Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-09-11 11:43:00 |
IRS offers grants for software to trace privacy-focused cryptocurrency trades (lien direct) |
Grants of up to $625,000 will be issued in exchange for cryptocurrency tracking technologies. |
|
|
|
|
2020-09-11 09:24:36 |
ThreatConnect acquires enterprise risk management firm Nehemiah Security (lien direct) |
ThreatConnect aims to create a full security lifestyle solutions portfolio suitable for enterprise players. |
|
|
|
|
2020-09-10 19:46:00 |
Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns (lien direct) |
Microsoft said the "majority of these attacks" were detected and blocked. |
|
|
|
|
2020-09-10 13:00:05 |
Ransomware accounted for 41% of all cyber insurance claims in H1 2020 (lien direct) |
Cyber insurance claims ranged in size from $1,000 to well over $2,000,000 per security incident. |
Ransomware
|
|
|
|
2020-09-10 12:28:52 |
Secureworks acquires vulnerability management platform Delve (lien direct) |
Delve's SaaS solution will join the Secureworks portfolio. |
Vulnerability
|
|
|
|
2020-09-10 10:35:00 |
New CDRThief malware targets VoIP softswitches to steal call detail records (lien direct) |
Malware targets only two very specific softswitches (software switches): Linknat VOS2009 and VOS3000. |
Malware
|
|
|
|
2020-09-10 10:14:00 |
Privacy concerns prompt Irish regulators to ask Facebook to stop sending EU user data to the US (lien direct) |
A preliminary order brings to light concerns over US surveillance activities. |
|
|
|
|
2020-09-10 08:49:00 |
Data center giant Equinix discloses ransomware incident (lien direct) |
Equinix says ransomware hit internal systems but that data centers are OK. |
Ransomware
|
|
|
|
2020-09-10 08:00:00 |
ProLock ransomware - everything you need to know (lien direct) |
New strain joins the big players on the ransomware scene. |
Ransomware
|
|
|
|
2020-09-10 01:05:03 |
Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack (lien direct) |
Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets were stolen in the hack. |
Hack
|
|
|
|
2020-09-09 23:01:37 |
Raccoon attack allows hackers to break TLS encryption \'under certain conditions\' (lien direct) |
The Raccoon attack is described as "really hard to exploit" and its conditions as "rare." |
|
|
|
|
2020-09-09 19:18:00 |
BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys (lien direct) |
All devices using the Bluetooth standard 4.0 through 5.0 are vulnerable. Patches not immediately available. |
Vulnerability
|
|
|
|
2020-09-09 10:58:14 |
Weave Scope is now being exploited in attacks against cloud environments (lien direct) |
The legitimate cloud infrastructure monitoring tool has been added to attacker arsenals. |
Tool
|
|
|
|
2020-09-09 09:25:49 |
Adobe Experience Manager, InDesign, Framemaker receive fixes for critical bugs in new update (lien direct) |
The worst issues can lead to code and browser-based JavaScript execution. |
Guideline
|
|
|
|
2020-09-08 17:35:00 |
Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities (lien direct) |
Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. |
|
|
|
|
2020-09-08 15:19:00 |
City of Hartford postpones first day of school after ransomware attack (lien direct) |
Ransomware attack impacted the IT system that the school district uses to manage school buses and transportation routes. |
Ransomware
|
|
|
|
2020-09-08 09:44:10 |
Researcher reveals Google Maps XSS bug, patch bypass (lien direct) |
The bounty was doubled after the bug bounty hunter realized the original fix had failed. |
|
|
|
|
2020-09-08 04:00:03 |
Academics find crypto bugs in 306 popular Android apps, none get patched (lien direct) |
Only 18 of 306 app developers replied to the research team, only 8 engaged with the team after the first email. |
|
|
|
|
2020-09-08 02:48:59 |
France, Japan, New Zealand warn of sudden spike in Emotet attacks (lien direct) |
Emotet activity has ramped up to new levels in September 2020, alarming some cyber-security agencies. |
|
|
|
|
2020-09-07 16:31:00 |
Chilean bank shuts down all branches following ransomware attack (lien direct) |
All BancoEstado branches will remain closed on Monday, September 7, and possibly more days. |
Ransomware
|
|
|
|
2020-09-07 13:00:15 |
Money from bank hacks rarely gets laundered through cryptocurrencies (lien direct) |
SWIFT: "Identified cases of laundering through cryptocurrencies remain relatively small compared to the volumes of cash laundered through traditional methods." |
|
|
|
|
2020-09-07 13:00:03 |
Webmaster forum database exposed data of 800,000 users (lien direct) |
A database belonging to Digital Point exposed user email addresses, names, and more. |
|
|
|
|
2020-09-07 01:12:00 |
Most cyber-security reports only focus on the cool threats (lien direct) |
Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. |
Threat
|
|
|
|
2020-09-06 08:46:32 |
Millions of WordPress sites are being probed & attacked with recent plugin bug (lien direct) |
An easy-to-exploit vulnerability in a popular WordPress plugin has triggered an internet-wide hacking spree. |
Vulnerability
|
|
|
|
2020-09-05 19:13:56 |
Malware gang uses .NET library to generate Excel docs that bypass security checks (lien direct) |
They were still Excel documents. Just not your typical Excel files. Enough to trick some security systems, though. |
Malware
|
|
|
|
2020-09-04 23:17:00 |
White House publishes a cyber-security rulebook for space systems (lien direct) |
Nothing in it about protecting thermal exhaust ports, though. |
