What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-26 08:44:33 | Facebook disables Palestinian APT Group Activities (lien direct) | Facebook threat intelligence analysts discovered recent activities linked to two known APT Groups that have been active since 2015. According to Facebook, the groups, AridViper and Preventive Security Service, used Android and Windows malware and advanced social engineering tactics in an effort to attack journalists, human rights activities and military groups in the Middle East. […] | Malware Threat | ||
|
2021-04-08 09:39:09 | Hackers are using web shells to steal credit cards (lien direct) | VISA has issued a warning about the increase of web shells being used by threat actors to steal credit card details. VISA has seen a rise in the number of threat actors using web shells on compromised servers in order to extract credit card details stolen from customers making payments online. VISA has said that […] | Threat | ||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline | ||
|
2021-04-06 12:21:36 | Fortinet FortiOS vulnerabilities are being exploited, warns FBI (lien direct) | A number of US agencies, such as the Federal Bureau of Investigations (FBI) and the Infrastructure Security Agency (CISA), have issued a joint warning that advanced persistent threat (APT) groups are exploiting vulnerabilities found in Fortinet FortiOS. The groups are exploiting the vulnerabilities in order to compromise both government and commercial organisations using the software. […] | Threat | ||
|
2021-04-01 11:13:35 | IoT and IIoT security a major concern for security pros, research finds (lien direct) | In an already volatile environment, organisations are constantly being warned of the growing threat posed by the Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices as both converge to bring increased productivity and communications. Yet, this strive for better connectivity is presenting significant risks which are causing sleepless nights for security professionals. A […] | Threat | ||
|
2021-04-01 10:53:27 | North Korean hackers targeting Google researchers (lien direct) | A North Korean Hacking group, know to previously have targeted security researchers has recently created a fake offensive security firm. The threat actors were first documented in January 2021, per Google’s Threat Analysis Group (TAG). The TAG specialists have said that the North Korean hackers had developed a web of fake profiles on various social […] | Threat | ||
|
2021-03-26 15:04:13 | Hades ransomware targets \'big game\' in the US (lien direct) | An analysis published on Friday reveals that at least three major companies have been recent victims of the Hades ransomware. The analysis was published by Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams. Accenture claims that the threat actors are targeting organisations that generate at least $1 billion in annual […] | Ransomware Threat | ||
|
2021-03-17 10:53:39 | Defunct WeLeakInfo site suffered own data breach (lien direct) | A threat actor has leaked data from the now-defunct WeLeakInfo data breach site, including payment and customer information. Last Thursday, the hacker published am archive of payment processing data used by the strip of a hacking forum known as RaidForums. The WeLeakInfo site offered paid subscriptions to users for searchable access to a database, which […] | Data Breach Threat | ||
|
2021-02-24 10:02:24 | Healthcare Organisations increasingly targeted in cyberattacks (lien direct) | Research has shown that in the past year cyberattackers have increasingly targeted healthcare organisations for deploying ransomware and other cyber-attacks. The annual X-Force Threat Intelligence research was released on Wednesday, which tracks the evolution of new threats, malware development and cyberattacks. The most notable trend was how many threat actors targeted their malicious campaigns at […] | Ransomware Malware Threat | ||
|
2021-02-15 13:50:44 | How Healthcare Organizations Can Protect Themselves Against IoT Ransomware (lien direct) | Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority. […] | Ransomware Threat | ||
|
2021-02-12 13:42:28 | Warning: Increase in Web Shell Attacks (lien direct) | Web shells are tools deployed by threat actors on already hacked servers to gain and maintain access. They allow these hackers to remotely execute arbitrary code or commands, move laterally within a network or deliver malicious payloads. Last year the number of monthly web shell attacks nearly doubled, reported Microsoft. Last year an average of […] | Threat | ||
|
