What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-06 19:32:55 | Marriot Data Breach – Expert Weighs In (lien direct) | It has been reported that Marriott International Inc. has suffered yet another data breach, the second time the hotel chain has had data stolen this year. Initially reported by DataBreaches.net, an unnamed hacking group claimed to have stolen roughly 20 gigabytes of data. The data, including credit card information and personally identifiable information on guests and workers, […] | Data Breach | ||
|
2022-07-05 13:12:37 | UK Councils And Hospitals At Risk Of Cyber Hackers (lien direct) | It has been reported that an ITV News investigation into cyber security at UK public services has revealed an enormous disparity in defence budgets, hundreds of potential website vulnerabilities and the email addresses and passwords of staff at one council posted in full online. | |||
|
2022-07-05 13:08:58 | China\'s Largest Data Leak – Comments From Camellia Chan, CEO, and Founder Of X-PHY (lien direct) | Bloomberg reported that unknown cyber criminals claim to have stolen data on up to a billion Chinese residents after breaching a Shanghai police database. It is said to be the largest cybersecurity breach in the country's history. | ★★★ | ||
|
2022-07-05 13:04:04 | British Army Cyber Attack Reminds Businesses That Social Media Accounts Are Prime Targets (lien direct) | Following the news of a cyber attack on the British Army, please find comments below by cybersecurity experts explain how organisations can learn from high-profile attacks and protect against hackers. | |||
|
2022-07-03 18:35:32 | (Déjà vu) ZuoRAT Malware Targets SOHO Routers In North America, Europe – Expert Comment (lien direct) | Researchers at Lumen's Black Lotus Labs are reporting on a newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT. The RAT has been used to target remote workers via small office/home office (SOHO) routers that are rarely patched and so easy points of entry. Researchers first noticed the attacks in April of 2020, coinciding with […] | Malware | ||
|
2022-07-03 18:29:33 | Geographic Solutions Ransomware, Experts Weigh In (lien direct) | Geographic solutions ransomware attack impacts unemployment programs nationwide, security experts commented below. | Ransomware | ||
|
2022-07-03 18:10:32 | Your Comments On Macmillan Ransomware Attack (lien direct) | In light of the news that Macmillan, one of the largest book publishers in the US have been hit by a ransomware attack, security experts commented below. | Ransomware | ||
|
2022-07-03 18:01:00 | 45% Of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods, Are You? (lien direct) | Following the news that: 45% of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods Customers Are Comfy Not Using Passwords | PYMNTS.com | |||
|
2022-07-01 14:17:57 | (Déjà vu) UnRAR Vulnerability Lets Attackers Hack Zimbra Webmail Servers (lien direct) | It has been reported that a new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that […] | Hack Vulnerability | ||
|
2022-07-01 14:12:04 | NFT Giant OpenSea Reports Major Email Data Breach (lien direct) | OpenSea, the largest NFT marketplace with more than $20 Billion in trading volume, disclosed a data breach Wednesday, warning users of phishing attacks that could target them due to a recent breach of most all of their customer email data. The online NFT marketplace says it has more than 600,000 users and possibly all of […] | Data Breach | ||
|
2022-07-01 13:57:59 | Kaseya Ransomware – Cyber Leader\'s Thoughts & Learnings One Year Later (lien direct) | The one-year anniversary of the Kaseya ransomware attack is just around the corner on July 2nd. As we look back, cybersecurity leaders are able to analyze the events leading up to and during the attack in order to help prevent a future breach. | Ransomware Guideline | ||
|
2022-07-01 13:44:15 | External Exposures caused 82% Of All Q1 Cyber Attacks – Expert Comments (lien direct) | According to a new report from Tetra Defense, the Root Point of Compromise (RPOC) for attacks against U.S. companies was external exposure. Patchable and preventable external vulnerabilities were found to be responsible for the bulk of all attacks. 82% of incidents responded to by Tetra Defense were caused by the external exposure of a known […] | |||
|
2022-06-29 16:36:06 | How Dangerous Is BlackBasta Ransomware? (lien direct) | It's being reported that the emerging Black Basta ransomware gang has managed to hit close to 50 organisations in Anglophone countries since it started operations a few months ago, and appears to aspire to levels of infamy accorded to the likes of Conti or REvil. | |||
|
2022-06-29 16:31:59 | Russian Hacker Group Says Cyber Attacks Continue On Lithuania (lien direct) | As you may know, Russian hacker group Killnet told Reuters that it was continuing a major cyber attack on Lithuania on Tuesday in retaliation for Vilnius’s decision to cease the transit of some goods under European Union sanctions to Russia’s Kaliningrad exclave. via: https://www.reuters.com/world/europe/russian-hacker-group-says-cyber-attacks-continue-lithuania-2022-06-28/ | |||
