What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-06 04:06:12 | Bucking Trump, NSA and FBI say Russia was “likely” behind SolarWinds hack (lien direct) | Trump has downplayed the mass compromise and Russia's involvement. Underlings disagree. | Hack | ★★★★ | |
 |
2021-01-06 02:00:00 | SolarWinds hack is a wakeup call for taking cybersecurity action (lien direct) | Advanced Persistent Threats (APTs) have long been a concern of the cybersecurity community. Well-organized teams with significant resources and targets they are not willing to give up attacking until their mission is accomplished are certainly not a threat to be underestimated. The tactics deployed by such groups involve a combination of attack types, from exploiting zero-day vulnerabilities to social engineering, gaining access, establishing a foothold and deepening access, and then remaining in a target's systems undetected until realizing their goal. | Hack Threat | ||
 |
2021-01-06 00:00:17 | FBI, CISA, ODNI and NSA blames Russia for SolarWinds hack (lien direct) | A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain attack. The US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. On behalf of President Trump, the four agencies were part of the task force […] | Hack | ||
 |
2021-01-05 22:02:08 | US: Hack of Federal Agencies \'Likely Russian in Origin\' (lien direct) | Top national security agencies confirmed Tuesday that Russia was likely responsible for a massive hack of U.S. | Hack | ||
 |
2021-01-05 21:18:00 | US government formally blames Russia for SolarWinds hack (lien direct) | Joint statement from the FBI, CISA, ODNI, and NSA says SolarWinds hack was "likely Russian in origin." | Hack | ||
 |
2021-01-05 15:56:56 | US govt says Russian state hackers likely behind SolarWinds hack (lien direct) | The Cyber Unified Coordination Group (UCG) said today that a Russian-backed Advanced Persistent Threat (APT) group is likely behind the SolarWinds hack. [...] | Hack Threat | ||
 |
2021-01-05 14:28:19 | Ticketmaster Admits To Hacking Rival Company (lien direct) | As reported by Ars Technica, Ticketmaster has agreed to pay a $10 million criminal fine after admitting its employees repeatedly used stolen passwords and other means to hack a rival ticket… The ISBuzz Post: This Post Ticketmaster Admits To Hacking Rival Company | Hack | ||
 |
2021-01-05 13:09:45 | T-Mobile suffers its fourth hack in less than three years – still “takes the security of your information very seriously” (lien direct) | T-Mobile says that its security team recently discovered that hackers had managed to access information related to T-Mobile accounts. And it's not the first time... | Hack | ||
 |
2021-01-05 12:42:38 | Latest on the SVR\'s SolarWinds Hack (lien direct) | The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). Interviews with key players investigating what intelligence agencies believe to be an operation by Russia's S.V.R. intelligence service revealed these points: The breach is far broader than first believed. Initial estimates were that Russia sent its probes only into a few dozen of the 18,000 government and private networks they gained access to when they inserted code into network management software made by a Texas company named SolarWinds. But as businesses like Amazon and Microsoft that provide cloud services dig deeper for evidence, it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 networks. ... | Hack | ||
 |
2021-01-05 01:16:42 | SolarWinds hack poses risk to cloud services\' API keys and IAM identities (lien direct) | The SolarWinds hack endangers not just organizations' on-premises systems but also their cloud-based infrastructure. | Hack | ||
 |
2021-01-04 15:26:15 | Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business (lien direct) | Several Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt to 'choke off' its business. | Hack | ||
 |
2021-01-04 01:35:00 | SolarWinds : 250 organisations piratées et des codes sources de Microsoft siphonnés (lien direct) | L'impact du gigantesque hack d'origine russe semble chaque jour prendre de l'ampleur. Même le géant Microsoft a été piraté. Ce dernier estime néanmoins que le risque pour ses clients est nul.  |
Hack | ||
|
2021-01-02 14:40:26 | Top stories of 2020 (lien direct) | Below the list of the top stories of 2020. December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. August 2 – Garmin allegedly paid for a decryptor for WastedLocker ransomware BleepingComputer researchers confirmed that Garmin has received the […] | Ransomware Hack | ||
|
2021-01-01 13:05:51 | Ticketmaster fined $10 million after hack of business rival (lien direct) | The US Department of Justice has announced that Ticketmaster has been fined $10 million for repeatedly accessing a competitor's computer systems in order to gain a commercial advantage. | Hack | ||
|
2020-12-30 01:28:00 | SolarWinds : le mystère du hack de l\'année élucidé par Microsoft ? (lien direct) | Les mises à jour vérolées du logiciel Orion n'étaient qu'une porte d'entrée pour, au final, mettre la main sur des jetons d'authentification de services cloud.  |
Hack | ||
|
