What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-12 20:25:04 | Attackers Completely Destroy VFEmail\'s Secure Mail Infrastructure (lien direct) | "Every file server is lost, every backup server is lost.” | |||
|
2019-02-12 18:28:04 | Major Container Security Flaw Threatens Cascading Attacks (lien direct) | A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks. | Vulnerability | Uber | |
|
2019-02-12 18:16:01 | Xiaomi M365 Electric Scooter Hacked and Remotely Controlled (lien direct) | Hackers up to 100 meters away could take over Xiaomi M365 scooters to brake or accelerate them. | |||
|
2019-02-12 15:09:04 | Adobe Fixes 43 Critical Acrobat and Reader Flaws (lien direct) | Overall, Adobe patched 75 important and critical vulnerabilities - including a flaw that could allow bad actors to steal victims' hashed password values. | |||
|
2019-02-11 20:17:02 | Threatpost Poll: Is It Impossible to Secure Mobile Devices? (lien direct) | From spyware to leaky apps, mobile devices are facing a heightened level of threats. Are we prepared to secure them? | |||
|
2019-02-11 19:56:05 | U.S. Senators Urge VPN Ban for Federal Workers Over Spying (lien direct) | Wyden and Rubio are eyeing VPN services they say could be instruments of espionage for Russia and China. | |||
|
2019-02-11 19:20:00 | Temporary Patch Released For Adobe Reader Zero-Day (lien direct) | The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims' NTLM hashes. | |||
|
2019-02-11 16:49:04 | Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns (lien direct) | Three major websites are making data-breach news this week. | |||
|
2019-02-11 16:14:05 | First \'Clipper\' Malware Discovered on Google Play (lien direct) | A fake MetaMask app is the first instance of this new type of cryptocurrency stealer appearing outside of shady third-party app stores. | Malware | ★★★★ | |
|
2019-02-11 16:04:03 | Managing Enterprise Security After the Data Supernova (lien direct) | It's futile to try to put the data genie back in the bottle. Next best thing is whole-enterprise data visibility. | |||
|
2019-02-08 21:04:01 | Google Boosts Encryption For Low-End Android Devices (lien direct) | Google's Adiantum boosts encryption for low-end devices with processors that do not have hardware support for AES. | |||
|
2019-02-08 17:44:03 | Theory: \'Simple Hack\' Behind Bezos\' Alleged Compromising Images (lien direct) | Researchers theorize how Bezos' very personal pictures may have been allegedly hacked. | |||
|
2019-02-08 15:31:04 | FireOS Flaw Allowed Limited Content Injection in Amazon Tablets (lien direct) | A vulnerability in FireOS, the Amazon Fire Tablet's operating system, has been patched. | Vulnerability | ||
|
2019-02-07 20:47:00 | Apple Fixes Pesky FaceTime Bug in iOS 12.1.4 Update (lien direct) | Apple's iOS 12.1.4 fixes a FaceTime bug that made headlines last week. | |||
|
2019-02-07 20:21:05 | ThreatList: Latest DDoS Trends by the Numbers (lien direct) | Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them "far more dangerous." | |||
|
2019-02-07 15:43:03 | Flaw in Multiple Airline Systems Exposes Passenger Data (lien direct) | Up to eight airlines do not encrypt e-ticketing booking systems - leaving personal customer data open for the taking. | |||
|
2019-02-06 22:14:00 | MacOS Zero-Day Exposes Apple Keychain Passwords (lien direct) | A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program. | |||
|
2019-02-06 17:51:00 | Clever Phishing Attack Enlists Google Translate to Spoof Login Page (lien direct) | A tricky two-stage phishing scam is targeting Facebook and Google credentials using a landing page that hides behind Google's translate feature. | |||
|
2019-02-06 16:25:01 | What are Data Manipulation Attacks, and How to Mitigate Against Them (lien direct) | Hackers don't always steal data. Sometimes the goal is to manipulate the data to intentionally trigger external events that can be capitalized on. | |||
|
2019-02-06 15:24:05 | Microsoft Confirms Serious \'PrivExchange\' Vulnerability (lien direct) | The elevated privilege flaw exists in Microsoft Exchange and would allow a remote attacker to impersonate an administrator. | Vulnerability | ||
|
2019-02-01 21:35:01 | Houzz Urges Password Resets After Data Breach (lien direct) | The decorating website said that account usernames, passwords and more have been compromised as part of a breach. | Data Breach | ||
|
2019-02-01 19:35:02 | Chafer APT Takes Aim at Diplomats in Iran with Improved Custom Malware (lien direct) | The Remexi spyware has been improved and retooled. | Malware | APT 39 | |
|
2019-02-01 15:50:05 | Threatpost News Wrap Podcast For Feb. 1 (lien direct) | From Facebook's research app being pulled from iOS devices to a new-found dump of compromised credentials, here are the top news of the week. | |||
|
2019-02-01 15:38:02 | Cybercriminals Aim for the Super Bowl Goal Posts (lien direct) | Scams, infrastructure attacks, data harvesting and attacks on streamers are all in the offing. | |||
|
2019-01-31 22:09:02 | Facebook Boots Hundreds of Iran-Linked Accounts For Spreading Misinformation (lien direct) | Facebook is continuing to crack down on misinformation, political meddling, and "coordinated inauthentic behavior" on its platform. | ★★ | ||
|
2019-01-31 21:59:01 | TheMoon Rises Again, With a Botnet-as-a-Service Threat (lien direct) | A new module allows it to be rented to other malicious actors -- and it's likely other new capabilities are coming down the pike. | Threat | ||
