Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-09-13 16:06:00 |
Over 60 million wearable, fitness tracking records exposed via unsecured database (lien direct) |
Data sources included Apple's HealthKit and Fitbit. |
|
|
|
|
2021-09-13 14:19:00 |
This is how a cybersecurity researcher accidentally broke Apple Shortcuts (lien direct) |
Detectify explains how investigating CloudKit resulted in Shortcuts disruption for users back in March. |
|
|
|
|
2021-09-10 11:08:38 |
Google debuts new Private Compute features in ramp up of Android security (lien direct) |
Google will also make the source code public for external audits. |
|
|
|
|
2021-09-10 10:12:22 |
US military reservist lands himself prison sentence for operating romance scams (lien direct) |
Older women and men were among his targets. |
|
|
|
|
2021-09-10 08:46:01 |
Ukrainian man extradited to the US to face botnet, data theft charges (lien direct) |
The suspect has been detained ahead of his trial. |
|
|
|
|
2021-09-09 11:18:55 |
Attacker releases credentials for 87,000 FortiGate SSL VPN devices (lien direct) |
Access data for FortiGate devices was obtained by exploiting a known, old vulnerability. |
|
|
|
|
2021-09-09 11:05:02 |
91% of IT teams have felt \'forced\' to trade security for business operations (lien direct) |
When it comes to remote work, security is often the last thing on the priority list. |
|
|
|
|
2021-09-09 09:36:12 |
GitHub tackles severe vulnerabilities in Node.js packages (lien direct) |
Bugs impacting tar and @npmcli/arborist were reported through a bug bounty program. |
|
|
|
|
2021-09-08 14:00:02 |
Pro-Chinese government propaganda campaign spurs on COVID-19 protests in the US (lien direct) |
The campaign is far more extensive than previously thought. |
|
|
|
|
2021-09-08 11:31:44 |
Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide (lien direct) |
The cybercriminals are now indiscriminate in the operating systems they attack. |
|
|
|
|
2021-09-08 09:47:06 |
BladeHawk attackers spy on Kurds with fake Android apps (lien direct) |
Facebook is being abused to spread surveillanceware focused on the Kurdish ethnic group. |
|
|
|
|
2021-09-06 10:18:58 |
This is the perfect ransomware victim, according to cybercriminals (lien direct) |
An investigation into what ransomware groups want has painted the picture of the perfect target. |
Ransomware
|
|
|
|
2021-09-06 08:25:00 |
Apple slams the brakes on plans to scan user images for child abuse content (lien direct) |
Backlash stemming from privacy concerns has delayed the rollout. |
|
|
|
|
2021-09-03 11:16:29 |
FTC orders SpyFone to delete all of its surveillance data (lien direct) |
The watchdog alleges the app "helped stalkers steal private information." |
|
|
|
|
2021-09-03 08:39:14 |
BitConnect director pleads guilty to role in $2 billion cryptocurrency fraud (lien direct) |
Prosecutors claim that the promoter earned over $24 million. |
|
|
|
|
2021-09-01 11:53:33 |
This is why the Mozi botnet will linger on (lien direct) |
The botnet continues to haunt IoT devices, and likely will for some time to come. |
|
|
|
|
2021-09-01 09:25:56 |
Cream Finance platform pilfered for over $34 million in cryptocurrency (lien direct) |
The project has promised to cover losses suffered by its users. |
|
|
|
|
2021-09-01 09:00:02 |
Scam artists are recruiting English speakers for business email campaigns (lien direct) |
Finding fluent speakers is becoming important to criminals conducting business-based attacks. |
|
|
|
|
2021-08-31 12:00:14 |
Initial Access Broker use, stolen account sales spike in cloud service cyberattacks (lien direct) |
Current trends also include the abuse of Docker images. |
|
|
|
|
2021-08-31 12:00:00 |
Cyberattackers are now quietly selling off their victim\'s internet bandwidth (lien direct) |
Proxyware is yet another way for criminals to generate revenue from their victims. |
|
|
|
|
2021-08-27 10:45:24 |
Parents of teens who stole $1 million in Bitcoin sued by alleged victim (lien direct) |
Clipboard malware was developed with the sole purpose of stealing cryptocurrency. |
Malware
|
|
|
|
2021-08-27 09:51:00 |
US charges HeadSpin ex-CEO over fake $1bn valuation scheme (lien direct) |
The SEC claims the startup's metrics were inflated. |
|
|
|
|
2021-08-26 16:34:56 |
Chinese developers expose data belonging to Android gamers (lien direct) |
In the end, Hong Kong CERT was contacted in an attempt to resolve the security issue. |
|
|
|
|
2021-08-25 13:00:16 |
IBM launches new SASE service to bolster zero-trust enterprise security (lien direct) |
The service is the result of a partnership with Zscaler. |
|
|
|
|
2021-08-25 09:09:49 |
Proofpoint awarded $13.5 million in IP theft lawsuit against Vade Secure (lien direct) |
The company claimed that Vade "willfully" misappropriated trade secrets. |
|
|
|
|
2021-08-10 18:12:00 |
Microsoft\'s August 2021 Patch Tuesday: 44 flaws fixed, seven critical including Print Spooler vulnerability (lien direct) |
The latest Patch Tuesday sees Microsoft release fixes for 44 different vulnerabilities, including the much-discussed Print Spooler flaw. |
