Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-29 10:00:04 |
Paleohacks data leak exposes customer records, password reset tokens (lien direct) |
The leak wasn't dealt with until Amazon was contacted directly. |
|
|
|
|
2021-04-29 09:39:06 |
RotaJakiro: A Linux backdoor that has flown under the radar for years (lien direct) |
The malware remains undetected by most VirusTotal engines. |
Malware
|
|
|
|
2021-04-29 08:49:09 |
Accenture acquires French cybersecurity firm Openminded (lien direct) |
The bid is aimed at expanding Accenture's European footprint. |
|
|
|
|
2021-04-28 12:43:42 |
Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild (lien direct) |
The patch tackles a zero-day bug actively exploited by Shlayer malware. |
Vulnerability
|
|
|
|
2021-04-28 10:29:28 |
Linux kernel vulnerability exposes stack memory, causes data leaks (lien direct) |
The bug could also be used as a conduit for more severe attacks. |
Vulnerability
|
|
|
|
2021-04-28 09:11:00 |
Microsoft mulls over tweaks to threat data, code-sharing scheme following Exchange Server debacle (lien direct) |
It has been suspected that exploit code used in the wave of attacks may have been sourced from the program. |
Threat
|
|
|
|
2021-04-28 04:01:03 |
COVID-19, WFH prompts spike in cyberattacks against banks, insurers (lien direct) |
Research suggests “open and insecure gaps” are being exploited in financial organizations' networks. |
|
|
|
|
2021-04-27 08:54:35 |
Adobe releases open source \'one-stop shop\' for security threat, data anomaly detection (lien direct) |
The project is focused on data processing efficiency and improving threat log data analysis. |
Threat
|
|
|
|
2021-04-26 11:08:00 |
Darktrace slashes valuation price estimate ahead of IPO: report (lien direct) |
The caution is aimed at preventing share prices from tanking on debut. |
|
|
|
|
2021-04-26 09:34:40 |
Prominent security expert Dan Kaminsky passes away at 42 (lien direct) |
Kaminsky is being remembered not only for his kindness but also for being a “force of nature” in the infosec community. |
|
|
|
|
2021-04-26 07:24:13 |
Thodex cryptocurrency exchange chief allegedly goes on the run with $2bn in client funds (lien direct) |
The exchange claims such reports are “unfounded.” |
|
|
|
|
2021-04-23 08:56:25 |
ToxicEye: Trojan abuses Telegram platform to steal your data (lien direct) |
The RAT is using bots to propagate across Telegram channels. |
|
|
|
|
2021-04-22 13:08:16 |
SolarWinds hack analysis reveals 56% boost in command server footprint (lien direct) |
Researchers say newly identified targets are likely. |
Hack
|
|
|
|
2021-04-22 07:23:12 |
New US Justice Department team aims to disrupt ransomware operations (lien direct) |
The task force will focus on dealing with the “root causes” of ransomware. |
Ransomware
|
|
|
|
2021-04-21 13:12:39 |
Instagram debuts new tool to stop abusive message salvos made through new accounts (lien direct) |
DMs are the next area the firm wants to focus on in controlling abusive behavior. |
Tool
|
|
|
|
2021-04-21 10:35:25 |
Zero-day vulnerabilities in SonicWall email security are being actively exploited (lien direct) |
The vendor is urging customers to apply patches immediately. |
|
|
|
|
2021-04-21 09:45:24 |
Codecov breach impacted \'hundreds\' of customer networks: report (lien direct) |
Reports suggest the initial hack may have led to a more extensive supply chain attack. |
Hack
|
|
★★
|
|
2021-04-20 12:07:50 |
Internal Facebook email reveals intent to frame data scraping as \'normalized, broad industry issue\' (lien direct) |
More scraping incidents are "expected" in the future. |
|
|
|
|
2021-04-20 10:35:48 |
Lazarus hacking group now hides payloads in BMP image files (lien direct) |
South Korea continues to be a favored target. |
|
APT 38
|
|
|
2021-04-20 09:04:43 |
Facebook cracks down on posts urging violence, mockery ahead of Chauvin verdict in George Floyd case (lien direct) |
The company also aims to wipe out content that “praises, celebrates or mocks George Floyd's death.” |
|
|
|
|
2021-04-20 08:15:12 |
Remote code execution vulnerabilities uncovered in smart air fryer (lien direct) |
The impacted vendor has not responded or fixed the security issues. |
|
|
|
|
2021-04-19 11:09:00 |
Peloton pushes back against \'urgent\' warning against using Tread+ treadmill (lien direct) |
The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+. |
|
|
|
|
2021-04-19 09:42:18 |
Coding error allowed attackers to delete Facebook live video (lien direct) |
The security issue earned the reporting researcher a substantial bug bounty. |
|
|
|
|
2021-04-09 10:15:53 |
Critical Zoom vulnerability triggers remote code execution without user input (lien direct) |
The researchers who discovered the bug have earned themselves $200,000. |
Vulnerability
|
|
|
|
2021-04-09 09:32:33 |
Washington State educational organizations targeted in cryptojacking spree (lien direct) |
The lucrative nature of cryptocurrency means no industry is safe. |
|
|
|
|
2021-04-08 11:03:18 |
