What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-05 14:21:08 | Anonymous targets the Russian Military and State Television and Radio propaganda (lien direct) | Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details of the Russian military stationed in Bucha where the Russian military carried out a massacre of civilians that are accused of having raped and shot local women and children. Leaked data include names, ranks and […] | |||
|
2022-04-05 11:02:05 | CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog (lien direct) | The U.S. CISA added the recently disclosed remote code execution (RCE) vulnerability Spring4Shell to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-22965 (aka Spring4Shell, CVSS score: 9.8) flaw in the Spring Framework, along with three other issues, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) […] | Vulnerability | ||
|
2022-04-05 04:39:05 | MailChimp breached, intruders conducted phishing attacks against crypto customers (lien direct) | Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The fake data breach notification emails urged Trezort customers to reset the PIN of […] | Data Breach | ||
|
2022-04-04 20:06:31 | VMware released updates to fix the Spring4Shell vulnerability in multiple products (lien direct) | VMware released security updates to address the critical remote code execution vulnerability known as Spring4Shell. VMware has published security updates to address the critical remote code execution vulnerability known as Spring4Shell (CVE-2022-22965). According to the virtualization giant, the flaw impacts many of its cloud computing and virtualization products. The Spring4Shell issue was disclosed last week, […] | Vulnerability | ||
|
2022-04-04 15:20:06 | Experts spotted a new Android malware while investigating by Russia-linked Turla APT (lien direct) | Researchers spotted a new piece of Android malware while investigating activity associated with Russia-linked APT Turla. Researchers at cybersecurity firm Lab52 discovered a new piece of Android malware while investigating into infrastructure associated with Russia-linked APT Turla. The malicious code was discovered while analyzing the Penquin-related infrastructure, the experts noticed malware was contacting IP addresses […] | Malware | ★★★★ | |
|
2022-04-04 13:49:39 | (Déjà vu) Brokenwire attack, how hackers can disrupt charging for electric vehicles (lien direct) | Boffins devised a new attack technique, dubbed Brokenwire, against the Combined Charging System (CCS) that could potentially disrupt charging for electric vehicles. A group of researchers from the University of Oxford and Armasuisse S+T has devised a new attack technique, dubbed Brokenwire, against the popular Combined Charging System (CCS) that could be exploited by remote […] | |||
|
2022-04-04 05:38:05 | Borat RAT, a new RAT that performs ransomware and DDoS attacks (lien direct) | Cyble researchers discovered a new remote access trojan (RAT) named Borat capable of conducting DDoS and ransomware attacks. Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware and DDOS services […] | Ransomware Threat | ||
|
2022-04-04 05:36:44 | Experts discovered 15-Year-Old vulnerabilities in the PEAR PHP repository (lien direct) | SonarSource discovered a 15-year-old flaw in the PEAR PHP repository that could have enabled supply chain attacks. Researchers from SonarSource discovered two 15-year-old security flaws in the PEAR (PHP Extension and Application Repository) repository that could have enabled supply chain attacks. PEAR is a framework and distribution system for reusable PHP components. According to the expert, […] | |||
|
2022-04-03 15:44:11 | China-linked APT Deep Panda employs new Fire Chili Windows rootkit (lien direct) | The China-linked hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to install a new Fire Chili rootkit. Researchers from Fortinet have observed the Chinese APT group Deep Panda exploiting a Log4Shell exploit to compromise VMware Horizon servers and deploy previously undetected Fire Chili rootkit. The experts observed opportunistic attacks against organizations […] | APT 19 | ||
|
2022-04-03 11:33:54 | Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict (lien direct) | This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 – Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church Anonymous claims to have hacked the Russian Orthodox Church 's charitable wing and leaked 15 GB of alleged stolen […] | |||
|
2022-04-03 09:37:34 | Security Affairs newsletter Round 359 by Pierluigi Paganini (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church UK […] | |||
|
2022-04-02 20:01:21 | UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group (lien direct) | The City of London Police charged two of the seven teenagers who were arrested for their alleged role in the LAPSUS$ data extortion gang. The duo has been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday. The City of London Police charged two of the seven teenagers recently arrested […] | |||
|
