Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-07-19 13:14:05 |
PayPal phishing campaign goes after more than just your login credentials (lien direct) |
>Scammers have created a PayPal phishing campaign that extensively asks for sensitive information, including government IDs and headshot photos.
|
|
|
|
|
2022-07-19 12:07:10 |
Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately! (lien direct) |
We take a look at a WordPress plugin, abandoned and open to JavaScript related exploitation. Uninstall it now!
|
|
|
|
|
2022-07-19 11:12:11 |
Roblox breached: Internal documents posted online by unknown attackers (lien direct) |
We take a look at reports that internal Roblox employee documents have been leaked by an as-yet unknown attacker.
|
|
|
|
|
2022-07-18 15:55:11 |
The FTC will go after companies misusing location, health, and other sensitive data (lien direct) |
The FTC will keep an eye on companies that mishandle and misuse data to protect reproductive healthcare data in post-Roe America.
|
|
|
|
|
2022-07-18 15:17:26 |
Roe v. Wade: How the cops can use your data: Lock and Code S03E15 (lien direct) |
>This week on Lock and Code, we discuss how law enforcement can now use your data, ever since the Supreme Court overturned Roe v. Wade.
|
|
|
|
|
2022-07-18 12:51:46 |
Extortionists target restaurants, demand money to take down bad reviews (lien direct) |
We take a look at reports of organised review bombing, leading to extortion threats to get the negative ratings removed.
|
Guideline
|
|
|
|
2022-07-14 16:09:41 |
Elden Ring maker Bandai Namco hit by ransomware and data leaks (lien direct) |
>We take a look at a major ransomware attack impacting video game giant Bandai Namco, laced with the potential threat of data leakage.
|
Threat
Ransomware
|
|
|
|
2022-07-14 16:05:15 |
Predatory Sparrow massively disrupts steel factories while keeping workers safe (lien direct) |
>A hacking group displays its sophisticated skills by causing molten steel to spew from factory foundries. Could a state be backing the group?
|
|
|
|
|
2022-07-14 15:03:32 |
New variant of Android SpyJoker malware removed from Play Store after 3 million+ installs (lien direct) |
A researcher found eight malware-laden apps in the Play Store which have been downloaded over 3 million times.
|
Malware
|
|
|
|
2022-07-14 14:38:41 |
China\'s Tonto Team increases espionage activities against Russia (lien direct) |
China is gathering more intel about Russia after strengthening their diplomatic ties in the face of Western sanctions.
|
|
|
|
|
2022-07-14 14:35:10 |
Endpoint security for Mac: 3 best practices (lien direct) |
>In this post, we break down three endpoint security for Mac best practices to help you prevent phishing attacks, DDoS attacks, and much more.
|
|
|
|
|
2022-07-14 11:29:56 |
Low-income consumers preyed on by fake ISP during pandemic, FCC says (lien direct) |
>Cleo Communications took advantage of the FCC's EBB program to scam those already struggling with money when the pandemic struck.
|
|
|
|
|
2022-07-13 21:16:17 |
Ransomware rolled through business defenses in Q2 2022 (lien direct) |
>2022 is shaping up to be another banner year for ransomware, which continued to dominate the threat landscape in Q2.
|
Threat
|
|
|
|
2022-07-13 16:17:09 |
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign (lien direct) |
>While the war in Ukraine still rages, various threat actors continue to launch cyber attacks against its government entities. In this blog we review the latest campaign from the UAC-0056 threat group.
|
Threat
|
|
|
|
2022-07-13 15:09:44 |
WhatsApp warns users: Fake versions of WhatsApp are trying to steal your personal info (lien direct) |
We take a look at warnings of malware-infested WhatsApp downloads offered outside of the Google Play store.
|
|
|
|
|
2022-07-13 12:21:53 |
Update now-July Patch Tuesday patches include fix for exploited zero-day (lien direct) |
>July's Patch Tuesday gives us a lot of important security updates. Most prominently, a known to be exploited vulnerability in Windows CSRSS.
|
Vulnerability
|
|
|
|
2022-07-12 14:49:22 |
Fake streamed cricket matches knocks victims for six (lien direct) |
>We take a look at an incredible scam which involves an entire village faking cricket matches for an online betting ring.
|
|
|
|
|
2022-07-12 13:35:15 |
PyPI starts rolling out required 2FA for important projects (lien direct) |
PyPI is rolling out a 2FA requirement for maintainers of critical projects.
|
|
|
|
|
2022-07-12 13:20:49 |
Insecure password leads to Mangatoon data breach (lien direct) |
Popular comics site Mangatoon has been breached due to a poorly secured database.
|
Data Breach
|
|
|
|
2022-07-11 10:55:23 |
(Déjà vu) A week in security (July 4 – July 10) (lien direct) |
The most important and interesting computer security stories from the last week.
|
|
|
|
|
2022-07-11 09:36:30 |
Europe threatens to ban Facebook over data transfers to the US (lien direct) |
>The EU is warning Meta that it needs to make big changes to the way it handles data transfers between the Europe and US.
|
|
|
|
|
2022-07-11 09:12:17 |
Microsoft appears to be rolling back Office Macro blocking (lien direct) |
We waited three decades for macro blocking...and now it's going away again!
|
|
|
|
|
2022-07-11 08:40:19 |
Tech support scammers caught by their own cameras (lien direct) |
>A Youtuber has hacked into the CCTV cameras of an office used by tech support scammers and recorded them being arrested by the police.
|
|
Uber
|
|
|
2022-07-10 22:39:03 |
4 ways businesses can save money on cyber insurance (lien direct) |
When it comes to insurance, better security means better savings.
|
|
|
|
|
2022-07-10 21:43:29 |
North Korean APT targets US healthcare sector with Maui ransomware (lien direct) |
CISA warns of an unusual ransomware.
