What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-28 10:23:54 | 25 million records leaked by Maths app Mathway (lien direct) | More than 25 million user records, belonging to popular math app Mathway, are being sold on the dark web. According to ZDNet, the hack is the latest in a long line of security breaches carried out by a hacker going by the name of ShinyHunters, the threat actor also responsible for intrusions at Tokopedia, Wishbone, […] | Hack Threat | ||
|
2020-05-26 10:42:00 | Stealthy Malware Steals Your Discord Password And Attacks Your Friends (lien direct) | In just five short years, Discord's popularity with gamers has soared. Today, Discord has 250 million registered users and around 15 million of them active on any given day… which is why it's become a popular target for cybercriminals. One persistent threat that has plagued Discord for some time is AnarchyGrabber. It's a particularly stealthy […] | Malware Threat | ||
|
2020-05-21 13:53:12 | Securonix Insider Threat Report: (lien direct) | A brand-new Insider Threat Report authored by Shareth Ben, director of insider threat and cyber threat analytics at Securonix has found that employees deemed “flight risks” are linked to around 60% of the insider threat incidents detected. Ben explained in the report that flight risks are those employees about to terminate employment with the company […] | Threat | ||
|
2020-05-18 10:11:16 | (Déjà vu) ProLock ransomware decryptor branded ineffective by FBI (lien direct) | Multiple actors in the ransomware business saw the new coronavirus pandemic as the perfect opportunity to focus on an already overburdened healthcare sector. ProLock is yet another threat to the list. The FBI issued a flash alert at the beginning of the month to alert organizations of the new threat actor, saying that its targets […] | Ransomware Threat | ||
|
2020-05-15 09:24:46 | Facebook give $20k reward for vulnerability discovery (lien direct) | The cross-site scripting vulnerability could have allowed trivial account takeover. Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting (XSS) vulnerability in the Facebook Login SDK, which is used by developers to add a “Continue with Facebook” button to a page as an authentication method. Exploitation could allow threat actors to hijack […] | Vulnerability Threat | ||
|
2020-05-04 09:54:08 | (Déjà vu) 91 million Tokopedia accounts hacked and sold (lien direct) | A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. Tokopedia is Indonesia’s largest online store, with 4,700 employees and over 90 million active users. This weekend, data […] | Threat | ||
|
2020-05-01 10:09:55 | Shade release 750K encryption keys (lien direct) | The team behind the ransomware, first spotted in late 2014 and typically targeting Russian victims, apologized to victims in a post on GitHub. The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User “shade-team” posted four files on […] | Ransomware Threat | ||
|
2020-04-29 09:49:08 | Android Spyware Spread by Google Play (lien direct) | The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia - and could be the work of the OceanLotus APT. A sophisticated, ongoing espionage campaign aimed at Android users in Asia is likely the work of the OceanLotus advanced persistent threat (APT) actor, researchers said this week. Dubbed PhantomLance by Kaspersky, the campaign […] | Threat | APT 32 | |
|
2020-04-24 09:25:29 | China officials targeted by Vietnamese hackers during outbreak (lien direct) | Vietnamese hackers began targeting Chinese government officials at the heart of the coronavirus outbreak in the early days of 2020, when the threat of pandemic had barely registered elsewhere in the world, according to findings by cybersecurity firm FireEye Inc. The attacks were going on as early as January 6 and continued through April, said […] | Threat | ||
|
2020-04-22 09:54:10 | IBM Data Risk Manager exploit released (lien direct) | Four serious security vulnerabilities in the IBM Data Risk Manager (IDRM) have been discovered that can lead to unauthenticated remote code execution (RCE) as root, according to analysis – and a proof-of-concept exploit is available for version 2.0.3. However, IBM has not yet patched the problem. IDRM is a software platform that aggregates threat […] | Threat Guideline | ||
|