2020-12-28 13:46:45 | Finnish Parliament attackers hack lawmakers\' email accounts (lien direct) | The email accounts of multiple members of parliament (MPs) were compromised following a cyberattack as revealed today by the Parliament of Finland. [...] | Hack | ||
|
2020-12-25 14:08:50 | CrowdStrike releases free Azure security tool after failed hack (lien direct) | Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials. [...] | Hack Tool Threat Guideline | ||
 |
2020-12-24 19:33:33 | SolarWinds Hack Infected Critical Infrastructure, Including Power Industry (lien direct) | Internal computer internet servers are seen at the Telvent GIT SA company headquarters in Madrid, Spain, July 19, 2011. | Hack | ||
 |
2020-12-23 17:14:28 | Zero-click iMessage exploit used to hack journalists (lien direct) | Security researchers have uncovered a surveillance campaign aimed at journalists in the Middle East, claiming that a zero-click iMessage exploit was used to hack their iPhones.stock | Hack | ||
 |
2020-12-23 14:36:49 | SolarWinds Sunburst: UK data watchdog issues hack alert (lien direct) | President-elect Joe Biden has also vowed that the US will respond to the attack. | Hack | Solardwinds | ★★ |
|
2020-12-23 13:12:50 | UK privacy watchdog warns SolarWinds victims to report data breaches (lien direct) | United Kingdom's Information Commissioner's Office (ICO) has warned organizations that fell victim to the SolarWinds hack that they are required to report data breaches within three days after their discovery. [...] | Hack | ||
|
2020-12-22 21:52:57 | Researchers shared the lists of victims of SolarWinds hack (lien direct) | Security experts shared lists of organizations that were infected with the SolarWinds Sunburst backdoor after decoding the DGA mechanism. Security experts started analyzing the DGA mechanism used by threat actors behind the SolarWinds hack to control the Sunburst/Solarigate backdoor and published the list of targeted organizations. Researchers from multiple cybersecurity firms published a list that […] | Hack Threat Mobile | Solardwinds Solardwinds | |
|
2020-12-22 16:28:12 | Experts Reacted On Microsoft Confirming Breached In Recent SolarWinds Supply Chain Hack (lien direct) | It has been reported that state-sponsored hackers who breached US software provider SolarWinds earlier this year pivoted to Microsoft’s internal network, and then used Microsoft’s own products to further the attacks against other… The ISBuzz Post: This Post Experts Reacted On Microsoft Confirming Breached In Recent SolarWinds Supply Chain Hack | Hack | ||
|
2020-12-22 16:03:42 | Expert Reaction On Microsoft Says It Identified 40+ Victims Of The SolarWinds Hack (lien direct) | SolarWinds-gate illustrates the emerging trend of sophisticated supply chain attacks. Very few, if any, organizations ever cared to verify an update’s integrity till today. The question is how many other… The ISBuzz Post: This Post Expert Reaction On Microsoft Says It Identified 40+ Victims Of The SolarWinds Hack | Hack | ||
|
2020-12-22 07:30:38 | VMware and Cisco also impacted by the SolarWinds hack (lien direct) | The IT giants VMware and Cisco revealed they were impacted by the recently disclosed SolarWinds supply chain attack. VMware and Cisco confirmed to have been both impacted by the recent SolarWinds hack. A recent advisory published by the NSA is warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from […] | Hack | ||
 |
2020-12-21 20:43:00 | Russia Officially Denies Large-scale US Hack (lien direct) | Kremlin spokesperson states that Russia was not behind hack of SolarWinds' Orion software | Hack | ||
|
2020-12-21 18:26:13 | SUPERNOVA, a backdoor found while investigating SolarWinds hack (lien direct) | While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor. After the initial disclosure of the SolarWinds attack, several teams of researchers mentioned the existence of two […] | Hack Threat | ||
|
2020-12-21 11:05:23 | Zero-day exploit used to hack iPhones of Al Jazeera employees (lien direct) | Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. Researchers from Citizen Lab reported that at least 36 Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack their iPhones. The attackers used an […] | Hack Vulnerability | ||
|
2020-12-20 19:54:47 | US cyber-attack: Around 50 firms \'genuinely impacted\' by massive breach (lien direct) | The expert whose company uncovered the hack also backs US officials' view that Russia was behind it. | Hack | ||
|
2020-12-19 23:25:40 | NATO is checking its systems to determine the impact of SolarWinds hack (lien direct) | NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO announced it is checking its systems after the SolarWinds supply chain attack to determine if they were infected with a backdoor. “At this time, no evidence of compromise has been found on any NATO networks. […] | Hack | ||
 |
2020-12-19 14:00:00 | Russia\'s SolarWinds Hack Is the Big One (lien direct) | All the most important stories about the biggest hack in years. | Hack | ||
|
2020-12-19 12:00:00 | How to Understand the Russia Hack Fallout (lien direct) | Not all SolarWinds victims are created equal. | Hack | ||
|
