Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-02-19 11:21:41 |
Hackers exploit zero-day in WordPress plugin to create rogue admin accounts (lien direct) |
Attacks detected targeting sites running the ThemeREX Addons plugin. |
|
|
|
|
2020-02-19 01:16:11 |
Chinese hackers have breached online betting and gambling sites (lien direct) |
Hacks confirmed at gambling and betting websites in Southeast Asia, rumors of other hacks in Europe and the Middle East. |
|
|
|
|
2020-02-18 22:57:03 |
Microsoft has a subdomain hijacking problem (lien direct) |
Spammers hijack Microsoft subdomains to advertise poker casinos. Many other subdomains have been vulnerable for years. |
|
|
|
|
2020-02-18 18:55:00 |
DHS says ransomware hit US gas pipeline operator (lien direct) |
Operations halted for two days at unnamed US natural gas compression facility. |
Ransomware
|
|
|
|
2020-02-18 14:57:00 |
Ring to enable 2FA for all user accounts after recent hacks (lien direct) |
Google made 2FA mandatory for all Nest users last week. |
|
|
|
|
2020-02-18 13:00:07 |
16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps (lien direct) |
With over 23,000 recorded attacks per day, customer-facing enterprise services are bearing the brunt of attacks. |
|
|
|
|
2020-02-18 11:00:07 |
Five years after the Equation Group HDD hacks, firmware security still sucks (lien direct) |
Device manufacturers are not forcing driver signatures at all times. |
|
|
|
|
2020-02-17 22:20:44 |
(Déjà vu) Microsoft to deploy ElectionGuard voting software for the first time tomorrow (lien direct) |
Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software. |
|
|
|
|
2020-02-17 22:20:00 |
Microsoft to deploy ElectionGuard voting software for the first time (lien direct) |
Residents in Fulton, Wisconsin will elect representatives for the Wisconsin Supreme Court via voting machines running Microsoft's ElectionGuard voting software. |
|
|
|
|
2020-02-17 16:03:18 |
Bug in WordPress plugin can let hackers wipe up to 200,000 sites (lien direct) |
Same bug can also let attackers gain access to the admin account. |
|
|
|
|
2020-02-17 00:10:00 |
Israeli soldiers tricked into installing malware by Hamas agents posing as women (lien direct) |
IDF: Six social media accounts were redirecting soldiers to installing three malware-infected apps. |
Malware
|
|
|
|
2020-02-16 20:53:00 |
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world (lien direct) |
Iranian hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies. |
Hack
|
|
|
|
2020-02-16 01:39:27 |
IOTA cryptocurrency shuts down entire network after wallet hack (lien direct) |
Hackers exploit vulnerability in official IOTA wallet to steal millions |
Hack
Vulnerability
|
|
|
|
2020-02-15 23:40:24 |
Second Windows 10 update is now causing problems by hiding user profiles (lien direct) |
Botched Windows 10 KB4532693 update is hiding user profiles. Uninstalling update fixes problems. |
|
|
|
|
2020-02-15 07:00:04 |
Unknown number of Bluetooth LE devices impacted by SweynTooth vulnerabilities (lien direct) |
BLE software kits from six chipset vendors impacted. More vendor names to be revealed soon. |
|
|
|
|
2020-02-14 23:16:36 |
OpenSSH adds support for FIDO/U2F security keys (lien direct) |
OpenSSH 8.2 adds support for authentication via FIDO/U2F protocols, most commonly used with hardware security keys. |
|
|
|
|
2020-02-14 20:49:54 |
There\'s finally a way to remove xHelper, the unremovable Android malware (lien direct) |
Malwarebytes researchers find a way to remove the malware, but they still don't know how it really operates. |
Malware
|
|
|
|
2020-02-14 16:50:00 |
US Cyber Command, DHS, and FBI expose new North Korean malware (lien direct) |
US government agencies send out alert about new North Korean malware and phishing campaign. |
Malware
|
|
|
|
2020-02-14 14:26:28 |
UK police deny responsibility for poster urging parents to report kids for using Kali Linux (lien direct) |
Using Discord, too, is apparently a warning sign that your child is turning into a naughty hacker. |
|
|
|
|
2020-02-14 12:52:50 |
MOBE \'six-figure income from home\' swindlers to pay FTC $17m, hand over tropical island real estate (lien direct) |
21 steps, thousands of dollars, and the secret to easy cash was revealed. |
|
|
|
|
2020-02-14 10:27:00 |
Nedbank says 1.7 million customers impacted by breach at third-party provider (lien direct) |
Hacker(s) believed to have exploited a vulnerability to breach Nedbank's marketing contractor. |
Vulnerability
|
|
|
|
2020-02-14 01:24:51 |
Rutter\'s store chain discloses security breach involving POS malware (lien direct) |
Security breach impacts locations in Pennsylvania and West Virginia. |
Malware
|
|
|
|
2020-02-14 00:47:57 |
Ohio man arrested for running Bitcoin mixing service that laundered $300 million (lien direct) |
This is the first case the DOJ has brought against a Bitcoin mixer. |
|
|
|
|
2020-02-13 18:35:00 |
US charges Huawei with racketeering and conspiracy to steal trade secrets (lien direct) |
US updates charges against Huawei, adds racketeering and IP theft allegations against the Chinese telco provider and its CFO. |
|
|
|
|
2020-02-13 14:08:27 |
Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent (lien direct) |
The plugin is actively installed on over 700,000 websites. |
Vulnerability
|
|
|
|
2020-02-13 14:00:08 |
Google removes 500+ malicious Chrome extensions from the Web Store (lien direct) |
