What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-04 06:13:36 | Cisco addressed several high-severity flaws in its products (lien direct) | >Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple vulnerabilities impacting some of its products, including high-severity flaws in identity, email, and web security products. The most severe vulnerability addressed by the IT giant is a cross-site request forgery (CSRF) flaw, tracked as CVE-2022-20961 […] | Vulnerability | ||
|
2022-11-03 21:29:12 | LockBit ransomware gang claims the hack of Continental automotive group (lien direct) | >The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. The group added the name of the company to its Tor leak site and is threatening to publish alleged stolen data if the […] | Ransomware Hack | ||
|
2022-11-03 16:28:32 | 250+ U.S. news sites spotted spreading FakeUpdates malware in a supply-chain attack (lien direct) | >Threat actors compromised a media company to deliver FakeUpdates malware through the websites of hundreds of newspapers in the US. Researchers at Proofpoint Threat Research observed threat actor TA569 intermittently injecting malicious code on a media company that serves many major news outlets. The media company serves The media company provides video content and advertising […] | Malware Threat | ||
|
2022-11-03 12:34:23 | Experts link the Black Basta ransomware operation to FIN7 cybercrime gang (lien direct) | >Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. Security researchers at Sentinel Labs shared details about Black Basta‘s TTPs and assess it is highly likely the ransomware operation has ties with FIN7. The experts analyzed tools used by the ransomware gang in attacks, some of […] | Ransomware | ||
|
2022-11-03 10:02:32 | Updated TikTok Privacy Policy confirms that Chinese staff can access European users\' data (lien direct) | TikTok updated its privacy policy for European Economic Area (“EEA”) and confirmed that its Chinese staff can access their users’ data. The short-form video-sharing service TikTok updated its privacy policy for European Economic Area (“EEA”), the UK, and Switzerland and confirmed that its users’ data can be accessed by its personnel, including Chinese employees. European user data […] | |||
|
2022-11-03 08:04:49 | Fortinet fixed 16 vulnerabilities, 6 rated as high severity (lien direct) | >Fortinet addressed 16 vulnerabilities in some of the company's products, six flaws received a 'high' severity rate. One of the high-severity issues is a persistent XSS, tracked as CVE-2022-38374, in Log pages of FortiADC. The root cause of the issue is an improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC. A […] | Vulnerability | ||
|
2022-11-02 22:37:27 | Vitali Kremez passed away (lien direct) | >I’m deeply saddened by the absurd death of Vitali Kremez, he died during a scuba diving off the coast of Hollywood Beach in Florida Vitali Kremez (36), founder and CEO of AdvIntel, has been found dead after scuba diving off the coast of Hollywood Beach in Florida. Vitali Kremez had entered the water on October 30 […] | |||
|
2022-11-02 21:49:48 | 4 Malicious apps on Play Store totaled +1M downloads (lien direct) | >Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. Malwarebytes researchers discovered four malicious apps uploaded by the same developer (Mobile apps Group) to the official Google Play. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. Below is […] | |||
|
2022-11-02 18:55:55 | SandStrike, a previously undocumented Android malware targets a Persian-speaking religion minority (lien direct) | >Threat actors are using previously undocumented Android spyware, dubbed SandStrike, to spy on a Persian-speaking religion minority. In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Baháʼí. The threat actors were distributing a VPN app embedding a highly sophisticated spyware. The […] | Malware Threat | ||
|
2022-11-02 10:31:40 | Dropbox discloses unauthorized access to 130 GitHub source code repositories (lien direct) | >Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub. According to the advisory published by Dropbox, the company was the target of a phishing campaign […] | Threat | ||
|
2022-11-02 08:33:57 | OpenSSL fixed two high-severity vulnerabilities (lien direct) | >The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote code execution. The OpenSSL project has issued security updates to address a couple of high-severity vulnerabilities, tracked as CVE-2022-3602 and CVE-2022-3786, in its cryptography library. The flaws impact versions 3.0.0 through 3.0.6 of the library. The OpenSSL software […] | ★★★★ | ||
|
2022-11-01 17:33:53 | LockBit 3.0 gang claims to have stolen data from Thales (lien direct) | >The ransomware group LockBit 3.0 claimed to have stolen data from the French defence and technology group Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust, […] | Ransomware Guideline | ||
|
2022-11-01 13:19:26 | Experts warn of critical RCE in ConnectWise Server Backup Solution (lien direct) | >ConnectWise has addressed a critical remote code execution vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). According to the advisory published by ConnectWise, the vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component. An attacker can exploit the vulnerability to execute remote code or directly access confidential data. […] | Vulnerability | ||
