Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-07 10:13:26 |
New wormable Android malware poses as Netflix to hijack WhatsApp sessions (lien direct) |
Users are lured in with the promise of a free premium subscription. |
Malware
|
|
|
|
2021-04-07 08:48:46 |
Data of 553m Facebook users dumped online: how to see if you are impacted (lien direct) |
The data is old but that doesn't mean it still can't be used. |
|
|
|
|
2021-04-06 13:12:00 |
SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications (lien direct) |
New research also reveals that SAP vulnerabilities, on average, are weaponized in less than 72 hours. |
|
|
|
|
2021-04-06 10:09:21 |
Industries critical to COVID-19 response suffer surge in cloud cyberattacks (lien direct) |
An increase in cloud adoption is being blamed for new security chasms. |
|
|
|
|
2021-04-06 09:42:17 |
Meet Janeleiro: a new banking Trojan striking company, government targets (lien direct) |
The .NET Trojan's developers don't seem to care about staying undetected. |
|
|
|
|
2021-04-06 07:17:47 |
FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited (lien direct) |
APT groups are suspected of harnessing three bugs, two critical, for data exfiltration purposes. |
|
|
|
|
2021-04-01 08:39:27 |
DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks (lien direct) |
Over $8 million was earned through affiliate marketing for illegal marketplaces. |
|
|
|
|
2021-04-01 07:24:04 |
Google: North Korean hackers are targeting researchers through fake offensive security firm (lien direct) |
Google TAG warns of the group using zero-day exploits after reaching out to targets on social media. |
|
|
|
|
2021-03-31 13:07:13 |
Gaming mods, cheat engines are spreading Trojan malware and planting backdoors (lien direct) |
Mods and cheat systems for games are being exploited to deploy information-stealing malware. |
Malware
|
|
|
|
2021-03-31 12:26:21 |
Child tweets on behalf of nuke, space mission agency US Strategic Command (lien direct) |
The gibberish tweet left some amused, some concerned that the account had been compromised. |
|
|
|
|
2021-03-31 11:07:05 |
VMware patches critical vRealize Operations platform vulnerabilities (lien direct) |
Administrator credentials could be stolen by exploiting the bugs. |
|
|
|
|
2021-03-31 09:01:00 |
Pandemic threats: The common threads in COVID-19 scams and criminal schemes (lien direct) |
Researchers explore how cybercriminals have exploited the coronavirus pandemic over the past year. |
|
|
|
|
2021-03-31 07:38:24 |
Whistleblower claims Ubiquiti Networks data breach was \'catastrophic\' (lien direct) |
The source alleges the January security incident was severely downplayed. |
Data Breach
|
|
|
|
2021-03-30 11:11:00 |
Department of Homeland Security email accounts exposed in SolarWinds hack (lien direct) |
Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco. |
Threat
Hack
|
|
|
|
2021-03-30 10:15:42 |
Panasonic, McAfee team up to tackle vehicle cybersecurity (lien direct) |
Early response tech for physical attacks and cyber intrusions is on the list for development. |
|
|
|
|
2021-03-30 09:32:06 |
Ransomware group targets Universities of Maryland, California in new data leaks (lien direct) |
This follows similar extortion attempts impacting two other US universities this month. |
|
|
|
|
2021-03-29 13:45:17 |
Official PHP Git server targeted in attempt to bury malware in code base (lien direct) |
The cyberattack has prompted a rapid and permanent move to GitHub. |
Malware
|
|
|
|
2021-03-29 10:05:23 |
US charges close to 500 individuals for COVID-19 fraud, criminal activity (lien direct) |
Everything from PPE fraud, disaster loan schemes, and unemployment scams are on the books. |
|
|
|
|
2021-03-29 07:02:19 |
This Android malware hides as a System Update app to spy on you (lien direct) |
The spyware triggers when certain actions are performed, such as new adding a contact. |
Malware
|
|
|
|
2021-03-29 06:10:28 |
Brian Krebs: No, I didn\'t hack your Microsoft Exchange server (lien direct) |
The KrebsOnSecurity name is, once again, being abused by cyberattackers. |
Hack
|
|
|
|
2021-03-26 10:00:00 |
Hades ransomware operators are hunting big game in the US (lien direct) |
Companies with annual revenues of over $1 billion are being targeted. |
Ransomware
|
|
|
|
2021-03-25 15:44:44 |
Severe vulnerabilities patched in Facebook for WordPress Plugin (lien direct) |
The worst bug leads to remote code execution, if exploited. |
Guideline
|
|
|
|
2021-03-25 13:00:04 |
Cloudflare launches Page Shield to thwart Magecart card skimming attacks (lien direct) |
Magecart attacks remain a prolific threat to the security of our financial data. |
Threat
|
|
|
|
2021-03-25 09:56:18 |
University students refunded for false ads touting job opportunities with Microsoft, Twitter (lien direct) |
The FTC says students were impacted by the school's “deceptive ads.” |
|
|
|
|
2021-03-24 13:57:14 |
Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million (lien direct) |
Free trials can cost mobile app users thousands of dollars in the long run. |
|
|
|
|
