What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-09 10:57:38 | Cryptocurrency organisations hit with fake job offers (lien direct) | North Korean threat actors, known as the Lazarus group have been posting fake job listings to target the cryptocurrency vertical in the US, UK, Germany, Singapore and more. Lazarus hackers, also known as HIDDEN COBRA by the United States Intelligence Community and Zinc by Microsoft, have targeted cryptocurrency organisations in the past. The North Koreans are […] | Threat Medical | APT 38 APT 28 | ★★ |
|
2022-02-08 11:06:15 | QBot steals data in 30 minutes (lien direct) | Qbot, also known as Qakbot or QuakBot, has recently returned to lightning speed attacks, with analysts reporting that it only takes 30 minutes from infection to steal emails and credentials. A new report by DFIR suggests that Qbot was carrying out data-snatching operations in October 2021. It is now believed that the threat actors behind […] | Threat | ||
|
2022-02-04 16:36:50 | Ransomware gangs and supply chain vulnerabilities: Nozomi Networks Labs reports on the current threat landscape (lien direct) | While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organizations are fighting back with targeted remediation efforts A new OT/IoT security trends report from Nozomi Networks Labs finds cyber threats have becoming a never-ending reality for critical business operations. In a review of the threat […] | Vulnerability Threat | ★★★★ | |
|
2022-02-04 11:11:20 | Zimbra zero-day vulnerability exploited to steal emails (lien direct) | Attacks linked to a Chinese threat actor have exploited a Zimbra’s zero-day vulnerability and are stealing emails linked to European government and media. Researchers say that at the time of writing the exploit has no available patch. Zimbra says that more than 200,000 businesses from over 140 countries are using its software, including over 1,000 […] | Vulnerability Threat | ||
|
2022-02-02 09:54:44 | Business leaders are confident in their defences, despite over half falling victim to ransomware (lien direct) | New research from Adarma, the UK's largest independent cyber threat management company, has discovered a major disconnect in the way organisations think and act in the face of ransomware. Adarma’s nationwide ransomware study surveyed 500 C-level executives at UK businesses with over 2,000 employees and found that 58% of respondents have experienced a ransomware attack, with […] | Ransomware Threat | ||
|
2022-01-27 17:05:20 | FluBot and TeaBot malware targeting androids worldwide (lien direct) | Bitdefender’s Mobile Threat researchers have warned about some newly discovered Flubot and Teabot campaigns. The researchers claim that since December 2021 they have intercepted over 100,000 malicious SMS messages which were aiming to distribute Flubot malware. The researchers have said that they have observed that the attacks are more active in Germany, Spain, Poland, Australia, […] | Malware Threat | ||
|
2022-01-18 11:13:32 | DHL most imitated brand in phishing scams (lien direct) | In Q4 of 2021, DHL was threat actors’ preferred brand to imitate when launching phishing campaigns. This pushed Microsoft into second place and Google into fourth. These findings were unsurprising as the last three months of the year include holidays such as Black Friday, Cyber Monday and Christmas; holidays that hackers frequently exploit as victims […] | Threat | ||
|
2022-01-13 14:02:59 | Lazarus Group, Cobalt Gang and FIN7 the Worst Threat Actors Targeting the Financial Services Sector (lien direct) | A new industry report by Blueliv, an Outpost24 company, has deep dived into the evolving threat landscape that is surrounding the financial services sector. Using advanced threat intelligence gathered by Blueliv's Threat Compass; the 'Follow the Money' report reveals the main cyber threats and the culprits behind these malicious attacks to forewarn these vital institutions. Threat intelligence gathered by Blueliv from the dark web and deep web showed that the main cyberthreats targeting the industry included: Phishing, […] | Threat | APT 38 | |
|
2022-01-10 11:25:50 | The latest on the Log4j vulnerability (lien direct) | The threat posed by the Log4j vulnerability hasn’t gone away over the holidays, with the UK’s National Health Service (NHS) issuing a warning that hackers are actively targeting the security flaw and recommending that organisations within the health service apply the necessary updates in order to protect themselves. “Affected organisations should review the VMware Horizon […] | Vulnerability Threat | ||
|
