Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2024-07-26 11:57:23 |
Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe (lien direct) |
Les attaquants abusant de la vulnérabilité "Evilvideo" pourraient partager des charges utiles Android malveillantes via des canaux, des groupes et des chats télégrammes, tout en les faisant apparaître comme des fichiers multimédias légitimes
Attackers abusing the "EvilVideo" vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files |
Threat
Mobile
Vulnerability
|
|
★★★
|
|
2024-07-22 09:00:00 |
Capes maudits: exploiter la vulnérabilité du mal sur le télégramme pour Android Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android (lien direct) |
Les chercheurs de l'ESET ont découvert un télégramme à jour zéro pour l'exploit Android qui permet d'envoyer des fichiers malveillants déguisés en vidéos
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos |
Threat
Mobile
Vulnerability
|
|
★★★
|
|
2024-03-26 10:30:00 |
Emprunteur Bénéficiant: escroqueries de prêts communes et comment les éviter Borrower beware: Common loan scams and how to avoid them (lien direct) |
Les escroqueries de prêts personnelles s'attaquent à votre vulnérabilité financière et pourraient même vous piéger dans un cercle vicieux de dettes.Voici comment éviter d'être arnaqué lorsque l'on considère un prêt.
Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here\'s how to avoid being scammed when considering a loan. |
Vulnerability
|
|
★★★
|
|
2024-02-28 10:30:00 |
Vulnérabilités dans les VPN d'entreprise sous les projecteurs Vulnerabilities in business VPNs under the spotlight (lien direct) |
Alors que les adversaires se tournent de plus en plus sur le logiciel VPN en entreprise vulnérable pour infiltrer les réseaux d'entreprise, les préoccupations montent sur les VPN eux-mêmes étant une source de cyber-risque
As adversaries increasingly set their sights on vulnerable enterprise VPN software to infiltrate corporate networks, concerns mount about VPNs themselves being a source of cyber risk |
Vulnerability
|
|
★★
|
|
2024-02-16 14:05:01 |
Cyber-assurance et numérisation de vulnérabilité & # 8211;Semaine en sécurité avec Tony Anscombe Cyber-insurance and vulnerability scanning – Week in security with Tony Anscombe (lien direct) |
Voici comment les résultats des analyses de vulnérabilité s'exportent dans les décisions sur la cyber-assurance et la façon dont l'intelligence humaine entre en jeu dans l'évaluation de ces signaux numériques
Here\'s how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals |
Vulnerability
|
|
★★
|
|
2023-10-25 09:30:00 |
Winter Vivern exploite la vulnérabilité du jour zéro dans les serveurs de la cmaillard Roundcube Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers (lien direct) |
ESET Research recommande de mettre à jour la carte Web Roundcube à la dernière version disponible dès que possible
ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible |
Vulnerability
|
|
★★
|
|
2022-09-30 14:10:38 |
ESET Research into new attacks by Lazarus – Week in security with Tony Anscombe (lien direct) |
The attack involved the first recorded abuse of a security vulnerability in a Dell driver that was patched in May 2021
|
Vulnerability
|
APT 38
|
|
|
2022-07-29 17:45:39 |
Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe (lien direct) |
>Cybercriminals exploited a vulnerability to steal the equivalent of 18M$ from the NFT music streaming platform Audius, while other cyberthreats related to crypto makes the news.
|
Vulnerability
|
|
|
|
2021-12-15 18:18:07 |
What every business leader needs to know about Log4Shell (lien direct) |
Hundreds of thousands of attempts to exploit the vulnerability are under way
|
Vulnerability
|
|
|
|
2021-11-04 16:22:55 |
Google squashes Android zero‑day bug exploited in targeted attacks (lien direct) |
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
|
Vulnerability
|
|
|
|
2021-07-27 18:00:59 |
Apple releases patch for zero‑day flaw in iOS, iPadOS and macOS (lien direct) |
The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple's products.
|
Vulnerability
|
|
|
|
2021-07-16 14:47:15 |
Google patches Chrome zero‑day vulnerability exploited in the wild (lien direct) |
The newest update fixes a total of eight vulnerabilities affecting the desktop versions of the popular browser.
