What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-11 20:24:05 | New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors (lien direct) | Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot. | Vulnerability | ||
|
2018-10-11 20:19:04 | ThreatList: Credential Theft Spikes by Triple Digits in U.S. (lien direct) | Meanwhile, the LokiPWS (a.k.a. Lokibot) malware family distribution is surging. | Malware | ||
|
2018-10-11 18:11:00 | Adaptable, All-in-One Android Trojan Shows the Future of Malware (lien direct) | GPlayed may be the new face of malware -- flexible and adaptable, with a Swiss Army knife-like toolbox that can be used to target pretty much anyone. | Malware | ||
|
2018-10-11 14:19:00 | Fake Adobe Flash Updates Hide Malicious Crypto Miners (lien direct) | A fake Adobe update actually updates victims' Flash - but also installs malicious cryptomining malware. | |||
|
2018-10-11 14:03:05 | Calif. Law Takes Aim at Weak IoT Passwords (lien direct) | Concerns over data privacy and security push California to roll out the first legislation on connected devices. | |||
|
2018-10-10 21:52:01 | FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw (lien direct) | This is the second local privilege-escalation zero-day this APT group has exploited. | |||
|
2018-10-10 16:07:05 | Innovative Phishing Tactic Makes Inroads Using Azure Blob (lien direct) | A brand-new approach to harvesting credentials hinges on users' lack of cloud savvy. | |||
|
2018-10-10 13:57:02 | Four Critical Flaws Patched in Adobe Digital Edition (lien direct) | Adobe Digital Edition has four critical bugs enabling arbitrary code execution. | |||
|
2018-10-10 11:26:00 | Podcast: Key Takeaways For DevOps in BSIMM9 (lien direct) | From supply chain to orchestration tools, here are the new trends that DevOps should pay attention to in this year's BSIMM report. | ★★★★★ | ||
|
2018-10-09 21:24:05 | Microsoft Patches Zero-Day Under Active Attack by APT (lien direct) | A zero-day vulnerability tied to the Window's Win32k component is under active attack, warns Microsoft. | Vulnerability | ||
|
2018-10-09 19:37:03 | New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants (lien direct) | New Intel Coffee Lake CPUs offer hardware-based protections against some -but not all- Spectre and Meltdown variants. | |||
|
2018-10-09 18:40:05 | Slideshow: Intel from Virus Bulletin 2018 (lien direct) | This year's Virus Bulletin conference featured top-tier research from some of the world's best threat intelligence experts. | Threat | ||
|
2018-10-09 15:26:05 | How Shared Pools of Cloud Computing Power Are Changing the Way Attackers Operate (lien direct) | Cloud computing is creating new challenges among security professionals as attackers embrace the "as-a-service model", giving unsophisticated cybercriminals a leg up in carrying out attacks. | ★★★★★ | ||
|
2018-10-09 15:11:03 | Google+ Privacy Snafu Leaves a Cloud Over the Tech Landscape (lien direct) | Google was caught not disclosing a potential data breach -- leaving questions as to whether a lack of transparency is the new normal. | Data Breach | ★★★ | |
|
2018-10-09 15:10:00 | ThreatList: Microsoft IIS Sees Triple-Digit Spike in Cyberattack Volume (lien direct) | Most of the attacks originated in China. | |||
|
2018-10-09 13:16:05 | Magecart Group Targets Shopper Approved in Latest Attack (lien direct) | The breach also impacted hundreds of Shopper Approved's customers. | |||
|
2018-10-08 00:07:00 | PoC Attack Escalates MikroTik Router Bug to \'As Bad As It Gets\' (lien direct) | Researchers say a medium severity bug should now be rated critical because of a new hack technique that allows for remote code execution on MikroTik edge and consumer routers. | Hack | ||
|
2018-10-05 21:23:02 | Sony Smart TV Bug Allows Remote Access, Root Privileges (lien direct) | Software patching becomes a new reality for smart TV owners. | Patching | ||
|
2018-10-05 20:43:01 | Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat (lien direct) | A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic. | Threat | ||
|
2018-10-05 19:07:04 | D-Link Patches RCE Bugs in Wireless Access Point Gear (lien direct) | D-Link has released the beta version of the controller which addresses the reported vulnerabilities. | |||
|
2018-10-05 17:14:02 | Threatpost New Wrap Podcast For Oct. 5 (lien direct) | Threatpost editors discuss the highlights and biggest breaking news from this past week. | |||
|
2018-10-05 16:16:00 | Virus Bulletin 2018: Exposing the Social Media Fraud Ecosystem (lien direct) | The business of fake likes and followers turns out to be a sprawling enterprise -- likely tied back to IoT botnet activity. | ★★★★★ | ||
|
2018-10-04 19:25:05 | ThreatList: 83% of Routers Contain Vulnerable Code (lien direct) | Five out of six name brand routers, such as Linksys, NETGEAR and D-Link, contain known open-source vulnerabilities. | |||
|
2018-10-04 19:14:04 | Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets (lien direct) | Russian-speaking Turla has also racked up more victims in its latest APT campaign. | |||
|
2018-10-04 16:10:00 | Apple, Amazon Strongly Refute Server Infiltration Report (lien direct) | An explosive Bloomberg report, if true, would highlight the largest supply chain attack to have been launched against American corporations. | |||
|
2018-10-03 23:43:05 | Virus Bulletin 2018: macOS Flaw Allows Attackers to Hijack Installed Apps (lien direct) | This code-signing issue represents a new attack vector, according to the researcher. | |||
