Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-08-27 20:35:05 |
Experts: WH Cybersecurity Summit Should Be Followed by Regulation, Enforcement (lien direct) |
Amazon, Google, Microsoft etc. making major commitments to shore up nation's cyber-defenses just won't be enough, researchers say. |
|
|
|
|
2021-08-27 20:16:34 |
Winning the Cyber-Defense Race: Understand the Finish Line (lien direct) |
Kerry Matre, Mandiant senior director, clears up misconceptions about the value to business for enterprise cyber-defense. Hint: It's not achieving visibility. |
|
|
|
|
2021-08-27 17:32:56 |
FIN8 Targets US Bank With New \'Sardonic\' Backdoor (lien direct) |
The latest refinement of the APT's BadHatch backdoor can leverage new malware on the fly without redeployment, making it potent and nimble.
|
Malware
|
|
★★★
|
|
2021-08-27 16:49:23 |
Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover (lien direct) |
It's unclear if Microsoft customers were breached during the months-long period where the #ChaosDB bug in Jupyter Notebooks was exploitable. |
|
|
|
|
2021-08-27 13:50:44 |
Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor (lien direct) |
The cybercriminal group, active since late 2019, has closed its doors and released the key to unlocking victims' files on its dark web portal. |
Ransomware
|
|
|
|
2021-08-27 13:00:36 |
Top Strategies That Define the Success of a Modern Vulnerability Management Program (lien direct) |
Modern vulnerability management programs require a strategy that defines what success means for your organization's cybersecurity goals. By incorporating a few simple cyber hygiene routines to your daily security routine, you'll set up your IT teams to be better equipped to steer off cyberattacks. |
Vulnerability
|
|
|
|
2021-08-27 12:00:38 |
\'Pay Ransom\' Screen? Too Late, Humpty Dumpty – Podcast (lien direct) |
Splunk's Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells. |
|
|
|
|
2021-08-26 20:50:23 |
Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin (lien direct) |
Now adults, the then-teens apparently used clipboard hijacking malware to steal Bitcoin.
|
Malware
|
|
|
|
2021-08-26 16:40:38 |
F5 Bug Could Lead to Complete System Takeover (lien direct) |
The worst of 13 bugs fixed by the August updates could lead to complete system compromise for users in sensitive sectors running products in Appliance mode. |
Guideline
|
|
|
|
2021-08-26 13:00:11 |
Podcast: Ransomware Up x10: Disrupting Cybercrime Suppy Chains an Opportunity (lien direct) |
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2021.
|
Threat
Ransomware
|
|
|
|
2021-08-26 12:39:54 |
Microsoft Breaks Silence on Barrage of ProxyShell Attacks (lien direct) |
versions of the software are affected by a spate of bugs under active exploitations. |
|
|
|
|
2021-08-25 22:48:34 |
Cisco Issues Critical Fixes for High-End Nexus Gear (lien direct) |
Networking giant issues two critical patches and six high-severity patches. |
|
|
|
|
2021-08-25 18:23:58 |
Win10 Admin Rights Tossed Off by Yet Another Plug-In (lien direct) |
Then again, you don't even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights. |
|
|
|
|
2021-08-25 15:10:46 |
US Media, Retailers Targeted by New SparklingGoblin APT (lien direct) |
The new APT uses an undocumented backdoor to infiltrate the education, retail and government sectors. |
|
|
|
|
2021-08-25 11:41:31 |
California Man Hacked iCloud Accounts to Steal Nude Photos (lien direct) |
Hao Kou Chi pleaded guilty to four felonies in a hacker-for-hire scam that used socially engineered emails to trick people out of their credentials. |
Guideline
|
|
|
|
2021-08-24 19:35:41 |
Poly Network Recoups $610M Stolen from DeFi Platform (lien direct) |
The attacker returned the loot after being offered a gig as chief security advisor with Poly Network. |
|
|
|
|
2021-08-24 17:51:56 |
Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day (lien direct) |
Cybersecurity watchdog CitizenLab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple's new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists – even one living in London at the time. |
