Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-02-09 08:00:00 |
New TLS encryption-busting attack also impacts the newer TLS 1.3 (lien direct) |
Researchers discover yet another Bleichenbacher attack variation (yawn!). |
|
|
|
|
2019-02-09 00:49:00 |
China\'s cybersecurity law update lets state agencies \'pen-test\' local companies (lien direct) |
China draws up law that makes it perfectly legal to hack any internet-related company activating in its borders. |
Hack
|
|
|
|
2019-02-08 15:58:00 |
US Senators ask DHS to look into US government workers using foreign VPNs (lien direct) |
Senators alarmed that US government workers may be sending sensitive traffic to China or Russia. |
|
|
|
|
2019-02-08 05:30:00 |
MongoDB databases still being held for ransom, two years after attacks started (lien direct) |
New hacker groups that hold MongoDB databases for ransom have been spotted last month. |
|
|
|
|
2019-02-08 01:17:05 |
Google warns about two iOS zero-days \'exploited in the wild\' (lien direct) |
iOS users are advised to update to iOS 12.1.4; release which also fixes infamous FaceTime bug. |
|
|
|
|
2019-02-07 17:01:00 |
Google\'s Adiantum gives your mobile device an encryption boost (lien direct) |
Adiantum aims to give smartphones and tablets access to strong encryption standards without specialized hardware. |
|
|
|
|
2019-02-07 15:57:00 |
Chrome extension with millions of users is now serving popup ads (lien direct) |
Good extension turns bad and is now showing unwanted ads for an ad-blocker to millions of users. |
|
|
|
|
2019-02-07 12:21:04 |
Facebook broad data collection ruled illegal by German anti-trust office (lien direct) |
German antitrust watchdog wants Facebook to obtain explicit user consent before merging data collected from WhatsApp, Instagram, Facebook Analytics, and social buttons with Facebook profiles. |
|
|
|
|
2019-02-07 09:04:00 |
Opening this image file grants hackers access to your Android phone (lien direct) |
Be careful if you are sent an image from a suspicious source. |
|
|
|
|
2019-02-07 08:07:00 |
Police demand Google remove speed trap, drunk driver checkpoint alerts (lien direct) |
Drivers have been alerted to speed camera locations through the Waze app. |
|
|
|
|
2019-02-07 07:13:05 |
Ukrainian man jailed for stealing $15 million from Russian banks (lien direct) |
Bank funds were stolen by hackers as part of a wider cybercriminal ring. |
|
|
|
|
2019-02-07 05:00:00 |
Hacker group uses Google Translate to hide phishing sites (lien direct) |
New phishing technique looks silly on desktops but may have a fighting chance on mobile devices. |
|
|
|
|
2019-02-06 20:27:00 |
Firefox to get a \'site isolation\' feature, similar to Chrome (lien direct) |
Mozilla announces Project Fission, a project to add true multi-process support to Firefox. |
|
|
|
|
2019-02-06 18:26:00 |
New macOS zero-day allows theft of user passwords (lien direct) |
KeySteal exploit can steal user passwords from the macOS Keychain. |
|
|
|
|
2019-02-06 15:01:00 |
China hacked Norway\'s Visma cloud software provider (lien direct) |
APT10 hacker group breaches Visma cloud provider, a US law firm, and an international apparel company, a report published today says. |
|
APT 10
|
|
|
2019-02-06 14:00:00 |
Pentesters breach 92 percent of companies, report claims (lien direct) |
Failure to protect web apps with firewalls, failure to patch systems, and the use of insecure WiFi networks deemed primary causes. |
|
|
|
|
2019-02-06 09:46:00 |
Researcher reveals data leak at South Africa\'s main electricity provider (lien direct) |
Updated: It appears using Twitter to reveal the news was a last-ditch attempt for Eskom to take the exposure seriously. |
|
|
|
|
2019-02-05 21:31:00 |
Zcash cryptocurrency fixes infinite counterfeiting vulnerability (lien direct) |
Zcash devs keep dangerous flaw secret for eight months while they prepare and ship a much-needed fix. |
Vulnerability
|
|
|
|
2019-02-05 18:17:00 |
Backdoored cryptocurrency software found serving AZORult malware (lien direct) |
Windows client for Denarius cryptocurrency found compromised, but clues suggest the same hackers also backdoored many more other cryptocurrency software clients over the past few months. |
Malware
|
|
|
|
2019-02-05 14:54:00 |
Google releases Chrome extension to check for leaked usernames and passwords (lien direct) |
Google releases "Password Checkup" Chrome extension on Safer Internet Day. |
|
|
|
|
2019-02-01 18:34:01 |
Pwnhead takes down controversial security researchers ranking after criticism (lien direct) |
Infosec community reacts with anger at "unneeded" website ranking their skills. |
|
|
|
|
2019-02-01 12:02:05 |
Hacker discloses Magyar Telekom vulnerabilities, faces jail term (lien direct) |
The question is whether or not the hacker crossed an ethical line. |
|
|
|
|
2019-02-01 11:03:01 |
Facebook\'s worst privacy scandals and data disasters (lien direct) |
Time and time again, Facebook has been slammed for privacy practices and data handling. Here are some of the most prominent, recent scandals of note. |
|
|
|
|
2019-02-01 10:31:02 |
This smart light bulb could leak your Wi-Fi password (lien direct) |
LIFX smart bulbs contained vulnerabilities which could be exploited with a little ingenuity and the help of a hacksaw. |
|
|
|
|
2019-02-01 05:20:00 |
Firefox will soon warn users of software that performs MitM attacks (lien direct) |