|
2022-11-01 11:32:51 | Ransomware activity and network access sales in Q3 2022 (lien direct) | >Ransomware activity report: Threat actors are selling access to hundreds of organizations, with a cumulative requested price of around $4M. Research published by threat intelligence firm KELA related to ransomware activity in Q3 reveals a stable activity in the sector of initial access sales, but experts observed a rise in the value of the offerings. […] | Ransomware Threat | ||
|
2022-11-01 09:46:44 | (Déjà vu) Samsung Galaxy Store flaw could have allowed installing malicious apps on target devices (lien direct) | >A security flaw in the Galaxy Store app for Samsung devices could have potentially allowed remote command execution on affected phones. A now-patched vulnerability in the Galaxy Store app for Samsung devices could have potentially triggered remote command execution on affected phones. The flaw is a cross-site scripting (XSS) bug that can be triggered when […] | Vulnerability | ||
|
2022-10-31 21:46:03 | VMware warns of the public availability of CVE-2021-39144 exploit code (lien direct) | >VMware warned of the availability of a public exploit for a recently addressed critical remote code execution flaw in NSX Data Center for vSphere (NSX-V). VMware warned of the existence of a public exploit targeting a recently addressed critical remote code execution (RCE) vulnerability, tracked as CVE-2021-39144 (CVSS score of 9.8), in NSX Data Center for […] | |||
|
2022-10-31 18:21:37 | Actively exploited Windows Mark-of-the-Web zero-day received an unofficial patch (lien direct) | >An unofficial patch for an actively exploited flaw in Microsoft Windows that allows to bypass Mark-of-the-Web (MotW) protections. 0patch released an unofficial patch to address an actively exploited security vulnerability in Microsoft Windows that could allow bypassing Mark-of-the-Web (MotW) protections by using files signed with malformed signatures. The issue affects all supported and multiple legacy […] | Vulnerability | ||
|
2022-10-31 14:37:01 | Wannacry, the hybrid malware that brought the world to its knees (lien direct) | >Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding […] | Ransomware Malware | Wannacry Wannacry | ★★ |
|
2022-10-31 13:44:57 | Snatch group claims to have hacked military provider HENSOLDT France (lien direct) | >The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. HENSOLDT is a company specializing in military and defense electronics. HENSOLDT France offers a wide range of critical electronics solutions, products and services for the aeronautical, defence, energy and transport sectors, […] | |||
|
2022-10-31 12:11:03 | GitHub flaw could have allowed attackers to takeover repositories of other users (lien direct) | >A critical flaw in the cloud-based repository hosting service GitHub could’ve allowed attackers to takeover other repositories. The cloud-based repository hosting service GitHub has addressed a vulnerability that could have been exploited by threat actors to takeover the repositories of other users. The vulnerability was discovered by Checkmarx that called the attack technique RepoJacking. The […] | Vulnerability Threat | ||
|
2022-10-31 08:00:18 | Malicious dropper apps on Play Store totaled 30.000+ installations (lien direct) | >ThreatFabric researchers discovered five malicious dropper apps on Google Play Store with more than 130,000 downloads. Researchers at ThreatFabric have discovered five malicious dropper apps on the official Google Play Store. The malicious dropper apps are designed to deliver banking trojans, such as SharkBot and Vultur, that already totaled over 130,000 installations. “Droppers on Google Play went […] | |||
|
2022-10-30 19:39:56 | Former British Prime Minister Liz Truss \'s phone was allegedly hacked by Russian spies (lien direct) | According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily Mail reported. According to the British tabloid, the cyber-spies are believed to have […] | |||
|
2022-10-30 17:52:51 | German BKA arrested the alleged operator of Deutschland im Deep Web darknet market (lien direct) | >German police arrested a student that is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace. Germany’s Federal Criminal Police Office (BKA) has arrested a student (22) in Bavaria, who is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace. The darknet marketplace has gone off early […] | |||
|
2022-10-30 16:41:03 | BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider (lien direct) | >The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. is a precision metal manufacturing and metal solution provider, for more than 40 years, the company has been delivering end-to-end services in the industries of precision metals and thin-film coatings with different teams […] | |||
|
2022-10-30 16:41:03 | BlackByte ransomware group hit Japanese beverage giant Asahi (lien direct) | >The BlackByte ransomware group claims to have compromised the Japanese beer and beverage company Asahi. Asahi Group Holdings, Ltd. is a global Japanese beer, spirits, soft drinks, and food business group. The Japanese beverage giant owns many popular brands, including Grolsch, such as Meantime, Peroni, and SABMiller. The BlackByte ransomware group claims to have stolen gigabytes of documents from Asahi, including […] | |||
