Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-31 20:50:03 |
Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info (lien direct) |
The low-cost malware lowers the barrier of entry for carrying out advanced data exfiltration. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-31 19:03:03 |
Huawei Patches Four Server Bugs Rated High Severity (lien direct) |
Huawei stamps out four high-severity bugs impacting 20 server models ranging from its XH, RH and CH lines. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-31 17:44:00 |
Podcast: How Cities Can Be Security Smart (lien direct) |
Threatpost talks to Tenable CTO Renaud Deraison about the security risks behind smart cities. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-30 20:12:04 |
Bug In Git Opens Developer Systems Up to Attack (lien direct) |
A serious vulnerability was patched by developers behind Git that closes the door on a flaw that could lead to arbitrary code execution on a developer's system. |
Guideline
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-30 20:10:01 |
Botnet Operators Team Up To Leverage IcedID, Trickbot Trojans (lien direct) |
The botnet operators behind two infamous trojans have banded together to gouge victims in a costly scheme. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-30 17:32:00 |
Yahoo Hacker Sentenced; Coke Opens Up a Can of Data Breach (lien direct) |
Fortune 500 breaches seem to be a theme this week. |
|
Yahoo
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-30 15:32:02 |
Google Patches 34 Browser Bugs in Chrome 67, Adds Spectre Fixes (lien direct) |
Google has rolled out its newest browser version (Chrome 67.0.3396.62) for Windows, Mac and Linux this week with new security fixes and biometric features. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-30 14:59:01 |
Hidden Cobra Strikes Again with Custom RAT, SMB Malware (lien direct) |
The North Korean-sponsored actors are targeting sensitive and proprietary information, and the malware could disrupt regular operations and disable systems and files. |
|
APT 38
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-29 21:15:01 |
Fraudsters Claim To Hack Two Canadian Banks (lien direct) |
Two Canadian banks reported that they may be targets of a hack after fraudsters claimed that they electronically accessed personal and account information. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-29 19:50:00 |
SEVered Attack Extracts the Memory of AMD-Encrypted VMs (lien direct) |
Virtual machines that use AMD's hardware-based encryption scheme are vulnerable to attacks that can extract the full contents of their main memory – in plaintext. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-29 18:04:02 |
Sonic Tone Attacks Damage Hard Disk Drives, Crashes OS (lien direct) |
Attack uses ultrasonic sound waves to disrupt HHD read/write operations, which could lead to a system crash. |
Guideline
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-29 16:22:05 |
Google Patches reCAPTCHA Bypass (lien direct) |
An exploit for the bypass vulnerability required an HTTP parameter pollution in a web application. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-29 14:47:00 |
Brazilian Banking Trojan Communicates Via Microsoft SQL Server (lien direct) |
Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&C) server.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-28 15:02:00 |
Singapore ISP Leaves 1,000 Routers Open to Attack (lien direct) |
Telcom firm leaves port open on customer routers after maintenance update exposing hundreds of customers to possible attack. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-28 12:21:04 |
Despite Ringeader\'s Arrest, Cobalt Group Still Active (lien direct) |
The threat actors behind widespread attacks on banks and ATM jackpotting campaigns in Russia and Europe resurfaced in may, attacking banks. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-25 19:27:01 |
Millions of IoT Devices Vulnerable to Z-Wave Downgrade Attacks, Researchers Claim (lien direct) |
Millions of IoT devices based on the Z-Wave wireless protocol are vulnerable to a downgrade attack during pairing sessions. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-25 19:25:00 |
Pet Trackers Open to MITM Attacks, Interception (lien direct) |
Several well-rated pet trackers contain flaws stemming from the use of Bluetooth LE, poor certificate handling and more. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-25 16:45:03 |
Alexa Eavesdropping Flub Re-Sparks Voice Assistant Privacy Debate (lien direct) |
After an Alexa speaker recorded and shared a private conversation, the tech community is casting a wary eye on voice assistant privacy issues. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-25 14:19:03 |
Attackers Cashing In On Cryptocurrency With Increased Scams (lien direct) |
As the popularity around cryptocurrency has continued to rise in 2018, it has also paved an easy path for cash-hungry scammers to launch “cryptocurrency giveaway scams.” |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-24 19:29:02 |
What Will GDPR\'s Impact Be On U.S. Consumer Privacy? (lien direct) |
GDPR may be going in effect Friday, but U.S. citizens have a ways to go before seeing similar privacy regulations from the U.S government. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-24 15:18:00 |
Intel\'s \'Virtual Fences\' Spectre Fix Won\'t Protect Against Variant 4 (lien direct) |
The new hardware-based protections Intel announced earlier in March it was embedding into new chips will only protect against Spectre and Meltdown – but not the newly disclosed Variant 4, sources said. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-24 12:46:03 |
Amazon Comes Under Fire for Facial Recognition Platform (lien direct) |
Privacy advocates say facial recognition can be an agent of authoritarian surveillance; others say it's an invaluable tool to combat kidnapping, locate lost children and track down criminals on the run. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-23 19:28:04 |
Schneider Electric Patches XXE Vulnerability In Software (lien direct) |
Schneider Electric on Tuesday issued fixes for a vulnerability its SoMachine Basic software that could result in disclosure and retrieval of arbitrary data. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-23 19:20:00 |
James Comey: FBI Faces Deep Tech-Related Questions (lien direct) |
Cloud migration and automated systems, data privacy and encryption all remain central issues for the FBI as it considers its mandate and role in the modern digital age. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-23 17:50:02 |
