What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-29 23:12:00 | FBI: Pranksters are hijacking smart devices to live-stream swatting incidents (lien direct) | The FBI said it's working with smart device makers to address the issue. | |||
|
2020-12-28 18:06:35 | Finland says hackers accessed MPs\' emails accounts (lien direct) | The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament's email system. | |||
|
2020-12-24 22:36:26 | Russian crypto-exchange Livecoin hacked after it lost control of its servers (lien direct) | Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values. | |||
|
2020-12-24 17:34:16 | Citrix devices are being abused as DDoS attack vectors (lien direct) | Citrix says it's working on a fix, expected next year. | |||
|
2020-12-23 02:20:56 | DHS warns against using Chinese hardware and digital services (lien direct) | US says Chinese companies are engaging in "PRC government-sponsored data theft." | |||
|
2020-12-22 12:55:00 | Law enforcement take down three bulletproof VPN providers (lien direct) | The three VPN services provided safe haven for cybercriminals to carry out ransomware attacks, web skimming operations, spearphishing, and account takeovers. | Ransomware | ||
|
2020-12-22 06:00:03 | Microsoft and McAfee headline newly-formed \'Ransomware Task Force\' (lien direct) | The newly-founded Ransomware Task Force will work to put together a standard framework for dealing with ransomware attacks. | Ransomware | ||
|
2020-12-21 23:57:00 | Microsoft, Google, Cisco, and others file amicus brief in support of Facebook\'s NSO lawsuit (lien direct) | Tech giants show support for Facebook's legal case against spyware vendor NSO Group. | |||
|
2020-12-21 20:40:45 | Partial lists of organizations infected with Sunburst malware released online (lien direct) | As security researchers dig through forensic evidence in the aftermath of the SolarWinds supply chain attack, victim names are slowly starting to surface. | Malware | Solardwinds Solardwinds | |
|
2020-12-21 13:59:07 | A second hacking group has targeted SolarWinds systems (lien direct) | Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack. | Malware | ||
|
2020-12-20 23:14:24 | Zero-click iOS zero-day found deployed against Al Jazeera employees (lien direct) | Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14. | Vulnerability | ||
|
2020-12-19 08:00:04 | Firefox to ship \'network partitioning\' as a new anti-tracking defense (lien direct) | Firefox's "network partitioning" feature to ship in v85, scheduled for January 2021. | |||
|
2020-12-18 21:04:26 | Apple, Google, Microsoft, and Mozilla ban Kazakhstan\'s MitM HTTPS certificate (lien direct) | This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens. | |||
|
2020-12-18 17:30:09 | FBI & Interpol disrupt Joker\'s Stash, the internet\'s largest carding marketplace (lien direct) | Four threat intel firms, Digital Shadows, Intel 471, Gemini Advisory, and Kela, said the disruption was temporary. | Threat | ||
|
2020-12-18 13:34:58 | NSA warns of federated login abuse for local-to-cloud attacks (lien direct) | The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure. | |||
|
2020-12-18 03:59:45 | Microsoft says it identified 40+ victims of the SolarWinds hack (lien direct) | Microsoft says 80% of the victims it identified were located in the United States. | Hack | ||
|
2020-12-17 23:46:00 | Microsoft was also breached in recent SolarWinds supply chain hack, report (lien direct) | Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies. | |||
|
2020-12-17 16:20:20 | Ad-blocker AdGuard deploys world\'s first DNS-over-QUIC resolver (lien direct) | DNS-over-QUIC, or DoQ, is viewed as a superior, faster, and more private version of the DNS protocol, even DoH and DoT. | |||
|
2020-12-17 12:29:01 | This \'off the shelf\' Tor backdoor malware is now a firm favorite with ransomware operators (lien direct) | SystemBC is making its mark as a popular tool used in high-profile ransomware campaigns. | Ransomware Malware Tool | ||
|
2020-12-17 11:00:00 | IBM launches experimental homomorphic data encryption environment for the enterprise (lien direct) | Is it possible for fully homomorphic encryption to be a “game-changer” for data privacy? IBM intends to find out. | |||
|
2020-12-17 06:39:54 | Phobos launches Orbital, a tool for finding attack pathways and entry points into your network (lien direct) | After months of work, teasing, and planning, Phobos Orbital is out of beta and available for trials. | Tool | ||
|
2020-12-17 02:30:32 | Three million users installed 28 malicious Chrome or Edge extensions (lien direct) | Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems. | Malware | ||
|
2020-12-16 22:29:16 | FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay (lien direct) | FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom. | Ransomware | ||
|
2020-12-16 13:00:04 | FICO launches cryptocurrency trade risk solution for banks (lien direct) | The software will bring crypto risk assessment to KYC processes. | |||
|
2020-12-16 05:01:04 | New Goontact spyware discovered targeting Android and iOS users (lien direct) | Most Goontact-laced apps are targeting Asian users in Chinese speaking countries, Korea, and Japan. | |||
|
