What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-06 10:14:28 | Google shuts down Chinese, Iranian and Russian influence campaigns ahead of US election (lien direct) | Ten influence campaigns emerging from hostile states such as China, Tunisia, Russia, and Iran have been discovered across Google platforms, and removed throughout Q2, Google's Threat Analysis Group have announced. The group is responsible within Google's security department for keeping track of high-end cybercriminal activity, which includes nation-state influence campaigns detected. Although the group is […] | Threat | ||
|
2020-08-05 11:08:58 | Serious bug found in official Facebook WordPress chat plugin allows attackers to intercept messages (lien direct) | On June 26, 2020, Wordfence’s threat intelligence team discovered a vulnerability in The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for low-level authenticated attackers to connect their own Facebook Messenger account to any site running the vulnerable plugin and engage in chats with site visitors […] | Vulnerability Threat | ||
|
2020-08-04 09:28:16 | 1 in 5 Businesses Would Consider Sabotaging a Competitor\'s Online Business (lien direct) | The digital era has brought a multitude of opportunities, and unique challenges for businesses. Industrial espionage and sabotage has always been a threat to corporations, but the digital age presents new tools and weapons. Acts of online sabotage may involve discrediting a business's products/service with negative (and often fake) reviews, as well as running a […] | Threat | ||
|
2020-08-03 10:57:25 | Aged Care Operators in Australia Under Threat of Ransomware Attacks (lien direct) | The Sydney Morning Herald has announced yet another cyberattack in a string of attacks targeted at Australian organisations and critical infrastructure. Suspected to be the work of an overseas actor, Regis, the aged care operator, is the latest to be affected. Already struggling with the coronavirus outbreak, the company now has to deal with the […] | Ransomware Threat | ||
|
2020-07-29 10:13:18 | Beijing has been inside the Vatican\'s computer network for the past three months (lien direct) | According to security firm Recorded Future, Chinese hackers have infiltrated the Vatican’s computer network in an apparent espionage effort. This happened ahead of sensitive negotiations with Beijing, which currently recognises five religions, including Catholicism. However, the Communist Party has recently attempted to tighten its control over religious groups, perceived as a threat to the stability […] | Threat | ||
|
2020-07-21 13:54:27 | Emotet Strikes Back (lien direct) | The past few days has seen the resurgence of Emotet, a dangerous email threat vector that aims to steal sensitive and financial information. ZIX, the cybersecurity company that specialises in email security has uncovered a worrying trend that could lead to users falling victim to cybercriminals seeking to exploit the uncertainty of these precarious times […] | Threat Guideline | ||
|
2020-07-14 16:13:58 | CyberSmart raises £5.5million to fund growth following increased demand for cybersecurity (lien direct) | CyberSmart has raised £5.5 million in a heavily oversubscribed Series A funding round led by VC firm IQ Capital and respected cyber security and tech entrepreneur investors. The funding will be used to fund the growth of the company, which enables small to medium-sized businesses (SMBs) to combat the constant threat of cyber-attacks and increasing […] | Threat | ||
|
2020-07-13 08:32:20 | A look at Evilnum, the APT Group Behind the Malware (lien direct) | The group behind Evilnum malware, that targets financial institutions, appears to be testing new techniques. ESET researchers published an analysis of advanced persistent threat (APT) group Evilnum, known for developing malware of the same name. A detailed look at its activity reveals an evolved toolset and infrastructure that combine custom malware with tools bought from […] | Malware Threat | ||
|
2020-07-10 08:26:47 | Conti Ransomware Possesses Similar Characteristics as Ryuk (lien direct) | First spotted towards the end of December 2019, the Conti ransomware has since increased its number of attacks. It appears that this new ransomware shares certain code as Ryuk. The latter has also begun to disappear, whilst Conti’s distribution is growing. Indeed, it is becoming a considerable threat as it works faster and performs more […] | Ransomware Threat | ||
