What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-04 00:15:08 | Two North American hospitality merchants hacked in May and June (lien direct) | Visa did not share the name of the two victims but said that one company had three different strains of point-of-sale (POS) malware on its network. | Malware | ||
|
2020-10-02 16:53:00 | Google is creating a special Android security team to find bugs in sensitive apps (lien direct) | Android apps that will be on the team's radar include COVID-19 contact tracing apps and election-related apps. | |||
|
2020-10-02 14:37:49 | Google sets up research grant for finding bugs in browser JavaScript engines (lien direct) | Eligible browser JavaScript engines include JavaScriptCore (Safari), V8 (Chrome, Edge), and Spidermonkey (Firefox). | |||
|
2020-10-02 10:00:03 | Researchers track hacking \'fingerprints,\' link Russian attackers to Windows exploit sellers (lien direct) | The new technique was used to profile prolific Windows LPE exploit sellers. | |||
|
2020-10-02 09:31:37 | ESET discovers a rare APT that stayed undetected for nine years (lien direct) | Active since 2011 but only discovered this year, the XDSpy hacker group targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine. | |||
|
2020-10-02 06:50:53 | 4G, 5G networks could be vulnerable to exploit due to \'mishmash\' of old technologies (lien direct) | The decades-old SS7 signaling system is one of numerous protocols exposing 5G networks to abuse. | |||
|
2020-10-01 21:34:18 | Facebook sues two Chrome extension makers for scraping user data (lien direct) | Facebook has sued today the makers of the UpVoice and Ads Feed Chrome extensions. | |||
|
2020-10-01 18:13:00 | US Treasury says some ransomware payments may need its express approval (lien direct) | US Treasury says companies paying ransoms to previously-sanctioned cybercrime groups may face sanctions unless it is notified of the payment beforehand. | Ransomware | ||
|
2020-10-01 18:00:00 | How a Chinese malware gang defrauded Facebook users of $4 million (lien direct) | SilentFade group utilized a Windows rootkit, browser injections, clever scripting, and a Facebook platform bug to buy and post ads on behalf of hacked users. | Malware | ||
|
2020-10-01 13:00:03 | With API attacks rising, Cloudflare launches a free API security tool (lien direct) | Claudflare launches API Shield, a new service to protect web APIs against attacks. | Tool | ||
|
2020-10-01 12:45:03 | Imperva acquires database security startup jSonar (lien direct) | jSonar secured a $50 million investment from Goldman Sachs only a few months ago. | |||
|
2020-10-01 07:00:04 | IPStorm botnet expands from Windows to Android, Mac, and Linux (lien direct) | IPStorm botnet quadruples in size to reach 13,500 infected systems. | |||
|
2020-10-01 05:00:03 | UK NCSC: Don\'t disable updates so you can continue using Adobe Flash past its EOL (lien direct) | UK cybersecurity agency warns system administrators not to disable app and browser updates as a way to continue using Flash inside current or legacy enterprise software. | |||
|
2020-10-01 00:48:00 | Twitter removes 130 Iranian accounts for trying to disrupt the US Presidential Debate (lien direct) | Twitter says it removed the accounts following a tip from the FBI. | |||
|
2020-09-30 19:50:00 | North Korea has tried to hack 11 officials of the UN Security Council (lien direct) | New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year. | Hack | ||
|
2020-09-30 16:23:05 | Windows XP leak confirmed after user compiles the leaked code into a working OS (lien direct) | The Windows XP source code that leaked last week is incomplete, lacking some components, but is authentic. | |||
|
2020-09-30 16:00:05 | GitHub rolls out new Code Scanning security feature to all users (lien direct) | New Code Scanning feature will tell GitHub users when they've added known security flaws in their code | |||
|
2020-09-30 16:00:04 | Linkury adware caught distributing full-blown malware (lien direct) | Linkury (SafeFinder) installations linked to infections with the Socelars and Kpot infostealer trojans. | Malware | ||
|
2020-09-30 13:30:03 | $15 million business email scam campaign in the US exposed (lien direct) | The FBI is investigating the global campaign in which millions of dollars have been stolen from at least 150 victims. | |||
|
2020-09-30 10:18:45 | This worm phishing campaign is a game-changer in password theft, account takeovers (lien direct) | The security incident highlights the need for multi-factor authentication in the enterprise. | |||
|
2020-09-29 23:20:30 | Twitter hires new CISO in industry veteran Rinki Sethi (lien direct) | Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay. | |||
|
2020-09-29 15:33:58 | Microsoft: Some ransomware attacks take less than 45 minutes (lien direct) | Microsoft goes over the recent malware trends in its new "Digital Defense Report." | Ransomware Malware | ||
|
2020-09-29 09:36:53 | Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data (lien direct) | Thousands of students have reportedly had their private data released online. | Ransomware | ||
|
2020-09-29 08:10:03 | Former Amazon finance manager and family charged with $1.4m insider trading scheme (lien direct) | The charges relate to trading made before Amazon earnings announcements. | |||
|