2022-01-04 13:44:32 | Vulnerability lets anyone send emails from Uber.com (lien direct) | Researcher Seif Elsallamy recently discovered a vulnerability in Uber’s emailing system, which allows anyone to send an email on behalf of the company. If exploited, threat actors would be able to email the 57 million Uber users and drivers whose data was leaked in the 2016 data breach. Uber has been made aware of the […] | Vulnerability Threat | Uber Uber | |
|
2021-12-24 11:24:05 | New CoinSpot phishing campaign discovered (lien direct) | A new phishing campaign is targeting CoinSpot cryptocurrency exchange users in order to steal two-factor authentication (2FA) codes. The threat actors are sending emails from a Yahoo email address, which replicates CoinSpot emails, asking recipients to cancel or confirm a withdrawal transaction. The researchers who discovered the campaign said “the threat actor observed here been […] | Threat | Yahoo Yahoo | |
|
2021-12-23 11:56:33 | World\'s top cybsersecurity agencies warn of Apache vulnerability threats (lien direct) | The Fives Eyes intelligence alliance have warned that threat actors are actively exploiting an Apache vulnerability in the Log4j logging library. The Five Eyes alliance, consisting of cybersecurity agencies in US, UK, Australia, Canada and New Zealand, announced in a joint statement on Wednesday that, “sophisticated cyber threat actors are actively scanning networks to potentially […] | Vulnerability Threat | ||
|
2021-12-23 11:18:29 | Belgium\'s Military hit by cyber attack (lien direct) | The Belgium Defense Ministry has announced that it has experienced a cyberattack after threat actors exploited a Log4j vulnerability. The attack took place on December 16 and was confirmed this week. According to a Belgium military spokesman, Commander Olivier Séverin, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s […] | Threat | ||
|
2021-12-08 11:03:58 | (Déjà vu) Ransomware attack locks hotel guests out of rooms (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. However it has since been revealed that it was the target of Conti ransomware, leading to hotel guests being locked out of their rooms. As IoT becomes more connected the threat of home and corporate […] | Threat Guideline | ||
|
2021-12-03 12:46:27 | Expert comment: CS Energy ransomware attack (lien direct) | On Tuesday, energy generator CS Energy, which is owned by the Queensland government, fell victim to a ransomware attack that impacted operations. The incident occurred over the weekend, in yet the latest cyber threat to target critical infrastructure. As per the organisation’s announcement, the incident occurred on CS Energy's corporate network and has not impacted […] | Ransomware Threat | ||
|
2021-11-19 15:00:20 | (Déjà vu) Most Inspiring Women in Cyber 2021: Rea James, Global Cyber Strategic Threat Intelligence Lead at Vodafone (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | Threat | ||
|
2021-11-17 13:35:06 | Bugcrowd correlates $27bn risk reduction with ethical hacking to find vulnerabilities (lien direct) | Bugcrowd, the crowdsourced cybersecurity platform, has published its Inside the Mind of a Hacker '21 report, which it says provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research. Some new findings indicate a shift in the threat landscape with 8 out of 10 ethical hackers recently having identified a […] | Threat | ||
|
2021-11-11 10:33:43 | Don\'t get held to ransom – cause, prevention, recovery (lien direct) | Ransomware is one of the top earners of the dark economy, lining the coffers of cybercriminals. Expected to generate over $265bn USD in revenue for bad actors within the next decade, ransomware continues to pose an acute threat to businesses. It's no wonder then that cybercriminals have commoditised their skills in ransomware as a service to maximise their return on investment. They understand how to build a successful business from […] | Ransomware Threat | ||
|
2021-11-02 14:08:52 | Mobile phishing threats surged 161% in 2021 – Lookout Energy Threat Report (lien direct) | A new report has shown the energy sector is under immense cyber threat as hackers continue to target this vital industry. The threat report by Lookout shows that mobile phishing exposure had surged by 161% within the energy industry between the second half of 2020 and the first half of 2021. Further key findings include: 20% […] | Threat | ||
|
2021-10-13 14:13:47 | AT&T Cybersecurity Launches New Managed XDR Solution (lien direct) | AT&T Cybersecurity has launched a dedicated managed Extended Detection and Response (XDR) offering which is available immediately. The AT&T Managed XDR solution features a cloud-based security platform with security threat analytics, machine learning, and third-party connectors to protect endpoint, network, and cloud assets with automated and orchestrated malware prevention, threat detection, and response. At a time where there are increasing complexities, attack surfaces are […] | Malware Threat | ||
