What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-17 21:01:08 | What\'s called Grogu but isn\'t that cute? Google\'s leaked answer to Apple AirTags (lien direct) | Rumored product looks like part of a larger effort to compete with Cupertino's Find My network Google leaks point to the Android maker working on an Apple AirTags competitor, news of which could indicate a broader effort to compete with Apple's Find My network.… | ★★★ | ||
|
2023-01-16 11:30:11 | For password protection, dump LastPass for open source Bitwarden (lien direct) | After the security breach last summer, staying put is playing with fire Opinion For better or worse, we still need passwords, and to protect and organize them, I recommend the open source Bitwarden password manager.… | LastPass | ★★★ | |
|
2023-01-14 20:57:07 | NSA asks Congress to let it get on with that warrantless data harvesting, again (lien direct) | Also: That Pokemon is actually a RAT, Uncle Sam fails a password audit In brief A US intelligence boss has asked Congress to reauthorize a controversial set of powers that give snoops warrantless authorization to surveil electronic communications in the name of fighting terrorism and so forth.… | ★★★ | ||
|
2023-01-13 13:30:06 | Microsoft Defender ASR rules remove icons and apps shortcuts from Taskbar (lien direct) | Happy Friday 13th sysadmins! Techies find workarounds but Redmond still 'investigating' Techies are reporting that Microsoft Defender for Endpoint attack surface reduction (ASR) rules have gone haywire and are removing icons and applications shortcuts from the Taskbar and Start Menu.… | ★★★★ | ||
|
2023-01-11 17:45:13 | Stranded ISS astronauts are getting a new Soyuz to ride home (lien direct) | The coolant-deprived vessel that got them there will return to Earth alone Russian space agency Roscosmos has decided to send another Soyuz capsule to the International Space Station to rescue crew stranded by a coolant leak in their return ride. … | ★★ | ||
|
2023-01-11 03:29:09 | Health insurer Aflac blames US partner for leak of Japanese cancer policy info (lien direct) | Zurich's Japanese outpost also leaks a couple of million records Global insurer Aflac's Japanese branch has revealed that personal data describing more than three million customers of its cancer insurance product has been leaked online.… | ★★★ | ||
|
2023-01-11 01:58:18 | Privacy on the line: Boffins break VoLTE phone security (lien direct) | Call metadata can be ferreted out Boffins based in China and the UK have devised a telecom network attack that can expose call metadata during VoLTE/VoNR conversations.… | ★★★ | ||
|
2023-01-11 00:00:09 | First Patch Tuesday of the year explodes with an in-the-wild exploit (lien direct) | Plus Intel, Adobe, SAP and Android bugs Patch Tuesday Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that's already been exploited and another listed as publicly known. Of the new January vulnerabilities, 11 are rated critical because they lead to remote code execution.… | Guideline | ★★ | |
|
2023-01-10 09:30:12 | 2002 video streaming patent holder sues Amazon and Twitch (lien direct) | Both companies knew about the patent, claims lawsuit Media solutions company BSD Crown, best known for video encoding products as well as building Android smartphones in the Noughties, has filed a lawsuit against Amazon and livestreaming offshoot Twitch, claiming the pair infringed its patent.… | ★★ | ||
|
2023-01-10 02:29:10 | Pakistan\'s government to agencies: Dark web is dangerous, please don\'t go there (lien direct) | Advice follows embarrassing leak of audio from Prime Minister's office Pakistan's government has warned its agencies that the dark web exists, is home to all sorts of unpleasant people, and should be avoided.… | ★★ | ||
|
2023-01-09 21:15:11 | Python Package Index found stuffed with AWS keys and malware (lien direct) | British developer uses homegrown scanning tool to check for risks The Python Package Index, or PyPI, continues to surprise and not in a good way.… | Malware Tool | ★★ | |
|
2023-01-09 20:30:12 | US Supremes deny Pegasus spyware maker\'s immunity claim (lien direct) | NSO maintains that it's all legit The US Supreme Court has quashed spyware maker NSO Group's argument that it cannot be held legally responsible for using WhatsApp technology to deploy its Pegasus snoop-ware on users' phones.… | ★★ | ||
|
2023-01-06 15:30:06 | Dridex malware pops back up and turns its attention to macOS (lien direct) | Malware testers spot attempt to attack Macs. But (try not to weep for the bad guys) there are still compatibility issues with MS exe files A variant of the bad penny that is Dridex, the general-purpose malware that has been around for years, now has macOS platforms in its sights and a new way of delivering malicious macros via documents.… | Malware | ★★★ | |
