Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2024-05-01 16:01:53 |
Le gouvernement américain demande à Big Tech de promettre une meilleure cybersécurité The US Government Is Asking Big Tech to Promise Better Cybersecurity (lien direct) |
L'administration Biden demande aux entreprises technologiques de signer un engagement, obtenu par Wired, d'améliorer leur sécurité numérique, y compris une réduction de l'utilisation de mots de passe par défaut et une amélioration des révélations de vulnérabilité.
The Biden administration is asking tech companies to sign a pledge, obtained by WIRED, to improve their digital security, including reduced default password use and improved vulnerability disclosures. |
Vulnerability
|
|
★★
|
|
2024-03-31 10:00:00 |
Vous devez mettre à jour Apple iOS et Google Chrome dès que possible You Should Update Apple iOS and Google Chrome ASAP (lien direct) |
Plus: Microsoft patch sur 60 vulnérabilités, Mozilla corrige deux bogues de Firefox Zero-Day, Google patchs 40 problèmes dans Android, et plus encore.
Plus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more. |
Threat
Mobile
Vulnerability
|
|
★★
|
|
2024-01-31 12:00:00 |
Apple et Google viennent de corriger leurs premiers défauts zéro-jour de l'année Apple and Google Just Patched Their First Zero-Day Flaws of the Year (lien direct) |
Plus: Google corrige des dizaines de bogues Android, Microsoft déploie près de 50 patchs, Mozilla Squashes 15 Firefox Flaws, et plus encore.
Plus: Google fixes dozens of Android bugs, Microsoft rolls out nearly 50 patches, Mozilla squashes 15 Firefox flaws, and more. |
Threat
Mobile
Vulnerability
|
|
★★★
|
|
2023-12-31 12:00:00 |
Google résout près de 100 problèmes de sécurité Android Google Fixes Nearly 100 Android Security Issues (lien direct) |
Plus: Apple arrête une attaque zéro flipper, Microsoft corrige plus de 30 vulnérabilités et plus de mises à jour critiques pour le dernier mois de 2023.
Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023. |
Mobile
Vulnerability
|
|
★★★
|
|
2023-08-31 11:00:00 |
Google corrige de sérieux défauts de sécurité dans Chrome et Android Google Fixes Serious Security Flaws in Chrome and Android (lien direct) |
Plus: Mozilla répare plus d'une douzaine de vulnérabilités dans Firefox, et les entreprises d'entreprise Ivanti, Cisco et SAP déploient une série de mises à jour pour se débarrasser de certains bugs de haute sévérité.
Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs. |
Vulnerability
|
|
★★★
|
|
2023-08-19 13:00:00 |
Actualités de sécurité cette semaine: une entreprise d'énergie américaine ciblée avec des codes QR malveillants dans une attaque de phishing de masse Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack (lien direct) |
De nouvelles recherches révèlent les stratégies que les pirates utilisent pour masquer leur système de distribution de logiciels malveillants, et les entreprises se précipitent pour publier des atténuations de la vulnérabilité du processeur «Downfall» sur les puces Intel.
New research reveals the strategies hackers use to hide their malware distribution system, and companies are rushing to release mitigations for the “Downfall” processor vulnerability on Intel chips. |
Malware
Vulnerability
|
|
★★★
|
|
2023-08-09 22:03:31 |
Panasonic avertit que les cycles d'attaque des logiciels malveillants IoT accélèrent Panasonic Warns That IoT Malware Attack Cycles Are Accelerating (lien direct) |
Le fabricant d'électronique hérité crée des pots de miel IoT avec ses produits pour attraper des menaces réelles et des vulnérabilités de patch en interne.
The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house. |
Malware
Industrial
Vulnerability
|
|
★★
|
|
2023-08-08 17:17:33 |
Nouveau \\ 'Downfall \\' Flaw expose des données précieuses dans les générations de puces Intel New \\'Downfall\\' Flaw Exposes Valuable Data in Generations of Intel Chips (lien direct) |
La vulnérabilité pourrait permettre aux attaquants de profiter d'une fuite d'informations pour voler des détails sensibles comme les messages privés, les mots de passe et les clés de chiffrement.
