What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
SecurityAffairs.webp 2022-10-11 07:29:37 DeepFakes Are The Cybercriminal Economy\'s Latest Business Line (lien direct) >California-based Resecurity has identified a new spike of underground services enabling bad actors to generate deepfakes. According to cybersecurity experts, this may be used for political propaganda, foreign influence activity, disinformation, scams, and fraud.  Introduced by Canadian researchers to the public in 2014, Generative Adversarial Networks (GANs), typically imitate people's faces, speech, and unique facial […]
SecurityAffairs.webp 2022-10-11 07:08:59 (Déjà vu) Toyota discloses accidental leak of some customers\' personal information (lien direct) Toyota Motor Corporation discloses data leak, customers’ personal information may have been exposed after an access key was exposed on GitHub. Toyota Motor Corporation warns customers that their personal information may have been accidentally exposed after an access key was publicly available on GitHub for almost five years. The carmaker discovered recently that a portion […]
SecurityAffairs.webp 2022-10-10 20:47:43 (Déjà vu) CVE-2022-40684 flaw in Fortinet products is being exploited in the wild (lien direct) >Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Last week, Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable devices. “An authentication bypass using an alternate […] Vulnerability
SecurityAffairs.webp 2022-10-10 15:20:40 Pro-Russia group KillNet targets US airports (lien direct) >The pro-Russia hacktivist group ‘KillNet’ is behind massive DDoS attacks that hit websites of several major airports in the US. The pro-Russia hacktivist group ‘KillNet‘ is claiming responsibility for massive distributed denial-of-service (DDoS) attacks against the websites of several major airports in the US. The DDoS attacks have taken the websites offline, users were not […]
SecurityAffairs.webp 2022-10-10 13:10:18 The head of the Federal Cyber Security Authority (BSI) faces dismissal (lien direct) >The German Interior Minister wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contacts with Russian security services. German Interior Minister Nancy Faeser wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contact with people involved with Russian security […]
SecurityAffairs.webp 2022-10-10 08:24:02 Dark web carding site BidenCash gives 1.2M payment cards for free (lien direct) >BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its service. Operators behind the popular dark web carding market ‘BidenCash’ have released a dump of 1,221,551 credit cards to promote their underground payment card shop. Multiple security firms, noticed the promotional activity, but the news […]
SecurityAffairs.webp 2022-10-10 04:53:55 Harvard Business Publishing licensee hit by ransomware (lien direct) >Threat actors got to a database with over 152,000 customer records before its owner, the Turkish branch of Harvard Business Review, closed it. Crooks left a ransom note, threatening to leak the data and inform authorities of the EU's General Data Protection Regulation (GDPR) violations. Original Post published on CyberNews A recent discovery by the […] Ransomware
SecurityAffairs.webp 2022-10-09 17:08:08 Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM (lien direct) >Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest ransomware operators published a notice announcing the sale of “South Africa Electricity company’s root access” for $125,000. Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more […] Ransomware
SecurityAffairs.webp 2022-10-09 12:23:22 CommonSpirit hospital chains hit by ransomware, patients are facing problems (lien direct) >CommonSpirit, one of the largest hospital chains in the US, suffered a ransomware cyberattack that impacted its operations. Common Spirit, one of the largest hospital chains in the US, this week suffered a ransomware cyberattack that caused severe inconvenience to the facilities and to patients The alleged security breach led to delayed surgeries, hold-ups in […] Ransomware ★★
SecurityAffairs.webp 2022-10-09 08:24:47 Lloyd\'s of London investigates alleged cyber attack (lien direct) Lloyd’s of London launched on Wednesday an investigating into a possible cyber attack after having detected unusual activity on its network. Lloyd’s of London is investigating a cyberattack after detecting unusual network activity this week. In response to the alleged intrusion it has reset the IT infrastructure and shut down any external connection. “Lloyd’s has […]
SecurityAffairs.webp 2022-10-08 16:23:28 BlackByte Ransomware abuses vulnerable driver to bypass security solutions (lien direct) >The BlackByte ransomware operators are leveraging a flaw in a legitimate Windows driver to bypass security solutions. Researchers from Sophos warn that BlackByte ransomware operators are using a bring your own vulnerable driver (BYOVD) attack to bypass security products. In BYOVD attacks, threat actors abuse vulnerabilities in legitimate, signed drivers, on which security products rely, […] Ransomware Threat