2021-02-12 12:56:14 | Confucious APT found targeting Pakistan and Indian officials using Android Spyware (lien direct) | Two new Android survellanceware have been discovered by the Lookout Threat Intelligence Team. Named Hornbill and SubBird, these two campaigns are believed to be connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Lookout's researchers revealed the spyware specifically targeted personnel linked to Pakistan’s military and nuclear authorities and Indian election officials […] | Threat | ||
|
2021-02-02 11:57:59 | (Déjà vu) 1.6 million Washington unemployment claims exposed in data breach (lien direct) | The Office of the Washington State Auditor (SAO) has experienced a data breach which has resulted in the exposure of 1.6 million employment claims, and the sensitive personal information that they contain. The Washington SAO revealed that a threat actor had exploited a vulnerability in Accellion, a secure file transfer service that helps organisations share […] | Data Breach Vulnerability Threat | ||
|
2021-01-26 10:39:56 | North Korean hackers target security researchers (lien direct) | Google has revealed that a number of cyber-security researchers who are focused on vulnerability research have been targetted by a North Korean government hacking group. Google’s Threat Analysis Group (TAG), who is a security team specialised in discovering advanced persistent threat (APT) groups, first noticed the attacks. Google’s TAG published a report outlining the attack, […] | Vulnerability Threat | ||
|
2021-01-21 15:28:30 | How did SolarWind Hackers evade Detection? (lien direct) | A report from the Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC), and Microsoft Cyber Defence Operations Center (CDOC) details how the SolarWinds hackers managed to remain undetected for so long. The report discloses new details including the steps and tools used to deploy the custom Cobalt Strike loaders (Teardrop, Raindrop, etc.) after the […] | Threat | Solardwinds | |
|
2021-01-20 13:31:18 | Airline Passenger Data Stolen by Hackers (lien direct) | For the past few years, a Chinese hacking group has been targeting the airline industry to obtain passenger data. Their goal was to track the movement of person of interest. The threat actor responsible has been given the name Chimera. The groups activities were first reported in 2020, and are thought to be nation state actors. […] | Threat | ||
|
2021-01-20 13:15:00 | Emails exposed to SolarWinds Hackers (lien direct) | SolarWinds attackers managed to gain access to internal emails via a different intrusion vector. This was confirmed by Malwarebytes, who stated that a second threat vector was used to infiltrate private emails with the use of password guessing or spraying and/or exploiting admin or service credentials. The vendor reported suspicious activity on December 15 and […] | Threat | ★★★ | |
|
2021-01-19 12:13:46 | Capitol Riots fuelling Disinformation Campaigns (lien direct) | The FBI released a “joint threat assessment” on Thursday detailing fears that “Russian, Iranian and Chinese influence actors have seized the opportunity to amplify narratives in furtherance of their policy interest amid the presidential transition.” Additionally, a U.S. Intelligence memo claims that a Russian “proxy” took advantage of the event to advance a conspiracy theory, […] | Threat | ★★★ | |
|
2021-01-13 12:07:29 | Mimecast certificate used by Microsoft 365 Exchange Web Services have been compromised (lien direct) | Mimecast have announced that one of their authentication certificates used by Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor“. Mimecast secure emails for customers using email services such as Microsoft 365. Users can apply Mimecast’s security services to their emails by creating a connection to Mimecast's server. The Mimecast certificate […] | Threat | ★★★★★ | |
|
2020-12-16 17:56:16 | The top 5 known vulnerabilities that are a threat to your security posture (lien direct) | Every year, fullstack vulnerability management provider Edgescan releases its Vulnerability Statistics Report, which highlights the highest impact vulnerabilities still out there in the wild. As a teaser to their 2021 report, their team has compiled a useful list of the top 5 known, unpatched vulnerabilities leveraged by cybercriminals in order launch attacks on unsuspecting organisations. […] | Vulnerability Threat | ||
|
2020-12-14 12:33:27 | New \'Drive-By Attack\' Targets Edge, Chrome and Firefox Users (lien direct) | Microsoft has revealed that a well-organized threat campaign is distributing malware across web browsers, including Edge, Chrome, and Firefox. The attacks can result in users having malicious extensions added to their browser, malicious ads injected into search results, and users having their credentials stolen in the worst cases of the attack. In order to avoid […] | Malware Threat | ||
