Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-08-04 02:46:53 |
Ransomware gang publishes tens of GBs of internal data from LG and Xerox (lien direct) |
Maze gang publishes internal data from LG and Xerox after failed extortion attempt. |
Ransomware
|
|
|
|
2020-08-03 23:08:46 |
Ahead of US election, Google bans ads linking to hacked political content (lien direct) |
New Google Ads policy to enter into effect on September 1, 2020. |
|
|
|
|
2020-08-03 17:35:27 |
CISA, DOD, FBI expose new Chinese malware strain named Taidoor (lien direct) |
US government agencies say the Taidoor remote access trojan (RAT) has been used as far back as 2008. |
Malware
|
|
|
|
2020-08-03 15:00:06 |
BlackBerry releases new security tool for reverse-engineering PE files (lien direct) |
BlackBerry open-sources PE Tree, a new malware reverse-engineering tool for analyzing Portable Executable (PE) files. |
Malware
Tool
|
|
|
|
2020-08-03 14:00:04 |
NetWalker ransomware gang has made $25 million since March 2020 (lien direct) |
The NetWalker gang has established itself as one of the most dangerous ransomware groups out there. |
Ransomware
|
|
|
|
2020-08-03 09:59:27 |
2gether hacked: €1.2m in cryptocurrency stolen, native tokens offered in exchange (lien direct) |
Almost a third of funds stored in cryptocurrency investment accounts have been taken. |
|
|
|
|
2020-08-03 04:40:05 |
GandCrab ransomware distributor arrested in Belarus (lien direct) |
Creator of the actual ransomware still at large. |
Ransomware
|
|
|
|
2020-08-02 19:18:30 |
Google: Eleven zero-days detected in the wild in the first half of 2020 (lien direct) |
A report from Google's Project Zero also looks at 2019 zero-day statistics and draws some interesting conclusions. |
|
|
|
|
2020-08-01 15:14:37 |
Phishing campaigns, from first to last victim, take 21h on average (lien direct) |
Most phishing victims experience a fraudulent transaction around 5 days after getting phished, new research shows. |
|
|
|
|
2020-08-01 10:00:27 |
Author of FastPOS malware revealed, pleads guilty (lien direct) |
A 30-year-old Moldovan man admitted this month to creating the FastPOS malware. |
Malware
|
|
|
|
2020-08-01 01:01:00 |
How the FBI tracked down the Twitter hackers (lien direct) |
A timeline of the Twitter hack composed from court documents published today. |
Hack
|
|
|
|
2020-07-31 19:21:00 |
Florida teen arrested for orchestrating Twitter hack (lien direct) |
Main suspect identified as Graham Ivan Clark, a 17-year-old teen from Tampa, Florida. |
Hack
|
|
★★★★
|
|
2020-07-31 13:07:31 |
BootHole fixes causing boot problems across multiple Linux distros (lien direct) |
Debian, Ubuntu, Red Hat, CentOS, Fedora users reports issues with booting or dual-booting their devices. |
|
|
|
|
2020-07-31 08:36:58 |
China arrests over 100 people suspected of involvement in PlusToken cryptocurrency scam (lien direct) |
Many of the alleged fraudsters had previously fled overseas. |
|
|
|
|
2020-07-31 07:25:31 |
Mimecast acquires communication security provider MessageControl (lien direct) |
The email and data security firm says the deal will help protect customers against phishing campaigns. |
|
|
|
|
2020-07-31 04:35:08 |
Theoretical technique to abuse EMV cards detected used in the real world (lien direct) |
Known as EMV-Bypass Cloning, a technique first described in 2008 has been seen abused in the wild this year. |
|
|
|
|
2020-07-30 18:37:00 |
EU sanctions China, Russia, and North Korea for past hacks (lien direct) |
The EU has imposed today its first-ever economical sanctions following cyber-attacks from foreign adversaries. |
|
|
|
|
2020-07-30 14:44:19 |
(Déjà vu) Two Tor zero-days disclosed, more to come (lien direct) |
A security researcher has published details about two Tor zero-days and promises to release three more. |
|
|
|
|
2020-07-30 14:44:00 |
Multiple Tor security issues disclosed, more to come (lien direct) |
A security researcher has published details about two Tor security issues and promises to release three more. |
|
|
★★
|
|
2020-07-30 11:43:00 |
US prosecutors seek years in prison for Uber self-driving exec who stole Google trade secrets (lien direct) |
Anthony Levandowski pleaded guilty and has recently filed for bankruptcy. |
Guideline
|
Uber
|
|
|
2020-07-30 04:01:08 |
US defense and aerospace sectors targeted in new wave of North Korean attacks (lien direct) |
Cyber-security firm McAfee publishes details about "Operation North Star." |
|
|
|
|
2020-07-29 18:00:00 |
Kaspersky: New hacker-for-hire mercenary group is targeting European law firms (lien direct) |
The Deceptikons group is the second major hacker-for-hire mercenary group exposed this year after Dark Basin. |
|
|
|
|
2020-07-29 17:00:00 |
\'BootHole\' attack impacts Windows and Linux systems using GRUB2 and Secure Boot (lien direct) |
Microsoft, Red Hat, Canonical, SuSE, Oracle, VMWare, Citrix, and many OEMs are expected to release BootHole patches. |
|
|
|
|
2020-07-29 16:55:40 |
Microsoft to remove all SHA-1 Windows downloads next week (lien direct) |
Microsoft says file downloads signed with the SHA-1 algorithm are insecure and will be removed on August 3, 2020. |
|
|
|
|
2020-07-29 14:00:05 |
New tool detects shadow admin accounts in AWS and Azure environments (lien direct) |
CyberArk releases new SkyArk tool for scanning AWS and Azure infrastructure for misconfigured accounts. |
Tool
|
|
|
|
