Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-05-29 22:54:03 |
CEO who sold encrypted phones to criminal gangs gets nine years in prison (lien direct) |
Phantom Secure customers included the Sinaloa carter and the Hells Angels biker gang. |
|
|
|
|
2019-05-29 20:43:02 |
New HiddenWasp malware found targeting Linux systems (lien direct) |
Malware believed to have been created by Chinese hackers. |
Malware
|
|
★★★
|
|
2019-05-29 13:00:00 |
Over 50,000 MS-SQL, PHPMyAdmin servers infected in Nansh0u campaign (lien direct) |
The attack is believed to have Chinese roots. |
|
|
|
|
2019-05-29 10:53:05 |
Apple sued over alleged sale of iTunes data without customer consent (lien direct) |
The lawsuit claims that Apple has violated the privacy of its users in the quest for profit. |
|
|
|
|
2019-05-29 08:39:02 |
Iranian social network scammers impersonated US political candidates (lien direct) |
Messages were spread to seed dissent over US influence in the Middle East. |
|
|
|
|
2019-05-29 00:20:00 |
Flipboard says hackers stole user details (lien direct) |
Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months. |
Hack
|
|
|
|
2019-05-28 18:07:01 |
Almost one million Windows systems vulnerable to BlueKeep (CVE-2019-0708) (lien direct) |
New research puts an initial estimation of 7.6 million vulnerable systems into more context. |
|
|
|
|
2019-05-28 11:04:00 |
CrowdStrike, NSS Labs resolve court battle over product testing (lien direct) |
NSS Labs has admitted that CrowdStrike Falcon product test results were “inaccurate.” |
|
|
|
|
2019-05-28 11:01:00 |
Chinese military to replace Windows OS amid fears of US hacking (lien direct) |
Chinese military won't move to Linux, but develop a custom OS instead. |
|
|
|
|
2019-05-28 05:00:00 |
CI build logs continue to expose company secrets (lien direct) |
Team of researchers finds GitHub access tokens for various companies inside Travis CI build logs. |
|
|
|
|
2019-05-27 16:55:05 |
The Netherlands becomes the first country to show Amber alerts on ATMs (lien direct) |
Amber alerts will be shown on the screensavers of more than 300 ATMs installed in airports and shopping malls. |
|
|
|
|
2019-05-26 23:58:01 |
Intense scanning activity detected for BlueKeep RDP flaw (lien direct) |
A threat actor hidden behind Tor nodes is scanning for Windows systems vulnerable to BlueKeep flaw. |
Threat
|
|
|
|
2019-05-24 22:48:00 |
Hackers are scanning for MySQL servers to deploy GandCrab ransomware (lien direct) |
Serendipitous discovery unearths new threat for MySQL server owners. |
Ransomware
Threat
|
|
|
|
2019-05-24 19:22:05 |
Australian tech unicorn Canva suffers security breach (lien direct) |
Hacker claims to have stolen the data of 139 million Canva users. |
|
|
|
|
2019-05-24 11:42:00 |
Snapchat internal tools abused to spy on users and pillage data (lien direct) |
Staff members have allegedly abused their positions to spy on Snapchat users. |
|
|
|
|
2019-05-24 11:16:03 |
Windows 10 to warn about insecure WiFi networks using WEP or TKIP (lien direct) |
Support for WEP and TKIP to be removed in future Windows 10 releases. |
|
|
|
|
2019-05-24 09:12:01 |
Equifax rating outlook decimated over cybersecurity breach (lien direct) |
A Moody's downgrade shows that poor security can have severe financial fallout. |
|
Equifax
|
|
|
2019-05-23 22:59:01 |
Mobile Chrome, Safari, and Firefox failed to show phishing warnings for more than a year (lien direct) |
Google Safe Browsing didn't show phishing warnings for mobile browsers between mid-2017 and late-2018. |
|
|
|
|
2019-05-23 16:52:00 |
Researcher publishes Windows zero-days for the third day in a row (lien direct) |
SandboxEscaper publishes two more Windows zero-days, bringing her total up to eight zero-days in ten months. |
|
|
|
|
2019-05-23 11:40:05 |
UK says it warned 16 NATO allies of Russian hacking activities (lien direct) |
UK warns of Russian global hacking campaign targeting critical infrastructure and government networks. |
|
|
|
|
2019-05-23 10:43:01 |
London Underground to begin tracking passengers through Wi-Fi hotspots (lien direct) |
TfL says the default data collection will be used to boost customer services. |
|
|
|
|
2019-05-23 09:33:01 |
Bestmixer seized by police for washing $200 million in tainted cryptocurrency clean (lien direct) |
Bestmixer.io was known for 'washing' cryptocurrency to make the funds untraceable. |
|
|
|
|
2019-05-23 07:20:05 |
TalkTalk customer bank details found through Google search (lien direct) |
A Google query was all it took to find the data of 4,500 customers -- none of whom were informed about the leak. |
|
|
|
|
2019-05-22 23:52:03 |
DNS Flag Day 2020: DNS servers must support both UDP and TCP queries (lien direct) |
Industry group wants to make DNS over TCP support mandatory. |
|
|
|
|
2019-05-22 19:57:00 |
Two more Microsoft zero-days uploaded on GitHub (lien direct) |
SandboxEscaper has now published seven zero-days in Microsoft products; two more to come. |
