Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-05-26 16:00:08 |
Mark Dowd on Exploit Mitigation Development (lien direct) |
Mark Dowd discusses why certain exploit mitigations have been so successful in driving up the cost of exploit development for attackers. |
|
|
|
|
2017-05-26 15:00:43 |
Pacemaker Ecosystem Fails its Cybersecurity Checkup (lien direct) |
Pacemakers and pacemaker programmers lack authentication and are plagued with thousands of software vulnerabilities across leading manufacturers. |
Guideline
|
|
|
|
2017-05-26 14:00:37 |
Threatpost News Wrap, May 26, 2017 (lien direct) |
Mike Mimoso and Chris Brook recap the news of the week, including the EternalRocks worm, the latest on WannaCry, a subtitle hack, and a Twitter flaw. |
|
Wannacry
|
★★★
|
|
2017-05-26 12:00:42 |
Rash Of Phishing Attacks Use HTTPS To Con Victims (lien direct) |
Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they're visiting a safe site. |
|
|
|
|
2017-05-25 18:43:32 |
Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub (lien direct) |
A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week. |
|
|
|
|
2017-05-25 18:14:35 |
Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data (lien direct) |
Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker's computer. |
|
|
|
|
2017-05-25 17:00:43 |
WannaCry Ransom Note Written by Chinese, English Speaking Authors (lien direct) |
A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said. |
|
Wannacry
|
|
|
2017-05-25 16:20:32 |
Samba Patches Wormable Bug Exploitable With One Line Of Code (lien direct) |
The Samba Team has patched a severe bug that leaves computers vulnerable to wormable exploit. |
|
|
|
|
2017-05-24 21:49:10 |
Password Breaches Fueling Booming Credential Stuffing Business (lien direct) |
The market for automated credential stuffing tools is growing fast, because of a record number of breaches. |
|
|
|
|
2017-05-24 18:05:21 |
Android Overlay and Accessibility Features Leave Millions at Risk (lien direct) |
Researchers warn two features, not flaws, in Android can be used together to open devices up to attack. |
|
|
|
|
2017-05-24 16:30:21 |
Twitter Flaw Could Have Allowed Attacker to Tweet From Any Account (lien direct) |
Twitter fixed a flaw in its Twitter Ads service could have allowed an attacker to tweet as any user.
|
|
|
|
|
2017-05-24 15:10:26 |
Malware Network Communication Provides Better Early Warning Signal (lien direct) |
An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. |
|
|
|
|
2017-05-23 21:33:18 |
Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution (lien direct) |
Attackers can remotely execute code on targeted systems via specially crafted subtitle files for videos. |
|
|
|
|
2017-05-23 20:13:00 |
Google Elevates Security in Android O (lien direct) |
Android O, due in the third quarter, figures to elevate the security of the mobile OS with new features focused on improved third-party patching, a new permission model and hardening of existing features. |
|
|
★★
|
|
2017-05-23 18:00:36 |
Yahoo Retires ImageMagick After Bugs Leak Server Memory (lien direct) |
Researcher Chris Evans reported a new bug and showed how also used a previously known flaw in ImageMagick to leak Yahoo server data and steal images and authentication secrets. |
|
Yahoo
|
|
|
2017-05-23 17:06:21 |
Apple Receives First National Security Letter, Reports Spike in Requests for Data (lien direct) |
Apple revealed this week that it received at least one National Security Letter from the U.S. government for user data during the last six months of 2016 |
|
|
|
|
2017-05-22 21:25:58 |
Trump\'s Cybersecurity Boss Talks Priorities (lien direct) |
The country's top cybersecurity boss said the country is headed the wrong way when it comes to cybersecurity. |
|
|
|
|
2017-05-22 19:25:47 |
Verizon Patches XSS Issues in its Messaging Client (lien direct) |
Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user's session. |
