Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 17:00:00 |
Microsoft Upgrades Windows 11 With New Security Features (lien direct) |
The list includes application control enhancements and vulnerable drivers protection, among others |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 16:00:00 |
350K Open-Source Projects At Risk of Supply Chain Vulnerability (lien direct) |
The flaw resides in the tarfile module, automatically installed in any Python project |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 15:30:00 |
NCSC: British Retailers Need to Move Beyond Passwords (lien direct) |
The UK's national cybersecurity agency also advised organizations on what steps they should take if their brand has been spoofed online |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 15:00:00 |
Multiple Vulnerabilities Discovered in Dataprobe\'s iBoot-PDUs (lien direct) |
They pose a number of risks to Dataprobe, including giving control of the iBoot-PDU to attackers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 11:45:00 |
Two-Fifths of US Consumers Suffer Personal Data Theft (lien direct) |
Those suffering emotional and physical impact surges |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 09:10:00 |
Video Game Publisher Admits Helpdesk Was Hijacked (lien direct) |
Players were sent malicious links disguised as support tickets |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-21 08:25:00 |
Open Source Repository Attacks Soar 700% in Three Years (lien direct) |
Sonatype says it has detected 95,000 since 2019 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 17:00:00 |
Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access (lien direct) |
Potential attacks resulting from it may include privilege escalation and cross–tenant access |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 17:00:00 |
California Signs Internet Privacy Legislation to Boost Children\'s Safety Online (lien direct) |
The new legislation will implement some of the strictest privacy requirements in the US |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 16:00:00 |
Europol and Bitdefender Jointly Release LockerGoga Decryptor (lien direct) |
LockerGoga targeted several companies in Norway and across the US in 2019 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 15:30:00 |
Grand Theft Auto Publisher Rockstar Games Hacked (lien direct) |
The threat actor 'teapotuberhacker' could be linked to the Lapsus$ hacking group |
Threat
|
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 15:00:00 |
Hackers Admit Destroying InterContinental Hotels Group\'s Data \'For Fun\' (lien direct) |
They tried to conduct a ransomware attack against IHG and upon failing, decided to delete the data |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 14:01:00 |
Quantum Computing Already Putting Data at Risk, Cyber Pros Agree (lien direct) |
In the Deloitte poll, 50.2% of respondents said their organization is at risk of 'harvest now, decrypt later' attacks |
|
Deloitte
Deloitte
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 09:30:00 |
American Airlines Breach Exposes Customer and Staff Information (lien direct) |
An undisclosed number of people have been impacted |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 09:10:00 |
Revolut Breach May Have Hit 50,000+ Customers (lien direct) |
Major phishing risk as personal details are compromised |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-20 08:40:00 |
Uber Blames Lapsus$ for Breach (lien direct) |
Threat actor bombarded Uber contractor with 2FA requests |
Threat
|
Uber
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-17 14:30:00 |
New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems (lien direct) |
It tried to trick victims into clicking on malicious files as part of a fake Amazon job assessment |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-17 13:00:00 |
CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws (lien direct) |
Four of the CVEs posted are from 2013, and one is from 2010 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 09:30:00 |
Allies Warn of Iranian Ransom Attacks Using Log4Shell (lien direct) |
US authorities indict and sanction in fresh crackdown |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 09:00:00 |
Uber Hacker May Have Compromised Secret Bug Reports (lien direct) |
Attacker looks to have admin access to cloud accounts |
|
Uber
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-16 08:30:00 |
Crypto Scams Soar as Domains Surge 335% (lien direct) |
Most fake domains are registered in Russia |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 17:12:00 |
Webworm Attackers Deploy Modified RATs in Espionage Attacks (lien direct) |
The group reportedly developed customized versions of Trochilus, Gh0st RAT and 9002 RAT |
|
|
★★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 16:28:00 |
Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence (lien direct) |
APT groups have leveraged Notepad++ plugins for nefarious purposes in the past |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 15:42:00 |
YouTube Users Targeted By RedLine Self-Spreading Stealer (lien direct) |
RedLine can steal usernames, passwords, cookies, bank card details and autofill data from browsers |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 09:50:00 |
User Alert as Phishing Campaigns Exploit Queen\'s Passing (lien direct) |