|
2023-01-05 23:40:42 | Rackspace blames ransomware woes on zero-day attack (lien direct) | Play gang blamed, ProxyNotShell cleared and hosted Exchange doomed Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack.… | Ransomware | ★★ | |
|
2023-01-05 20:45:05 | FCC suggests licensing 5GHz spectrum to drone operators (lien direct) | What's the WiFly password again? The US Federal Communications Commission (FCC) is considering opening a swath of 5GHz spectrum up for use by the growing number of unmanned aerial vehicles and drones.… | ★ | ||
|
2023-01-05 17:45:08 | Lenovo adds rugged ThinkPhone to appeal to ThinkPad users (lien direct) | Gorilla Glass-plated Android gadget for the biz crowd but it won't be cheap... CES Lenovo has unveiled the ThinkPhone, an Android smartphone the company is positioning as a business device alongside its ThinkPad laptops, with a number of features designed to make the two devices work better together.… | ★★ | ||
|
2023-01-05 12:30:11 | Twitter whistleblower Peiter \'Mudge\' Zatko lands new gig at Rapid7 (lien direct) | A long way from password crackers for Windows NT for former L0pht legend Former Twitter security chief and whistleblower Peiter "Mudge" Zatko has landed his first official role since he left the company, a part-time job as "executive in residence" with cybersecurity firm Rapid7.… | ★★ | ||
|
2023-01-04 20:00:11 | The Guardian ransomware attack hits week two as staff told to work from home (lien direct) | UK data watchdog would like a word over failure to systems Long-standing British broadsheet The Guardian has told staff to continue working from home and notified the UK's data privacy watchdog about the security breach following a suspected ransomware attack before Christmas.… | Ransomware | ★★★ | |
|
2023-01-04 14:00:13 | PyTorch dependency poisoned with malicious code (lien direct) | System data was exfiltrated during attack, but an anonymous person says it was a research project gone wrong An unknown attacker used the PyPI code repository to get developers to download a compromised PyTorch dependency that included malicious code designed to steal system data.… | ★★ | ||
|
2023-01-04 00:59:55 | LockBit: Sorry about the SickKids ransomware, not sorry about the rest (lien direct) | Blame it on the affiliate Notorious ransomware gang LockBit "formally apologized" for an extortion attack against Canada's largest children's hospital that the criminals blamed on a now-blocked affiliate group, and said it published a free decryptor for the victim to recover the files.… | Ransomware | ★★ | |
|
2022-12-30 01:50:37 | NASA may tap SpaceX to rescue ISS \'nauts after Soyuz leak (lien direct) | And Elon's still distracted by Twitter, yes? OK, that's probably for the best NASA is considering using SpaceX to bring three astronauts back to Earth from the International Space Station after the Russian spacecraft due to return the crew suffered a significant coolant leak. … | ★★ | ||
|
2022-12-23 20:00:07 | TikTok confirms it tracked journalists\' locations as part of leak investigation (lien direct) | As if you needed another reason to delete the app right now Video sharing platform TikTok and its parent company Bytedance are leakier than a sieve – and it has emerged that in an attempt to plug the holes, members of Bytedance's internal audit team tracked the physical location of journalists via their IP addresses.… | ★★★★ | ||
|
2022-12-23 06:35:07 | LastPass admits attackers have a copy of customers\' password vaults (lien direct) | Thankfully a well encrypted copy that could take an eon to crack, unless users practiced bad password hygiene Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts.… | LastPass | ★★ | |
|
2022-12-23 00:27:51 | Crooks copy source code from Okta\'s GitHub repository (lien direct) | The hack wraps up a year of bad security incidents for identity Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories.… | Hack | ★★ | |
|
2022-12-22 18:34:52 | Zerobot malware now shooting for Apache systems (lien direct) | Upgraded threat, time to patch The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things (IoT) devices it can compromise by going after Apache systems.… | Malware | ★★★ | |
|
2022-12-22 02:20:36 | Godfather malware makes banking apps an offer they can\'t refuse (lien direct) | No horse heads in beds...that we know of Crooks are using an Android banking Trojan dubbed Godfather to steal from banking and cryptocurrency exchange app users in 16 countries, according to Group-IB security researchers… | Malware | ★★★ | |
