What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-20 20:40:09 | Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock (lien direct) | The Mozilla Foundation releases Firefox 88, fixing 13 bugs ranging from high to low severity. | |||
|
2021-04-20 15:59:56 | GEICO Alerts Customers Hackers Stole Driver License Data for Two Months (lien direct) | The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website. | Vulnerability | ||
|
2021-04-19 19:23:07 | NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens (lien direct) | The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks. | Malware | ||
|
2021-04-19 18:01:23 | Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks (lien direct) | Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next. | Ransomware | ||
|
2021-04-19 15:27:38 | What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis (lien direct) | Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic. | |||
|
2021-04-16 20:27:25 | BazarLoader Malware Abuses Slack, BaseCamp Clouds (lien direct) | Two cyberattack campaigns are making the rounds using unique social-engineering techniques. | Malware | ||
|
2021-04-16 19:19:55 | iOS Kids Game Morphs into Underground Crypto Casino (lien direct) | A malicious 'Jungle Run' app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality. | |||
|
2021-04-16 18:10:09 | NSA: 5 Security Bugs Under Active Nation-State Cyberattack (lien direct) | Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. | APT 29 | ||
|
2021-04-16 14:02:54 | Mandiant Front Lines: How to Tackle Exchange Exploits (lien direct) | Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. | |||
|
2021-04-16 12:57:36 | Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period (lien direct) | The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. | |||
|
2021-04-15 20:09:21 | Biden Races to Shore Up Power Grid Against Hacks (lien direct) | A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. | |||
|
2021-04-15 16:35:53 | Gafgyt Botnet Lifts DDoS Tricks from Mirai (lien direct) | The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. | Malware | ||
|
2021-04-15 12:19:13 | Attackers Target ProxyLogon Exploit to Install Cryptojacker (lien direct) | Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. | Threat | ||
|
2021-04-14 20:56:27 | Security Bug Allows Attackers to Brick Kubernetes Clusters (lien direct) | The vulnerability is triggered when a cloud container pulls a malicious image from a registry. | Vulnerability | Uber | |
|
2021-04-14 19:55:41 | Ransomware Attack Creates Cheese Shortages in Netherlands (lien direct) | Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. | |||
|
2021-04-14 17:31:13 | FBI Clears ProxyLogon Web Shells from Hundreds of Orgs (lien direct) | In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. | |||
|
2021-04-14 17:21:54 | A Post-Data Privacy World and Data-Rights Management (lien direct) | Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what comes next. | |||
|
2021-04-14 14:48:27 | 100,000 Google Sites Used to Install SolarMarket RAT (lien direct) | Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains. | |||
|
2021-04-14 12:46:33 | Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes (lien direct) | Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack. | |||
|
2021-04-13 21:03:41 | How the NAME:WRECK Bugs Impacts Consumers, Businesses (lien direct) | How this class of vulnerabilities will impact millions connected devices and potentially wreck the day of IT security professionals. | |||
|
2021-04-13 20:24:15 | COVID-Related Threats, PowerShell Attacks Lead Malware Surge (lien direct) | Researchers measured 648 new malware threats every minute during Q4 2020. | Malware | ||
|
2021-04-13 18:29:33 | Tax Phish Swims Past Google Workspace Email Security (lien direct) | Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page. | |||
|
2021-04-13 16:40:49 | Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop (lien direct) | The security bugs could open the door for arbitrary code-execution and full takeover of targeted machines. | |||
|
2021-04-13 13:40:51 | Chrome Zero-Day Exploit Posted on Twitter (lien direct) | An update to Google's browser that fixes the flaw is expected to be released on Tuesday. | |||
|
2021-04-12 20:18:18 | 1.3M Clubhouse Users\' Data Dumped in Hacker Forum for Free (lien direct) | Clubhouse denies it was 'breached' and says the data is out there for anyone to grab. | |||
|
2021-04-12 20:01:44 | Man Arrested for AWS Bomb Plot (lien direct) | A man caught in an FBI sting said he wanted to destroy "70 percent of the internet" by going after the tech giant's data centers. | |||
|
2021-04-12 18:14:35 | Zero Trust: The Mobile Dimension (lien direct) | Hank Schless, senior security solutions manager at Lookout, discusses how to secure remote working via mobile devices. | |||
|
2021-04-12 18:12:04 | IcedID Circulates Via Web Forms, Google URLs (lien direct) | Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters. | Spam | ||
|
