What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-05 09:50:57 | Samsung Hit By Data Breach (lien direct) | In Late July, an undisclosed number of Samsung customers in the US had their personal information accessed by an unauthorised user. Samsung, the Korean electronics giant, said that it discovered the breach on 4th August 2022. It has since secured the affected systems, engaged a third-party security firm and contacted law enforcement. A statement issued […] | Data Breach | ||
|
2022-09-02 10:10:28 | TikTok Vulnerability Discovered on Android (lien direct) | Researchers have discovered a critical vulnerability in the TikTok Android app which could allow hackers to hijack user accounts remotely. The vulnerability, CVE-2022-28799, was reported to the ByteDance owned company by Microsoft in February 2022. Tiktok quickly fixed the issue. It is estimated that the app has around 1.5billion downloads on the Play Store, however, […] | Vulnerability | ||
|
2022-09-01 09:55:06 | 1859 Apps Contain Hard-Coded AWS Credentials (lien direct) | Security researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials. This poses a huge security risk. Symantec’s Threat Hunter Team, a part of Broadcom Software, wrote in a report that “over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services.” […] | Threat | ||
|
2022-09-01 09:06:43 | Over a Third of Parents Do Not Know What Online Accounts Their Children Use (lien direct) | A new survey by Censuswide and the International Cyber Expo found that over a third (34%) of parents are unaware of what online accounts their children are using, highlighting a worrying lack of awareness surrounding their children's online activity. The survey was conducted amongst 600 parents across the UK. The survey did find that over […] | |||
|
2022-08-30 13:22:03 | 3 Cybersecurity Trends for 2022 (lien direct) | As cyber criminals continue to employ increasingly sophisticated methods to breach security protocols within organizations, cybersecurity will remain a major concern for businesses of all sizes. As such, the cost of cybercrime is set to increase with the global cybersecurity market estimated to reach $403.01 billion by 2027 with a compound annual growth rate […] | |||
|
2022-08-30 09:47:38 | Akasa Air Suffers Data Leak on First Day of Operation (lien direct) | India’s newest commercial airline, Akasa Air, exposed personal data belonging to its customers. The company blamed these data leaks on technical configuration errors. Ashutosh Barot, a security researcher, added that this issue originated in the account registration process, leading to the exposure of personal information such as gender, email addresses, names, and phone numbers. The […] | Guideline | ||
|
2022-08-25 12:03:47 | (Déjà vu) Quantum Ransomware Attack Disrupts Government Agency in Dominican Republic (lien direct) | The Dominican Republic’s Instituto Agrario Dominicano (IAD) has suffered a Quantum ransomware attack. The attack encrypted multiple services and workstations throughout the government agency. The IAD is part of the Ministry of Agriculture and is responsible for executing Agrarian Reform programmes in the country. According to local media reports, the ransomware attack occurred on 18th […] | Ransomware | ||
|
2022-08-25 10:51:24 | EU Report Outlines Cyber Response to Ukraine Invasion (lien direct) | The EU’s Justice and Home Affairs Agencies’ Network (JHAAN) has released new details of its continued work to monitor and contain cyber-threats since Russia’s invasion of Ukraine. A recently published paper, Contributing to the EU’s Solidarity with Ukraine, outlines the work of nine EU agencies in this area. The list includes the European Union Agency […] | ★★★★ | ||
|
2022-08-24 14:01:16 | Fighting Cyber Attackers Earlier to Reduce Risk (lien direct) | We face an exciting evolution in the cybersecurity sector. Attackers are becoming both more efficient and intelligent at evaluating their targets and successfully carrying out their intended campaigns. Often money is at the forefront of their minds but, as we have seen recently, drivers may also be geo-political or activist views. Whatever their motivations, financial […] | ★★ | ||
|
2022-08-24 13:40:56 | Transatlantic Cyber Security Business Network (TCBN) partners with International Cyber Expo 2022 (lien direct) | Earlier this week it was announced that the Transatlantic Cyber Security Business Network (TCBN) have partnered with the International Cyber Expo 2022. The event, which runs from 27th-28th September at Olympia London, Kensington, will host 5000 delegates and over 100 leading cyber vendors. As part of the event, TCBN will host its own exhibit that […] | Guideline | ★★ | |
|
