Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-01-04 10:52:00 |
Ticketmaster fined $10 million after staff hacked competitor to \'choke off\' presale ticket business (lien direct) |
US prosecutors say the goal was to “steal back” key clients. |
|
|
|
|
2021-01-04 10:45:24 |
T-Mobile discloses its fourth data breach in three years (lien direct) |
Personal details and financial information was not exposed, T-Mobile said. |
Data Breach
|
|
|
|
2021-01-02 03:59:00 |
Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways (lien direct) |
The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries. |
|
|
|
|
2020-12-31 20:20:26 |
SolarWinds hackers accessed Microsoft source code (lien direct) |
Microsoft says this is no big deal as the company doesn't rely on the secrecy of source code for the security of its products. |
|
|
|
|
2020-12-30 17:15:00 |
CISA updates SolarWinds guidance, tells US govt agencies to update right away (lien direct) |
US federal agencies must update by the end of the year or take all SolarWinds Orion apps offline. |
|
|
|
|
2020-12-29 23:12:00 |
FBI: Pranksters are hijacking smart devices to live-stream swatting incidents (lien direct) |
The FBI said it's working with smart device makers to address the issue. |
|
|
|
|
2020-12-28 18:06:35 |
Finland says hackers accessed MPs\' emails accounts (lien direct) |
The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament's email system. |
|
|
|
|
2020-12-24 22:36:26 |
Russian crypto-exchange Livecoin hacked after it lost control of its servers (lien direct) |
Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values. |
|
|
|
|
2020-12-24 17:34:16 |
Citrix devices are being abused as DDoS attack vectors (lien direct) |
Citrix says it's working on a fix, expected next year. |
|
|
|
|
2020-12-23 02:20:56 |
DHS warns against using Chinese hardware and digital services (lien direct) |
US says Chinese companies are engaging in "PRC government-sponsored data theft." |
|
|
|
|
2020-12-22 12:55:00 |
Law enforcement take down three bulletproof VPN providers (lien direct) |
The three VPN services provided safe haven for cybercriminals to carry out ransomware attacks, web skimming operations, spearphishing, and account takeovers. |
Ransomware
|
|
|
|
2020-12-22 06:00:03 |
Microsoft and McAfee headline newly-formed \'Ransomware Task Force\' (lien direct) |
The newly-founded Ransomware Task Force will work to put together a standard framework for dealing with ransomware attacks. |
Ransomware
|
|
|
|
2020-12-21 23:57:00 |
Microsoft, Google, Cisco, and others file amicus brief in support of Facebook\'s NSO lawsuit (lien direct) |
Tech giants show support for Facebook's legal case against spyware vendor NSO Group. |
|
|
|
|
2020-12-21 20:40:45 |
Partial lists of organizations infected with Sunburst malware released online (lien direct) |
As security researchers dig through forensic evidence in the aftermath of the SolarWinds supply chain attack, victim names are slowly starting to surface. |
Malware
|
Solardwinds
Solardwinds
|
|
|
2020-12-21 13:59:07 |
A second hacking group has targeted SolarWinds systems (lien direct) |
Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack. |
Malware
|
|
|
|
2020-12-20 23:14:24 |
Zero-click iOS zero-day found deployed against Al Jazeera employees (lien direct) |
Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14. |
Vulnerability
|
|
|
|
2020-12-19 08:00:04 |
Firefox to ship \'network partitioning\' as a new anti-tracking defense (lien direct) |
Firefox's "network partitioning" feature to ship in v85, scheduled for January 2021. |
|
|
|
|
2020-12-18 21:04:26 |
Apple, Google, Microsoft, and Mozilla ban Kazakhstan\'s MitM HTTPS certificate (lien direct) |
This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens. |
|
|
|
|
2020-12-18 17:30:09 |
FBI & Interpol disrupt Joker\'s Stash, the internet\'s largest carding marketplace (lien direct) |
Four threat intel firms, Digital Shadows, Intel 471, Gemini Advisory, and Kela, said the disruption was temporary. |
Threat
|
|
|
|
2020-12-18 13:34:58 |
NSA warns of federated login abuse for local-to-cloud attacks (lien direct) |
The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure. |
|
|
|
|
2020-12-18 03:59:45 |
Microsoft says it identified 40+ victims of the SolarWinds hack (lien direct) |
Microsoft says 80% of the victims it identified were located in the United States. |
Hack
|
|
|
|
2020-12-17 23:46:00 |
Microsoft was also breached in recent SolarWinds supply chain hack, report (lien direct) |
Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies. |
|
|
|
|
2020-12-17 16:20:20 |
Ad-blocker AdGuard deploys world\'s first DNS-over-QUIC resolver (lien direct) |
DNS-over-QUIC, or DoQ, is viewed as a superior, faster, and more private version of the DNS protocol, even DoH and DoT. |
|
|
|
|
2020-12-17 12:29:01 |
This \'off the shelf\' Tor backdoor malware is now a firm favorite with ransomware operators (lien direct) |
SystemBC is making its mark as a popular tool used in high-profile ransomware campaigns. |
Ransomware
Malware
Tool
|
|
|
|
2020-12-17 11:00:00 |
IBM launches experimental homomorphic data encryption environment for the enterprise (lien direct) |
Is it possible for fully homomorphic encryption to be a “game-changer” for data privacy? IBM intends to find out. |
