materials Aim to Boost Cybersecurity Awareness in Social Care Organisations (lien direct) | This week the UK’s social care sector received a boost after NHS Digital released new materials designed to enhance staff cybersecurity awareness. The materials hope to raise awareness of critical threats and risks. The programme was developed in partnership with Digital Social Care, the materials are part of the NHS “Keep IT Confidential” campaign. The […] | Threat | ||
|
2022-06-08 09:20:09 | Evil Corp Hacker Group Changes Ransomware Tactics After U.S. Sanctions (lien direct) | The Evil Corp Russian hacker group has reportedly changed its attack tactics to avoid sanctions placed on US companies prohibiting them from paying it a ransom. Mandiant, the threat intelligence firm, reported the shift. The firm recently wrote a blog post linking a series of Lockbit ransomware intrusions to UNC2165, a threat cluster that shares […] | Ransomware Threat | ★★★ | |
|
2022-06-07 11:14:50 | (Déjà vu) Microsoft\'s Digital Crimes Unit Takes Legal Action Over Spear-Phishing Attacks by Bohrium Hackers (lien direct) | Last week Microsoft’s Digital Crimes Unit (DCU) disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium, linked with a spear-phishing operation. Bohrium is said to have targeted multiple entities in the U.S., India and the Middle East, including across transportation, tech, education, and government sectors. In a Tweet Amy Hogan-Burney […] | Threat | ||
|
2022-06-07 10:19:31 | (Déjà vu) Motorola\'s Unisoc Chips Found to Contain Vulnerability (lien direct) | A critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30 and E40 smartphones has been found by the cyber-threat intelligence firm Checkpoint Research (CPR). These components have been marked as threat vectors due to a stack overflow vulnerability. The Unisoc Tiger T700 chip replaced MediaTek’s chips in these devices […] | Vulnerability Threat | ||
|
2022-06-06 11:41:11 | (Déjà vu) State-Backed Hackers Exploit Microsoft “Follina” Bug to Target U.S. and European Entities (lien direct) | A suspected state-aligned threat actor has been linked to a fresh set of attacks exploiting the Microsoft Office “Follina” vulnerability to target government entities across the U.S. and Europe. Proofpoint, an enterprise security firm, said that it blocked attempts at exploiting the remote code execution flaw. The flaw is being tracked CVE-2022-30190 (CVSS Score: 7.8). […] | Vulnerability Threat | ||
|
2022-05-26 09:57:51 | Insider threats caused 68% of legal sector breaches (lien direct) | Insider threats were responsible for 68% of data breaches at UK law firms, according to new research from the Information Commissioner's Office (ICO). ICO Data from Q3 2021 was analysed by NetDocuments found that only 32% of breaches in the legal sector were caused by outside threats. Other key findings include: 54% of data breaches […] | Threat | ||
|
2022-05-23 09:40:42 | Chinese hackers caught spying on Russian defence institutes (lien direct) | A minimum of two research institutes in Russia and third likely in Belarus have suffered an espionage attack carried out by a Chinese nation-state advanced persistent threat grout (APT). Codenamed “Twisted Panda,” the attacks come in the wake of Russia’s military invasion of Ukraine, an event that has prompted many threat actors to switch tactics […] | Threat | ||
|
2022-05-19 16:03:01 | Who is UNC1756 – the hacker threatening Costa Rica? (lien direct) | On 16 April 2022, the ContiNews ransomware PR site posted the gang’s newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million. […] | Ransomware Threat | ||
|
2022-05-10 09:00:33 | KB4-Con: This is How Nicole Perlroth Tells Us the World Ends (lien direct) | “We have never been closer to a cataclysmic cyber event,” warns Nicole Perlroth, New York Times' cybersecurity journalist, at this year's KB4-Con in Orlando, Florida. Perlroth begins her talk by painting a picture of today's sombre reality, highlighting the threat of Russian cyberattacks on our critical infrastructure and the latest discovery of Pipedream – the […] | Threat | ★★★★ | |
|