2020-12-19 08:49:14 | US cyber-attack: Russia \'clearly\' behind SolarWinds operation, says Pompeo (lien direct) | US secretary of state says Moscow is "clearly" responsible for a hack targeting government agencies. | Hack | ||
|
2020-12-19 01:52:38 | \'Very, very large\' telecom organization and Fortune 500 company breached in SolarWinds hack (lien direct) | Noteworthy is the combination of the targets, which adds up to what one researcher described as attacks against the backbone of the nation's critical infrastructure. | Hack | ||
|
2020-12-18 18:33:13 | VMware Flaw a Vector in SolarWinds Breach? (lien direct) | U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks. | Hack | Solardwinds | |
 |
2020-12-18 17:55:57 | Episode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware! (lien direct) | In this podcast, sponsored by LastPass, former U.S. CISO Greg Touhill joins us to talk about news of a vast hack of U.S. government networks, which he calls a "five alarm fire" reportedly set by Russia. The post Episode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware! | Hack | LastPass | |
|
2020-12-18 16:41:43 | SolarWinds hack impacts U.S. government and military, exposes most of Fortune 500 (lien direct) | In mid-December, security analysts announced a serious data breach at two U.S. government departments. The SolarWinds hack has turned out to be one of the most far-reaching and sophisticated cyberattacks ever carried out against the U.S. government - the full impact of which now appears to go well beyond what was initially suspected. In the past few days, we've learned more about the incident, including the scope, the attack vector, and ... | Data Breach Hack | ||
|
2020-12-18 16:16:30 | Former NSA security chief details what\'s happening inside DoD to respond to SolarWinds hack (lien direct) | Former NSA Chief Security Officer Chris Kubic, now CSO at Fidelis, spoke with SC Media about what's happening behind the scenes in the CIO and CISO offices of the Pentagon. | Hack | ||
 |
2020-12-18 11:04:55 | Microsoft identified over 40 SolarWinds hack victims (lien direct) | Microsoft has said that they have identified over 40 customers who were affected by the SolarWinds hack. These customers were affected as they installed trojanized versions of the SolarWinds Orion platform. Microsoft used their Microsoft Defender antivirus product, a built-in antivirus product for all Windows devices, to disorder the intrusions on their clients’ devices. Brad Smith, […] | Hack | ||
|
2020-12-18 05:53:11 | US cyber-attack: Hack of government agencies and companies poses \'grave risk\' (lien direct) | The US cyber-security agency says thwarting the attack will be "highly complex and challenging". | Hack | ||
|
2020-12-18 03:59:45 | Microsoft says it identified 40+ victims of the SolarWinds hack (lien direct) | Microsoft says 80% of the victims it identified were located in the United States. | Hack | ||
 |
2020-12-17 20:56:04 | Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack (lien direct) | The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought.
News of Microsoft's compromise was first reported by Reuters, which also said the company's own products were then |
Hack | ||
|
2020-12-17 19:44:01 | Russia\'s Hack Wasn\'t Cyberwar. That Complicates US Strategy (lien direct) | To evaluate whether cyber security tactics are working, you need to first establish what the SolarWinds hack really was. | Hack | ||
|
2020-12-16 19:47:38 | The Asset Trap (lien direct) | As we look at what’s happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. An example of asset-driven thinking leads the article Hack may have exposed deep US secrets; damage yet unknown. And I don’t want… | Hack Threat Guideline | ||
|
2020-12-16 18:37:47 | Malicious Domain in SolarWinds Hack Turned into \'Killswitch\' (lien direct) | A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a "killswitch" designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. | Hack | ||
|
2020-12-16 09:57:57 | Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack (lien direct) | Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack (avsvmcloud[.]com) in an attempt to identify all victims and prevent other systems from being served malicious software. The domain […] | Hack | ||
|
2020-12-16 03:04:57 | SolarWinds said no other products were compromised in recent hack (lien direct) | SolarWinds has released today updates that "replaces the compromised component" in its Orion platform. | Hack | ||
|
2020-12-16 00:17:59 | Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow (lien direct) | After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers. | Hack | ||
|
2020-12-16 00:09:40 | SolarWinds: Why the Sunburst hack is so serious (lien direct) | The hack of thousands of high-profile organisations, including the US government, could have major consequences. | Hack | Solardwinds | |
|
2020-12-16 00:03:27 | Here are the critical responses required of all businesses after SolarWinds supply-chain hack (lien direct) | SolarWinds customers – over 300,000 of them, including most of the Fortune 500 – must determine what was breached, mitigate the damage before using the software again, and explore new supply chain safeguards. | Hack |
To see everything:
Our RSS (filtrered)
