Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-12-14 08:00:00 |
VISA warns of POS malware incidents at gas pumps across North America (lien direct) |
VISA says it's aware of POS malware being deployed on the networks of five North American fuel dispenser merchants. |
Malware
|
|
|
|
2019-12-13 20:57:00 |
New Orleans hit by ransomware, city employees told to turn off computers (lien direct) |
After Atlanta and Baltimore, another major US city grapples with a ransomware attack. |
Ransomware
|
|
|
|
2019-12-13 17:56:00 |
Npm team warns of new \'binary planting\' bug (lien direct) |
Npm bug lets booby-trapped npm (JavaScript) packages plant or alter binaries on the victim's system. |
|
|
|
|
2019-12-13 14:21:46 |
Mozilla to force all add-on devs to use 2FA to prevent supply-chain attacks (lien direct) |
New rule to enter effect starting next year, in 2020. |
|
|
|
|
2019-12-13 12:13:02 |
Spammers force Keybase to stop Stellar Space Drop cryptocurrency handouts (lien direct) |
A rush of new fake accounts has forced Keybase to rethink its free Lumen drops. |
|
|
|
|
2019-12-13 02:21:00 |
Microsoft Security Essentials updates not included in Windows 7 ESU (lien direct) |
Companies will have to go with another antivirus. |
|
|
|
|
2019-12-12 21:54:19 |
Google rolls out Verified SMS and Spam Protection in Android (lien direct) |
Android's default SMS app -- Messages -- to receive two new features: Verified SMS and Spam Protection. |
Spam
|
|
|
|
2019-12-12 16:09:45 |
Attackers now use process hollowing to hide cryptocurrency miners on your PC (lien direct) |
The malware's dropper is a skeleton that avoids detection as a malicious file. |
|
|
|
|
2019-12-12 15:23:16 |
Shopin founder charged by SEC for running $42 million scam cryptocurrency ICO (lien direct) |
SEC alleges that investor funds were spent on dating services and shopping sprees. |
|
|
|
|
2019-12-12 11:36:12 |
San Diego to suspend facial recognition tech program used by police, ICE access blocked (lien direct) |
The EFF's campaign against facial recognition scanners used by law enforcement has borne fruit. |
|
|
|
|
2019-12-12 10:27:00 |
WhatsApp to sue companies that abuse the platform for bulk messaging (lien direct) |
The abuse of WhatsApp Business functions to spam customers will not be tolerated. |
Spam
|
|
|
|
2019-12-12 07:00:00 |
Microsoft details the most clever phishing techniques it saw in 2019 (lien direct) |
This year's most clever phishing tricks include hijacking Google search results and abusing 404 error pages. |
|
|
|
|
2019-12-06 23:24:02 |
Reddit links leak of US-UK trade documents to Russian influence campaign (lien direct) |
Reddit bans 61 accounts and one subreddit for "misuse of the platform." |
|
|
★★★
|
|
2019-12-06 20:39:56 |
BMW and Hyundai hacked by Vietnamese hackers, report claims (lien direct) |
Hacks linked to Ocean Lotus (APT32), a group believed to operate with orders from the Vietnamese government. |
|
APT 32
|
★★★★
|
|
2019-12-06 16:35:52 |
These are the worst hacks, cyberattacks, and data breaches of 2019 (lien direct) |
A slew of hacks, data breaches, and attacks tainted the cybersecurity landscape in 2019. |
|
|
★★★★
|
|
2019-12-06 12:06:05 |
New ransomware attacks target your NAS devices, backup storage (lien direct) |
Ransomware attacks targeting these devices have surged in recent months. |
Ransomware
|
|
★★
|
|
2019-12-05 22:20:00 |
New vulnerability lets attackers sniff or hijack VPN connections (lien direct) |
OpenVPN, WireGuard, and IKEv2/IPSec VPNs are vulnerable to attacks. |
Vulnerability
|
|
★★★★★
|
|
2019-12-05 19:25:59 |
Facebook sues Chinese malware operator for abusing its ad platform (lien direct) |
Facebook sues ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware. |
Malware
|
|
★★★★★
|
|
2019-12-05 19:20:30 |
Bitcoin battered: The worst crypto catastrophes of 2019 (lien direct) |
Millions in cryptocurrency stolen, exit scams, and countless arrests were made in connection to crypto criminal schemes this year. |
|
|
|
|
2019-12-05 17:46:00 |
US charges two members of the Dridex malware gang (lien direct) |
One of them is considered the leader of Evil Corp, described as "the world's most harmful cyber crime group." |
Malware
Guideline
|
|
|
|
2019-12-05 15:42:14 |
44 million Microsoft users reused passwords in the first three months of 2019 (lien direct) |
Microsoft used a database of three billion publicly leaked credentials to identify users who reused passwords. |
|
|
|
|
2019-12-05 12:22:36 |
HackerOne awards $20,000 bug bounty for private data access vulnerability on its own platform (lien direct) |
An analyst and a cut-and-paste job resulted in a critical security problem. |
Vulnerability
|
|
★★★
|
|
2019-12-05 04:08:00 |
Ransomware attack hits major US data center provider (lien direct) |
CyrusOne data centers infected by REvil (Sodinokibi) ransomware. |
Ransomware
|
|
|
|
2019-12-05 00:09:15 |
The most copied StackOverflow Java code snippet contains a bug (lien direct) |
Nine years later, developer corrects code snippet. |
|
|
|
|
2019-12-04 18:10:00 |
China resurrects Great Cannon for DDoS attacks on Hong Kong forum (lien direct) |
Two years after the last attacks, the Great Cannon is up and running again. |