2020-04-20 10:50:19 | Warnings of cybersecurity threats and election interference in Singapore (lien direct) | With general elections expected to be held within a year, Singapore’s political parties have been issued advisories about the threat of foreign interference and cybersecurity threats. They are urged to seek out precautionary measures to safeguard their ICT infrastructure, data, as well as online accounts. The city-state’s Ministry of Home Affairs, Cyber Security Agency, and […] | Threat | ||
|
2020-04-17 11:35:36 | Hackers linked to Syrian government target civilians with spyware via mobile apps (lien direct) | Researchers have unearthed a COVID-19 related spyware campaign that is specifically targeting Syrians and “likely other Arabic speaking” individuals in the Middle East region. Threat researchers at mobile security specialists, Lookout, discovered that over the past month, hackers, who are supposedly linked with the Syrian regime of President Bashar Al-Assad, have used at last 71 […] | Threat | ||
|
2020-04-17 09:57:22 | Report alleges Zoom Zero-Days for sale (lien direct) | Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people's private video conferences and further exploit a target's system. Flaws target Zoom clients for the Windows and the MacOS operating system, according to a published report by Vice Motherboard. According to the […] | Threat | ||
|
2020-04-15 16:09:42 | AT&T Researchers Discover Slack Webhooks Vulnerability (lien direct) | Researchers at AT&T Alien Labs, the threat intelligence arm of AT&T Cybersecurity, have discovered a vulnerability in popular work collaboration platform Slack. Slack is a popular cloud-based messaging platform that is commonly used in workplace communication, with Slack Incoming Webhooks allowing users to post messages from applications to Slack. By specifying a unique URL, the […] | Vulnerability Threat | ||
|
2020-04-09 09:56:13 | 3D printed \'fake fingerprints\' bypass scanners (lien direct) | New research has found that it's possible to use 3D printing technology to create “fake fingerprints” that can bypass most fingerprint scanners used by popular devices. But, creating the attack remains costly and time-consuming. Researchers with Cisco Talos created different threat models that use 3D printing technology, and then tested them on mobile devices (including […] | Threat | ||
|
2020-04-01 13:57:01 | Securing Your Remote Workforce (lien direct) | As mentioned in previous articles, Securonix, has devoted an entire taskforce to outlining key threats that are appearing under the guise of COVID-19 themed domain names or emails. The threat research team has been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors such as: Ransomware using weaponized COVID-19/coronavirus-related documents disrupting critical healthcare and […] | Ransomware Threat | ||
|
2020-03-26 10:44:25 | Cisco, Citrix Flaws Exploited by Chinese Hackers (lien direct) | Researchers say that APT41's exploits are part of one of the broadest espionage campaigns they've seen from a Chinese-linked actor “in recent years.” Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” […] | Threat Guideline | APT 41 | |
|
2020-03-26 10:42:23 | 400 Professionals Volunteer to Fight Coronavirus Hacking (lien direct) | An international group of nearly 400 volunteers with expertise in cybersecurity formed on Wednesday to fight hacking related to the novel coronavirus. Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp. and Amazon.com Inc. […] | Threat | ||
|
2020-03-25 14:57:02 | Executives Believe Employees are the Greatest Threat to Critical Infrastructure Security According to Nozomi Networks (lien direct) | Over 400 C-level executives from critical infrastructure organisations across North America, Europe and Asia/Pacific were surveyed in a report sponsored in part by Nozomi Networks titled “Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure”. The report found that most (88%) critical infrastructure organisations have, or are currently, integrating their IT, OT, IoT […] | Threat | ||
|
2020-03-25 11:14:47 | Middle East firms face cyber espionage attempts from Russian hackers (lien direct) | As per Trend Micro's research, since May 2019, a Russian state-sponsored notorious cyber espionage threat group called Pawn Storm (also known as Fancy Bear or APT28) has been scanning servers for reusing previously compromised emails. The compromised email addresses are used to carry out phishing campaigns, targeted mainly at defense firms from the Middle […] | Threat | APT 28 | |