2022-05-03 09:33:45 | Cyber-espionage group targets Asian telecomms (lien direct) | Researchers at Sentinel Labs have identified a new cluster of malicious cyber activity tracked as Moshen drago, with its efforts aimed at telecommunication service providers in Central Asia. The new threat group does have overlaps with “RedFoxtrot” and “Nomad Panda,” notably including the use of ShadowPad and PlugX malware variants, their activities’ differentiate enough to […] | Malware Threat | ||
|
2022-04-29 09:46:29 | Global security spending set to reach $198bn by 2025 (lien direct) | Market analysts at GlobalData have predicted that global cybersecurity spending is set to increase by 58%, reaching $198bn by 2025. GlobalData claims that an increasingly tense geopolitical landscape and the COVID-19 pandemic has placed the advantage squarely in the hands of threat actors. Spending will be primarily directed towards software, followed by services and hardware. “The […] | Threat | ||
|
2022-04-28 11:21:35 | Ransoms only make up 15% of ransomware costs (lien direct) | Researchers at Check Point have revealed that the collateral damage of ransomware attacks make up costs roughly seven times higher than the ransom demanded by threat actors. The costs include financial implications caused by incident response efforts, system restoration, legal fees, monitoring costs and the overall impact of business disruption. Ransomware attacks are an increasingly popular […] | Ransomware Threat | ||
|
2022-04-19 10:41:45 | (Déjà vu) Blockchain companies warned of North Korean hackers (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation and the Treasury Department have all warned of new, ongoing attacks targeting blockchain companies, carried out by the Lazarus Group. The activity cluster has been dubbed TraderTraitor, involving the North Korean state-sponsored advanced persistent threat (APT) actor striking entities operating in the […] | Threat Medical | APT 38 APT 28 | |
|
2022-04-06 10:20:22 | New Risk-based Application Access Control aims to solve BYOD and Remote Work Security and Productivity Challenges (lien direct) | Yesterday, Cato Networks introduced its new risk-based application access control for combatting the threat of infiltration posed by remote workers and Bring Your Own Device (BYOD). Now, enterprise policies will be able to consider real-time device context when restricting access to certain capabilities within corporate applications, the internet and cloud resources. “User devices can be […] | Threat | ||
|
2022-04-05 15:23:56 | Armis Appoints Tom Gol as CTO for Research (lien direct) | Today, Armis announced the appointment of Tom Gol as CTO for Research. He will be reporting directly to Nadir Izrael, Global CTO and Co-founder at Armis. In this role, Tom will lead and oversee all research efforts as the company continues to solidify its place as a security leader and expert in threat and vulnerability research. His team […] | Vulnerability Threat Guideline | ||
|
2022-03-30 11:33:24 | A third of malware infections use Log4Shell (lien direct) | Researchers at Lacework have revealed that the Log4Shell vulnerability was exploited as an initial attack vector in 31% of cases monitored by the company over the past six months. The software vendor's latest Lacework Cloud Threat Report highlights typical risks in today’s digital landscape. The findings confirm what security experts suspected, that the Log4j bug was used […] | Malware Vulnerability Threat | ★★ | |
|
2022-03-29 09:24:28 | Critically Exposed Web Apps Discovered Across Europe\'s Top Chemical Manufacturers (lien direct) | New research has revealed the top Chemical Manufacturers in the EU all have concerning levels of vulnerabilities and weak spots in their attack surface. According to the 2022 Web Application Security for Manufacturers report by Outpost24, 60% of European Chemical Manufacturers had vulnerabilities that are critically exposed and open to attacks. This new industry threat […] | Threat | ★★★★ | |
|
2022-03-25 10:43:26 | Honda bug allows hackers to unlock and start your car (lien direct) | Multiple researchers disclosed a vulnerability this week that would allow nearby attackers to unlock and even start some Honda and Acura cars. To carry out the attack, threat actors would capture the R signals sent from a key fob to a car, then resending these signals to unlock the car and even start the engine […] | Vulnerability Threat |
To see everything:
Our RSS (filtrered)