2022-08-23 11:12:43 | (Déjà vu) Counterfeit Phones Found to Contain Backdoor to Hack WhatsApp (lien direct) | Budget Android device models that are counterfeit versions associated with popular smartphone brands contain multiple hidden trojans designed to target WhatsApp and WhatsApp Business messaging app. Doctor Web first came across the malware in July 2022. It was discovered in the system partition of at least four different smartphones: radmi note 8, P48pro, Note30u, and […] | Malware Hack | ||
|
2022-08-19 11:21:50 | (Déjà vu) Ring App Vulnerability Urgently Patched by Amazon (lien direct) | Amazon have patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user’s device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads. Application security firm Checkmarx explained that it identified a cross-site scripting […] | Vulnerability | ||
|
2022-08-17 12:32:01 | Securing OT That Can\'t Be Patched (lien direct) | As industrial organisations digitise their environments, this is exposing critical operational technology (OT) to security vulnerabilities, while presenting new windows of opportunity for cybercriminals. Since last year, there has been an 88% increase in OT vulnerabilities, which are used to attack critical infrastructure and expose vital systems to potentially devastating breaches.[i] With OT systems supporting […] | |||
|
2022-08-17 09:33:15 | (Déjà vu) Job Seekers Targeted in Lazarus Group Hack (lien direct) | The North Korea state-backed Lazarus Group has been observed to be targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. ESET, a Slovak cybersecurity firm, linked these events to a campaign dubbed “Operation In(ter)ception” that was first disclosed in June 2020 and involved using social engineering tactics to […] | Malware Hack Medical | APT 38 | |
|
2022-08-16 09:45:49 | (Déjà vu) Signal Confirms Roughly 1900 Users Affected by Twilio Breach (lien direct) | On Monday, popular end-to-end encrypted messaging service Signal disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1900 users. Signal said, “for about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. All users […] | |||
|
2022-08-16 08:47:21 | Are Cloud Environments Secure Enough for Today\'s Threats? (lien direct) | Cyber security is a major problem right now. Not only is it the highest priority of any given business to keep their own data but their customers' and clients' data secure, but changes in the workplace have had a knock-on effect on cyber security. The concept of working from home has forced businesses all around […] | |||
|
2022-08-15 09:56:43 | Google Fined A$60million in Penalties For Misleading Users on Location Data (lien direct) | Alphabet Inc’s Google Unit was ordered by Australia’s Federal Court to pay A$60million in penalties for misleading users on collection of their personal location data, according to Australia’s competition watchdog. The court found that Google mislead some customers about their personal location data that was being collected through their Android mobile devices between January 2017 […] | Guideline | ★★★★ | |
|
2022-08-12 10:14:24 | Recovery From NHS Attack Could Take Weeks (lien direct) | Last week, Advanced, a key NHS IT partner was hit by a ransomware attack. The IT company has said that it could take three to four weeks for systems to resume normal service. Advanced runs several key systems within the health service. One of its most important clients is the NHS 111 service. The UK […] | Ransomware | ||
|
2022-08-12 08:13:59 | Industry All-Stars Take Stage at International Cyber Expo\'s Global Cyber Summit (lien direct) | International Cyber Expo today announced the speaker line-up for its annual Global Cyber Summit sponsored this year by Snyk, and hosted at Olympia London on the 27th and 28th of September 2022. Introduced by former CEO of NCSC, Professor Ciaran Martin CB, the Summit endeavours to be an educational platform for IT professionals, C-Level executives […] | |||
|
2022-08-10 09:09:07 | Meta Take Action Against Two Cyber Espionage Operations in South Africa (lien direct) | Action has been taken against two cyber espionage operations in South Africa, according to Meta. Action has been taken against Bitter APT and APT36. The announcement was made by the company last Thursday in its Quarterly Adversarial Threat Report, Second Quarter 2022. In the report, Meta’s Global Threat Intelligence Lead, Ben Ninmo, and Director of […] | Threat Guideline | APT 36 | |
|
2022-08-09 10:43:46 | 7-Eleven Stores in Denmark Close After Cyberattack (lien direct) | 7-Eleven stores in Denmark closed their doors yesterday after a cyberattack disrupted store payment and checkout systems throughout the country. The attack occurred early on the 8th August, with the company posting on Facebook that they were likely “exposed to a hacker attack”. The translated statement says that the company has closed all the stores […] | |||