|
2020-07-09 11:07:58 | Major spike in cyber threats during Covid-19 pandemic – insights from the Telco Security Alliance (lien direct) | The COVID-19 Threat Intelligence Insight report was provided by AT&T Cybersecurity and the Telco Security Alliance (TSA), which observed cyberthreat activity between January and June 2020. The TSA consists of a group including Singtel (Trustwave), and Telefónica (ElevenPaths), and aims to offer enterprises comprehensive cybersecurity insights to help them address the threat of cyberattacks and […] | Threat | ||
|
2020-06-25 09:58:42 | 67% of malware in Q1 2020 delivered via encrypted HTTPS connections (lien direct) | 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. These findings show that without HTTPS inspection of encrypted traffic and advanced behavior-based threat detection and response, organizations are missing up to […] | Malware Threat | ||
|
2020-06-22 10:51:20 | Ransomware operators lurk on your network after their attack (lien direct) | When a company suffers a ransomware attack, many victims feel that the attackers quickly deploy the ransomware and leave so they won’t get caught. Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control. Instead, ransomware attacks are conducted over […] | Ransomware Threat | ||
|
2020-06-19 10:35:35 | InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership (lien direct) | The InvisiMole threat group has resurfaced in a new campaign, revealing a new toolset and a strategic collaboration with the high-profile Gamaredon advanced persistent threat (APT) group. InvisiMole was first uncovered by ESET in 2018, with cyberespionage activity dating back to 2013 in operations in Ukraine and Russia. More recently, from late 2019 until at least this month, […] | Threat | ||
|
2020-06-15 11:35:39 | (Déjà vu) Cybercriminals are quick to find exposed Elasticsearch servers (lien direct) | Bad guys find unprotected Elasticsearch servers exposed on the web faster than search engines can index them. A study found that threat actors are mainly going for cryptocurrency mining and credential theft. For the duration of the experiment, a honeypot with a fake database recorded more than 150 unauthorized requests, the first one occurring less […] | Threat | ★★ | |
|
2020-06-11 10:48:56 | Wire Tapping Devices Found Connected to Slovak Government Network (lien direct) | Slovak authorities have arrested four suspects on Tuesday as part of an investigation into a series of suspicious devices found connected to the government’s official IT network. According to local news site Aktuality, the equipment is believed to have been used for wiretapping purposes and would have allowed threat actors to intercept both internet and telephony […] | Threat | ||
|
2020-06-11 10:22:29 | (Déjà vu) Ransomware Auto-Spreads to Windows devices (lien direct) | The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on. Thanos first began private distribution at the end of October 2019, but it was not until January 2020 when victims seeking help for […] | Ransomware Threat | ||
|
2020-06-10 10:55:49 | (Déjà vu) Valak malware focused on stealing Outlook login credentials (lien direct) | Authors of Valak information stealer are focusing more and more on stealing email credentials as researchers find a new module specifically built for this purpose. The malware emerged in testing mode in mid-October 2019 and has a modular plugin architecture that expands its capabilities to cover the needs of the threat actor. Valak has been […] | Malware Threat | ||
|
2020-06-05 10:15:17 | Trump/Biden Campaigns Targeted by Chinese and Iranian State Hackers (lien direct) | Chinese and Iranian state-sponsored hackers have been caught targeting the Trump and Biden Presidential campaigns, according to Google. Shane Huntley, director of Google's Threat Analysis Group, revealed the news in a couple of tweets yesterday. He confirmed that there was no sign the attacks had led to compromise. “We sent users our govt attack warning […] | Threat | ||
|
2020-05-29 09:55:39 | Clearview AI sued by ACLU (lien direct) | The American Civil Liberties Union (ACLU) is taking Clearview AI to court, claiming the company’s facial surveillance activities violate the Illinois Biometric Information Privacy Act (BIPA) and “represent an unprecedented threat to our security and safety”. The legal action, brought on by lawyers at the ACLU of Illinois and the law firm Edelson PC, is […] | Threat | ||