|
|
|
|
2020-09-04 18:06:00 |
Threema E2EE chat app to go \'fully open source\' within months (lien direct) |
Threema follows in the footsteps of Signal and Wickr and opens its apps' codebase. |
|
|
|
|
2020-09-04 13:56:25 |
US election: Two-thirds of typosquatted domains are non-malicious or parked sites (lien direct) |
Digital Shadows researchers analyzed 225 typosquatted domains registered using election-related terms such as Trump, Biden, Pence, and others. |
|
|
|
|
2020-09-04 10:12:00 |
Firefox will add a new drive-by-download protection (lien direct) |
Firefox will block automatic downloads initiated from sandboxed iframes -- the technology usually used for web embeds. |
|
|
|
|
2020-09-03 23:11:58 |
Warner Music discloses months-long web skimming incident (lien direct) |
Magecart hacker gangs strike again! |
|
|
|
|
2020-09-03 21:00:05 |
Facebook explains how it will notify third-parties about bugs in their products (lien direct) |
Companies have 21 days to acknowledge reports and 90 days to patch vulnerabilities; otherwise, Facebook will go public with bug details. |
|
|
|
|
2020-09-03 21:00:04 |
Facebook to list all WhatsApp security issues on a new dedicated website (lien direct) |
New WhatsApp web page will let users and security researchers know when Facebook engineers patched a major security hole. |
|
|
|
|
2020-09-03 14:51:43 |
European ISPs report mysterious wave of DDoS attacks (lien direct) |
Over the past week, multiple ISPs in Belgium, France, and the Netherlands reported DDoS attacks that targeted their DNS infrastructure. |
|
|
|
|
2020-09-03 13:02:08 |
MIT SCRAM: a new analysis platform for prioritizing enterprise security investments (lien direct) |
The platform shows that data analysis can provide actionable insight for enterprise security. |
|
|
|
|
2020-09-03 11:03:20 |
Inter: a \'low bar\' kit for Magecart credit card skimmer attacks on e-commerce websites (lien direct) |
Researchers say that any attacker with a “little cash to burn” can join the attack trend. |
|
|
|
|
2020-09-03 09:29:35 |
WordPress File Manager plugin flaw causing website hijack exploited in the wild (lien direct) |
The critical vulnerability has been utilized in hundreds of thousands of attacks. |
Vulnerability
|
|
|
|
2020-09-03 08:52:33 |
Former IT director gets jail time for selling government\'s Cisco gear on eBay (lien direct) |
Former Horry County IT security director sentenced to two years in federal prison. |
|
|
|
|
2020-09-02 21:14:00 |
Google removes Android app that was used to spy on Belarusian protesters (lien direct) |
App mimicked a popular anti-government news site and collected location and device owner details. |
|
|
|
|
2020-09-02 17:37:23 |
DNS-over-HTTPS (DoH) support added to Chrome on Android (lien direct) |
DoH support added to Chrome 85, released last week, and slowly rolling out to all Android users in the coming weeks. |
|
|
|
|
2020-09-02 16:00:04 |
Backdoors left unpatched in MoFi routers (lien direct) |
MoFi Network patched only six of ten reported vulnerabilities, leaving three hard-coded undocumented backdoor systems in place. |
|
|
|
|
2020-09-02 09:30:08 |
New KryptoCibule Windows malware is a triple threat for cryptocurrency users (lien direct) |
The malware has been active since late 2018 and has targeted users in the Czech Republic and Slovakia primarily (for now). |
Threat
Malware
|
|
|
|
2020-09-02 08:29:45 |
AusCERT says alleged DoE hack came from a third-party (lien direct) |
AusCERT says a data breach occurred at K7Maths, a company providing services to schools. |
Data Breach
Hack
|
|
|
|
2020-09-01 22:35:39 |
CISA and FBI say they have not seen cyber-attacks this year on voter registration databases (lien direct) |
CISA and the FBI issue a joint statement about election and voter database hacking threats after a misleading article in Russian media today. |
Guideline
|
|
|
|
2020-09-01 18:50:27 |
Facebook and Twitter suspend Russian propaganda accounts following FBI tip (lien direct) |
The banned accounts belonged to PeaceData, a news website publishing misleading articles about world politics. |
Guideline
|
|
|
|
2020-09-01 17:30:33 |
Norwegian Parliament discloses cyber-attack on internal email system (lien direct) |
Norway's Parliament, Stortinget, says hackers gained access and downloaded content for "a small number of parliamentary representatives and employees." |
|
|
|
|
2020-09-01 11:13:24 |
FBI warned of how Ring doorbell surveillance can be used against police officers (lien direct) |
Smart doorbells can provide the police with valuable intelligence -- but the network can also be turned against them. |
|
|
|
|
2020-09-01 08:34:48 |
Tor launches membership program to secure finance, boost integration (lien direct) |
Members include Avast, DuckDuckGo, and Insurgo. |
|
|
|
|
2020-09-01 02:02:53 |
Iranian hackers are selling access to compromised companies on an underground forum (lien direct) |
The Iranian hacker group who's been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers. |
|
|
|
|
2020-09-01 00:49:32 |
Average BEC attempts are now $80k, but one group is aiming for $1.27m per attack (lien direct) |
A Russian cyber-crime group named Cosmic Lynx has been focused on tricking companies into sending over huge wire transfers. |
|
|
|
|
2020-08-31 18:06:16 |
Mozilla research: Browsing histories are unique enough to reliably identify users (lien direct) |
Online advertisers don't need huge lists of the sites we access. Just 50-150 of our favorite sites are enough. |
|
|
|