What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-31 17:05:00 | Illinois Physicians Notify 600K Patients of Data Breach (lien direct) | DuPage Medical Group says hack may have exposed patients' information | Data Breach Hack | ||
 |
2021-08-30 10:55:03 | T-Mobile Hack Involved Exposed Router, Specialized Tools and Brute Force Attacks (lien direct) | American Living in Turkey Takes Credit for T-Mobile Hack | Hack | ||
 |
2021-08-27 23:00:41 | An RCE in Annke video surveillance product allows hacking the device (lien direct) | Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. The vulnerability, tracked as […] | Hack Vulnerability | ||
|
2021-08-27 13:56:41 | Vulnerability Allows Remote Hacking of Annke Video Surveillance Product (lien direct) | Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke, a Hong Kong-based global provider of home and business security solutions. | Hack Vulnerability | ||
 |
2021-08-24 19:08:00 | Don\'t get rugged: DeFi scams go from zero to $129 million in a year to become top financial hack (lien direct) | Atlas VPN's analysis finds that theft within decentralized finance networks is taking in more money than phishing and ransomware attacks. | Ransomware Hack | ||
|
2021-08-23 16:52:00 | How to gain unlimited Gmail addresses with this simple hack (lien direct) | Jack Wallen shows you a neat little Gmail trick that makes it possible for you to not only gain unlimited Gmail addresses but more easily determine if something nefarious has been sent to you. | Hack | ||
 |
2021-08-23 15:30:59 | Hacker gets 500K reward for returning stolen cryptocurrency (lien direct) | The saga of what has been dubbed the biggest hack in the world of decentralized finance appears to be over as Poly Network recovered more than $610 million in cryptocurrency assets it lost two weeks ago and the hacker received a $500,000 bounty for returning the money. [...] | Hack | ||
|
2021-08-23 08:54:17 | Number of T-Mobile Customers Confirmed to Be Affected by Hack Reaches 54 Million (lien direct) | The number of T-Mobile customers confirmed to be affected by the recent hacker attack has reached more than 54 million, the wireless operator said in an update shared on Friday. | Hack | ||
 |
2021-08-23 06:27:54 | Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems (lien direct) | Close to 14 million Linux-based systems are directly exposed to the Internet, making them a lucrative target for an array of real-world attacks that could result in the deployment of malicious web shells, coin miners, ransomware, and other trojans.
That's according to an in-depth look at the Linux threat landscape published by U.S.-Japanese cybersecurity firm Trend Micro, detailing the top |
Hack Threat | ||
 |
2021-08-19 14:35:49 | Postmortem on U.S. Census Hack Exposes Cybersecurity Failures (lien direct) | Government says cybersecurity failures were many within failed January hack of U.S. Census Bureau systems. | Hack | ★★★★★ | |
|
2021-08-19 08:43:03 | Belarus Brands Group Who Claimed to Hack Interior Ministry \'Extremist\' (lien direct) | A court in Belarus declared Wednesday a group of hackers who claim to have carried out a massive hack on the interior ministry in an attack on President Alexander Lukashenko's regime to be an "extremist" organisation. | Hack | ||
|
2021-08-19 05:24:44 | (Déjà vu) Liquid cryptocurency exchange loses over $90 million following hack (lien direct) | Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. [...] | Hack | ||
|
2021-08-19 05:24:44 | Liquid cryptocurrency exchange loses $94 million following hack (lien direct) | Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. [...] | Hack | ||
 |
2021-08-17 17:56:00 | Anomali Cyber Watch: Anomali Cyber Watch: Aggah Using Compromised Websites to Target Businesses Across Asia, eCh0raix Targets Both QNAP and NAS, LockBit 2.0 Targeted Accenture, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, Critical Infrastructure, Data Storage, LockBit, Morse Code, Ransomware, and Vulnerabilities. . The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Colonial Pipeline Reports Data Breach After May Ransomware Attack
(published: August 16, 2021)
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to 5,810 individuals affected by the data breach resulting from the DarkSide ransomware attack. During the incident, which occurred during May this year, DarkSide also stole roughly 100GB of files in about two hours. Right after the attack Colonial Pipeline took certain systems offline, temporarily halted all pipeline operations, and paid $4.4 million worth of cryptocurrency for a decryptor, most of it later recovered by the FBI. The DarkSide ransomware gang abruptly shut down their operation due to increased level of attention from governments, but later resurfaced under new name BlackMatter. Emsisoft CTO Fabian Wosar confirmed that both BlackMatter RSA and Salsa20 implementation including their usage of a custom matrix comes from DarkSide.
