Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-01-26 22:14:03 |
Google Chrome to add drive-by-download protection (lien direct) |
Firefox and Internet Explorer already have this feature, since at least 2015. |
|
|
|
|
2019-01-25 11:25:05 |
This Trojan infects Chrome browser extensions, spoofs searches to steal cryptocurrency (lien direct) |
The malware also takes over browser update and integrity checks. |
Malware
|
|
|
|
2019-01-25 09:56:04 |
This malware uses debt to prey on banking victims (lien direct) |
Redaman uses screen capture and keylogging to grab the credentials required to break into online bank accounts. |
Malware
|
|
|
|
2019-01-24 23:55:03 |
Internet experiment goes wrong, takes down a bunch of Linux routers (lien direct) |
Routers running FRR impacted in first experiment test run. Some ISPs in Asia and Australia affected the second time. |
|
|
|
|
2019-01-24 18:52:00 |
Concerns raised about WordPress\' new \'White Screen Of Death\' protection feature (lien direct) |
New WordPress WSOD Protection feature could be abused to disable security plugins on WordPress sites. |
|
|
★★★★
|
|
2019-01-24 15:20:00 |
Malvertising campaign targets Apple users with malicious code hidden in images (lien direct) |
New malvertising group named VeryMal hijacked over five million web sessions to redirect Apple users to sites offering malware-laced software. |
|
|
|
|
2019-01-24 13:00:00 |
Data security is a major issue in GDPR compliance (lien direct) |
Only 59 percent of the enterprise is meeting the EU's regulatory requirements today. |
|
|
|
|
2019-01-24 01:27:05 |
US Senators fear Chinese-made metro rail cars could be used for surveillance (lien direct) |
US Senators want Washington Metro to block a Chinese state-owned company from providing subway cars. |
|
|
|
|
2019-01-23 22:45:00 |
Chrome API update will kill a bunch of other extensions, not just ad blockers (lien direct) |
Chrome extensions for antivirus products, parental control enforcement, and various privacy-enhancing services also affected. |
|
|
|
|
2019-01-23 17:32:03 |
Europol arrests UK man for stealing €10 million worth of IOTA cryptocurrency (lien direct) |
Suspect operated the iotaseed.io portal that generated and secretly logged passwords for IOTA wallets. |
|
|
|
|
2019-01-23 14:25:00 |
New ransomware strain is locking up Bitcoin mining rigs in China (lien direct) |
Ransomware threatens to overheat and destroy mining rigs if victims don't infect 1,000 other devices or don't pay a 10 Bitcoin ransom. |
Ransomware
|
|
|
|
2019-01-23 13:02:00 |
BMC caught with \'pantsdown\' over new security flaw (lien direct) |
Multiple BMC firmware stacks are affected. |
|
|
|
|
2019-01-23 11:56:03 |
Security flaws found in 26 low-end cryptocurrencies (lien direct) |
Researchers detail new "Fake Stake" attacks against some Proof-of-Stake-based cryptocurrencies. |
|
|
|
|
2019-01-23 11:46:01 |
Sky Go app security failure exposes customers to snooping, data theft (lien direct) |
A researcher uncovered requests which were sent without encryption in place. |
|
|
|
|
2019-01-23 09:02:02 |
Adobe releases third patch update of the month to squash scripting bugs (lien direct) |
The security update relates to Adobe Experience Manager. |
|
|
|
|
2019-01-23 01:38:05 |
Mystery still surrounds hack of PHP PEAR website (lien direct) |
Three days later, still no new details about how the official PHP website hosted a backdoored version of the PEAR package manager for the past six months. |
Hack
|
|
|
|
2019-01-22 22:17:00 |
DHS issues security alert about recent DNS hijacking attacks (lien direct) |
DHS lays out four-step action plan for investigating DNS hacks and securing DNS management accounts. |
|
|
|
|
2019-01-22 17:47:02 |
Security researchers are planning a night of prank calls against tech support scammers (lien direct) |
Researchers hope to trick call center operators into revealing details about their criminal operation, which they can later share with authorities. |
|
|
|
|
2019-01-22 12:41:03 |
Security researchers take down 100,000 malware sites over the last ten months (lien direct) |
The vast majority of malware links hosted payloads for the Emotet and Gozi trojans, and the GandCrab ransomware. |
Malware
|
|
|
|
2019-01-22 10:50:05 |
Drone developer DJI says employee fraud scheme could cause $150 million loss (lien direct) |
A number of employees have been fired but the full extent of the problem is unknown. |
|
|
|
|
2019-01-22 09:35:05 |
Iceland\'s Bitcoin bandit sentenced for stealing mining rigs (lien direct) |
The mining rig thief has been sentenced after escaping jail by booking a flight in his cell. |
|
|
|
|
2019-01-22 01:09:04 |
ATLAS game taken offline twice after users hack admin account, find server exploit (lien direct) |
PewDiePie fans also strike again! Flood server with "Subscribe to PewDiePie" spam. |
Hack
|
|
|
|
2019-01-21 21:47:00 |
Over 4 percent of all Monero was mined by malware botnets (lien direct) |
Academics say malware authors might have cashed out at least $57 million worth of Monero over the course of the last four years. |
Malware
|
|
|
|
2019-01-21 16:32:00 |
Online casino group leaks information on 108 million bets, including user details (lien direct) |
Server is now down but is unclear if the cloud provider took it down and if the parent company knows it leaked users details in the first place. |
|
|
|
|
2019-01-21 15:09:03 |
Trio sent behind bars over illegal drug, painkiller trades in the Dark Web (lien direct) |