A network of malicious Chrome extensions was injecting malicious ads in millions of Chrome installs. |
|
|
|
|
2020-02-13 13:21:42 |
MIT researchers disclose vulnerabilities in Voatz mobile voting election app (lien direct) |
Researchers say Voatz security flaws could allow someone to alter, stop, or expose how an individual user has voted. |
|
|
|
|
2020-02-13 12:21:37 |
Loda Trojan revitalized with stealthy upgrade, new exploits (lien direct) |
The RAT has graduated from infancy and is fast becoming a threat that should be taken seriously. |
Threat
|
|
|
|
2020-02-13 05:00:06 |
Gaza group strikes targets in Palestinian territories in new cyberattack wave (lien direct) |
The campaign is focused on cyberespionage and may be politically motivated. |
|
|
|
|
2020-02-12 22:59:03 |
Florida county election office hit by ransomware before 2016 presidential election (lien direct) |
Ransomware incident was kept secret and never reported, current county election supervisor says. |
Ransomware
|
|
|
|
2020-02-12 13:54:29 |
Apple joins FIDO Alliance, commits to getting rid of passwords (lien direct) |
Passwords are a notorious security mess. The FIDO Alliance wants to replace them with better, more secure technology and now Apple is it them in this effort. |
|
|
|
|
2020-02-12 12:40:45 |
Average tenure of a CISO is just 26 months due to high stress and burnout (lien direct) |
Report: The vast majority of interviewed CISO executives (88%) report high levels of stress, a third report stress-caused physical health issues, half report mental health issues. |
|
|
|
|
2020-02-12 12:37:40 |
Intel warns of critical security flaw in CSME engine, issues discontinued product notices (lien direct) |
The CSME system is subject to a severe bug leading to a host of different exploits. |
Guideline
|
|
|
|
2020-02-12 11:12:11 |
Adobe squashes 35 critical vulnerabilities in security patch update (lien direct) |
Arbitrary code execution issues have eclipsed other security problems in February's patch round. |
|
|
|
|
2020-02-12 01:01:19 |
Play Protect blocked 1.9B malware installs from non-Google sources last year (lien direct) |
The number of user attempts to install malware-infected apps from outside the Play Store has gone up from 1.6 billion, reported in 2017 and 2018, to 1.9 billion, last year. |
Malware
|
|
|
|
2020-02-11 21:30:00 |
FBI: BEC scams accounted for half of the cyber-crime losses in 2019 (lien direct) |
Average loss per BEC scam amounted to nearly $75,000, per complaint, on average. |
|
|
|
|
2020-02-11 19:15:30 |
Microsoft\'s February 2020 Patch Tuesday fixes 99 security bugs (lien direct) |
This is one of Microsoft's biggest Patch Tuesday known to date. |
|
|
|
|
2020-02-11 17:13:29 |
Jenkins servers can be abused for DDoS attacks (lien direct) |
DDoS attacks can reach an amplification factor of 100, but servers will crash very quickly. |
|
|
|
|
2020-02-11 14:43:00 |
Emotet trojan evolves to spread via WiFi connections (lien direct) |
Security firm discovers what appears to be one of Emotet's most dangerous modules. |
|
|
|
|
2020-02-11 14:00:00 |
Enterprise companies struggle to control security certificates, cryptographic keys (lien direct) |
Certificate authority misuse, MiTM attacks, and problems with cryptographic key handling are now of serious concern to enterprise firms. |
|
|
|
|
2020-02-11 13:46:11 |
KBOT virus takes out system files with no hope of recovery (lien direct) |
In a blast from the past, KBOT has been deemed the first “living” virus detected in recent years. |
|
|
|
|
2020-02-11 12:12:57 |
Outlaw hacking group kills existing cryptocurrency miners in enterprise server attacks (lien direct) |
A recent update also revealed a pivot towards corporate systems with weak patch management practices. |
|
|
|
|
2020-02-11 11:00:03 |
Automaton takes center stage in enterprise cyberattacks (lien direct) |
Massive repositories of stolen data are being weaponized in an attempt to compromise corporate networks. |
|
|
|
|
2020-02-10 23:56:01 |
FBI warns about ongoing attacks against software supply chain companies (lien direct) |
Exclusive: FBI alerts US private sectors about attacks aimed at their supply chain software providers. |
|
|
|
|
2020-02-10 20:17:53 |
Software error exposes the ID numbers for 1.26 million Danish citizens (lien direct) |
Danish tax portal accidentally shares tax payer identification numbers with Google and Adobe analytics services. |
|
|
|
|
2020-02-10 15:19:00 |
DOJ charges four Chinese military hackers for Equifax hack (lien direct) |
DOJ said the hackers stole data on Americans and Equifax's intellectual property. |
Hack
|
Equifax
|
|
|
2020-02-10 12:46:58 |
Altsbit plans exit after hack leaves cryptocurrency exchange out of pocket (lien direct) |
Only a token amount of cryptocurrency was kept safe in cold wallets. |
Hack
|
|
|
|
2020-02-10 11:04:00 |
Lock My PC takes on tech scammers with free recovery key offering, software withdrawal (lien direct) |
The legitimate software is being abused by scammers seeking to exhort payment from victims. |
|
|
|
|
2020-02-10 00:18:35 |
Netanyahu\'s party exposes data on over 6.4 million Israelis (lien direct) |
The app's website exposed a link to an API endpoint that was left without a password, allowing third-parties to obtain passwords for admin accounts. |
|
|
|
|
2020-02-09 02:31:00 |
FBI is investigating more than 1,000 cases of Chinese theft of US technology (lien direct) |
US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. |
|
|
|