Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-03-08 22:00:29 |
Helpful(?) coding tips from the CIA\'s school of hacks (lien direct) |
WikiLeaks dump includes a best (and worst) practices guide for exploit developers. |
|
|
|
|
2017-03-07 22:47:02 |
After NSA hacking exposé, CIA staffers asked where Equation Group went wrong (lien direct) |
CIA hackers wasted no time analyzing the blunders made by their NSA counterparts. |
|
|
|
|
2017-03-07 16:26:13 |
WikiLeaks publishes docs from what it says is trove of CIA hacking tools (lien direct) |
Docs claim CIA can defeat WhatsApp, Signal, Telegram encryption, among other apps. |
|
|
|
|
2017-03-06 23:53:27 |
This hard drive will self destruct. Data-wiping malware targets Europe (lien direct) |
Meaner strain of Shamoon makes comeback, joined by new, never-before disk wiper. |
|
|
|
|
2017-03-03 07:49:49 |
Mike Pence used an AOL e-mail account for state business and it got hacked (lien direct) |
As a candidate, Trump VP castigated Clinton for use of a private e-mail server. |
|
|
|
|
2017-03-02 16:52:49 |
Researchers uncover PowerShell Trojan that uses DNS queries to get its orders (lien direct) |
Delivered by "secure" Word doc, pure PowerShell malware fetches commands from DNS TXT records. |
|
|
|
|
2017-03-02 01:10:14 |
Yahoo cookie hacks affected 32 million accounts, CEO forgoes bonus (lien direct) |
Nation-sponsored attackers targeted 26 specific accounts. |
|
Yahoo
|
|
|
2017-03-01 19:07:58 |
132 Google Play apps tried to infect Android users with… Windows malware (lien direct) |
Researchers suspect developers didn't intentionally spawn the malicious apps. |
|
|
|
|
2017-02-28 19:13:15 |
Researchers find “severe†flaw in WordPress plugin with 1 million installs (lien direct) |
If you use NextGEN Gallery, now would be a good time to update. |
|
|
|
|
2017-02-28 01:12:21 |
Creepy IoT teddy bear leaks >2 million parents\' and kids\' voice messages (lien direct) |
Publicly accessible database wasn't even protected by a password. |
|
|
|
|
2017-02-27 21:05:33 |
Google reports “high-severity†bug in Edge/IE, no patch available (lien direct) |
String of unpatched security flaws comes after February Patch Tuesday was canceled. |
|
|
|
|
2017-02-24 20:28:23 |
Watershed SHA1 collision just broke the WebKit repository, others may follow (lien direct) |
"Please exercise care" with colliding PDFs, researchers advise software developers. |
|
|
|
|
2017-02-24 16:49:29 |
Apple deleted server supplier after finding infected firmware in servers [Updated] (lien direct) |
Report: Siri, internal development servers affected by fake firmware patch.
|
|
|
|
|
2017-02-24 01:35:37 |
Serious Cloudflare bug exposed a potpourri of secret customer data (lien direct) |
Service used by 5.5 million websites may have leaked passwords and authentication tokens. |
|
|
|
|
2017-02-23 19:42:07 |
Frank Abagnale, world-famous con man, explains why technology won\'t stop breaches (lien direct) |
The man who once pretended to be a doctor explains identity theft to the health industry at HIMMS. |
|
|
|
|
2017-02-23 13:01:31 |
At death\'s door for years, widely used SHA1 function is now dead (lien direct) |
Algorithm underpinning Internet security falls to first-known collision attack. |
|
|
|
|
2017-02-21 15:45:51 |
Hacks all the time. Engineers recently found Yahoo systems remained compromised (lien direct) |
Company knocks $350 million off its purchase price. |
|
Yahoo
|
|
|
2017-02-20 21:38:31 |
Hackers who took control of PC microphones siphon >600 GB from 70 targets (lien direct) |
Critical infrastructure, media, and scientists targeted by suspected nation-state. |
|
|
|
|
2017-02-19 22:14:57 |
Trump\'s apparent security faux-pas-palooza triggers call for House investigation (lien direct) |
Rep. Ted Lieu and others ask Chaffetz and Cummings to look into "troubling reports." |
|
|
|
|
2017-02-19 19:26:16 |
“Secure†Trump website defaced by hacker claiming to be from Iraq (lien direct) |
"Pro_Mast3r" takes over server associated with campaign donations. |
|
|
|
|
2017-02-17 18:29:48 |
Researchers discover security problems under the hood of automobile apps (lien direct) |
Kaspersky researchers find Android apps for connected cars soft targets for hackers. |
|
|
|
|
2017-02-17 13:52:46 |
USB Killer now lets you fry most Lightning and USB-C devices for $55 (lien direct) |
Plus a new, stealthy "anonymous" stick, because that's what the world really needed. |
|
|
|
|
2017-02-15 23:35:34 |
Yahoo reveals more breachiness to users victimized by forged cookies (lien direct) |
Some accounts may have been accessed with forged cookies as recently as 2016. |
|
Yahoo
|
|
|
2017-02-15 18:23:30 |
House members: EPA officials may be using Signal to “spread their goals covertly†(lien direct) |
Encrypted messaging app gains new currency under the Trump administration. |
|
|
|
|
2017-02-15 06:52:42 |
New ASLR-busting JavaScript is about to make drive-by exploits much nastier (lien direct) |