|
2022-06-29 16:24:35 | Minors Use Discord Servers To Earn Extra Pocket Money Through Spreading Malware (lien direct) | Avast, a global leader in digital security and privacy, has discovered an online community of minors constructing, exchanging and spreading malware, including ransomware and a mix of information stealers and cryptominers. The group lures young users by advertising access to different malware builders and tool kits that allow laypeople to construct malware easily. In some cases, people […] | Ransomware Malware Tool Guideline | ||
|
2022-06-29 16:10:18 | Kubernetes API: Over 900,000 Exposures Found Across The Internet (lien direct) | Cyble Research Labs observed over 900,000 Kubernetes exposures across the internet. … it emphasizes the existence of seemingly simple misconfiguration practices that might make companies lucrative targets for TAs in the future. Kubernetes, often known as K8s, is an open-source system for automating containerized application deployment, scaling, and administration. K8s incorporates virtual and real machines […] | Uber | ||
|
2022-06-29 16:08:04 | 82% Cyber Breaches In Verizon\'s Report Preventable, Says MyCena (lien direct) | Verizon recently released its 2022 Data Breach Investigations Report, giving businesses vital insights into the state of cybersecurity around the world. It contains an analysis of over 23,000 incidents and 5,200 confirmed breaches, analysed over the past. Overall, Verizon attributes the number-one motive of cyberattacks to financial gain, saying almost four out of five breaches […] | Data Breach | ||
|
2022-06-29 16:03:30 | Expert Insight On RansomHouse Attacking AMD (lien direct) | AMD said it is investigating a potential data breach after RansomHouse, a relatively new data cybercrime operation, claims to have extorted data from the US chipmaker. In addition to the fact that RansomHouse are focussing on large enterprises with weak security, Dr Darren Williams at ADX and ransomware prevention specialists, Blackfog notes that if an […] | Ransomware Data Breach | ||
|
2022-06-29 15:59:21 | Criminals Are Using Deepfakes To Apply To Remote Jobs, Expert Response (lien direct) | Following the FBI's warning around criminals using deepfakes to apply to remote jobs, Information security experts reacted below highlighting the danger of deepfakes. | |||
|
2022-06-28 15:21:33 | Experts Views On Ransomware-as-a-service (RaaS) Like “Black Basta” (lien direct) | Following the FBI's warning around criminals using deepfakes to apply to remote jobs, Information security experts reacted below highlighting the danger of deepfakes. | |||
|
2022-06-28 15:17:04 | Expert insights – USB Stick Containing An Entire City\'s Personal Details Has Been Lost (lien direct) | As reported in news, USB stick containing an entire city's personal details has been lost by a Japanese man, Industry leaders reacyed below. | Guideline | ||
|
2022-06-28 14:21:48 | Phone Hackers: 9 Ways To Tell If You Have Fallen Victim (lien direct) | Global search trend data highlights 20,000 Google enquiries [per month/per year] for 'how to know if your phone is hacked', and so experts at Bespokesoftwaredevelopment.com chose to provide a thorough check list of nine tell-tale signs your phone is being targeted by a sneaky partner or ex! Battery life weakens A decreased battery lifespan is […] | |||
|
2022-06-28 13:59:34 | How Can We Protect Against NotPetya Like Malware? (lien direct) | Today is the five-year anniversary of NotPetya. We asked the following question to InfoSec experts and below are the responses: What do you think of five year anniversary of NotPetya? | NotPetya | ||
|
2022-06-28 11:50:46 | Russian Hackers Claim Responsibility For Cyberattack On Lithuania, Expert Reaction (lien direct) | Following the news that: Russian hackers claim responsibility for cyberattack on Lithuania Russian hackers claim responsibility for cyberattack on Lithuania | Cybersecurity News | Al Jazeera IT security expert commented below. | |||
|
2022-06-28 11:44:05 | Wiltshire Farm Foods Cyberattack (lien direct) | The recent cyberattack on Wiltshire Farm Foods highlights the damaging impact of cyber threats on business continuity. The company is “unable to make many deliveries in the next few days” and is “unable to contact customers personally.” | Threat | ★★★★★ | |
|
2022-06-23 15:04:32 | Response To News On Cyber Pathways Initiative (lien direct) | Please find below some comment from Jamal Elmellas, Chief Operating Officer (COO), of Focus-on-Security, the cybersecurity recruitment agency in response to the UK government's press release on the 'Embedding Standards and Pathways Across the Cyber Profession by 2025' consultation it ran with the UK Cyber Security Council. | |||
|
