What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-16 18:23:36 | Hacked Security Software Used in Novel South Korean Supply-Chain Attack (lien direct) | Lazarus Group is believed to be behind a spate of attacks that leverage stolen digital certificates tied to browser software that secures communication with government and financial websites in South Korea. | Medical | APT 38 | |
|
2020-11-16 16:53:53 | Exposed Database Reveals 100K+ Compromised Facebook Accounts (lien direct) | Cybercriminals left an ElasticSearch database exposed, revealing a global attack that compromised Facebook accounts and used them to scam others. | |||
|
2020-11-16 13:00:59 | Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut (lien direct) | A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what's on offer. | ★★★ | ||
|
2020-11-14 14:00:40 | Scams Ramp Up Ahead of Black Friday Cybercriminal Craze (lien direct) | With more online shoppers this year due to COVID-19, cybercriminals are pulling the trigger on new scams ahead of Black Friday and Cyber Monday. | |||
|
2020-11-13 19:05:25 | Amazon Sues Instagram, TikTok Influencers Over Knockoff Scam (lien direct) | 'Order This, Get This': Social-media influencers are in Amazon's legal crosshairs for promoting generic Amazon listings with the promise to get prohibited counterfeit luxury items instead. | |||
|
2020-11-13 18:22:11 | Botnet Attackers Turn to Vulnerable IoT Devices (lien direct) | Cybercriminals are leveraging the multitudes of vulnerable connected devices with botnets that launch dangerous distributed denial-of-service (DDoS) attacks. | |||
|
2020-11-13 18:11:09 | Nation-State Attackers Actively Target COVID-19 Vaccine-Makers (lien direct) | Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says. | |||
|
2020-11-13 18:10:58 | 2020 Reader Survey: Share Your Feedback to Help Us Improve (lien direct) | ||||
|
2020-11-13 17:04:48 | Ticketmaster Scores Hefty Fine Over 2018 Data Breach (lien direct) | The events giant faces a GDPR-related penalty in the U.K., and more could follow. | Data Breach | ||
|
2020-11-13 16:07:30 | (Déjà vu) Credential-Stuffing Attack Hits The North Face (lien direct) | The North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website. | |||
|
2020-11-13 12:54:20 | Report: CISA Chief Expects White House to Fire Him (lien direct) | Chris Krebs, the first and current director of the CISA, said his protection of election process drew ire from Trump administration. | ★★★★★ | ||
|
2020-11-12 22:19:20 | Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software (lien direct) | The modular malware is highly sophisticated but may not be able to capture credit-card info. | Malware | ||
|
2020-11-12 21:33:28 | Animal Jam Hacked, 46M Records Roam the Dark Web (lien direct) | Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum. | |||
|
2020-11-12 18:12:44 | Digging into the Dark Web: How Security Researchers Learn to Think Like the Bad Guys (lien direct) | Hacker forums are a rich source of threat intelligence. | Threat | ||
|
2020-11-12 16:52:08 | Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks (lien direct) | Security problems in Schneider Electric programmable logic controllers allow compromise of the hardware, responsible for physical plant operations. | ★★★ | ||
|
2020-11-12 14:10:57 | 2 More Google Chrome Zero-Days Under Active Exploitation (lien direct) | Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution. | Guideline | ★★★★★ | |
|
2020-11-11 21:04:06 | Silver Peak SD-WAN Bugs Allow for Network Takeover (lien direct) | Three security vulnerabilities can be chained to enable unauthenticated remote code execution. | ★★★ | ||
|
2020-11-11 19:03:15 | Nvidia Warns Windows Gamers of GeForce NOW Flaw (lien direct) | Both Nvidia and Intel faced severe security issues this week - including a high-severity bug in Nvidia's GeForce NOW. | ★★★★★ | ||
|
2020-11-11 18:42:49 | Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic (lien direct) | Following a Nov. 3 ransomware attack against Campari, Ragnar Locker group took out public Facebook ads threatening to release stolen data. | Ransomware | ||
|
2020-11-11 17:47:20 | Minecraft Apps on Google Play Fleece Players Out of Big Money (lien direct) | Seven mobile apps for Android sneakily charge fans of Minecraft and Roblox hundreds of dollars per month. | |||
|
2020-11-11 14:45:50 | High-Severity Cisco DoS Flaw Can Immobilize ASR Routers (lien direct) | The flaw stems from an issue with the ingress packet processing function of Cisco IOS XR software. | |||
|
2020-11-11 13:34:14 | COVID-19 Data-Sharing App Leaked Healthcare Worker Info (lien direct) | Philippines COVID-KAYA app allowed for unauthorized access typically protected by 'superuser' credentials and also may have exposed patient data. | |||
|
2019-05-21 15:15:00 | HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak (lien direct) | HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers. | |||