|
2020-03-20 11:03:42 | (Déjà vu) Phishing attempts impersonate WHO to deliver HawkEye Malware (lien direct) | An ongoing phishing campaign delivering emails posing as official messages from the Director-General of the World Health Organization (WHO) is actively spreading HawkEye malware payloads onto the devices of unsuspecting victims. This spam campaign started today according to researchers at IBM X-Force Threat Intelligence who spotted it and it has already delivered several waves […] | Spam Malware Threat | ||
|
2020-03-18 10:48:32 | (Déjà vu) Crimson RAT spread via Coronavirus Phishing (lien direct) | A state-sponsored threat actor is attempting to deploy the Crimson Remote Administration Tool (RAT) onto the systems of targets via a spear-phishing campaign using Coronavirus-themed document baits disguised as health advisories. This nation-backed cyber-espionage is suspected to be Pakistan-based and it is currently tracked under multiple names including APT36, Transparent Tribe, ProjectM, Mythic Leopard, and […] | Tool Threat | APT 36 | ★★ |
|
2020-03-13 10:26:43 | DoppelPaymer Ransomware Ups Threat Level (lien direct) | While ransomware is a serious problem, it is also one that can be handled with proper preparation. An organization that fully backs up its systems at regular intervals can usually avoid a payment simply by restoring files. Cyber crime is a world of constant adaptation and escalation, however, and there has been a dangerous mutation. […] | Ransomware Threat | ||
|
2020-03-11 14:50:16 | Preparing for Large-Scale Remote Working in the Wake of COVID-19 (lien direct) | By Elad Shapira, Head of Research at Panorays In the wake of coronavirus, companies are shifting their workforce to remote locations to keep businesses underway. This is an attempt to keep workers healthy and semi-quarantined to protect against the spread of a world pandemic that is not only a threat to health, but also to […] | Threat | ||
|
2020-03-09 10:36:12 | 5.5 million 2019 malware attacks in GCC (lien direct) | Trend Micro Incorporated, a global cybersecurity solutions firm, today released its 2019 security roundup report. Ransomware continued to be a mainstay cyber threat last year. Overall, Trend Micro discovered a 10% increase in ransomware detections, despite a 57% decrease in the number of new ransomware families. The healthcare sector remained the most targeted industry, […] | Ransomware Malware Threat | ||
|
2020-03-05 10:13:14 | Mobile malware attacks increasing (lien direct) | Mobile malware attacks are becoming more common as cyber criminals increasingly turn their attention towards smartphones – and they’re ensuring that malicious activity is harder to uncover. According to figures in the newly released McAfee Mobile Threat Report, the total number of detections for different types of mobile malware reached over 35 million during […] | Malware Threat | ||
|
2020-03-04 10:09:42 | New Cobalt Ulster Malware (lien direct) | A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. The emails were targeting organizations in […] | Malware Threat | ||
|
2020-03-02 12:41:04 | Anomali Threat Intelligence Platform (lien direct) | Supplier: Anomali Website: www.anomali.com Price: Based on size of organisation Scores: Performance 5/5 Features 5/5 Value for Money 4.5/5 Ease of Use 4/5 Overall 5/5 Verdict: Anomali weaponizes your cyber security teams by providing all the intelligence they need to detect, assess and mitigate threats. Enterprises that rely on reactive responses to cyber threats are […] | Threat | ||
|
2020-02-28 10:23:14 | (Déjà vu) Remote Access Trojan used by Norton Lifelock Scam (lien direct) | Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes. The malicious activity has the hallmarks of a seasoned threat actor familiar with evasion techniques and offensive security […] | Tool Threat | ||
|
2020-02-27 10:26:31 | (Déjà vu) Bretagne Télécom hacked using Citrix ADC Flaw (lien direct) | Cloud services provider Bretagne Télécom was hacked by the threat actors behind the DoppelPaymer Ransomware using an exploit that targeted servers unpatched against the CVE-2019-19781 vulnerability. Bretagne Télécom is a privately held French cloud hosting and enterprise telecommunications company that provides telephony, Internet and networking, hosting, and cloud computing services to roughly 3,000 customers, operating […] | Ransomware Threat | ★★★★★ | |
