What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-08 19:03:10 | State Department creates bureau to reduce \'likelihood of cyber conflict\' (lien direct) | The new Bureau of Cyberspace Security and Emerging Technologies (CSET) will manage cybersecurity issues as part of the US' foreign policy and diplomatic efforts. | |||
|
2021-01-08 15:22:53 | A crypto-mining botnet is now stealing Docker and AWS credentials (lien direct) | After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces. | |||
|
2021-01-08 12:44:00 | Nvidia releases security update for high-severity graphics driver vulnerabilities (lien direct) | Exploits include data tampering, denial of service, and privilege escalation. | |||
|
2021-01-08 00:47:16 | New side-channel attack can recover encryption keys from Google Titan security keys (lien direct) | Attack requires physical access to the devices but Titan and other keys can be cloned if attacks are successful. | |||
|
2021-01-07 19:22:43 | Ryuk gang estimated to have made more than $150 million from ransomware attacks (lien direct) | Most of the Ryuk gang's "earnings" are being cashed out through accounts at crypto-exchanges Binance and Huobi. | Ransomware | ||
|
2021-01-07 15:09:00 | Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020 (lien direct) | Security firm Recorded Future said it tracked more than 10,000 malware command and control servers last year, used across more than 80 malware families. | Malware | ||
|
2021-01-07 12:01:54 | (Déjà vu) Former VP with an ax to grind hacks company, disrupts PPE supply, earns jail term (lien direct) | The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic. | |||
|
2021-01-07 12:01:00 | Disgruntled former VP hacks company, disrupts PPE supply, earns jail term (lien direct) | The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic. | |||
|
2021-01-07 11:00:15 | North Korean hackers launch RokRat Trojan in campaigns against the South (lien direct) | A VBA self decoding technique is being used to hide the malware on impacted systems. | Malware | ||
|
2021-01-07 00:52:00 | JetBrains denies being involved in SolarWinds hack (lien direct) | JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach. | Hack | ★★★★★ | |
|
2021-01-06 19:41:18 | SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server (lien direct) | The US Department of Justice is one of the rare SolarWinds victims where hackers escalated the hack to a second phase and moved to access internal email inboxes, the agency said today. | Hack | ||
|
2021-01-06 15:40:25 | Nissan source code leaked online after Git repo misconfiguration (lien direct) | Nissan was allegedly running a Bitbucket Git server with the default credentials of admin/admin. | |||
|
2021-01-05 21:18:00 | US government formally blames Russia for SolarWinds hack (lien direct) | Joint statement from the FBI, CISA, ODNI, and NSA says SolarWinds hack was "likely Russian in origin." | Hack | ||
|
2021-01-05 17:15:29 | Italian mobile operator offers to replace SIM cards after massive data breach (lien direct) | Hackers stole the personal data for 2.5 million Ho Mobile subscribers. | Data Breach | ||
|
2021-01-05 15:00:03 | Hackers target cryptocurrency users with new ElectroRAT malware (lien direct) | Intezer Labs said it discovered fake cryptocurrency apps laced with ElectroRAT, a new Go-based malware strain. | Malware | ||
|
2021-01-05 11:51:18 | As coronavirus cases surge, so do cyberattacks against the healthcare sector (lien direct) | Researchers say healthcare organizations have faced a 45% spike in attacks since November. | |||
|
2021-01-04 20:35:13 | SolarWinds: The more we learn, the worse it looks (lien direct) | While you've been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks. | |||
|
2021-01-04 19:33:57 | Malware uses WiFi BSSID for victim identification (lien direct) | Malware authors are using the WiFi AP MAC address (also known as the BSSID) as a way to geo-locate infected hosts. | Malware | ||
|
2021-01-04 15:02:00 | Be warned: COVID-19 vaccine scams are now appearing online, over text, and by email (lien direct) | With millions of us waiting for our place in the vaccine queue, criminals are already trying to cash in. | |||
|
2021-01-04 10:52:00 | Ticketmaster fined $10 million after staff hacked competitor to \'choke off\' presale ticket business (lien direct) | US prosecutors say the goal was to “steal back” key clients. | |||
|
2021-01-04 10:45:24 | T-Mobile discloses its fourth data breach in three years (lien direct) | Personal details and financial information was not exposed, T-Mobile said. | Data Breach | ||
|
2021-01-02 03:59:00 | Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways (lien direct) | The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries. | |||
|
2020-12-31 20:20:26 | SolarWinds hackers accessed Microsoft source code (lien direct) | Microsoft says this is no big deal as the company doesn't rely on the secrecy of source code for the security of its products. | |||
|
2020-12-30 17:15:00 | CISA updates SolarWinds guidance, tells US govt agencies to update right away (lien direct) | US federal agencies must update by the end of the year or take all SolarWinds Orion apps offline. | |||
|
2020-12-29 23:12:00 | FBI: Pranksters are hijacking smart devices to live-stream swatting incidents (lien direct) | The FBI said it's working with smart device makers to address the issue. | |||
