Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-05-13 18:45:28 |
US formally accuses China of hacking US entities working on COVID-19 research (lien direct) |
DHS CISA and the FBI issue joint statement on recent Chinese cyber-attacks against COVID-19-related targets. |
|
|
|
|
2020-05-13 17:31:09 |
PrintDemon vulnerability impacts all Windows versions (lien direct) |
PrintDemon vulnerability impacts Windows versions released as far back as 1996. Patches available. |
Vulnerability
|
|
|
|
2020-05-13 11:37:55 |
New Ramsay malware can steal sensitive documents from air-gapped networks (lien direct) |
Ramsay can infect air-gapped computers, collect Word, PDF, and ZIP files in a hidden folder, and then wait for exfiltration. |
Malware
|
|
|
|
2020-05-13 10:01:40 |
Adobe issues patches for 36 vulnerabilities in DNG, Reader, Acrobat (lien direct) |
May's patch round includes fixes for remote code execution flaws. |
|
|
|
|
2020-05-13 08:04:09 |
Windows 10 to get PUA/PUP protection feature (lien direct) |
New PUA/PUP-blocking security feature to roll out with the Windows 10 May 2020 update. |
|
|
|
|
2020-05-13 04:20:00 |
DHS CISA and FBI share list of top 10 most exploited vulnerabilities (lien direct) |
Office is the most exploited technology, followed by Apache Struts. |
|
|
|
|
2020-05-13 01:27:00 |
Huawei denies involvement in buggy Linux kernel patch proposal (lien direct) |
Huawei says employee submitted code as part of a personal project, not on behalf of the company. |
|
|
|
|
2020-05-12 20:38:14 |
Google removed 813 creepware apps from the Android Play Store (lien direct) |
The applications were discovered with a new algorithm called CreepRank, developed by a team of academics. |
|
|
|
|
2020-05-12 17:53:00 |
Microsoft May 2020 Patch Tuesday fixes 111 vulnerabilities (lien direct) |
Third-largest Patch Tuesday in Microsoft's history started rolling out earlier today. |
|
|
|
|
2020-05-12 16:36:18 |
On the three-year anniversary of WannaCry, US exposes new North Korean malware (lien direct) |
US cyber-security officials expose today three new North Korean malware strains named COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. |
Malware
|
Wannacry
|
|
|
2020-05-12 10:41:09 |
Texas courts slammed by ransomware attack (lien direct) |
Officials say they will not bow to any blackmail or ransom demands. |
Ransomware
|
|
|
|
2020-05-12 09:46:15 |
WordPress plugin Page Builder by SiteOrigin patched against code execution attacks (lien direct) |
The vulnerabilities impacted over one million websites. |
|
|
|
|
2020-05-12 08:17:44 |
Android app promised to serve news updates, served ESET with a DDoS attack instead (lien direct) |
The app managed to slither into Google Play and was downloaded at least 50,000 times. |
|
|
|
|
2020-05-12 04:02:46 |
Astaroth malware hides command servers in YouTube channel descriptions (lien direct) |
Astaroth continues to evolve into a dangerous threat. Luckily, it's only spreading in Brazil only, right now. |
Malware
|
|
|
|
2020-05-11 19:42:37 |
Iran reports failed cyber-attack on Strait of Hormuz port (lien direct) |
Iranian officials said hackers infiltrated and damaged a small number of computers at the port of Shahid Rajaei in the city of Bandar Abbas. |
|
|
|
|
2020-05-11 16:13:00 |
Package delivery giant Pitney Bowes confirms second ransomware attack in 7 months (lien direct) |
Pitney Bowes network infected with Maze ransomware, after the company got hit by the Ryuk gang in October last year. |
Ransomware
|
|
|
|
2020-05-11 12:29:53 |
Zeus Sphinx revamped as coronavirus relief payment attack wave continues (lien direct) |
The financial malware has been upgraded with new C2 setups and encryption keys. |
Malware
|
|
|
|
2020-05-11 09:20:45 |
Data leak, phishing security flaws disclosed in Oracle iPlanet Web Server (lien direct) |
Security patches will not be issued to fix the problems. |
|
|
|
|
2020-05-11 01:40:36 |
Microsoft and Intel project converts malware into images before analyzing it (lien direct) |
Microsoft and Intel Labs work on STAMINA, a new deep learning approach for detecting and classifying malware. |
Malware
|
|
|
|
2020-05-09 19:37:47 |
Microsoft adds protection against Reply-All email storms in Office 365 (lien direct) |
Redmond adds protection against massive "Reply-All" email storms after suffering two internal incidents in 2019 and 2020. |
|
|
|
|
2020-05-09 14:10:56 |
A hacker group is selling more than 73 million user records on the dark web (lien direct) |
Hacker group "ShinyHunters" is selling the data of 10 companies on a dark web cybercrime marketplace. |
|
|
|
|
2020-05-09 01:32:00 |
Black Hat and DEF CON security conferences to take place in a virtual format (lien direct) |
"Defcon is canceled" meme becomes reality. |
|
|
|
|
2020-05-09 00:20:15 |
US Marshals Service exposed prisoner details in security breach (lien direct) |
Security breach took place in December 2019 and was discovered by the DOJ's JSOC team. |
|
|
|
|
2020-05-08 20:31:00 |
Digital Ocean says it exposed customer data after it left an internal document online (lien direct) |
Digital Ocean says no customer servers were accessed following this security lapse. |
|
APT 32
|
|
|
2020-05-08 16:10:00 |
Cognizant expects to lose between $50m and $70m following ransomware attack (lien direct) |