|
2020-05-28 10:23:54 | 25 million records leaked by Maths app Mathway (lien direct) | More than 25 million user records, belonging to popular math app Mathway, are being sold on the dark web. According to ZDNet, the hack is the latest in a long line of security breaches carried out by a hacker going by the name of ShinyHunters, the threat actor also responsible for intrusions at Tokopedia, Wishbone, […] | Hack Threat | ||
|
2020-05-26 10:42:00 | Stealthy Malware Steals Your Discord Password And Attacks Your Friends (lien direct) | In just five short years, Discord's popularity with gamers has soared. Today, Discord has 250 million registered users and around 15 million of them active on any given day… which is why it's become a popular target for cybercriminals. One persistent threat that has plagued Discord for some time is AnarchyGrabber. It's a particularly stealthy […] | Malware Threat | ||
|
2020-05-21 13:53:12 | Securonix Insider Threat Report: (lien direct) | A brand-new Insider Threat Report authored by Shareth Ben, director of insider threat and cyber threat analytics at Securonix has found that employees deemed “flight risks” are linked to around 60% of the insider threat incidents detected. Ben explained in the report that flight risks are those employees about to terminate employment with the company […] | Threat | ||
|
2020-05-18 10:11:16 | (Déjà vu) ProLock ransomware decryptor branded ineffective by FBI (lien direct) | Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. The FBI issued a flash alert at the beginning of the month to alert organizations of the new threat actor, saying that its targets […] | Ransomware Threat | ||
|
2020-05-15 09:24:46 | Facebook give $20k reward for vulnerability discovery (lien direct) | The cross-site scripting vulnerability could have allowed trivial account takeover. Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting (XSS) vulnerability in the Facebook Login SDK, which is used by developers to add a “Continue with Facebook” button to a page as an authentication method. Exploitation could allow threat actors to hijack […] | Vulnerability Threat | ||
|
2020-05-04 09:54:08 | (Déjà vu) 91 million Tokopedia accounts hacked and sold (lien direct) | A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. Tokopedia is Indonesia’s largest online store, with 4,700 employees and over 90 million active users. This weekend, data […] | Threat | ||
|
2020-05-01 10:09:55 | Shade release 750K encryption keys (lien direct) | The team behind the ransomware, first spotted in late 2014 and typically targeting Russian victims, apologized to victims in a post on GitHub. The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User “shade-team” posted four files on […] | Ransomware Threat | ||
|
2020-04-29 09:49:08 | Android Spyware Spread by Google Play (lien direct) | The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia - and could be the work of the OceanLotus APT. A sophisticated, ongoing espionage campaign aimed at Android users in Asia is likely the work of the OceanLotus advanced persistent threat (APT) actor, researchers said this week. Dubbed PhantomLance by Kaspersky, the campaign […] | Threat | APT 32 | |
|
2020-04-24 09:25:29 | China officials targeted by Vietnamese hackers during outbreak (lien direct) | Vietnamese hackers began targeting Chinese government officials at the heart of the coronavirus outbreak in the early days of 2020, when the threat of pandemic had barely registered elsewhere in the world, according to findings by cybersecurity firm FireEye Inc. The attacks were going on as early as January 6 and continued through April, said […] | Threat | ||
|
2020-04-22 09:54:10 | IBM Data Risk Manager exploit released (lien direct) | Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been discovered that can lead to unauthenticated remote code execution (RCE) as root, according to analysis – and a proof-of-concept exploit is available for version 2.0.3. However, IBM has not yet patched the problem. IDRM is a software platform that aggregates threat […] | Threat Guideline | ||
|
2020-04-20 10:50:19 | Warnings of cybersecurity threats and election interference in Singapore (lien direct) | With general elections expected to be held within a year, Singapore’s political parties have been issued advisories about the threat of foreign interference and cybersecurity threats. They are urged to seek out precautionary measures to safeguard their ICT infrastructure, data, as well as online accounts. The city-state’s Ministry of Home Affairs, Cyber Security Agency, and […] | Threat | ||