2022-04-02 15:28:14 | Beastmode Mirai botnet now includes exploits for Totolink routers (lien direct) | Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. Like most DDOS botnets, Beastmode attempt to infect other devices by launching brute-forcing attacks or exploiting multiple vulnerabilities. Between February and March 2022, researchers from the FortiGuard Labs […] | |||
|
2022-04-02 11:56:40 | (Déjà vu) Ukraine intelligence leaks names of 620 alleged Russian FSB agents (lien direct) | The Ukrainian Defense Ministry's Directorate of Intelligence leaked personal data belonging to 620 alleged Russian FSB agents. The Ukrainian Defense Ministry's Directorate of Intelligence has leaked the alleged personal data of 620 Russian FSB officers. Personal details leaked by the Ukrainian body include names, phone numbers, addresses, vehicle license plates, SIM cards, date and location […] | |||
|
2022-04-02 10:00:39 | Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts (lien direct) | GitLab has addressed a critical vulnerability, tracked as CVE-2022-1162 (CVSS score of 9.1), that could allow remote attackers to take over user accounts. The CVE-2022-1162 vulnerability is related to the set of hardcoded static passwords during OmniAuth-based registration in GitLab CE/EE. “A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, […] | Vulnerability Threat | ||
|
2022-04-02 06:37:34 | Trend Micro fixed high severity flaw in Apex Central product management console (lien direct) | Trend Micro has fixed a high severity arbitrary file upload flaw, tracked as CVE-2022-26871, in the Apex Central product management console. Cybersecurity firm Trend Micro has addressed a high severity security flaw, tracked as CVE-2022-26871, in the Apex Central product management console. The CVE-2022-26871 vulnerability is an arbitrary file upload issue, its exploitation could lead […] | Vulnerability Guideline | ||
|
2022-04-01 14:42:28 | Anonymous targets oligarchs\' Russian businesses: Marathon Group hacked (lien direct) | Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group. Anonymous continues to target Russian firms owned by oligarchs, yesterday the collective announced the hack of the Thozis Corp, while today the group claimed the hack of Marathon Group. The Marathon Group is a Russian investment firm […] | Hack | ||
|
2022-04-01 13:23:21 | AcidRain, a wiper that crippled routers and modems in Europe (lien direct) | Researchers spotted a new destructive wiper, tracked as AcidRain, that is likely linked to the recent attack against Viasat. Security researchers at SentinelLabs have spotted a previously undetected destructive wiper, tracked as AcidRain, that hit routers and modems and that was suspected to be linked to the Viasat KA-SAT attack that took place on February […] | |||
|
2022-04-01 09:51:44 | Zyxel fixes a critical bug in its business firewall and VPN devices (lien direct) | Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. The vulnerability can be exploited to take control of the […] | Vulnerability | ||
|
2022-04-01 08:29:34 | CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-1040 flaw in the Sophos firewall, along with seven other issues, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational […] | |||
|
2022-04-01 06:56:46 | Flaws in Wyze cam devices allow their complete takeover (lien direct) | Wyze Cam devices are affected by three security vulnerabilities that can allow attackers to takeover them and access camera feeds. Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. The three flaws reported by the cybersecurity firm […] | Threat | ||
|
2022-03-31 20:05:46 | Apple issues emergency patches to fix actively exploited zero-days (lien direct) | Apple released emergency patches to address two zero-day vulnerabilities actively exploited to compromise iPhones, iPads, and Macs. Apple has released emergency security patches to address two zero-day vulnerabilities actively exploited to hack iPhones, iPads, and Macs. The first zero-day, tracked as CVE-2022-22674, is an out-of-bounds read issue that resides in the Intel Graphics Driver that could […] | Hack | ||
|
2022-03-31 14:00:36 | Google TAG details cyber activity with regard to the invasion of Ukraine (lien direct) | The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. The Google Threat Analysis Group (TAG) provided an update about nation-state attacks related ongoing Russian invasion of Ukraine, the experts spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine The researchers uncovered a phishing campaign conducted by a […] | Malware | ||
|
2022-03-31 11:58:19 | Anonymous hacked Russian Thozis Corp, but denies attacks on Rosaviatsia (lien direct) | The Anonymous collective hacked the Russian investment firm Thozis Corp, but it’s a mystery the attack against the Russian Civil Aviation Authority Rosaviatsia. Anonymous continues to target Russian organizations and private foreign businesses the are still operating in the country. The popular collective claims to have hacked the Russian investment firm Thozis Corp, which is […] | |||
|
