What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-28 17:49:13 | Les navigateurs TOR TOR TROJANISEZ ciblent les Russes avec des logiciels malveillants crypto-noyaux [Trojanized Tor browsers target Russians with crypto-stealing malware] (lien direct) | Une montée en puissance des installateurs de navigateur TOR trojanisé cible les Russes et les Européens de l'Est avec des logiciels malveillants de Hijacks du presse-papiers qui volent les transactions de crypto-monnaie infectées.[...]
A surge of trojanized Tor Browser installers targets Russians and Eastern Europeans with clipboard-hijacking malware that steals infected users\' cryptocurrency transactions. [...] |
Malware | ★★ | |
|
2023-03-28 12:26:40 | Crown Resorts confirme la demande de rançon après la violation de Goanywhere [Crown Resorts confirms ransom demand after GoAnywhere breach] (lien direct) | Crown Resorts, la plus grande entreprise de jeu et de divertissement d'Australie \\, a confirmé qu'elle avait subi une violation de données après que son serveur de partage sécurisé Goanywhere a été violé en utilisant une vulnérabilité zéro-jour.[...]
Crown Resorts, Australia\'s largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability. [...] |
Data Breach | ★★★ | |
|
2023-03-28 10:07:14 | Les erreurs de mot de passe de l'utilisateur final mettent votre organisation en danger [The End-User Password Mistakes Putting Your Organization at Risk] (lien direct) | Bien qu'il existe de nombreuses façons de créer des mots de passe, tous ne sont pas tout aussi efficaces.Il est important de considérer les différentes façons dont un système protégé par mot de passe peut échouer.[...]
Though there are many ways to create passwords, not all are equally effective. It is important to consider the various ways a password-protected system can fail. [...] |
★★★ | ||
|
2023-03-28 09:50:17 | La violation des données financières de latitude a maintenant un impact sur 14 millions de clients [Latitude Financial data breach now impacts 14 million customers] (lien direct) | Australian Loan Giant Latitude Financial Services (Latitude) avertit les clients que sa violation de données est beaucoup plus importante que initialement indiqué, en prenant le nombre de personnes touchées de 328 000 à 14 millions.[...]
Australian loan giant Latitude Financial Services (Latitude) is warning customers that its data breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million. [...] |
Data Breach | ★★ | |
|
2023-03-27 15:25:03 | Les nouvelles variantes icedid passent de la fraude bancaire à la livraison de logiciels malveillants [New IcedID variants shift from bank fraud to malware delivery] (lien direct) | De nouvelles variantes icedid ont été trouvées sans les fonctionnalités habituelles de la fraude bancaire en ligne et se concentrent plutôt sur l'installation de logiciels malveillants supplémentaires sur des systèmes compromis.[...]
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware on compromised systems. [...] |
Malware | ★ | |
|
2023-03-27 13:16:39 | New Macstealer macOS malware vole les mots de passe de iCloud Keychain [New MacStealer macOS malware steals passwords from iCloud Keychain] (lien direct) | Un nouveau logiciel malveillant de vol d'informations nommé MacStealer cible les utilisateurs de Mac, vole leurs informations d'identification stockées dans le trousseau iCloud et les navigateurs Web, les portefeuilles de crypto-monnaie et les fichiers potentiellement sensibles.[...]
A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files. [...] |
Malware | ★★ | |
|
2023-03-26 10:46:56 | Emotet Malware distribué sous forme de faux formulaires fiscaux W-9 à partir de l'IRS [Emotet malware distributed as fake W-9 tax forms from the IRS] (lien direct) | Une nouvelle campagne Emotet Phishing vise les contribuables américains en usurpant l'identité des formulaires fiscaux W-9 qui auraient envoyé par l'Internal Revenue Service et les entreprises avec lesquelles vous travaillez.[...]
A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work with. [...] |
Malware | ★★★ | |
|
2023-03-25 12:29:04 | New Dark Power Ransomware réclame 10 victimes au cours de son premier mois [New Dark Power ransomware claims 10 victims in its first month] (lien direct) | Une nouvelle opération de ransomware nommée \\ 'Dark Power \' est apparue, et elle a déjà répertorié ses premières victimes sur un site de fuite de données Web sombres, menaçant de publier les données si une rançon n'est pas payée.[...]
A new ransomware operation named \'Dark Power\' has appeared, and it has already listed its first victims on a dark web data leak site, threatening to publish the data if a ransom is not paid. [...] |
Ransomware | ★★ | |
|
2023-03-25 11:14:07 | L'attaque échographique inaudible peut contrôler furtivement votre téléphone, haut-parleur intelligent [Inaudible ultrasound attack can stealthily control your phone, smart speaker] (lien direct) | Les chercheurs de l'Université américaine ont développé une nouvelle attaque qu'ils ont nommée "Trojan inaudible" quasi-ultrasound "(Nuit) qui peut lancer des attaques silencieuses contre des appareils alimentés par des assistants vocaux, comme les smartphones, les haut-parleurs intelligents et d'autres IOT.[...]
