Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-11-22 21:17:36 |
Smartphone maker OnePlus discloses data breach (lien direct) |
Hackers accessed some OnePlus customer data through a vulnerability in the vendor's website. |
Data Breach
Vulnerability
|
|
|
|
2019-11-22 16:15:11 |
New bypass disclosed in Microsoft PatchGuard (KPP) (lien direct) |
After GhostHook and InfinityHook, we now have ByePg. No patch out yet. |
|
|
|
|
2019-11-22 01:20:37 |
T-Mobile discloses security breach impacting prepaid customers (lien direct) |
T-Mobile says hackers didn't access passwords, SSNs, or financial information. |
|
|
|
|
2019-11-21 23:58:53 |
CISA and VotingWorks release open source post-election auditing tool (lien direct) |
New Arlo open-source tool will help state officials verify electronically-tallied ballots. |
Tool
|
|
|
|
2019-11-21 21:29:00 |
Twitter will finally let users disable SMS as default 2FA method (lien direct) |
And it only took Twitter's CEO getting hacked to happen. |
|
|
|
|
2019-11-21 17:00:08 |
Google will pay bug hunters up to $1.5m if they can hack its Titan M chip (lien direct) |
Google increases bug bounty payouts because hacking Android is harder than it sounds. |
Hack
|
|
|
|
2019-11-21 15:00:35 |
New SectopRAT Trojan creates hidden second desktop to control browser sessions (lien direct) |
The Trojan makes sure the second desktop is hidden from sight. |
|
|
|
|
2019-11-21 13:44:24 |
DePriMon downloader uses novel ways to infect your PC with ColoredLambert malware (lien direct) |
It is believed the downloader is using techniques not seen before in the wild. |
Malware
|
|
|
|
2019-11-21 11:11:00 |
Popular apps on Google Play linked to old remote code execution bugs (lien direct) |
Vulnerabilities dating back to 2014 were linked to the latest versions of high-profile mobile applications, potentially unpatched. |
|
|
|
|
2019-11-21 01:30:00 |
(Déjà vu) Microsoft refutes rumors that Microsoft Teams is being used in ransomware attacks (lien direct) |
Microsoft also knocks down rumor that hackers are using the BlueKeep exploit to install the DoppelPaymer ransomware. |
Ransomware
|
|
|
|
2019-11-21 01:30:00 |
Microsoft rebukes rumors that Microsoft Teams is being used in ransomware attacks (lien direct) |
Microsoft also knocks down rumor that hackers are using the BlueKeep exploit to install the DoppelPaymer ransomware. |
Ransomware
|
|
|
|
2019-11-20 20:36:34 |
Anonymous hacker gets a whopping six years in prison for some lame DDoS attacks (lien direct) |
Many may call the six-year prison sentence too harsh while the operator of eight DDoS-for-hire services got only 13 months. |
|
|
|
|
2019-11-20 16:51:28 |
New Roboto botnet emerges targeting Linux servers running Webmin (lien direct) |
The botnet's main function is the ability to conduct DDoS attacks, a feature it has not used yet. |
|
|
|
|
2019-11-20 09:15:05 |
PayMyTab data leak exposes personal information belonging to mobile diners (lien direct) |
Data exposure was caused by an open AWS database. |
|
|
|
|
2019-11-20 06:00:03 |
New Phoenix Keylogger tries to stop over 80 security products to avoid detection (lien direct) |
Phoenix linked to more than 10,000 infections since the malware's launch on a hacking forum in July. |
|
|
|
|
2019-11-20 05:01:04 |
IBM launches Cloud Pak for Security to boost cybersecurity response in hybrid environments (lien direct) |
The cloud service is designed to connect with data without moving it from its original source. |
|
|
|
|
2019-11-19 23:39:00 |
US student was allegedly building a custom Gentoo Linux distro for ISIS (lien direct) |
Chicago student now faces up to 20 years in prison if found guilty. |
|
|
|
|
2019-11-19 17:08:19 |
Official Monero website compromised with malware that steals funds (lien direct) |
Official Linux CLI binary for the Monero cryptocurrency compromised with malware that steals users' funds. |
Malware
|
|
|
|
2019-11-19 13:00:00 |
Antivirus vendors and non-profits join to form \'Coalition Against Stalkerware\' (lien direct) |
New cross-industry initiative forms to bring an end to commodity stalkerware apps and victim abuse. |
|
|
|
|
2019-11-19 12:26:30 |
Android flaw lets rogue apps take photos, record video even if your phone is locked (lien direct) |
Millions of Google and Samsung devices were vulnerable to exploit. |
|
|
|
|
2019-11-19 10:32:10 |
Macy\'s suffers online Magecart card-skimming attack, data breach (lien direct) |
The department store detected malicious code in its online payment portal. |
Data Breach
|
|
|
|
2019-11-19 07:47:57 |
Adobe announces end of support for Acrobat, Reader 2015 (lien direct) |
After the deadline, customers will no longer receive any security patches for their software. |
|
|
|
|
2019-11-19 00:44:00 |
Ransomware hits Louisiana state government systems (lien direct) |
Ransomware contained and some systems have already been recovered. |
Ransomware
|
|
|
|
2019-11-18 20:47:06 |
ProtonMail blocked in Belarus following wave of bomb threats across the country (lien direct) |
ProtonMail was previously blocked in Russia in March this year for the same reason |
|
|
|
|
2019-11-18 14:31:06 |
Intel to remove old drivers and BIOS updates from its site by the end of the week (lien direct) |
Intel is removing drivers and BIOS updates for desktop components and motherboards released in the 90s and early 2000s. |