|
|
|
|
2021-08-24 16:27:01 |
Custom WhatsApp Build Delivers Triada Malware (lien direct) |
Researchers have spotted the latest version of the Triada trojan targeting mobile devices via an advertising SDK. |
Malware
|
|
|
|
2021-08-24 12:00:45 |
Effective Threat-Hunting Queries in a Redacted World (lien direct) |
Chad Anderson, senior security researcher for DomainTools, demonstrates how seemingly disparate pieces of infrastructure information can form perfect fingerprints for tracking cyberattackers' infrastructure. |
|
|
|
|
2021-08-23 23:18:36 |
Microsoft Spills 38 Million Sensitive Data Records Via Careless Power App Configs (lien direct) |
Data leaked includes COVID-19 vaccination records, social security numbers and email addresses tied to American Airlines, Ford, Indiana Department of Health and New York City public schools. |
|
|
|
|
2021-08-23 18:54:29 |
ProxyShell Attacks Pummel Unpatched Exchange Servers (lien direct) |
CISA is warning about a surge of ProxyShell attacks, as Huntress discovered 140 webshells launched against 1,900 unpatched Microsoft Exchange servers. |
|
|
|
|
2021-08-23 15:58:04 |
Windows 10 Admin Rights Gobbled by Razer Devices (lien direct) |
So much for Windows 10's security: a zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device. |
|
|
|
|
2021-08-23 14:18:30 |
Managing Privileged Access to Secure the Post-COVID Perimeter (lien direct) |
Joseph Carson, chief security scientist & advisory CISO at ThycoticCentrify, discusses how to implement advanced privileged-access practices. |
|
|
|
|
2021-08-23 14:08:42 |
Attackers Actively Exploiting Realtek SDK Flaws (lien direct) |
Multiple vulnerabilities in software used by 65 vendors under active attack. |
|
|
|
|
2021-08-20 21:11:16 |
Web Censorship Systems Can Facilitate Massive DDoS Attacks (lien direct) |
Systems are ripe for abuse by attackers who can abuse systems to launch DDoS attacks. |
|
|
|
|
2021-08-20 14:09:50 |
Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits (lien direct) |
Campaign emails company insiders and initially offers 1 million in Bitcoin if they install DemonWare on an organization's network. |
Threat
Ransomware
|
|
|
|
2021-08-19 22:06:26 |
What\'s Next for T-Mobile and Its Customers? – Podcast (lien direct) |
Hopefully not a hacked-up hairball of a “no can do” message when customers rush to change their PINs. In this episode: Corporate resilience vs. the opposite.
|
|
|
|
|
2021-08-19 21:13:24 |
How Ready Are You for a Ransomware Attack? (lien direct) |
Oliver Tavakoli, CTO at Vectra, lays out the different layers of ransomware defense all companies should implement. |
Ransomware
|
|
|
|
2021-08-19 20:34:42 |
Critical Cisco Bug in Small Business Routers to Remain Unpatched (lien direct) |
The issue affects a range of Cisco Wireless-N and Wireless-AC VPN routers that have reached end-of-life. |
|
|
|
|
2021-08-19 20:19:04 |
InkySquid State Actor Exploiting Known IE Bugs (lien direct) |
The North Korea-linked APT group leverages known Internet Explorer vulns for watering-hole attacks. |
|
APT 37
|
|
|
2021-08-19 16:58:54 |
Windows EoP Bug Detailed by Google Project Zero (lien direct) |
Microsoft first dismissed the elevation of privilege flaw but decided yesterday that attackers injecting malicious code is worthy of attention. |
|
|
|
|
2021-08-19 16:38:31 |
COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate (lien direct) |
COVID-19-related exploitation and abuse is on the rise as vaccine data opens new frontiers for threat actors. |
Threat
|
|
|
|
2021-08-19 14:35:49 |
Postmortem on U.S. Census Hack Exposes Cybersecurity Failures (lien direct) |
Government says cybersecurity failures were many within failed January hack of U.S. Census Bureau systems. |
Hack
|
|
★★★★★
|
|
2021-08-18 18:26:25 |
Bogus Cryptomining Apps Infest Google Play (lien direct) |
The apps attempt to swindle users into buying in-app upgrades or clicking on masses of ads. |
|
|
|
|
2021-08-18 17:54:05 |