2022-06-23 14:52:06 | Lack Of Web Scraping Regulations Hurts Progress (lien direct) | Web scraping is something enigmatic in the public's eye. It's not entirely surprising – every innovative solution takes some time before it's understood and accepted. Generally, widespread acceptance closely follows industry-related legislation or regulation. However, web scraping is immensely useful for the public good. Anything that slows down its adoption among the wider public is […] | |||
|
2022-06-23 14:44:19 | Your Android Phone Can Now Keep All Your Passwords On Your Home Screen (lien direct) | It has been reported that Android smartphone and tablet users are set to get a neat new way to ensure they never lose track of all their important passwords. As spotted by 9to5Google, Android users will now be able to add a shortcut for the Google Password Manager tool directly onto their device’s home screen. | |||
|
2022-06-23 14:22:47 | Yodel Cyber Incident – Experts Discussion (lien direct) | Following the news of Yodel's cyber incident, please find comment below from Industry leaders. | Guideline | ||
|
2022-06-23 14:13:29 | Why 84% Of US Firms Hit With Identity-Related Breaches In 2021 (lien direct) | In a recent poll* of 500 US identity and security professionals the non-profit Identity Defined Security Alliance (IDSA) found that 84% had an identity-related breach in the past year, with 78% experienced a direct business impact as a result of the breach. Key Points: Identity growth continues, making identity a top security priority 98% Said the number […] | |||
|
2022-06-22 13:39:06 | Icefall Vulnerabilities, Insight Discussion. (lien direct) | A security report produced by Forescout’s Vedere Labs that has revealed a set of 56 vulnerabilities that are collectively called Icefall and impact operational technology equipment used in various critical infrastructure environments. What do you think, please join the discussion with experts. | |||
|
2022-06-22 13:12:43 | Study Shows C-Suite Exec Personal Devices Almost Totally Exposed (lien direct) | Black Cloak released their study today, Examining the Modern Attack Surface: Quantifying the Risks to Individuals and the Enterprise. The study reveals just how shockingly vulnerable C-suite execs are. Some examples: 87% of executives' personal devices have NO security installed another 87% have passwords leaked on the dark web. 27% of executives' personal devices contain […] | |||
|
2022-06-22 13:03:33 | Delivery Firm Yodel Suffers A Cyber Attack – Expert Commentary (lien direct) | News is breaking that delivery firm Yodel, is suffering from a cyber-attack disrupting their services. The full nature of the attack is still unclear, although prominent cyber security expert Kevin Beaumont has suggested the attack was caused by ransomware. | |||
|
2022-06-22 12:56:20 | Proofpoint Report Reveals Threat Actors\' Top Social Engineering Tactics And Campaigns (lien direct) | Cybersecurity researchers at Proofpoint have today released their 2022 Social Engineering report, which analyses the key trends and techniques of socially engineered cyber threats observed over the past year. The report reveals how popular and trusted services such as Google Drive and Discord are frequently abused by threat actors to convince victims; how Proofpoint sees […] | Threat | ||
|
2022-06-22 12:46:19 | Strava App Flaw Reveals Israeli Secret Bases (lien direct) | A flaw in the popular fitness app Strava has recently allowed threat actors to uncover the location and movements of Israeli officials at secret bases. The full story can be read here: https://www.bbc.co.uk/news/world-middle-east-61879383 FakeReporter, an Israeli group that combats malicious online activity, reported that a suspicious user named “Ez Shehl” had exploited these functions to […] | Threat | ||
|
2022-06-21 16:29:48 | AI Governance Gap Will Strike Individuals And Organizations Alike (lien direct) | From Microsoft's infamous AI-powered tweet bot, Tay, which within 24 hours of its release started to spew racist responses, to Amazon's deeply biased machine-learning recruitment tool, examples of artificial intelligence going 'rogue' are easy to find. Concerns over opaque black-box algorithms to questions regarding the ethical use of personal data and responsibilities related to security […] | |||
|
2022-06-21 16:09:59 | Just Say Yes – Why CISOs Must Now Embrace SD-WAN (lien direct) | Digital Transformation has become a business imperative, yet rather than pulling together to enable essential change, the friction between network and security teams is increasing. The business needs to move away from data centres and traditional Wide Area Networks (WAN) to exploit the cost, flexibility and agility provided by the cloud and Software Defined WANs […] | |||
|
2022-06-21 15:16:06 | Expert Commentary: Flagstar Bank Data Breach (lien direct) | Flagstar Bank, a Michigan-based financial services provider and one of the largest banks in the United States, has disclosed a data breach impacting 1.5 million customers. | Data Breach | ||
