What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-10 11:06:05 | Researchers discover flaws in Apple\'s offline \'find my device\' feature (lien direct) | Apple’s OF (Offline Finding) technology uses online finder devices running the ‘Find My’ app to detect the location of missing offline devices (for instance iPads using Bluetooth and AirTags). The security and privacy of Apple’s Bluetooth location-tracking system earned praise from researchers who discovered two flaws in the technology. Computer scientists from the Technische Universität […] | |||
|
2021-03-10 10:46:06 | Russia threatens to block Twitter over banned content (lien direct) | On Wednesday Russia threatened to block the U.S. social media platform if it did not comply with its deletion demands. This came after Twitter’s speed was already reduced in retaliation for its alleged failure to remove banned content. Russian authorities had already accused Twitter of failing to delete posts that were supposedly urging children to […] | |||
|
2021-03-09 12:29:43 | GitHub bug invalidated users\' sessions and logged them out of their accounts (lien direct) | Yesterday, GitHub users were automatically logged out of their accounts after their sessions were invalidated in order to protect accounts from a potentially dangerous security vulnerability. Last week GitHub received reports that they were being targetted by suspicious behaviour from an external party. This suspicious behaviour related to a rare race condition vulnerability. The vulnerability was […] | Vulnerability | ||
|
2021-03-09 12:04:17 | QNAP storage devices hijacked by UnityMiner cryptocurrency malware (lien direct) | Early last week researchers at 360Netlab received reports that QNAP NAS devices were being targetted by a new form of attacks. QNAP is a Taiwanese manufacturer of hardware, including network-attached storage (NAS) devices. Internet of Things (IoT) and NAS devices are usually hijacked using credential theft or brute-force attacks. However, with this wave of attacks, […] | Malware | ||
|
2021-03-09 11:57:58 | Sarbloh ransomware supports Indian Farmers (lien direct) | Last year a new bill was passed in India, called the ‘Indian agriculture acts of 2020’. Also known as the Farm Bills, these new laws have caused social discontent among farmers, who believe these will harm their livelihoods and make it more difficult to generate revenue. The news laws remove restrictions on how farmers can […] | Ransomware | ||
|
2021-03-09 11:25:03 | Microsoft Exchange Server Hack (lien direct) | Hafnium, a Chinese-based hacker group has doubled its hack count of Microsoft’s Exchange Servers. It is estimated that the group breached nearly 60,000 Servers globally, primarily targeting organisations and their emails. According to the BBC, the European Banking Authority has admitted to being one of the victims. Microsoft was allegedly aware of the vulnerabilities in […] | Hack | ||
|
2021-03-08 14:40:11 | International Women\'s Day: the road towards equality is still long for the cybersecurity industry (lien direct) | A new study has revealed that women hold only 10 percent of board positions and 16 percent of management positions within the world's leading cybersecurity companies. The study was carried out by cybersecurity specialists Eskenzi PR and Marketing, and looked at the websites of 138 companies from the Cybersecurity Ventures Hot 150 to understand the […] | Guideline | ||
|
2021-03-04 12:09:47 | Fraud attempts skyrocketed in 2020 according to latest Financial Crime Report from Feedzai (lien direct) | Feedzai, a cloud-based risk management platform, has announced its Financial Crime Report Q1, 2021. Feedzai's data from financial transactions across the world shows a stark difference in consumer behaviour and financial crime in the Asia-Pacific (APAC) region as compared to Europe (EU) and North America (NA). A clear image appears – a hyper-digital world where east […] | ★★★ | ||
|
2021-03-03 13:00:13 | Identity theft: US Congressional Medal of Honor (lien direct) | The identities of a third of the living holders of the US government’s highest and most prestigious military decoration were stolen and used to purchase goods from military exchanges. The United States Secret Service “is currently investigating a matter in which the personally identifiable information (PII) of 22 of 75 living Congressional Medal of Honor […] | ★★★★ | ||
|
2021-03-02 11:41:05 | Learning from past hacking attacks (lien direct) | A hacker venturing to poison the Florida water system by tampering with the chemical levels. Fortunately nobody was harmed by the Oldsmar water treatment facility hack, due to the changes being spotted in time. The attempt, however, is a reminder to all organisations that their networks must be sufficiently secured against cyberattacks. This is especially […] | |||
