Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-11-13 10:28:38 |
Chainalysis launches program to manage cryptocurrency seized by law enforcement (lien direct) |
The program will monitor and store virtual coins confiscated in criminal cases. |
|
|
|
|
2020-11-13 10:02:07 |
Amazon files lawsuit against Instagram, TikTok influencers over \'dupe\' sales scam (lien direct) |
The company claims influencers worked together to promote fake products listed on Amazon's platform. |
|
|
|
|
2020-11-13 05:40:03 |
Info of 27.7 million Texas drivers exposed in Vertafore data breach (lien direct) |
Vertafore blames incident on human error after user data was stored on an unsecured external storage service. The files were accessed by an external party. |
Data Breach
|
|
|
|
2020-11-13 00:07:00 |
Australian government warns of possible ransomware attacks on health sector (lien direct) |
The ACSC says it has seen an uptick in attacks targeting the health sector with SDBBot, a known precursor of the Clop ransomware. |
Ransomware
|
|
|
|
2020-11-12 20:48:30 |
BlackBerry discovers new hacker-for-hire mercenary group (lien direct) |
CostaRicto is the fifth hacker-for-hire mercenary group discovered this year. |
|
|
|
|
2020-11-12 13:58:14 |
Comodo open-sources its EDR solution (lien direct) |
OpenEDR, announced in September, is available on GitHub starting this week. |
|
|
|
|
2020-11-12 11:40:43 |
KuCoin CEO says 84% of stolen cryptocurrency has been recovered (lien direct) |
Estimates suggest millions of dollars in cryptocurrency could still be outstanding. |
|
|
|
|
2020-11-12 10:32:49 |
New ModPipe malware targets hospitality, hotel point of sale systems (lien direct) |
The backdoor has been created to target PoS devices actively used by thousands of hotels and restaurants. |
Malware
|
|
|
|
2020-11-12 05:20:03 |
Microsoft urges users to stop using phone-based multi-factor authentication (lien direct) |
Microsoft recommends using app-based authenticators and security keys instead. |
|
|
|
|
2020-11-11 22:40:00 |
Google patches two more Chrome zero-days (lien direct) |
Google has now patched five Chrome zero-days in three weeks. |
|
|
|
|
2020-11-11 18:32:18 |
Recent ransomware wave targeting Israel linked to Iranian threat actors (lien direct) |
Israeli companies have seen an uptick in attacks and successful infections with the Pay2Key and WannaScream ransomware. |
Threat
Ransomware
|
|
|
|
2020-11-11 15:50:26 |
Play Store identified as main distribution vector for most Android malware (lien direct) |
Mammoth research project using Symantec (now NortonLifeLock) telemetry confirms what everyone suspected. |
Malware
|
|
|
|
2020-11-11 12:59:41 |
Palo Alto Networks acquires attack surface manager Expanse in $800m deal (lien direct) |
Expanse's platform will be added to the Cortex product suite. |
|
|
|
|
2020-11-11 11:31:42 |
Avast warns of Minecraft skin, mod apps fleecing \'millions\' of Android users (lien direct) |
Ridiculously expensive subscriptions are costing users as much as $120 per month. |
|
|
|
|
2020-11-11 08:23:29 |
Adobe releases new security fixes for Connect, Reader Mobile (lien direct) |
This month's update is small in comparison to last month's flurry of emergency fixes. |
|
|
|
|
2020-11-11 06:00:03 |
Facebook link preview feature used as a proxy in website-scraping scheme (lien direct) |
Mysterious groups have been scraping data from internet sites by abusing Facebook's link preview feature, using Facebook API servers as proxies to avoid getting blacklisted. |
|
|
|
|
2020-11-10 18:27:00 |
Microsoft November 2020 Patch Tuesday arrives with fix for Windows zero-day (lien direct) |
The Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities, 24 of which are remote code execution (RCE) bugs. |
|
|
|
|
2020-11-10 18:00:00 |
New Platypus attack can steal data from Intel CPUs (lien direct) |
Intel has released microcode updates today to prevent attackers from abusing the Intel RAPL mechanism to steal sensitive data from its CPUs. |
|
|
|
|
2020-11-10 13:34:42 |
Critical privilege escalation bugs squashed in WordPress Ultimate Member plugin (lien direct) |
The vulnerabilities impacted roughly 100,000 websites. |
|
|
|
|
2020-11-10 08:58:13 |
Chrome to block tab-nabbing attacks (lien direct) |
Firefox and Safari are already blocking these types of web attacks |
|
|
|
|
2020-11-10 06:00:04 |
New \'Ghimob\' malware can spy on 153 Android mobile applications (lien direct) |
New Ghimob Android trojan rises and evolves from Brazil to spread internationally. |
Malware
|
|
|
|
2020-11-09 23:18:13 |
(Déjà vu) Npm package caught stealing sensitive Discord and browser files (lien direct) |
Malicious code was found hidden inside a JavaScript library named Discord.dll. |
|
|
|
|
2020-11-09 20:59:00 |
Bug hunter wins \'Researcher of the Month\' award for DOD account takeover bug (lien direct) |
Severe bug would have allowed hackers to hijack DOD accounts just by modifying a few parameters in web requests sent to DOD servers. |
|
|
|
|
2020-11-09 19:13:40 |
Zoom settles FTC charges for misleading users about security features (lien direct) |
The FTC accused Zoom of misrepresenting how its call encryption features worked. |
|
|
|
|
2020-11-09 12:49:00 |
Compal, the second-largest laptop manufacturer in the world, hit by ransomware (lien direct) |
Compal factories build laptops for Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu. |
Ransomware
|
|
|
|
2020-11-09 06:00:02 |