T-Mobile: >40 Million Customers\' Data Stolen (lien direct) |
Attackers stole tens of millions of current, former or prospective customers' personal data, the company confirmed. It's providing 2 years of free ID protection. |
|
|
|
|
2021-08-18 14:30:51 |
Memory Bugs in BlackBerry\'s QNX Embedded OS Open Devices to Attacks (lien direct) |
The once-dominant handset maker BlackBerry is busy squashing BadAlloc bugs in its QNX real-time operating system used in cars in medical devices. |
|
|
|
|
2021-08-18 13:19:15 |
Kerberos Authentication Spoofing: Don\'t Bypass the Spec (lien direct) |
Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. |
|
|
|
|
2021-08-18 12:07:33 |
Unpatched Fortinet Bug Allows Firewall Takeovers (lien direct) |
The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch at the end of the month. |
|
|
|
|
2021-08-18 11:24:42 |
HolesWarm Malware Exploits Unpatched Windows, Linux Servers (lien direct) |
The botnet cryptominer has already compromised 1,000-plus clouds since June. |
Malware
|
|
|
|
2021-08-17 18:56:39 |
The Overlooked Security Risks of The Cloud (lien direct) |
Nate Warfield, CTO of Prevaliion, discusses the top security concerns for those embracing virtual machines, public cloud storage and cloud strategies for remote working. |
|
|
|
|
2021-08-17 16:44:58 |
LockBit 2.0 Ransomware Proliferates Globally (lien direct) |
Fresh attacks target companies' employees, promising millions of dollars in exchange for valid account credentials for initial access. |
Ransomware
|
|
|
|
2021-08-17 16:20:30 |
Bug in Millions of Flawed IoT Devices Lets Attackers Eavesdrop (lien direct) |
A remote attacker could exploit a critical vulnerability to eavesdrop on live audio & video or take control. The bug is in ThroughTek's Kalay network, used in 83m devices.
|
Vulnerability
|
|
|
|
2021-08-17 14:46:09 |
Terrorist Watchlist Exposed Online with Nearly 1.9M Records (lien direct) |
A researcher discovered a data cache from the FBI's Terrorist Screening Center left online without a password or authentication requirement. |
|
|
|
|
2021-08-17 13:58:12 |
Apple: CSAM Image-Detection Backdoor \'Narrow\' in Scope (lien direct) |
Computing giant tries to reassure users that the tool won't be used for mass surveillance. |
Tool
|
|
|
|
2021-08-17 13:00:00 |
How to Reduce Exchange Server Downtime in Case of a Disaster? (lien direct) |
Exchange downtime can have serious implications on businesses. Thus, it's important to maintain backups and implement best practices for Exchange servers that can help restore the Exchange server when a disaster strikes with minimal impact and downtime. |
|
|
|
|
2021-08-17 04:00:43 |
Phishing Costs Nearly Quadrupled Over 6 Years (lien direct) |
Lost productivity & mopping up after the costly attacks that follow phishing – BEC & ransomware in particular – eat up most costs, not payouts to crooks. |
Ransomware
|
|
|
|
2021-08-16 20:50:23 |
Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets (lien direct) |
Valve plugs an API bug found in its Steam platform that that abused the Smart2Pay system to add unlimited funds to gamer digital wallets. |
|
|
|
|
2021-08-16 18:22:25 |
XSS Bug in SEOPress WordPress Plugin Allows Site Takeover (lien direct) |
The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. |
|
|
|
|
2021-08-16 15:12:24 |
100m T-Mobile Customer Records Purportedly Up for Sale (lien direct) |
The seller claims to have sucker-punched U.S. infrastructure out of retaliation. The offer: 30m records for ~1 penny each, with the rest being sold privately. |
|
|
|
|
2021-08-13 21:19:16 |
Amazon\'s Plan to Track Worker Keystrokes: A Sign of Controls to Come? (lien direct) |
Data theft, insider threats and imposters accessing sensitive customer data have apparently gotten so bad inside Amazon, the company is considering rolling out keyboard-stroke monitoring for its customer-service reps. A confidential memo from inside Amazon explained that customer service credential abuse and data theft was on the rise, according to Motherboard which reviewed the document. […] |
|
|
|