|
2020-11-27 16:24:58 | Why the power to neutralise the threat of ransomware lies within your network (lien direct) | Ransomware attacks are on the up. Due to low execution costs, high rates of return, as well as a low risk of being caught, ransomware has become the preferred method of attack for those operating illegally within the online space. In fact, research highlights a surge in the number of ransomware attacks against businesses. In […] | Ransomware Threat | ||
|
2020-11-23 11:00:26 | Korean Retailer suffers Ransomware attack (lien direct) | The South Korean fashion retailed, E-Land, has recently fallen victims to a major security threat after a ransomware attack plagued the company’s corporate network. The ransomware attack resulted in E-Land having to shut down almost half of their operations in South Korea, with the attacks becoming one of the country’s largest mass attacks to date. […] | Ransomware Threat | ||
|
2020-11-16 11:58:29 | DarkSide placed on restricted list following Iranian hosting announcement (lien direct) | Coveware, the ransomware negotiation firm, have recently placed DarkSide operation on an internal restricted list following the threat actor’s announcement to host infrastructure in Iran. DarkSide ransomware operation usually encrypts a network from which their affiliates will steal an unencrypted file from, which they will then threaten to release if their ransom is not paid. […] | Ransomware Threat | ||
|
2020-11-13 15:26:43 | Ransomware-as-a-Service gang DarkSide creates server for data leaks (lien direct) | Cybercriminal groups are scaling up their operations. According to BleepingComputer, the DarkSide Ransomware operation have claimed they are creating a distributed storage system in Iran to store and leak data stolen from victims. Since double-extortion ransomware became threat actors’ attack of choice, law enforcement and security firms have been actively searching the stolen data in order […] | Ransomware Threat | ||
|
2020-11-12 10:41:28 | Ransomware attacks targeting Israel are thought to be linked to Iranian threat actors (lien direct) | Multiple sources have reported that Iranian threat actors have been identified as being responsible for the two recent ransomware waves targeting Israeli companies. These ransomware attacks targeting Israeli targets have been happening since mid-October, and have intensified this month. There have been Israeli companies of all sizes targetted by the attacks, with the actors using […] | Ransomware Threat | ||
|
2020-11-10 14:18:19 | Magecart and the Inter Skimmer threat (lien direct) | As the global pandemic has shifted life into the online space, cybercriminal groups have keenly exploited the digitisation of society's interactions over the lockdown period. One particularly notorious group that security teams should be aware of is Magecart, a shadowy criminal syndicate responsible for many of the recent high-profile credit card skimming attacks. Who is […] | Threat | ||
|
2020-11-10 10:55:32 | RedDoorz user record for sale by threat actor on hacking forum (lien direct) | A threat actor is selling the RedDoorz database containing 5.8 million user record on a hacking forum following a data breach in September. RedDoorz is a hotel management and booking platform based in Singapore, which manages bookings for over 1,000 properties in Southeast Asia. Users can register an account to browse hotels and book reservation […] | Data Breach Threat | ||
|
2020-11-09 13:40:23 | Source codes stolen from US government agencies by hackers (lien direct) | An alert warning has been sent out by the Federal Bureau of Investigation warning of threat actors abusing misconfigured SonarQube application in order to steal source code form US government agencies as well as private businesses. An alert sent out last month by the FBI was made public on their website this week detailing the […] | Threat | ||
|
2020-11-03 11:24:50 | Webinar: Cyber Criminals Leave Their Fingerprints on the Internet Too (lien direct) | 2020 is a year where it is impossible for us to ignore the extent to which we exist online. However, while the legal economy has moved online, there has been a thriving illegal economy online for years. Oliver Tonge, cyber security consultant at DomainTools discusses in this webinar how threat actors are operating online, and […] | Threat | ||
|
2020-10-29 10:57:28 | Iranian attackers hack conference attendees\' emails according to Microsoft (lien direct) | Microsoft has recently revealed that they discovered that Iranian state-sponsored attackers hacked into the emails accounts of a number of high-profile individuals and attendees at the 2020 Munich Security Conference and the Think 20 summit. It is thought that the attackers successfully targetted more than 100 individuals and Microsoft’s Threat Intelligence Center (MSTIC) have linked […] | Hack Threat | ||