American university researchers have developed a novel attack which they named "Near-Ultrasound Inaudible Trojan" (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs. [...] |
★★ | ||
|
2023-03-24 14:39:50 | OpenAI: Fuise de données de paiement ChatGpt causée par un bogue open-source [OpenAI: ChatGPT payment data leak caused by open-source bug] (lien direct) | Openai indique qu'un bug de la bibliothèque open-source du client redis était à l'origine de la panne de chat et de la fuite de données de lundi \\, où les utilisateurs ont vu d'autres utilisateurs \\ 'Informations et requêtes de chat.[...]
OpenAI says a Redis client open-source library bug was behind Monday\'s ChatGPT outage and data leak, where users saw other users\' personal information and chat queries. [...] |
ChatGPT ChatGPT | ★★★ | |
|
2023-03-24 13:54:29 | Procter & Gamble confirme le vol de données via Goanywhere Zero-Day [Procter & Gamble confirms data theft via GoAnywhere zero-day] (lien direct) | Le géant des biens de consommation Procter & Gamble a confirmé une violation de données affectant un nombre non divulgué d'employés après que sa plate-forme de partage de fichiers sécurisée de Goanywhere MFT a été compromise début février.[...]
Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisclosed number of employees after its GoAnywhere MFT secure file-sharing platform was compromised in early February. [...] |
Data Breach | ★★★ | |
|
2023-03-24 12:35:07 | Le Royaume-Uni crée de faux sites DDOS-pour-location pour identifier les cybercriminels [UK creates fake DDoS-for-hire sites to identify cybercriminals] (lien direct) | La National Crime Agency du Royaume-Uni (NCA) a révélé aujourd'hui qu'ils avaient créé plusieurs faux sites de services DDOS-pour-location pour identifier les cybercriminels qui utilisent ces plateformes pour attaquer les organisations.[...]
The U.K.\'s National Crime Agency (NCA) revealed today that they created multiple fake DDoS-for-hire service websites to identify cybercriminals who utilize these platforms to attack organizations. [...] |
★★ | ||
|
2023-03-24 10:47:57 | \\ 'amer \\' Hackers d'espionnage cibler les orgs d'énergie nucléaire chinoise [\\'Bitter\\' espionage hackers target Chinese nuclear energy orgs] (lien direct) | Un groupe de piratage de cyberespionnage suivi sous le nom de \\ 'amer APT \' a récemment été vu ciblant l'industrie chinoise de l'énergie nucléaire en utilisant des e-mails de phishing pour infecter les appareils avec des téléchargeurs de logiciels malveillants.[...]
A cyberespionage hacking group tracked as \'Bitter APT\' was recently seen targeting the Chinese nuclear energy industry using phishing emails to infect devices with malware downloaders. [...] |
Malware General Information | ★★ | |
|
2023-03-23 11:09:06 | Les logiciels malveillants de volume d'informations Python utilisent Unicode pour échapper à la détection [Python info-stealing malware uses Unicode to evade detection] (lien direct) | Un package Python malveillant sur PYPI utilise Unicode comme technique d'obscurcissement pour échapper à la détection tout en volant et en exfiltrant les développeurs \\ 'des informations d'identification et d'autres données sensibles à partir de dispositifs compromis.[...]
A malicious Python package on PyPI uses Unicode as an obfuscation technique to evade detection while stealing and exfiltrating developers\' account credentials and other sensitive data from compromised devices. [...] |
Malware Hack | ★★★ | |
|
2023-03-22 15:55:58 | Les pirates injectent des voleurs de cartes de crédit dans les modules de traitement des paiements [Hackers inject credit card stealers into payment processing modules] (lien direct) | Une nouvelle campagne de piratage de cartes de crédit fait des choses différemment de ce que nous avons vues dans le passé en cachant leur code malveillant à l'intérieur du module de passerelle de paiement \\ 'Autorize.net \' pour Woocommerce, permettant à la violation d'échapper à la détection par des analyses de sécurité.[...]
A new credit card stealing hacking campaign is doing things differently than we have seen in the past by hiding their malicious code inside the \'Authorize.net\' payment gateway module for WooCommcerce, allowing the breach to evade detection by security scans. [...] |
★★ | ||
|
2023-03-22 15:04:35 | Dole révèle la violation des données des employés après une attaque de ransomware [Dole discloses employee data breach after ransomware attack] (lien direct) | Fresh Produce Giant Dole Food Company a confirmé que les informations d'un nombre non divulgué d'employés avaient été accessibles lors d'une attaque de ransomware de février.[...]