2021-03-24 12:44:00 |
SaltStack revises partial patch for command injection, privilege escalation vulnerability (lien direct) |
The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure. |
Vulnerability
|
|
|
|
2021-03-24 11:21:49 |
Purple Fox malware evolves to propagate across Windows machines (lien direct) |
The malware's new worm capabilities have resulted in a rapidly-increasing infection rate. |
Malware
|
|
|
|
2021-03-24 10:05:30 |
Microsoft: 92% of vulnerable exchange servers are now patched, mitigated (lien direct) |
The latest telemetry suggests IT admins are taking the threat seriously. |
Threat
|
|
|
|
2021-03-23 13:47:56 |
Cybercriminals exchange tips on avoiding arrest, jail in underground forums (lien direct) |
Covering early mistakes, who to target, and what to do when on the verge of arrest are all hot topics. |
|
|
|
|
2021-03-23 13:27:15 |
Debt-chasing UK councils potentially expose private resident data (lien direct) |
Text reminders for debts to be paid opened up a security chasm for thousands of taxpayers. |
|
|
|
|
2021-03-23 13:00:03 |
Cloudflare debuts zero-trust browsing service for remote enterprise workforce (lien direct) |
Browsers will run under Cloudflare's umbrella in an attempt to isolate sessions from cyberattacks. |
|
|
|
|
2021-03-23 11:36:21 |
Oil giant Shell discloses data breach linked to Accellion FTA vulnerability (lien direct) |
The information of stakeholders has been compromised. |
Data Breach
Vulnerability
|
|
|
|
2021-03-23 09:02:52 |
IT admin with axe to grind sent to prison for wiping Microsoft user accounts (lien direct) |
The victim company's operations ground to a halt following the attack. |
|
|
|
|
2021-03-22 13:00:00 |
API security becomes a \'top\' priority for enterprise players (lien direct) |
As API attacks rise, the security surrounding their usage is now firmly on the radar. |
|
|
|
|
2021-03-22 12:05:00 |
Mozilla Firefox tweaks Referrer Policy to shore up user privacy (lien direct) |
Starting in Firefox 87, the browser will contain extra protections to stop information leaks. |
|
|
|
|
2021-03-22 08:28:40 |
China takes aim at \'spying\' Tesla cars, bans military staff use (lien direct) |
Musk has protested that his company would be “shut down” if the claims were true. |
|
|
|
|
2021-03-22 04:01:03 |
Popular remote lesson monitoring program could be exploited to attack student PCs (lien direct) |
The vulnerabilities allowed attackers full and unfettered access to student PCs. |
|
|
|
|
2021-03-19 12:40:50 |
SEC charges co-founders of bankrupt uBiome medical testing startup with operating $60m fraud (lien direct) |
The US agency claims uBiome's apparent success was only due to a web of deceit. |
|
|
|
|
2021-03-19 11:41:23 |
Fraudsters jump on Clubhouse hype to push malicious Android app (lien direct) |
The BlackRock Trojan is lurking in the malicious, fake Android version of Clubhouse. |
|
|
|
|
2021-03-19 09:34:47 |
Microsoft Defender Antivirus now automatically mitigates Exchange Server vulnerabilities (lien direct) |
Mitigation fixes will be applied automatically in a renewed effort by Microsoft to contain security incidents caused by the bugs. |
|
|
|
|
2021-03-18 16:04:06 |
SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (lien direct) |
Existing victim networks are used to test out payloads as a novel form of sandbox. |
|
|
|
|
2021-03-18 13:00:05 |
Apple developers targeted by new malware, EggShell backdoor (lien direct) |
macOS malware is being spread via compromised Xcode projects. |
Malware
|
|
|
|
2021-03-18 13:00:00 |
US taxpayers targeted in NetWire, Remcos Trojan attack wave (lien direct) |
Cyberattackers are looking to cash in on this year's tax season. |
|
|
|
|
2021-03-18 08:50:33 |
Mimecast reveals source code theft in SolarWinds hack (lien direct) |
Some customer records were also compromised in the breach. |
Hack
|
|
|
|
2021-03-17 11:00:13 |
\'Bit-Con\' Twitter teen hacker accepts plea agreement, three years behind bars (lien direct) |
The teenager was responsible for breaking into the accounts of Elon Musk, Bill Gates, and others to tout a Bitcoin scam. |
|
|
|
|
2021-03-17 10:00:03 |
Coalition raises $175 million to boost cyber insurance offerings (lien direct) |
The company says it is now valued at $1.75 billion. |
|
|
|
|
2021-03-17 09:42:21 |
FBI warns of rise in PYSA ransomware operators targeting US, UK schools (lien direct) |
Data is being stolen ahead of encryption in extortion attempts. |
Ransomware
|
|
|
|
2021-03-17 08:57:39 |
Recorded Future acquires Gemini Advisory in $52 million deal (lien direct) |
The company will leverage the purchase to carve a place in the fraud analytics market. |
|
|
|
|
2021-03-16 10:09:58 |
SEC charges US trader for allegedly abusing Twitter to pump cannabis penny stock prices (lien direct) |
The agency says social media was used in an alleged pump-and-dump scam. |
|
|
|
|
2021-03-16 08:41:26 |
(Déjà vu) Microsoft releases one-click mitigation tool for Exchange Server hacks (lien direct) |
Another tool is at the disposal of admins struggling to protect their systems. |
Tool
|
|
|