What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-08 11:20:37 | ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures (lien direct) | It was bound to happen: a supply-chain compromise, ala SolarWinds, has been combined with a ransomware assault, akin to Colonial Pipeline, with devasting implications. Related: The targeting of supply chains Last Friday, July 2, in a matter of a few … (more…) | Ransomware Hack | ||
 |
2021-07-08 09:19:53 | Morgan Stanley reports data breach after vendor Accellion hack (lien direct) | Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third party vendor. [...] | Data Breach Hack | ||
 |
2021-07-07 11:24:04 | Researchers Reproduce Exploit Used in Kaseya Hack (lien direct) | Kaseya CEO Downplays Impact of Cyberattack Researchers have successfully reproduced the exploit used in the recent cyberattack targeting IT management software maker Kaseya and its customers. | Hack | ||
|
2021-06-30 11:40:04 | GUEST ESSAY: Why online supply chains remain at risk - and what companies can do about it (lien direct) | The Solarwinds hack has brought vendor supply chain attacks — and the lack of readiness from enterprises to tackle such attacks — to the forefront. Related: Equipping Security Operations Centers (SOCs) for the long haul Enterprises have long operated in … (more…) | Hack | ||
 |
2021-06-29 11:30:29 | Speed or Security? Don\'t Compromise (lien direct) | “Speed is the new currency of business.” Chairman and CEO of Salesforce Marc R. Benioff's words are especially potent today as many organizations small and large look for ways to speed up production during their shifts to digital. In software development, speed is a critical factor. Everything from shifting priorities to manual processes and siloed teams can seriously impede deployment schedules. One of the biggest obstacles, however, is a lack of security throughout every step of the production process to ensure that coding mistakes and flaws are found and fixed before they turn into project-derailing problems. A lack of an efficient and flexible AppSec program becomes an issue when you look at the data: Cyberattacks occur every 39 seconds. 60 percent of developers are releasing code 2x faster than before. 76 percent of applications have least at least one security flaw on first scan. 85 percent of orgs admit to releasing vulnerable code to production because of time restraints. A mere 15 percent of orgs say that all of their development teams participate in formal security training. But there's good news, too. We know from our annual State of Software Security report that frequent scanning with the right tools in the right parts of your software development lifecycle can help your team close security findings much faster. For example, scanning via API alone cuts remediation time for 50 percent of flaws by six days, slamming that window of opportunity shut for cyberattackers. The Veracode Static Analysis family helps you do just that. It plugs into critical parts of your software development lifecycle (SDLC), providing automated feedback right in your IDE and pipeline so that your developers can improve the quality of their code while they work. You can also run a full policy scan before deployment to understand what your developers need to focus on and to prove compliance. Together, these scans throughout My Code, Our Code, and Production Code boost quality and security to reduce the risk of an expensive and time-consuming breach down the road. Automation and developer education In addition to having the right scans in the right places, there are supporting steps you can take to ensure the quality of your code without sacrificing speed. Automation through integrations is an important piece of the puzzle because it speeds everything up and boosts efficiency. The automated feedback from Veracode Static Analysis means your team of developers has clear insight into existing flaws so they can begin prioritization to eliminate the biggest risks first. Automation also sets the standard for consistency which, as you go, improves speed. Developer education also helps close gaps in information and communication with security counterparts so that they can work towards a common goal. It goes both ways – if the security leaders at your organization can walk the walk and talk the talk of the developer, everyone will have an easier time communicating goals and solving security problems. One way to close those gaps is through hands-on developer education with a tool like Veracode Security Labs. The platform utilizes real applications in contained environments that developers can hack or patch in real-time so that they learn to think like an attacker and stay one step ahead. Like Static Analysis, Security Labs helps meet compliance needs too, with customized education in the languages your developers use most. The prioritization conundrum Security debt can feel like a horror movie villain as it lingers in the background. But it isn't always teeming with high-risk flaws that should be tackled first, and so it's important to carefully consider how to approach prioritization. A recent analyst report, Building an Enterprise DevSecOps Program, found that everything can feel like a priority: “During our research many security pros told us that all vulnerabilities started looking like high priorities, and it was incredibly difficult to differentiate a vulnerability with impact on the organization from one which | Hack Tool Vulnerability Guideline | ||
