Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-26 07:24:13 |
Thodex cryptocurrency exchange chief allegedly goes on the run with $2bn in client funds (lien direct) |
The exchange claims such reports are “unfounded.” |
|
|
|
|
2021-04-23 08:56:25 |
ToxicEye: Trojan abuses Telegram platform to steal your data (lien direct) |
The RAT is using bots to propagate across Telegram channels. |
|
|
|
|
2021-04-22 13:08:16 |
SolarWinds hack analysis reveals 56% boost in command server footprint (lien direct) |
Researchers say newly identified targets are likely. |
Hack
|
|
|
|
2021-04-22 07:23:12 |
New US Justice Department team aims to disrupt ransomware operations (lien direct) |
The task force will focus on dealing with the “root causes” of ransomware. |
Ransomware
|
|
|
|
2021-04-21 13:12:39 |
Instagram debuts new tool to stop abusive message salvos made through new accounts (lien direct) |
DMs are the next area the firm wants to focus on in controlling abusive behavior. |
Tool
|
|
|
|
2021-04-21 10:35:25 |
Zero-day vulnerabilities in SonicWall email security are being actively exploited (lien direct) |
The vendor is urging customers to apply patches immediately. |
|
|
|
|
2021-04-21 09:45:24 |
Codecov breach impacted \'hundreds\' of customer networks: report (lien direct) |
Reports suggest the initial hack may have led to a more extensive supply chain attack. |
Hack
|
|
★★
|
|
2021-04-20 12:07:50 |
Internal Facebook email reveals intent to frame data scraping as \'normalized, broad industry issue\' (lien direct) |
More scraping incidents are "expected" in the future. |
|
|
|
|
2021-04-20 10:35:48 |
Lazarus hacking group now hides payloads in BMP image files (lien direct) |
South Korea continues to be a favored target. |
|
APT 38
|
|
|
2021-04-20 09:04:43 |
Facebook cracks down on posts urging violence, mockery ahead of Chauvin verdict in George Floyd case (lien direct) |
The company also aims to wipe out content that “praises, celebrates or mocks George Floyd's death.” |
|
|
|
|
2021-04-20 08:15:12 |
Remote code execution vulnerabilities uncovered in smart air fryer (lien direct) |
The impacted vendor has not responded or fixed the security issues. |
|
|
|
|
2021-04-19 11:09:00 |
Peloton pushes back against \'urgent\' warning against using Tread+ treadmill (lien direct) |
The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+. |
|
|
|
|
2021-04-19 09:42:18 |
Coding error allowed attackers to delete Facebook live video (lien direct) |
The security issue earned the reporting researcher a substantial bug bounty. |
|
|
|
|
2021-04-09 10:15:53 |
Critical Zoom vulnerability triggers remote code execution without user input (lien direct) |
The researchers who discovered the bug have earned themselves $200,000. |
Vulnerability
|
|
|
|
2021-04-09 09:32:33 |
Washington State educational organizations targeted in cryptojacking spree (lien direct) |
The lucrative nature of cryptocurrency means no industry is safe. |
|
|
|
|
2021-04-08 11:03:18 |
Facebook tackles deepfake spread and troll farms in latest moderation push (lien direct) |
AI-generated images and an exiled militant group are now on Facebook's radar. |
|
|
|
|
2021-04-08 09:40:42 |
Italian man arrested after allegedly paying hitman in cryptocurrency (lien direct) |
Europol claims he attempted to have his ex-girlfriend assassinated. |
|
|
|
|
2021-04-08 09:36:31 |
Vyveva: Lazarus hacking group\'s latest weapon strikes South African freight (lien direct) |
The backdoor is being used to spy on the activities of freight companies. |
|
APT 38
APT 28
|
|
|
2021-04-07 11:34:39 |
Man jailed for trying to buy chemical weapon online able to kill \'hundreds\' of people (lien direct) |
Orders were made in the name of a minor. |
|
|
|
|
2021-04-07 10:13:26 |
New wormable Android malware poses as Netflix to hijack WhatsApp sessions (lien direct) |
Users are lured in with the promise of a free premium subscription. |
Malware
|
|
|
|
2021-04-07 08:48:46 |
Data of 553m Facebook users dumped online: how to see if you are impacted (lien direct) |
The data is old but that doesn't mean it still can't be used. |
|
|
|
|
2021-04-06 13:12:00 |
SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications (lien direct) |
New research also reveals that SAP vulnerabilities, on average, are weaponized in less than 72 hours. |
|
|
|
|
2021-04-06 10:09:21 |
Industries critical to COVID-19 response suffer surge in cloud cyberattacks (lien direct) |
An increase in cloud adoption is being blamed for new security chasms. |
|
|
|
|
2021-04-06 09:42:17 |
Meet Janeleiro: a new banking Trojan striking company, government targets (lien direct) |
The .NET Trojan's developers don't seem to care about staying undetected. |
|
|
|
|
2021-04-06 07:17:47 |
FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited (lien direct) |
APT groups are suspected of harnessing three bugs, two critical, for data exfiltration purposes. |
|
|
|
|
2021-04-01 08:39:27 |
DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks (lien direct) |
