Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-09-01 10:30:00 |
Data broker sued for allegedly selling individuals\' sensitive location data (lien direct) |
>Categories: NewsCategories: PrivacyTags: Kochava
Tags: FTC
Tags: sensitive locations
Tags: data broker
The FTC has filed a complaint against data broker Kochava for selling sensitive location data.
(Read more...)
|
|
|
|
|
2022-09-01 10:00:00 |
Controversial Kids\' Code aims to keep children safe online (lien direct) |
>Categories: NewsTags: Legal
Tags: child
Tags: children
Tags: teen
Tags: safety
Tags: COPPA
We take a look at a child safety bill in California which sounds useful, but is raising some concerns related to privacy and security of its own.
(Read more...)
|
|
|
|
|
2022-08-31 20:00:00 |
Malwarebytes receives highest rankings in recent third-party tests (lien direct) |
>Categories: BusinessMalwarebytes Endpoint Protection continues to receive outstanding results in third-party testing: We're proud to have been one of the top-ranked security solutions by two highly-regarded industry evaluations, MRG-Effitas and Info-Tech's Data Quadrant Report.
(Read more...)
|
|
|
|
|
2022-08-31 15:00:00 |
James Webb telescope images used to hide malware (lien direct) |
>Categories: NewsCategories: ThreatsTags: Msdllupdate.exe
Tags: macros
Tags: James Webb
Tags: certutil
Tags: Golang
Tags: base64
Tags: steganography
Tags: OxB36F8GEEC634.jpg
In a recent malware campaign, images from the James Webb telescope were used to hide malware.
(Read more...)
|
Malware
|
|
|
|
2022-08-31 11:00:00 |
How to set up an iPhone for your kids (lien direct) |
>Categories: PersonalThe new school year is just around the corner, and for some parents and guardians this also means giving their kid their own iPhone. Quite nerve-wracking, but we got you!
(Read more...)
|
|
|
|
|
2022-08-31 09:00:00 |
Final Fantasy 14 players targeted by QR code phishing (lien direct) |
>Categories: NewsCategories: ScamsWe take a look at multiple reports of Final Fantasy 14 players attacked by a wave of QR themed phishing.
(Read more...)
|
|
|
|
|
2022-08-30 14:00:00 |
British Airways customers targeted in lost luggage Twitter scam (lien direct) |
>Categories: NewsTags: social media
Tags: twitter
Tags: luggage
Tags: airline
Tags: terminal
Tags: scam
Tags: fake
Tags: fraud
Tags: send money
Fake customer support accounts are extracting cash from people looking for some help on Twitter.
(Read more...)
|
|
|
★★★
|
|
2022-08-30 12:00:00 |
Chromium browsers can write to the system clipboard without your permission (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: Chrome
Tags: Chromium
Tags: clipboard
Tags: Jeff Johnson
Tags: clipboard manager
Tags: Google doodles
Chromium browsers can write to the system clipboard without user consent or knowledge
(Read more...)
|
|
|
|
|
2022-08-29 16:00:00 |
Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18 (lien direct) |
>Categories: PodcastThis week on Lock and Code, we speak with the hacker Sick Codes about how he got into a John Deere smart tractor's control panel to play the 1993 video game Doom on it.
(Read more...)
|
|
|
|
|
2022-08-29 11:00:00 |
Twilio data breach turns out to be more elaborate than suspected (lien direct) |
>Categories: NewsTags: twilio
Tags: okta
Tags: Authy
Tags: Signal
Tags: Cloudflare
Tags: MailChimp
Tags: Klaviyo
Tags: scatter swine
Tags: oktapus
Tags: 2fa
Tags: otp
Even if you don't know a thing about Twilio, you may have been affected by their data breach.
(Read more...)
|
Data Breach
|
|
|
|
2022-08-26 18:00:00 |
Adware found on Google Play - PDF Reader servicing up full screen ads (lien direct) |
>Categories: AndroidCategories: NewsA PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use.
(Read more...)
|
|
|
|
|
2022-08-26 10:00:00 |
Source code of password manager LastPass stolen by attacker (lien direct) |
>Categories: NewsTags: LastPass
Tags: source code
Tags: MFA
Tags: random
Tags: password manager
LastPass let the public know that an unauthorized party gained access to portions of the LastPass development environment
(Read more...)
|
|
LastPass
|
|
|
2022-08-25 15:00:00 |
Exploits and TrickBot disrupt manufacturing operations (lien direct) |
>Categories: Threat IntelligenceSeptember 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021.