Fresh produce giant Dole Food Company has confirmed that the information of an undisclosed number of employees was accessed during a February ransomware attack. [...] |
Ransomware Data Breach | ★★ | |
|
2023-03-21 16:33:24 | Les pirates utilisent de nouveaux logiciels malveillants PowerMagic et Common Magic pour voler des données [Hackers use new PowerMagic and CommonMagic malware to steal data] (lien direct) | Des chercheurs en sécurité ont découvert des attaques d'un acteur de menace avancé qui a utilisé "un cadre malveillant auparavant invisible" appelé CommonMagic et une nouvelle porte dérobée appelée PowerMagic.[...]
Security researchers have discovered attacks from an advanced threat actor that used "a previously unseen malicious framework" called CommonMagic and a new backdoor called PowerMagic. [...] |
Malware Threat | ★★ | |
|
2023-03-21 12:57:44 | Lockbit Ransomware Gang affirme désormais également la violation de la ville d'Oakland [LockBit ransomware gang now also claims City of Oakland breach] (lien direct) | Une autre opération de ransomware, le Gang Lockbit, menace désormais de divulguer ce qu'elle décrit comme des fichiers volés aux systèmes de la ville d'Oakland.[...]
Another ransomware operation, the LockBit gang, now threatens to leak what it describes as files stolen from the City of Oakland\'s systems. [...] |
Ransomware | ★★★ | |
|
2023-03-21 05:25:02 | Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen (lien direct) | Le gang de ransomware de CloP prétend avoir attaqué Saks Fifth Avenue sur son site de fuite Web Dark.Saks admet que l'incident est lié à l'exploitation des logiciels MFT Goanywhere en cours, mais indique qu'aucune véritable données client n'a été volée.[...]
The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. Saks admits the incident is linked to the ongoing GoAnywhere MFT software exploits but states that no real customer data was stolen. [...] |
Ransomware | ★★ | |
|
2023-03-20 19:20:47 | Ferrari discloses data breach after receiving ransom demand (lien direct) | Ferrari a divulgué une violation de données à la suite d'une demande de rançon reçue après que les attaquants ont eu accès à certains des systèmes informatiques de la société.[...]
Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company\'s IT systems. [...] |
Data Breach | ★★ | |
|
2023-03-19 10:20:40 | New \'HinataBot\' botnet could launch massive 3.3 Tbps DDoS attacks (lien direct) | A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks. [...] | Malware | ★★★★ | |
|
2023-03-18 15:03:23 | Emotet malware now distributed in Microsoft OneNote files to evade defenses (lien direct) | The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets. [...] | Malware | ★★★ | |
|
2023-03-17 19:01:27 | The Week in Ransomware - March 17th 2023 - Shifting to data extortion (lien direct) | The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches. [...] | Ransomware Threat | ★★ | |
|
2023-03-17 16:21:13 | NBA alerts fans of a data breach exposing personal information (lien direct) | The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, "held" by a third-party newsletter service, was stolen. [...] | Data Breach | ★★ | |
|
2023-03-17 12:20:58 | Hitachi Energy confirms data breach after Clop GoAnywhere attacks (lien direct) | Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability. [...] | Ransomware Data Breach Industrial | ★★★ | |
|
2023-03-17 11:36:19 | RAT developer arrested for infecting 10,000 PCs with malware (lien direct) | Ukraine's cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing as game applications. [...] | Malware Legislation | ★★★ | |
|
2023-03-16 18:10:58 | BianLian ransomware gang shifts focus to pure data extortion (lien direct) | The BianLian ransomware group has shifted its focus from encrypting its victims' files to only exfiltrating data found on compromised networks and using them for extortion. [...] | Ransomware | ★★ | |
|
2023-03-16 15:36:49 | FakeCalls Android malware returns with new ways to hide on phones (lien direct) | Android malware 'FakeCalls' is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool targets into giving away their credit card details. [...] | Malware | ★★ | |
|
2023-03-16 14:45:11 | Adobe Acrobat Sign abused to push Redline info-stealing malware (lien direct) | Cybercriminals are abusing Adobe Acrobat Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users. [...] | Malware | ★★★ | |
|
2023-03-16 13:32:05 | Latitude cyberattack leads to data theft at two service providers (lien direct) | Latitude Financial Services (Latitude) has published a notice on its website today informing that it has suffered a ransomware attack that resulted in the theft of some customer data. [...] | Ransomware General Information | ★★ | |
|
2023-03-16 06:00:00 | Winter Vivern APT hackers use fake antivirus scans to install malware (lien direct) | An advanced hacking group named 'Winter Vivern' targets European government organizations and telecommunication service providers to conduct espionage. [...] | Malware | ★★ | |
|