Facebook tackles deepfake spread and troll farms in latest moderation push (lien direct) |
AI-generated images and an exiled militant group are now on Facebook's radar. |
|
|
|
|
2021-04-08 09:40:42 |
Italian man arrested after allegedly paying hitman in cryptocurrency (lien direct) |
Europol claims he attempted to have his ex-girlfriend assassinated. |
|
|
|
|
2021-04-08 09:36:31 |
Vyveva: Lazarus hacking group\'s latest weapon strikes South African freight (lien direct) |
The backdoor is being used to spy on the activities of freight companies. |
|
APT 38
APT 28
|
|
|
2021-04-07 11:34:39 |
Man jailed for trying to buy chemical weapon online able to kill \'hundreds\' of people (lien direct) |
Orders were made in the name of a minor. |
|
|
|
|
2021-04-07 10:13:26 |
New wormable Android malware poses as Netflix to hijack WhatsApp sessions (lien direct) |
Users are lured in with the promise of a free premium subscription. |
Malware
|
|
|
|
2021-04-07 08:48:46 |
Data of 553m Facebook users dumped online: how to see if you are impacted (lien direct) |
The data is old but that doesn't mean it still can't be used. |
|
|
|
|
2021-04-06 13:12:00 |
SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications (lien direct) |
New research also reveals that SAP vulnerabilities, on average, are weaponized in less than 72 hours. |
|
|
|
|
2021-04-06 10:09:21 |
Industries critical to COVID-19 response suffer surge in cloud cyberattacks (lien direct) |
An increase in cloud adoption is being blamed for new security chasms. |
|
|
|
|
2021-04-06 09:42:17 |
Meet Janeleiro: a new banking Trojan striking company, government targets (lien direct) |
The .NET Trojan's developers don't seem to care about staying undetected. |
|
|
|
|
2021-04-06 07:17:47 |
FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited (lien direct) |
APT groups are suspected of harnessing three bugs, two critical, for data exfiltration purposes. |
|
|
|
|
2021-04-01 08:39:27 |
DeepDotWeb dark web admin pleads guilty to gun, drug purchase kickbacks (lien direct) |
Over $8 million was earned through affiliate marketing for illegal marketplaces. |
|
|
|
|
2021-04-01 07:24:04 |
Google: North Korean hackers are targeting researchers through fake offensive security firm (lien direct) |
Google TAG warns of the group using zero-day exploits after reaching out to targets on social media. |
|
|
|
|
2021-03-31 13:07:13 |
Gaming mods, cheat engines are spreading Trojan malware and planting backdoors (lien direct) |
Mods and cheat systems for games are being exploited to deploy information-stealing malware. |
Malware
|
|
|
|
2021-03-31 12:26:21 |
Child tweets on behalf of nuke, space mission agency US Strategic Command (lien direct) |
The gibberish tweet left some amused, some concerned that the account had been compromised. |
|
|
|
|
2021-03-31 11:07:05 |
VMware patches critical vRealize Operations platform vulnerabilities (lien direct) |
Administrator credentials could be stolen by exploiting the bugs. |
|
|
|
|
2021-03-31 09:01:00 |
Pandemic threats: The common threads in COVID-19 scams and criminal schemes (lien direct) |
Researchers explore how cybercriminals have exploited the coronavirus pandemic over the past year. |
|
|
|
|
2021-03-31 07:38:24 |
Whistleblower claims Ubiquiti Networks data breach was \'catastrophic\' (lien direct) |
The source alleges the January security incident was severely downplayed. |
Data Breach
|
|
|
|
2021-03-30 11:11:00 |
Department of Homeland Security email accounts exposed in SolarWinds hack (lien direct) |
Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco. |
Hack
Threat
|
|
|
|
2021-03-30 10:15:42 |
Panasonic, McAfee team up to tackle vehicle cybersecurity (lien direct) |
Early response tech for physical attacks and cyber intrusions is on the list for development. |
|
|
|
|
2021-03-30 09:32:06 |
Ransomware group targets Universities of Maryland, California in new data leaks (lien direct) |
This follows similar extortion attempts impacting two other US universities this month. |
|
|
|
|
2021-03-29 13:45:17 |
Official PHP Git server targeted in attempt to bury malware in code base (lien direct) |
The cyberattack has prompted a rapid and permanent move to GitHub. |
Malware
|
|
|
|
2021-03-29 10:05:23 |
US charges close to 500 individuals for COVID-19 fraud, criminal activity (lien direct) |
Everything from PPE fraud, disaster loan schemes, and unemployment scams are on the books. |
|
|
|
|
2021-03-29 07:02:19 |
This Android malware hides as a System Update app to spy on you (lien direct) |
The spyware triggers when certain actions are performed, such as new adding a contact. |
Malware
|
|
|
|
2021-03-29 06:10:28 |
Brian Krebs: No, I didn\'t hack your Microsoft Exchange server (lien direct) |
The KrebsOnSecurity name is, once again, being abused by cyberattackers. |
Hack
|
|
|
|
2021-03-26 10:00:00 |
Hades ransomware operators are hunting big game in the US (lien direct) |
Companies with annual revenues of over $1 billion are being targeted. |
Ransomware
|
|
|