(Read more...)
|
|
|
★★★★
|
|
2022-08-25 12:00:00 |
Introducing Patch Management for OneView (lien direct) |
>Categories: BusinessWe're thrilled to announce our Patch Management module for OneView, which is paired alongside our Vulnerability Assessment module to help you uncover vulnerabilities, respond to threats, and keep your customers productive and safe.
(Read more...)
|
Vulnerability
|
|
★★★★★
|
|
2022-08-25 10:00:00 |
Update now! GitLab issues critical security release for RCE vulnerability (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: GitLab
Tags: RCE
Tags: CVE-2022-2884
Tags: GitHub
Tags: import
GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884.
(Read more...)
|
Vulnerability
|
|
★★★★
|
|
2022-08-24 13:00:00 |
Binance chief says a “sophisticated hacking team” turned him into a deepfake hologram (lien direct) |
>Categories: NewsTags: Deepfake
Tags: fake
Tags: binance
Tags: cryptocurrency
Tags: Linkedin
Tags: scam
Tags: Zoom
Tags: meeting
Tags: call
Tags: fake
We take a look at reports of a Deepfake hologram getting up to no good in bogus cryptocurrency Zoom calls.
(Read more...)
|
|
|
★★★★
|
|
2022-08-24 12:00:00 |
Twitter security under scrutiny after former executive turns whistleblower (lien direct) |
>Categories: NewsTags: Twitter
Tags: Zatko
Tags: Mudge
Tags: L0pht
Tags: Cult of the dead cow
Tags: Infrastructure
Tags: bots
Tags: Elon Musk
Tags: FTC
Tags: SEC
Tags: whistleblower
Former Twitter head of security and ethical hacker Peiter Mudge Zatko has alleged some serious problems about the social media giant.
(Read more...)
|
|
|
|
|
2022-08-24 11:00:00 |
ChromeOS vulnerability found by Microsoft (lien direct) |
>Categories: NewsTags: Microsoft
Tags: ChromeOS
Tags: Chrome
Tags: Google
Tags: audio
Tags: bluetooth
Tags: exploit
Tags: vulnerability
Microsoft has released a report detailing a ChromeOS vulnerability reported to Chrome and fixed within a week.
(Read more...)
|
Vulnerability
|
|
|
|
2022-08-24 10:30:00 |
Reset your password now! Plex suffers data breach (lien direct) |
>Categories: NewsTags: Plex
Tags: breach
Tags: sign out
Tags: change password
Tags: Troy Hunt
Tags: HaveIBeenPwnd
In an email sent to its users, Plex revealed that a cybercriminal accessed a limited subset of customer data, including emails and encrypted passwords.
(Read more...)
|
Data Breach
|
|
|
|
2022-08-24 10:00:00 |
How to secure a Mac for your kids (lien direct) |
>Categories: ExplainedCategories: PersonalTags: Mac
Tags: Parental Controls
Tags: Screen Time
If you want to know how to secure your Mac so your kids can use it safely, we're here to help.
(Read more...)
|
|
|
|
|
2022-08-23 14:00:00 |
6 reasons MSPs need a patch management platform (lien direct) |
>Categories: BusinessWith a patch management platform, MSPs can greatly simplify the patching process for their clients-and the benefits don't end there. In this post, we break down six reasons MSPs need a patch management platform.
(Read more...)
|
Patching
|
|
|
|
2022-08-23 13:00:00 |
Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover (lien direct) |
>Categories: NewsTags: Hikvision
Tags: CVE-2021-36260
Tags: metasploit
Tags: Mirai
Tags: Moobot
Tags:
A patch has been available since September 2021, yet tens of thousands of systems used by 2,300 organizations across 100 countries have still not applied the security update.
(Read more...)
|
|
|
|
|
2022-08-23 11:00:00 |
Google flags man as sex abuser after he sends photos of child to doctor (lien direct) |
>Categories: NewsTags: CSAM
Tags: de-Google
Tags: AI
Tags: NCMEC
Tags: EFF
Tags: false positive
Tech giants are scanning our private files to find predators guilty of sexually abusing children, but they are creating victims of their own.
(Read more...)
|
|
|
|
|
2022-08-22 22:00:00 |
Criminals socially engineer their way to bank details with fake arrest warrants (lien direct) |
>Categories: NewsCategories: Social engineeringScammers subject their victims to a whirlwind of emotions so they can achieve their end goal: money.
(Read more...)
|
|
|
|
|
2022-08-22 17:00:00 |
Reddit users crowdsourcing explicit images and identities (lien direct) |
>Categories: NewsTags: stolen images
Tags: explicit
Tags: theft
Tags: compromise
Tags: blackmail
Tags: threats
Tags: reddit
Tags: video
We look at a report highlighting how explicit images are being shared without permission, and how this often leads to additional harassment.