|
2022-08-09 10:08:23 | Twilio Suffers Phishing Based Data Breach (lien direct) | Twilio, the communications giant, has confirmed that hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. The company, based in San Francisco, allows users to build voice and SMS capabilities, such as two-factor authentication (2FA), into applications, said that it became aware that someone gained “unauthorised access” to information […] | Data Breach | ||
|
2022-08-09 09:25:56 | How to stay safe from cybercriminals and avoid data breaches (lien direct) | A data breach is any person's nightmare. It can affect you mentally and financially, and an 100% unhackable device or account necessitates taking precautionary measures. Hackers target small and medium businesses as they don't have the resources to pay for cybersecurity tools and network upgrades to protect their data against the latest cybercriminals' tricks as […] | Data Breach | ||
|
2022-08-08 15:44:40 | Attack on Supplier Leaves NHS Recovering Services (lien direct) | A cyberattack, first identified last Thursday, has caused a “major” computer system outage affecting companies within the NHS, including the 111 call line. Reportedly, a number of health and care systems delivered by business software and services provider Advanced are currently experiencing major outages. Advanced has 26 NHS clients, according to Digital Health Intelligence, and […] | |||
|
2022-08-08 13:49:02 | How You Can Hack Your Senses to Work Better (lien direct) | Cybersecurity has never been a low-stress field. The industry attracts dedicated, highly-skilled perfectionists who are all too willing to shoulder the burden of a company's cybersecurity without complaint. Yet, increased threats of ransomware and cyberattacks are creating an anxiety filled workplace. The current technological skills gap means there is frequently too much work for too […] | Ransomware Hack | ||
|
2022-08-08 09:04:18 | (Déjà vu) Slack Resets Passwords After Hashes Exposed When Invitations Shared (lien direct) | Slack has notified roughly 0.5% of its users that it reset their passwords after fixing a bug that exposed salted password hashes when creating or revoking shared invitation links for workspaces. Reported by BleepingComputer, Slack said “when a user performed either of these actions, Slack transmitted a hashed version of their password (not plaintext) to […] | |||
|
2022-08-04 14:55:07 | CREST membership body announces OWASP Verification Standard programme (lien direct) | CREST, the international not-for-profit, membership body representing the global cyber security industry, in consultation with the Open Web Application Security Project (OWASP), has launched the OWASP Verification Standard (OVS), a new quality assurance standard for the global application security industry. CREST OVS provides mobile and web app developers with greater security assurance and accredited organisations […] | |||
|
2022-08-03 15:22:35 | APIs attacked in 94% of companies in past year (lien direct) | Salt Security, the API security company, today released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the bi-annual report found that 94% of survey respondents experienced security problems in production APIs in the past year, with 20% stating their organisations suffered a data breach as a result of security […] | Data Breach | ||
|
2022-08-03 10:43:52 | Conservative Party Leadership Election Warned of Potentially Malicious Efforts to Alter the Result of Upcoming Election (lien direct) | Security researchers in the UK warn of potentially malicious efforts to alter the result of the upcoming Conservative Party leadership election. The next Prime Minister of the country will be decided by around 160,000 party members when they decide between current foreign secretary Liz Truss and former chancellor Rishi Sunak. The National Cyber Security Centre […] | Guideline | ||
|
2022-08-02 13:26:28 | Armis aims to improve financial services cyber resilience with UK Finance membership (lien direct) | Armis, the unified asset intelligence platform, has joined the premier industry body for financial services in the UK, UK Finance, to help members tackle cybersecurity challenges stemming from managed or unmanaged connected assets in their environments. As an associate member, Armis says it will use the partnership to drive awareness of financial institutions' risk exposures […] | |||
|
