Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-03-14 20:24:00 |
Two-thirds of all Android antivirus apps are frauds (lien direct) |
Only 23 Android antivirus apps had a 100 percent detection rate with no false positives. |
|
|
|
|
2019-03-14 11:51:04 |
Proof-of-concept code published for Windows 7 zero-day (lien direct) |
More details emerge about the two Windows zero-days that Microsoft patched this Tuesday. |
|
|
|
|
2019-03-14 02:45:05 |
US senators want to know how many times they\'ve been hacked (lien direct) |
Two senators request US Senate Sergeant at Arms to reveal cyber-attack statistics. |
|
|
|
|
2019-03-14 01:31:01 |
New BitLocker attack puts laptops storing sensitive data at risk (lien direct) |
New Zealand security researcher details never-before-seen attack for recovering BitLocker keys. |
|
|
|
|
2019-03-13 21:25:00 |
Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware (lien direct) |
Dr.Web: 39 percent of all Counter-Strike 1.6 servers were malicious and tried to infect users with malware. |
Malware
|
|
|
|
2019-03-13 16:39:00 |
Apple, Google, GoDaddy misissued TLS certificates with weak serial numbers (lien direct) |
Multiple CAs have misissued over 1.2 million TLS certs with weak 63-bit serial numbers, instead of the standard of 64 bits. |
|
|
|
|
2019-03-13 13:00:00 |
Almost 150 million users impacted by new SimBad Android adware (lien direct) |
SimBad adware found in 210 Android apps available on the official Google Play Store. |
|
|
|
|
2019-03-12 23:44:00 |
Google Chrome 73 released with dark mode support on macOS (lien direct) |
Chrome 73 also comes with built-in support for the multimedia keys on your keyboard. |
|
|
|
|
2019-03-12 21:52:00 |
(Déjà vu) Microsoft March Patch Tuesday comes with fixes for two Windows zero-days (lien direct) |
Microsoft patches 64 vulnerabilities in the March 2019 Patch Tuesday, 17 of which are rated critical. |
|
|
|
|
2019-03-12 16:23:00 |
Vulnerability in Swiss e-voting system could have led to vote alterations (lien direct) |
A fix has been deployed to Switzerland's e-voting system, slated to roll out later this year. |
Vulnerability
|
|
|
|
2019-03-12 12:13:00 |
\'Yelp for conservatives\' MAGA app leaks users data (lien direct) |
63Red Safe app left its backend API exposed online without authentication. |
|
|
|
|
2019-03-12 00:25:01 |
WordPress shopping sites under attack (lien direct) |
Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites. |
|
|
|
|
2019-03-11 22:33:02 |
Google Chrome to block automatic downloads initiated from ad slot iframes (lien direct) |
Google continues its crusade against "drive-by download" attack vectors. |
|
|
|
|
2019-03-11 19:54:05 |
Companies are leaking sensitive files via Box accounts (lien direct) |
Leaks discovered at Apple, the Discovery Channel, Herbalife, Schneider Electric, and even Box itself. |
|
|
|
|
2019-03-11 17:27:04 |
Chinese hacking group backdoors products from three Asian gaming companies (lien direct) |
ESET suspects that tens or hundreds of thousands of users have been infected already. |
|
|
|
|
2019-03-11 14:28:02 |
Samsung Galaxy S10 facial recognition fooled by a video of the phone owner (lien direct) |
There's a reason why Samsung tells users to avoid using facial recognition screen locking on Galaxy S10 smartphones. |
|
|
|
|
2019-03-10 12:49:03 |
Facebook sues Ukrainian browser extension makers for scraping user data (lien direct) |
Facebook said the malicious extensions were installed by more than 63,000 users. |
|
|
|
|
2019-03-10 02:26:04 |
Avast and Emsisoft release free decrypters for BigBobRoss ransomware (lien direct) |
BigBobRoss ransomware has been active since mid-January. |
Ransomware
|
|
|
|
2019-03-09 15:32:00 |
Georgia county pays a whopping $400,000 to get rid of a ransomware infection (lien direct) |
County hired cyber-security consultant to negotiate ransom fee with hacker group. |
Ransomware
|
|
|
|
2019-03-09 08:30:00 |
Study shows programmers will take the easy way out and not implement proper password security (lien direct) |
A student or a programmer hired from Freelancer.com? Doesn't really matter. Both don't know that many things about password security. |
|
|
|
|
2019-03-08 18:23:00 |
Citrix discloses security breach of internal network (lien direct) |
Citrix learned of the hack from the FBI. Hackers stole business documents. |
Hack
|
|
|
|
2019-03-08 15:25:00 |
Marriott CEO shares post-mortem on last year\'s hack (lien direct) |
Marriott investigators found Mimikatz and a remote access trojan (RAT) on hacked Starwood IT system. |
Hack
|
|
|
|
2019-03-08 13:46:03 |
Smart \'unhackable\' car alarms open the doors of 3 million vehicles to hackers (lien direct) |
The moment you call a product “unhackable” you are asking for trouble. |
|
|
|
|
2019-03-08 12:01:03 |
809 million records exposed by email marketing giant (lien direct) |
All you needed to access the records' database was an Internet connection. |
|
|
|
|
2019-03-07 22:17:04 |
Google: Chrome zero-day was used together with a Windows 7 zero-day (lien direct) |
Google reveals Windows 7 zero-day. Microsoft is working on a fix. |