|
Vulnerability
|
|
|
|
2021-04-21 15:58:44 |
Google rushes out fix for zero‑day vulnerability in Chrome (lien direct) |
The update patches a total of seven security flaws in the desktop versions of the popular web browser
|
Vulnerability
|
|
|
|
2021-03-04 19:39:36 |
Microsoft rushes out fixes for four zero‑day flaws in Exchange Server (lien direct) |
At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry
|
Vulnerability
|
|
|
|
2020-08-31 15:47:48 |
Security flaw allows bypassing PIN verification on Visa contactless payments (lien direct) |
The vulnerability could allow criminals to rack up fraudulent charges on the cards without needing to know the PINs
|
Vulnerability
|
|
|
|
2020-08-06 20:00:18 |
Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping (lien direct) |
At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than previously thought
|
Vulnerability
|
|
|
|
2020-07-15 16:22:34 |
Microsoft patches critical, wormable flaw in Windows DNS Server (lien direct) |
The company urges organizations to waste no time in installing updates to fix the vulnerability that rates a 'perfect' 10 on the severity scale
|
Vulnerability
|
|
★★
|
|
2020-07-13 18:51:06 |
Zoom patches zero‑day flaw in Windows client (lien direct) |
The vulnerability exposed Zoom users running Windows 7 or earlier OS versions to remote attacks
|
Vulnerability
|
|
|
|
2020-05-27 15:16:47 |
Critical Android flaw lets attackers hijack almost any app, steal data (lien direct) |
Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers
|
Vulnerability
|
|
|
|
2020-05-15 13:30:39 |
Microsoft fixes vulnerability affecting all Windows versions since 1996 (lien direct) |
Another vulnerability in the same Windows component was abused by Stuxnet a decade ago
|
Vulnerability
|
|
|
|
2020-02-26 14:51:34 |
KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices (lien direct) |
ESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices
|
Vulnerability
|
|
|
|
2020-01-09 12:48:03 |
Mozilla rushes out patch for Firefox zero‑day (lien direct) |
The US cybersecurity agency warns that the critical vulnerability could allow attackers to take control of people's computers
|
Vulnerability
|
|
|
|
2019-11-11 16:16:30 |
First BlueKeep attacks prompt fresh warnings (lien direct) |
The infamous vulnerability has been exploited for a cryptocurrency mining campaign, but more damaging attacks may still be in store
|
Vulnerability
|
|
|
|
2019-09-25 13:50:46 |
Microsoft rushes out patch for Internet Explorer zero‑day (lien direct) |
There is no word on which threat actor is abusing the severe vulnerability for attacks
|
Threat
Vulnerability
|
|
|
|
2019-09-12 21:31:11 |
A vulnerability in Instagram exposes personal information of users (lien direct) |
The bug, which has already been fixed by Facebook, allowed access to private user information that could be abused by malicious actors.
|
Vulnerability
|
|
|
|
2019-07-22 15:30:04 |
VLC player has a critical flaw – and there\'s no patch yet (lien direct) |
On the flip side, there are currently no known cases of the vulnerability being exploited in the wild
|
Vulnerability
|
|
|
|
2019-07-10 09:30:04 |
Windows zero-day CVE-2019-1132 exploited in targeted attacks (lien direct) |
>ESET research discovers a zero-day exploit that takes advantage of a local privilege escalation vulnerability in Windows
|
Vulnerability
|
|
|
|
2019-05-02 09:30:01 |
D-Link camera vulnerability allows attackers to tap into the video stream (lien direct) |
ESET researchers highlight a series of security holes in a device intended to make homes and offices more secure
|
Vulnerability
|
|
★★★★★
|
|
2019-03-25 15:47:01 |
Two white hats hack a Tesla, get to keep it (lien direct) |
>The electric automaker is working to release a fix for the underlying vulnerability in a matter of days
|
Hack
Vulnerability
|
Tesla
|
|
|
2018-09-05 12:57:01 |
PowerPool malware exploits ALPC LPE zero-day vulnerability (lien direct) |
>Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure
|
Malware
Vulnerability
|
|
|
|
2018-07-31 08:28:05 |
Inmates hack tablets for free credits prison (lien direct) |
>The nature of the vulnerability hasn't been disclosed, but is said to have already been identified and fixed
|
Hack
Vulnerability
|
|
|