|
2021-03-02 11:23:37 | Twitter tightens rules on the spread of misinformation (lien direct) | On Monday, Twitter announced its plan to introduce a new strike system to halt the spread of misinformation on the platform. The social media platform will start labelling tweets that “may contain misleading information about COVID-19 vaccines” and remove any that violate Twitter guidelines. The company has already removed thousands of tweets and examined over […] | Guideline | ||
|
2021-03-01 17:02:53 | “GabLeaks”: Far-Right platform Gab is hacked, with posts leaked online (lien direct) | Distributed Denial of Secrets announced that it will be revealing a collection of over 40 million posts from the far-right platform Gab. The group are calling the data reveal “GabLeaks”. According to DDoSecrets a hacktivist who identifies as “JaXpArO and My Little Anonymous Revival Project” collected Gab’s data from the platforms backend databases with hopes […] | ★★★★ | ||
|
2021-03-01 16:48:17 | Go is becoming the language of choice for malware developers (lien direct) | The Go programming language is growing in popularity after being adopted by cybercriminals to build and design malware. The amount of malware strains coded using Go has increased by almost 2,000% since 2017. These findings have confirmed the trend that malware designers are moving away from C and C++ and towards news languages such as Go. […] | Malware | ||
|
2021-03-01 11:39:56 | AOL Phishing scam threatens to close account (lien direct) | Attackers have been targeting AOL users in an attempt to steal login name and password with a phishing link. Many older people are still using AOL, because they find it too complicated to switch to a different email service such as Gmail or Outlook. This makes them prime targets for phishing scams, especially as AOL’s […] | |||
|
2021-03-01 11:08:05 | Chinese Hackers blamed for Mumbai Blackout (lien direct) | A “technical failure” caused nearly 5 million homes in Mumbai to suffer power outages on the 13th of October 2020. Suburban train services and stock market operations were also affected, interrupting normal operations for several hours. Now, Recorded Future, a US-based cybersecurity company blames Beijing for the citywide outage. The Recorded Future report states: “10 […] | |||
|
2021-02-26 16:04:59 | Npower shuts down app after hackers steal customer bank info (lien direct) | Major UK energy supplier, Npower, has had to scrap its app after cybercriminals stole sensitive customer information, including financial data. Having first been reported by MoneySavingExpert.com, Npower has stated customer information was exploited after login details were taken from other websites. This common cyberattack tactic – known as credential stuffing – allowed the hackers to […] | |||
|
2021-02-26 11:56:40 | Edgescan partners with BSI to deliver safe and secure client solutions (lien direct) | Edgescan, providers of the award winning Fullstack Vulnerability Management™ range of services, today announces its partnership with BSI, the business improvement company. The partnership will enable BSI clients to access Edgescan's Continuous Vulnerability Management, API Security Assessments, Penetration Testing as a Service (PTaaS) and Application Testing services, which can be tailored to meet their customer's […] | Vulnerability | ||
|
2021-02-26 11:07:04 | Microsoft failed to fix known problems that could have prevented SolarWinds hack (lien direct) | According to the office of U.S. Senator Ron Wyden and a number of American security experts, Microsoft could have prevented some of the damage caused by the SolarWinds hack had they fixed known problems in the cloud software that facilitated the hack. As these issues were not fixed it resulted in at least nine federal […] | Hack | ★★★ | |
|
2021-02-26 10:53:25 | Dutch Research Council experience ransomware attack (lien direct) | The Dutch Research Council (NWO) has taken its servers offline after it was victim to a cyberattack by the DoppelPaymer ransomware gang. The Dutch Research Council is the main funding research body for institutes in the Netherlands, with investments of around one billion euros per year. They announced in early February that their network had […] | Ransomware | ||
|