|
2021-06-28 18:10:20 | SHARED INTEL: Microsoft discloses how the Nobelium hacking ring engages in routine phishing (lien direct) | Microsoft has blunted the ongoing activities of the Nobelium hacking collective, giving us yet another glimpse of the unceasing barrage of hack attempts business networks must withstand on a daily basis. Related: Reaction to Biden ‘s cybersecurity executive order Nobelium … (more…) | Malware Hack Threat | ★★★★★ | |
 |
2021-06-27 11:25:36 | Security Affairs newsletter Round 320 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Norway blames China-linked APT31 for 2018 government hack Poland: The leader of the PiS party blames Russia for […] | Hack Guideline | APT 31 | |
 |
2021-06-25 19:52:13 | (Déjà vu) NFC flaws let researchers hack an ATM by waving a phone (lien direct) | Flaws in card-reader technology can wreak havoc with point-of-sale systems and more. | Hack | ||
|
2021-06-25 12:55:40 | Flaws in FortiWeb WAF expose Fortinet devices to remote hack (lien direct) | Fortinet has recently fixed a high-severity vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote attackers to execute arbitrary commands. Fortinet has recently addressed a high-severity vulnerability (CVE-2021-22123) affecting its FortiWeb web application firewall (WAF), a remote, authenticated attacker can exploit it to execute arbitrary commands via the SAML server […] | Hack Vulnerability | ||
 |
2021-06-24 18:32:09 | NFC Flaws Let Researchers Hack ATMs by Waving a Phone (lien direct) | Flaws in card reader technology let a security firm consultant wreak havoc with point-of-sale systems and more. | Hack | ||
|
2021-06-21 11:33:59 | Water Sector Security Report Released Just as Another Water Plant Hack Comes to Light (lien direct) | 
|
Hack | ||
|
2021-06-20 16:36:59 | Norway blames China-linked APT31 for 2018 government hack (lien direct) | Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government's IT network. Norway's Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government's IT network in 2018. The attribution of the attack to the APT31 grouo is based […] | Hack | APT 31 | |
 |
2021-06-18 23:34:04 | North Korea Exploited VPN Flaw to Hack South\'s Nuclear Research Institute (lien direct) | South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which - "27.102.114[.]89 |
Hack Vulnerability | ||
 |
2021-06-17 11:24:00 | Smashing Security podcast #232: Zoomolympics and language matters (lien direct) | Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis. | Hack | ||
 |
2021-06-17 00:09:00 | How to hack a bicycle – Peloton Bike+ rooting bug patched (lien direct) | It's a bike, Jim, but not as we know it. | Hack | ||
|
2021-06-16 02:14:53 | Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets (lien direct) | As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets.
"Ransomware operators often buy access from independent cybercriminal groups who infiltrate major |
Ransomware Hack Threat | ||
|
2021-06-15 06:39:02 | Apple fixes ninth zero-day bug exploited in the wild this year (lien direct) | Apple has fixed two iOS zero-day vulnerabilities that "may have been actively exploited" to hack into older iPhone, iPad, and iPod devices. [...] | Hack | ||
|
2021-06-14 22:16:47 | Apple: WebKit Bugs Exploited to Hack Older iPhones (lien direct) | Apple late Monday shipped an out-of-band iOS update for older iPhones and iPads alongside a warning that a pair of WebKit security vulnerabilities may have been actively exploited. | Hack | ||
|
2021-06-14 21:00:28 | CodeCov Kills Off Bash Uploader Blamed for Supply Chain Hack (lien direct) | Following a major software supply chain compromise that exposed data for several major companies, developer tools startup CodeCov plans to kill off the Bash Uploader tool that was responsible for the breach. | Hack Tool | ||
 |
2021-06-14 17:13:00 | REvil Claims Responsibility for Invenergy Hack (lien direct) | Ransomware group that attacked JBS says it also hacked Chicago-based clean energy company | Ransomware Hack | ||
 |
2021-06-11 16:39:10 | Cyberpunk 2077 Hacked Data Circulating Online (lien direct) | CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer. | Hack | ||
|
2021-06-10 14:26:25 | Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain Security (lien direct) | In this episode of the podcast
(#216) we talk with Brian Trzupek, Digicert's Vice President of Product, about the growing urgency of securing software supply chains, and how digital code signing can help prevent compromises like the recent hack of the firm SolarWinds.