|
2021-08-20 13:39:16 | DemonWare ransomware gang attempts to recruit disgruntled employees in insider threat scheme (lien direct) | According to a report by Abnormal Security, on August 12, 2021, their team identified and blocked a number of emails sent to customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies' networks with ransomware. These emails allege to come from someone with ties to […] | Ransomware Threat | ||
|
2021-07-28 08:10:15 | Praying Mantis hacker group strikes IIS web servers (lien direct) | An APT group dubbed Praying Mantis or TG1021, by researchers from incident response firm Sygnia, has hit IIS web servers with deserialization flaws and memory-resident malware. It says Praying Mantis group is likely a nation-state threat actor using custom malware that is especially good at avoiding detection to compromise major public and private organisations over […] | Malware Threat | ||
|
2021-07-23 16:09:09 | Departing employees pose significant cloud security risks, report finds (lien direct) | This week, cybersecurity provider Netskope released the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs’ biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. The results revealed that some departing employees present disproportionately significant cloud security […] | Threat | ||
|
2021-07-21 14:46:43 | Back to work: Onslaught of personal devices could pose serious cybersecurity risk (lien direct) | A nationwide survey of 2,000 UK employees conducted by Censuswide on behalf of Armis, the unified asset visibility and security platform provider, analyses the new working culture and security of personal devices before the inevitable return to the office. The results demonstrate a heightened cybersecurity threat as the majority of the UK workforce (61%) intend […] | Threat | ||
|
2021-07-19 13:59:17 | Preparing for the ever-growing threat of ransomware (lien direct) | Ransomware is a growing threat to every organisation on the planet; it seems we can't go a day without seeing another high-profile ransomware attack being detailed in mainstream media. Cyber-criminals are innovating at a phenomenal pace in this growing 'industry', because they have the funds to do so. In fact, many cyber-criminal groups have more […] | Ransomware Threat | ||
|
2021-07-14 11:34:14 | Outpost24 acquires threat intelligence provider Blueliv (lien direct) | Outpost24 has acquired Blueliv, one of the world’s leading cyber threat intelligence companies which will create one of the largest cybersecurity providers in Europe. The objective: to provide the most advanced threat landscape monitoring solution to help businesses identify threats targeting their organizations and dramatically reduce risk exposure. “It has been a difficult 18 months […] | Threat Guideline | ||
|
2021-06-16 10:47:10 | Business security remains resilient in the wake of coronavirus (lien direct) | The coronavirus pandemic has put cybersecurity under a renewed spotlight. New ways of working and a fragmented workforce has challenged CISOs and their security teams; as the threat landscape has grown, nefarious actors have jumped at the chance to exploit the ever-fluid situation. We have seen attacks grow in frequency and sophistication; Telstra's Agility Report, […] | Threat | ||
|
2021-06-07 11:49:31 | New AT&T Cybersecurity USM Anywhere Advisors Service Helps to Establish and Maintain Threat Detection and Response Effectiveness (lien direct) | AT&T Cybersecurity has announced its AT&T USM Anywhere platform will now offer on-demand advisory service for new and existing customers to tackle threat detection and response faster. The company recognises that security teams are often overwhelmed and understaffed. Therefore, the ability to confidently respond to threats is limited by the maturity of their cybersecurity technologies to react quickly to alerts. Also, […] | Threat | ||
|
2021-05-19 13:19:51 | KnowBe4 launches PhishFlip (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has announced a new product feature called PhishFlipTM, which turns real-world phishing attacks into safe, simulated phishing templates. A majority of data breaches begin with a phishing attack and the threat continues to grow. According to the fourth quarter 2020 Phishing Activity […] | Threat | ||
|