2023-03-15 14:50:26 | LockBit ransomware claims Essendant attack, company says “network outage” (lien direct) | LockBit ransomware has claimed a cyber attack on Essendant, a wholesale distributer of office products after a "significant" and ongoing outage knocked the company's operations offline. [...] | Ransomware | ★★ | |
|
2023-03-15 14:06:14 | Hacker selling data allegedly stolen in US Marshals Service hack (lien direct) | A threat actor is selling on a Russian-speaking hacking forum what they claim to be hundreds of gigabytes of data allegedly stolen from U.S. Marshals Service (USMS) servers. [...] | Hack Threat | ★★★★ | |
|
2023-03-15 11:50:03 | Healthcare provider ILS warns 4.2 million people of data breach (lien direct) | Independent Living Systems (ILS), a Miami-based healthcare administration and managed care solutions provider, suffered a data breach that exposed the personal information of 4,226,508 individuals. [...] | Data Breach | ★★ | |
|
2023-03-14 16:43:43 | Rubrik confirms data theft in GoAnywhere zero-day attack (lien direct) | Cybersecurity company Rubrik has confirmed that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform. [...] | Vulnerability | ★★ | |
|
2023-03-13 18:38:03 | Fortinet: New FortiOS bug used as zero-day to attack govt networks (lien direct) | Unknown attackers used zero-day exploits to abuse a new FortiOS bug patched this month in attacks targeting government and large organizations that have led to OS and file corruption and data loss. [...] | ★★★ | ||
|
2023-03-13 15:51:33 | LA housing authority discloses data breach after ransomware attack (lien direct) | The Housing Authority of the City of Los Angeles (HACLA) is warning of a "data security event" after the LockBit ransomware gang targeted the organization and leaked data stolen in the attack. [...] | Ransomware Data Breach | ★★ | |
|
2023-03-13 12:58:50 | Hackers steal $197 million in crypto in Euler Finance attack (lien direct) | Lending protocol Euler Finance was hit by a cryptocurrency flash loan attack on Sunday, with the threat actor stealing $197 million in multiple digital assets. [...] | Threat | ★★ | |
|
2023-03-12 11:12:06 | Medusa ransomware gang picks up steam as it targets companies worldwide (lien direct) | A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands. [...] | Ransomware | ★★★ | |
|
2023-03-12 10:18:09 | CASPER attack steals data using air-gapped computer\'s internal speaker (lien direct) | Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec. [...] | ★★★★ | ||
|
2023-03-11 11:28:14 | CISA warns of actively exploited Plex bug after LastPass breach (lien direct) | CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog of security flaws exploited in attacks. [...] | Vulnerability | LastPass LastPass | ★★★ |
|
2023-03-10 16:27:40 | Microsoft OneNote to get enhanced security after recent malware abuse (lien direct) | Microsoft is working on introducing improved protection against phishing attacks pushing malware via malicious Microsoft OneNote files. [...] | Malware | ★★★ | |
|
2023-03-10 14:02:23 | New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres (lien direct) | A newly discovered Golang-based botnet malware scans for and infects web servers running phpMyAdmin, MySQL, FTP, and Postgres services. [...] | Malware | ★★★ | |
|
2023-03-10 12:48:07 | Security researchers targeted with new malware via job offers on LinkedIn (lien direct) | A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job offers that lead to the deployment of three new, custom malware families. [...] | Malware Guideline | ★★★ | |
|
2023-03-10 11:30:18 | Blackbaud to pay $3M for misleading ransomware attack disclosure (lien direct) | Cloud software provider Blackbaud has agreed to pay $3 million to settle charges brought by the Securities and Exchange Commission (SEC), alleging that it failed to disclose the full impact of a 2020 ransomware attack that affected more than 13,000 customers. [...] | Ransomware Cloud | ★★ | |
|
2023-03-10 10:43:16 | Mental health provider Cerebral alerts 3.1M people of data breach (lien direct) | Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and telehealth services. [...] | Data Breach | ★★ | |
|
2023-03-10 05:24:00 | Xenomorph Android malware now steals data from 400 banks (lien direct) | The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system (ATS) framework and the ability to steal credentials for 400 banks. [...] | Malware | ★★★ | |
|
2023-03-09 18:24:20 | Police seize Netwire RAT malware infrastructure, arrest admin (lien direct) | An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server. [...] | Malware | ★★★ | |
|
2023-03-09 14:54:28 | Akamai mitigates record-breaking 900Gbps DDoS attack in Asia (lien direct) | Akamai reports having mitigated the largest DDoS (distributed denial of service) attack ever launched against a customer based in the Asia-Pacific region. [...] | ★★★ | ||
|
2023-03-09 14:13:49 | Microsoft: Business email compromise attacks can take just hours (lien direct) | Microsoft's Security Intelligence team recently investigated a business email compromise (BEC) attack and found that attackers move rapidly, with some steps taking mere minutes. [...] | ★★★ |
To see everything:
Our RSS (filtrered)