2022-08-01 11:24:03 | (Déjà vu) Australian Man Charged With Purported Role in Creation and Sale of Spyware Used by Domestic Violence Perpetrators (lien direct) | A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by child sex offenders and domestic violence perpetrators. Jacob Wayne John Keen, from Melbourne, is said to have created the remote access trojan (RAT) when he was 15, alongside working as an administrator for the […] | |||
|
2022-08-01 10:39:47 | (Déjà vu) Congress Warns of US Court Records Data Breach (lien direct) | Lawmakers on the Hill revealed last week that a cyber-attack on the US justice system had compromised a public document management system. Jerrold Nadler (D-NY), chairman of the House Judiciary Committee, revealed the discovery at a hearing on oversight in the Justice Department. Nadler disclosed that three hostile actors had breached the Public Access to Court […] | Data Breach | ||
|
2022-07-29 08:58:09 | Ransomware Group Demand £500,000 From Bedfordshire School (lien direct) | Wooton Upper School in Bedfordshire suffered a ransomware attack this week, with hackers demanding £500,000 in ransom, according to reports. The attack also affected the Kimberley college for 16-19 year olds, with both members of the Wootton Academy Trust. The attack was said to be the work of the Hive ransomware group. The cybercriminals messaged […] | Ransomware | ||
|
2022-07-28 09:20:39 | Microsoft Threat Intelligence Center Links Threat Group to Austrian Spyware Vendor DSRIF (lien direct) | Microsoft has linked the efforts of the threat group Knotweed to an Austrian spyware vendor. The group has so far used the malware dubbed ‘SubZero’ to attack groups in Europe and Central America. The Subzero malware, as used by Knotweed, can be used to hack a target’s phone, computers, network, and internet-connected devices. DSRIF markets […] | Malware Hack Threat | ||
|
2022-07-27 09:56:42 | Lockbit Ransomware Gang Have Claimed Responsibility For Recent Public Attacks (lien direct) | Reportedly, the Lockbit ransomware gang has claimed the recent attacks on the Italian tax agency and the Canadian town of St Marys. On Friday, the local administration at St Marys explained in an update that the attack occurred last Wednesday, locking an internal server and encrypting data on it. The statement read: “Upon learning of […] | Ransomware | ||
|
2022-07-27 09:47:11 | Cost of Data Breach Reaches $4.35m on Average Globally (lien direct) | The average cost of a data breach globally has reached a new high of $4.35m. This figure has increased by 13% since 2020, according to IBM. The IBM Cost of a Data Breach Report was compiled from interviews with 550 organisations in 17 countries that were breached between March 2021 and March 2022. The firm’s […] | Data Breach | ||
|
2022-07-25 10:18:53 | (Déjà vu) Hacker Selling Twitter Account Data of Millions of Users (lien direct) | A threat actor used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million Twitter accounts. The data from the breach is now up for sale on a hacker forum for $30,000. A threat actor known as ‘devil’ said on a stolen data market that the database contains information […] | Vulnerability Threat | ||
|
2022-07-25 09:49:03 | Neopets Confirm Data Breach (lien direct) | As reported last week, over 69 million users of the site Neopets, a popular virtual pet website, may have had their data compromised in the first known US mega breach of the year. The company took to Twitter to confirm the news. Neopets is owned by Viacom. The Tweet said: “Neopets recently became aware that […] | Data Breach | ||
|
2022-07-21 14:10:21 | Salt Security Platform Enhancements Make it Easier to Operationalise API Security (lien direct) | Salt Security, the leading API security company, has announced new enhancements to its next-generation Salt Security API Protection Platform, extending abilities in threat detection and pre-production API testing. The latest features include deeper and earlier insights into attacker behaviours and attack patterns, visual depictions of API call sequences, and support for attack simulation ahead of […] | Threat Guideline | ||
|
2022-07-21 10:13:51 | Russian Adversaries Target Google Drive and DropBox in Latest Campaign (lien direct) | Russian adversaries are taking advantage of trusted cloud services, like Google Drive and DropBox, to deliver malware to businesses and governments, according to new research. Researchers at Palo Alto Networks Unit 42 wrote that the threat actor Cloaked Ursula – AKA the Russian government-linked APT29 or Cozy Bear – is increasingly using online storage services […] | Malware Threat | APT 29 | |
|