2021-02-26 10:41:53 | Energy provider NPower hit by cyberattack (lien direct) | Npower, an energy provider owned by E.ON, one of the UK’s biggest energy providers, removed its app after it experienced a cyberattack in which users’ login data was stolen and used to access customer accounts. Although the energy provider has not yet revealed how many customers were affected by the breach, it has been speculated […] | |||
|
2021-02-26 10:31:15 | Hackers break into an Oxford University Covid-19 laboratory (lien direct) | An Oxford University lab that has been researching the Covid-19 pandemic has been hacked. Forbes reported that Oxford University confirmed that an incident has been detected at the Division of Structural Biology. Since the attack was confirmed the university has contacted the National Cyber Security Center (NCSC) who will now investigate the attack. A representative […] | |||
|
2021-02-25 18:25:39 | Research shows that a lack of attention is being paid to patching vulnerabilities and something has to be done about it (lien direct) | Edgescan, a full-stack vulnerability management service, has just released their Vulnerability Stat Report for 2021, and it's confirmed that 2020 really was as bad as we all thought it was. The stats report reveals a number of alarming statistics and trends from 2020, taking a deep-dive into vulnerability metrics from known vulnerabilities (CVE), Malware, Ransomware […] | Ransomware Vulnerability Patching | ||
|
2021-02-25 12:12:46 | NHS face legal action following involvement with Palantir (lien direct) | Palantir is a US data firm that has had long-term involvement in the analysis of large amounts of NHS public health data. Open Democracy, an independent global media platform, has taken legal action against the NHS over its contract and involvement with Palantir, also stating that the firm lobbied a top NHS official. Palantir has […] | |||
|
2021-02-25 11:51:10 | (Déjà vu) Federal Reserve experience nationwide outage (lien direct) | Last night the US Federal Reserve suffered a major IT systems outage which stopped all ACH transactions, wire transfers, as well as a number of other services from operating. The system outage affected the majority of electronic service provided by the Federal Reserve Bank. The outage prevented services such as Check 21, Central Bank, Account […] | |||
|
2021-02-25 11:02:11 | Government websites leaking COVID-19 test results (lien direct) | Following the report last month, that multiple Indian government websites were leaking COVID-19 test reports, Sourajeet Majumder has discovered another website exposing millions more. The security researcher shared his findings last week: “I have found an issue in an Indian Government site which is resulting in the leakage of test reports of EVERYONE who took […] | ★★ | ||
|
2021-02-25 10:44:12 | GCHQ to fully embrace AI Revolution (lien direct) | GCHQ has announced that it has embraced artificial intelligence to uncover patterns in global data to counter misinformation and catch child abusers. Jeremy Fleming, the director of GCHQ stated: “AI, like so many technologies, offers great promise for society, prosperity and security. Its impact on GCHQ is equally profound.” AI allows modern computers to learn […] | ★★★★★ | ||
|
2021-02-24 15:33:24 | DHL Express and FedEx targeted by phishing scam (lien direct) | Researchers have discovered that around 10,000 employee mailboxes at DHL Express and FedEx have been hit by two phishing attacks that sought to extract recipients work email account. A blog post shared by Armorblox this week detailed the attacks. The post explained how there were two different attacks, one which pretended to share shipping details […] | FedEx FedEx | ★★ | |
|
2021-02-24 14:59:24 | How Security Culture Invokes Secure Behaviour (lien direct) | It has always been suspected that security culture and secure behaviour were closely linked, although proof was hard to produce. Today, KnowBe4 released research that shows not only have researchers been able to validate that link, but they also give data that provides conclusive evidence related to the importance of focusing on the human side […] | |||
|
2021-02-24 10:55:32 | Bombardier suffers ransomware and data leak (lien direct) | The Canadian airplane manufacturer has today revealed that it suffered a security breach. In a press release, Bombardier disclosed that some of its data has been published on the dark web portal operated by the Clop ransomware gang: “An initial investigation revealed that an unauthorized party accessed and extracted data by exploiting a vulnerability affecting […] | Ransomware Vulnerability | ||
|