A property found in virtually all modern CPUs neuters decade-old security protection. |
|
|
|
|
2017-02-14 21:40:51 |
New Mac malware pinned on same Russian group blamed for election hacks (lien direct) |
Xagent for Macs steals passwords, grabs screenshots, and exfiltrates iPhone backups. |
|
|
|
|
2017-02-14 18:05:56 |
Amnesty International uncovers phishing campaign against human rights activists (lien direct) |
Attacker targeted groups in Qatar, Nepal using extensive fake social media profile. |
|
|
|
|
2017-02-14 01:01:05 |
Now sites can fingerprint you online even when you use multiple browsers (lien direct) |
Online tracking gets more accurate and harder to evade. |
|
|
|
|
2017-02-13 22:45:40 |
How to not do presidential opsec: Crisis management over dinner in public (lien direct) |
Trump's response to N. Korea missile was posted on Facebook by Mar-a-Lago guests. |
|
|
|
|
2017-02-10 22:28:08 |
Virally growing attacks on unpatched WordPress sites affect ~2m pages (lien direct) |
It's all fun and games until someone executes malicious code. That may be next. |
|
|
|
|
2017-02-09 19:41:41 |
Newly discovered flaw undermines HTTPS connections for almost 1,000 sites (lien direct) |
"Ticketbleed" bug in F5 firewalls is no Heartbleed, but it still poses a threat. |
|
|
|
|
2017-02-08 23:30:43 |
Mac malware is still crude, but it\'s slowly catching up to its Windows rivals (lien direct) |
A tale of two attacks that both target MacOS users. |
|
|
|
|
2017-02-08 17:41:17 |
Leave Spicer alone! (Or, why DNS registration is horrible) (lien direct) |
He registered domains years ago, leaving personal data exposed-like lots of people. |
|
|
|
|
2017-02-08 09:01:21 |
A rash of invisible, fileless malware is infecting banks around the globe (lien direct) |
Once the province of nation-sponsored hackers, in-memory malware goes mainstream. |
|
|
|
|
2017-02-08 00:50:50 |
Fun, games, and security: WarCollar\'s DopeScope and Booby Trap (lien direct) |
It's all fun and games until someone loses a password. |
|
|
|
|
2017-02-07 20:10:22 |
As Valve eradicates serious bug in Steam, here\'s what you need to know (lien direct) |
Booby-trapped profiles could be used to spend visitors' market funds, experts warn. |
|
|
|
|
2017-02-07 13:38:39 |
Google Brain super-resolution image tech makes “zoom, enhance!†real (lien direct) |
Google Brain creates new image details out of thin air. |
|
|
|
|
2017-02-07 01:05:48 |
Former NSA contractor may have stolen 75% of TAO\'s elite hacking tools (lien direct) |
Prosecutors reportedly plan to charge Harold T. Martin with espionage. |
|
|
|
|
2017-02-06 23:38:03 |
Dozens of popular iOS apps vulnerable to intercept of TLS-protected data (lien direct) |
76 apps in Apple's App Store still don't use best practices to protect user data. |
|
|
|
|
2017-02-06 20:42:18 |
Vizio smart TVs tracked viewers around the clock without consent (lien direct) |
Manufacturer will pay $2.2 million and delete data to settle privacy-invasion charges. |
|
|
|
|
2017-02-05 21:22:25 |
Denuvo forgets to secure server, leaks years of messages from game makers (lien direct) |
Massive log file includes user complaints, apparently legitimate developer requests. |
|
|
|
|
2017-02-03 22:11:01 |
Op-ed: Windows 10 0day exploit goes wild, and so do Microsoft marketers (lien direct) |
Customers want objective threat guidance, not cheap shots at Microsoft rivals. |
|
|
|
|
2017-02-02 20:34:09 |
Radio stations that ignored major vulnerability start playing anti-Trump song (lien direct) |
Vulnerability had been known for nearly a year, flared up shortly after inauguration. |
|
|
|
|
2017-02-02 19:12:23 |
How Google fought back against a crippling IoT-powered botnet and won (lien direct) |
Behind the scenes defending KrebsOnSecurity against record-setting DDoS attacks. |
|
|
|
|
2017-02-01 01:20:25 |
In not-too-distant future, brain hackers could steal your deepest secrets (lien direct) |
Religious beliefs, political leanings, and medical conditions are up for grabs. |
|
|
|
|
2017-01-31 01:10:16 |
Forgotten passwords are bane of the Internet. Facebook wants to fix that (lien direct) |
New Facebook service aims to make security questions a thing of the past. |
|
|
|
|
2017-01-30 19:12:49 |
DC police surveillance cameras were infected with ransomware before inauguration (lien direct) |
Malware seized 70 percent of DC police DVRs a week before Trump's inauguration. |
|
|
|
|
2017-01-28 19:40:36 |
Majority of Android VPNs can\'t be trusted to make users more secure (lien direct) |
Study of nearly 300 apps finds shocking omissions, including a failure to encrypt. |
|
|
|
|
2017-01-27 14:16:23 |
It might be time to stop using antivirus (lien direct) |
Update your software and OS regularly instead, practice skeptical computing. |
|
|
|
|
2017-01-27 12:00:49 |
“You took so much time to joke meâ€-two hours trolling a Windows support scammer (lien direct) |
"Albert Morris" and team get taken for a ride while we tried to track their tradecraft. |
|
|
|