2022-03-31 08:59:24 | Mysterious disclosure of a zero-day RCE flaw Spring4Shell in Spring (lien direct) | An unauthenticated zero-day RCE vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed. Researchers disclosed a zero-day vulnerability, dubbed Spring4Shell, in the Spring Core Java framework called ‘Spring4Shell.’ An unauthenticated, remote attacker could trigger the vulnerability to execute arbitrary code on the target system. The framework is currently maintained by Spring.io […] | Vulnerability | ||
|
2022-03-31 07:25:59 | Bad OPSEC allowed researchers to uncover Mars stealer operation (lien direct) | The Morphisec Labs researchers analyzed a new malware, tracked as Mars stealer, which is based on the older Oski Stealer. Morphisec Labs recently discovered the Mars stealer that was spreading masqueraded as malicious software cracks and keygens. The Mars stealer is available for sale on several underground forums, researchers pointed out that it is under constant […] | |||
|
2022-03-30 18:30:23 | A critical RCE vulnerability affects SonicWall Firewall appliances (lien direct) | SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances. SonicWall has released security updates to address a critical vulnerability (CVE-2022-22274) that impacts multiple firewall appliances that could be exploited by an unauthenticated, remote attacker to execute arbitrary code and trigger a denial-of-service (DoS) condition. The CVE-2022-22274 is a […] | Vulnerability | ||
|
2022-03-30 15:02:13 | (Déjà vu) CISA and DoE warns of attacks targeting UPS devices (lien direct) | The US CISA and the Department of Energy issued guidance on mitigating attacks against uninterruptible power supply (UPS) devices. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy published joint guidance on mitigating cyber attacks against uninterruptible power supply (UPS) devices. The US agencies warn of threat actors gaining access to […] | Threat | ||
|
2022-03-30 14:18:14 | Lapsus$ extortion gang claims to have hacked IT Giant Globant (lien direct) | The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked tens of gigabytes of stolen data. The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked roughly 70 Gb of stolen data. The gang claims that the company has implemented poor security practices that allowed them to hack their […] | Hack | ||
|
2022-03-30 06:42:28 | Threat actors actively exploit recently fixed Sophos firewall bug (lien direct) | Cybersecurity firm Sophos warned that the recently addressed CVE-2022-1040 flaw in Sophos Firewall is actively exploited in attacks. Sophos has recently fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. The CVE-2022-1040 flaw received a CVSS score of 9.8 and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and […] | |||
|
2022-03-29 22:03:16 | $625M stolen from Axie Infinity \'s Ronin bridge, the largest ever crypto hack (lien direct) | Threat actors have stolen approximately $625 million worth of Ethereum and USDC tokens from Axie Infinity ‘s Ronin network bridge. Threat actors have stolen almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but the cyber heist was […] | Hack Threat | ||
|
2022-03-29 15:05:10 | Compromised WordPress sites launch DDoS on Ukrainian websites (lien direct) | Threat actors compromised WordPress sites to deploy a script that was used to launch DDoS attacks, when they are visited, on Ukrainian websites. MalwareHunterTeam researchers discovered the malicious script on a compromised WordPress site, when the users were visiting the website the script launched a DDoS attack against ten Ukrainian sites. The JavaScript was designed […] | |||
|
2022-03-29 07:56:15 | CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Chrome and Redis flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chome zero-day (CVE-2022-1096) and a critical Redis vulnerability (CVE-2022-0543), along with other 30 vulnerabilities, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing […] | Vulnerability | ||
|
2022-03-29 07:04:04 | What is credential stuffing? And how to prevent it? (lien direct) | This post explains what is a credential stuffing attack and which are the countermeasures to prevent them. A credential stuffing attempt can be caught as a behavioral anomaly – if you're looking. Earmarked by the FBI as a particular threat to the financial service industry just over a year ago, the increase of internet traffic, […] | Threat | ||
|
2022-03-29 05:17:16 | Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure (lien direct) | Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. According to global internet monitor service NetBlock, real-time network data showed connectivity collapsed to 13% of pre-war levels. […] | |||
|
2022-03-28 21:48:16 | Anonymous is working on a huge data dump that will blow Russia away (lien direct) | The Anonymous collective hacked the Russian construction company Rostproekt and announced that a leak that will Blow Russia Away. Anonymous continues its offensive against Russia, the collective announced the hack of the Russian construction company Rostproekt and announced a leak that will blow Russia away. Link to the stolen data from the company have been […] | Hack | ||
|