Over $8 million was earned through affiliate marketing for illegal marketplaces. |
|
|
|
|
2021-04-01 07:24:04 |
Google: North Korean hackers are targeting researchers through fake offensive security firm (lien direct) |
Google TAG warns of the group using zero-day exploits after reaching out to targets on social media. |
|
|
|
|
2021-03-31 13:07:13 |
Gaming mods, cheat engines are spreading Trojan malware and planting backdoors (lien direct) |
Mods and cheat systems for games are being exploited to deploy information-stealing malware. |
Malware
|
|
|
|
2021-03-31 12:26:21 |
Child tweets on behalf of nuke, space mission agency US Strategic Command (lien direct) |
The gibberish tweet left some amused, some concerned that the account had been compromised. |
|
|
|
|
2021-03-31 11:07:05 |
VMware patches critical vRealize Operations platform vulnerabilities (lien direct) |
Administrator credentials could be stolen by exploiting the bugs. |
|
|
|
|
2021-03-31 09:01:00 |
Pandemic threats: The common threads in COVID-19 scams and criminal schemes (lien direct) |
Researchers explore how cybercriminals have exploited the coronavirus pandemic over the past year. |
|
|
|
|
2021-03-31 07:38:24 |
Whistleblower claims Ubiquiti Networks data breach was \'catastrophic\' (lien direct) |
The source alleges the January security incident was severely downplayed. |
Data Breach
|
|
|
|
2021-03-30 11:11:00 |
Department of Homeland Security email accounts exposed in SolarWinds hack (lien direct) |
Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco. |
Hack
Threat
|
|
|
|
2021-03-30 10:15:42 |
Panasonic, McAfee team up to tackle vehicle cybersecurity (lien direct) |
Early response tech for physical attacks and cyber intrusions is on the list for development. |
|
|
|
|
2021-03-30 09:32:06 |
Ransomware group targets Universities of Maryland, California in new data leaks (lien direct) |
This follows similar extortion attempts impacting two other US universities this month. |
|
|
|
|
2021-03-29 13:45:17 |
Official PHP Git server targeted in attempt to bury malware in code base (lien direct) |
The cyberattack has prompted a rapid and permanent move to GitHub. |
Malware
|
|
|
|
2021-03-29 10:05:23 |
US charges close to 500 individuals for COVID-19 fraud, criminal activity (lien direct) |
Everything from PPE fraud, disaster loan schemes, and unemployment scams are on the books. |
|
|
|
|
2021-03-29 07:02:19 |
This Android malware hides as a System Update app to spy on you (lien direct) |
The spyware triggers when certain actions are performed, such as new adding a contact. |
Malware
|
|
|
|
2021-03-29 06:10:28 |
Brian Krebs: No, I didn\'t hack your Microsoft Exchange server (lien direct) |
The KrebsOnSecurity name is, once again, being abused by cyberattackers. |
Hack
|
|
|
|
2021-03-26 10:00:00 |
Hades ransomware operators are hunting big game in the US (lien direct) |
Companies with annual revenues of over $1 billion are being targeted. |
Ransomware
|
|
|
|
2021-03-25 15:44:44 |
Severe vulnerabilities patched in Facebook for WordPress Plugin (lien direct) |
The worst bug leads to remote code execution, if exploited. |
Guideline
|
|
|
|
2021-03-25 13:00:04 |
Cloudflare launches Page Shield to thwart Magecart card skimming attacks (lien direct) |
Magecart attacks remain a prolific threat to the security of our financial data. |
Threat
|
|
|
|
2021-03-25 09:56:18 |
University students refunded for false ads touting job opportunities with Microsoft, Twitter (lien direct) |
The FTC says students were impacted by the school's “deceptive ads.” |
|
|
|
|
2021-03-24 13:57:14 |
Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million (lien direct) |
Free trials can cost mobile app users thousands of dollars in the long run. |
|
|
|
|
2021-03-24 12:44:00 |
SaltStack revises partial patch for command injection, privilege escalation vulnerability (lien direct) |
The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure. |
Vulnerability
|
|
|
|
2021-03-24 11:21:49 |
Purple Fox malware evolves to propagate across Windows machines (lien direct) |
The malware's new worm capabilities have resulted in a rapidly-increasing infection rate. |
Malware
|
|
|
|
2021-03-24 10:05:30 |
Microsoft: 92% of vulnerable exchange servers are now patched, mitigated (lien direct) |
The latest telemetry suggests IT admins are taking the threat seriously. |
Threat
|
|
|
|
2021-03-23 13:47:56 |
Cybercriminals exchange tips on avoiding arrest, jail in underground forums (lien direct) |
Covering early mistakes, who to target, and what to do when on the verge of arrest are all hot topics. |
|
|
|
|
2021-03-23 13:27:15 |
Debt-chasing UK councils potentially expose private resident data (lien direct) |
Text reminders for debts to be paid opened up a security chasm for thousands of taxpayers. |
|
|
|
|
2021-03-23 13:00:03 |
Cloudflare debuts zero-trust browsing service for remote enterprise workforce (lien direct) |
Browsers will run under Cloudflare's umbrella in an attempt to isolate sessions from cyberattacks. |
|
|
|