2020-12-16 03:04:57 | SolarWinds said no other products were compromised in recent hack (lien direct) | SolarWinds has released today updates that "replaces the compromised component" in its Orion platform. | Hack | ||
|
2020-12-16 00:17:59 | Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow (lien direct) | After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers. | Hack | ||
|
2020-12-15 20:18:00 | Microsoft and industry partners seize key domain used in SolarWinds hack (lien direct) | By seizing the domain, Microsoft and its partners hope to identify all victims, but are also preventing attackers from escalating intrusions in currently infected networks. | Hack | ||
|
2020-12-15 13:35:00 | Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems (lien direct) | AIR-FI technique can send stolen data at speeds of up to 100 b/s to Wi-Fi receivers at a distance of a few meters. | |||
|
2020-12-15 11:03:33 | Pornhub suspends over 10 million videos to eradicate illegal content (lien direct) | Roughly 13.5 million videos hosted on Pornhub are now reduced to only 2.9 million. | |||
|
2020-12-14 17:36:00 | SEC filings: SolarWinds says 18,000 customers were impacted by recent hack (lien direct) | In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform. | Hack | ||
|
2020-12-14 04:02:30 | (Déjà vu) FireEye confirms SolarWinds supply chain attack (lien direct) | Known victims so far include the US Treasury, the US NTIA, and FireEye itself. | |||
|
2020-12-14 04:02:00 | Microsoft, FireEye confirm SolarWinds supply chain attack (lien direct) | Known victims so far include the US Treasury, the US NTIA, and FireEye itself. | |||
|
2020-12-13 07:50:03 | PgMiner botnet attacks weakly secured PostgreSQL databases (lien direct) | Only PostgreSQL databases running on Linux servers have been attacked so far. | |||
|
2020-12-11 20:31:07 | Zero-day in WordPress SMTP plugin abused to reset admin account passwords (lien direct) | A patch has been released earlier this week but many WordPress sites remained unpatched -as usual. | |||
|
2020-12-11 10:58:10 | Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations (lien direct) | Mastercard has terminated services whereas Visa has placed a temporary hold on card payments. | |||
|
2020-12-11 09:27:49 | Critical CSRF vulnerability found on Glassdoor company review platform (lien direct) | The critical flaw impacted both job seeker and employer accounts on the web domain. | Vulnerability | ||
|
2020-12-11 06:00:03 | CISA and FBI warn of rise in ransomware attacks targeting K-12 schools (lien direct) | The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year | Ransomware | ||
|
2020-12-11 01:56:06 | Facebook doxes APT32, links Vietnam\'s primary hacking group to local IT firm (lien direct) | Facebook suspends accounts linked to APT32, says the group used its platform to spread malware. | APT 32 | ||
|
2020-12-10 22:40:39 | Tech unicorn UiPath discloses data breach (lien direct) | EXCLUSIVE: UiPath admits to accidentally exposing a sensitive file containing the personal details of some of its registered users. | Data Breach | ||
|
2020-12-10 20:57:27 | Chinese APT suspected of supply chain attack on Mongolian government agencies (lien direct) | Chinese hackers have compromised the update mechanism of a chat app used by hundreds of Mongolian government agencies. | |||
|
2020-12-10 18:37:42 | Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox (lien direct) | Microsoft says that at its peak, Adrozek had controlled more than 30,000 devices a day. | Malware | Adrozek | |
|
2020-12-10 16:40:36 | Pwnie Awards 2020 winners include Zerologon, CurveBall, Checkm8, BraveStarr attacks (lien direct) | The cybersecurity community voted for the best bugs and vulnerabilities discovered over the past year. | |||
|
2020-12-10 14:07:11 | Romania to host the EU\'s new cybersecurity research hub (lien direct) | Romania's capital, Bucharest, was selected as host for the EU's future cybersecurity research hub. | |||
|
2020-12-10 12:36:18 | Proof-of-concept exploit code published for new Kerberos Bronze Bit attack (lien direct) | The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services. | |||
|
2020-12-10 09:52:12 | njRAT Trojan operators are now using Pastebin as alternative to central command server (lien direct) | Avoiding C2 infrastructure could help hackers avoid detection. | |||
|
2020-12-10 08:01:44 | Remote code execution vulnerability uncovered in Starbucks mobile platform (lien direct) | The researcher's report revealed multiple endpoints vulnerable to the same flaw. | Vulnerability | ||
|
2020-12-10 03:29:02 | Hackers are selling more than 85,000 SQL databases on a dark web portal (lien direct) | The hackers are breaking into SQL databases, stealing their content, holding it for ransom for 9 days, and then selling them to the highest bidder if the DB owner doesn't want to ransom their content back. | |||
|
2020-12-09 23:29:59 | Adobe to block Flash content from running on January 12, 2021 (lien direct) | Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL. | |||
|
2020-12-09 20:59:57 | Google open-sources Atheris, a tool for finding security bugs in Python code (lien direct) | Atheris helps developers find bugs in Python-based codebases using a technique called fuzzing. | Tool |
To see everything:
Our RSS (filtrered)