2022-03-28 20:23:47 | Hive ransomware ports its encryptor to Rust programming language (lien direct) | The Hive ransomware gang ported its encryptor to the Rust programming language and implemented new features. The Hive ransomware operation has developed a Rust version of their encryptor and added new features to prevent curious from snooping on the victim’s ransom negotiations. According to BleepingComputer, which focused on Linux VMware ESXi encryptor, the Hive ransomware […] | Ransomware | ||
|
2022-03-28 12:39:14 | While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio (lien direct) | While Twitter suspends some Anonymous accounts, the collective hacked All-Russia State Television and Radio Broadcasting Company (VGTRK). On Friday, Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia. The group plans to distribute the stolen documents to various points on the internet […] | |||
|
2022-03-28 09:35:05 | GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon (lien direct) | Ukraine CERT-UA warns that the Belarus-linked GhostWriter APT group is targeting state entities of Ukraine with Cobalt Strike Beacon. Ukraine CERT-UA uncovered a spear-phishing campaign conducted by Belarus-linked GhostWriter APT group targeting Ukrainian state entities with Cobalt Strike Beacon. The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” This second archive […] | |||
|
2022-03-28 08:02:17 | Shopping trap: The online stores\' scam that hits users worldwide (lien direct) | Shopping trap: Criminal gangs from China have been using copies of online stores of popular brands to target users all over the world Malicious schemas linked to online stores are on the rise in 2022. Criminal gangs from China have been using copies of online stores of popular brands to target users all over the […] | |||
|
2022-03-27 22:24:20 | Sophos Firewall affected by a critical authentication bypass flaw (lien direct) | Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. The CVE-2022-1040 flaw received a CVSS score of 9.8 and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier. […] | |||
|
2022-03-27 18:40:04 | Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict (lien direct) | This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. March 25 – Anonymous leaked 28GB of data stolen from the Central Bank of Russia Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank […] | |||
|
2022-03-27 14:04:54 | Western Digital addressed a critical bug in My Cloud OS 5 (lien direct) | Western Digital fixed a critical flaw affecting My Cloud OS 5 devices that allowed attackers to gain remote code execution with root privileges. Western Digital has addressed a critical vulnerability, tracked as CVE-2021-44142, that could have allowed attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. The CVE-2021-44142 […] | |||
|
2022-03-27 05:47:50 | (Déjà vu) CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.ⓘ According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the […] | |||
|
2022-03-26 15:59:41 | FCC adds Kaspersky to Covered List due to unacceptable risks to national security (lien direct) | The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security. The Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered List saying that they pose unacceptable risks to U.S. national security. “The Federal Communications Commission's Public Safety and Homeland Security Bureau […] | |||
|
2022-03-25 22:22:53 | Anonymous leaked 28GB of data stolen from the Central Bank of Russia (lien direct) | Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. The group of hacktivists announced that will leak the stolen documents in 48 […] | |||
|
2022-03-25 20:15:24 | Chrome emergency update fixes actively exploited a zero-day bug (lien direct) | Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed an actively exploited high-severity zero-day vulnerability with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug, tracked […] | Vulnerability | ★★★ | |
|
2022-03-25 15:29:35 | Chinese threat actor Scarab targets Ukraine, CERT-UA warns (lien direct) | Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab. Ukraine CERT (CERT-UA) published technical details about a malicious activity tracked as UAC-0026, which SentinelLabs associated with China-linked Scarab APT. Scarab APT was first spotted in 2015, but experts believe it has been active since […] | Threat | ||
|
2022-03-25 12:12:56 | UK police arrested 7 alleged members of Lapsus$ extortion gang (lien direct) | UK police suspect that a 16-year-old from Oxford is one of the leaders of the popular Lapsus$ extortion group. The City of London Police announced to have arrested seven teenagers suspected of being members of the notorious Lapsus$ extortion gang, which is believed to be based in South America. “Four researchers investigating the hacking group […] | Guideline | ||
|
2022-03-25 09:26:44 | US indicted 4 Russian government employees for attacks on critical infrastructure (lien direct) | The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “The Department of Justice unsealed two indictments today charging […] |
To see everything:
Our RSS (filtrered)