Analyst Comment: BlackMatter (ex DarkSide) group added "Oil and Gas industry (pipelines, oil refineries)" to their non-target list, but ransomware remains a significant threat given profitability and the growing number of ransomware threat actors with various levels of recklessness. Double-extortion schemes are adding data exposure to a company's risks. Stopping ransomware affiliates requires defense in depth including: patch management, enhancing your Endpoint Detection and Response (EDR) tools with ThreatStream, the threat intelligence platform (TIP), and utilizing data loss prevention systems (DLP).
MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: Darkside, BlackMatter, Colonial Pipeline, Oil and Gas, Ransomware, Salsa20, Data Breach, USA
Indra — Hackers Behind Recent Attacks on Iran
(published: August 14, 2021)
Check Point Research discovered that a July 2021 cyber attack against Iranian railway system was committed by Indra, a non-government group. The attackers had access to the targeted networks for a month and then deployed a previously unseen file wiper called Meteor effectively disrupting train service throughout the country. Previous versions of the Indra wiper named Stardust and Comet were seen in Syria, where Indra was attacking oil, airline, and financial sectors at least since 2019.
Analyst Comment: It is concerning that even non-government threat actors can damage a critical infrastructure in a large country. Similar to ransomware protection, with regards to wiper attacks organizations should improve their intrusion detection methods and have a resilient backup system.
MITRE ATT&CK: [MITRE ATT&CK] Data Destruction - T1485 | [MITRE ATT&CK] File Deletion - T1107 | |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | APT 27 APT 27 | |
|
2021-08-17 16:55:17 | Kalay cloud platform flaw exposes millions of IoT devices to hack (lien direct) | FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. Researchers at FireEye's Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors. The flaw […] | Hack Vulnerability | ||
|
2021-08-12 20:30:58 | Black Hat: Novel DNS Hack Spills Confidential Corp Data (lien direct) | Threatpost interviews Wiz CTO about a vulnerability recently patched by Amazon Route53's DNS service and Google Cloud DNS. | Hack Vulnerability | ||
|
2021-08-12 06:31:10 | Threat actors behind the Poly Network hack are returning stolen funds (lien direct) | The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds. The threat actor behind the hack of the Poly Network cross-chain protocol is now returning the stolen funds. The hackers have stolen $611 million worth of cryptocurrency assets, $273 million worth of Ethereum tokens, $253 million […] | Hack Threat | ||
|
2021-08-11 19:23:35 | Accenture has been hit by a LockBit 2.0 ransomware attack (lien direct) | Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT and consulting giant Accenture was hit by a ransomware attack carried out by LockBit 2.0 ransomware operators, the group announced the hack on its leak site, “These people are beyond privacy and security. I really hope […] | Ransomware Hack | ||
|
2021-08-11 15:12:47 | Crypto Hack Earned Crooks $600 Million (lien direct) | In one of the largest cryptocurrency hacks to date, cyberattackers reportedly stole millions from the decentralized finance (DeFi) platform Poly Network. | Hack | ||
|
2021-08-11 12:22:06 | Accenture confirms hack after LockBit ransomware data leak threats (lien direct) | Accenture, a global IT consultancy giant has likely been hit by a ransomware cyberattack. The ransomware group LockBit is threatening to publish data on its leak site within hours, as seen by BleepingComputer. [...] | Ransomware Hack | ||
|
2021-08-10 21:21:44 | Connected Farms Easy Pickings for Global Food Supply-Chain Hack (lien direct) | John Deere security bugs could allow cyberattackers to damage crops, surrounding property or even people; impact harvests; or destroy farmland for years. | Hack | ||
|
2021-08-10 20:56:34 | $611 million stolen in Poly Network cross-chain hack (lien direct) | The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to date. $611 million has reportedly been stolen in one of the largest cryptocurrency hacks. The cross-chain protocol Poly Network disclose a security breach, threat actors have stolen over $611 million in cryptocurrencies. The attackers have […] | Hack Threat | ||
|
2021-08-10 12:19:15 | Over $600 million reportedly stolen in cryptocurrency hack (lien direct) | Over $611 million have reportedly been stolen in one of the largest cryptocurrency hacks. Decentralized cross-chain protocol and network, Poly Network announced today that it was attacked with cryptocurrency assets having successfully been transferred into the attackers' wallets. [...] | Hack | ||
|
2021-08-07 21:01:00 | #DEFCON: Hacking RFID Attendance Systems with a Time Turner (lien direct) | Student researcher reveals how it could be possible to hack an attendance system remotely and also change the responses that other students provide | Hack | ||
|
2021-08-05 02:10:42 | Oregon Examines Spyware Investment Amid Controversy (lien direct) | The future ownership of an Israeli spyware company whose product has been used to hack into the cellphones of journalists, human rights workers and possibly even heads of state is up in the air. | Hack | ||
 |