|
2019-05-21 14:22:03 | Millions of Golfers Land in Privacy Hazard After Cloud Misconfig (lien direct) | A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see. | |||
|
2019-05-20 20:08:03 | Sharing Threat Intelligence: Time for an Overhaul (lien direct) | All too often, information-sharing is limited to vertical market silos; to build better defenses, it's time to take a broader view beyond the ISAC. | Threat | ||
|
2019-05-20 18:44:05 | Windows 10 Update Bricks PCs, Microsoft Offers Workarounds (lien direct) | A glitch in Microsoft's Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist. | ★★★ | ||
|
2019-05-20 15:55:03 | Salesforce Woes Linger as Admins Clean Up After Service Outage (lien direct) | An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses. | |||
|
2019-05-20 15:14:05 | Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws (lien direct) | A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown. | |||
|
2019-05-20 14:22:00 | Slack Bug Allows Remote File Hijacking, Malware Injection (lien direct) | An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel. | Malware | ||
|
2019-05-20 13:42:05 | ZombieLoad: How Intel\'s Latest Side Channel Bug Was Discovered and Disclosed (lien direct) | Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws. | |||
|
2019-05-17 19:28:04 | WordPress WP Live Chat Support Plugin Fixes XSS Flaw (lien direct) | A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. | |||
|
2019-05-17 17:06:00 | Ransomware \'Remediation\' Firm Exposed: Researchers Weigh in on Paying (lien direct) | The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses. | Ransomware | ||
|
2019-05-17 15:44:03 | How Decoding Network Traffic Can Save Your Data Bacon (lien direct) | The importance of reading the network tealeaves of a company's network traffic to head off an attack. | |||
|
2019-05-17 11:37:04 | News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws (lien direct) | From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week. | |||
|
2019-05-16 18:36:03 | Mobile Risks Boom in a Post-Perimeter World (lien direct) | The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world. | |||
|
2019-05-16 18:01:05 | Forbes Becomes Latest Victim of Magecart Payment Card Skimmer (lien direct) | The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others. | |||
|
2019-05-16 13:53:03 | Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution (lien direct) | The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices. | |||
|
2019-05-16 13:05:00 | Cybercrime Gang Behind GozNym Banking Malware Dismantled (lien direct) | Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses. | Malware | ||
|
2019-05-15 20:01:03 | Google Titan Security Key Recalled After Bluetooth Pairing Bug (lien direct) | Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols. | |||
|
2019-05-15 16:48:01 | Intel ZombieLoad Side-Channel Attack: 10 Takeaways (lien direct) | Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week. | |||
|
2019-05-15 14:50:00 | Billions of Malicious Bots Take to Cipher-Stunting to Hide (lien direct) | Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting. | |||
|
2019-05-14 20:49:04 | (Déjà vu) Microsoft Patches Zero-Day Bug Under Active Attack (lien direct) | Microsoft Patch Tuesday security bulletin tackles 22 critical vulnerabilities. | |||
|
2019-05-14 20:31:03 | Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More (lien direct) | A massive update addresses the breadth of the computing giant's product portfolio. | |||
|
2019-05-14 18:01:04 | Intel CPUs Impacted By New Class of Spectre-Like Attacks (lien direct) | Intel has disclosed a new class of speculative execution side channel attacks. | |||
|
2019-05-14 16:18:03 | Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws (lien direct) | Adobe has issued patches for 87 vulnerabilities on Patch Tuesday - the bulk of which exist in Adobe's Acrobat and Reader product. | |||
|
2019-05-14 15:21:01 | Linux Kernel Flaw Allows Remote Code-Execution (lien direct) | The bug is remotely exploitable without authentication or user interaction. | |||
|
2019-05-14 12:58:02 | (Déjà vu) WhatsApp Zero-Day Exploited in Targeted Spyware Attacks (lien direct) | WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones. | Vulnerability | ||
|
2019-05-14 12:00:05 | Cynet: An Autonomous Security Platform for Any Size Organization (lien direct) | Cynet protects the entire internal environment – including hosts, files, users and the network. | |||
|
2019-05-13 22:17:05 | Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices (lien direct) | The two high-severity bugs impact a wide array of enterprise, military and government networks. | |||
|
2019-05-13 21:02:01 | Twitter Leaks Apple iOS Users\' Location Data to Ad Partner (lien direct) | A Twitter glitch "inadvertently" leaked iOS users' location data to an unnamed partner. |
To see everything:
Our RSS (filtrered)