Cognizant says April ransomware incident will negatively impact Q2 revenue. |
Ransomware
|
|
|
|
2020-05-08 05:10:53 |
Dating app MobiFriends silent on security breach impacting 3.6 million users (lien direct) |
The personal details of 3.68 million MobiFriends users have been posted online in April 2020. |
|
|
|
|
2020-05-08 02:12:37 |
Hacker gains access to a small number of Microsoft\'s private GitHub repos (lien direct) |
Hack considered harmless as the hacker did not gain access to the source code of any major Microsoft apps. |
Hack
|
|
★★★★★
|
|
2020-05-07 22:26:10 |
Microsoft: 150 million people are using passwordless logins each month (lien direct) |
Internally, 90% of Microsoft employees already use a passwordless authentication solution. |
|
|
|
|
2020-05-07 11:15:10 |
Major European private hospital operator struck by ransomware (lien direct) |
Fresenius says despite IT system disruption, patient care is carrying on as normal. |
Ransomware
|
|
|
|
2020-05-07 06:14:23 |
For 8 years, a hacker operated a massive IoT botnet just to download Anime videos (lien direct) |
The botnet consisted solely of D-Link NAS and NVR devices and the botnet peaked at 10,000 bots in 2015. |
|
|
|
|
2020-05-06 18:35:00 |
Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 (lien direct) |
Samsung patched this month a critical bug discovered by Google security researchers. |
Vulnerability
|
|
|
|
2020-05-06 15:15:04 |
Hackers hide web skimmer behind a website\'s favicon (lien direct) |
Hackers created a fake image-hosting portal to hide a web skimming operation. |
|
|
|
|
2020-05-06 12:56:55 |
Search provider Algolia discloses security incident due to Salt vulnerability (lien direct) |
Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra. |
Vulnerability
|
|
|
|
2020-05-06 12:53:53 |
Facebook wipes out accounts linked to \'fringe conspiracy\' QAnon content (lien direct) |
The QAnon conspiracy theory movement surrounds US President Trump and bringing down the “deep state.” |
|
|
|
|
2020-05-06 10:20:34 |
Logistics giant Toll Group hit by ransomware for the second time in three months (lien direct) |
Toll says that it has no intention of bowing to blackmail. |
Ransomware
|
|
|
|
2020-05-06 01:00:45 |
Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache (lien direct) |
The leak is already under investigation in Pakistan since last month, April 2020. |
|
|
|
|
2020-05-05 21:50:00 |
(Déjà vu) SAP notifying 9% of customers about security bugs in some cloud products (lien direct) |
SAP says an internal security review found issues with seven of its cloud products. |
|
|
|
|
2020-05-05 21:50:00 |
SAP notifying 9% of customers about mysterious cloud products security holes (lien direct) |
SAP says an internal security review found issues with seven of its cloud products. |
|
|
|
|
2020-05-05 18:27:55 |
A hacker group tried to hijack 900,000 WordPress sites over the last week (lien direct) |
Massive hacking operations causes a 30 times spike in bad traffic. |
|
|
|
|
2020-05-05 14:15:00 |
Europol arrests hackers behind Infinity Black hacker group (lien direct) |
Polish police arrests five hackers for selling stolen user credentials and hacking tools. |
|
|
|
|
2020-05-05 13:00:04 |
The Firefox password manager now tells you when you use leaked passwords (lien direct) |
The Firefox password manager also tells you when a website has suffered a security breach. |
|
|
|
|
2020-05-05 12:00:08 |
Enterprises throw money at cybersecurity but half of attacks are still a success (lien direct) |
Mandiant says that intrusions, policy evasion, and reconnaissance are commonplace in today's enterprise environments. |
|
|
|
|
2020-05-05 11:06:27 |
German authorities charge Russian hacker for 2015 Bundestag hack (lien direct) |
The same hacker was previously charged in the US in 2018 for hacking the DNC and WADA. |
Hack
|
|
|
|
2020-05-05 05:00:07 |
New Kaiji malware targets IoT devices via SSH brute-force attacks (lien direct) |
Researchers say the malware was coded by a Chinese developer for the sole purpose of launching DDoS attacks. |
Malware
|
|
|
|
2020-05-04 23:29:00 |
US financial industry regulator warns of widespread phishing campaign (lien direct) |
FINRA warns of phishing campaign aimed at stealing members' Microsoft Office or SharePoint passwords. |
|
|
|
|
2020-05-04 16:06:00 |
Academics turn PC power units into speakers to leak secrets from air-gapped systems (lien direct) |
POWER-SUPPLaY technique uses "singing capacitor" phenomenon for data exfiltration. |
|
|
|
|
2020-05-04 15:05:38 |
Microsoft warns of multiple malspam campaigns carrying malicious disk image files (lien direct) |
Microsoft: Threat group uses malware-laced ISO and IMG files to infect companies with a remote access trojan. |
Threat
|
|
|
|
2020-05-04 10:37:46 |
Hackers are targeting UK universities to steal coronavirus research, NCSC warns (lien direct) |
State-sponsored hackers from Russia, Iran, and China are suspected. |
|
|
|
|
2020-05-04 01:47:09 |
CursedChrome turns your browser into a hacker\'s proxy (lien direct) |
CursedChrome shows how hackers can take full control over your Chrome browser using just one extension. |
|
|
|
|
2020-05-03 17:46:00 |
Ghost blogging platform servers hacked and infected with crypto-miner (lien direct) |
Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before. |
Vulnerability
|
|
|