|
|
|
|
2017-05-22 17:05:29 |
EternalRocks Worm Spreads Seven NSA SMB Exploits (lien direct) |
A worm called EternalRocks has been spreading seven Windows SMB exploits leaked by the ShadowBrokers, including EternalBlue, which was used to spread WannaCry. |
|
Wannacry
|
|
|
2017-05-22 13:00:54 |
Jaya Baloo on WannaCry and Defending Against Advanced Attacks (lien direct) |
Jaya Baloo, CISO of KPN, the Netherlands' leading telecommunications provider, talks to Mike Mimoso about the WannaCry ransomware outbreak and how large network providers and enterprises must contend with advanced attacks. |
Guideline
|
Wannacry
|
|
|
2017-05-19 18:22:23 |
Terror Exploit Kit Evolves Into Larger Threat (lien direct) |
The Terror exploit kit has matured into a greater threat and carefully crafts attacks based on a user's browser environment. |
|
|
|
|
2017-05-19 17:04:27 |
Available Tools Making Dent in WannaCry Encryption (lien direct) |
Tools are beginning to emerge that can be used to begin the process of recovering files encrypted by WannaCry on some Windows systems. |
|
Wannacry
|
|
|
2017-05-19 16:47:41 |
VMware Patches Multiple Security Issues in Workstation (lien direct) |
VMware fixed two bugs in its VMware Workstation late Thursday night, including an insecure library loading vulnerability and a NULL pointer dereference vulnerability.
|
|
|
|
|
2017-05-19 13:00:19 |
Threatpost News Wrap, May 19, 2017 (lien direct) |
Mike Mimoso and Chris Brook discuss WannaCry, Microsoft's response, the killswitches, a potential link with Lazarus Group, and what the future holds for the ShadowBrokers. |
Medical
|
Wannacry
APT 38
|
|
|
2017-05-18 20:57:17 |
PATCH Act Calls for VEP Review Board (lien direct) |
The PATCH Act proposes the formation of a review board that would formalize and make transparent the processes by which the government determines whether it will use or disclose a zero-day vulnerability. |
|
|
|
|
2017-05-18 20:49:33 |
Android Gets Security Makeover With Google Play Protect (lien direct) |
Google announces big changes for Android security including new features, a rebranding of old services and an updated UI, all streamlined under a new service called Google Play Protect. |
|
|
|
|
2017-05-18 18:17:00 |
WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program (lien direct) |
WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week. |
|
|
|
|
2017-05-18 16:05:08 |
Senate\'s Use of Signal A Good First Step, Experts Say (lien direct) |
The Senate's use of the end-to-end encrypted messaging app Signal is a good first step in protecting U.S. democratic institutions, but much more needs to be protected. |
|
|
|
|
2017-05-18 14:18:19 |
Patches Pending for Medical Devices Hit By WannaCry (lien direct) |
Companies such as Siemens and Bayer are planning to release patches for medical devices hit by the ransomware WannaCry over the past several days. |
|
Wannacry
|
★★★★★
|
|
2017-05-17 18:52:54 |
APT3 Linked to Chinese Ministry of State Security (lien direct) |
Researchers claim that APT3, widely believed to be a China-based threat actor, is directly connected to the Chinese Ministry of State Security (MSS). |
|
APT 3
|
|
|
2017-05-17 17:19:30 |
Next NSA Exploit Payload Could be Much Worse Than WannaCry (lien direct) |
Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware. |
|
Wannacry
|
|
|
2017-05-16 18:38:52 |
DocuSign Phishing Campaign Includes Hancitor Downloader (lien direct) |
DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents. |
|
|
★★
|
|
2017-05-16 17:56:23 |
Apple Patches Pwn2Own Vulnerabilities in Safari, macOS, iOS (lien direct) |
Apple fixed 66 vulnerabilities - many found at March's Pwn2Own competition - across seven product lines, including Safari, iTunes, macOS, and iOS, on Monday. |
|
|
|
|
2017-05-16 15:45:50 |
WannaCry Shares Code with Lazarus APT Samples (lien direct) |
Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT. |
|