2021-05-14 09:50:05 | Heightened work-related stress and increased workloads are taking their toll on technology leader\'s mental wellbeing (lien direct) | A CISOs workday is riddled with high-stress situations as they constantly battle the deluge of threats emerging from the ever-expanding threat landscape. Therefore it is no wonder that the majority of technology leaders are feeling stressed. In recent years the challenges that CISOs face have only intensified. Since the pandemic, security professionals have had […] | Threat Guideline | ||
|
2021-04-30 07:46:47 | Microsoft identifies critical code execution flaws in IoT and OT devices (lien direct) | The 25 security flaws are known collectively as BadAlloc and affect Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. The flaws are caused by memory allocation Integer Overflow or Wraparound bugs. Threat actors can exploit the vulnerabilities to trigger system crashes and execute malicious code remotely on susceptible IoT and OT systems. | Threat | ||
|
2021-04-26 08:44:33 | Facebook disables Palestinian APT Group Activities (lien direct) | Facebook threat intelligence analysts discovered recent activities linked to two known APT Groups that have been active since 2015. According to Facebook, the groups, AridViper and Preventive Security Service, used Android and Windows malware and advanced social engineering tactics in an effort to attack journalists, human rights activities and military groups in the Middle East. […] | Malware Threat | ||
|
2021-04-08 09:39:09 | Hackers are using web shells to steal credit cards (lien direct) | VISA has issued a warning about the increase of web shells being used by threat actors to steal credit card details. VISA has seen a rise in the number of threat actors using web shells on compromised servers in order to extract credit card details stolen from customers making payments online. VISA has said that […] | Threat | ||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline | ||
|
2021-04-06 12:21:36 | Fortinet FortiOS vulnerabilities are being exploited, warns FBI (lien direct) | A number of US agencies, such as the Federal Bureau of Investigations (FBI) and the Infrastructure Security Agency (CISA), have issued a joint warning that advanced persistent threat (APT) groups are exploiting vulnerabilities found in Fortinet FortiOS. The groups are exploiting the vulnerabilities in order to compromise both government and commercial organisations using the software. […] | Threat | ||
|
2021-04-01 11:13:35 | IoT and IIoT security a major concern for security pros, research finds (lien direct) | In an already volatile environment, organisations are constantly being warned of the growing threat posed by the Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices as both converge to bring increased productivity and communications. Yet, this strive for better connectivity is presenting significant risks which are causing sleepless nights for security professionals. A […] | Threat | ||
|
2021-04-01 10:53:27 | North Korean hackers targeting Google researchers (lien direct) | A North Korean Hacking group, know to previously have targeted security researchers has recently created a fake offensive security firm. The threat actors were first documented in January 2021, per Google’s Threat Analysis Group (TAG). The TAG specialists have said that the North Korean hackers had developed a web of fake profiles on various social […] | Threat | ||
|
2021-03-26 15:04:13 | Hades ransomware targets \'big game\' in the US (lien direct) | An analysis published on Friday reveals that at least three major companies have been recent victims of the Hades ransomware. The analysis was published by Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams. Accenture claims that the threat actors are targeting organisations that generate at least $1 billion in annual […] | Ransomware Threat | ||
|
2021-03-17 10:53:39 | Defunct WeLeakInfo site suffered own data breach (lien direct) | A threat actor has leaked data from the now-defunct WeLeakInfo data breach site, including payment and customer information. Last Thursday, the hacker published am archive of payment processing data used by the strip of a hacking forum known as RaidForums. The WeLeakInfo site offered paid subscriptions to users for searchable access to a database, which […] | Data Breach Threat | ||
|
2021-02-24 10:02:24 | Healthcare Organisations increasingly targeted in cyberattacks (lien direct) | Research has shown that in the past year cyberattackers have increasingly targeted healthcare organisations for deploying ransomware and other cyber-attacks. The annual X-Force Threat Intelligence research was released on Wednesday, which tracks the evolution of new threats, malware development and cyberattacks. The most notable trend was how many threat actors targeted their malicious campaigns at […] | Ransomware Malware Threat | ||