2020-07-29 10:00:07 |
OkCupid: Hackers want your data, not a relationship (lien direct) |
Researchers discovered a way to steal the personal and sensitive data of users on the popular dating app. |
|
|
|
|
2020-07-29 04:01:04 |
Today\'s \'mega\' data breaches now cost companies $392 million to recover from (lien direct) |
When consumer PII is involved, the cost increases. |
|
|
|
|
2020-07-28 20:59:05 |
Hacker gang behind Garmin attack doesn\'t have a history of stealing user data (lien direct) |
There's a high probability that Garmin user data might be safe, after all. |
|
|
|
|
2020-07-28 13:38:33 |
Kaspersky: North Korean hackers are behind the VHD ransomware (lien direct) |
North Korean hackers return to actively deploying ransomware after the huge WannaCry debacle. |
Ransomware
|
Wannacry
|
|
|
2020-07-28 12:43:00 |
New Linux malware uses Dogecoin API to find C&C server addresses (lien direct) |
Security researchers discover Doki, a new backdoor malware strain targeting Docker instances. |
Malware
|
|
|
|
2020-07-27 16:13:04 |
CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malware (lien direct) |
QSnatch malware, first spotted in late 2019, has grown from 7,000 bots to more than 62,000, according to a join US CISA and UK NCSC security alert. |
Malware
|
|
|
|
2020-07-27 14:10:00 |
Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev (lien direct) |
OAuth tokens have been abused for intrusions at least two other companies, Dave.com and Flood.io. |
|
|
|
|
2020-07-27 13:27:02 |
Cerberus banking Trojan team breaks up, source code goes to auction (lien direct) |
The Android malware's operator is hoping the code and client list will net them up to $100,000. |
|
|
|
|
2020-07-27 04:45:05 |
FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins (lien direct) |
FBI believes device vendors won't disable these protocols and warns companies to take preventive and protective measures. |
|
|
|
|
2020-07-26 17:28:36 |
Apple sued for not taking action against iTunes gift card scams (lien direct) |
Plaintiffs in new class-action lawsuit claim Apple is directly benefiting and enabling iTunes gift card scams. |
|
|
|
|
2020-07-26 01:46:29 |
Tech unicorn Dave admits to security breach impacting 7.5 million users (lien direct) |
Dave user data is now available for download on a public hacking forum. |
|
|
|
|
2020-07-24 21:14:00 |
Academics smuggle 234 policy-violating skills on the Alexa Skills Store (lien direct) |
Academics said they also identified 52 problematic skills already available on the Alexa store, all targeted at children. |
|
|
|
|
2020-07-24 16:41:00 |
A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs (lien direct) |
Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure. |
Malware
|
|
|
|
2020-07-24 11:15:00 |
FBI warns US companies about backdoors in Chinese tax software (lien direct) |
Following the GoldenHelper and GoldenSpy malware reports, the FBI is now warning US companies operating in China. |
Malware
|
|
|
|
2020-07-23 17:34:00 |
Garmin services and production go down after ransomware attack (lien direct) |
Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident. |
Ransomware
|
|
|
|
2020-07-23 11:26:00 |
Fawkes protects your identity from facial recognition systems, pixel by pixel (lien direct) |
Changes made to photos undetectable to the naked eye could still prevent matches in deep learning systems. |
|
|
|
|
2020-07-23 11:09:06 |
CouchSurfing investigates data breach after 17m user records appear on hacking forum (lien direct) |
EXCLUSIVE: CouchSurfing working with law enforcement and security firm to investigate incident. |
Data Breach
|
|
|
|
2020-07-23 09:08:50 |
New \'Shadow Attack\' can replace content in digitally signed PDF files (lien direct) |
15 out of the 28 biggest desktop PDF viewers are vulnerable, German academics say. |
|
|
|
|
2020-07-23 08:59:31 |
Chinese hackers blamed for the spread of MgBot Trojan across India, Hong Kong (lien direct) |
The APT is focused on breaking into both Windows PCs and Android mobile devices. |
|
|
|
|
2020-07-23 07:20:53 |
IBM Verify Gateway vulnerability allowed remote attackers to brute-force their way in (lien direct) |
The severe bug could be harnessed for brute-force attacks. |
Vulnerability
|
|
|
|
2020-07-23 00:48:35 |
Slack credentials abundant on cybercrime markets, but little interest from hackers (lien direct) |
Security researchers find more than 17,000 Slack credentials for roughly 12,000 Slack workspaces being sold online. |
|
|
|
|
2020-07-22 22:53:31 |
Google\'s Project Zero team won\'t be applying for Apple\'s SRD program (lien direct) |
Other security researchers have expressed similar intentions to skip the Apple SRD program after the program rules give Apple full control of the vulnerability disclosure process. |
Vulnerability
|
|
|
|
2020-07-22 15:22:49 |
Prometei botnet exploits Windows SMB to mine for cryptocurrency (lien direct) |
The new botnet has been quietly operating since March. |
|
|
|
|
2020-07-22 13:13:34 |
University of York discloses data breach, staff and student records stolen (lien direct) |
Third-party cloud service provider Blackbaud has been blamed. |
|
|
|
|
2020-07-22 07:41:08 |
Adobe issues emergency fixes for critical vulnerabilities in Photoshop, Bridge, Prelude (lien direct) |
13 vulnerabilities, the majority critical, are being tackled in the out-of-band security update. |
|
|
|