SecurityAffairs.webp 2022-10-08 13:17:46 Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited (lien direct) >Threat actors are exploiting an unpatched severe remote code execution vulnerability in the Zimbra collaboration platform. Researchers from Rapid7 are warning of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […] Vulnerability
SecurityAffairs.webp 2022-10-07 22:03:12 VMware fixed a high-severity bug in vCenter Server (lien direct) >VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday released security patches to address a code execution vulnerability, tracked as CVE-2022-31680 (CVSS score of 7.2), in vCenter Server. The security issue is an unsafe deserialization vulnerability that resides in the platform services controller (PSC). […] Vulnerability Guideline
SecurityAffairs.webp 2022-10-07 14:37:59 Fortinet urges customers to immediately fix a critical authentication bypass flaw in FortiGate and FortiProxy (lien direct) >Fortinet addressed a critical authentication bypass vulnerability that impacted FortiGate firewalls and FortiProxy web proxies. Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable devices. “An authentication bypass using an alternate path or channel [CWE-88] in […] Vulnerability
SecurityAffairs.webp 2022-10-07 09:16:50 Hacker stole $566 million worth of Binance Coins from Binance Bridge (lien direct) >Threat actors have stolen 2 million Binance Coins (BNB), worth $566 million, from the popular Binance Bridge. Hackers have reportedly stolen $566 million worth of Binance Coins (BNB) from the Binance Bridge. It seems that threat actors were able to exploit an issue with the bridge, the attack took place at 2:30 PM EST today. […] Threat
SecurityAffairs.webp 2022-10-07 05:02:45 LilithBot Malware, a new MaaS offered by the Eternity Group (lien direct) >Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). The Eternity group operates a homonymous malware-as-a-service (MaaS), it is linked to the Russian “Jester Group,” which is […] Malware Threat
SecurityAffairs.webp 2022-10-06 21:14:34 Watch out, a bug in Linux Kernel 5.19.12 can damage displays on Intel laptops (lien direct) >A bug in Linux Kernel 5.19.12 that was released at the end of September 2022 can potentially damage the displays of Intel laptops. Linux users reported the displays of their Intel laptops rapidly blinking, flickering, and showing white flashes after upgrading to Linux kernel version 5.19.12. Linux expert Ville Syrjäl pointed out that the anomalous […]
SecurityAffairs.webp 2022-10-06 14:19:11 Cisco fixed two high-severity bugs in Communications, Networking Products (lien direct) >Cisco fixed high-severity flaws in some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. Cisco announced it has addressed high-severity vulnerabilities affecting some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. “Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series Software […]
SecurityAffairs.webp 2022-10-06 13:18:28 City of Tucson Data Breach impacted 123,500 individuals (lien direct) >The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification letter sample provided to the Maine Attorney General's Office, over 123,500 were impacted have been impacted […] Data Breach
SecurityAffairs.webp 2022-10-06 10:59:08 19-Year-Old man arrested for misusing leaked record from Optus Breach (lien direct) >The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data breach in SMS scams. The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to use data leaked after the Optus data breach in a fraudulent scheme aimed at extorting […] Data Breach
SecurityAffairs.webp 2022-10-06 08:23:50 “Egypt Leaks” – Hacktivists are Leaking Financial Data (lien direct) >Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity company protecting Fortune 500 corporations globally, has noticed a new group of hacktivists targeting financial institutions in Egypt. The bad actors go under the campaign “EG Leaks” (also known as “Egypt Leaks”), they started leaking […]
SecurityAffairs.webp 2022-10-05 22:19:55 Avast releases a free decryptor for some Hades ransomware variants (lien direct) >Avast released a free decryptor for variants of the Hades ransomware tracked as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ . Avast has released a decryptor for variants of the Hades ransomware known as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ which can allow the victims of these ransomware strains to recover their files without paying the […] Ransomware
SecurityAffairs.webp 2022-10-05 20:21:06 New Maggie malware already infected over 250 Microsoft SQL servers (lien direct) >Hundreds of Microsoft SQL servers all over the world have been infected with a new piece of malware tracked as Maggie. Security researchers Johann Aydinbas and Axel Wauer from the DCSO CyTec have spotted a new piece of malware, named Maggie, that has already infected over 250 Microsoft SQL servers worldwide. Most of the infected instances […] Malware
SecurityAffairs.webp 2022-10-05 14:58:33 Telstra Telecom discloses data breach impacting former and current employees (lien direct) >Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. The company pointed out that its systems have not been breached, the security breach impacted a third-party supplier that previously provided a now-obsolete Telstra […] Data Breach