Vulnerability
|
|
|
|
2021-08-09 17:42:00 |
How to find and remove spyware from your phone (lien direct) |
Surveillance isn't just the purview of nation-states and government agencies -- sometimes, it's closer to home. |
|
|
|
|
2021-08-06 11:21:30 |
Black Hat: BadAlloc bugs expose millions of IoT devices to hijack (lien direct) |
BadAlloc vulnerabilities impact millions of devices worldwide. |
|
|
|
|
2021-08-05 22:07:00 |
Black Hat: How cybersecurity incidents can become a legal minefield (lien direct) |
Facing a cyberattack? Pick up the phone and talk to legal help as well as incident response. |
|
|
|
|
2021-08-05 20:40:02 |
Black Hat: Enterprise players face \'one-two-punch\' extortion in ransomware attacks (lien direct) |
Intrusions have become even more costly to the enterprise due to double-extortion tactics. |
Ransomware
|
|
|
|
2021-08-05 10:27:59 |
There\'s been a rise in stalkerware. And the tech abuse problem goes beyond smartphones (lien direct) |
No matter how stalkerware is marketed, it is part of a wider problem: the use of technology in coercive control. |
|
|
|
|
2021-08-04 21:02:00 |
Black Hat: This is how a naive NSA staffer helped build an offensive UAE security branch (lien direct) |
If that job offer looks too good to be true, something else may be afoot. |
|
|
|
|
2021-08-04 18:52:00 |
Bob had a bad night: IoT mischief takes neighbourly revenge to the next level in a capsule hotel (lien direct) |
When you hand over control of capsule bedrooms to guests, you also offer them the means to troll others. |
|
|
|
|
2021-08-04 16:00:02 |
The Graph Foundation launches bug bounty program (lien direct) |
Bugs in scope include RCE and those leading to the loss of user funds. |
Guideline
|
|
|
|
2021-08-03 13:00:02 |
Raccoon stealer-as-a-service will now try to grab your cryptocurrency (lien direct) |
The malware has been upgraded to target even more financial information. |
Malware
|
|
★★★★★
|
|
2021-08-03 04:01:02 |
DeadRinger: Chinese APTs strike major telecommunications companies (lien direct) |
Previously unknown campaigns center around "Chinese state interests." |
|
|
|
|
2021-08-02 10:00:02 |
Ransomware operators love them: Key trends in the Initial Access Broker space (lien direct) |
In a threat actor's mind, take out the legwork, reap the proceeds of blackmail. |
Threat
|
|
|
|
2021-07-28 04:01:02 |
Enterprise data breach cost reached record high during COVID-19 pandemic (lien direct) |
IBM research estimates that the average data breach now costs upward of $4 million. |
Data Breach
|
|
|
|
2021-07-27 10:13:55 |
Malware developers turn to \'exotic\' programming languages to thwart researchers (lien direct) |
They are focused on exploiting pain points in code analysis and reverse-engineering. |
|
|
|
|
2021-07-26 11:49:00 |
Twitter handle swatter jailed after victim dies following home raid (lien direct) |
The 60-year-old victim's daughter believes he was "scared to death." |
|
|
|
|
2021-07-26 10:36:52 |
WhatsApp chief says government officials, US allies targeted by Pegasus spyware (lien direct) |
The officials were allegedly targeted in attacks dating back to 2019. |
|
|
|
|
2021-07-23 13:01:08 |
GitHub boosts supply chain security for Go modules (lien direct) |
Go is now one of the most popular programming languages on the platform. |
|
|
|
|
2021-07-21 10:00:01 |
$49 malware receives major upgrade to strike both Windows and macOS PCs (lien direct) |
The new family stems from Formbook, an old but prevalent malware strain. |
Malware
|
|
|
|
2021-07-21 09:13:33 |
Joker billing fraud malware found in Google Play Store (lien direct) |
The Android malware circumvented security controls by using short URL tricks. |
Malware
|
|
|
|
2021-07-20 11:00:02 |
HP patches vulnerable driver lurking in printers for 16 years (lien direct) |
Cyberattackers could exploit the bug to secure system-level privileges. |
|
|
|
|
2021-07-20 09:44:41 |
Microsoft heads to court to take on imposter, homoglyph domains (lien direct) |
Fake domains impersonating Microsoft are a thorn not only in the company's side but in that of its customers. |
|
|
|
|
2021-07-19 14:47:00 |
(Déjà vu) UK and White House blame China for Microsoft Exchange Server hack (lien direct) |
Updated: The UK government says the country is responsible for "systematic cyber sabotage." |
Hack
|
|
★★
|
|
2021-07-19 11:18:49 |
UK blames China for Microsoft Exchange Server hack (lien direct) |
The government says the country is responsible for "systematic cyber sabotage." |
Hack
|
|
|
|
2021-07-19 10:26:51 |
NSO Group\'s Pegasus spyware used against journalists, political activists worldwide: report (lien direct) |
A probe into the group suggests that its products are being used for purposes beyond criminal or terrorist investigations. |
|
|
|
|
2021-07-19 08:47:12 |
Facebook fights Biden claim that social media is \'killing people\' through anti-vax, COVID-19 misinformation spread (lien direct) |
Facebook says it is time to move past "finger pointing." |
|
|
|