Ransomware hits e-commerce platform X-Cart (lien direct) |
Company says it has now recovered from the attack and all customer sites are now back up. |
Ransomware
|
|
|
|
2020-11-08 16:25:12 |
Windows 10, iOS, Chrome, and many others fall at China\'s top hacking contest (lien direct) |
Winning hacker team pockets $744,500 at the Tianfu Cup, China's top hacking contest. |
|
|
|
|
2020-11-08 11:52:00 |
Yahoo Mail discontinues automatic email forwarding for free users (lien direct) |
Automatic email forwarding to be discontinued on January 1, 2021. Existing users told to get a Pro account. |
|
Yahoo
|
|
|
2020-11-07 08:00:03 |
FBI: Hackers stole source code from US government agencies and private companies (lien direct) |
FBI blames intrusions on improperly configured SonarQube source code management tools. |
|
|
|
|
2020-11-06 17:00:00 |
Linux version of RansomEXX ransomware discovered (lien direct) |
This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions. |
Ransomware
|
|
|
|
2020-11-06 12:42:03 |
Israeli companies targeted with new Pay2Key ransomware (lien direct) |
Security firm Check Point reports what appears to be a targeted attack against Israeli companies. |
Ransomware
|
|
|
|
2020-11-06 06:00:03 |
Ransomware gangs that steal your data don\'t always delete it (lien direct) |
Coveware: Half of the Q3 2020 ransomware investigations involved data exfiltration, with cases doubling from the previous quarter. |
Ransomware
|
|
|
|
2020-11-05 19:42:18 |
Apple fixes three iOS zero-days exploited in the wild (lien direct) |
Apple has patched the three zero-days with today's release of iOS 14.2. |
|
|
|
|
2020-11-05 17:20:09 |
Italian beverage vendor Campari knocked offline after ransomware attack (lien direct) |
Campari has refused to engage with the ransomware gang and is restoring systems. |
Ransomware
|
|
|
|
2020-11-05 14:06:00 |
GitHub denies getting hacked (lien direct) |
Someone attached a copy of the GitHub Enterprise Server source code to GitHub's DMCA section, but the GitHub CEO said they mistakenly leaked that code months ago. |
|
|
|
|
2020-11-05 10:46:53 |
New APT hacking group leverages \'KilllSomeOne\' DLL side-loading (lien direct) |
A new entry into the APT scene has peppered its malware with political messages. |
Malware
|
|
|
|
2020-11-05 09:21:31 |
US, Brazilian law enforcement seize $24 million in cryptocurrency generated through online fraud (lien direct) |
Suspects involved in the scheme are being accused of defrauding investors of over $200 million. |
|
|
|
|
2020-11-05 08:33:41 |
Capcom quietly discloses cyberattack impacting email, file servers (lien direct) |
The attack forced Capcom to temporarily pull services to stop the attack from spreading. |
|
|
|
|
2020-11-05 07:35:29 |
Company that runs US illegal immigration detention centers discloses ransomware attack (lien direct) |
Data for inmates and employees at three centers in California, Florida, and Pennsylvania was exposed in a ransomware attack on August 19. |
Ransomware
|
|
|
|
2020-11-04 17:50:03 |
Russian authorities make rare arrest of malware author (lien direct) |
Malware dev made the grave error of deploying his malware inside Russia's borders. |
Malware
|
|
|
|
2020-11-04 12:25:51 |
As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor (lien direct) |
The ransomware's 'retirement' has left a hole that Egregor operators may capitalize on. |
Ransomware
|
|
|
|
2020-11-04 11:22:48 |
Police launch pilot program to tap resident Ring camera live streams (lien direct) |
The small trial could herald a wider rollout with participating residents in the future. |
|
|
|
|
2020-11-04 10:12:33 |
23,600 hacked databases have leaked from a defunct \'data breach index\' site (lien direct) |
Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September. |
|
|
|
|
2020-11-04 01:22:14 |
Toy maker Mattel discloses ransomware attack (lien direct) |
Mattel said the ransomware attack had "no material impact to [its] operations or financial condition." |
Ransomware
|
|
|
|
2020-11-04 00:30:00 |
REvil ransomware gang \'acquires\' KPOT malware (lien direct) |
Ransomware gang who claims to have earned $100 million buys the source code of the KPOT information stealer trojan for $6,500. |
Ransomware
Malware
|
|
|
|
2020-11-03 21:42:00 |
US voters targeted with robocalls telling them to stay home or vote tomorrow (lien direct) |
Robocalls have been reported in Florida, Georgia, Iowa, Kansas, Michigan, Nebraska, New York, New Hampshire, and North Carolina. |
|
|
|
|
2020-11-03 18:24:54 |
After two zero-days in Chrome desktop, Google patches a third zero-day in the Android version (lien direct) |
Android smartphone users are advised to update Chrome to version 86.0.4240.185 or later. |
|
|
|
|
2020-11-03 17:01:52 |
Configuration snafu exposes passwords for two million marijuana growers (lien direct) |
Passwords for GrowDiaries users were stored using the weak MD5 hashing function, putting customer accounts at risk of attacks. |
|
|
|
|
2020-11-03 10:17:28 |
FireEye releases ThreatPursuit, a Windows VM for threat intel analysts (lien direct) |
ThreatPursuit VM comes packed with more than 50 tools threat intelligence analysts use to hunt adversaries. |
Threat
|
|
|
|
2020-11-03 09:41:56 |
Russian hacker jailed over botnet data scraping scheme that drained victim bank accounts (lien direct) |
Prosecutors estimate the scheme has caused financial losses of at least $100 million. |
|
|
|