The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys. |
Vulnerability
|
|
★★
|
|
2021-12-10 19:54:11 |
A Log4J Vulnerability Has Set the Internet \'On Fire\' (lien direct) |
The flaw in the logging framework has security teams scrambling to put in a fix. |
Vulnerability
|
|
|
|
2021-12-02 23:45:00 |
A Software Bug Let Hackers Drain $31M From a Crypto Service (lien direct) |
An attacker exploited a vulnerability in MonoX Finance's smart contract to inflate the price of its digital token and then cash out. |
Vulnerability
|
|
|
|
2021-11-17 14:00:00 |
Another Intel Chip Flaw Puts a Slew of Gadgets at Risk (lien direct) |
The vulnerability allows an attacker with physical access to the CPU to bypass the security measures protecting some of its most sensitive data. |
Vulnerability
|
|
|
|
2021-10-15 22:02:31 |
Missouri Threatens to Sue a Reporter Over a Security Flaw (lien direct) |
The governor warned that he would take legal action against a journalist who identified a vulnerability that exposed teachers' Social Security numbers. |
Vulnerability
|
|
|
|
2021-08-17 12:00:00 |
Millions of Web Camera and Baby Monitor Feeds Are Exposed (lien direct) |
A vulnerability in the Kalay platform leaves countless IoT devices susceptible to hackers. |
Vulnerability
|
|
|
|
2021-07-08 22:10:15 |
Microsoft Keeps Failing to Patch a Critical Windows Bug (lien direct) |
For the second time in a month, the company issued an update that doesn't fully address a severe security vulnerability in Windows. |
Vulnerability
|
|
|
|
2021-04-26 22:39:47 |
Hackers Used \'Mind-Blowing\' Bug to Dodge macOS Safeguards (lien direct) |
The vulnerability was patched Monday, but hackers had already used it to spread malware. |
Vulnerability
|
|
|
|
2021-04-22 12:00:00 |
A New Facebook Bug Exposes Millions of Email Addresses (lien direct) |
A recently discovered vulnerability discloses user email addresses even when they're set to private. |
Vulnerability
|
|
|
|
2021-03-03 19:30:00 |
Gab\'s CTO Introduced a Critical Vulnerability to the Site (lien direct) |
A review of the open source code shows an account under the executive's name made a mistake that could lead to the kind of breach reported this weekend. |
Guideline
Vulnerability
|
|
|
|
2020-12-07 15:07:16 |
The NSA Warns That Russia Is Attacking Remote Work Platforms (lien direct) |
A vulnerability in VMWare has prompted a warning that companies-and government agencies-need to patch as soon as possible. |
Vulnerability
|
|
|
|
2020-11-19 18:00:00 |
A Facebook Messenger Flaw Could Have Let Hackers Listen In (lien direct) |
The vulnerability was found through the company's bug bounty program, now in its tenth year. |
Vulnerability
|
|
|
|
2020-10-06 22:40:44 |
Apple\'s T2 Security Chip Has an Unfixable Flaw (lien direct) |
The Checkm8 vulnerability that exposed years of iPhones to jailbreaking has finally been exploited in Macs as well. |
Vulnerability
|
|
|
|
2020-08-05 12:00:00 |
An \'80s File Format Enabled Stealthy Mac Hacking (lien direct) |
The now-patched vulnerability would have let hackers target Microsoft Office using Symbolic Link-a file type that hasn't been in common use in over 30 years. |
Vulnerability
|
|
|
|
2020-07-14 17:51:21 |
Microsoft Warns of a 17-Year-Old \'Wormable\' Bug (lien direct) |
The SigRed vulnerability exists in Windows DNS, used by practically every small and medium-sized organization in the world. |
Vulnerability
|
|
|
|
2020-06-12 12:00:00 |
Researchers Expose a New Vulnerability in Intel\'s CPUs (lien direct) |
The Software Guard eXtension is supposed to protect encryption keys and other sensitive data. But this isn't the first time it's been defeated. |
Vulnerability
|
|
|
|