|
2021-02-15 13:50:44 | How Healthcare Organizations Can Protect Themselves Against IoT Ransomware (lien direct) | Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority. […] | Ransomware Threat | ||
|
2021-02-12 13:42:28 | Warning: Increase in Web Shell Attacks (lien direct) | Web shells are tools deployed by threat actors on already hacked servers to gain and maintain access. They allow these hackers to remotely execute arbitrary code or commands, move laterally within a network or deliver malicious payloads. Last year the number of monthly web shell attacks nearly doubled, reported Microsoft. Last year an average of […] | Threat | ||
|
2021-02-12 12:56:14 | Confucious APT found targeting Pakistan and Indian officials using Android Spyware (lien direct) | Two new Android survellanceware have been discovered by the Lookout Threat Intelligence Team. Named Hornbill and SubBird, these two campaigns are believed to be connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Lookout's researchers revealed the spyware specifically targeted personnel linked to Pakistan’s military and nuclear authorities and Indian election officials […] | Threat | ||
|
2021-02-02 11:57:59 | (Déjà vu) 1.6 million Washington unemployment claims exposed in data breach (lien direct) | The Office of the Washington State Auditor (SAO) has experienced a data breach which has resulted in the exposure of 1.6 million employment claims, and the sensitive personal information that they contain. The Washington SAO revealed that a threat actor had exploited a vulnerability in Accellion, a secure file transfer service that helps organisations share […] | Data Breach Vulnerability Threat | ||
|
2021-01-26 10:39:56 | North Korean hackers target security researchers (lien direct) | Google has revealed that a number of cyber-security researchers who are focused on vulnerability research have been targetted by a North Korean government hacking group. Google’s Threat Analysis Group (TAG), who is a security team specialised in discovering advanced persistent threat (APT) groups, first noticed the attacks. Google’s TAG published a report outlining the attack, […] | Vulnerability Threat | ||
|
2021-01-21 15:28:30 | How did SolarWind Hackers evade Detection? (lien direct) | A report from the Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC), and Microsoft Cyber Defence Operations Center (CDOC) details how the SolarWinds hackers managed to remain undetected for so long. The report discloses new details including the steps and tools used to deploy the custom Cobalt Strike loaders (Teardrop, Raindrop, etc.) after the […] | Threat | Solardwinds | |
|
2021-01-20 13:31:18 | Airline Passenger Data Stolen by Hackers (lien direct) | For the past few years, a Chinese hacking group has been targeting the airline industry to obtain passenger data. Their goal was to track the movement of person of interest. The threat actor responsible has been given the name Chimera. The groups activities were first reported in 2020, and are thought to be nation state actors. […] | Threat | ||
|
2021-01-20 13:15:00 | Emails exposed to SolarWinds Hackers (lien direct) | SolarWinds attackers managed to gain access to internal emails via a different intrusion vector. This was confirmed by Malwarebytes, who stated that a second threat vector was used to infiltrate private emails with the use of password guessing or spraying and/or exploiting admin or service credentials. The vendor reported suspicious activity on December 15 and […] | Threat | ★★★ | |
|
2021-01-19 12:13:46 | Capitol Riots fuelling Disinformation Campaigns (lien direct) | The FBI released a “joint threat assessment” on Thursday detailing fears that “Russian, Iranian and Chinese influence actors have seized the opportunity to amplify narratives in furtherance of their policy interest amid the presidential transition.” Additionally, a U.S. Intelligence memo claims that a Russian “proxy” took advantage of the event to advance a conspiracy theory, […] | Threat | ★★★ | |
|
2021-01-13 12:07:29 | Mimecast certificate used by Microsoft 365 Exchange Web Services have been compromised (lien direct) | Mimecast have announced that one of their authentication certificates used by Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor“. Mimecast secure emails for customers using email services such as Microsoft 365. Users can apply Mimecast’s security services to their emails by creating a connection to Mimecast's server. The Mimecast certificate […] | Threat | ★★★★★ |
To see everything:
Our RSS (filtrered)
