What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-04 12:39:25 | SolarWinds patches vulnerabilities that could allow full system control (lien direct) | Fixes come as SolarWinds sorts out its role in a major hack on its customers. | Hack | ||
 |
2021-02-04 12:11:53 | Another SolarWinds Orion Hack (lien direct) | At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using an already existing vulnerability in Orion to penetrate networks: Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised. […] Reuters was not able to establish how many organizations were compromised by the suspected Chinese operation. The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies... | Hack Vulnerability Threat | ★★★★★ | |
 |
2021-02-03 20:49:15 | Alleged China-linked hackers used SolarWinds bug to breach National Finance Center (lien direct) | Alleged China-linked hackers have exploited a flaw in the SolarWinds Orion software to hack systems at the U.S. National Finance Center. FBI investigators discovered that allegedly China-linked hackers have exploited a flaw in the SolarWinds Orion software to break into the systems of the U.S. National Finance Center. The National Finance Center is a federal […] | Hack | ||
 |
2021-02-03 01:46:33 | A Second SolarWinds Hack Deepens Third-Party Software Fears (lien direct) | It appears that not only Russia but also China targeted the company, a reminder of the many ways interconnectedness can go wrong. | Hack | ||
 |
2021-02-02 11:02:08 | Experts Advise After Personal Data Of 1.4 Million Washington Exposed (lien direct) | The personal unemployment claims data of at least 1.4 million Washingtonians may have been stolen in a hack of software used by the state auditor's office, Auditor Pat McCarthy said… | Hack | ||
 |
2021-02-01 21:12:13 | SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat (lien direct) | Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks. | Hack | ||
 |
2021-02-01 14:30:28 | Russian Hack Brings Changes, Uncertainty to US Court System (lien direct) | Trial lawyer Robert Fisher is handling one of America's most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he'll handle the logistics of the case could feel old school: Under new court rules, he'll have to print out any highly sensitive documents and hand-deliver them to the courthouse. | Hack | ||
|
2021-01-28 15:52:29 | Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball (lien direct) | A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. | Hack | ||
|
2021-01-28 12:44:11 | Stack Overflow Shares Technical Details on 2019 Hack (lien direct) | Stack Overflow, the popular Q&A platform for programmers, this week shared technical information on how its systems were breached back in 2019, and it turns out that the hacker often viewed questions posted on Stack Overflow to learn how to conduct various activities on the compromised systems. | Hack | ||
 |
2021-01-27 20:24:01 | North Korean hackers attempt to hack security researchers investigating zero-day vulnerabilities (lien direct) | Threat experts at Google say that they have identified an ongoing hacking campaign that has targeted computer security experts, specifically those researching the very type of software vulnerabilities exploited by cybercriminals. Read more in my article on the Hot for Security blog. | Hack Threat | ||
|
2021-01-26 22:35:03 | Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack (lien direct) | Security vendors Fidelis, Mimecast, Palo Alto Networks, and Qualys revealed that were also impacted by SolarWinds supply chain attack The SolarWinds supply chain attack is worse than initially thought, other security providers, confirmed that they were also impacted. Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed to have installed tainted updates of the SolarWinds Orion […] | Hack | ||
|
2021-01-26 18:57:39 | More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack (lien direct) | Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack. Fidelis Cybersecurity has also confirmed being hit, but it's unclear if it was specifically targeted. | Hack Threat | ||
 |
2021-01-26 17:37:13 | Ghost hack – criminals use deceased employee\'s account to wreak havoc (lien direct) | Most companies are quick to remove ex-staff from the payroll, but often not so quick to shut down their network access. | Hack | ||
|
2021-01-25 14:24:50 | Russian Hack of US Agencies Exposed Supply Chain Weaknesses (lien direct) | The elite Russian hackers who gained access to computer systems of federal agencies last year didn't bother trying to break one by one into the networks of each department. | Hack | ||
|
2021-01-25 13:29:09 | Intel Latest Hack – Industry Comment (lien direct) | Following news last week that Intel has suffered a breach in which hackers obtained financially sensitive information that forced the company to release earnings early, please find comment below from cybersecurity experts.… | Hack | ||
|
2021-01-22 22:39:24 | FSB warns Russian businesses of cyber attacks as retaliation for SolarWinds hack (lien direct) | Russian authorities are alerting Russian organizations of potential cyberattacks launched by the United States in response to SolarWinds attack. The Russian intelligence agency FSB has issued a security alert this week warning Russian organizations of potential cyberattacks launched by the United States in response to the SolarWinds supply chain attack. The alert was issued after […] | Hack | ||
|
2021-01-22 16:03:09 | Biden Orders Intel Agencies to Provide Full Assessment of SolarWinds Hack (lien direct) | Just says into his leadership role, U.S. President Joe Biden has instructed U.S. intelligence agencies to provide him with a detailed assessment of the SolarWinds hack, which fueled a global cyber espionage campaign impacting many high-profile government agencies and businesses. | Hack Guideline | ||
|
2021-01-22 16:02:33 | Intel\'s Early Earnings Release Triggered by Hack (lien direct) | U.S. chip-making giant Intel Corp. has acknowledged a website hack and premature data disclosure forced the early release of its earnings report for the fourth quarter of 2020. | Hack | ||
 |
2021-01-22 11:51:59 | 2 million users had their data stolen following MyFreeCams hack (lien direct) | MyFreeCams is an adult video chat platform which provides free access to chat rooms with models, as well as paid services. A hacker has claimed that they have accessed MyFreeCams’ database using a SQL injection attack. After gaining access to the platform’s database the hacker stolen 2 million paying users’ emails, usernames, and plain text […] | Hack | ||
 |
2021-01-21 03:59:10 | Here\'s How SolarWinds Hackers Stayed Undetected for Long Enough (lien direct) | Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history.