|
2020-04-17 11:35:36 | Hackers linked to Syrian government target civilians with spyware via mobile apps (lien direct) | Researchers have unearthed a COVID-19 related spyware campaign that is specifically targeting Syrians and “likely other Arabic speaking” individuals in the Middle East region. Threat researchers at mobile security specialists, Lookout, discovered that over the past month, hackers, who are supposedly linked with the Syrian regime of President Bashar Al-Assad, have used at last 71 […] | Threat | ||
|
2020-04-17 09:57:22 | Report alleges Zoom Zero-Days for sale (lien direct) | Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people's private video conferences and further exploit a target's system. Flaws target Zoom clients for the Windows and the MacOS operating system, according to a published report by Vice Motherboard. According to the […] | Threat | ||
|
2020-04-15 16:09:42 | AT&T Researchers Discover Slack Webhooks Vulnerability (lien direct) | Researchers at AT&T Alien Labs, the threat intelligence arm of AT&T Cybersecurity, have discovered a vulnerability in popular work collaboration platform Slack. Slack is a popular cloud-based messaging platform that is commonly used in workplace communication, with Slack Incoming Webhooks allowing users to post messages from applications to Slack. By specifying a unique URL, the […] | Vulnerability Threat | ||
|
2020-04-09 09:56:13 | 3D printed \'fake fingerprints\' bypass scanners (lien direct) | New research has found that it's possible to use 3D printing technology to create “fake fingerprints” that can bypass most fingerprint scanners used by popular devices. But, creating the attack remains costly and time-consuming. Researchers with Cisco Talos created different threat models that use 3D printing technology, and then tested them on mobile devices (including […] | Threat | ||
|
2020-04-01 13:57:01 | Securing Your Remote Workforce (lien direct) | As mentioned in previous articles, Securonix, has devoted an entire taskforce to outlining key threats that are appearing under the guise of COVID-19 themed domain names or emails. The threat research team has been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors such as: Ransomware using weaponized COVID-19/coronavirus-related documents disrupting critical healthcare and […] | Ransomware Threat | ||
|
2020-03-26 10:44:25 | Cisco, Citrix Flaws Exploited by Chinese Hackers (lien direct) | Researchers say that APT41's exploits are part of one of the broadest espionage campaigns they've seen from a Chinese-linked actor “in recent years.” Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” […] | Threat Guideline | APT 41 | |
|
2020-03-26 10:42:23 | 400 Professionals Volunteer to Fight Coronavirus Hacking (lien direct) | An international group of nearly 400 volunteers with expertise in cybersecurity formed on Wednesday to fight hacking related to the novel coronavirus. Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp. and Amazon.com Inc. […] | Threat | ||
|
2020-03-25 14:57:02 | Executives Believe Employees are the Greatest Threat to Critical Infrastructure Security According to Nozomi Networks (lien direct) | Over 400 C-level executives from critical infrastructure organisations across North America, Europe and Asia/Pacific were surveyed in a report sponsored in part by Nozomi Networks titled “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure”. The report found that most (88%) critical infrastructure organisations have, or are currently, integrating their IT, OT, IoT […] | Threat | ||
|
2020-03-25 11:14:47 | Middle East firms face cyber espionage attempts from Russian hackers (lien direct) | As per Trend Micro's research, since May 2019, a Russian state-sponsored notorious cyber espionage threat group called Pawn Storm (also known as Fancy Bear or APT28) has been scanning servers for reusing previously compromised emails. The compromised email addresses are used to carry out phishing campaigns, targeted mainly at defense firms from the Middle […] | Threat | APT 28 | |
|
2020-03-20 11:03:42 | (Déjà vu) Phishing attempts impersonate WHO to deliver HawkEye Malware (lien direct) | An ongoing phishing campaign delivering emails posing as official messages from the Director-General of the World Health Organization (WHO) is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. This spam campaign started today according to researchers at IBM X-Force Threat Intelligence who spotted it and it has already delivered several waves […] | Spam Malware Threat | ||