The post Episode 216: Signed, Sealed and Delivered: The Future of Supply Chain...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/654400338/0/thesecurityledger -->»
|
Hack | ||
 |
2021-06-10 13:52:44 | Cyberguerre : l\'armée américaine présente les résultats de son bug bounty " Hack the Army 3.0 " (lien direct) | Le groupe russe à l'origine du piratage Solarwinds ayant lancé une nouvelle série d'offensives contre des agences gouvernementales américaines, les plus hautes institutions du pays sont plus que jamais sous pression pour réussir à contenir la cyber menace. The post Cyberguerre : l'armée américaine présente les résultats de son bug bounty " Hack the Army 3.0 " first appeared on UnderNews. | Hack | ||
 |
2021-06-09 12:07:07 | Experts Inisght On Security Threats Of VPN And What Organisations Can Do To Manage The Risk Of Ransomware. (lien direct) | BACKGROUND: In light of the ongoing conversation around the Colonial Pipeline hack and the latest findings showing that hackers used a VPN account to breach the network using just a… | Hack | ||
|
2021-06-04 14:09:26 | How to hack into 5500 accounts… just using “credential stuffing” (lien direct) | Passwords - don't just pay them lip service. | Hack | ||
 |
2021-06-04 06:14:00 | Secrecy around EncroChat cryptophone hack breaches French constitution, court hears (lien direct) | Passwords - don't just pay them lip service. | Hack | ||
|
2021-06-03 08:20:00 | FBI: REvil Ransomware Group Behind JBS Attack (lien direct) | The FBI said it would be working to bring the REvil group to justice for the hack on JBS | Ransomware Hack | ||
|
2021-06-02 07:54:01 | Experts React: On JBS Foods Hack Must Prompt Supply Chain Cyber Protection (lien direct) | BACKGROUND: The world’s largest meat supplier, JBS Foods, has been hit by a cyber-attack, the latest in a string of high-profile international hacks which show no sign of slowing down. Hackers… | Hack | ||
|
2021-06-01 12:41:33 | Swedish Public Health Agency Says Disease Database Targeted in Cyberattacks (lien direct) | The Swedish Public Health Agency (Folkhälsomyndigheten) is currently investigating several attempts to hack into SmiNet, a database that stores reports of infectious diseases, including COVID-19 cases. | Hack | ||
|
2021-05-30 14:19:20 | US Says Agencies Largely Fended Off Latest Russian Hack (lien direct) | The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. | Hack | ||
|
2021-05-29 13:00:00 | US Soldiers Exposed Nuclear Secrets on Digital Flashcards (lien direct) | Plus: A major hack in Japan, Citizen app run amuck, and more of the week's top security news. | Hack | ||
|
2021-05-28 20:16:19 | CVE-2020-15782 flaw in Siemens PLCs allows remote hack (lien direct) | Industrial cybersecurity firm Claroty discovered a new flaw in Siemens PLCs that can be exploited by a remote and unauthenticated attacker to hack the devices. Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782, that could be exploited by remote and unauthenticated attackers to bypass memory protection. The […] | Hack Vulnerability | ||
|
2021-05-28 15:08:02 | Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs (lien direct) | Researchers at industrial cybersecurity firm Claroty have identified a serious vulnerability that can be exploited by a remote and unauthenticated attacker to hack some of the programmable logic controllers (PLCs) made by Siemens. | Hack Vulnerability | ||
|
2021-05-27 14:24:34 | US Pipelines Ordered to Increase Cyber Defenses After Hack (lien direct) | U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. | Ransomware Hack | ||
|
2021-05-27 13:56:20 | Fujitsu SaaS Hack Sends Govt. of Japan Scrambling (lien direct) | Tech giant disables ProjectWEB cloud-based collaboration platform after threat actors gained access and nabbed files belonging to several state entities. | Hack Threat | ||
|
2021-05-27 12:58:14 | (Déjà vu) Expert Reaction On Japanese Government Agencies Suffer Data Breaches After Fujitsu Hack (lien direct) | Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. It is not… | Hack | ||
 |
2021-05-27 11:41:26 | The Story of the 2011 RSA Hack (lien direct) | Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come. | Hack | ★★★★ | |
|
2021-05-27 10:57:54 | Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack (lien direct) |  Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.
Features of Vulhub Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub contains many frameworks, databases, applications, programming languages and more such as:
Drupal
ffmpeg
CouchDB
ActiveMQ
Glassfish
Joombla
JBoss
Kibana
Laravel
Rails
Python
Tomcat
And many, many more.
Read the rest of Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack now! Only available at Darknet.