2021-02-24 10:02:24 | Healthcare Organisations increasingly targeted in cyberattacks (lien direct) | Research has shown that in the past year cyberattackers have increasingly targeted healthcare organisations for deploying ransomware and other cyber-attacks. The annual X-Force Threat Intelligence research was released on Wednesday, which tracks the evolution of new threats, malware development and cyberattacks. The most notable trend was how many threat actors targeted their malicious campaigns at […] | Ransomware Malware Threat | ||
|
2021-02-23 10:39:56 | Transport for NSW affected by Accellion breach (lien direct) | Accellion systems are used to share and store files by as many as 300 organisations all around the world. Recently, they suffered a data breach following an attack linked to the ransomware gangs, Clop and FIN11. Accellion has claimed that less than 100 customers were affected by the attack, including Transport for New South Wales. […] | Ransomware Data Breach | ||
|
2021-02-23 10:35:51 | Sequoia Capital investor information stolen (lien direct) | Sequoia Capital, one of the most famous venture capital firms in Silicon Valley announced that it suffered a data breach. The firm officially referred to it as a “cybersecurity incident”, in which investor data, including personal information, was likely stolen. The attack vector is alleged to have been a phishing link received by an employee. […] | |||
|
2021-02-23 09:56:40 | Austin Energy: Scammers threaten to cut power (lien direct) | Unknown individuals have been impersonating Austin Energy in an attempt to scam customers. The scammers were threatening to cut customers’ power unless a fictitious overdue bill was paid immediately. They typically requested reloadable prepaid debit cards or other non-traceable form of payments. As a result, Austin Energy warned: “Scammers are trying to take advantage of […] | |||
|
2021-02-22 15:26:49 | Clubhouse suffer a \'data breach\' (lien direct) | Security concerns have recently arisen concerning the popular audio chatroom app Clubhouse. The app’s users privacy policy has been questioned in the past, with the app saying it would take steps to ensure user data could not be accessed by malicious hackers. However, news has broken that the app has now suffered a data breach […] | Data Breach | ||
|
2021-02-19 17:16:51 | International law firm Jones Day hacked with data posted on dark web (lien direct) | This week, it was confirmed that international law firm Jones Day had data stolen from cybercriminals and is a direct result of the wider data breach suffered by file-sharing service Accellion. The hacker, which goes by the name Clop, had uploaded much of the sensitive information on the dark web which may have included data […] | Data Breach | ||
|
2021-02-19 15:30:23 | Companies unprepared for cloud migration (lien direct) | A new report from Virtana reveals that most organisations are forcing to revert some of their applications back to on-prem infrastructure. 350 IT professionals were included in the report, which found that 72% had moved at least one app back onto on-prem, siting various reasons for their decision to do so. Some realised after that […] | ★★ | ||
|
2021-02-19 14:59:20 | US cities affected after ATFS Ransomware attack (lien direct) | Automatic Funds Transfer Services was targeted in a ransomware attack on the 3rd of February. The payment processor is used by many cities and agencies throughout the US. The data used for billing and verifying customers and residents is extremely varied, leading researchers to believe the attack could have had a massive and widespread impact. […] | Ransomware Guideline | ||
|
2021-02-19 12:45:48 | Red Canary closes $81 million Series C financing round led by Summit Partners (lien direct) | Red Canary has closed its $81 million Series C financing round led by global growth equity investor Summit Partners. The new funding will help to support continued investment in both product and team expansion as the company continues to work toward enabling every organization to make its greatest impact without concern of cyber-attacks. A leading provider […] | Guideline | ★★★ | |
|
2021-02-19 11:40:20 | People\'s Postcode Lottery scam claims you could have won £1,000 (lien direct) | The People’s Postcode Lottery has issued a statement warning players of a phishing scam which offers £1,000 in exchange for personal details. The scam claims to be from the People’s Postcode Lottery and states that players have won £1,000 after their postcode was drawn fourth place. In order to retrieve the cash prize, players must […] | |||
|
