Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-10-05 07:09:01 |
Leaders of \'notorious\' Team Xecuter game piracy, homebrew group arrested (lien direct) |
US prosecutors allege the team spearheaded the sale of devices for hacking popular consoles. |
|
|
|
|
2020-10-04 14:06:31 |
New Ttint IoT botnet caught exploiting two zero-days in Tenda routers (lien direct) |
Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before. |
|
|
|
|
2020-10-04 00:15:08 |
Two North American hospitality merchants hacked in May and June (lien direct) |
Visa did not share the name of the two victims but said that one company had three different strains of point-of-sale (POS) malware on its network. |
Malware
|
|
|
|
2020-10-02 16:53:00 |
Google is creating a special Android security team to find bugs in sensitive apps (lien direct) |
Android apps that will be on the team's radar include COVID-19 contact tracing apps and election-related apps. |
|
|
|
|
2020-10-02 14:37:49 |
Google sets up research grant for finding bugs in browser JavaScript engines (lien direct) |
Eligible browser JavaScript engines include JavaScriptCore (Safari), V8 (Chrome, Edge), and Spidermonkey (Firefox). |
|
|
|
|
2020-10-02 10:00:03 |
Researchers track hacking \'fingerprints,\' link Russian attackers to Windows exploit sellers (lien direct) |
The new technique was used to profile prolific Windows LPE exploit sellers. |
|
|
|
|
2020-10-02 09:31:37 |
ESET discovers a rare APT that stayed undetected for nine years (lien direct) |
Active since 2011 but only discovered this year, the XDSpy hacker group targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine. |
|
|
|
|
2020-10-02 06:50:53 |
4G, 5G networks could be vulnerable to exploit due to \'mishmash\' of old technologies (lien direct) |
The decades-old SS7 signaling system is one of numerous protocols exposing 5G networks to abuse. |
|
|
|
|
2020-10-01 21:34:18 |
Facebook sues two Chrome extension makers for scraping user data (lien direct) |
Facebook has sued today the makers of the UpVoice and Ads Feed Chrome extensions. |
|
|
|
|
2020-10-01 18:13:00 |
US Treasury says some ransomware payments may need its express approval (lien direct) |
US Treasury says companies paying ransoms to previously-sanctioned cybercrime groups may face sanctions unless it is notified of the payment beforehand. |
Ransomware
|
|
|
|
2020-10-01 18:00:00 |
How a Chinese malware gang defrauded Facebook users of $4 million (lien direct) |
SilentFade group utilized a Windows rootkit, browser injections, clever scripting, and a Facebook platform bug to buy and post ads on behalf of hacked users. |
Malware
|
|
|
|
2020-10-01 13:00:03 |
With API attacks rising, Cloudflare launches a free API security tool (lien direct) |
Claudflare launches API Shield, a new service to protect web APIs against attacks. |
Tool
|
|
|
|
2020-10-01 12:45:03 |
Imperva acquires database security startup jSonar (lien direct) |
jSonar secured a $50 million investment from Goldman Sachs only a few months ago. |
|
|
|
|
2020-10-01 07:00:04 |
IPStorm botnet expands from Windows to Android, Mac, and Linux (lien direct) |
IPStorm botnet quadruples in size to reach 13,500 infected systems. |
|
|
|
|
2020-10-01 05:00:03 |
UK NCSC: Don\'t disable updates so you can continue using Adobe Flash past its EOL (lien direct) |
UK cybersecurity agency warns system administrators not to disable app and browser updates as a way to continue using Flash inside current or legacy enterprise software. |
|
|
|
|
2020-10-01 00:48:00 |
Twitter removes 130 Iranian accounts for trying to disrupt the US Presidential Debate (lien direct) |
Twitter says it removed the accounts following a tip from the FBI. |
|
|
|
|
2020-09-30 19:50:00 |
North Korea has tried to hack 11 officials of the UN Security Council (lien direct) |
New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year. |
Hack
|
|
|
|
2020-09-30 16:23:05 |
Windows XP leak confirmed after user compiles the leaked code into a working OS (lien direct) |
The Windows XP source code that leaked last week is incomplete, lacking some components, but is authentic. |
|
|
|
|
2020-09-30 16:00:05 |
GitHub rolls out new Code Scanning security feature to all users (lien direct) |
New Code Scanning feature will tell GitHub users when they've added known security flaws in their code |
|
|
|
|
2020-09-30 16:00:04 |
Linkury adware caught distributing full-blown malware (lien direct) |
Linkury (SafeFinder) installations linked to infections with the Socelars and Kpot infostealer trojans. |
Malware
|
|
|
|
2020-09-30 13:30:03 |
$15 million business email scam campaign in the US exposed (lien direct) |
The FBI is investigating the global campaign in which millions of dollars have been stolen from at least 150 victims. |
|
|
|
|
2020-09-30 10:18:45 |
This worm phishing campaign is a game-changer in password theft, account takeovers (lien direct) |
The security incident highlights the need for multi-factor authentication in the enterprise. |
|
|
|
|
2020-09-29 23:20:30 |
Twitter hires new CISO in industry veteran Rinki Sethi (lien direct) |
Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay. |
|
|
|
|
2020-09-29 15:33:58 |
Microsoft: Some ransomware attacks take less than 45 minutes (lien direct) |
Microsoft goes over the recent malware trends in its new "Digital Defense Report." |
Ransomware
Malware
|
|
|
|
2020-09-29 09:36:53 |
Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data (lien direct) |
