Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-12 20:25:04 |
Attackers Completely Destroy VFEmail\'s Secure Mail Infrastructure (lien direct) |
"Every file server is lost, every backup server is lost.” |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-12 18:28:04 |
Major Container Security Flaw Threatens Cascading Attacks (lien direct) |
A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks. |
Vulnerability
|
Uber
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-12 18:16:01 |
Xiaomi M365 Electric Scooter Hacked and Remotely Controlled (lien direct) |
Hackers up to 100 meters away could take over Xiaomi M365 scooters to brake or accelerate them. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-12 15:09:04 |
Adobe Fixes 43 Critical Acrobat and Reader Flaws (lien direct) |
Overall, Adobe patched 75 important and critical vulnerabilities - including a flaw that could allow bad actors to steal victims' hashed password values. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 20:17:02 |
Threatpost Poll: Is It Impossible to Secure Mobile Devices? (lien direct) |
From spyware to leaky apps, mobile devices are facing a heightened level of threats. Are we prepared to secure them? |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 19:56:05 |
U.S. Senators Urge VPN Ban for Federal Workers Over Spying (lien direct) |
Wyden and Rubio are eyeing VPN services they say could be instruments of espionage for Russia and China. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 19:20:00 |
Temporary Patch Released For Adobe Reader Zero-Day (lien direct) |
The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims' NTLM hashes. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 16:49:04 |
Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns (lien direct) |
Three major websites are making data-breach news this week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 16:14:05 |
First \'Clipper\' Malware Discovered on Google Play (lien direct) |
A fake MetaMask app is the first instance of this new type of cryptocurrency stealer appearing outside of shady third-party app stores. |
Malware
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-11 16:04:03 |
Managing Enterprise Security After the Data Supernova (lien direct) |
It's futile to try to put the data genie back in the bottle. Next best thing is whole-enterprise data visibility. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-08 21:04:01 |
Google Boosts Encryption For Low-End Android Devices (lien direct) |
Google's Adiantum boosts encryption for low-end devices with processors that do not have hardware support for AES. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-08 17:44:03 |
Theory: \'Simple Hack\' Behind Bezos\' Alleged Compromising Images (lien direct) |
Researchers theorize how Bezos' very personal pictures may have been allegedly hacked. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-08 15:31:04 |
FireOS Flaw Allowed Limited Content Injection in Amazon Tablets (lien direct) |
A vulnerability in FireOS, the Amazon Fire Tablet's operating system, has been patched. |
Vulnerability
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-07 20:47:00 |
Apple Fixes Pesky FaceTime Bug in iOS 12.1.4 Update (lien direct) |
Apple's iOS 12.1.4 fixes a FaceTime bug that made headlines last week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-07 20:21:05 |
ThreatList: Latest DDoS Trends by the Numbers (lien direct) |
Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them "far more dangerous." |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-07 15:43:03 |
Flaw in Multiple Airline Systems Exposes Passenger Data (lien direct) |
Up to eight airlines do not encrypt e-ticketing booking systems - leaving personal customer data open for the taking. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-06 22:14:00 |
MacOS Zero-Day Exposes Apple Keychain Passwords (lien direct) |
A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-06 17:51:00 |
Clever Phishing Attack Enlists Google Translate to Spoof Login Page (lien direct) |
A tricky two-stage phishing scam is targeting Facebook and Google credentials using a landing page that hides behind Google's translate feature. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-06 16:25:01 |
What are Data Manipulation Attacks, and How to Mitigate Against Them (lien direct) |
Hackers don't always steal data. Sometimes the goal is to manipulate the data to intentionally trigger external events that can be capitalized on. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-06 15:24:05 |
Microsoft Confirms Serious \'PrivExchange\' Vulnerability (lien direct) |
The elevated privilege flaw exists in Microsoft Exchange and would allow a remote attacker to impersonate an administrator. |
Vulnerability
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-01 21:35:01 |
Houzz Urges Password Resets After Data Breach (lien direct) |
The decorating website said that account usernames, passwords and more have been compromised as part of a breach. |
Data Breach
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-01 19:35:02 |
Chafer APT Takes Aim at Diplomats in Iran with Improved Custom Malware (lien direct) |
The Remexi spyware has been improved and retooled. |
Malware
|
APT 39
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-01 15:50:05 |
Threatpost News Wrap Podcast For Feb. 1 (lien direct) |
From Facebook's research app being pulled from iOS devices to a new-found dump of compromised credentials, here are the top news of the week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-02-01 15:38:02 |
Cybercriminals Aim for the Super Bowl Goal Posts (lien direct) |
Scams, infrastructure attacks, data harvesting and attacks on streamers are all in the offing. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 22:09:02 |
Facebook Boots Hundreds of Iran-Linked Accounts For Spreading Misinformation (lien direct) |
Facebook is continuing to crack down on misinformation, political meddling, and "coordinated inauthentic behavior" on its platform. |
