Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-07-07 12:00:06 |
SideCopy cybercriminals use new custom Trojans in attacks against India\'s military (lien direct) |
SideCopy imitates Sidewinder, poaching the same infection chains to deliver different malicious tools. |
|
APT-C-17
|
|
|
2021-07-07 10:06:22 |
Suspected hacker Dr HeX arrested over cybercrime, bank fraud impacting thousands (lien direct) |
Moroccan police tracked down the alleged criminal following an Interpol investigation. |
|
|
|
|
2021-07-07 09:26:42 |
UK Information Commissioner launches probe into private email use at Department of Health (lien direct) |
Concerns were raised over claims Matt Hancock and Lord Bethell used private accounts to conduct government business. |
|
|
|
|
2021-07-06 18:45:00 |
(Déjà vu) Kaseya ransomware attack: Everything you need to know (lien direct) |
Updated: A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far. |
Ransomware
|
|
|
|
2021-07-06 09:48:10 |
Website of Mongolian certificate authority served backdoored client installer (lien direct) |
Researchers say the domain was breached eight times in a short window. |
|
|
|
|
2021-07-05 11:45:00 |
Kaseya ransomware supply chain attack: What you need to know (lien direct) |
A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far. |
Ransomware
|
|
|
|
2021-07-01 11:30:06 |
Microsoft reveals authentication failures, system hijack vulnerabilities in Netgear routers (lien direct) |
Microsoft says the bugs could have allowed “attackers to roam untethered through an entire organization.” |
|
|
|
|
2021-07-01 10:40:14 |
Columbian police collar suspected Gozi Trojan distributor (lien direct) |
The alleged hacker is wanted in the United States. |
|
|
|
|
2021-07-01 10:00:00 |
Chinese hacking group impersonates Afghan president to infiltrate government agencies (lien direct) |
The APT has been accused of infiltrating the country's security council. |
|
|
|
|
2021-07-01 09:19:55 |
Robinhood ordered to pay $70 million over \'harm\' caused to \'millions\' of traders (lien direct) |
The penalty is the largest issued by FINRA to date. |
|
|
|
|
2021-06-29 12:00:00 |
IBM Kestrel threat hunting language granted to Open Cybersecurity Alliance (lien direct) |
The contribution is aimed at giving cybersecurity experts more time to conduct forensic activities. |
Threat
|
|
|
|
2021-06-29 10:14:23 |
New ransomware highlights widespread adoption of Golang language by cyberattackers (lien direct) |
The latest version of Go is being used to prevent reverse-engineering attempts. |
Ransomware
|
|
|
|
2021-06-28 10:12:54 |
Own an old WD My Book Live? Disconnect it from the internet right now (lien direct) |
Active attacks are indiscriminately wiping user devices. |
|
|
|
|
2021-06-28 08:28:30 |
GitHub bug bounties: payouts surge past $1.5 million mark (lien direct) |
GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure. |
Vulnerability
|
|
|
|
2021-06-28 07:11:52 |
Ministry of Defence employee charged in child pornography case (lien direct) |
The charges stem from his participation in the “PedoPub” web forum. |
|
|
|
|
2021-06-25 12:49:30 |
Three Texan men jailed after using Grindr to find targets for theft, kidnap, assault (lien direct) |
Prosecutors say the men abused the app to perform “bias-motivated violence.” |
|
|
|
|
2021-06-25 11:43:24 |
Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency (lien direct) |
The malware is thought to have generated millions of dollars in just a few short years. |
Malware
|
|
|
|
2021-06-25 10:57:27 |
\'Pen tester\' FIN7 hacking group member lands seven-year prison term (lien direct) |
The “high-level” member must also pay $2.5 million in damages. |
|
|
|
|
2021-06-24 10:48:35 |
Cybersecurity firms battle DMCA rules over good-faith research (lien direct) |
The argument is that current rules are hampering ethical and effective vulnerability reporting. |
Vulnerability
|
|
|
|
2021-06-24 10:08:44 |
BIOSConnect code execution bugs impact millions of Dell devices (lien direct) |
A critical bug chain allows attackers to impersonate the vendor and impact code at the root level. |
|
|
|
|
2021-06-24 10:00:00 |
One-click account takeover vulnerabilities in Atlassian domains patched (lien direct) |
Research was conducted in light of the increasing threat of supply-chain attacks. |
Threat
|
|
|
|
2021-06-23 13:00:00 |
ChaChi: a new GoLang Trojan used in attacks against US schools (lien direct) |
The malware has found a role to play in ransomware strikes. |
Ransomware
Malware
|
|
|
|
2021-06-18 10:48:33 |
A deep dive into the operations of the LockBit ransomware group (lien direct) |
Most victims are from the enterprise and are expected to pay an average ransom of $85,000. |
Ransomware
|
|
|
|
2021-06-17 13:00:05 |
This strange malware stops you from visiting pirate websites (lien direct) |
An odd vigilante campaign is preventing victims from accessing pirate content online. |
Malware
|
|
|
|
2021-06-16 14:00:05 |
Billions of records belonging to CVS Health exposed online (lien direct) |
The exposure is another example of misconfiguration that can impact security. |