|
2020-03-18 10:48:32 | (Déjà vu) Crimson RAT spread via Coronavirus Phishing (lien direct) | A state-sponsored threat actor is attempting to deploy the Crimson Remote Administration Tool (RAT) onto the systems of targets via a spear-phishing campaign using Coronavirus-themed document baits disguised as health advisories. This nation-backed cyber-espionage is suspected to be Pakistan-based and it is currently tracked under multiple names including APT36, Transparent Tribe, ProjectM, Mythic Leopard, and […] | Tool Threat | APT 36 | ★★ |
|
2020-03-13 10:26:43 | DoppelPaymer Ransomware Ups Threat Level (lien direct) | While ransomware is a serious problem, it is also one that can be handled with proper preparation. An organization that fully backs up its systems at regular intervals can usually avoid a payment simply by restoring files. Cyber crime is a world of constant adaptation and escalation, however, and there has been a dangerous mutation. […] | Ransomware Threat | ||
|
2020-03-11 14:50:16 | Preparing for Large-Scale Remote Working in the Wake of COVID-19 (lien direct) | By Elad Shapira, Head of Research at Panorays In the wake of coronavirus, companies are shifting their workforce to remote locations to keep businesses underway. This is an attempt to keep workers healthy and semi-quarantined to protect against the spread of a world pandemic that is not only a threat to health, but also to […] | Threat | ||
|
2020-03-09 10:36:12 | 5.5 million 2019 malware attacks in GCC (lien direct) | Trend Micro Incorporated, a global cybersecurity solutions firm, today released its 2019 security roundup report. Ransomware continued to be a mainstay cyber threat last year. Overall, Trend Micro discovered a 10% increase in ransomware detections, despite a 57% decrease in the number of new ransomware families. The healthcare sector remained the most targeted industry, […] | Ransomware Malware Threat | ||
|
2020-03-05 10:13:14 | Mobile malware attacks increasing (lien direct) | Mobile malware attacks are becoming more common as cyber criminals increasingly turn their attention towards smartphones – and they’re ensuring that malicious activity is harder to uncover. According to figures in the newly released McAfee Mobile Threat Report, the total number of detections for different types of mobile malware reached over 35 million during […] | Malware Threat | ||
|
2020-03-04 10:09:42 | New Cobalt Ulster Malware (lien direct) | A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. The emails were targeting organizations in […] | Malware Threat | ||
|
2020-03-02 12:41:04 | Anomali Threat Intelligence Platform (lien direct) | Supplier: Anomali Website: www.anomali.com Price: Based on size of organisation Scores: Performance 5/5 Features 5/5 Value for Money 4.5/5 Ease of Use 4/5 Overall 5/5 Verdict: Anomali weaponizes your cyber security teams by providing all the intelligence they need to detect, assess and mitigate threats. Enterprises that rely on reactive responses to cyber threats are […] | Threat | ||
|
2020-02-28 10:23:14 | (Déjà vu) Remote Access Trojan used by Norton Lifelock Scam (lien direct) | Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes. The malicious activity has the hallmarks of a seasoned threat actor familiar with evasion techniques and offensive security […] | Tool Threat | ||
|
2020-02-27 10:26:31 | (Déjà vu) Bretagne Télécom hacked using Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. Bretagne Télécom is a privately held French cloud hosting and enterprise telecommunications company that provides telephony, Internet and networking, hosting, and cloud computing services to roughly 3,000 customers, operating […] | Ransomware Threat | ★★★★★ | |
|
2020-02-26 10:19:08 | (Déjà vu) WordPress Vulnerabilities Attacked (lien direct) | Cybercriminals are taking advantage of the recent security flaws reported recently in popular WordPress plugins and are targeting websites that still run vulnerable versions. At least two threat actors are actively attacking unpatched variants of ThemeGrill Demo Importer, Profile Builder, and Duplicator plugins which are installed on.What the three WordPress components have in common are […] | Threat |
To see everything:
Our RSS (filtrered)