|
2022-06-21 12:25:06 | Phishing Content Delivered Through Azure By Microsoft (lien direct) | Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonate various services appearing to be legitimately created on the “azurefd.net” domain – This allows the bad actors to trick users and spread phishing content to […] | |||
|
2022-06-20 22:23:04 | How To Minimise Your OT Blind Spots (lien direct) | In large industrial companies, IT administrators are dealing with the OT world more than ever before. From looking after the industrial Ethernet to ensuring the OT supporting infrastructure is healthy, the role of the IT administrator in these organisations has expanded significantly. The driving force behind this growing role is convergence. IT and OT areas […] | |||
|
2022-06-20 22:05:15 | Why 93% Of Kubernetes Users Struggle With Security (lien direct) | Following the news that: 93% of Kubernetes users struggle with security 2022 state of Kubernetes security report (redhat.com) | Uber | ||
|
2022-06-20 21:57:41 | Russian Botnet Disrupted In International Cyber Operation – Expert Comments (lien direct) | Derived from News Release Summary: The U.S. DOJ, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, have dismantled the infrastructure of a Russian botnet known as RSOCKS which hacked millions of computers and other electronic devices around the world. the RSOCKS botnet, operated by Russian cybercriminals, comprised millions of hacked […] | |||
|
2022-06-20 21:51:22 | Why Fraud On Linkedin A \'Significant Threat\' To Platform And Consumer (lien direct) | CNBC – SAN FRANCISCO - Fraudsters who exploit LinkedIn to lure users into cryptocurrency investment schemes pose a “significant threat” to the platform and consumers, according to Sean Ragan, the FBI's special agent in charge of the San Francisco and Sacramento, California, field offices. “It's a significant threat,” Ragan said in an exclusive interview. “This […] | |||
|
2022-06-20 21:36:32 | Millions Seized In Global INTERPOL Scammer Investigation (lien direct) | As reported by Security Brief, a two-month-long investigation by INTERPOL between March and May this year involved 76 countries and clamped down on organised crime groups behind telecommunications and social engineering scams. INTERPOL says police in participating countries raided national call centres suspected of telecommunications or scamming fraud, particularly telephone deception, romance scams, email deception, […] | |||
|
2022-06-20 21:26:41 | Google Stops Allowing Username And Passwords On Third-party Email Apps (lien direct) | As reported by Neowin, couple of weeks ago, people started noticing that apps such as Outlook, Thunderbird, and other email clients started prompting them for their Google passwords. When they would re-enter their Google password, it would get rejected saying it was incorrect. Google started locking down its email service and how it connects to […] | |||
|
2022-06-17 16:09:30 | 24 Billion Usernames And Passwords Found On The Dark Web (lien direct) | Researchers at Digital Shadows report having collected over 24 billion usernames and passwords from the dark web – an increase of 65% in just two years. Even after removing duplicates, they still found 6.7 billion unique credentials, an increase of 34% in just two years. Excerpts: We collated more than 24 billion compromised credentials. approximately […] | ★★ | ||
|
2022-06-17 16:02:35 | Panchan Peer-to-Peer Botnet (lien direct) | Akamai security researchers have released discovery on Panchan, a new peer-to-peer botnet and SSH worm that emerged in March and has been actively breaching Linux servers since. Panchan, written in Golang, utilizes its built-in concurrency features to maximize spreadability and execute malware modules. The malware also harvests SSH keys to perform lateral movement. To view […] | Malware | ||
|
2022-06-17 15:17:50 | DOE\'s Latest Cyber Strategies Report – Expert Commentary? (lien direct) | Following the Department of Energy's report released yesterday on National Cyber-Informed Engineering Strategies, experts commented below. | |||
|
2022-06-17 15:12:23 | How The Pension Errors Will Increase Risks Of Scams On Most Vulnerable People? (lien direct) | Following the news that the Department for Work and Pensions has been knowingly sending people the wrong pension amounts due to an IT system error for the last twenty years, industry leaders reacted below how this has increased the risk to pensioners from opportunistic scammers. | Guideline | ||
|
2022-06-17 15:06:57 | (Déjà vu) Dangerous Microsoft Office 365 Functionality That Can Store Ransom Files On SharePoint And OneDrive (lien direct) | Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker. The research focused on two of the most popular enterprise cloud apps – […] | Ransomware |
To see everything:
Our RSS (filtrered)