2021-04-09 20:54:31 | DOJ: Creep Coach Finagles Nude Athlete Photos (lien direct) | Allegedly perv college coach charged with cyberstalking and extorting nudes from his female athletes. | |||
|
2021-04-09 18:40:48 | 623M Payment Cards Stolen from Cybercrime Forum (lien direct) | The database was subsequently leaked elsewhere, imperiling consumers from the U.S. and around the world. | |||
|
2021-04-09 15:40:59 | Network Detection & Response: The Next Frontier in Fighting the Human Problem (lien direct) | Justin Jett, director of audit and compliance for Plixer, discusses the transformation of network-traffic analytics and what it means for cybersecurity now. | |||
|
2021-04-09 14:06:24 | Data from 500M LinkedIn Users Posted for Sale Online (lien direct) | Like the Facebook incident earlier this week, the information - including user profile IDs, email addresses and other PII -- was scraped from the social-media platform. | |||
|
2021-04-08 21:17:02 | Adware Spreads via Fake TikTok App, Laptop Offers (lien direct) | Cybercriminals are encouraging users to send the "offers" via WhatsApp to their friends as well. | |||
|
2021-04-08 21:07:47 | Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers (lien direct) | Cisco says it will not patch three small business router models and one VPN firewall device with critical vulnerabilities. | |||
|
2021-04-08 20:00:17 | IcedID Banking Trojan Surges: The New Emotet? (lien direct) | A widespread email campaign using malicious Microsoft Excel attachments and Excel 4 macros is delivering IcedID at high volumes, suggesting it's filling the Emotet void. | |||
|
2021-04-08 14:12:46 | Azure Functions Weakness Allows Privilege Escalation (lien direct) | Microsoft's cloud-container technology allows attackers to directly write to files, researchers said. | |||
|
2021-04-08 14:00:32 | Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks (lien direct) | Industrial enterprises in Europe are target of campaign, which forced a shutdown of industrial processes in at least one of its victims' networks, according to researchers. | Ransomware | ||
|
2021-04-07 20:50:39 | Attackers Blowing Up Discord, Slack with Malware (lien direct) | One Discord network search turned up 20,000 virus results, researchers found. | Malware | ||
|
2021-04-07 17:57:20 | Crossing the Line: When Cyberattacks Become Acts of War (lien direct) | Saryu Nayyar, CEO at Gurucul, discusses the new Cold War and the potential for a cyberattack to prompt military action. | |||
|
2021-04-07 16:47:11 | Fake Netflix App on Google Play Spreads Malware Via WhatsApp (lien direct) | The wormable malware spread from Android to Android by sending messages offering free Netflix Premium for 60 days. | Malware | ||
|
2021-04-07 13:00:27 | Facebook: Stolen Data Scraped from Platform in 2019 (lien direct) | The flaw that caused the leak of personal data of more than 533 million users over the weekend no longer exists; however, the social media giant still faces an investigation by EU regulators. | ★★★ | ||
|
2021-04-06 20:55:47 | Critical Cloud Bug in VMWare Carbon Black Allows Takeover (lien direct) | CVE-2021-21982 affects a platform designed to secure private clouds, and the virtual servers and workloads that they contain. | |||
|
2021-04-06 20:54:54 | Chinese Hackers Selling Intimate Stolen Camera Footage (lien direct) | A massive operation offers access to hacked camera feeds in bedrooms and at hotels. | |||
|
2021-04-06 18:47:57 | SAP Bugs Under Active Cyberattack, Causing Widespread Compromise (lien direct) | Cyberattackers are actively exploiting known security vulnerabilities in widely deployed, mission-critical SAP applications, allowing for full takeover and the ability to infest an organization further. | |||
|
2021-04-06 13:59:11 | Conti Gang Demands $40M Ransom from Florida School District (lien direct) | New details of negotiation between attackers and officials from Broward County Public Schools emerge after a ransomware attack early last month. | Ransomware | ★★★ | |
|
2021-04-05 21:07:42 | 533M Facebook Accounts Leaked Online: Check if You Are Exposed (lien direct) | An estimated 32 million, of the half-billion of Facebook account details posted online, were tied to US-based accounts. | |||
|
2021-04-05 21:04:26 | Spy Operations Target Vietnam with Sophisticated RAT (lien direct) | Researchers said the FoundCore malware represents a big step forward when it comes to evasion. | Malware | ||
|
2021-04-05 19:46:18 | LinkedIn Spear-Phishing Campaign Targets Job Hunters (lien direct) | Fake job offers lure professionals into downloading the more_eggs backdoor trojan. | |||
|
2021-04-05 19:10:53 | Apple Mail Zero-Click Security Vulnerability Allows Email Snooping (lien direct) | The researcher is offering details on CVE-2020-9922, which can be triggered just by sending a target an email with two .ZIP files attached. | Vulnerability | ||
|
2021-04-05 17:28:13 | How To Defend the Extended Network Against Web Risks (lien direct) | Aamir Lakhani, cybersecurity researcher for Fortinet's FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. |
To see everything:
Our RSS (filtrered)