Selling fentanyl and associated drugs in the web's underbelly have earned the UK residents over 43 years in prison. |
|
|
|
|
2019-01-21 11:24:01 |
DarkHydrus abuses Google Drive to spread RogueRobin Trojan (lien direct) |
The threat group is striking political targets in the Middle East. |
Threat
|
|
|
|
2019-01-20 15:24:03 |
Popular WordPress plugin hacked by angry former employee (lien direct) |
Hacker defaced the company's website and sent a mass email to all its customers, alleging unpatched security holes. |
|
|
|
|
2019-01-19 16:42:02 |
Websites can steal browser data via extensions APIs (lien direct) |
Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites. |
|
|
|
|
2019-01-19 00:27:03 |
DNC says Russia tried to hack its servers again in November 2018 (lien direct) |
Democrats say the spear-phishing attack, which was attributed to Russian group Cozy Bear, was unsuccessful. |
Hack
|
APT 29
|
|
|
2019-01-18 21:26:04 |
WiFi firmware bug affects laptops, smartphones, routers, gaming devices (lien direct) |
List of impacted devices includes PS4, Xbox One, Samsung Chromebooks, and Microsoft Surface devices. |
|
|
|
|
2019-01-18 18:32:04 |
Verizon to roll out free robocoll spam protection to all customers (lien direct) |
Call Filter service to be made available to all wireless and wired customers with compatible phones in March 2019. |
Spam
|
|
|
|
2019-01-18 11:52:03 |
These malicious Android apps will only strike when you move your smartphone (lien direct) |
Apps containing the Anubis banking Trojan and an interesting motion sensor have been found in the Google Play store. |
|
|
|
|
2019-01-18 11:46:00 |
Temporary fix available for one of the two Windows zero-days released in December (lien direct) |
Microsoft did not issue official fixes during the recent January Patch Tuesday update window. |
|
|
|
|
2019-01-18 10:02:00 |
Microsoft launches Azure DevOps bug bounty program, $20,000 rewards on offer (lien direct) |
The Redmond giant is keenly interested in remote code execution and privilege escalation flaws. |
|
|
|
|
2019-01-17 23:08:04 |
Hacker behind \'Football Leaks\' arrested in Hungary (lien direct) |
Hacker is a 30-year-old Portuguese man. Police haven't released his name, but several news outlets claim he's named Rui Pinto, a man they've identified and have been tracking for years. |
|
|
|
|
2019-01-17 20:40:00 |
Twitter bug revealed private tweets for some Android users for almost five years (lien direct) |
Some Twitter for Android users had their private tweets exposed to non-followers and search engines. |
|
|
|
|
2019-01-17 18:35:01 |
Online stores for governments and multinationals hacked via new security flaw (lien direct) |
Little-known database management tool allowed hackers to take over sites and inject malicious code that steals payment card details. |
Tool
|
|
★★★★★
|
|
2019-01-17 16:46:00 |
West African banks hit by multiple hacking waves last year (lien direct) |
Banks in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit. |
|
|
|
|
2019-01-17 14:13:02 |
Some Android GPS apps are just showing ads on top of Google Maps (lien direct) |
Apps have been downloaded over 50 million times. Google has failed to removed them, even if they blatantly break their own license. |
|
|
|
|
2019-01-17 13:21:00 |
Oklahoma gov data leak exposes FBI investigation records, millions of department files (lien direct) |
An Oklahoma Department of Securities server allowed anyone to download government files. |
|
|
|
|
2019-01-17 11:57:03 |
Facebook removes propaganda network linked to Russian media group Sputnik (lien direct) |
Facebook says Sputnik employees ran hundreds of Facebook pages and accounts, some posing as politicians in other countries. |
|
|
|
|
2019-01-17 09:02:05 |
Zix acquires AppRiver in $275 million deal (lien direct) |
It seems like 2019 is the year to purchase cloud security companies. |
|
|
|
|
2019-01-17 00:27:00 |
Google Chrome extension that steals card numbers still available on Web Store (lien direct) |
Fake "Flash Player" extension has been available since February 2018, was installed by roughly 400 users. |
|
|
|
|
2019-01-16 19:54:03 |
Hackers breach and steal data from South Korea\'s Defense Ministry (lien direct) |
Government says hackers breached 30 computers and stole data from 10. |
|
|
|
|
2019-01-16 14:09:00 |
Advertising network compromised to deliver credit card stealing code (lien direct) |
Hundreds of online stores confirmed to be impacted, thousands of more under investigation. |
|
|
|
|
2019-01-16 13:34:03 |
VOIPO database exposed millions of call and SMS logs, system data (lien direct) |
The database was used for development purposes but the data on offer to the public was valid. |
|
|
|
|
2019-01-16 12:19:00 |
NanoCore Trojan is protected in memory from being killed off (lien direct) |
If you are infected with this malware, you might find it is more difficult to eradicate than standard Trojans. |
|
|
|
|
2019-01-16 10:43:02 |
Fortnite security issue would have granted hackers access to accounts (lien direct) |
Check Point recommends that Fortnite players enable two-factor authentication (2FA) for their accounts. |
|
|
|
|
2019-01-16 02:08:01 |
North Korean hackers infiltrate Chile\'s ATM network after Skype job interview (lien direct) |
Redbanc employee applied for a LinkedIn job and got a call from the world's most active hacker crews. |
|
|
|
|
2019-01-16 00:09:00 |
New Ethereum version postponed after discovery of serious security flaw (lien direct) |
Ethereum Constantinople Upgrade hits last minute snag that saves many users from catastrophic losses. |
|
|
|