|
|
★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 21:59:01 |
TheMoon Rises Again, With a Botnet-as-a-Service Threat (lien direct) |
A new module allows it to be rented to other malicious actors -- and it's likely other new capabilities are coming down the pike. |
Threat
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 19:38:05 |
Prepare to Defend Your Network Against Swarm-as-a-Service (lien direct) |
Swarm technology may be a game changer for the bad guys if organizations don't change their tactics. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 18:51:05 |
2019 Already Marred By Slew of Data Breach Incidents (lien direct) |
So far, 2019 shows no signs of a decline in data incidents. |
Data Breach
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 18:16:01 |
Airbus Data Takes Flight: Billions of Credentials Dumped on Dark Web (lien direct) |
A cyberattack lifts employee data at the French aerospace giant as news hits of "Collections 2-5" being passed around the underground. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 18:10:03 |
U.S. Government Goes After North Korea\'s Joanap Botnet (lien direct) |
The Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 14:26:00 |
Google Pulls Data-Chugging App From iOS Devices (lien direct) |
A day after Facebook was dinged for shady iOS distribution techniques of its data-collecting research app, Google was discovered using the same methods for its own app. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-31 14:00:04 |
Mac “CookieMiner” Malware Aims to Gobble Crypto Funds (lien direct) |
A newly discovered malware steals cookies, credentials and more to break into victims' cryptocurrency exchange accounts. |
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-30 20:41:02 |
Attackers Can Track Kids\' Locations via Connected Watches (lien direct) |
A severe flaw exposes sensitive information for 35,000 kids and 20,000 individual accounts. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-30 16:59:03 |
Stealthy Malware Disguises Itself as a WordPress License Key (lien direct) |
A spam injector hides in plain site within WordPress theme files. |
Spam
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-30 16:53:02 |
Apple Blasts Facebook Over Data-Sucking \'Research\' App (lien direct) |
Another one of Facebook's apps has been banned from Apple's ecosystem due to the level of data that it collects and how it was distributed. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 20:30:02 |
Japan to Hunt Down Citizens\' Insecure IoT Devices (lien direct) |
Japan will carry out a “survey” of 200 million deployed IoT devices, with white-hats trying to log into internet-discoverable devices using default credentials. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 19:20:05 |
2019 and Beyond: The (Expanded) RSAC Advisory Board Weighs in on What\'s Next: Pt. 2 (lien direct) |
Part two of RSA's Conference Advisory Board look into the future tackles how approaches to cybersecurity must evolve to meet new emerging challenges. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 17:43:04 |
Feds Dismantle Dark Web Credentials Market (lien direct) |
Meanwhile, authorities are aggressively going after former users of the Webstresser DDoS-for-hire service. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 17:32:03 |
Mozilla Firefox 65 Ups the Ante on Privacy with Anti-Tracking Efforts (lien direct) |
Firefox 65 rolls out new redesigned privacy controls as part of Mozilla's anti-tracking promise. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 14:05:04 |
Apple Disables Group FaceTime Following Major Privacy Glitch (lien direct) |
The bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations - even when the other end of the line doesn't pick up. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-29 13:00:03 |
Researchers Allege \'Systemic\' Privacy, Security Flaws in Popular IoT Devices (lien direct) |
A report found that a dozen connected devices are open to several security and privacy issues. |
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-28 19:53:01 |
2019 and Beyond: The (Expanded) RSAC Advisory Board Weighs in on What\'s Next (lien direct) |
Forward-thinking predictions for the year ahead from some of the cybersecurity industry's wisest minds. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-28 17:43:00 |
Dailymotion Fights Ongoing Credential-Stuffing Attack (lien direct) |
The YouTube competitor said that it was hopeful that it's containing the damage. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-28 16:04:00 |
Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution (lien direct) |
Cyberattackers are targeting a pair of just-patched vulnerabilities that allow remote unauthenticated information disclosure leading to remote code-execution. |
Guideline
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-28 14:39:01 |
WordPress Users Urged to Delete Zero-Day-Ridden Plugin (lien direct) |
The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-25 22:16:01 |
LabKey Vulnerabilities Threaten Medical Research Data (lien direct) |
LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-25 19:21:00 |
Threatpost News Wrap Podcast For Jan. 25 (lien direct) |
From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-25 18:43:01 |
Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Two-Punch (lien direct) |
A spate of phishing emails with Word attachments deliver both the Gandcrab ransomware and Ursnif executable. |
Ransomware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-25 16:44:05 |
Razy Malware Attacks Browser Extensions to Steal Cryptocurrency (lien direct) |
The malware targets victims in multiple, sneaky ways as they move around the web. |
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-24 22:03:01 |
Fighting Fire with Fire: API Automation Risks (lien direct) |
A look at API attack trends such as the current (and failing) architectural designs for addressing security of these API transactions. |
|
|
|