|
2019-01-31 19:38:05 | Prepare to Defend Your Network Against Swarm-as-a-Service (lien direct) | Swarm technology may be a game changer for the bad guys if organizations don't change their tactics. | |||
|
2019-01-31 18:51:05 | 2019 Already Marred By Slew of Data Breach Incidents (lien direct) | So far, 2019 shows no signs of a decline in data incidents. | Data Breach | ||
|
2019-01-31 18:16:01 | Airbus Data Takes Flight: Billions of Credentials Dumped on Dark Web (lien direct) | A cyberattack lifts employee data at the French aerospace giant as news hits of "Collections 2-5" being passed around the underground. | |||
|
2019-01-31 18:10:03 | U.S. Government Goes After North Korea\'s Joanap Botnet (lien direct) | The Department of Justice is looking to dismantle the Joanap botnet, which has been built and controlled by North Korea-linked hackers since 2009. | |||
|
2019-01-31 14:26:00 | Google Pulls Data-Chugging App From iOS Devices (lien direct) | A day after Facebook was dinged for shady iOS distribution techniques of its data-collecting research app, Google was discovered using the same methods for its own app. | |||
|
2019-01-31 14:00:04 | Mac “CookieMiner” Malware Aims to Gobble Crypto Funds (lien direct) | A newly discovered malware steals cookies, credentials and more to break into victims' cryptocurrency exchange accounts. | Malware | ||
|
2019-01-30 20:41:02 | Attackers Can Track Kids\' Locations via Connected Watches (lien direct) | A severe flaw exposes sensitive information for 35,000 kids and 20,000 individual accounts. | |||
|
2019-01-30 16:59:03 | Stealthy Malware Disguises Itself as a WordPress License Key (lien direct) | A spam injector hides in plain site within WordPress theme files. | Spam Malware | ||
|
2019-01-30 16:53:02 | Apple Blasts Facebook Over Data-Sucking \'Research\' App (lien direct) | Another one of Facebook's apps has been banned from Apple's ecosystem due to the level of data that it collects and how it was distributed. | |||
|
2019-01-29 20:30:02 | Japan to Hunt Down Citizens\' Insecure IoT Devices (lien direct) | Japan will carry out a “survey” of 200 million deployed IoT devices, with white-hats trying to log into internet-discoverable devices using default credentials. | |||
|
2019-01-29 19:20:05 | 2019 and Beyond: The (Expanded) RSAC Advisory Board Weighs in on What\'s Next: Pt. 2 (lien direct) | Part two of RSA's Conference Advisory Board look into the future tackles how approaches to cybersecurity must evolve to meet new emerging challenges. | |||
|
2019-01-29 17:43:04 | Feds Dismantle Dark Web Credentials Market (lien direct) | Meanwhile, authorities are aggressively going after former users of the Webstresser DDoS-for-hire service. | |||
|
2019-01-29 17:32:03 | Mozilla Firefox 65 Ups the Ante on Privacy with Anti-Tracking Efforts (lien direct) | Firefox 65 rolls out new redesigned privacy controls as part of Mozilla's anti-tracking promise. | |||
|
2019-01-29 14:05:04 | Apple Disables Group FaceTime Following Major Privacy Glitch (lien direct) | The bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations - even when the other end of the line doesn't pick up. | |||
|
2019-01-29 13:00:03 | Researchers Allege \'Systemic\' Privacy, Security Flaws in Popular IoT Devices (lien direct) | A report found that a dozen connected devices are open to several security and privacy issues. | ★★★★ | ||
|
2019-01-28 19:53:01 | 2019 and Beyond: The (Expanded) RSAC Advisory Board Weighs in on What\'s Next (lien direct) | Forward-thinking predictions for the year ahead from some of the cybersecurity industry's wisest minds. | |||
|
2019-01-28 17:43:00 | Dailymotion Fights Ongoing Credential-Stuffing Attack (lien direct) | The YouTube competitor said that it was hopeful that it's containing the damage. | |||
|
2019-01-28 16:04:00 | Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution (lien direct) | Cyberattackers are targeting a pair of just-patched vulnerabilities that allow remote unauthenticated information disclosure leading to remote code-execution. | Guideline | ★★★★ | |
|
2019-01-28 14:39:01 | WordPress Users Urged to Delete Zero-Day-Ridden Plugin (lien direct) | The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers. | |||
|
2019-01-25 22:16:01 | LabKey Vulnerabilities Threaten Medical Research Data (lien direct) | LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible. | |||
|
2019-01-25 19:21:00 | Threatpost News Wrap Podcast For Jan. 25 (lien direct) | From a massive GDPR fine on a big tech company, to an emergency government security alert, here are the top security stories of the week. | |||
|
2019-01-25 18:43:01 | Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Two-Punch (lien direct) | A spate of phishing emails with Word attachments deliver both the Gandcrab ransomware and Ursnif executable. | Ransomware | ||
|
2019-01-25 16:44:05 | Razy Malware Attacks Browser Extensions to Steal Cryptocurrency (lien direct) | The malware targets victims in multiple, sneaky ways as they move around the web. | Malware | ||
|
2019-01-24 22:03:01 | Fighting Fire with Fire: API Automation Risks (lien direct) | A look at API attack trends such as the current (and failing) architectural designs for addressing security of these API transactions. |
To see everything:
Our RSS (filtrered)
