Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-01-28 11:34:13 |
Utah tests the waters in turning online catfishing into a criminal act (lien direct) |
Pretending to be someone you're not online could, one day, land you in hot water. |
|
|
|
|
2021-01-28 10:12:36 |
Citrix\'s $2.3 million settlement offer for employees impacted by data breach approved (lien direct) |
Hackers lurked undetected in company systems for five months. |
Data Breach
|
|
|
|
2021-01-28 09:00:04 |
Mozilla: Racism, misinformation, anti-worker policies are \'undermining\' the Internet (lien direct) |
Mozilla's latest Internet Health report reveals an online world becoming fragmented by critical social issues. |
|
|
|
|
2021-01-28 05:45:03 |
New cybercrime tool can build phishing pages in real-time (lien direct) |
The new LogoKit phishing kit has already been spotted on more than 700 unique domains over the past month. |
Tool
|
|
|
|
2021-01-27 20:54:00 |
US and Bulgarian authorities disrupt NetWalker ransomware operation (lien direct) |
Authorities seize dark web domains, charge a Canadian, and seize $454,000 in cryptocurrency. |
Ransomware
|
|
|
|
2021-01-27 18:55:14 |
(Déjà vu) Authorities plan to mass-uninstall Emotet from infected hosts on March 25, 2021 (lien direct) |
The world's largest malware botnet will become extinct by April after today's coordinated takedown and planned clean-up operations. |
Malware
|
|
|
|
2021-01-27 18:55:00 |
Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021 (lien direct) |
The world's largest malware botnet will become extinct by April after today's coordinated takedown and planned clean-up operations. |
Malware
|
|
|
|
2021-01-27 13:08:55 |
National Crime Agency warns novice and veteran traders alike of rise in clone company scams (lien direct) |
The NCA says these schemes have already led to the theft of over £78 million. |
|
|
|
|
2021-01-27 11:11:34 |
Fake ICO consultant sentenced for embezzling cryptocurrency now worth $20 million (lien direct) |
The US resident pretended to be an expert on investing in cryptocurrencies. |
|
|
|
|
2021-01-27 09:40:20 |
UK association defends ransomware payments in cyber insurance policies (lien direct) |
The group has been criticized for “funding” organized crime. |
Ransomware
|
|
|
|
2021-01-27 04:04:00 |
10-years-old Sudo bug lets Linux users gain root-level access (lien direct) |
The vulnerability, named "Baron Samedit," impacts most Linux distributions today. |
|
|
|
|
2021-01-26 20:42:00 |
Apple fixes another three iOS zero-days exploited in the wild (lien direct) |
Fixes come after Apple patched another set of three zero-days last November. |
|
|
|
|
2021-01-26 19:23:39 |
Four security vendors disclose SolarWinds-related incidents (lien direct) |
Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed this week they were also targeted during the SolarWinds supply chain attack. |
|
|
|
|
2021-01-26 16:31:22 |
Firefox 85 removes Flash and adds protection against supercookies (lien direct) |
Firefox now joins Chrome and Edge, both of which removed support for Flash earlier this month. |
|
|
|
|
2021-01-26 15:38:07 |
South African government releases its own browser just to re-enable Flash support (lien direct) |
For some people, it's apparently easier to manage your own browser than port some web forms from Flash to HTML. |
|
|
|
|
2021-01-26 14:00:48 |
Cybercriminals use deceased staff accounts to spread Nemty ransomware (lien direct) |
Researchers explore how 'ghost' accounts can become targets for threat actors. |
Threat
Ransomware
|
|
★★
|
|
2021-01-26 01:14:00 |
Google: North Korean hackers have targeted security researchers via social media (lien direct) |
Google TAG warns security researchers to be on the lookout when approached by unknown individuals on social media. |
|
|
|
|
2021-01-25 16:24:00 |
Dutch COVID-19 patient data sold on the criminal underground (lien direct) |
Two individuals have been arrested in the Netherlands last week for selling data from Dutch COVID-19 systems on Telegram, Snapchat and Wickr. |
|
|
|
|
2021-01-25 12:13:39 |
Data of BuyUcoin cryptocurrency exchange traders allegedly leaked online (lien direct) |
A customer update, since removed, claimed the leak was “dummy data.” |
|
|
|
|
2021-01-25 11:23:45 |
DreamBus botnet targets enterprise apps running on Linux servers (lien direct) |
DreamBus botnet uses exploits and brute-force to target PostgreSQL, Redis, SaltStack, Hadoop, Spark, and others. |
|
|
|
|
2021-01-25 11:08:04 |
Tesla sues ex-employee over alleged \'brazen\' theft of confidential code, files (lien direct) |
The court case claims an engineer swiped files and then tried to delete the evidence. |
|
|
|
|
2021-01-24 12:54:55 |
Hacker leaks data of 2.28 million dating site users (lien direct) |
Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information. |
|
|
|
|
2021-01-23 15:45:35 |
Rogue CCTV technician spied on hundreds of customers during intimate moments (lien direct) |
Prosecutors said the technician accessed more than 200 customer CCTV systems on more than 9,600 occasions to spy on them getting naked and engaging in sexual activity. |
|
|
|
|
2021-01-23 11:29:00 |
SonicWall says it was hacked using zero-days in its own products (lien direct) |
The networking device vendor has published a series of mitigations as it's investigating the incident and preparing patches. |
|
|
|
|
2021-01-22 17:08:00 |
FSB warns of US cyberattacks after Biden administration comments (lien direct) |