Calling the threat actor "skillful and methodic operators who follow |
Hack Threat | ||
|
2021-01-20 11:33:16 | Expert Comment On New Malware Strain Found In SolarWinds Hack (lien direct) | Please see below for comment from cybersecurity experts on the new strain of malware, Raindrop found in relation to SolarWinds: Please see below for comment from cybersecurity experts on the… The ISBuzz Post: This Post Expert Comment On New Malware Strain Found In SolarWinds Hack | Malware Hack | Solardwinds | |
|
2021-01-19 19:04:57 | FireEye Releases New Open Source Tool in Response to SolarWinds Hack (lien direct) | FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds. | Hack Tool Threat | ||
 |
2021-01-18 12:38:11 | (Déjà vu) Cascade HacktheBox Walkthrough (lien direct) | Today, we're going to solve another Hack the box Challenge called “Cascade” and the machine is part of the retired lab, so you can connect to the machine using your HTB VPN and then start to solve the CTF. This laboratory is of a medium level. Solving this lab is | Hack | ||
|
2021-01-13 22:49:05 | Attackers targeted Accellion FTA in New Zealand Central Bank attack (lien direct) | The root cause for the hack of the New Zealand Central Bank was the Accellion FTA (File Transfer Application) file sharing service. During the weekend, the New Zealand central bank announced that a cyber attack hit its infrastructure. According to the Government organization, one of its data systems has been breached by an unidentified hacker, commercially […] | Hack | ★★ | |
|
2021-01-13 17:14:04 | Official: Number of Victims of Russian Hack Likely to Grow (lien direct) | The number of federal agencies and private companies who learn that they have been affected by a massive Russian hack is expected to grow as the investigation into it continues, the U.S. government's chief counterintelligence official said Tuesday. | Hack | ||
|
2021-01-13 13:48:05 | SolarLeaks: Files Allegedly Obtained in SolarWinds Hack Offered for Sale (lien direct) | Someone has set up a website named SolarLeaks where they are offering to sell gigabytes of files allegedly obtained as a result of the recently disclosed SolarWinds breach. | Hack | ||
|
2021-01-13 12:03:23 | Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack (lien direct) | Email security company Mimecast on Tuesday revealed that a sophisticated threat actor had obtained a certificate provided to certain customers. | Hack Threat | ||
|
2021-01-12 13:54:54 | ServMon HacktheBox Walkthrough (lien direct) | Today, we're going to solve another Hack the box Challenge called “ServMon” and the machine is part of the retired lab, so you can connect to the machine using your HTB VPN and then start to solve the CTF. This laboratory is of an easy level. Solving this lab is not that tough if have... Continue reading → | Hack | ||
 |
2021-01-12 12:13:00 | Affaire SolarWinds : les premiers indices techniques pointent vers la Russie (lien direct) | Le code de la porte dérobée, utilisée dans ce hack de premier ordre, ressemble en partie à celui d'une autre porte dérobée, utilisée par le groupe de hackers russes Turla... Qui est lui-même une émanation du service de renseignement FSB.  |
Hack | ||
 |
2021-01-12 08:33:19 | New Sunspot malware found while investigating SolarWinds hack (lien direct) | Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led to the compromise of several companies and government agencies. [...] | Malware Hack | Solardwinds | |
|
2021-01-11 17:53:21 | SolarWinds Hack Potentially Linked to Turla APT (lien direct) | Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon. | Hack Mobile | Solardwinds Solardwinds | |
|
2021-01-11 14:48:00 | Expert Reaction On INM Alleged Data Hack Case (lien direct) | It has been reported that Independent News and Media (INM) is trying to stall a case that is being taken against it and its former chairman, Leslie Buckley, by two members of… The ISBuzz Post: This Post Expert Reaction On INM Alleged Data Hack Case | Hack | ||
|
2021-01-11 12:55:17 | Data stolen from New Zealand\'s Central Bank following hack (lien direct) | New Zeland’s central bank, The Reserve Bank of New Zealand, has recently been hacked, with both personally and commercially sensitive information being stolen in the hack. News of the hack was first revealed on Sunday, and it has been reported that it was due to the breach of a third-party file sharing service which the […] | Hack | ||
|
2021-01-10 23:11:27 | Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack (lien direct) | A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.
Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online |
Hack | ||
|
2021-01-09 14:09:45 | SolarWinds hackers also used common hacker techniques, CISA revealed (lien direct) | CISA revealed that threat actors behind the SolarWinds hack also used password guessing and password spraying in its attacks. Cybersecurity and Infrastructure Security Agency (CISA) revealed that threat actors behind the SolarWinds supply chain attack also employed common hacker techniques to compromise the networks of the targeted organizations, including password guessing and password spraying. “Frequently, […] | Hack Threat | ||
 |
2021-01-08 21:36:00 | CISA: SolarWinds hackers also used password guessing to breach targets (lien direct) | CISA says the threat actor behind the SolarWinds hack also used password guessing and password spraying to breach targets, not just trojanized updates. | Hack Threat | ||
|
2021-01-08 17:19:09 | SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack (lien direct) | Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group - and have been hired by SolarWinds. | Hack | ||
|
2021-01-07 14:23:56 | Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack (lien direct) | An expert found multiple serious vulnerabilities in Fortinet's FortiWeb web application firewall (WAF) that could expose corporate networks to hack. Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet's FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks. The flaws, tracked as CVE-2020-29015, CVE-2020-29016, CVE-2020-29018, and […] | Hack | ||
|
2021-01-07 14:03:50 | US Judiciary adds safeguards after potential breach in SolarWinds hack (lien direct) | The Administrative Office of the U.S. Courts is investigating a potential compromise of the federal courts' case management and electronic case files system which stores millions of highly sensitive and confidential judiciary records. [...] | Hack | ||
|
2021-01-07 13:05:11 | US Govt kicked off \'Hack the Army 3.0\' bug bounty program (lien direct) | The U.S. government is going to launch the ‘Hack the Army 3.0’ bug bounty program in collaboration with the HackerOne platform. The U.S. government launched Hack the Army 3.0, the third edition of its bug bounty program, in collaboration with the HackerOne platform. The second Hack the Army bug bounty program ran between October 9 and November […] | Hack | ||
|
2021-01-07 09:20:46 | JetBrains denies involvement in the SolarWinds supply-chain hack (lien direct) | JetBrains' CEO, Maxim Shafirov, denied reports from multiple news outlets that the company played a role in the SolarWinds supply chain attack. [...] | Hack | ★★★ | |
 |
2021-01-07 09:00:00 | (Déjà vu) Dissecting the SolarWinds hack without the use of signatures (lien direct) | This blog explains how activity related to the SolarWinds hack can be detected without the use of signatures, and why a self-learning approach is the best possible mechanism to catch this Advanced Persistent Threat. | Hack | ||
|
2021-01-07 09:00:00 | Detecting the SolarWinds hack without the use of signatures (lien direct) | This blog explains how activity related to the SolarWinds hack can be detected without the use of signatures, and why a self-learning approach is the best possible mechanism to catch this Advanced Persistent Threat. | Hack | ||
 |
2021-01-07 02:27:45 | DoJ says SolarWinds hackers breached its Office 365 system and read email (lien direct) | Department discovered the intrusion 9 days after SolarWinds hack came to light. | Hack | ||
|
2021-01-07 00:52:00 | JetBrains denies being involved in SolarWinds hack (lien direct) | JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach. | Hack | ★★★★★ | |
|
2021-01-06 19:41:18 | SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server (lien direct) | The US Department of Justice is one of the rare SolarWinds victims where hackers escalated the hack to a second phase and moved to access internal email inboxes, the agency said today. | Hack | ||
|
2021-01-06 18:00:56 | Tabby HacktheBox Walkthrough (lien direct) | Today, we're sharing another Hack the box Challenge Walkthrough box: Tabby and the machine is part of the retired lab, so you can connect to the machine using your HTB VPN and then start to solve the CTF. The level of the Lab is set: Beginner to intermediate. Task: Capture the user.txt and root.txt flags.... Continue reading → | Hack | ||
|
2021-01-06 12:15:31 | (Déjà vu) Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack (lien direct) | Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be exploited by […] | Hack Vulnerability | ||
|
2021-01-06 12:08:44 | Class Action Lawsuit Filed Against SolarWinds Over Hack (lien direct) | A class action lawsuit was filed on behalf of SolarWinds investors this week over the cybersecurity breach suffered by the Texas-based IT management solutions provider. | Hack | ||
|
2021-01-06 10:48:19 | Expert On US intel Agencies Blame Russia For Massive SolarWinds Hack (lien direct) | A group of U.S. intelligence agencies on Tuesday formally accused Russia of being linked to the recently discovered hack of IT group SolarWinds that compromised much of the federal government. The FBI, the Office of… The ISBuzz Post: This Post Expert On US intel Agencies Blame Russia For Massive SolarWinds Hack | Hack |
To see everything:
Our RSS (filtrered)
