Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-09-07 07:39:02 |
Mozilla to gradually enable DNS-over-HTTPS for Firefox US users later this month (lien direct) |
DoH tests haven't found any issues. Mozilla to start rolling out DoH to a small set of US users, then gradually roll it out for to more users. |
|
|
|
|
2019-09-06 20:22:00 |
Apple disputes Google\'s accuracy on recent iOS hacks, and they may be right (lien direct) |
Apple said that Google overstated some claims ina report about a massive hacking campaign aimed at iPhone users. |
|
|
|
|
2019-09-06 18:01:00 |
Metasploit team releases BlueKeep exploit (lien direct) |
Metasploit BlueKeep module can achieve code execution, is easy to use. |
|
|
|
|
2019-09-06 14:04:00 |
US to collect social media profiles from immigrants, asylum seekers, and refugees (lien direct) |
The process of getting refugee status, a green card, and citizenship will become way more intrusive. |
|
|
|
|
2019-09-06 10:29:04 |
Thousands of servers infected with new Lilocked (Lilu) ransomware (lien direct) |
Researchers spot new ransomware targeting Linux-based servers. |
Ransomware
|
|
|
|
2019-09-06 04:00:00 |
Belarusian police shut down notorious hacking forum (lien direct) |
XakFor served as a cybercrime hub for Russian-speaking criminals since 2012. |
|
|
|
|
2019-09-05 15:47:05 |
600,000 GPS trackers left exposed online with a default password of \'123456\' (lien direct) |
Default password is a danger for customers, but also for the vendor itself. |
|
|
|
|
2019-09-05 13:26:00 |
Zero-day disclosed in Android OS (lien direct) |
Android project maintainers fail to fix dangerous privilege escalation bug six months after initial report. |
|
|
|
|
2019-09-05 13:00:00 |
DK-Lok data breach exposes global enterprise client data, internal emails (lien direct) |
Requests to plug the leaking database were read and trashed - information ironically revealed through the exposed system. |
Data Breach
|
|
|
|
2019-09-05 11:11:05 |
A Chinese APT is now going after Pulse Secure and Fortinet VPN servers (lien direct) |
Security researchers spot Chinese state-sponsored hackers going after high-end enterprise VPN servers. |
|
|
|
|
2019-09-04 23:58:00 |
Ransomware gang wanted $5.3 million from US city, but they only offered $400,000 (lien direct) |
New Bedford officials decide to restore from backups after negotiations fail. |
Ransomware
|
|
|
|
2019-09-04 21:06:00 |
Twitter disables SMS-to-tweet feature after its CEO got hacked last week (lien direct) |
Twitter disables one of the site's earliest features in response to CEO getting hacked last week. |
|
|
|
|
2019-09-04 13:00:00 |
Samsung, Huawei, LG, and Sony phones vulnerable to rogue \'provisioning\' messages (lien direct) |
Fake phone provisioning messages can allow hackers to hijack email or web traffic from legitimate devices. Nearly half of all Android smartphones impacted. |
|
|
|
|
2019-09-04 00:23:00 |
Author of multiple IoT botnets pleads guilty (lien direct) |
Creator of infamous Satori botnet faces up to ten years in prison. |
|
Satori
|
|
|
2019-09-03 15:56:00 |
Android exploits are now worth more than iOS exploits for the first time (lien direct) |
Exploit broker Zerodium increases zero-day prices for Android, now worth more than iOS. |
|
|
|
|
2019-09-03 10:00:00 |
Over 47,000 Supermicro servers are exposing BMC ports on the internet (lien direct) |
Researchers discovered a new remote attack vector on Supermicro servers that are exposing their BMC port over the internet. Patches are available. |
|
|
|
|
2019-09-03 08:00:00 |
German bank loses €1.5 million in mysterious cashout of EMV cards (lien direct) |
Brazilian criminal gang cloned Mastercard debit cards issued by German bank OLB and withdrew more than €1.5 million from about 2,000 of its customers. |
|
|
|
|
2019-09-02 11:43:01 |
BEC overtakes ransomware and data breaches in cyber-insurance claims (lien direct) |
BEC-relatedcyber-insurance claims accounted for nearly a quarter of all claims in the EMEA region, AIG said. |
Ransomware
|
|
|
|
2019-09-02 08:54:01 |
Cisco releases guides for incident responders handling hacked Cisco gear (lien direct) |
Forensic investigation guides available for Cisco ASA, IOS, IOS XE, and FTD gear. |
|
|
|
|
2019-09-01 18:47:00 |
How MuleSoft patched a critical security flaw and avoided a disaster (lien direct) |
MuleSoft deals with a sensitive security issue and sets up an example for the whole industry to follow. |
|
|
|
|
2019-08-30 22:19:04 |
WordPress sites under attack as hacker group tries to create rogue admin accounts (lien direct) |
Hackers exploit vulnerabilities in more than ten WordPress plugins to plant backdoor accounts on unpatched sites. |
|
|
|
|
2019-08-30 20:27:00 |
Jack Dorsey\'s Twitter account got hacked (lien direct) |
Hackers tweet and retweet offensive content, make bomb threat. |
|
|
|
|
2019-08-30 14:09:03 |
Company behind Foxit PDF Reader announces security breach (lien direct) |
Foxit Software said hackers breached website accounts and stole user information. |
|
|
|
|
2019-08-30 08:22:00 |
Google finds malicious sites pushing iOS exploits for years (lien direct) |
Google finds exploits for 14 iOS vulnerabilities, grouped in five exploit chains, deployed in the wild since September 2016. |
|
|
|
|
2019-08-30 00:23:00 |
Some of Russia\'s surveillance tech leaked data for more than a year (lien direct) |
Security researcher finds that some of Russia's SORM wiretapping equipment had been leaking user data. |
|
|