|
|
|
|
2019-12-04 14:47:00 |
Iranian hackers deploy new ZeroCleare data-wiping malware (lien direct) |
IBM identifies new ZeroCleare destructive malware targeting energy companies active in the Middle East region. |
Malware
|
|
|
|
2019-12-04 12:19:40 |
New Zealand\'s gun buyback scheme impacted by data breach, SAP to blame (lien direct) |
SAP has been left red-faced for allowing the security lapse to occur. |
|
|
|
|
2019-12-04 11:33:40 |
Drugs stashed in kids toys lead to $1 million cryptocurrency seizure by police (lien direct) |
A pair in their twenties have been arrested. |
|
|
|
|
2019-12-04 00:52:00 |
Two malicious Python libraries caught stealing SSH and GPG keys (lien direct) |
One library was available for only two days, but the second was live for nearly a year. |
|
|
|
|
2019-12-03 19:17:31 |
Dutch politician faces three years in prison for hacking iCloud accounts and leaking nudes (lien direct) |
City council member who doubled as a hacker set to be sentenced on Christmas Eve. |
|
|
|
|
2019-11-29 00:19:05 |
A decade of hacking: The most notable cyber-security events of the 2010s (lien direct) |
ZDNet takes a look over the most important data breaches, cyber-attacks, and malware strains of the last decade. |
Malware
|
|
|
|
2019-11-28 13:30:24 |
Hotel front desks are now a hotbed for hackers (lien direct) |
The hospitality industry can't catch a break when it comes to cybercrime. |
|
|
|
|
2019-11-27 20:58:00 |
Adobe discloses security breach impacting Magento Marketplace users (lien direct) |
Security breach was detected last week and traced back to a vulnerability in the Magento Marketplace website. |
Vulnerability
|
|
|
|
2019-11-27 13:31:30 |
Hacker stole unreleased music and then tried to frame someone else (lien direct) |
Texas man stole more than 50 GBs of music and then published unreleased songs on public internet forums. |
|
|
|
|
2019-11-27 11:08:48 |
Upbit cryptocurrency exchange loses $48.5 million to hackers (lien direct) |
Ethereum has been stolen from the company's main hot wallet. |
|
|
|
|
2019-11-26 19:40:26 |
In just three months, Google sent 12k warnings about government-backed attacks (lien direct) |
Most of these alerts were sent to users in the US and Pakistan. |
|
|
|
|
2019-11-26 17:00:00 |
Microsoft says new Dexphot malware infected more than 80,000 computers (lien direct) |
Dexphot's main purpose was to silently mine cryptocurrency and generate revenue for the attackers. |
Malware
|
|
|
|
2019-11-26 13:38:31 |
Kaspersky online protection API left open to abuse by websites (lien direct) |
The internal API has been subject to not one, but multiple failed fix attempts. |
|
|
|
|
2019-11-26 12:44:26 |
Two third-party SDKs allowed secret harvesting of Twitter and Facebook user data (lien direct) |
OneAudience and MobiBurn discontinue their respective SDKs after another data collection scandal breaks out on Monday. |
|
|
|
|
2019-11-26 12:37:37 |
Fullz House hackers pivot from phishing to Magecart card skimming attacks (lien direct) |
However, they aren't very good at hiding their tracks. |
|
|
|
|
2019-11-26 11:15:28 |
Healthcare startup executives charged over $1 billion scam (lien direct) |
Executives allegedly tampered with the balance sheet and sold stock they did not have. |
|
|
|
|
2019-11-26 05:55:05 |
Exploit kits are slowly migrating toward fileless attacks (lien direct) |
Three out of the nine exploit kits active today are using fileless attacks to infect victims. |
|
|
|
|
2019-11-26 02:12:00 |
A hacking group is hijacking Docker systems with exposed API endpoints (lien direct) |
It's almost 2020 and some sysadmins are still leaving Docker admin ports exposed on the internet. |
|
|
|
|
2019-11-25 22:40:16 |
Some Fortinet products shipped with hardcoded encryption keys (lien direct) |
It took Fortinet 18 months to fix the issue. Updates are now out. |
|
|
|
|
2019-11-25 18:46:45 |
Cheap kids smartwatch exposes the location of 5,000+ children (lien direct) |
Insecure web backend and mobile app let attackers access any kids' details and parent account. |
|
|
|
|
2019-11-25 13:21:35 |
Exploit code published for dangerous Apache Solr remote code execution flaw (lien direct) |
Solr team initially thought the bug was harmless, but it turns out the bug was more dangerous than anyone thought. |
|
|
|
|
2019-11-25 13:21:00 |
Exploit code published for two dangerous Apache Solr remote code execution flaws (lien direct) |
Proof-of-concept code published for yet unpatched Apache Solr zero-day. |
|
|
|
|
2019-11-25 12:40:22 |
Samsung Heavy Industries to pay $75 million to settle bribery case (lien direct) |
Company executives were accused of paying bribes to officials in Brazil. |
|
|
|
|
2019-11-25 06:00:08 |
Over 480 million mobile VPN apps have been downloaded in the past year (lien direct) |
Countries with the most mobile VPN app downloads: Indonesia, the US, India. |
|
|
|
|
2019-11-23 08:00:05 |
Extensive hacking operation discovered in Kazakhstan (lien direct) |
Researchers say an advanced hacking group has been using custom-developed hacking tools, expensive surveillance kits, mobile malware, and radio communications interception hardware to spy on Kazakhstan targets. |
|
|
|