|
2022-10-30 14:38:12 | Air New Zealand warns of an ongoing credential stuffing attack (lien direct) | >Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks. What is credential stuffing? “Credential stuffing is a type of attack in which hackers use automation and lists […] | Threat | ||
|
2022-10-29 18:34:59 | Twilio discloses another security incident that took place in June (lien direct) | >Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another “brief security incident” on June 29, 2022, the attack was conducted by the same threat actor that in August compromised the company and gained access to […] | Threat | ||
|
2022-10-29 17:12:16 | A massive cyberattack hit Slovak and Polish Parliaments (lien direct) | >The Slovak and Polish parliaments were hit by a massive cyber attack, and the voting system in Slovakia’s legislature was brought down. A massive cyber attack hit the Slovak and Polish parliaments, reported the authorities. The cyber attack brought down the voting system in Slovakia’s legislature. “The attack was multi-directional, including from inside the Russian […] | |||
|
2022-10-29 14:53:00 | How will Twitter change under Elon Musk? (lien direct) | >Cybhorus CEO Pierluigi Paganini talks to TRT World about Elon Musk completing his $44 billion deal to buy Twitter and what changes he will make to the social media platform. Of course, the first impact will be on the leadership, Elon Musk was critical in the past with Agrawal's leadership. Musk will also take action […] | Guideline | ||
|
2022-10-28 19:47:43 | Multiple vulnerabilities affect the Juniper Junos OS (lien direct) | >Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered in Juniper Networks devices. “Multiple vulnerabilities have been found in the J-Web component of Juniper Networks Junos OS. One or more of these issues could lead to unauthorized local file access, cross-site scripting attacks, path […] | Guideline | ||
|
2022-10-28 13:00:33 | Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year (lien direct) | >Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. The CVE-2022-3723 flaw is a type confusion issue that resides in the Chrome V8 Javascript engine. The flaw has been reported […] | Vulnerability | ||
|
2022-10-28 09:25:49 | Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads (lien direct) | >Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has released new security updates to backport security patches released this week to address actively exploited CVE-2022-42827 in older iPhones and iPads, addressing an actively exploited zero-day bug. Early this week, Apple addressed the ninth zero-day […] | |||
|
2022-10-28 07:41:17 | New York Post hacked? No, the culprit is an employee (lien direct) | >Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians. New York Post confirmed that it was hacked, its website and Twitter account were used by the attackers to publish offensive messages targeting US politicians and a call for the assassination of US President Joe […] | |||
|
2022-10-27 21:05:48 | Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs (lien direct) | >DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin […] | Ransomware | ||
|
2022-10-27 14:34:22 | Thomson Reuters collected and leaked at least 3TB of sensitive data (lien direct) | >The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/ Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack. The Cybernews […] | |||
|
2022-10-27 13:38:51 | SiriSpy flaw allows eavesdropping on users\' conversations with Siri (lien direct) | SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy is a now-patched vulnerability, tracked as CVE-2022-32946, in Apple’s iOS and macOS that could have potentially allowed any app with access to Bluetooth to eavesdrop on conversations with Siri and audio. “An app may be […] | Vulnerability | ||
|
2022-10-27 05:14:38 | British hacker arraigned for running The Real Deal dark web marketplace (lien direct) | >A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace. The British hacker Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) (34) was charged by the U.S. DoJ for allegedly running the ‘The Real Deal’ dark web marketplace. The man was charged with access device fraud […] | |||
|
2022-10-26 23:00:48 | OpenSSL to fix the second critical flaw ever (lien direct) | >The OpenSSL Project announced an upcoming update to address a critical vulnerability in the open-source toolkit. The OpenSSL Project announced that it is going to release updates to address a critical vulnerability in the open-source toolkit. Experts pointed out that it is the first critical vulnerability patched in toolkit since September 2016. “The OpenSSL project […] | Vulnerability | ||
|
2022-10-26 19:09:16 | See Tickets discloses data breach, customers\' credit card data exposed (lien direct) | International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. The company discovered […] | Data Breach Threat | ||
|