|
Hack | ||
|
2021-05-27 09:48:37 | US announces new security directive after critical pipeline hack (lien direct) | The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. [...] | Ransomware Hack | ||
|
2021-05-27 03:21:17 | Japanese government agencies suffer data breaches after Fujitsu hack (lien direct) | Offices of multiple Japanese agencies were breached via Fujitsu's "ProjectWEB" information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. [...] | Hack | ||
|
2021-05-26 19:29:45 | US Exchanges Offer a Rich Potential Target for Hackers (lien direct) | Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that set off a public panic and forced the company to pay a ransom. Financial exchanges that manage daily transactions of tens or hundreds of billions of dollars are an appealing target for hackers. | Hack Threat | ||
 |
2021-05-25 15:00:00 | Anomali Cyber Watch: Bizzaro Trojan Expands to Europe, Fake Call Centers Help Spread BazarLoader Malware, Toshiba Business Reportedly Hit by DarkSide Ransomware and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BazarCall, DarkSide, Data breach, Malware, Phishing, Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Air India passenger data breach reveals SITA hack worse than first thought
(published: May 23, 2021)
Adding to the growing body of knowledge related to the March 2021 breach of SITA, a multinational information technology company providing IT and telecommunication services to the air transport industry, Air India announced over the weekend that the personal information of 4.5 million customers was compromised. According to the airline, the stolen information included passengers’ name, credit card details, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data. The compromise included data for passengers who registered with Indian Airlines between 26 August 2011 and 3 February 2021; nearly a decade. Air India adds to the growing list of SITA clients impacted by their data breach, including Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air, Cathay Pacific, Air New Zealand, and Lufthansa.
Analyst Comment: Unfortunately, breaches like this are commonplace. While customers have no control over their information being included in such a breach, they can and should take appropriate actions once notified they may be impacted, Those actions can include changing passwords and credit cards associated with the breached accounts, engaging with credit reporting agencies for enhanced credit monitoring or freezing of credit inquiries without permission, and reaching out to companies that have reportedly been breached to learn what protections they may be offering their clients.
Tags: Data Breach, Airline, PII
BazarCall: Call Centers Help Spread BazarLoader Malware
(published: May 19, 2021)
Researchers from PaloAlto’s Unit42 released a breakdown of a new infection method for the BazarLoader malware. Once installed, BazarLoader provides backdoor access to an infected Windows host which criminals can use to scan the environment, send follow-up malware, and exploit other vulnerable hosts on the network. In early February 2021, researchers began to report a “call center” method of distributing BazarLoader. Actors would send phishing emails with trial subscription-based themes encouraging victims to phone a number to unsubscribe. If a victim called, the actor would answer the phone and direct the victim through a process to infect the computer with BazarLoader. Analysts dubbed this method of infection “BazarCall.”
Analyst Comment: This exemplifies social engineering tactics threat actors employ to trick users into installing malware on their machines. All social media users should be cautious when accepting unknown requests to connect, and particularly cautious when receiving communication from unknown users. Even if cal |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | ||
|
2021-05-25 14:08:37 | (Déjà vu) Time HackTheBox Walkthrough (lien direct) | Hello! Everyone and Welcome to yet another CTF challenge from Hack the Box, called 'Time,' which is available online for those who want to increase their skills in penetration testing and Black box testing. Level: Medium Task: Find user.txt and root.txt in the victim's machine Penetration Methodologies Scanning Nmap Enumeration Browsing HTTP | Hack | ★★★★★ | |
|
2021-05-24 18:22:26 | Delivery HackTheBox Walkthrough (lien direct) | Hello! Everyone and Welcome to yet another CTF challenge from Hack the Box, called 'Delivery,' which is available online for those who want to increase their skills in penetration testing and Black box testing. Delivery is a retired vulnerable lab presented by Hack the Box for making online penetration testing | Hack | ||
|
2021-05-24 14:14:26 | Needle in the Haystack: The Inside Story of the Microsoft Exchange Hack (lien direct) | 
|
Hack | ||
|
2021-05-24 13:18:10 | U.S. Government Asks Victims of 2017 EtherDelta Hack to Come Forward (lien direct) | The U.S. government is hoping to obtain additional information on the 2017 hacker attack targeting the EtherDelta cryptocurrency trading platform and it has asked victims of the incident to come forward. | Hack | ||
|
2021-05-24 11:20:05 | AIs and Fake Comments (lien direct) | This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn't another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy – the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens. This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones... | Hack | ★★★ | |
|
2021-05-24 08:44:00 | Air India is latest victim of Sita hack (lien direct) | This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn't another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy – the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens. This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones... | Hack | ||
 |
2021-05-24 07:46:47 | Damage of SITA data breach still unfolding as Air India compromised (lien direct) | Tech Crunch has reported that a recently found Air India passenger data breach indicates that the SITA hack is worse than first anticipated. Three months after air transport data giant SITA reported its own data breach, the damage is still mounting. Air India said this week that personal data of about 4.5 million passengers had […] | Data Breach Hack | ★★★★★ | |
|
2021-05-23 12:08:41 | India\'s National Carrier Says Hack Leaked Passengers\' Data (lien direct) | Personal data of an unspecified number of travelers has been compromised after a company that serves India's national carrier was hacked, Air India said. The hackers were able to access 10 years' worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday. | Hack |
To see everything:
Our RSS (filtrered)