Starting with version 66, Firefox will let you know when antivirus products, malware, or your ISP are tapping into your HTTPs traffic. |
|
|
|
|
2019-01-31 21:59:00 |
Twitter took down accounts from Iran, Venezuela, and Russia that tried to influence 2018 US midterms (lien direct) |
Facebook also removes hundreds of accounts linked to an Iranian political influence campaign. |
|
|
|
|
2019-01-31 20:37:04 |
Company selling social media \'likes\' and \'followers\' settles with US authorities (lien direct) |
Company, Devumi, already filed for bankruptcy in mid-2018. |
|
|
|
|
2019-01-31 15:52:02 |
New security flaw impacts 5G, 4G, and 3G telephony protocols (lien direct) |
Researchers have reported their findings and fixes should be deployed by the end of 2019. |
|
|
|
|
2019-01-31 13:31:01 |
Black hat hackers, white collar criminals snuggle up to operate insider trading schemes (lien direct) |
FDA approvals and acquisition announcements are some of the hot property on sale. |
|
|
|
|
2019-01-31 12:37:00 |
IoT botnet used in YouTube ad fraud scheme (lien direct) |
TheMoon's DDoS days are long gone. The botnet is now a proxy network for other criminal groups. |
|
|
|
|
2019-01-31 11:31:02 |
Apple pulls the plug on Facebook\'s internal iOS apps (lien direct) |
Flouting Apple's privacy rules have reportedly resulted in severe consequences for the social media giant. |
|
|
|
|
2019-01-30 22:34:01 |
Airbus data breach impacts employees in Europe (lien direct) |
Aircraft manufacturer still investigating the breach. Did not reveal any other information. |
Data Breach
|
|
|
|
2019-01-30 21:20:00 |
DOJ moves to take down Joanap botnet operated by North Korean state hackers (lien direct) |
The DOJ, FBI, and US Air Force to contact victims infected with the Joanap malware. |
|
|
|
|
2019-01-30 14:00:00 |
Matrix has slowly evolved into a \'Swiss Army knife\' of the ransomware world (lien direct) |
The Matrix ransomware is usually deployed after cyber-criminals use unsecured RDP endpoints to compromise companies' internal networks. |
Ransomware
|
|
|
|
2019-01-30 14:00:00 |
This is how YouTube influencer scam artists operate (lien direct) |
The scams look credible but the only gift on offer is the loss of your personal data. |
|
|
|
|
2019-01-30 12:55:00 |
Google Chrome to get warnings for \'lookalike URLs\' (lien direct) |
Chrome to show warnings when accessing mistyped domains. |
|
|
|
|
2019-01-30 11:02:00 |
Facebook slammed over covert app that pays teenagers for data (lien direct) |
The Facebook Research app pays teenagers $20 for extensive access to their phone and web activity. |
|
|
|
|
2019-01-30 09:27:03 |
Severe vulnerability in Apple FaceTime found by Fortnite player (lien direct) |
The teen's mother attempted to contact Apple with no success. |
Vulnerability
|
|
|
|
2019-01-29 13:32:00 |
Microsoft Exchange vulnerable to \'PrivExchange\' zero-day (lien direct) |
Proof-of-concept tool lets attackers escalate a hacked inbox to admin on a company's internal domain controller. |
Tool
|
|
|
|
2019-01-29 10:15:01 |
Police are now targeting former WebStresser DDoS-for-hire users (lien direct) |
The service has closed but this does not mean that previous customers will get away scot-free. |
|
|
|
|
2019-01-29 09:15:05 |
The DDoS that wasn\'t: a key takeaway for web domain security (lien direct) |
Four billion requests were sent to a website in one burst but a DDoS attack was not the reason. |
|
|
|
|
2019-01-29 08:00:00 |
Enterprise digital transformation leaves data security behind (lien direct) |
Implementing modern systems could have a sinister side-effect for enterprise companies. |
|
|
|
|
2019-01-28 23:20:02 |
Mozilla publishes official Firefox anti-tracking policy (lien direct) |
Mozilla devs detail what types of websites and abusive user-tracking practices they intend to block in future Firefox versions. |
|
|
|
|
2019-01-28 18:50:00 |
Authorities shut down xDedic marketplace for buying hacked servers (lien direct) |
xDedic provided access to more than 85,000 hacked servers in its heyday. |
|
|
|
|
2019-01-28 15:04:05 |
Unsecured MongoDB databases expose Kremlin\'s backdoor into Russian businesses (lien direct) |
"Admin@kremlin.ru" account spotted on thousands of Russian-linked, internet-exposed MongoDB databases. |
|
|
|
|
2019-01-27 17:39:01 |
LocalBitcoins blames security breach on forum \'third-party software\' (lien direct) |
Hackers appears to have stolen $28,200 from users' accounts after phishing login credentials and 2FA one-time codes. |
|
|
|
|
2019-01-27 16:32:00 |
WordPress sites under attack via zero-day in abandoned plugin (lien direct) |
Developers of Total Donations plugin have gone missing, leaving former customers open to attacks. |
|
|
|
|
2019-01-27 14:39:00 |
Japanese government plans to hack into citizens\' IoT devices (lien direct) |
Japanese government wants to secure IoT devices before Tokyo 2020 Olympics and avoid Olympic Destroyer and VPNFilter-like attacks. |
Hack
|
VPNFilter
|
|
|
2019-01-27 12:02:04 |
DailyMotion discloses credential stuffing attack (lien direct) |
DailyMotion falls to credential stuffing attack two weeks after Reddit had the same faith. |
|
|
|
|
2019-01-27 10:47:00 |
Hackers are going after Cisco RV320/RV325 routers using a new exploit (lien direct) |
Attacks on Cisco routers started hours after the publication of proof-of-concept code on GitHub. |
|
|
|