2022-10-26 13:14:31 | US charges Ukrainian man with Raccoon Infostealer operation (lien direct) | >US authorities charged a Ukrainian man with computer fraud for allegedly infecting millions of computers with Raccoon Infostealer. The US Justice Department charged a Ukrainian, Mark Sokolovsky (26) man with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man is currently being held in the Netherlands, he was charged for […] | |||
|
2022-10-26 09:37:20 | Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited (lien direct) | >Cisco warns of active exploitation attempts targeting two vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows. Cisco is warning of exploitation attempts targeting two security flaws, tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), in the Cisco AnyConnect Secure Mobility Client for Windows. Both vulnerabilities are dated 2020 and are now patched. The […] | |||
|
2022-10-26 07:36:50 | VMware fixes critical RCE in VMware Cloud Foundation (lien direct) | >VMware addressed a critical remote code execution vulnerability in VMware Cloud Foundation tracked as CVE-2021-39144. VMware has released security updates to address a critical vulnerability, tracked as CVE-2021-39144 (CVSSv3 9.8), in VMware Cloud Foundation. VMware Cloud Foundation™ is the industry’s most advanced hybrid cloud platform. It provides a complete set of software-defined services for compute, storage, […] | Vulnerability | ★★★★★ | |
|
2022-10-25 20:22:55 | Experts disclosed a 22-year-old bug in popular SQLite Database library (lien direct) | >A high-severity vulnerability, tracked as CVE-2022-35737, has been disclosed in the SQLite database library. The security expert Andreas Kellas detailed a high-severity vulnerability, tracked as CVE-2022-35737 (CVSS score: 7.5), in the SQLite database library, which was introduced in October 2000. The CVE-2022-35737 flaw is an integer overflow issue that impacts SQLite versions 1.0.12 through 3.39.1. The vulnerability was […] | Vulnerability | ||
|
2022-10-25 14:59:22 | Two PoS Malware used to steal data from more than 167,000 credit cards (lien direct) | >Researchers reported that threat actors used 2 PoS malware variants to steal information about more than 167,000 credit cards. Cybersecurity firm Group-IB discovered two PoS malware to steal data associated with more than 167,000 credit cards from point-of-sale payment terminals. On April 19, 2022, Group-IB researchers identified the C2 server of the POS malware called MajikPOS. […] | Malware Threat | ||
|
2022-10-25 11:44:24 | Hive ransomware gang starts leaking data allegedly stolen from Tata Power (lien direct) | >The Hive ransomware gang, which claimed the responsibility for the Tata Power data breach, started leaking data. On October 14, Tata Power, India's largest power generation company, announced that was hit by a cyber attack. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of […] | Ransomware Threat | ||
|
2022-10-25 07:10:04 | Dormant Colors campaign operates over 1M malicious Chrome extensions (lien direct) | >A new malvertising campaign, code-named Dormant Colors, is delivering malicious Google Chrome extensions that hijack targets' browsers. Researchers at Guardio Labs have discovered a new malvertising campaign, called Dormant Colors, aimed at delivering malicious Google Chrome extensions. The Chrome extensions hijack searches and insert affiliate links into web pages. The experts called the campaign Dormant […] | |||
|
2022-10-24 21:09:12 | Apple fixed the ninth actively exploited zero-day this year (lien direct) | >Apple released security updates that addressed the ninth zero-day vulnerability actively exploited in the wild since the start of the year. Apple has addressed the ninth zero-day vulnerability exploited in attacks in the wild since the start of the year. The vulnerability, tracked as CVE-2022-42827, is an out-of-bounds write issue that can be exploited by an attacker to […] | Vulnerability | ||
|
2022-10-24 18:35:15 | Cuba ransomware affiliate targets Ukraine, CERT-UA warns (lien direct) | >The Ukraine Computer Emergency Response Team (CERT-UA) warns of Cuba Ransomware attacks against critical networks in the country. The Ukraine Computer Emergency Response Team (CERT-UA) warns of potential Cuba Ransomware attacks against local critical infrastructure. On October 21, 2022, the Ukraine CERT-UA uncovered a phishing campaign impersonating the Press Service of the General Staff of […] | Ransomware | ||
|
2022-10-24 14:17:22 | Norway PM warns of Russia cyber threat to oil and gas industry (lien direct) | >Norway 's prime minister warned last week that Russia poses “a real and serious threat” to the country's oil and gas industry. Norway 's prime minister Jonas Gahr Støre warned that Russia poses “a real and serious threat” to the country's oil and gas industry. The minister claims its country is going slow in adopting […] | Threat | ||
|
2022-10-24 10:32:04 | Malicious Clicker apps in Google Play have 20M+ installs (lien direct) | >Researchers discovered 16 malicious clicker apps in the official Google Play store that were downloaded by 20M+ users. Security researchers at McAfee have discovered 16 malicious clicker apps available in the official Google Play store that were installed more than 20 million times. One of these apps, called DxClean, has more than five million times […] |
To see everything:
Our RSS (filtrered)