2021-08-04 07:05:55 | Black Hat insights: WAFs are getting much more dynamic making them well-suited to protect SMBs (lien direct) | A cornucopia of cybersecurity solutions went on public display today as Black Hat USA 2021 convened once more as a live event in Las Vegas. Related: Kaseya hack raises more supply chain worries For small- and mid-sized businesses (SMBs) cutting … (more…) | Hack | ||
 |
2021-08-03 11:44:47 | Paragon: Yet Another Cyberweapons Arms Manufacturer (lien direct) | Forbes has the story: Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said. One other spyware industry executive said it also promises to get longer-lasting access to a device, even when it’s rebooted. […] Two industry sources said they believed Paragon was trying to set itself apart further by promising to get access to the instant messaging applications on a device, rather than taking complete control of everything on a phone. One of the sources said they understood that Paragon’s spyware exploits the protocols of end-to-end encrypted apps, meaning it would hack into messages via vulnerabilities in the core ways in which the software operates... | Hack | ||
|
2021-07-30 17:30:41 | Encore Podcast: Chris Valasek on Hacking The Jeep Cherokee (lien direct) | With Black Hat and DEFCON upon us, we revisit a 2015 interview with Chris Valasek about his wireless, software based hack of a Chrysler Jeep Cherokee. | Hack | ||
|
2021-07-29 16:20:54 | The Life Cycle of a Breached Database (lien direct) | Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here's a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. One might even say passwords are the fossil fuels powering most IT modernization: They're ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs -- such as polluting the Internet with weaponized data when they're leaked or stolen en masse. | Hack | ||
|
2021-07-29 14:55:00 | The COVID-19 Pandemic Changed Everything, Can You Detect the New Normal? (lien direct) | COVID-19 changed our personal and business lives in ways we never imagined, especially on the technology front. Consumers started using online services at monumental rates, as evidenced by explosive growth across Amazon, Netflix, and on-demand delivery apps. Businesses accelerated the pace of digital transformation with never-before seen speeds, reflected in the meteoric rise of video conferencing, remote work, and cloud growth. Governments increased their use of websites and social media to keep citizens updated on the latest developments in the pandemic and to assist with scheduling appointments for tests and vaccines.
Cyber adversaries certainly didn’t overlook the pandemic as an opportunity. This isn’t just speculation. Since March 2020, Anomali Threat Research has tracked pandemic-related malicious cyber activities, which to date include thousands of indicators of compromise (IOCs), numerous distinct campaigns associated with multiple threat actors, dozens of different malware families, and many various MITRE ATT&CK techniques in use.
Some parts of the world are starting to rebound from the pandemic’s impact, but while there is still uncertainty around when we will fully recover, it’s a sure-fire bet that a more cloud-dependent future will be part of our new “normal.” Public and private sector organizations that want to succeed not only have to innovate to fulfill consumer and business demands for digital products and services, but also how to defend them against adversaries that are increasingly sophisticated and stealthy.
Much of the development problem has been solved, with providers like Amazon, Microsoft, and Google providing the foundation for cloud applications and services such as Amazon Web Services (AWS), Azure, and Google Cloud. Global organizations have even, in many cases, built their own private cloud platforms that can easily and rapidly deploy innovations to any connected endpoint. Unfortunately, cybersecurity hasn’t kept pace. It’s no wonder we are experiencing ransomware attacks like the one that hit the Colonial Pipeline, and breaches as unprecedented as SolarWinds.
Recently, we worked with The Harris Poll to ask more than 2,000 American and 1,000 British adults over 18 how they feel about the possibility of using COVID-19 digital vaccine cards, should they become required for participating in activities like traveling, attending sporting events, in-person school participation, entering a store or government building, etc. Our initial goal was to understand more deeply what both groups’ hopes and fears are when it comes to using smartphone applications to get on with normal life. While we learned a lot about individuals’ attitudes, we also gleaned a few insights that organizations attempting to understand the new digital normal should consider.
The Exploding Attack Surface
The survey revealed that almost all adults in the US (93%) and the UK (89%) have smartphones capable of supporting digital vaccination cards, ranging across almost all popular operating systems. While this is great news for anyone who supports the use of digital health verification solutions, it also serves as a warning. With almost all adults in these populations so interconnected, the likely overlap of their private and business digital lives presents threat actors with a large attack surface for compromising both users and their employers. Organizations that want to leverage the digital future should be happy to hear about how easy it is to reach consumers and connect employees. They also need to prepare to mitigate the associated increased threat this presents.