|
2020-02-26 10:19:08 | (Déjà vu) WordPress Vulnerabilities Attacked (lien direct) | Cybercriminals are taking advantage of the recent security flaws reported recently in popular WordPress plugins and are targeting websites that still run vulnerable versions. At least two threat actors are actively attacking unpatched variants of ThemeGrill Demo Importer, Profile Builder, and Duplicator plugins which are installed on.What the three WordPress components have in common are […] | Threat | ||
|
2020-02-19 11:32:59 | (Déjà vu) Gambling Companies Hit by DRBControl (lien direct) | An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named “DRBControl” by security researchers, the group uses malware not publicly reported before. The mission appears to be cyberespionage, stealing databases and source code from the targets being part […] | Malware Threat | ||
|
2020-02-18 10:34:08 | \'Adwind RAT\' malware campaign hits Turkish businesses (lien direct) | At least 80 companies based in Turkey have been dealing with an ongoing threat that is constantly evolving to become more persistent and dangerous. This massive phishing campaign was given the name “The Turkish Rat” by Sophos and Talos researchers, who have been following it for a while. Researchers from Check Point now report that […] | Malware Threat | ||
|
2020-02-10 10:19:35 | 250 Android Apps with Anubis Malware Targeted by phishing campaign (lien direct) | New attacks discovered by Cofense can perform keylogging, steal data and completely hijack a mobile device. A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom. Source: Threat Post | Malware Threat | ||
|
2020-01-29 10:10:43 | Ransomware attacks Canadian Military Contractor (lien direct) | Ransomware attackers claimed to stolen 60GB of data from Canadian defence contractor after ransomware attack in December 2018. The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction. The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers […] | Ransomware Threat | ||
|
2020-01-28 10:00:15 | (Déjà vu) Iranian Hackers\' Defacement Techniques exposed by FBI (lien direct) | The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers’ TTPs to help administrators and users to protect their websites. Source: Bleeping Computer | Threat | ||
|
2020-01-21 10:21:05 | (Déjà vu) Hanna Andersson, US Retailer Hacked to Steal Credit Cards (lien direct) | US children’s apparel maker and online retailer Hanna Andersson disclosed that its online purchasing platform was hacked and malicious code was deployed to steal customers’ payment info for almost two months. In this type of attack dubbed Magecart, threat actors are hacking into vulnerable e-commerce platforms used by online stores and inject malicious JavaScript-based scripts into checkout pages. Source: Bleeping Computer | Threat | ||
|
2020-01-20 17:30:22 | Is SMS Two-Factor Authentication Secure? (lien direct) | With 2FA and MFA being adopted across the board, cybercriminals have devised a way to circumvent this security measure with a simple technique. By leveraging the easy security questions that mobile providers ask users when they wish to swap operator but maintain their phone number, threat actors are able to impersonate unsuspecting victims by effectively […] | Threat | ||
|
2020-01-09 10:05:31 | Ransomware manages to find its way into enterprise networks (lien direct) | Add yet another malicious encryption program to the expanding ranks of ransomware programs that target large enterprise networks in hopes of scoring big financial payoffs. The latest such threat is called Snake, a ransomware program written in the Go programming language, with an unusually high level of obfuscation. It was discovered by researchers at MalwareHunterTeam; analyzed […] | Ransomware Threat | ||
|
2020-01-09 10:03:58 | Google Play has exploited Android bug which delivers spyware (lien direct) | Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app aimed at spying on users. The existence of CVE-2019-2215 was discovered in late 2019 when it was spotted being exploited in the wild. Researchers with Google's Threat Analysis Group and […] | Threat | ||
|