2021-02-19 11:11:34 | Millions of Californian DMV records possibly exposed in breach (lien direct) | The Californian Department of Motor Vehicles (DMV) has suffered a data breach that could have possibly exposed over a year’s worth of data after a third-party contractor was compromised during a cyberattack. During this breach customer addresses and licence plate numbers were exposed, but the DMV has confirmed that social security numbers, birthdates, voter registration, […] | Data Breach | ||
|
2021-02-15 15:49:22 | U.S Internal Revenue Service warns of phishing scam (lien direct) | An urgent warning has been issued by the U.S Internal Revenue Service (IRS) about a phishing scam that is trying to steal Electronic Filing Identification Numbers. The scam emerged in early February, just before the start of tax filing season on Feb. 12 2021. The scam phishing emails are impersonating the IRA, and the subject […] | ★★★★ | ||
|
2021-02-15 15:28:35 | Cyber security companies miss million of email attacks (lien direct) | New research by Barracuda has found that cybersecurity protection organisations have missed millions of email attacks. The research discovered 2,029,413 unique attacks in 2,600,531 unique mailboxes. The cybersecurity firm said that an average of 512 attacks were found per organisation out of the 4550 organisations that took part in the research. They also said that […] | ★★ | ||
|
2021-02-15 14:20:03 | 3.2 billion emails and passwords leaked in data breach (lien direct) | Over 3.2 billion email addresses and paired passwords have been posted online in what is being called one of the biggest breaches of all time. The database of passwords and emails are thought to have been compiled following data breaches carries out on various platforms, such as Netflix, Gmail, LinkedIn and many more. According to […] | Data Breach | ||
|
2021-02-15 14:11:29 | (Déjà vu) French and Ukrainian police arrested Egregor ransomware members (lien direct) | Several members of the Egregor ransomware group were arrested following a joint operation between Ukrainian and French law enforcement. French law enforcement officers made the arrests after they were able to trace ransom payments to group members based in Ukraine. The investigation on the Egregor attacks was first initiated by the Tribunal de grande instance […] | Ransomware | ||
|
2021-02-15 13:50:44 | How Healthcare Organizations Can Protect Themselves Against IoT Ransomware (lien direct) | Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority. […] | Ransomware Threat | ||
|
2021-02-12 17:48:40 | Top 5 privacy-conscious social media platforms (lien direct) | Recently, WhatsApp informed its users that it would be implementing a change to its Terms of Service and Privacy Policy. Users were given an ultimatum to accept or cease to use the app. This sent millions of people into a frenzy, with many individuals jumping ship in search for an alternative platform. The extent to […] | |||
|
2021-02-12 15:22:13 | 223 vulnerabilities identified in recent ransomware attacks (lien direct) | Researches from RiskSense, a risk-based vulnerability management service, discovered 223 different vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database that were used in ransomware attacks throughout 2020. This is four times the number of vulnerabilities related to ransomware than found in 2019 by RiskSense. The findings also show that ransomware families are not only […] | Ransomware Vulnerability | ||
|
2021-02-12 13:42:28 | Warning: Increase in Web Shell Attacks (lien direct) | Web shells are tools deployed by threat actors on already hacked servers to gain and maintain access. They allow these hackers to remotely execute arbitrary code or commands, move laterally within a network or deliver malicious payloads. Last year the number of monthly web shell attacks nearly doubled, reported Microsoft. Last year an average of […] | Threat | ||
|
2021-02-12 13:12:59 | 2021 CyberFirst Girls Competition (lien direct) | More than 6,500 girls entered this years qualifying round of the 2021 CyberFirst Girls Competition, run by the National Cyber Security Centre (NCSC). Teams from more than 600 schools took part in online cyber security puzzles. 9 of the teams are from Scottish schools and will move on to the semi-finals, where they will take […] | |||
|
2021-02-12 12:56:14 | Confucious APT found targeting Pakistan and Indian officials using Android Spyware (lien direct) | Two new Android survellanceware have been discovered by the Lookout Threat Intelligence Team. Named Hornbill and SubBird, these two campaigns are believed to be connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Lookout's researchers revealed the spyware specifically targeted personnel linked to Pakistan’s military and nuclear authorities and Indian election officials […] | Threat |
To see everything:
Our RSS (filtrered)