Ahead of GDPR, Information Governance Comes into Its Own (lien direct) |
A full 98 percent of US enterprises have embarked on information governance (IG) projects, dramatically up from just 10 percent last year. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-23 16:48:00 |
VPNFilter Malware Infects 500k Routers Including Linksys, MikroTik, NETGEAR (lien direct) |
Researchers warn of malware infecting 500,000 popular routers in a campaign mostly targeting the Ukraine, but also 54 other countries. |
|
VPNFilter
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-22 21:20:05 |
Researchers Say More Spectre-Related CPU Flaws On Horizon (lien direct) |
Yet another speculative execution side channel flaw has been disclosed in processors - and security experts warn that more may be out there. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-22 18:23:04 |
Six Vulnerabilities Found in Dell EMC\'s Disaster Recovery System, One Critical (lien direct) |
A pen-tester has found five vulnerabilities in Dell EMC RecoverPoint devices, including a critical RCE that could allow total system compromise. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-22 16:09:05 |
Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords (lien direct) |
A bug in Comcast's activation website for its Xfinity routers leaked sensitive customer data. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-22 14:03:00 |
Intel Responds to Spectre-Like Flaw In CPUs (lien direct) |
Intel on Monday acknowledged that its processors are vulnerable to another Spectre-like speculative execution side channel flaw that could allow attackers to access information. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-21 21:44:05 |
Malicious PHP Script Infects 2,400 Websites in the Past Week (lien direct) |
A botnet called Brain Food is pushing diet pills via infected WordPress and Joomla websites. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-21 19:30:05 |
TeenSafe Tracking App Exposes Thousands of Private Records (lien direct) |
Records for a mobile app that parents can use to monitor what their kids are doing online has been exposed in the latest Amazon Web Services cloud misconfiguration. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-21 18:58:01 |
Roaming Mantis Swarms Globally, Spawning iOS Phishing, Cryptomining (lien direct) |
Analysis shows that the malware, previously a banking trojan focused on Android devices, has rapidly evolved just in the past month. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-21 13:01:05 |
Wicked Botnet Uses Passel of Exploits to Target IoT (lien direct) |
The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 20:23:03 |
Hurdles Remain After Senate Votes To Restore Net Neutrality (lien direct) |
The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on the fast track to a House vote. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 20:02:00 |
Latin American \'Biñeros\' Bond Over Fraudulent Purchase Scheme (lien direct) |
A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 18:23:01 |
(Déjà vu) Threatpost News Wrap Podcast for May 18 (lien direct) |
Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week's information security news. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 14:20:05 |
TeleGrab Malware Steals Telegram Desktop Messaging Sessions, Steam Credentials (lien direct) |
A recently discovered malware steals cache data and messaging sessions from the desktop version of encrypted messaging service Telegram. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 12:45:02 |
Misconfigured Reverse Proxy Servers Spill Credentials (lien direct) |
Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-18 12:42:03 |
RedDawn Espionage Campaign Shows Mobile APTs on the Rise (lien direct) |
The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-17 19:48:00 |
Fake Fortnite Apps for Android Spread Spyware, Cryptominers (lien direct) |
An array of malicious Android apps purporting to be popular game Fortnite are instead harvesting call logs and downloading cryptomining malware. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-17 19:43:00 |
\'Voice-Squatting\' Turns Alexa, Google Home into Silent Spies (lien direct) |
A team of academic researchers has demonstrated that it's possible to possible to closely mimic legitimate voice commands in order to carry out nefarious actions on these home assistants. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-17 16:16:05 |
Cisco Warns of Three Critical Bugs in Digital Network Architecture Platform (lien direct) |
The company urges customers to patch three vulnerabilities that received the highest severity rating of 10. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-17 15:25:05 |
One Year After WannaCry: A Fundamentally Changed Threat Landscape (lien direct) |
Threatpost talked to several security researchers about what's changed in the past year. |
|
Wannacry
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-17 15:00:01 |
Podcast: The Evolution of Deception Technology (lien direct) |
Deception technology is an emerging category of cyber defense that is particularly useful when it comes to IoT devices, SCADA systems and medical devices. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-16 21:05:03 |
Critical Linux Flaw Opens the Door to Full Root Access (lien direct) |
The vulnerability allows an attacker to execute a malware or other payloads on a client machine by sending malicious messages from the DHCP server. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-16 19:56:00 |
New Cryptominer Distributes XMRig in Aggressive Attacks (lien direct) |
Cryptominer WinstarNssmMiner is an aggressive malware strain that has launched 500,000 attacks in the past three days earning criminals $28,000. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-16 11:19:03 |
RIG EK Still Makes Waves, This Time with a Stealthy Backdoor (lien direct) |
The main purpose of Grobios malware is to help attacker establish a strong, persistent foothold in a victim's system, in order to drop additional payloads later. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-15 21:38:01 |
Phishing Spy Campaign Targets Top Mideast Officials (lien direct) |
Researchers have discovered a set of custom surveillanceware tools being deployed against Android and iOS devices primarily in the Middle East. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2018-05-15 21:27:00 |
Mexico\'s Banking System Sees $18M Siphoned Off in Phantom Transactions (lien direct) |
Sources said the funds were diverted to fraudulent accounts in a coordinated heist that involved hundreds of wire transfers and on-the-ground accomplices. |
|
|
|