Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-04 11:43:02 |
Researchers granted server by gov officials link Sharpshooter attacks to North Korea (lien direct) |
Analysis of the server revealed links to North Korea's Lazarus Group. |
Medical
|
APT 38
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-04 11:00:00 |
Data leaks, default passwords exposed in visitor management systems (lien direct) |
Automation is big business, but smart visitor systems can be as vulnerable to attacks as any other connected device. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-03 19:10:00 |
Hackers have started attacks on Cisco RV110, RV130, and RV215 routers (lien direct) |
Attacks started two days after Cisco released patch, one day after researchers published demo exploit code. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-02 19:00:00 |
New exploit lets attackers take control of Windows IoT Core devices (lien direct) |
Exclusive: Researcher creates a remote access trojan for Windows IoT Core smart devices. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-02 00:11:01 |
Microsoft rolls out Google\'s Retpoline Spectre mitigation to Windows 10 users (lien direct) |
KB4482887, released today, enables Google's Retpoline mitigation in the Windows 10 kernel (only for v1809 users). |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 21:41:05 |
Adobe releases out-of-band update to patch ColdFusion zero-day (lien direct) |
ColdFusion developers spot new zero-day exploited in the wild. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 20:53:05 |
Russia limits operations of foreign communications satellite operators (lien direct) |
The Kremlin will require foreign satellite operators to go through an approval process and build local ground stations. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 13:48:05 |
Linux servers targeted by new Chinese crypto-mining group (lien direct) |
Researchers discover new Antd crypto-mining malware targeting Linux systems. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 11:47:05 |
Retail industry endures new point-of-sale cybercrime spree (lien direct) |
The harvest of sensitive data is at hand, but it is not certain who is behind the campaign. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 10:47:04 |
Dow Jones watchlist of high-risk financial connections leaked online (lien direct) |
The watchlist is used by financial companies to search for high-risk individuals. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-01 09:09:05 |
19-year-old makes millions from ethical hacking (lien direct) |
The Argentine teenager has topped the charts when it comes to bug bounty hunting. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-28 23:45:01 |
US wiped some hard drives of Russia\'s \'troll factory\' in last year\'s hack (lien direct) |
IRA news site reveals what happened last year on the day before the US midterms. |
Hack
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-28 12:11:01 |
Targeted malware attacks against Elasticsearch servers surge (lien direct) |
Old vulnerabilities are proving to be successful. |
Malware
|
|
★★★★
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-28 00:29:01 |
Operator of eight DDoS-for-hire services pleads guilty (lien direct) |
Investigators tracked him down after he logged into his rented servers using his home IP addresses. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 21:46:01 |
Google Chrome zero-day used in the wild to collect user data via PDF files (lien direct) |
Attacks have been spotted going back to October 2017. Google is preparing a patch for late April 2019. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 19:55:00 |
Coinhive cryptojacking service to shut down in March 2019 (lien direct) |
Coinhive wanted to be an alternative to classic banner ads but it became malware after constant abuse. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 17:23:00 |
Cryptocurrency wallet caught sending user passwords to Google\'s spellchecker (lien direct) |
Coinomi wallet bug sends users' secret passphrases to Google's Spellcheck API via HTTP, in plaintext. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 16:00:00 |
Intel open-sources HBFA app to help with firmware security testing (lien direct) |
Intel's new HBFA project will be available in Q2 2019. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 16:00:00 |
Intel SGX Card expands SGX security protections to cloud data centers (lien direct) |
Intel announces new Intel SGX Card line. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 13:02:01 |
Federal bidding scam targets US contractors (lien direct) |
Phishing websites masquerade as procurement login portals. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 12:11:00 |
Farseer malware brings Windows exploits to attack group\'s Android arsenal (lien direct) |
The new threat has been connected to attackers known for targeting Android devices. |
Malware
Threat
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 11:00:00 |
Retailers have become the top target for credential stuffing attacks (lien direct) |
Bots are being used to complete rapid-fire fraudulent purchases with very little effort from the hackers behind them. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-27 10:38:03 |
Cloudflare expands government warrant canaries in transparency bid (lien direct) |
Companies may not be able to tell you what the government has demanded, but they can tell you what it has not. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 23:46:01 |
Thunderclap flaws impact how Windows, Mac, Linux handle Thunderbolt peripherals (lien direct) |
Thunderclap vulnerabilities allow the creation of highly dangerous malicious peripherals that can steal data from OS memory. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 21:10:00 |
Researchers hide malware in benign apps with the help of speculative execution (lien direct) |
Speculative execution is the CPU optimization feature where the Meltdown and Spectre flaws were discovered last year. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 15:33:03 |
Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu (lien direct) |
One of 21 EOS blacklist maintainers failed to update its list, allowing the hacker to make off with the stolen funds. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 12:00:00 |
The hacker\'s paradise: Social networks net criminals $3bn a year in illicit profits (lien direct) |
The reach, draw, and popularity of social networks is becoming big business for fraudsters. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 11:00:00 |
MWC 2019: Your bionic hand is now at risk from hackers (lien direct) |
Infiltrating pacemakers is yesterday's news. Advanced prosthetic limbs are now on the hit list. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 11:00:00 |
Ransomware has been abandoned in favor of cryptojacking attacks against the enterprise (lien direct) |
As company defenses improve, criminals are looking for ways to secure a return on their illicit schemes. |
Ransomware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 09:41:04 |
Hackers can hijack bare-metal cloud servers by corrupting their BMC firmware (lien direct) |
Cloud providers are failing to wipe bare-metal servers clean when re-assigning them to new clients. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-26 01:03:00 |
It took hackers only three days to start exploiting latest Drupal bug (lien direct) |
Publication of exploit code helped hackers get Drupal attacks off the ground. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-25 19:30:00 |
Researchers break digital signatures for most desktop PDF viewers (lien direct) |
Researchers faked signatures on 21 of 22 desktop PDF viewer apps and 5 out of 7 online PDF digital signing services. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-25 16:24:02 |
New browser attack lets hackers run bad code even after users leave a web page (lien direct) |
MarioNet attack lets hackers create botnets from users' browsers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-25 11:49:00 |
MWC 2019: Your future Android phone, apps will need no password (lien direct) |
FIDO2 certification is paving the way for passwordless mobile security. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-25 00:57:00 |
Surveillance firm asks Mozilla to be included in Firefox\'s certificate whitelist (lien direct) |
Mozilla caught between a rock and a hard place on the issue of DarkMatter root certificates. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-23 16:34:02 |
ICANN: There is an ongoing and significant risk to DNS infrastructure (lien direct) |
Recent rash of DNS hijacking attacks has spurred ICANN to urge the industry for a more rapid DNSSEC adoption. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-23 01:02:01 |
Russian national, author of NeverQuest banking trojan, pleads guilty (lien direct) |
NeverQuest (Vawtrack) author Stanislav Lisov faces up to five years in prison. To be sentenced in June. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-22 22:41:05 |
Another Facebook privacy scandal, this time involving its mobile analytics SDK (lien direct) |
Don't be too quick to blame Facebook on this one. The company may not actually be so guilty this time. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-22 11:42:00 |
Fake Google reCAPTCHA used to hide Android banking malware (lien direct) |
The phishing campaign impersonates Google in attacks against banking institutions and their users. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-22 11:00:00 |
Credit card details worth nearly $3.5 million put up for sale on hacking forum (lien direct) |
Card details of 2.15 million Americans advertised in a separate forum ad. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-22 10:28:02 |
Adobe sends out second fix for critical Reader data leak vulnerability (lien direct) |
The original patch issued for the zero-day can be bypassed. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-21 23:34:00 |
Malware that hunts for account credentials on adult websites tripled in 2018 (lien direct) |
The number of adverts selling logins for hacked accounts on adult websites doubled in 2018. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-21 18:32:05 |
A third of all Chrome extensions request access to user data on any site (lien direct) |
Eighty-five percent of all Chrome extensions don't have a privacy policy. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-21 11:22:03 |
Google says \'hidden\' microphone in Nest product never intended to be a secret (lien direct) |
An error it may be, but invasive it certainly is. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-21 05:10:00 |
Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes (lien direct) |
Microsoft releases updates to fix bug that froze systems when IIS handled malformed HTTP/2 requests. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-21 00:02:00 |
Cisco patches a couple of root access-granting security flaws (lien direct) |
Cisco releases 15 security updates, with Cisco HyperFlex receiving two very important fixes. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-20 17:36:00 |
Microsoft Edge lets Facebook run Flash code behind users\' backs (lien direct) |
Google security researcher finds secret whitelist that lets Facebook run Flash content despite Edge's normal security policies. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-20 15:54:00 |
WinRAR versions released in the last 19 years impacted by severe security flaw (lien direct) |
Over 500 million WinRAR users at risk. Users advised to update WinRAR as soon as possible. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-20 13:42:01 |
DrainerBot infected apps play invisible videos to drain your data (lien direct) |
If your mobile device is consuming insane amounts of data, you may be a victim. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-02-20 12:02:00 |
Severe vulnerabilities uncovered in popular password managers (lien direct) |
Passwords stored in RAM could lead to theft, but the report has to be considered in a risk-based context. |
Guideline
|
|
|