2022-07-21 09:51:49 | (Déjà vu) Hacker Selling Data of Over 69 Million Neopets Members (lien direct) | Virtual pet website Neopets has suffered from a data breach leading to the theft of a database and source codes containing the sensitive information of over 69 million members. The Neopets website allows members to own, raise, and play games with their virtual pets. The popular website recently launched NFTs that will be used as […] | Data Breach Guideline | ||
|
2022-07-20 12:54:14 | Copycat DoS App Created by Russian Hackers to Target Ukraine (lien direct) | Researchers have discovered what they believe is the first recorded instance of Android malware distribution by prolific state-sponsored Russian hacking group Turla (aka Venomous Bear, amongst other names). The active persistent threat (APT) group is linked to Russia’s Federal Security Service (FSB), a successor to the KGB. It is currently involved in operations in operations […] | Malware Threat | ||
|
2022-07-19 10:41:52 | (Déjà vu) More Malicious Malware Found in Google Play Store Apps (lien direct) | Google has taken steps to axe dozens of malicious apps from the official Play Store that were spotted propagating Facestealer, Joker, and Coper malware families through the virtual marketplace. Bad actors have repeatedly found ways to sneak past security barriers put up by Google in hopes of luring unsuspecting users into downloading the fraudulent apps. […] | Malware | ||
|
2022-07-15 12:00:29 | Almost a third of untrained users will click a phishing link – KnowBe4 research (lien direct) | New research has revealed that one in three untrained employees will click on a phishing link, according to the 2022 Phishing by Industry Benchmarking Report from KnowBe4. With ransomware payments averaging $580,000 in 2021 and business email compromise (BEC) losses topping $1.8 billion in 2020, a cyber attack can wreak havoc on an organisation. Yet, according […] | Ransomware | ||
|
2022-07-15 10:01:40 | (Déjà vu) Transplant Donor and Recipient Data Exposed by Healthcare Provider (lien direct) | The Virginia Commonwealth University Health System (VCU) has warned almost 4500 transplant participants about a privacy breach affecting the healthcare information. The company warned that some transplant recipients’ medical records included information about their donor too. Some recipient information also appeared on donors’ records too. In some cases, this information has been exposed since 2006. […] | |||
|
2022-07-14 10:28:29 | $8million Worth of Ethereum Stolen in Large Scale Uniswap Phishing Campaign (lien direct) | During an attack earlier this week, Uniswap, a popular decentralised cryptocurrency exchange, lost close to $8million worth of Ethereum. The cyberattack has impacted many investors in digital assets. The threat actors used the lure of free UNI tokens (airdrops) to trick victims into approving a transaction that gave hackers full access to wallets. The trap […] | Threat | ||
|
2022-07-14 09:36:56 | Surge in Ransomware Activity Reported in Q2 (lien direct) | A 2022 report by the security firm Digital Shadows analyzed 90 data leak sites on the dark web and found that there were a 705 victims in Q2. This is a 21% increase compared to Q1 where the firm found 582 victims on the same sites. The leading ransomware group was Lockbit, utilizing the new […] | Ransomware Guideline | ||
|
2022-07-13 15:28:14 | Giving API Security the spotlight (lien direct) | IT Security Guru recently sat down with Michelle McLean, VP of product marketing at Salt Security, to learn more about API security as its own discipline and how it supports cyber resiliency in large enterprises on their digital transformation journeys. Michelle started her career working as a technology journalist for almost a decade and has […] | |||
|
2022-07-13 10:44:43 | (Déjà vu) New Callback Phishing Attacks Sees Hackers Impersonate Cybersecurity Firms (lien direct) | Hackers are impersonating well-known cybersecurity companies in callback phishing emails to gain initial access to corporate networks. CrowdStrike have been recently targeted. Most phishing campaigns embed malicious links that lead to landing pages that steal login credentials or emails that include harmful attachments to install malware. Over the past year, threat actors have increasingly used […] | Threat Guideline | ||
|
2022-07-13 10:26:48 | (Déjà vu) TikTok Postpones European Privacy Policy Update After Italy Warns of GDPR Breach (lien direct) | On Tuesday, TikTok, the popular video-sharing platform, agreed to halt a controversial privacy policy update that could have allowed it to serve targeted ads based on users’ activity on the platform without their permission. TechCrunch reported the reversal, which comes a day after the Italian data protection company (the Garante per la Protezione dei Dati […] |
To see everything:
Our RSS (filtrered)
