Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-07-19 07:49:49 |
Swedish man sentenced for gold-backed cryptocurrency scam (lien direct) |
Prosecutors say that investors were defrauded out of over $16 million. |
|
|
|
|
2021-07-16 13:00:02 |
Artwork Archive cloud storage misconfiguration exposed user data, revenue records (lien direct) |
An unsecured bucket exposed PII and sales information. |
|
|
|
|
2021-07-16 11:01:02 |
Toddler mobile banking malware surges across Europe (lien direct) |
The Android malware is a new and persistent threat to European citizens and banks alike. |
Threat
Malware
|
|
|
|
2021-07-16 10:09:19 |
Chinese APT LuminousMoth abuses Zoom brand to target gov\'t agencies (lien direct) |
Fake Zoom apps are being spread to conduct cyber surveillance. |
|
|
|
|
2021-07-16 08:28:33 |
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks (lien direct) |
Updates released this week protect against two key zero-day vulnerabilities weaponized by customers. |
|
|
|
|
2021-07-14 12:02:58 |
Does cybercrime impact cryptocurrency prices? Researchers find out (lien direct) |
Memestocks can ramp up with hype: can crypto do the same due to criminality? |
|
|
|
|
2021-07-14 08:40:45 |
US charges Greek national for selling insider trading subscriptions in the Dark Web (lien direct) |
"TheBull" offered customers insider information, tips, and pre-release earnings. |
|
|
|
|
2021-07-14 08:30:39 |
Thousands of PS4s seized in Ukraine in illegal cryptocurrency mining sting (lien direct) |
The cryptocurrency farm was hidden in an old warehouse. |
|
|
|
|
2021-07-13 19:02:00 |
Amazon rolls out encryption for Ring doorbells (lien direct) |
Privacy advocates have been asking for Amazon to encrypt its popular Ring doorbells audio and video traffic, and Amazon is finally delivering it. |
|
|
|
|
2021-07-13 18:16:00 |
Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed (lien direct) |
Over 100 CVEs, many of which lead to RCE, have been tackled this month. |
Guideline
|
|
|
|
2021-07-13 11:22:55 |
Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs (lien direct) |
The security flaw allows attackers to obtain full control over a PLC. |
Vulnerability
|
|
★★★
|
|
2021-07-13 11:07:01 |
Google\'s Certificate Authority Service leaves preview, now generally available (lien direct) |
Google CAS was launched to handle the "growth in certificates in the digital world." |
|
|
|
|
2021-07-12 10:12:00 |
Cybercriminals troll Iran\'s leader, cause railway network \'chaos\' (lien direct) |
Train services were disrupted and the help desk number given was that of Iran's Supreme Leader. |
Guideline
|
|
|
|
2021-07-12 09:15:16 |
Kaseya issues patch for on-premise customers, SaaS rollout underway (lien direct) |
Support teams are working with clients to apply critical security fixes. |
|
|
|
|
2021-07-09 10:15:13 |
Scam artists exploit Kaseya security woes to deploy malware (lien direct) |
The company is being impersonated in the fallout of a recent ransomware attack. |
Ransomware
Malware
|
|
|
|
2021-07-09 09:10:36 |
Texas resident jailed for role in $2.2 million romance, business email scams (lien direct) |
The Nigerian national will spend over seven years behind bars. |
|
|
|
|
2021-07-08 14:00:04 |
Ransomware as a service: Negotiators are now in high demand (lien direct) |
RaaS groups are hiring negotiators whose primary role is to force victims to pay up. |
|
|
|
|
2021-07-08 13:00:04 |
Coursera API vulnerabilities disclosed by researchers (lien direct) |
Coursera took “prompt ownership” of the bugs, once reported. |
|
|
|
|
2021-07-08 09:39:32 |
170 Android cryptocurrency mining scam apps have stolen $350,000 from users (lien direct) |
Users are paying up in the belief they are mining cryptocurrency. In reality, they get nothing. |
|
|
|
|
2021-07-07 12:00:06 |
SideCopy cybercriminals use new custom Trojans in attacks against India\'s military (lien direct) |
SideCopy imitates Sidewinder, poaching the same infection chains to deliver different malicious tools. |
|
APT-C-17
|
|
|
2021-07-07 10:06:22 |
Suspected hacker Dr HeX arrested over cybercrime, bank fraud impacting thousands (lien direct) |
Moroccan police tracked down the alleged criminal following an Interpol investigation. |
|
|
|
|
2021-07-07 09:26:42 |
UK Information Commissioner launches probe into private email use at Department of Health (lien direct) |
Concerns were raised over claims Matt Hancock and Lord Bethell used private accounts to conduct government business. |
|
|
|
|
2021-07-06 18:45:00 |
(Déjà vu) Kaseya ransomware attack: Everything you need to know (lien direct) |
Updated: A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far. |
Ransomware
|
|
|
|
2021-07-06 09:48:10 |
Website of Mongolian certificate authority served backdoored client installer (lien direct) |
Researchers say the domain was breached eight times in a short window. |
|
|
|
|
2021-07-05 11:45:00 |
Kaseya ransomware supply chain attack: What you need to know (lien direct) |
A ransomware gang is demanding a huge payment after a major software supply chain attack. Here is everything we know so far. |