Thousands of students have reportedly had their private data released online. |
Ransomware
|
|
|
|
2020-09-29 08:10:03 |
Former Amazon finance manager and family charged with $1.4m insider trading scheme (lien direct) |
The charges relate to trading made before Amazon earnings announcements. |
|
|
|
|
2020-09-29 05:00:04 |
QNAP tells NAS users to update firmware to avoid new type of ransomware (lien direct) |
AgeLocker ransomware has been seen infecting QNAP NAS systems since June. |
Ransomware
|
|
|
|
2020-09-29 01:52:00 |
911 services down in multiple US states (lien direct) |
Most services are now restored. Recent Microsoft cloud service outage blamed. |
|
|
|
|
2020-09-28 23:21:32 |
All four of the world\'s largest shipping companies have now been hit by cyber-attacks (lien direct) |
Maritime industry needs to focus more on securing shore-based systems and stop prioritizing the less likely ship-based attacks. |
|
|
|
|
2020-09-28 15:19:03 |
UHS hospital network hit by ransomware attack (lien direct) |
UHS operates more than 400 hospitals across the US and UK. Some US hospitals have been down since Sunday. |
Ransomware
|
|
|
|
2020-09-28 12:36:00 |
Suspicious logins reported after ransomware attack on US govt contractor (lien direct) |
Ransomware attack on Tyler Technologies is looking worse by the day. |
Ransomware
|
|
|
|
2020-09-28 11:18:07 |
Students rise up against forced remote spy app usage in colleges, universities (lien direct) |
Recent clashes highlight concerns that forcing students to use remote exam monitoring software is an affront to personal privacy. |
|
|
|
|
2020-09-27 09:05:07 |
Google removes 17 Android apps doing WAP billing fraud from the Play Store (lien direct) |
The 17 apps were infected with the Joker (Bread) malware, which Google described in January 2020 as one of the most persistent threats it dealt with since 2017. |
|
|
|
|
2020-09-26 07:35:00 |
KuCoin cryptocurrency exchange hacked for $150 million (lien direct) |
KuCoin said an intruder drained all its hot wallets today. |
|
|
|
|
2020-09-26 05:50:03 |
Pastebin adds \'Burn After Read\' and \'Password Protected Pastes\' to the dismay of the infosec community (lien direct) |
The two new features will make it easier to disguise malware operations. |
Malware
|
|
|
|
2020-09-25 17:10:00 |
Twitter warns of possible API keys leak (lien direct) |
Incorrect server settings on the Twitter Developer portal led to browsers caching API keys, account access token and secret. |
|
|
|
|
2020-09-25 16:23:00 |
You can bypass TikTok\'s MFA by logging in via a browser (lien direct) |
Enabling MFA in the TikTok mobile app doesn't apply it for the web dashboard. TikTok promised to fix the issue. |
|
|
|
|
2020-09-25 11:39:00 |
Verizon, AT&T settle overcharging whistleblower case for $116 million (lien direct) |
Updated: The lawsuit alleged that both telecoms giants overcharged government agencies for over a decade. |
|
|
|
|
2020-09-25 10:56:52 |
Airbnb may be exposing private host inbox messages, bookings and earnings data (lien direct) |
Airbnb hosts report that they are able to access inboxes that do not belong to them. |
|
|
|
|
2020-09-24 22:34:55 |
CISA says a hacker breached a federal agency (lien direct) |
CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step. |
|
|
|
|
2020-09-24 21:09:50 |
Microsoft removed 18 Azure AD apps used by Chinese state-sponsored hacker group (lien direct) |
Azure AD apps were abused by the Gadolinium (APT40) group to attack Microsoft Azure customers. |
Industrial
|
APT 40
|
|
|
2020-09-24 17:22:00 |
Twitter prepares for US election with new security training, penetration tests (lien direct) |
Twitter has also rolled out hardware security keys to all employees to prevent social engineering and phishing attacks. |
|
|
|
|
2020-09-24 15:48:48 |
Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping (lien direct) |
The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers. |
|
|
|
|
2020-09-24 12:58:23 |
ICO fines profiteering UK firm for touting coronavirus products over spam texts (lien direct) |
The UK company sent cold texts offering products “effective against coronavirus.” |
Spam
|
|
|
|
2020-09-24 11:27:22 |
Next-generation police dogs now sniff out your electronics (lien direct) |
Drugs and weapons are not the only criminal evidence police dogs are on the hunt for. |
|
|
|
|
2020-09-24 10:00:03 |
Instagram bug opened a path for hackers to hijack app, turn smartphones into spies (lien direct) |
The RCE vulnerability, now patched, took nothing more than an image file to trigger. |
|
|
|
|
2020-09-24 07:52:52 |
Microsoft says it detected active attacks leveraging Zerologon vulnerability (lien direct) |
Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild. |
Patching
Vulnerability
|
|
|
|
2020-09-24 07:00:03 |
New \'Alien\' malware can steal passwords from 226 Android apps (lien direct) |
Most targets are banking apps, but Alien can also show phishing pages for social, instant messaging, and cryptocurrency apps. |
Malware
|
|
|
|
2020-09-23 20:31:07 |
Microsoft, Italy, and the Netherlands warn of increased Emotet activity (lien direct) |
New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month. |
|
|
|
|
2020-09-23 10:42:41 |
Facebook wipes out Chinese, Filipino misinformation campaigns (lien direct) |
Facebook has removed two separate networks flooding the platform with inauthentic content and spam. |
|
|
|