|
|
|
|
2019-03-07 19:10:03 |
Facebook removes disinformation accounts from the UK and Romania (lien direct) |
UK law enforcement notified about local disinformation network. Romanian network ran by individual associated with local ruling political party. |
|
|
|
|
2019-03-07 17:35:00 |
Egypt government used Gmail third-party apps to phish activists (lien direct) |
Cairo government targeted local human rights defenders, media, and civil society organizations' staff. |
|
|
|
|
2019-03-07 12:09:03 |
UK says prison facial recognition tech, iris scanners deter smugglers (lien direct) |
Guests at the door laden with drugs or mobile phones are less likely to turn up when biometric barriers are in play -- apparently. |
|
|
|
|
2019-03-07 11:28:02 |
Pirate Bay malware buries nuisance program bundles in a single click (lien direct) |
PirateMatryoshka is described as a “Russian doll” for adware programs and tools. |
Malware
|
|
|
|
2019-03-07 11:00:00 |
Banking Trojans flood the enterprise, Android attacks surge (lien direct) |
Kaspersky Labs detected 900,000 attacks against users in 2018 alone. |
|
|
|
|
2019-03-07 09:06:02 |
Alphabet\'s Chronicle launches security telemetry service Backstory (lien direct) |
The company wants to merge “massive computational capacity” with today's enterprise security needs. |
|
|
|
|
2019-03-06 23:01:01 |
Cisco tells Nexus switch owners to disable POAP feature for security reasons (lien direct) |
Cisco releases new Nexus firmware that includes a new command to turn off POAP. |
|
|
|
|
2019-03-06 15:20:00 |
Firefox to add Tor Browser anti-fingerprinting technique called letterboxing (lien direct) |
Firefox gets another new feature from the Tor Uplift project started in 2016. |
|
|
|
|
2019-03-06 14:00:00 |
WDS bug lets hackers hijack Windows Servers via malformed TFTP packets (lien direct) |
Last warning to apply Microsoft's November security updates for Windows Servers. |
|
|
|
|
2019-03-06 12:40:01 |
Chinese hackers strike US universities in bid for military technology (lien direct) |
Prominent names feature on the hacking list. |
|
|
|
|
2019-03-06 11:17:03 |
The reason why ji32k7au4a83 is a common and terrible password (lien direct) |
It may seem complex but the password is excruciatingly simple. |
|
|
|
|
2019-03-06 09:45:00 |
Google reveals Chrome zero-day under active attacks (lien direct) |
Users are advised to update to Google Chrome version 72.0.3626.121. |
|
|
|
|
2019-03-06 02:12:00 |
NSA release Ghidra, a free software reverse engineering toolkit (lien direct) |
NSA's Ghidra greeted with positive reviews by the infosec community. |
|
|
|
|
2019-03-05 22:42:00 |
Saudi caller ID app leaves data of 5+ million users in unsecured MongoDB server (lien direct) |
Database is still available online after failed attempts to contact the app maker. |
|
|
|
|
2019-03-05 19:15:03 |
Japanese police charge 13-year-old for sharing \'unclosable popup\' prank online (lien direct) |
Police also searched the home of a 47-year-old man and are also investigating three other suspects. |
|
|
|
|
2019-03-05 14:31:00 |
Hide yo\' kids, hide yo\' clouds: Zerodium offering big bucks for cloud zero-days (lien direct) |
Exploit vendor offers up to $500,000 for zero-days in cloud virtualization software like Hyper-V and vSphere. |
|
|
|
|
2019-03-05 13:40:04 |
Exposed Docker hosts can exploited for cryptojacking attacks (lien direct) |
A lack of trusted source security controls is leaving countless containers open to attack. |
|
|
|
|
2019-03-05 11:00:00 |
IBM X-Force Red launches blockchain security service (lien direct) |
The new service has been established in response to the enterprise's blockchain experiments. |
|
|
|
|
2019-03-05 05:30:00 |
WordPress accounted for 90 percent of all hacked CMS sites in 2018 (lien direct) |
Backdoors found on two-thirds of all hacked sites, SEO spam on half. |
Spam
|
|
|
|
2019-03-04 22:03:02 |
Some Android VPN apps request access to sensitive permissions they don\'t need (lien direct) |
Some VPN apps request access to permissions they don't need. |
|
|
|
|
2019-03-04 19:25:00 |
Ransomware attack on Israeli users fails miserably due to coding error (lien direct) |
Hackers failed to trigger the ransomware download due to a coding error but still managed to deface thousands of sites. |
Ransomware
|
|
|
|
2019-03-04 14:00:00 |
Open source software breaches surge in the past 12 months (lien direct) |
A simple lack of time is blamed for a lack of security governance in open-source projects. |
|
|
|
|
2019-03-04 13:08:00 |
Researchers uncover ring of GitHub accounts promoting 300+ backdoored apps (lien direct) |
GitHub ring consisting of 89 accounts promoted 73 repos containing over 300 backdoored apps. |
|
|
|
|
2019-03-04 13:06:02 |
Google\'s Project Zero reveals zero-day macOS vulnerability to the public (lien direct) |
The copy-on write vulnerability has not been patched. |
Vulnerability
|
|
|
|
2019-03-04 13:00:00 |
W3C finalizes Web Authentication (WebAuthn) standard (lien direct) |
WebAuthn is already support on Windows 10, Android, Chrome, Edge, Firefox, and soon on Safari. |
|
|
|