|
|
|
|
2019-05-22 16:44:00 |
Android and iOS devices impacted by new sensor calibration attack (lien direct) |
SensorID technique can track users across apps and websites using sensor calibration data. |
|
|
|
|
2019-05-22 01:23:00 |
Windows 10 zero-day exploit code released online (lien direct) |
Security researcher 'SandboxEscaper' returns with new Windows LPE zero-day. |
|
|
|
|
2019-05-21 21:17:00 |
Google says it stored some G Suite passwords in unhashed form for 14 years (lien direct) |
G Suite passwords were encrypted when stored on disk, so, at least, they weren't stored in plaintext. |
|
|
|
|
2019-05-21 20:24:00 |
Fending off Zombieload attacks will crush your performance (lien direct) |
To fully protect yourself from potential Zombieload attacks, vendors and early benchmarks show you'll face performance losses of up to 40%. |
|
|
|
|
2019-05-21 18:21:05 |
First official version of Tor Browser for Android released on the Play Store (lien direct) |
After eight months of alpha testing, Tor Browser for Android is now ready for rollout. |
|
|
|
|
2019-05-21 17:34:00 |
Ohio school sends students home because of Trickbot malware infection (lien direct) |
TrickBot infections impacted, PC fleet, phone and HVAC systems. |
Malware
|
|
|
|
2019-05-21 05:34:00 |
Some Elasticsearch security features are now free for everyone (lien direct) |
Company makes TLS support and fine-grained user/role management free for everyone. |
|
|
|
|
2019-05-21 04:15:00 |
Root account misconfigurations found in 20% of top 1,000 Docker containers (lien direct) |
Issue similar to Alpine Linux's CVE-2019-5021 impacts 201 other Docker images. |
|
|
|
|
2019-05-20 22:11:02 |
Google research: Most hacker-for-hire services are frauds (lien direct) |
Survey of 27 hacker-for-hire services found that only five launched attacks against victims. |
|
|
|
|
2019-05-20 17:02:03 |
Google changes how the Escape key is handled in Chrome to fight popup ads (lien direct) |
Google Chrome v76 is getting a new security feature to fight popup spam. |
|
|
|
|
2019-05-20 04:15:00 |
Security researchers discover Linux version of Winnti malware (lien direct) |
Winnti Linux variant used in 2015 in the hack of a Vietnamese gaming company. |
Malware
Hack
|
|
|
|
2019-05-19 16:49:01 |
Company behind LeakedSource pleads guilty in Canada (lien direct) |
LeakedSource sold data on over 3.1 billion accounts, made CAN$247,000 (US$183,000). |
|
|
|
|
2019-05-17 23:51:02 |
Faulty database script brings Salesforce to its knees (lien direct) |
Faulty production script gave users access to all their company's Salesforce data. |
|
|
|
|
2019-05-17 18:49:04 |
Stack Overflow hacker went undetected for a week (lien direct) |
Stack Overflow now says hacker might have also accessed user data. |
|
|
|
|
2019-05-17 16:25:01 |
Chinese cyberspies breached TeamViewer in 2016 (lien direct) |
TeamViewer said it detected and stopped the attack before hackers could do any damage. |
|
|
|
|
2019-05-17 07:19:01 |
Facebook bans Israel\'s Archimedes Group over fake political activity, election disruption (lien direct) |
The corporation has been accused of using fake accounts to influence political campaigns. |
|
|
|
|
2019-05-17 06:40:00 |
A large chunk of Ethereum clients remain unpatched (lien direct) |
Unpatched clients leave Ethereum network vulnerable to 51% attacks. |
|
|
|
|
2019-05-17 04:15:00 |
Hacktivist attacks dropped by 95% since 2015 (lien direct) |
Hacktivist scene collapses as Anonymous hacker collective dies a slow death. |
|
|
|
|
2019-05-16 22:22:00 |
Stack Overflow says hackers breached production systems (lien direct) |
Stack Overflow said it detected a security breach over the weekend. |
|
|
|
|
2019-05-16 18:34:01 |
US telcos say they stopped selling user location data, with a few exceptions (lien direct) |
AT&T, Sprint, T-Mobile, and Verizon tell the FCC they've terminated most user data sharing arrangements. |
|
|
|
|
2019-05-16 16:56:02 |
Privacy concerns raised about upcoming Client-Hints web standard (lien direct) |
Brave devs warn about new alternative user fingerprinting method being rolled out with Chromium-based browsers. |
|
|
|
|
2019-05-16 00:30:04 |
Microsoft releases new version of Attack Surface Analyzer utility (lien direct) |
New Attack Surface Analyzer 2.0 works on Windows, but also Mac and Linux. |
|
|
|
|
2019-05-15 22:10:04 |
Trump signs executive order banning US telcos from buying or using foreign gear (lien direct) |
Executive order doesn't mention Huawei, but it's a Huawei ban for all intents and purposes. |
|
|
|
|
2019-05-15 20:20:01 |
Russian government sites leak passport and personal data for 2.25 million users (lien direct) |
Passport data for high-ranking Russian politicians among the leaked information. |
|
|
|
|
2019-05-15 18:12:01 |
Google to replace faulty Titan security keys (lien direct) |
Vulnerability in Bluetooth pairing protocol forces Google to replace Titan keys sold in the US. |
Vulnerability
|
|
|