|
2022-12-21 15:40:06 | UK\'s Guardian newspaper breaks news of ransomware attack on itself (lien direct) | Reporters work from home as publication promises Thursday's print edition will hit newstands on time UK broadsheet media outlet The Guardian has become the victim of a ransomware attack which seems to have take out a large chunk of office-based systems.… | Ransomware | ★★ | |
|
2022-12-21 09:45:12 | Malicious PyPI package found posing as a SentinelOne SDK (lien direct) | Security firm tagged with malware misrepresentation Threat researchers have found a rapidly updated malicious Python package on PyPI masquerading as a legitimate software-development kit (SDK) from cybersecurity firm SentinelOne, but actually contains malware designed to exfiltrate data from infected systems.… | Malware | ★★ | |
|
2022-12-21 03:00:06 | Parental control apps prove easy to beat by kids and crims (lien direct) | 20m downloads can't be wrong? Or can they? Parental control apps may do more harm than good, according to researchers who found 18 bugs in eight Android apps with more than 20 million total downloads that could be exploited to, among many nefarious acts, control other devices on the parents' network.… | ★★★ | ||
|
2022-12-21 00:08:12 | Cisco\'s Talos security bods predict new wave of Excel Hell (lien direct) | Criminals have noticed that spreadsheet's XLL files add custom functionality - including malware It took a few years and one temporary halt, but in July Microsoft finally began blocking certain macros by default in Word, Excel, and PowerPoint, cutting off a popular attack vector for those who target users of Microsoft's Windows OS and Office suite.… | Prediction | ★★★ | |
|
2022-12-20 19:30:10 | Microsoft reports macOS Gatekeeper has an \'Achilles\' heel (lien direct) | Insert your Trojan joke here Security researchers at Microsoft have discovered a bug in macOS that lets malicious apps bypass Apple's Gatekeeper security software "for initial access by malware and other threats." … | Malware | ★★ | |
|
2022-12-20 05:28:09 | Google integrates Indian government\'s cloud services into Android (lien direct) | Collab obviously goes deep – accessing DigiLocker requires use of national identity service Google has integrated the Indian government's cloud storage service into Android – a feat that weaves the national ID system and government documents deeply into the search giant's OS.… | ★★ | ||
|
2022-12-15 06:30:14 | Soyuz leak puts a stop to planned ISS spacewalk and work on Nauka module (lien direct) | Королёв, we have a problem … We don't mean to alarm you, but a Russian Soyuz vehicle docked at the International Space Station (ISS) is leaking a "significant" amount of something, resulting in the cancellation of a spacewalk.… | ★ | ||
|
2022-12-15 02:35:09 | Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs (lien direct) | If you get email from 'Samantha Wolf', congrats: you're important enough to make a decent target An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint.… | Medical | APT 35 | ★ |
|
2022-12-14 06:57:13 | Citrix patches critical ADC flaw the NSA says is already under attack from China (lien direct) | Yet more pain for the software formerly known as NetScaler The China-linked crime gang APT5 is already attacking a flaw in Citrix's Application Delivery Controller (ADC) and Gateway products that the vendor patched today.… | APT 5 | ★★★ | |
|
2022-12-13 23:30:11 | LockBit threatens to leak confidential info stolen from California\'s beancounters (lien direct) | Databases, details of 'sexual proceedings in court' and more apparently pilfered from finance IT LockBit claims it was behind a cyber-attack on the California Department of Finance, bragging it stole data during the intrusion.… | ★★ | ||
|
2022-12-13 22:46:56 | Uber staff info leaks after IT supply chain attack (lien direct) | Records swiped from pwned supplier Teqtivity, dumped online Uber, which has suffered a few data thefts in its time, is this week dealing with the fallout from more information being stolen, this time through one of its technology suppliers.… | Uber Uber | ★★ | |
|
2022-12-13 08:32:10 | Researchers smell a cryptomining Chaos RAT targeting Linux systems (lien direct) | Smells like Russian miscreants A type of cryptomining malware targeting Linux-based systems has added capabilities by incorporating an open source remote access trojan called Chaos RAT with several advanced functions that bad guys can use to control remote operating systems.… | Malware | ★★★ | |