(Read more...)
|
Guideline
|
|
|
|
2022-08-22 15:00:00 |
CISA wants you to patch these actively exploited vulnerabilities before September 8 (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsCISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date!
(Read more...)
|
|
|
|
|
2022-08-22 12:00:00 |
Cryptojackers growing in numbers and sophistication (lien direct) |
>Categories: NewsCategories: CryptominingTags: Cryptojacking
Tags: fileless
Tags: malware
Tags: LOLBins
Tags: RiskWare.BitCoinMiner
Tags: Trojan.BitCoinMiner
Tags: c2
Tags: mining pools
Probably due to rising energy costs and the volatility in crypto-currencies, we can see a rise in malicious crypto mining, aka cryptojacking.
(Read more...)
|
|
|
|
|
2022-08-19 19:00:00 |
Tech support scammers target Microsoft users with fake Office 365 USB sticks (lien direct) |
>Categories: NewsTags: Microsoft
Tags: USB stick
Tags: tech support scam
Tags: scammers
Tags: Office 365
Tags: fake
Tags: phone call
We take a look at a Microsoft warning related to tech support scammers sending out bogus USB sticks in the mail.
(Read more...)
|
|
|
|
|
2022-08-19 16:30:00 |
Explained: Steganography (lien direct) |
>Categories: ExplainedCategories: NewsTags: Steganography
Tags: encryption
Tags: least significant bits
Tags: rgb
Tags: masking
Tags: palette-based
Tags: lossy
Tags: compression
Tags: cropping
Steganography is the prime example of hiding something in plain sight. We look at the basics, some methods, and the hurdles of hiding messages in images.
(Read more...)
|
|
|
|
|
2022-08-19 12:00:00 |
Spying on the spies. See what JavaScript commands get injected by in-app browsers (lien direct) |
>Categories: NewsCategories: PrivacyTags: Krause
Tags: inappbrowser.com
Tags: Meta
Tags: Facebook
Tags: Instagram
Tags: TikTok
A developer and privacy expert created a platform that allows iOS users to see injected JavaScript in their in-app browsers
(Read more...)
|
|
|
|
|
2022-08-18 20:00:00 |
Business Services industry targeted across the country for backdoor access (lien direct) |
>Categories: Threat IntelligenceHigh detections of hacking tools for the Business Services industry shows that attackers likely sought to infect businesses and install backdoors for future access to their customers.
(Read more...)
|
|
|
|
|
2022-08-18 19:00:00 |
Attackers waited until holidays to hit US government (lien direct) |
>Categories: Threat IntelligenceIn the first quarter of 2021, the US public sector dealt with heavy-hitting breaches against local, federal, and state government networks.
(Read more...)
|
|
|
|
|
2022-08-18 17:30:00 |
How IT teams can prevent phishing attacks with Malwarebytes DNS filtering (lien direct) |
>Categories: BusinessAccording to Verizon, 82 percent of data breaches in 2021 involved the human element-with phishing attacks making up over 60 percent of these. But Malwarebytes DNS filtering can help you prevent a large swath of phishing attacks.
(Read more...)
|
|
|
|
|
2022-08-18 14:00:00 |
Bad rhythm: Janet Jackson song resonates poorly with some old hard drives (lien direct) |
>Categories: BusinessTags: Janet Jackson
Tags: music
Tags: rhythm nation
Tags: song
Tags: video
Tags: resonant frequency
Tags: hard drive
We take a look at news of the Janet Jackson smash Rhythm Nation causing bizarre issues for certain older hard drive models.
(Read more...)
|
|
|
|
|
2022-08-18 10:00:00 |
(Déjà vu) Urgent update for macOS and iOS! Two actively exploited zero-days fixed (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: macOS
Tags: iOS
Tags: CVE-2022-32894
Tags: CVE-2022-32893
Tags: kernel privileges
Tags: WebKit
Tags: actively exploited
Tags: watering hole
Tags: exploit kit
Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.
(Read more...)
|
Hack
|
|
|
|
2022-08-17 15:00:00 |
$6 million heist targets video game skin trading site (lien direct) |
>Categories: BusinessTags: game
Tags: video game
Tags: trading
Tags: skins
Tags: CS: GO
Tags: compromised
Tags: website
Tags: steam
We take a look at reports of a huge raid on a popular video game skin trading site.
(Read more...)
|
|
|
|
|
2022-08-17 14:00:00 |
Nearly 2,000 Signal users affected by Twilio phishing attack (lien direct) |
>Categories: NewsCategories: Social engineeringNot all phishing campaigns are after your bank details. In the case of the Twilio breach, attackers were after three particular Signal accounts.