|
|
|
|
2019-11-18 11:18:02 |
Google patches \'awesome\' XSS vulnerability in Gmail dynamic email feature (lien direct) |
The bug bounty hunter who disclosed the issue says the bug is a prime example of DOM Clobbering. |
Vulnerability
|
|
★★★★
|
|
2019-11-18 09:56:03 |
Attackers using WhatsApp MP4 video files vulnerability can remotely execute code (lien direct) |
The buffer overflow flow bug has been disclosed by Facebook. |
Vulnerability
|
|
|
|
2019-11-18 05:45:04 |
Symantec, ESET, McAfee rank first in Windows anti-malware market share (lien direct) |
Avast, the market's leader for the past five years, has fallen to #6. |
Guideline
|
|
|
|
2019-11-17 00:24:54 |
Chrome, Edge, Safari hacked at elite Chinese hacking contest (lien direct) |
China's top white-hat hackers have gathered in Chengdu to test zero-days against today's top software. |
|
|
|
|
2019-11-16 08:00:04 |
Thousands of hacked Disney+ accounts are already for sale on hacking forums (lien direct) |
Hackers began hijacking accounts hours after Disney+ launched earlier this week. |
|
|
|
|
2019-11-15 20:54:47 |
Android malware disguises as ad blocker, but then pesters users with ads (lien direct) |
Oh, the irony! |
Malware
|
|
|
|
2019-11-15 13:17:57 |
When one isn\'t enough: This shady malware will infect your PC with dual Trojans (lien direct) |
Low detection rates and the drop of not one, but two Trojans, spells trouble. |
Malware
|
|
|
|
2019-11-15 12:07:38 |
US charges men with cryptocurrency theft, SIM-swapping attacks (lien direct) |
Hundreds of thousands of dollars in cryptocurrency was allegedly pilfered from victim wallets. |
|
|
|
|
2019-11-15 04:44:37 |
Google Chrome experiment crashes browser tabs, impacts companies worldwide (lien direct) |
In what looks to be the Chrome team's biggest misstep, companies report massive outages caused by unannounced Chrome experiment. |
|
|
|
|
2019-11-14 23:17:00 |
GitHub launches \'Security Lab\' to help secure open source ecosystem (lien direct) |
Fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects. |
|
|
|
|
2019-11-14 19:44:06 |
Officials warn about the dangers of using public USB charging stations (lien direct) |
Travelers should use only AC charging ports, use USB no-data cables, or "USB condom" devices. |
|
|
|
|
2019-11-14 14:44:43 |
Windows & Linux get options to disable Intel TSX to prevent Zombieload v2 attacks (lien direct) |
Disclosure of new Zombieload v2 vulnerability prompts OS makers to react with ways to disable Intel's TSX technology. |
Vulnerability
|
|
|
|
2019-11-14 11:03:00 |
Gaping \'hole\' in Qualcomm\'s Secure World mobile vault leaked sensitive data (lien direct) |
Researchers found a “gaping hole” in what was thought to be an extremely secure area in our mobile devices. |
|
|
|
|
2019-11-14 07:00:08 |
Iranian hacking group built its own VPN network (lien direct) |
Security researchers identify APT33's private network of 21 VPN nodes. |
|
APT33
APT 33
|
|
|
2019-11-13 22:22:00 |
Company discovered it was hacked after a server ran out of free space (lien direct) |
Hacker was detected after creating a giant archive file that took up all the free disk space. Had been inside the company's network for almost two years, undetected. |
|
|
|
|
2019-11-13 17:56:31 |
Network of 265 online sites are mimicking defunct newspapers to spread anti-Pakistan propaganda (lien direct) |
EU NGO finds network of fake news sites linked to Indian NGOs and think tanks, all spreading anti-Pakistan propaganda. |
|
|
|
|
2019-11-13 11:33:39 |
Adobe squashes critical vulnerabilities in Illustrator CC, Media Encoder (lien direct) |
The worst bugs resolved this month can result in code execution. |
|
|
|
|
2019-11-13 04:23:00 |
TPM-FAIL vulnerabilities impact TPM chips in desktops, laptops, servers (lien direct) |
TPM-FAIL lets attackers steal private keys from TPMs. Attacks take from minutes to a few hours. |
|
|
|
|
2019-11-12 21:48:18 |
Microsoft\'s November 2019 Patch Tuesday arrives with a patch for an IE zero-day (lien direct) |
The November 2019 Patch Tuesday fixes 74 vulnerabilities, of which 13 are rated "Critical." |
|
|
|
|
2019-11-12 19:04:43 |
Intel, Mozilla, Red Hat, and Fastly partner to make WebAssembly a cross-platform runtime (lien direct) |
The Bytecode Alliance's main goal is to promote the use of security-hardened WebAssembly tools. |
|
|
|
|
2019-11-12 18:00:09 |
Flaw in Intel PMx driver gives \'near-omnipotent control over a victim device\' (lien direct) |
Intel released an updated version of pmxdrvx64.sys and pmxdrv.sys; however, patching might take a while. |
Patching
|
|
|
|
2019-11-12 18:00:08 |
Manual code review finds 35 vulnerabilities in 8 enclave SDKs (lien direct) |
All issues have been privately reported and patches are on the way. |
|
|
|
|
2019-11-12 18:00:06 |
Intel\'s Cascade Lake CPUs impacted by new Zombieload v2 attack (lien direct) |
Zombieload v2 impacts Intel CPUs released since 2013, if they support the Intel STX instruction set. |
|
|
|
|
2019-11-12 16:05:19 |
McAfee antivirus software impacted by code execution vulnerability (lien direct) |
The severe security flaw can bypass self-defense mechanisms. |
Vulnerability
|
|
|
|
2019-11-12 10:23:19 |
Mexico\'s Pemex oil provider says attempted hack \'neutralized\' (lien direct) |
A suspected attack involving Ryuk impacted less than five percent of systems. |
Hack
|
|
|