2020-09-29 05:00:04 | QNAP tells NAS users to update firmware to avoid new type of ransomware (lien direct) | AgeLocker ransomware has been seen infecting QNAP NAS systems since June. | Ransomware | ||
|
2020-09-29 01:52:00 | 911 services down in multiple US states (lien direct) | Most services are now restored. Recent Microsoft cloud service outage blamed. | |||
|
2020-09-28 23:21:32 | All four of the world\'s largest shipping companies have now been hit by cyber-attacks (lien direct) | Maritime industry needs to focus more on securing shore-based systems and stop prioritizing the less likely ship-based attacks. | |||
|
2020-09-28 15:19:03 | UHS hospital network hit by ransomware attack (lien direct) | UHS operates more than 400 hospitals across the US and UK. Some US hospitals have been down since Sunday. | Ransomware | ||
|
2020-09-28 12:36:00 | Suspicious logins reported after ransomware attack on US govt contractor (lien direct) | Ransomware attack on Tyler Technologies is looking worse by the day. | Ransomware | ||
|
2020-09-28 11:18:07 | Students rise up against forced remote spy app usage in colleges, universities (lien direct) | Recent clashes highlight concerns that forcing students to use remote exam monitoring software is an affront to personal privacy. | |||
|
2020-09-27 09:05:07 | Google removes 17 Android apps doing WAP billing fraud from the Play Store (lien direct) | The 17 apps were infected with the Joker (Bread) malware, which Google described in January 2020 as one of the most persistent threats it dealt with since 2017. | |||
|
2020-09-26 07:35:00 | KuCoin cryptocurrency exchange hacked for $150 million (lien direct) | KuCoin said an intruder drained all its hot wallets today. | |||
|
2020-09-26 05:50:03 | Pastebin adds \'Burn After Read\' and \'Password Protected Pastes\' to the dismay of the infosec community (lien direct) | The two new features will make it easier to disguise malware operations. | Malware | ||
|
2020-09-25 17:10:00 | Twitter warns of possible API keys leak (lien direct) | Incorrect server settings on the Twitter Developer portal led to browsers caching API keys, account access token and secret. | |||
|
2020-09-25 16:23:00 | You can bypass TikTok\'s MFA by logging in via a browser (lien direct) | Enabling MFA in the TikTok mobile app doesn't apply it for the web dashboard. TikTok promised to fix the issue. | |||
|
2020-09-25 11:39:00 | Verizon, AT&T settle overcharging whistleblower case for $116 million (lien direct) | Updated: The lawsuit alleged that both telecoms giants overcharged government agencies for over a decade. | |||
|
2020-09-25 10:56:52 | Airbnb may be exposing private host inbox messages, bookings and earnings data (lien direct) | Airbnb hosts report that they are able to access inboxes that do not belong to them. | |||
|
2020-09-24 22:34:55 | CISA says a hacker breached a federal agency (lien direct) | CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step. | |||
|
2020-09-24 21:09:50 | Microsoft removed 18 Azure AD apps used by Chinese state-sponsored hacker group (lien direct) | Azure AD apps were abused by the Gadolinium (APT40) group to attack Microsoft Azure customers. | Industrial | APT 40 | |
|
2020-09-24 17:22:00 | Twitter prepares for US election with new security training, penetration tests (lien direct) | Twitter has also rolled out hardware security keys to all employees to prevent social engineering and phishing attacks. | |||
|
2020-09-24 15:48:48 | Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping (lien direct) | The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers. | |||
|
2020-09-24 12:58:23 | ICO fines profiteering UK firm for touting coronavirus products over spam texts (lien direct) | The UK company sent cold texts offering products “effective against coronavirus.” | Spam | ||
|
2020-09-24 11:27:22 | Next-generation police dogs now sniff out your electronics (lien direct) | Drugs and weapons are not the only criminal evidence police dogs are on the hunt for. | |||
|
2020-09-24 10:00:03 | Instagram bug opened a path for hackers to hijack app, turn smartphones into spies (lien direct) | The RCE vulnerability, now patched, took nothing more than an image file to trigger. | |||
|
2020-09-24 07:52:52 | Microsoft says it detected active attacks leveraging Zerologon vulnerability (lien direct) | Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild. | Vulnerability Patching | ||
|
2020-09-24 07:00:03 | New \'Alien\' malware can steal passwords from 226 Android apps (lien direct) | Most targets are banking apps, but Alien can also show phishing pages for social, instant messaging, and cryptocurrency apps. | Malware | ||
|
2020-09-23 20:31:07 | Microsoft, Italy, and the Netherlands warn of increased Emotet activity (lien direct) | New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month. | |||
|
2020-09-23 10:42:41 | Facebook wipes out Chinese, Filipino misinformation campaigns (lien direct) | Facebook has removed two separate networks flooding the platform with inauthentic content and spam. | |||
|
2020-09-23 09:00:03 | Ransomware gang targets Russian businesses in rare coordinated attacks (lien direct) | Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space. | Ransomware | ||
|
2020-09-23 08:57:31 | Shopify discloses security incident caused by two rogue employees (lien direct) | Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores. |
To see everything:
Our RSS (filtrered)