2020-05-28 16:12:35 |
NSA: Russia\'s Sandworm Hackers Have Hijacked Mail Servers (lien direct) |
In a rare public warning, the US spy agency says the notorious arm of Russian military intelligence is targeting a known vulnerability in Exim. |
Vulnerability
|
|
|
|
2020-05-24 12:00:00 |
Informal Transit Is Crucial for Some. Can It Weather Covid-19? (lien direct) |
The pandemic highlights the vulnerability of workers for private transportation services, which are essential to mobility in global south cities. |
Vulnerability
|
|
|
|
2020-03-12 12:00:00 |
A New Wormable Windows Vulnerability Has No Patch in Sight (lien direct) |
The flaw has the potential to unleash the kind of attacks that allowed WannaCry and NotPetya to cripple business networks around the world. |
Vulnerability
|
NotPetya
Wannacry
|
|
|
2020-02-28 21:04:52 |
The Long Path out of the Vulnerability Disclosure Dark Ages (lien direct) |
Letting a company know about flaws in their products has gotten easier since 2003-but not by much. |
Vulnerability
|
|
|
|
2020-01-27 18:00:00 |
Intel Is Patching the Patch for the Patch for Its \'Zombieload\' Flaw (lien direct) |
Intel's made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third time's the charm? |
Patching
Vulnerability
|
|
|
|
2020-01-17 00:30:00 |
A Windows 10 Vulnerability Was Used to Rickroll the NSA and Github (lien direct) |
A researcher demonstrated the attack less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever. |
Vulnerability
|
|
|
|
2019-11-03 00:14:55 |
The First BlueKeep Mass Hacking Is Finally Here-but Don\'t Panic (lien direct) |
After months of warnings, the first successful attack using Microsoft's BlueKeep vulnerability has arrived-but isn't nearly as bad as it could have been. |
Vulnerability
|
|
|
|
2019-09-03 10:00:00 |
Supermicro Bug Could Let "Virtual USBs" Take Over Corporate Servers (lien direct) |
A newly disclosed vulnerability in Supermicro hardware brings the threat of malicious USBs to corporate servers. |
Threat
Vulnerability
|
|
|
|
2019-07-17 16:36:00 |
Why Microsoft\'s BlueKeep Bug Hasn\'t Wreaked Havoc-Yet (lien direct) |
Microsoft's critical vulnerability remains unpatched in hundreds of thousands of computers, and may already be exploited in secret. |
Vulnerability
|
|
|
|
2019-07-16 18:13:03 |
Hackers Made an App That Kills to Prove a Point (lien direct) |
Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market-until researchers who found the flaw showed how bad it could be. |
Vulnerability
|
|
|
|
2019-05-31 11:00:00 |
Microsoft\'s BlueKeep Bug Isn\'t Getting Patched Fast Enough (lien direct) |
At this rate, it will take years to fix a critical vulnerability that remains in over 900,000 Windows machines. A worm will arrive much sooner. |
Vulnerability
|
|
|
|
2019-05-15 16:28:01 |
Microsoft\'s First Windows XP Patch in Years Is a Very Bad Sign (lien direct) |
A very bad vulnerability in Windows XP could have serious ramifications, even with a patch. |
Vulnerability
|
|
|
|
2019-03-20 20:18:01 |
An Android Vulnerability Went Unfixed For Over Five Years (lien direct) |
Older Android devices-of which there are over 100 million still in use-will remain exposed. |
Vulnerability
|
|
|
|
2019-03-04 22:24:02 |
Google Reveals "BuggyCow," a Rare MacOS Zero-Day Vulnerability (lien direct) |
Google's Project Zero researchers find a potentially powerful privilege escalation trick in how Macs manage memory. |
Vulnerability
|
|
★★★
|
|
2019-01-16 14:00:00 |
A \'Fortnite\' Vulnerability Exposed Accounts to Takeover (lien direct) |
Epic Games has since patched the attack, which would have allowed attackers to view account info, listen in on in-game conversations, and more. |
Vulnerability
|
|
|