No Shortage of Fakes
The number of Americans and Brits willing to adopt digital vaccine cards if they become a requiremen |
Ransomware Malware Hack Threat | ||
 |
2021-07-26 10:20:28 | Vikings hack Instagram account of SBS News in Australia (lien direct) | The Instagram account of SBS Australia - a group of free-to-air TV and radio stations down under - has been hacked by someone who clearly loves "Vikings". | Hack | ||
 |
2021-07-23 16:40:24 | US court gets UK Twitter hack suspect arrested in Spain (lien direct) | O, what a tangled web we weave/When first we practise to deceive! | Hack | ||
|
2021-07-22 14:46:54 | British man arrested in connection with Twitter mega-hack that posted cryptocurrency scam from celebrity accounts (lien direct) | Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter's history. Read more in my article on the Tripwire State of Security blog. | Hack | ||
|
2021-07-22 11:01:02 | UK Man Arrested in Spain, Charged in US With Twitter Hack (lien direct) | A British man has been charged in the United States in connection with a Twitter hack last summer that compromised the accounts of prominent politicians, celebrities and technology moguls, the Justice Department said Wednesday. | Hack | ★★★ | |
|
2021-07-22 00:34:29 | Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam (lien direct) | A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts.
Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications. The Spanish |
Hack | ||
|
2021-07-21 17:17:53 | TikTok, Snapchat account hijacker arrested for role in Twitter hack (lien direct) | A fourth suspect has been arrested today for his role in the Twitter hack last year that gave attackers access to the company's internal network exposing high-profile accounts to hijacking. [...] | Hack | ||
|
2021-07-20 12:58:24 | China Says Washington Hack Claims \'Fabricated\', Condemns US Allies (lien direct) | China on Tuesday said the US had "fabricated" allegations it carried out a massive Microsoft hack, countering that Washington was the "world champion" of cyber attacks while raging at American allies for signing up to a rare joint statement of condemnation. | Hack | ||
|
2021-07-19 18:36:49 | US and allies finger China in Microsoft Exchange hack (lien direct) | The US has also blamed hackers working with China for ransomware attacks, extortion, crypto-jacking and other cybercrimes. | Ransomware Hack | ||
 |
2021-07-19 14:47:00 | (Déjà vu) UK and White House blame China for Microsoft Exchange Server hack (lien direct) | Updated: The UK government says the country is responsible for "systematic cyber sabotage." | Hack | ★★ | |
|
2021-07-19 11:18:49 | UK blames China for Microsoft Exchange Server hack (lien direct) | The government says the country is responsible for "systematic cyber sabotage." | Hack | ||
|
2021-07-19 03:38:11 | Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely (lien direct) | The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research.
The denial-of-service vulnerability, which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input, triggering a crash on any |
Hack | ||
|
2021-07-16 04:13:36 | Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware (lien direct) | Two of the zero-day Windows flaws patched by Microsoft as part of its Patch Tuesday update earlier this week were weaponized by an Israel-based company called Candiru in a series of "precision attacks" to hack more than 100 journalists, academics, activists, and political dissidents globally.
The spyware vendor was also formally identified as the commercial surveillance company that Google's |
Hack | ||
|
2021-07-15 12:22:43 | Tulsa Says Network Hack Gained Some Social Security Numbers (lien direct) | Hackers gained access to the Social Security numbers of more than two dozen people during a ransomware attack that forced the city of Tulsa to shut down parts of its computer network for months, officials said. | Hack | ||
|
2021-07-13 11:10:03 | Critical Vulnerability Can Be Exploited to Hack Schneider Electric\'s Modicon PLCs (lien direct) | A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers (PLCs) can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. | Hack Vulnerability | ||
 |
2021-07-13 05:45:00 | Dutch prosecutor ordered to give evidence on EncroChat hack (lien direct) | A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers (PLCs) can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. | Hack | ||
|
2021-07-10 12:10:15 | (Déjà vu) Microsoft removes Windows 11 hack to enable Windows 10 Start Menu (lien direct) | Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. [...] | Hack | ||
|
2021-07-10 12:10:15 | Microsoft removes Window 11 hack to enable Windows 10 Start Menu (lien direct) | Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. [...] | Hack | ||
|
2021-07-09 03:53:15 | Morgan Stanley Hit by Accellion Hack Through Third-Party Vendor (lien direct) | Investment banking firm Morgan Stanley has informed the New Hampshire Attorney General that personal information of some customers was compromised through a third-party vendor that was using the Accellion FTA service. | Hack | ||
|
2021-07-08 22:58:05 | Multiple Sage X3 vulnerabilities expose systems to hack (lien direct) | Rapid7 researchers discovered security vulnerabilities in the Sage X3 ERP product that could allow to take control of vulnerable systems. Researchers from Rapid7 discovered a total of four security vulnerabilities in the Sage X3 enterprise resource planning (ERP) solution. Chaining two of the vulnerabilities discovered by the expert, an attacker could execute malicious commands and take control of vulnerable […] | Hack | ||
|
2021-07-08 19:30:40 | Morgan Stanley discloses data breach after the hack of a third-party vendor (lien direct) | The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has disclosed a data breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse. The company has offices in more than […] | Data Breach Hack Threat |
To see everything:
Our RSS (filtrered)