(Read more...)
|
|
|
|
|
2022-08-17 11:00:00 |
Update Chrome now! Google issues patch for zero day spotted in the wild (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: 104.0.5112.101
Tags: Google
Tags: Chrome
Tags: CVE-2022-2852
Tags: CVE-2022-2856
Tags: CVE-2022-2854
Tags: CVE-2022-2853
Tags: UAF
Tags: heap buffer overflow
Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild.
(Read more...)
|
|
|
|
|
2022-08-17 09:00:00 |
Ransomwater confusion, does the criminal know who the victim is? (lien direct) |
>Categories: NewsCategories: RansomwareTags: ransomware
Tags: Clop
Tags: Thames Water
Tags: hoax
Tags: South Staffs Water
Tags: vital infrastructure
The Clop ransomware gang made a mistake in identifying who exactly their victim was, but they got it right in the end
(Read more...)
|
Ransomware
|
|
|
|
2022-08-17 00:00:00 |
How to secure a Windows PC for your kids (lien direct) |
>Categories: PersonalWhat to think about when preparing your child's Windows device for the new school year.
(Read more...)
|
|
|
|
|
2022-08-16 14:45:00 |
CISA and FBI issue alert about Zeppelin ransomware (lien direct) |
>Categories: NewsCategories: RansomwareTags: Zeppelin
Tags: ransomware
Tags: RDP
Tags: Sonicwall
Tags: phishing
Tags: malvertising
Tags: backups
Tags: authentication
Tags: mfa
Tags: patching
Tags: EDR
The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) to raise awareness about Zeppelin ransomware
(Read more...)
|
Ransomware
|
|
|
|
2022-08-15 16:00:00 |
JSSLoader: the shellcode edition (lien direct) |
In this deep dive analysis, we look at the latest version of the JSSLoader malware tied to the FIN7 group.
(Read more...)
|
Malware
|
|
|
|
2022-08-15 14:00:00 |
Introducing Malwarebytes Cloud Storage Scanning: How to scan for malware in cloud file storage repositories (lien direct) |
>Categories: BusinessWe're excited to announce Malwarebytes Cloud Storage Scanning, a new service which extends Nebula malware scanning options to include files stored on cloud storage repositories that are part of your organization's digital ecosystem.
(Read more...)
|
Malware
|
|
|
|
2022-08-15 05:00:00 |
Donut breach: Lessons from pen-tester Mike Miller: Lock and Code S03E17 (lien direct) |
>Categories: PodcastThis week on Lock and Code, we speak with pen-tester Mike Miller about how he successfully breached a client's offices with little more than a box of donuts.
(Read more...)
|
|
|
|
|
2022-08-12 21:00:00 |
Anti-tracking tool tells you if you\'re being followed (lien direct) |
>Categories: NewsCategories: PrivacyAt Black Hat, a cybersecurity expert presented an anti-stalking tool they made for a friend.
(Read more...)
|
Tool
|
|
|
|
2022-08-12 15:00:00 |
Viral video drives malvertising on social media platform (lien direct) |
Tech support scammers are leveraging social media giant Facebook to lure users into clicking on a viral article.
(Read more...)
|
|
|
|
|
2022-08-12 12:00:00 |
Researchers found one-click exploits in Discord and Teams (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: Discord
Tags: Spotify
Tags: MicrosoftTeams
Tags: Electron
Tags: ElectronJS
Tags: NodeJS
Tags: V8 Chrome
Tags: Log4Shell
Tags: Log4j
A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, and many others
(Read more...)
|
|
|
|
|
2022-08-11 13:00:00 |
Thousands of Zimbra mail servers backdoored in large scale attack (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: Zimbra
Tags: ZVS
Tags: cve-2022-27925
Tags: web shell
Tags: cve-2022-37042
Tags: authentication
Tags: RCE
Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers
(Read more...)
|
Vulnerability
|
|
|
|
2022-08-11 10:00:00 |
Slack flaw exposed users\' hashed passwords (lien direct) |
>Categories: Exploits and vulnerabilitiesSlack was exposing user passwords for years. The bug has been swatted and the affected users informed.
(Read more...)
|
|
|
|
|
2022-08-10 17:00:00 |
Now it\'s BlenderBot\'s turn to make shocking, inappropriate, and untrue remarks (lien direct) |
>Categories: NewsBlenderBot, Meta's conversational AI, launched last week. And it inherited the kind of talk many AI chatbots before it became notorious for.
(Read more...)
|
|
|
|