|
2020-10-28 10:42:21 | Manipulation by Disinformation: How Elections are Swayed (lien direct) | In 2016, we witnessed as the Trump and Brexit campaigns leveraged the help of Cambridge Analytica to spread disinformation and sway voters in their favour. While Cambridge Analytica has since been dissolved, the threat of disinformation is ever-present. In many ways, it is a threat that arguably dates back to ancient times and what we […] | Threat | ||
|
2020-10-27 15:21:18 | Red Canary enters cloud workload protection space (lien direct) | Red Canary has announced the launch of Red Canary Cloud Workload Protection, a cloud workload protection (CWP) solution that provides visibility and threat detection for security and DevOps teams. This new solution is purpose-built for cloud Linux workloads, focuses on runtime threat protection and response, and integrates seamlessly into DevOps workflows without sacrificing system performance […] | Threat | ||
|
2020-10-21 13:55:21 | Corelight extends open NDR platform with new software sensor (lien direct) | Corelight today released new capabilities that provide users with greater network security visibility and the ability to support advanced threat analysis across their entire environment, from physical to cloud. Corelight's new Software Sensor and Corelight Cloud Sensor for Google Cloud Platform (GCP) deliver comprehensive security insights into network traffic on any platform. “Organizations today are faced with the challenge of limited visibility across distributed locations, […] | Threat | ||
|
2020-10-14 14:56:46 | Repeat victimisation: the threat of double extortion ransomware attacks (lien direct) | Ransomware has already proven itself to be a powerfully profitable weapon in the cybercriminal arsenal. According to Emsisoft, in 2019, ransomware incidents could have had a combined cost of more than $7.5 billion (£5.65 billion). That's just for US-based incidents too. As cybersecurity professionals and the public at large have come to realise, cybercrime is […] | Ransomware Threat | ||
|
2020-10-14 14:25:49 | Coronavirus phishing emails still duping individuals (lien direct) | New research has revealed that COVID-19 related phishing emails are still a serious threat as found by KnowBe4, a dedicated security awareness training and simulated phishing platform. The results from the Q3 2020 top-clicked phishing report, exactly half of the most clicked phishing emails contained a coronavirus reference – and this was the most popular […] | Threat | ||
|
2020-10-09 15:07:01 | Women in cyber – diverse talents and the barriers to acceptance (lien direct) | Three women at BAE Systems Applied Intelligence, exemplify some of the various opportunities for women in cyber, with diverse backgrounds, skillsets and routes into the sector ranging from programmer to comms, or transitioning from social science to threat intel. Using their own experiences of progressing in a male-dominated sector, they explain their role, the challenges […] | Threat | ||
|
2020-09-28 13:49:45 | The changing role of the CISO in uncertain times (lien direct) | COVID-19 has dramatically altered the world of cybersecurity and gravened the threat poised to companies that are increasingly shifting assets online, beyond the safety of the firewall. In this new reality, where cyberattacks are constant and security barriers porous, the guarantee in keeping organisations safe now lies beyond simple prevention. The pandemic has proven a […] | Threat | ||
|
2020-09-25 11:25:29 | Seven out of ten CISOs fear that cyberwarfare is an impending threat (lien direct) | A global report by Bitdefender recently found that seven out of ten CISOs (71%) fear that cyberwarfare is an impending threat to their organisation, while more than a fifth (22%) of these CISOs confess to not having a plan in place to defend against such risks. These findings are incredibly alarming, especially after the recent […] | Threat | ||
|
2020-09-11 13:53:40 | Cybersecurity experts comment on government\'s efforts to boost cybersecurity of healthcare suppliers (lien direct) | The UK governement will be offering hundreds of the country's vital healthcare firms benefits from government funding to boost their cyber security. The Digital Infrastructure Minister Matt Warman announced this yesterday, as part of London Tech Week. The move comes after the National Cyber Security Centre (NCSC) identified a heightened cyber threat to the UK health sector […] | Threat | ||
|