Experts urge the public not to fall for classic scams |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 09:10:00 |
Cybercrime Forum Admins Steal from Site Users (lien direct) |
Report reveals there's no honor among thieves |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 08:30:00 |
Cybercrime Fears for Children as Cost-of-Living Bites (lien direct) |
UK parents concerned about repercussions of soaring inflation |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-15 08:00:00 |
ISACA: Ensuring Digital Trust Key to Digital Transformation Success (lien direct) |
ISACA's State of Digital Trust 2022 report highlights increasing importance of digital trust across businesses |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 17:00:00 |
Vulnerabilities Found in Airplane WiFi Devices, Passengers\' Data Exposed (lien direct) |
The flaws affected the Flexlan FX3000 and FX2000 series wireless LAN devices made by Contec |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 16:00:00 |
SparklingGoblin APT Targeted Hong Kong University With New Linux Backdoor (lien direct) |
Eset also said the same university was targeted during student protests in May 2020 |
|
|
★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 15:00:00 |
FormBook Knocks Off Emotet As Most Used Malware in August (lien direct) |
The report also suggested the Android spyware Joker took third place in the mobile index |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 09:20:00 |
Four-Fifths of Firms Hit by Critical Cloud Security Incident (lien direct) |
Data leaks, breaches and intrusions caused headaches over past year |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 08:50:00 |
DDoS Attacks on UK Firms Surge During Ukraine War (lien direct) |
Overall incidents fell in H1 2022, according to FOI data |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-14 08:40:00 |
Microsoft Fixes Two Zero-Days This Patch Tuesday (lien direct) |
Redmond passes 1000 CVEs for the year already |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 17:00:00 |
iOS 16 Launches With Lockdown Mode, Spyware Protection, Safety Check (lien direct) |
iOS 16 supports iPhone devices starting from the iPhone 8 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 16:00:00 |
ShadowPad-Associated Hackers Targeted Asian Governments (lien direct) |
The attacks have been underway since early 2021 and appear focused on intelligence gathering |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 15:00:00 |
Hackers Steal Steam Credentials With \'Browser-in-the-Browser\' Technique (lien direct) |
Some of the Steam accounts stolen were reportedly valued between $100,000 and $300,000 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 09:55:00 |
Ransomware Gang Hacks VoIP for Initial Access (lien direct) |
Mitel MiVoice appliance bug exploited in sophisticated attack |
|
|
★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 09:20:00 |
Iranian Hackers Launch Renewed Attack on Albania (lien direct) |
Prime Minister warns of disruption at border crossings |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-13 08:45:00 |
Researchers Warn of 674% Surge in Deadbolt Ransomware (lien direct) |
Malware continues to infect QNAP devices |
Ransomware
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 17:00:00 |
US Treasury Sanctions Iranian Minister Over Hacking of Govt and Allies (lien direct) |
Iran would have directed several networks of cyber threat actors in support of its political goals |
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 16:00:00 |
High Severity Vulnerabilities Found in HP Enterprise Devices (lien direct) |
The flaws affect HP EliteBook devices and have CVSS scores between 7.5 and 8.2 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 15:00:00 |
Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor (lien direct) |
The flaws were discovered despite Harbor having implemented RBAC on most HTTP endpoints |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 10:00:00 |
Cops Raid Suspected Fraudster Penthouses (lien direct) |
Gang believed to have posed as UK financial regulator |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 09:30:00 |
Ransomware Actors Embrace Intermittent Encryption (lien direct) |
New technique makes for faster encryption and improved evasion |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 09:00:00 |
ICO Slams Government Departments Over FOI Failings (lien direct) |
Regulator takes a harder line on enforcement |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:30:00 |
North Korean Lazarus Group Hacked Energy Providers Worldwide (lien direct) |
The campaign was disclosed by Symantec and AhnLab but Cisco Talos is now providing more details |
|
APT 38
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:00:00 |
Investigators Seize $30m in Stolen Crypto from North Korea (lien direct) |
Funds were taken in biggest ever digital currency heist |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:00:00 |
Hackers Compromise Employee Data at PVC-Maker Eurocell (lien direct) |
Law firm is demanding more info from the company |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-11 12:30:00 |
Vulnerability in WordPress BackupBuddy Plugin Exploited By Hackers (lien direct) |
Wordfence claimed to have blocked 4,948,926 attacks targeting this vulnerability |
|
|
|