SecurityAffairs.webp 2022-10-05 06:25:44 (Déjà vu) OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel (lien direct) >OnionPoison: researchers reported that an infected Tor Browser installer has been distributed through a popular YouTube channel. Kaspersky researchers discovered that a trojanized version of a Windows installer for the Tor Browser has been distributed through a popular Chinese-language YouTube channel. The campaign, named OnionPoison, targeted users located in China, where the Tor Browser website […]
SecurityAffairs.webp 2022-10-04 20:19:23 A flaw in the Packagist PHP repository could have allowed supply chain attacks (lien direct) >Experts disclosed a flaw in the PHP software package repository Packagist that could have been exploited to carry out supply chain attacks. SonarSource Researchers disclosed details about a now-fixed vulnerability (CVE-2022-24828) in PHP software package repository Packagist,, that could have been exploited to carry out supply chain attacks. The issue was addressed within hours by […] Vulnerability
SecurityAffairs.webp 2022-10-04 15:02:16 Lazarus APT employed an exploit in a Dell firmware driver in recent attacks (lien direct) >North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, ESET researchers warn. The discovery was made by ESET researchers while […] Medical APT 38
SecurityAffairs.webp 2022-10-04 07:05:05 Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group (lien direct) >Researchers link recently discovered Linux ransomware Cheerscrypt to the China-linked cyberespionage group DEV-0401. Researchers at cybersecurity firm Sygnia attributed the recently discovered Linux ransomware Cheerscrypt to the China-linked cyber espionage group Bronze Starlight (aka DEV-0401, APT10) Bronze Starlight, has been active since mid-2021, in June researchers from Secureworks reported that the APT group is deploying […] Ransomware APT 10
SecurityAffairs.webp 2022-10-04 06:40:34 (Déjà vu) Microsoft mitigations for recently disclosed Exchange zero-days can be easily bypassed (lien direct) >The mitigation shared by Microsoft for the two recently disclosed Exchange zero-day vulnerabilities can be bypassed, expert warns. Last week, Microsoft confirmed that two zero-day vulnerabilities in Microsoft Exchange recently disclosed by researchers at cybersecurity firm GTSC are being actively exploited in the wild. The first flaw, tracked as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) issue. […]
SecurityAffairs.webp 2022-10-03 19:29:51 Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor (lien direct) >A threat actor used a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor. Cybersecurity firm CrowdStrike disclosed details of a supply chain attack that involved the use of a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor. Comm100 is a provider of customer service and communication products […] Threat
SecurityAffairs.webp 2022-10-03 15:23:08 RansomEXX gang claims to have hacked Ferrari and leaked online internal documents (lien direct) >The Italian luxury sports car manufacturer Ferrari confirmed the availability of internal documents online, but said it has no evidence of cyber attack. Documents belonging to the Italian luxury sports car manufacturer Ferrari are circulating online, the company confirmed their authenticity stating it is not aware of cyber attacks. Ferrari is investigating the leak of the […]
SecurityAffairs.webp 2022-10-03 13:21:50 Finnish intelligence warns of Russia\'s cyberespionage activities (lien direct) The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter. According to the SUPO, future NATO membership will make the country a privileged target […] Threat
SecurityAffairs.webp 2022-10-03 06:40:23 Reflected XSS bugs in Canon Medical \'s Vitrea View could expose patient info (lien direct) >Trustwave researchers discovered two XSS flaws in Canon Medical 's Vitrea View tool that could expose patient information. During a penetration test, Trustwave Spiderlabs' researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical's Vitrea View. The Vitrea View tool allows viewing and securely share medical images through […] Tool
SecurityAffairs.webp 2022-10-02 15:58:56 BlackCat ransomware gang claims to have hacked US defense contractor NJVC (lien direct) >Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC. The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC, which supports the federal government and the United States Department of Defense. The company supports intelligence, defense, and geospatial organizations. The company has more than 1,200 employees in locations worldwide.  BlackCat added NJVC to […] Ransomware
SecurityAffairs.webp 2022-10-02 08:41:57 German police identified a gang that stole €4 million via phishing attacks (lien direct) >German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns. Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected. The phishing campaigns were conducted between October 3, 2020, and May 29, […]
SecurityAffairs.webp 2022-10-01 17:02:02 (Déjà vu) CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog (lien direct) >CISA added a recently disclosed flaw in Atlassian Bitbucket Server, tracked as CVE-2022-36804, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added a recently disclosed critical vulnerability in Atlassian’s Bitbucket Server and Data Center to its  Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant […] Vulnerability