|
2020-12-28 18:06:35 | Finland says hackers accessed MPs\' emails accounts (lien direct) | The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament's email system. | |||
|
2020-12-24 22:36:26 | Russian crypto-exchange Livecoin hacked after it lost control of its servers (lien direct) | Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values. | |||
|
2020-12-24 17:34:16 | Citrix devices are being abused as DDoS attack vectors (lien direct) | Citrix says it's working on a fix, expected next year. | |||
|
2020-12-23 02:20:56 | DHS warns against using Chinese hardware and digital services (lien direct) | US says Chinese companies are engaging in "PRC government-sponsored data theft." | |||
|
2020-12-22 12:55:00 | Law enforcement take down three bulletproof VPN providers (lien direct) | The three VPN services provided safe haven for cybercriminals to carry out ransomware attacks, web skimming operations, spearphishing, and account takeovers. | Ransomware | ||
|
2020-12-22 06:00:03 | Microsoft and McAfee headline newly-formed \'Ransomware Task Force\' (lien direct) | The newly-founded Ransomware Task Force will work to put together a standard framework for dealing with ransomware attacks. | Ransomware | ||
|
2020-12-21 23:57:00 | Microsoft, Google, Cisco, and others file amicus brief in support of Facebook\'s NSO lawsuit (lien direct) | Tech giants show support for Facebook's legal case against spyware vendor NSO Group. | |||
|
2020-12-21 20:40:45 | Partial lists of organizations infected with Sunburst malware released online (lien direct) | As security researchers dig through forensic evidence in the aftermath of the SolarWinds supply chain attack, victim names are slowly starting to surface. | Malware | Solardwinds Solardwinds | |
|
2020-12-21 13:59:07 | A second hacking group has targeted SolarWinds systems (lien direct) | Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack. | Malware | ||
|
2020-12-20 23:14:24 | Zero-click iOS zero-day found deployed against Al Jazeera employees (lien direct) | Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14. | Vulnerability | ||
|
2020-12-19 08:00:04 | Firefox to ship \'network partitioning\' as a new anti-tracking defense (lien direct) | Firefox's "network partitioning" feature to ship in v85, scheduled for January 2021. | |||
|
2020-12-18 21:04:26 | Apple, Google, Microsoft, and Mozilla ban Kazakhstan\'s MitM HTTPS certificate (lien direct) | This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens. | |||
|
2020-12-18 17:30:09 | FBI & Interpol disrupt Joker\'s Stash, the internet\'s largest carding marketplace (lien direct) | Four threat intel firms, Digital Shadows, Intel 471, Gemini Advisory, and Kela, said the disruption was temporary. | Threat | ||
|
2020-12-18 13:34:58 | NSA warns of federated login abuse for local-to-cloud attacks (lien direct) | The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure. | |||
|
2020-12-18 03:59:45 | Microsoft says it identified 40+ victims of the SolarWinds hack (lien direct) | Microsoft says 80% of the victims it identified were located in the United States. | Hack | ||
|
2020-12-17 23:46:00 | Microsoft was also breached in recent SolarWinds supply chain hack, report (lien direct) | Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies. | |||
|
2020-12-17 16:20:20 | Ad-blocker AdGuard deploys world\'s first DNS-over-QUIC resolver (lien direct) | DNS-over-QUIC, or DoQ, is viewed as a superior, faster, and more private version of the DNS protocol, even DoH and DoT. | |||
|
2020-12-17 12:29:01 | This \'off the shelf\' Tor backdoor malware is now a firm favorite with ransomware operators (lien direct) | SystemBC is making its mark as a popular tool used in high-profile ransomware campaigns. | Ransomware Malware Tool | ||
|
2020-12-17 11:00:00 | IBM launches experimental homomorphic data encryption environment for the enterprise (lien direct) | Is it possible for fully homomorphic encryption to be a “game-changer” for data privacy? IBM intends to find out. | |||
|
2020-12-17 06:39:54 | Phobos launches Orbital, a tool for finding attack pathways and entry points into your network (lien direct) | After months of work, teasing, and planning, Phobos Orbital is out of beta and available for trials. | Tool | ||
|
2020-12-17 02:30:32 | Three million users installed 28 malicious Chrome or Edge extensions (lien direct) | Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems. | Malware | ||
|
2020-12-16 22:29:16 | FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay (lien direct) | FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom. | Ransomware | ||
|
2020-12-16 13:00:04 | FICO launches cryptocurrency trade risk solution for banks (lien direct) | The software will bring crypto risk assessment to KYC processes. | |||
|
2020-12-16 05:01:04 | New Goontact spyware discovered targeting Android and iOS users (lien direct) | Most Goontact-laced apps are targeting Asian users in Chinese speaking countries, Korea, and Japan. | |||
|
2020-12-16 03:04:57 | SolarWinds said no other products were compromised in recent hack (lien direct) | SolarWinds has released today updates that "replaces the compromised component" in its Orion platform. | Hack |
To see everything:
Our RSS (filtrered)