Ransomware
|
|
|
|
2021-07-01 11:30:06 |
Microsoft reveals authentication failures, system hijack vulnerabilities in Netgear routers (lien direct) |
Microsoft says the bugs could have allowed “attackers to roam untethered through an entire organization.” |
|
|
|
|
2021-07-01 10:40:14 |
Columbian police collar suspected Gozi Trojan distributor (lien direct) |
The alleged hacker is wanted in the United States. |
|
|
|
|
2021-07-01 10:00:00 |
Chinese hacking group impersonates Afghan president to infiltrate government agencies (lien direct) |
The APT has been accused of infiltrating the country's security council. |
|
|
|
|
2021-07-01 09:19:55 |
Robinhood ordered to pay $70 million over \'harm\' caused to \'millions\' of traders (lien direct) |
The penalty is the largest issued by FINRA to date. |
|
|
|
|
2021-06-29 12:00:00 |
IBM Kestrel threat hunting language granted to Open Cybersecurity Alliance (lien direct) |
The contribution is aimed at giving cybersecurity experts more time to conduct forensic activities. |
Threat
|
|
|
|
2021-06-29 10:14:23 |
New ransomware highlights widespread adoption of Golang language by cyberattackers (lien direct) |
The latest version of Go is being used to prevent reverse-engineering attempts. |
Ransomware
|
|
|
|
2021-06-28 10:12:54 |
Own an old WD My Book Live? Disconnect it from the internet right now (lien direct) |
Active attacks are indiscriminately wiping user devices. |
|
|
|
|
2021-06-28 08:28:30 |
GitHub bug bounties: payouts surge past $1.5 million mark (lien direct) |
GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure. |
Vulnerability
|
|
|
|
2021-06-28 07:11:52 |
Ministry of Defence employee charged in child pornography case (lien direct) |
The charges stem from his participation in the “PedoPub” web forum. |
|
|
|
|
2021-06-25 12:49:30 |
Three Texan men jailed after using Grindr to find targets for theft, kidnap, assault (lien direct) |
Prosecutors say the men abused the app to perform “bias-motivated violence.” |
|
|
|
|
2021-06-25 11:43:24 |
Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency (lien direct) |
The malware is thought to have generated millions of dollars in just a few short years. |
Malware
|
|
|
|
2021-06-25 10:57:27 |
\'Pen tester\' FIN7 hacking group member lands seven-year prison term (lien direct) |
The “high-level” member must also pay $2.5 million in damages. |
|
|
|
|
2021-06-24 10:48:35 |
Cybersecurity firms battle DMCA rules over good-faith research (lien direct) |
The argument is that current rules are hampering ethical and effective vulnerability reporting. |
Vulnerability
|
|
|
|
2021-06-24 10:08:44 |
BIOSConnect code execution bugs impact millions of Dell devices (lien direct) |
A critical bug chain allows attackers to impersonate the vendor and impact code at the root level. |
|
|
|
|
2021-06-24 10:00:00 |
One-click account takeover vulnerabilities in Atlassian domains patched (lien direct) |
Research was conducted in light of the increasing threat of supply-chain attacks. |
Threat
|
|
|
|
2021-06-23 13:00:00 |
ChaChi: a new GoLang Trojan used in attacks against US schools (lien direct) |
The malware has found a role to play in ransomware strikes. |
Ransomware
Malware
|
|
|
|
2021-06-18 10:48:33 |
A deep dive into the operations of the LockBit ransomware group (lien direct) |
Most victims are from the enterprise and are expected to pay an average ransom of $85,000. |
Ransomware
|
|
|
|
2021-06-17 13:00:05 |
This strange malware stops you from visiting pirate websites (lien direct) |
An odd vigilante campaign is preventing victims from accessing pirate content online. |
Malware
|
|
|
|
2021-06-16 14:00:05 |
Billions of records belonging to CVS Health exposed online (lien direct) |
The exposure is another example of misconfiguration that can impact security. |
|
|
|
|
2021-06-16 08:21:30 |
Facebook awards $30,000 bounty for exploit exposing private Instagram content (lien direct) |
The bug allowed users to view content without following an account. |
|
|
|
|
2021-06-16 07:43:20 |
SEC settles with First American over massive leak of mortgage data, disclosure (lien direct) |
First American has agreed to a penalty of close to half a million dollars. |
|
|
|
|
2021-06-15 13:00:00 |
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched (lien direct) |
Close to a month on, internet-facing servers remain vulnerable to attack. |
|
|
|
|
2021-06-15 04:01:04 |
Pandemic prompts digital \'boom\' in account creation - as well as password fatigue (lien direct) |
Lockdown forced many of us online and this hasn't helped our security postures. |
|
|
|
|
2021-06-14 10:45:14 |
Dentist charged by SEC for digital token project fraud, pump-and-dump AI stock scheme (lien direct) |
The “adviser” was allegedly responsible for three securities frauds. |
|
|
|
|
2021-06-14 09:33:07 |
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers (lien direct) |
An unsecured treasure trove of data used for sales was exposed online. |
Data Breach
|
|
|