|
2022-12-12 07:30:13 | IT security teams, business execs still not on same page (lien direct) | Also: Guri the air-gap guru strikes again, while pro-Ukraine hackers set up a proxy network in Russia In brief Let's start with the good news: according to a survey of security and business leaders, executives have become far more aware of the importance of cyber security in the past two years, better aligning security teams and leadership. … | Guideline | ★★ | |
|
2022-12-11 23:06:05 | Japan, Australia, to bolster cyber-defenses, maybe offensive capacity too (lien direct) | FTX Japan payment promise evaporates; VR/AR to boom across APAC; Google wins privacy case Asia In Brief Australia's home affairs and cybersecurity minister Clare O'Neill has given the nation a goal of becoming the world's most cyber secure nation by 2030.… | ★★ | ||
|
2022-12-09 22:00:08 | Legit Android apps poisoned by sticky \'Zombinder\' malware (lien direct) | Sure, go ahead and load APKs instead of using an app store. You won't enjoy the results Threat researchers have discovered an obfuscation platform that attaches malware to legitimate Android applications to lure users to install the malicious payload and make it difficult for security tools to detect.… | Malware | ★★★ | |
|
2022-12-08 21:35:09 | REvil-hit Medibank to pull plug on IT, shore up defenses (lien direct) | If safety regulations are written in blood, what are security policies written in? Sweat and cursing? Australian health insurance company Medibank will take all of its IT systems offline and close its branches over the weekend as part of its ongoing efforts to improve security and recover from a massive data security breach in October.… | ★★★ | ||
|
2022-12-07 12:47:17 | Victims of IT scandal in UK postal service will get fresh compensation (lien direct) | Move follows award swallowed up by legal fees The British government has announced a fresh scheme to compensate victims of the Post Office Horizon IT scandal, which saw sub-postmasters wrongfully prosecuted for theft, false accounting and fraud because of errors in a Fujitsu-built finance system.… | ★★★ | ||
|
2022-12-07 07:25:11 | Microsoft: (Cyber) winter is coming as DDoS attack disrupts Russian bank (lien direct) | Where's the Night's Watch when you need them? Microsoft has warned Europe to be on alert for cyber attacks from Russia this winter, just as a series of attacks hit Russian organizations – including the country's second-largest bank.… | ★★★ | ||
|
2022-12-07 04:29:09 | Amnesty International Canada claims attack by China-backed forces (lien direct) | Threat actors allegedly looking for contacts and monitoring org's future plans The Canadian branch of Amnesty International was the target of an attack it has pinned on a Chinese state-sponsored actor.… | ★ | ||
|
2022-12-06 22:45:06 | Rackspace confirms ransomware attack behind days-long email outage (lien direct) | Hope the name Hackspace doesn't stick Updated Rackspace has admitted a ransomware infection was to blame for the days-long email outage that disrupted services for customers. … | Ransomware | ★★★ | |
|
2022-12-06 15:30:10 | Want to detect Cobalt Strike on the network? Look to process memory (lien direct) | Security analysts have tools to spot hard-to-find threat, Unit 42 says Enterprise security pros can detect malware samples in environments that incorporate the highly evasive Cobalt Strike attack code by analyzing artifacts in process memory, according to researchers with Palo Alto Networks' Unit 42 threat intelligence unit.… | Malware Threat | ★★★ | |
|
2022-12-05 22:30:13 | Google warns stolen Android keys used to sign info-stealing malware (lien direct) | OEMs including Samsung, LG and Mediatek named and shamed Compromised Android platform certificate keys from device makers including Samsung, LG and Mediatek are being used to sign malware and deploy spyware, among other software nasties.… | Malware | ★★★ | |
|
2022-12-02 23:10:59 | Medibank prognosis gets worse after more stolen data leaked (lien direct) | Plus Australia launches an investigation into insurer's data privacy practices Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web. … | Data Breach | ★★ | |
|
2022-12-02 21:30:07 | Google says Android runs better when covered in Rust (lien direct) | Banishing memory safety bugs cuts critical vulnerabilities Google has been integrating code written in the Rust programming language into its Android operating system since 2019 and its efforts have paid off in the form of fewer vulnerabilities.… | ★★★ |
To see everything:
Our RSS (filtrered)