Unclear if political trolling or actual fear. |
|
|
|
|
2021-01-22 15:30:03 |
As Bitcoin price surges, DDoS extortion gangs return in force (lien direct) |
Companies are receiving emails from cyber-criminals threatening large DDoS attacks unless a ransom is paid. Some groups are delivering on their threats. |
|
|
|
|
2021-01-22 13:39:01 |
New website launched to document vulnerabilities in malware strains (lien direct) |
Launched by security researcher John Page, the new MalVuln website lists bugs in malware code. |
Malware
|
|
|
|
2021-01-22 11:27:00 |
SEC calls out dubious cryptocurrency traders, miners soliciting customers worldwide (lien direct) |
The companies mentioned are considered “misleading” or impersonators of genuine businesses. |
Guideline
|
|
|
|
2021-01-22 05:30:03 |
Windows RDP servers are being abused to amplify DDoS attacks (lien direct) |
Windows RDP servers running on UDP port 3389 can be ensnared in DDoS botnets and abused to bounce and amplify junk traffic towards victim networks. |
|
|
|
|
2021-01-21 17:57:00 |
QNAP warns users of a new crypto-miner named Dovecat infecting their devices (lien direct) |
QNAP says the malware is targeting NAS devices with weak passwords. |
Malware
|
|
|
|
2021-01-21 16:29:00 |
Hacker leaks data of millions of Teespring users (lien direct) |
Teespring account passwords were not released. |
|
|
|
|
2021-01-21 14:00:03 |
MrbMiner crypto-mining operation linked to Iranian software firm (lien direct) |
Despite the Sophos report ousting the MrbMiner group today, the botnet is expected to continue to operate with impunity. |
|
|
|
|
2021-01-21 11:35:25 |
Automated exploit of critical SAP SolMan vulnerability detected in the wild (lien direct) |
Proof-of-concept exploit code was published last week. |
Vulnerability
|
|
★★★★★
|
|
2021-01-21 11:15:00 |
This phishing scam left thousands of stolen passwords exposed through Google search (lien direct) |
A mistake on the part of the cyberattackers led to their discovery -- and that of the data they pillaged. |
|
|
|
|
2021-01-20 16:49:00 |
NSA urges system administrators to replace obsolete TLS protocols (lien direct) |
NSA: Obsolete encryption provides a false sense of security. |
|
|
|
|
2021-01-20 11:59:00 |
Interpol warns of romance scam artists using dating apps to promote fake investments (lien direct) |
Matches lead victims not to love, but to fake money-making apps, instead. |
Guideline
|
|
|
|
2021-01-20 06:00:03 |
A Chinese hacking group is stealing airline passenger details (lien direct) |
Chinese hackers are gathering passenger details from airlines across the world to track high-value targets' movements. |
|
|
|
|
2021-01-19 19:02:00 |
Malwarebytes said it was hacked by the same group who breached SolarWinds (lien direct) |
Malwarebytes becomes fourth major security firm targeted by attackers after Microsoft, FireEye, and CrowdStrike. |
|
|
|
|
2021-01-19 17:17:00 |
Google Chrome 88 released with no Flash, bringing an end to an era (lien direct) |
Besides removing Flash, Google has also removed support for FTP links (ftp://) as well. |
|
|
|
|
2021-01-19 14:00:04 |
FireEye releases tool for auditing networks for techniques used by SolarWinds hackers (lien direct) |
New Azure AD Investigator is now available via GitHub. |
Tool
|
|
|
|
2021-01-19 12:46:36 |
Livecoin slams its doors shut after failing to recover from hack, financial loss (lien direct) |
The exchange suffered an alleged cyberattack last month. |
|
|
|
|
2021-01-19 12:00:05 |
DNSpooq lets attackers poison DNS cache records (lien direct) |
Network administrators urged to apply the latest Dnsmasq updates to prevent the new DNSpooq attacks. |
|
|
|
|
2021-01-19 12:00:05 |
Fourth malware strain discovered in SolarWinds incident (lien direct) |
Symantec said it identified Raindrop, the fourth malware strain used in the SolarWinds breach, after Sunspot, Sunburst, and Teardrop. |
Malware
|
Solardwinds
|
|
|
2021-01-19 11:00:03 |
New FreakOut botnet targets Linux systems running unpatched software (lien direct) |
The botnet comes with features that can be used for DDoS attacks, ARP poisoning, hidden crypto-mining, launching brute-force attacks, and more. |
|
|
|
|
2021-01-19 10:54:29 |
US President Trump orders security assessment for Chinese-made drones (lien direct) |
Drones sourced from “foreign adversaries” could be removed from federal activities. |
|
|
|
|
2021-01-18 20:10:20 |
OpenWRT reports data breach after hacker gained access to forum admin account (lien direct) |
The OpenWRT wiki, which contains the official download links, was not compromised, the project said. |
Data Breach
|
|
|
|
2021-01-18 12:09:53 |
UK police warn of sextortion attempts in intimate online dating chats (lien direct) |
There are people out there trying to take advantage of the only way to date during a pandemic. |
|
|
|
|
2021-01-18 05:30:03 |
Multiple backdoors and vulnerabilities discovered in FiberHome routers (lien direct) |
At least 28 backdoor accounts found in FiberHome FTTH ONT routers. |
|
|
|
|
2021-01-18 04:44:00 |
GDPR: German laptop retailer fined €10.4m for video-monitoring employees (lien direct) |
NBB (notebooksbilliger.de) described the GDPR fine "as wrong as it is irresponsible." |
|
|
|
|
2021-01-16 18:26:00 |
DuckDuckGo surpasses 100 million daily search queries for the first time (lien direct) |
DuckDuckGo reaches historic milestone in a week when both Signal and Telegram saw a huge influx of new users. |
|
|
|