|
|
|
|
2020-12-17 06:39:54 |
Phobos launches Orbital, a tool for finding attack pathways and entry points into your network (lien direct) |
After months of work, teasing, and planning, Phobos Orbital is out of beta and available for trials. |
Tool
|
|
|
|
2020-12-17 02:30:32 |
Three million users installed 28 malicious Chrome or Edge extensions (lien direct) |
Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems. |
Malware
|
|
|
|
2020-12-16 22:29:16 |
FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay (lien direct) |
FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom. |
Ransomware
|
|
|
|
2020-12-16 13:00:04 |
FICO launches cryptocurrency trade risk solution for banks (lien direct) |
The software will bring crypto risk assessment to KYC processes. |
|
|
|
|
2020-12-16 05:01:04 |
New Goontact spyware discovered targeting Android and iOS users (lien direct) |
Most Goontact-laced apps are targeting Asian users in Chinese speaking countries, Korea, and Japan. |
|
|
|
|
2020-12-16 03:04:57 |
SolarWinds said no other products were compromised in recent hack (lien direct) |
SolarWinds has released today updates that "replaces the compromised component" in its Orion platform. |
Hack
|
|
|
|
2020-12-16 00:17:59 |
Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow (lien direct) |
After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers. |
Hack
|
|
|
|
2020-12-15 20:18:00 |
Microsoft and industry partners seize key domain used in SolarWinds hack (lien direct) |
By seizing the domain, Microsoft and its partners hope to identify all victims, but are also preventing attackers from escalating intrusions in currently infected networks. |
Hack
|
|
|
|
2020-12-15 13:35:00 |
Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems (lien direct) |
AIR-FI technique can send stolen data at speeds of up to 100 b/s to Wi-Fi receivers at a distance of a few meters. |
|
|
|
|
2020-12-15 11:03:33 |
Pornhub suspends over 10 million videos to eradicate illegal content (lien direct) |
Roughly 13.5 million videos hosted on Pornhub are now reduced to only 2.9 million. |
|
|
|
|
2020-12-14 17:36:00 |
SEC filings: SolarWinds says 18,000 customers were impacted by recent hack (lien direct) |
In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform. |
Hack
|
|
|
|
2020-12-14 04:02:30 |
(Déjà vu) FireEye confirms SolarWinds supply chain attack (lien direct) |
Known victims so far include the US Treasury, the US NTIA, and FireEye itself. |
|
|
|
|
2020-12-14 04:02:00 |
Microsoft, FireEye confirm SolarWinds supply chain attack (lien direct) |
Known victims so far include the US Treasury, the US NTIA, and FireEye itself. |
|
|
|
|
2020-12-13 07:50:03 |
PgMiner botnet attacks weakly secured PostgreSQL databases (lien direct) |
Only PostgreSQL databases running on Linux servers have been attacked so far. |
|
|
|
|
2020-12-11 20:31:07 |
Zero-day in WordPress SMTP plugin abused to reset admin account passwords (lien direct) |
A patch has been released earlier this week but many WordPress sites remained unpatched -as usual. |
|
|
|
|
2020-12-11 10:58:10 |
Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations (lien direct) |
Mastercard has terminated services whereas Visa has placed a temporary hold on card payments. |
|
|
|
|
2020-12-11 09:27:49 |
Critical CSRF vulnerability found on Glassdoor company review platform (lien direct) |
The critical flaw impacted both job seeker and employer accounts on the web domain. |
Vulnerability
|
|
|
|
2020-12-11 06:00:03 |
CISA and FBI warn of rise in ransomware attacks targeting K-12 schools (lien direct) |
The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year |
Ransomware
|
|
|
|
2020-12-11 01:56:06 |
Facebook doxes APT32, links Vietnam\'s primary hacking group to local IT firm (lien direct) |
Facebook suspends accounts linked to APT32, says the group used its platform to spread malware. |
|
APT 32
|
|
|
2020-12-10 22:40:39 |
Tech unicorn UiPath discloses data breach (lien direct) |
EXCLUSIVE: UiPath admits to accidentally exposing a sensitive file containing the personal details of some of its registered users. |
Data Breach
|
|
|
|
2020-12-10 20:57:27 |
Chinese APT suspected of supply chain attack on Mongolian government agencies (lien direct) |
Chinese hackers have compromised the update mechanism of a chat app used by hundreds of Mongolian government agencies. |
|
|
|
|
2020-12-10 18:37:42 |
Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox (lien direct) |
Microsoft says that at its peak, Adrozek had controlled more than 30,000 devices a day. |
Malware
|
Adrozek
|
|
|
2020-12-10 16:40:36 |
Pwnie Awards 2020 winners include Zerologon, CurveBall, Checkm8, BraveStarr attacks (lien direct) |
The cybersecurity community voted for the best bugs and vulnerabilities discovered over the past year. |
|
|
|
|
2020-12-10 14:07:11 |
Romania to host the EU\'s new cybersecurity research hub (lien direct) |
Romania's capital, Bucharest, was selected as host for the EU's future cybersecurity research hub. |
|
|
|
|
2020-12-10 12:36:18 |
Proof-of-concept exploit code published for new Kerberos Bronze Bit attack (lien direct) |
The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services. |
|
|
|