2020-09-10 15:36:01 | Joining the dots: phishing and ransomware (lien direct) | Phishing and ransomware are inextricably linked. Phishing is the number one delivery mechanism for getting malicious exploits, including ransomware, into mobile devices. According to MobileIron's latest research, 60% of IT decision makers agree that phishing is the most significant threat faced by their organisation. Advanced persistent threat actors are now chaining sophisticated exploits to not […] | Ransomware Threat | ||
|
2020-09-08 06:18:10 | Hybrid physical-cyber security threats drive supplier integration (lien direct) | As the cyber and physical worlds collide and interact, so the defences in each are now integrating with an example this month being the merger between Jazz Networks, a cybersecurity insider threat detection and response company, and Vaion, an end-to-end video security provider to form Ava Security. Tormod Ree, CEO of Ava Security commented: “The […] | Threat | ||
|
2020-09-04 09:57:05 | Threat detection company, Cygilant, face ransomware attack (lien direct) | The threat detection start-up, Cygilant, recently experienced ransomware attacks. Cygilant's Chief Financial Officer, Christina Lattuca, said the company was “aware of a ransomware attack impacting a portion of Cygilant's technology environment” in an official statement. “Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We […] | Ransomware Threat | ||
|
2020-09-02 10:57:42 | Smart doorbells could be a threat to police (lien direct) | In a recent document published in 2019, the FBI has identified potential threats and challenges for law enforcement around the usage of smart doorbell cameras, such as Ring. This document outlines how homeowners that use such technologies can hinder the privacy of police officers because of its ability to notify users who is outside their […] | Threat | ||
|
2020-09-01 10:57:29 | Researchers discover new malware family (lien direct) | A new trojan malware family has been identified by researchers that targets cryptocurrency. Researchers at ESET said the: “previously undocumented trojan malware family spreads through malicious torrents and that uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the radar.” ESET named the threat KryptoCibule, and it primarily […] | Malware Threat | ★★ | |
|
2020-08-26 11:10:34 | Russian Man Arrested for Failed Insider Threat Recruitment Attempt (lien direct) | In July, Russian citizen Egor Igorevich Kriuchkov, a 27 year old Russian, was identified as a member of a wider Russian cybercriminal gang, seeking to extort a Nevada company through malware. Kriuchkov offered the employee of a major company $1,000,000 to install malware on corporate networks while the Russian gang would distract security teams with […] | Malware Threat | ||
|
2020-08-24 07:43:12 | New Ransomware Operation – DarkSide – On the Market (lien direct) | With attacks on organisations beginning earlier this month, DarkSide is the latest ransomware operation to emerge. Having announced themselves through a ‘press release’, as revealed in BleepingComputer, this ransomware has already garnered million-dollar payouts for their attacks. The threat actors have allegedly worked with other ransomware operations making millions of dollars. However, this new product […] | Ransomware Threat | ||
|
2020-08-24 07:24:58 | Darknet Empire Market Potentially Victim of DDoS Attack (lien direct) | For over 36 hours, the popular darknet market – Empire Market – has remained offline. This is according to a range of sources, not least the researcher and analyst Dark.fail who has been tweeting about this blackout. Moreover, this subject has been attracting significant attention in various online forums, including the Reddit threat r/darknet and […] | Threat | ★★★ | |
|
2020-08-14 11:20:00 | Unprotected AWS Server exposes over 350m passwords (lien direct) | Ethical hackers have discovered 350 million exposed email addresses on an unsecured server which were likely to have either been stolen or acquired back in October 2018. The find was made after the CyberNews threat researchers came across an unprotected depository (also known as a bucket) on an Amazon S3 server which is said […] | Threat | ||
|
2020-08-06 15:38:34 | The rise of Community-Powered Threat Hunting (lien direct) | Next-Gen SIEM provider, Securonix has announced availability of its SearchMore functionality that helps operations teams better detect and respond to threats that bypass preventative and detection controls. The company states that “SearchMore delivers the industry's first Community-Powered Threat Hunting capability and provides the ability to search on real-time, streaming data, as well as long-term data.” […] | Threat |
To see everything:
Our RSS (filtrered)