Wannacry
APT 38
|
|
|
2017-05-16 14:00:11 |
Chrome Browser Hack Opens Door to Credential Theft (lien direct) |
Researchers at DefenseCode claim a vulnerability in Google's Chrome browser allows hackers to steal credentials and launch SMB relay attacks. |
|
|
|
|
2017-05-16 12:30:55 |
ShadowBrokers Planning Monthly Exploit, Data Dump Service (lien direct) |
The latest rant from the ShadowBrokers ends with news of a subscription service starting in June that will leak exploits and stolen data to paying customers. |
|
|
|
|
2017-05-16 10:39:29 |
WikiLeaks Reveals Two CIA Malware Frameworks (lien direct) |
WikiLeaks released details on what it claims are two frameworks for malware samples dubbed AfterMindnight and Assassin, both allegedly developed by the US Central Intelligence Agency. |
|
|
|
|
2017-05-15 21:12:09 |
OpenVPN Audits Yield Mixed Bag (lien direct) |
The results of two audits of the open source software OpenVPN were shared late last week. One found two legitimate vulnerabilities, the other said the service is cryptographically "solid." |
|
|
|
|
2017-05-15 19:00:43 |
WannaCry Variants Pick Up Where Original Left Off (lien direct) |
Exploits spreading WannaCry ransomware have surfaced after the discovery of a killswitch put a quick halt to the initial global outbreak. |
|
Wannacry
|
|
|
2017-05-15 14:27:51 |
Matthew Hickey on WannaCry Ransomware Outbreak (lien direct) |
Matthew Hickey, founder of HackerHouse and @hackerfantastic on Twitter, talks to Mike Mimoso about Friday's WannaCry ransomware outbreak. |
|
Wannacry
|
|
|
2017-05-13 15:30:30 |
Microsoft Releases XP Patch for WannaCry Ransomware (lien direct) |
Microsoft has taken the extraordinary step of providing an emergency update for unsupported Windows XP and Windows 8 machines in the wake of Friday's WannaCry ransomware outbreak. |
|
Wannacry
|
|
|
2017-05-12 17:54:58 |
New Jaff Ransomware Part Of Active Necurs Spam Blitz (lien direct) |
A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple and massive spam campaigns distributing the malware via the Necurs botnet. |
|
|
|
|
2017-05-12 17:32:57 |
Leaked NSA Exploit Spreading Ransomware Worldwide (lien direct) |
Attackers behind today's WannaCry ransomware outbreak in Europe are spreading the malware using the EternalBlue exploit leaked by the ShadowBrokers. |
|
Wannacry
|
|
|
2017-05-12 16:00:22 |
Threatpost News Wrap, May 12, 2017 (lien direct) |
The news of the week is discussed, including this week's Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump's Cybersecurity EO, and more.
|
|
|
|
|
2017-05-11 22:26:49 |
Anti Public Combo List Analysis Reveals Password Habits Improving (lien direct) |
Researchers take a deep dive analysis on a recently discovered database of more than 500 million username and password pairs. |
|
|
|
|
2017-05-11 20:41:04 |
Trump Signs Cybersecurity Executive Order (lien direct) |
President Trump signed the cybersecurity executive order that mandates federal agencies implement the NIST Framework for risk management. |
|
|
|
|
2017-05-11 20:39:13 |
Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability (lien direct) |
Vanilla Forums open source software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code. |
|
|
|
|
2017-05-11 18:53:21 |
Microsoft\'s New Security Update Guides Get Mixed Reviews (lien direct) |
Microsoft gets a lukewarm response with its new Microsoft Security Guides that replaced Security Bulletins. |
|
|
|
|
2017-05-11 15:34:12 |
Keylogger Found in Audio Drivers on Some HP Machines (lien direct) |
Researchers say an audio driver that comes installed on some HP-manufactured computers can record users keystrokes and store them in a world-readable plaintext file.
|
|
|
|
|
2017-05-11 14:15:06 |
ASUS Patches RT Router Vulnerabilities (lien direct) |
ASUS updated the firmware in March of a number of its RT routers to address vulnerabilities found within the device's native web interface. |
|
|
|