2020-01-07 09:59:40 | (Déjà vu) Austria Unprepared After Cyberattack on Foreign Ministry Says MP (lien direct) | The Austrian State Department’s IT systems were under a ‘serious attack’ suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). “A coordination committee has been set up on the basis of the Network and Information System Security Act, […] | Threat | ||
|
2020-01-07 09:57:04 | ToTok has Returned to Google Play Despite Claims being a \'Spy Tool\' (lien direct) | The communications app faces continued backlash after a New York Times report said it was used as a government spying tool. Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due to claims that it was being used for government espionage. Source: Threat Post | Threat | ||
|
2020-01-06 09:58:36 | Iran retaliation may include cyberattacks warns DHS (lien direct) | Although it stressed there is no evidence of a specific credible threat to the U.S. after the killing Iranian General Qasem Soleimani, the Department of Homeland Security Saturday issued a National Terrorism Advisory System Bulletin warning of retaliation, including cyberattacks. Source: SC Magazine | Threat | ||
|
2020-01-03 10:40:14 | Microsoft helps shutter domains run by North Korean cybergang Thallium (lien direct) | A U.S. district court issued an order enabling Microsoft to take over 50 domains used by a North Korea-based cybercrime gang to conduct spear phishing campaigns. Microsoft's Digital Crimes Unit and the Microsoft Threat Intelligence Center took down the domains controlled by a group it named Thallium after researching the malicious actors activity and filing […] | Threat Cloud | APT 37 | |
|
2019-12-18 10:19:03 | (Déjà vu) Cyber-Espionage Campaign Targets 100s of Companies (lien direct) | Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. The attacker uses spear-phishing emails with malicious attachments often disguised as PDF files. Separ is the malware of choice, which steals login data […] | Malware Threat | ||
|
2019-12-16 11:10:32 | New Orleans Cyberattack occurred due to Ryuk Ransomware (lien direct) | Based on files uploaded to the VirusTotal scanning service, the ransomware attack on the City of New Orleans was likely done by the Ryuk Ransomware threat actors.On December 14th, 2019, one day after the City of New Orleans ransomware attack, what appear to be memory dumps of suspicious executables were uploaded from an IP address from the […] | Ransomware Threat | ||
|
2019-12-16 10:07:51 | Labor crunch highlights the cybersecurity gaps in threat intelligence practices (lien direct) | In Greek mythology, Sisyphus, the King of Corinth, was punished by Hades by being forced to roll a huge stone up a hill, only to have it roll down again as soon as he reached the summit, and then have the process repeat ad infinitum. The Paradox of Sisyphus exemplifies the modern state of cybersecurity. Source: […] | Threat | ||
|
2019-12-06 09:45:45 | CyrusOne attacked by evil ransomware (lien direct) | Data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware. Details are scarce, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note indicated all the files were locked and that the threat actors would allow one file to be decrypted for free […] | Ransomware Threat | ||
|
2019-12-05 10:58:16 | Security concerns going into 2020 (lien direct) | 2019 has been the year of the data breach with over 10 billion records estimated to have been leaked. The news headlines have been flooded with unfortunate attacks with enterprises on both sides of the Atlantic suffering. Whether it's ransomware, phishing or endpoint attacks, there's always something on the horizon waiting for its turn in the spotlight. Yet, with 2020 now on our doorstep, cyber security professionals are concerned with what new threat vectors may lie around the corner as we enter the next decade, especially with new legislation becoming enforced. | Data Breach Threat | ||
|
2019-11-26 09:48:50 | Customer Data Exposed by PoS Malware of at Catch Restaurants (lien direct) | A newly announced data breach of several popular Catch restaurants stemmed from malware on its point-of-sale (PoS) systems. Popular NYC restaurants Catch NYC, Catch Roof and Catch Steak discovered and removed malware on their point-of-sale (PoS) systems - but not before it exposed credit-card information from unknowing diners. Source: Threat Post | Data Breach Malware Threat |
To see everything:
Our RSS (filtrered)