|
Ransomware
|
|
|
|
2022-07-10 21:27:14 |
How the FBI quietly added itself to criminals\' instant message conversations (lien direct) |
Researchers have given the world a glimpse of how the FBI's An0m devices were able to eavesdrop on criminals.
|
|
|
|
|
2022-07-08 16:07:39 |
Fake job offer leads to $600 million theft (lien direct) |
>Bogus job offers and unrevoked permissions are to blame for a massive crypto-heist which took place earlier this year.
|
|
|
|
|
2022-07-08 15:57:26 |
YouTube AI wrongfully flags horror short “Show for Children” as suitable for children (lien direct) |
"Show for Children" is most definitely not to be shown to children.
|
|
|
|
|
2022-07-08 11:55:44 |
Report: Brazil must do more to encrypt, back up data (lien direct) |
>We take a look at a report which indicates Brazil has a long way to go with regard to encrypting and backing up data.
|
|
|
|
|
2022-07-07 12:55:42 |
Apple Lockdown Mode helps protect users from spyware (lien direct) |
>Apple has announced a new feature called Lockdown Mode, designed to provide a safer environment on iOS for people at high risk of what Apple refers to as "mercenary spyware."
|
|
|
|
|
2022-07-06 15:17:39 |
Verified Twitter accounts phished via hate speech warnings (lien direct) |
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
|
|
|
|
|
2022-07-06 15:09:03 |
Discord Shame channel goes phishing (lien direct) |
>We take a look at reports that a Discord channel is being used to scare users into handing over login credentials.
|
|
|
|
|
2022-07-06 14:11:31 |
IconBurst software supply chain attack offers malicious versions of NPM packages (lien direct) |
>Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.
|
|
|
|
|
2022-07-06 13:39:11 |
Google to delete location data of trips to abortion clinics (lien direct) |
Google upped it privacy efforts by deleting location history of visits to abortion clinics.
|
|
|
|
|
2022-07-05 14:51:08 |
TikTok is “unacceptable security risk” and should be removed from app stores, says FCC (lien direct) |
According to the FCC commissioner, TikTok being a video app is the "sheep's clothing", suggesting a wolf hides underneath those funny videos.
|
|
|
|
|
2022-07-05 14:34:06 |
Cloud-based malware is on the rise. How can you secure your business? (lien direct) |
>Cloud-based malware in on the rise. In this post, we'll cover four ways you can help secure your business against cloud-based malware.
|
Malware
|
|
|
|
2022-07-05 13:56:04 |
Update now! Chrome patches ANOTHER zero-day vulnerability (lien direct) |
>Google has patched a vulnerability in Chrome which was being exploited in the wild. Make sure you're using the latest version.
|
Vulnerability
|
|
|
|
2022-07-04 21:08:37 |
HackerOne insider fired for trying to claim other people\'s bounties (lien direct) |
Bug bounty platform HackerOne has disclosed that it was the victim of a rogue insider.
|
|
|
|
|
2022-07-04 19:51:26 |
When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14 (lien direct) |
This week on Lock and Code, we discuss the various laws that can be violated when good-faith hacking reveals security flaws.
|
|
|
|
|
2022-07-04 17:30:13 |
Insider Threat: Employees indicted for stealing $88 million of license keys (lien direct) |
Avaya, a communications company for SMBs, was left in the dark for years as insiders stole and sold its license keys.
|
|
|
|
|
2022-07-04 12:01:00 |
5 pro-freedom technologies that could change the Internet (lien direct) |
>To celebrate Independence Day we're drawing attention to five technologies that could improve life, liberty and the pursuit of happiness on the Internet.
|
|
|
|
|
2022-07-04 11:20:16 |
“Free UK visa” offers on WhatsApp are fakes (lien direct) |
We take a look at a site claiming to offer "free" visa access to the UK via WhatsApp. All is not quite as it seems.
|
|
|
|
|
2022-07-04 10:36:11 |
My Body, My Data Act would lock down reproductive and sexual health data (lien direct) |
A new bill proposes the strongest Federal data privacy protections yet for reproductive and sexual health data.
|
|
|
|
|
2022-07-04 10:04:58 |
(Déjà vu) A week in security (June 27 – July 3) (lien direct) |
The most important and interesting computer security stories from the last week.
|
|
|
|
|
2022-07-01 21:40:25 |
Ransomware review: June 2022 (lien direct) |
>LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
|
Threat
Ransomware
|
|
|
|
2022-07-01 18:21:06 |
AstraLocker 2.0 ransomware isn\'t going to give you your files back (lien direct) |
Through malice or carelessness, AstraLocker breaks the "circle of trust".
|
Ransomware
|
|
|
|
2022-07-01 17:35:43 |
YTStealer targets YouTube content creators (lien direct) |
>We take a look at reports of scammers targeting Youtuber's channels with malware called YTStealer, that eats authentication cookies.
|
Malware
|
Uber
|
|
|
2022-06-30 15:35:14 |
ZuoRAT is a sophisticated malware that mainly targets SOHO routers (lien direct) |
>Researchers have analyzed a long running campaign that compromises SOHO routers to further penetrate and eavesdrop on networks.
|
Malware
|
|
|
|
2022-06-30 15:25:24 |
Amazon Photos vulnerability could have given attackers access to user files and data (lien direct) |
The retail giant patched a serious flaw in its Amazon Photos app that left user access token exposed to potential attackers.
|
Vulnerability
|
|
|
|
2022-06-30 14:55:16 |
Criminals are applying for remote work using deepfake and stolen identities, says FBI (lien direct) |
The FBI has warned businesses of an uptick in reports of criminals applying for remote work using deepfake and stolen PII.
|
|
|
|