|
|
|
|
2021-06-16 08:21:30 |
Facebook awards $30,000 bounty for exploit exposing private Instagram content (lien direct) |
The bug allowed users to view content without following an account. |
|
|
|
|
2021-06-16 07:43:20 |
SEC settles with First American over massive leak of mortgage data, disclosure (lien direct) |
First American has agreed to a penalty of close to half a million dollars. |
|
|
|
|
2021-06-15 13:00:00 |
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched (lien direct) |
Close to a month on, internet-facing servers remain vulnerable to attack. |
|
|
|
|
2021-06-15 04:01:04 |
Pandemic prompts digital \'boom\' in account creation - as well as password fatigue (lien direct) |
Lockdown forced many of us online and this hasn't helped our security postures. |
|
|
|
|
2021-06-14 10:45:14 |
Dentist charged by SEC for digital token project fraud, pump-and-dump AI stock scheme (lien direct) |
The “adviser” was allegedly responsible for three securities frauds. |
|
|
|
|
2021-06-14 09:33:07 |
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers (lien direct) |
An unsecured treasure trove of data used for sales was exposed online. |
Data Breach
|
|
|
|
2021-06-14 08:49:00 |
Codecov to retire the Bash script responsible for supply chain attack wave (lien direct) |
A new uploader, shipped as a NodeJS executable, has been introduced in its place. |
|
|
|
|
2021-06-11 13:00:03 |
Lax security around URL shortener exposed PII of US retailer Carter\'s customer base (lien direct) |
Hundreds of thousands of customers may have been impacted. |
|
|
|
|
2021-06-11 08:30:01 |
Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering (lien direct) |
Criminals involved in telecom scams allegedly funneled their profits through cryptocurrency platforms. |
|
|
|
|
2021-06-11 07:48:15 |
Feds strike Slilpp, a marketplace for flogging initial access credentials (lien direct) |
The marketplace was one of the largest sellers of stolen login information. |
|
|
|
|
2021-06-10 13:00:03 |
This new hacking group has a nasty surprise for African, Middle East diplomats (lien direct) |
The newly-discovered APT pulls no punches when it comes to cyberespionage. |
|
|
|
|
2021-06-10 10:13:00 |
Amazon data usage to feature in new UK antitrust probe: report (lien direct) |
Reports suggest a formal investigation into potential merchant favoritism is planned. |
|
|
|
|
2021-06-09 09:19:00 |
Apple pays millions of dollars to student after repair staff leak her explicit photos online (lien direct) |
Sensitive photos were accessed and leaked by workers repairing her iPhone. |
|
|
|
|
2021-06-09 08:34:19 |
PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilities (lien direct) |
Two of the zero-days used were patched by Microsoft on Tuesday. |
|
|
|
|
2021-06-08 12:00:02 |
A deep dive into Nefilim, a ransomware group with an eye for $1bn+ revenue companies (lien direct) |
The group is one of many that employ two separate methods to blackmail victims. |
Ransomware
|
|
|
|
2021-06-07 16:00:03 |
Facebook ramps up privacy efforts with end-to-end encrypted audio, video calling trials in Secret Conversations (lien direct) |
The tech giant says that improving Secret Conversations will be the focus of the research. |
|
|
|
|
2021-06-07 10:00:00 |
Siloscape: this new malware targets Windows containers to access Kubernetes clusters (lien direct) |
Researchers say this is the first malware strain they know of that specifically targets Windows containers. |
Malware
|
Uber
|
|
|
2021-06-07 07:38:57 |
The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade (lien direct) |
Ransomware has been likened to a hydra -- cut off one head, and more appear in its place. |
Ransomware
|
|
|
|
2021-06-03 12:00:00 |
Necro Python bot revamped with new VMWare, server exploits (lien direct) |
The latest version of the bot has also been equipped with a cryptocurrency miner. |
|
|
|
|
2021-06-03 10:00:00 |
Chinese cybercriminals spent three years creating a new backdoor to spy on governments (lien direct) |
The new tool has been used in ongoing cyberespionage activities. |
Tool
|
|
|
|
2021-06-03 09:12:31 |
A new surprise feature for Norton 360 antivirus users: you can mine for cryptocurrency (lien direct) |
The vendor says that bringing mining in-house has security benefits. |
|
|
|
|
2021-06-03 08:21:27 |
WhatsApp backtracks on app limitations if you refuse new privacy terms (lien direct) |
App functionality will not be restricted if you refuse. |
|
|
|
|
2021-06-02 13:00:00 |
This is how attackers bypass Microsoft\'s AMSI anti-malware scanning protection (lien direct) |
Researchers outline common tactics for circumventing the security software. |
|
|
|
|
2021-06-02 12:00:06 |
XSS vulnerability found in popular WYSIWYG website editor (lien direct) |
The security flaw was found in how HTML sanitizing is performed. |
Vulnerability
|
|
|
|
2021-06-02 10:05:53 |
Russian underground forums launch competitions for cryptocurrency, NFT hacks (lien direct) |
Prizes are on offer for everything from stealing wallet funds to compromising NFTs. |
|
|
|