|
2018-10-03 20:38:05 | Cloud, Containers, Orchestration Big Factors in BSIMM9 (lien direct) | A converged architecture that brings independent software vendors, cloud vendors and IoT vendors together is reshaping the security landscape. | |||
|
2018-10-03 18:46:01 | Virus Bulletin 2018: Microsoft\'s Lambert on How Cloud is Changing Security (lien direct) | Supply-chain attacks are on the rise, but machine learning provides the edge that the security industry needs to keep up. | |||
|
2018-10-03 15:59:02 | Facebook Breach Sparks Concerns Around Third-Party Apps, Website Security (lien direct) | Experts say Friday's breach remains a dangerous potential access point to even more third-party apps and websites. | |||
|
2018-10-03 13:37:00 | Artificial Intelligence: A Cybersecurity Tool for Good, and Sometimes Bad (lien direct) | Attractive to both white-hats and cybercriminals, AI's role in security has yet to find an equilibrium between the two sides. | Tool | ★★★★ | |
|
2018-10-03 13:36:02 | Pumping the Brakes on Artificial Intelligence (lien direct) | Businesses are increasingly adopting artificial intelligence, but all too often these platforms don't feature security-by-design. | |||
|
2018-10-02 21:19:01 | Foxit PDF Reader Fixes High-Severity Remote Code Execution Flaws (lien direct) | Foxit Software has patched over 100 vulnerabilities in its popular Foxit PDF Reader. Many of the bugs tackled by the company include a wide array of high severity remote code execution vulnerabilities. Foxit on Friday released fixes for Foxit Reader 9.3 and Foxit PhantomPDF 9.3, which addressed a whopping 124 vulnerabilities. It’s important to note […] | |||
|
2018-10-02 19:23:03 | NOKKI Malware Sports Mysterious Link to Reaper APT Group (lien direct) | The relationship between the malware and the APT group remains somewhat murky. | Malware | APT 37 | |
|
2018-10-02 16:47:03 | Google Patches Critical Vulnerabilities in Android OS (lien direct) | The most dire vulnerability targets the Android framework and could allow an adversary to execute arbitrary code on targeted devices. | Vulnerability | ||
|
2018-10-02 14:49:04 | Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration (lien direct) | The free online office suite software is used by more than 30 million people and is a ripe target for criminals. | |||
|
2018-10-02 14:01:04 | Google Cracks Down on Malicious Chrome Extensions in Major Update (lien direct) | Starting today, extensions with obfuscated code are banned and developers must go through a stricter extensions review process. | |||
|
2018-10-02 13:47:00 | ThreatList: Password Hygiene Remains Lackluster in Global Businesses (lien direct) | Password-sharing persists, but at least multifactor authentication usage is up. | |||
|
2018-10-01 21:22:00 | Adobe Patches 47 Critical Flaws in Acrobat and DC (lien direct) | The update includes a security bypass bug that enables privilege escalation. | |||
|
2018-10-01 18:55:03 | Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack (lien direct) | Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content. | |||
|
2018-10-01 17:52:04 | California, U.S. Government Battle Over Net Neutrality State Law (lien direct) | The Department of Justice has filed a lawsuit after SB 822 was passed, enforcing net neutrality laws, on Sunday. | |||
|
2018-10-01 11:56:01 | Dark Web Azorult Generator Offers Free Binaries to Cybercrooks (lien direct) | The Gazorp online builder makes it easy to start stealing passwords, credit-card information, cryptocurrency wallet data and more. | |||
|
2018-09-28 18:32:02 | Facebook Data Breach Impacts Almost 50 Million Accounts (lien direct) | Hackers exploited a flaw in Facebook's code impacting its “View As” feature. | Data Breach | ||
|
2018-09-28 18:11:01 | Another Linux Kernel Bug Surfaces, Allowing Root Access (lien direct) | Android, Debian and Ubuntu users are still at risk. | |||
|
2018-09-28 17:26:05 | iPhone XS Passcode Bypass Hack Exposes Contacts, Photos (lien direct) | Bypass works on iOS 12 and Apple's latest iPhone XS model phones allowing an attacker to access contacts and photos. | Hack | ||
|
2018-09-28 13:22:01 | Android App Verification Issues Pave Way For Phishing Attacks (lien direct) | A research team suggested a new secure-by-design API after discovering design flaws in the way Android apps are verified by password managers. | |||
|
2018-09-27 20:47:02 | Perimeter Defenses are Dead, So Now What? (lien direct) | Over time, both enterprise and government networks have seen the network perimeter blur uncontrollably. | ★★★★★ | ||
|
2018-09-27 20:08:00 | ThreatList: Hackers Turn to Python as Attack Coding Language of Choice (lien direct) | More than 20 percent of GitHub repositories containing an attack tool or an exploit proof of concept (PoC) are written in Python. | Tool | ||
|
2018-09-27 16:00:02 | Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access (lien direct) | Researchers said the vulnerability "is very easy to exploit." | Vulnerability | ||
|
2018-09-27 14:49:04 | Weakness in Apple MDM Tool Allows Access to Sensitive Corporate Info (lien direct) | A lack of authentication in Apple's Device Enrollment Program could allow attackers to scoop up Wi-Fi passwords and VPN configurations. | Tool | ||
|
2018-09-26 20:48:04 | 2018 Has Been Open Season on Open Source Supply Chains (lien direct) | Hackers see green field opportunities in vulnerable software supply chains. |
To see everything:
Our RSS (filtrered)