|
|
2019-08-29 18:30:00 |
(Déjà vu) Russian police take down malware gang that infected 800,000+ Android smartphones (lien direct) |
TipTop malware gang was making between $1,500 and $10,500 in daily profits. |
Malware
|
|
|
|
2019-08-29 18:30:00 |
Russian police take down malware gang who infected 800,000+ Android smartphones (lien direct) |
TipTop malware gang was making between $1,500 and $10,500 in daily profits. |
Malware
|
|
|
|
2019-08-29 16:30:00 |
Google adds all Android apps with +100m installs to its bug bounty program (lien direct) |
Google will pay security researchers for bugs they report in non-Google Android apps that have over 100 million installs. |
|
|
|
|
2019-08-29 16:30:00 |
Google launches bounty program to spot misuses of Google API, Chrome, and Android user data (lien direct) |
Google follows Facebook's steps and launches program to spot app devs stealing or misusing Google user data. |
|
|
|
|
2019-08-29 16:20:00 |
Ransomware hits hundreds of dentist offices in the US (lien direct) |
Ransomware group gains access to dental software backend, deploys ransomware on customers' systems. |
Ransomware
|
|
|
|
2019-08-28 19:37:01 |
TrickBot, today\'s top trojan, adds feature to aid SIM swapping attacks (lien direct) |
TrickBot trojan seen collecting credentials and PIN codes for Sprint, T-Mobile, and Verizon Wireless accounts. |
|
|
|
|
2019-08-28 16:03:04 |
Apple will no longer keep Siri audio recordings by default, makes feature opt-in (lien direct) |
If users opt in, only Apple employees will be able to listen to Siri recordings. No more contractors. |
|
|
|
|
2019-08-28 12:53:04 |
North Korean state hackers target retired diplomats and military officials (lien direct) |
In a first of its kind operations, state-sponsored group goes after retired South Korean officials. |
|
|
|
|
2019-08-28 11:22:05 |
A new IOT botnet is infecting Android-based set-top boxes (lien direct) |
New Ares IoT malware/botnet has been seen on HiSilicon, Cubetek, and QezyMedia set-top boxes, per new report. |
|
|
|
|
2019-08-28 08:00:00 |
Avast and French police take over malware botnet and disinfect 850,000 computers (lien direct) |
Joint private-law enforcement efforts shuts down two-year-old Redatup malware operation for good. |
Malware
|
|
|
|
2019-08-27 16:43:00 |
Imperva discloses security incident impacting cloud firewall users (lien direct) |
Security incidents impacts cloud WAF (formerly Incapsula) customers registered up until September 15, 2017. |
|
|
|
|
2019-08-27 13:40:03 |
Protocol used by 630,000 devices can be abused for devastating DDoS attacks (lien direct) |
Security researchers warn that the WS-Discovery protocol is currently being abused for massive DDoS attacks. |
|
|
|
|
2019-08-27 13:00:00 |
Middle East cyber-espionage is heating up with a new group joining the fold (lien direct) |
New Lyceum APT is targeting oil and gas companies in the Middle East, and telecoms across Africa and Asia. |
|
|
|
|
2019-08-27 04:30:00 |
Microsoft: Using multi-factor authentication blocks 99.9% of account hacks (lien direct) |
Microsoft cloud services are seeing 300 million fraudulent sign-in attempts every day. MFA can help protect accounts against many types of account takeover attacks. |
|
|
|
|
2019-08-26 18:55:05 |
Apple patches iPhone jailbreaking bug (lien direct) |
Apple releases security update to re-patch bug that it accidentally unpatched last month. |
|
|
|
|
2019-08-26 14:08:01 |
Clickjacking scripts found on 613 popular sites, academics say (lien direct) |
Scripts that intercept mouse clicks are being used for ad fraud or to redirect users to malicious sites. |
|
|
|
|
2019-08-25 16:56:00 |
Hostinger resets customer passwords after security incident (lien direct) |
Up to 14 million Hostinger users might be impacted by a security breach that took place two days ago, on August 23. |
|
|
|
|
2019-08-25 11:30:00 |
Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs (lien direct) |
Enterprise networks across the world are at risk after hackers start exploiting three very popular products. |
|
|
|
|
2019-08-23 22:05:00 |
Capital One hacker denied release, will remain in jail (lien direct) |
Defense argued for her release, but judge decided she was a flight risk and a danger to herself and others. |
|
|
|
|
2019-08-23 20:27:04 |
Police to sell hacker\'s $1.1 million Bitcoin stash to compensate victims (lien direct) |
Hacker told to give up bitcoins or face four more years in prison. |
|
|
|
|
2019-08-23 16:01:00 |
(Déjà vu) Hong Kong protesters warn of Telegram feature that can disclose their identities (lien direct) |
Message shared on discussion boards sparks panic among protesters. |
|
|
|
|
2019-08-23 16:01:00 |
Hong Kong protesters warn of Telegram issue that can disclose their identities (lien direct) |
Message shared on discussion boards sparks panic among protesters. |
|
|
|
|
2019-08-23 11:23:05 |
Asruex Trojan exploits old Office, Adobe bugs to backdoor your system (lien direct) |
The malware's selection of old vulnerabilities highlights a patching issue worldwide. |
Patching
|
|
|
|
2019-08-23 10:15:05 |
Data stolen from Hy-Vee customers offered for sale on Joker\'s Stash Dark Web forum (lien direct) |
A card dump of 5.3 million accounts may be tied to the recent security breach. |
|
|
|
|
2019-08-23 09:22:03 |
80 suspects arrested in massive business email scam takedown (lien direct) |
Police say the mainly-Nigerian network was responsible for the attempted theft of $46 million. |
|
|
|