SecurityAffairs.webp 2022-10-01 16:06:11 Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries (lien direct) >A hacker group called Guacamaya stole classified government information from multiple military and government agencies across several Latin American countries. Among the data stolen by a group of hackers called Guacamaya (macaw in Spanish) there was a huge trove of emails from Mexico's Defense Department, which shed the light on the poor resilience of the […]
SecurityAffairs.webp 2022-10-01 12:52:00 Luxury hotel chain Shangri-La suffered a security breach (lien direct) >The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised. The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal information of customers at eight of its Asian properties between May and July. The incident impacted hotels in […] Threat
SecurityAffairs.webp 2022-09-30 22:14:03 Witchetty APT used steganography in attacks against Middle East entities (lien direct) >A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […] Threat
SecurityAffairs.webp 2022-09-30 15:44:10 US DoD announced the results of the Hack US bug bounty challenge (lien direct) >The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which is considered part of DoD's vulnerability disclosure program (VDP). The challenge was launched Chief […] Hack Vulnerability
SecurityAffairs.webp 2022-09-30 10:18:05 Microsoft confirms Exchange zero-day flaws actively exploited in the wild (lien direct) >Microsoft confirmed that two recently disclosed zero-day flaws in Microsoft Exchange are being actively exploited in the wild. Microsoft confirmed that two zero-day vulnerabilities in Microsoft Exchange recently disclosed by researchers at cybersecurity firm GTSC are being actively exploited in the wild. The IT giant has promptly started the investigation into the two zero-day vulnerabilities […]
SecurityAffairs.webp 2022-09-30 07:25:07 Unpatched Microsoft Exchange Zero-Day actively exploited in the wild (lien direct) >Security researchers are warning of a new Microsoft Exchange zero-day that are being exploited by malicious actors in the wild. Cybersecurity firm GTSC discovered two Microsoft Exchange zero-day vulnerabilities that are under active exploitation in attacks in the wild. Both flaws were discovered by the researchers as part of an incident response activity in August […]
SecurityAffairs.webp 2022-09-30 05:17:30 Experts uncovered novel Malware persistence within VMware ESXi Hypervisors (lien direct) >Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used by malware authors to achieve administrative access within VMware ESXi Hypervisors and take over vCenter servers and virtual machines for Windows and Linux to perform the following actions: Send commands to the hypervisor that will […] Malware
SecurityAffairs.webp 2022-09-29 14:00:55 Hacker groups support protestors in Iran using Telegram, Signal and Darkweb (lien direct) >Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship. Check Point Research (CPR) observed multiple hacker groups using Telegram, Signal and the darkweb to support protestors in Iran in bypassing regime censorship. The hackers are sharing tools and tips to bypass censorship, including opening VPN servers, […]
SecurityAffairs.webp 2022-09-29 09:54:56 A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums (lien direct) >The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. The availability of the cracked version of the tool was first reported by the cybersecurity researcher Will […] Tool Threat
SecurityAffairs.webp 2022-09-29 07:28:01 Go-based Chaos malware is rapidly growing targeting Windows, Linux and more (lien direct) >A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. The malicious code was developed to target a broad range of devices, […] Malware
SecurityAffairs.webp 2022-09-28 15:43:32 Threat actors use Quantum Builder to deliver Agent Tesla malware (lien direct) >The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka “Quantum Lnk Builder”) is used to create malicious shortcut […] Malware Threat
SecurityAffairs.webp 2022-09-28 14:03:04 ONLINE DISINFORMATION: Under the hood of a Doppelgänger (lien direct) >ONLINE DISINFORMATION is one of the defining issues of our time and the influence of fake news has become an acute threat to our society. Disinformation undermines true journalism and steers the public opinion in highly charged topics such as immigration, climate change, armed conflicts or refugee and health crises. Social media platforms are the […] Threat
SecurityAffairs.webp 2022-09-28 13:47:10 APT28 relies on PowerPoint Mouseover to deliver Graphite malware (lien direct) >The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. Cluster25 researchers were analyzing a lure PowerPoint document used to deliver a variant of Graphite malware, which is known to be used […] Malware APT 28
SecurityAffairs.webp 2022-09-28 10:35:45 Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks (lien direct) >The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Last week, an alleged disgruntled developer leaked the builder for the latest encryptor […] Ransomware
Last update at: 2024-03-28 21:09:42
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter