Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-06-27 13:27:00 |
Ads on popular YouTube to MP3 converter service poisoned with exploit kit, ransomware (lien direct) |
By exploiting the source, malware can infiltrate legitimate adverts and domains. |
Ransomware
Malware
|
|
|
|
2019-06-27 12:27:05 |
Android spyware campaign spreads across the Middle East (lien direct) |
The malware is designed to pillage mobile device data. |
Malware
|
|
|
|
2019-06-27 07:54:04 |
Firefox to get a random password generator, like Chrome (lien direct) |
Firefox's random password generator expected to launch later this fall. |
|
|
|
|
2019-06-27 07:00:00 |
Microsoft Excel Power Query feature can be abused for malware distribution (lien direct) |
Disabling DDE support in Microsoft Excel should prevent attacks, Microsoft says. |
Malware
|
|
|
|
2019-06-27 06:43:05 |
Hacker steals $4.5 million from Bitrue cryptocurrency exchange (lien direct) |
Hackers stole $4.25 million worth of Ripple coins and $225,000 worth of Cardano coins. |
|
|
|
|
2019-06-26 20:51:02 |
Kubernetes CLI tool security flaw lets attackers run code on host machine (lien direct) |
Interesting bug can lead to total compromise of cloud production environments. |
Tool
Guideline
|
Uber
|
|
|
2019-06-26 13:00:00 |
Healthcare industry falls far behind in SecOps resources (lien direct) |
Less than a quarter of medical organizations have a robust in-house security team available. |
|
|
|
|
2019-06-26 10:43:03 |
Remote code execution bug lurked in BlueStacks Android emulator (lien direct) |
Vulnerable code allowed BlueStack's IPC mechanism to be tampered with, with severe consequences. |
|
|
|
|
2019-06-26 10:06:00 |
McAfee sues former sales team over alleged leak of trade secrets to rival firm (lien direct) |
The staff members at the heart of the case moved over to a competitor, Tanium. |
|
|
|
|
2019-06-26 09:20:04 |
Report shows failures at eight US agencies in following cyber-security protocols (lien direct) |
US Senate report finds appallingly bad cyber-security practices at eight US government agencies. |
|
|
|
|
2019-06-26 09:19:00 |
Arrests made in UK, Netherlands over €24 million Bitcoin heist (lien direct) |
The schemers allegedly spoofed crypto trading posts to steal virtual coins from thousands of victims. |
|
|
|
|
2019-06-26 07:44:00 |
Second Florida city pays giant ransom to ransomware gang in a week (lien direct) |
Lake City officials give in and agree to pay nearly $500,000 to ransomware gang. |
Ransomware
|
|
|
|
2019-06-26 01:00:00 |
Qualcomm Snapdragon 855 SPU snags smart card security certificate (lien direct) |
Qualcomm says the SoC upgrade will slice material costs for vendors without compromising security. |
|
|
|
|
2019-06-25 19:56:00 |
New Silex malware is bricking IoT devices, has scary plans (lien direct) |
Over 2,000 devices have been bricked in the span of a few hours. Attacks still ongoing. |
Malware
|
|
|
|
2019-06-25 13:16:00 |
ICO slams UK Met Police for failure to handle public data requests (lien direct) |
With GDPR in full swing, the data watchdog wants to help consumers access the information the police have on them. |
|
|
|
|
2019-06-25 12:00:00 |
Malicious URL attacks using HTTPS surge across the enterprise (lien direct) |
Organizations should be aware of the latest impersonation techniques and file service exploits. |
|
|
|
|
2019-06-25 11:42:01 |
UK ransomware firm \'helps\' victims by paying off hackers, tacking on massive fee (lien direct) |
Red Mosquito allegedly has a profitable sideline in place for ransomware victims. |
Ransomware
|
|
|
|
2019-06-25 10:39:00 |
Bitfinex hackers arrested after three years (lien direct) |
Two brothers arrested in Israel last week have been linked to the massive 2016 Bitfinex hack. |
|
|
|
|
2019-06-25 10:10:00 |
Facebook\'s bid to quash data breach lawsuit dismissed by judge (lien direct) |
Whether the social media giant likes it or not, the court case is going ahead. |
Data Breach
|
|
|
|
2019-06-25 08:57:00 |
New Mac malware abuses recently disclosed Gatekeeper zero-day (lien direct) |
Researchers find new OSX/Linker malware abusing still-unpatched macOS Gatekeeper bypass. |
Malware
|
|
|
|
2019-06-25 06:56:00 |
US bill to force tech giants to tell users how much their data is worth (lien direct) |
Bill would also force large tech companies to disclose what user data they collect and how they're monetizing it. |
|
|
|
|
2019-06-24 12:13:01 |
Anonymous hacker exposed after dropping USB drive while throwing Molotov cocktail (lien direct) |
Anonymous Belgium hacker sentenced to 18 months in prison for past cyber-crimes. |
|
|
|
|
2019-06-24 10:10:05 |
Cop awarded $585,000 after fellow officers abused DMV database in search of her data (lien direct) |
The woman in question allegedly rejected their romantic advances. |
|
|
|
|
2019-06-24 09:49:01 |
First Chrome version with Manifest V3 to land in Canary this summer (lien direct) |
Will ad blockers still work in Chrome? We'll see starting late July, early August. |
|
|
|
|
2019-06-24 08:46:00 |
US launches cyber-attack aimed at Iranian rocket and missile systems (lien direct) |
Attack took place last week, after President Trump backed off from using conventional weapons to strike Iran. |
|
|
|
|
2019-06-24 08:45:02 |
User data stolen from \'human hacking\' forum Social Engineered, published on rival site (lien direct) |
A vulnerability in MyBB has been blamed. |
Vulnerability
|
|
★★★★★
|
|
2019-06-23 08:15:03 |
DHS CISA warns of Iranian hackers\' habit of deploying data-wiping malware (lien direct) |
CISA also warns against other Iranian hackers' favorite techniques: password spraying, credential stuffing, spear-phishing. |
Malware
|
|
|
|
2019-06-21 22:37:02 |
Data of 645k Oregonians exposed after nine DHS employees fell for a phishing attack (lien direct) |
Phishing attack lets hackers into Oregon DHS employee accounts. |
|
|
|
|
2019-06-21 20:46:00 |
NASA hacked because of unauthorized Raspberry Pi connected to its network (lien direct) |
NASA described the hackers as an "advanced persistent threat," a term generally used for nation-state hacking groups. |
|
|
|
|
2019-06-21 18:20:03 |
Free proxy service found running on top of 2,600+ hacked WordPress sites (lien direct) |
WordPress sites hacked and infected with Ngioweb Linux malware; hijacked into commercial proxy service. |
|
|
|
|
2019-06-21 15:15:04 |
OpenSSH gets protection against attacks like Spectre, Meltdown, Rowhammer, and Rambleed (lien direct) |
OpenSSH to encrypt SSH private keys while at rest in a computer's RAM. |
|
|
|
|
2019-06-21 12:48:00 |
Amazon patent reveals drone surveillance as a service (lien direct) |
Could 'SaaS' take on a new meaning? |
|
|
|
|
2019-06-21 09:56:02 |
This botnet exploits Android Debug Bridge to mine cryptocurrency on your device (lien direct) |
The mobile botnet is focused on compromising Android devices. |
|
|
|
|
2019-06-21 09:01:02 |
New Bird Miner malware targets Mac pirates (lien direct) |
The malware emulates Linux in its quest for cryptocurrency. |
Malware
|
|
|
|
2019-06-20 23:49:04 |
Ransomware gang hacks MSPs to deploy ransomware on customer systems (lien direct) |
Hackers breach MSPs and use Webroot SecureAnywhere console to infect customer PCs with the Sodinokibi ransomware. |
Ransomware
|
|
|
|
2019-06-20 21:20:01 |
Desjardins, Canada\'s largest credit union, announces security breach (lien direct) |
Data for 2.9 million bank members was taken from the bank's system by a now-fired employee. |
|
|
|
|
2019-06-20 20:10:00 |
Google pushes Nest cam update to prevent former owners spying on new buyers (lien direct) |
Former Nest cam owners could have accessed old devices despite cameras being reset to factory settings. |
|
|
|
|
2019-06-20 19:00:04 |
Mozilla fixes second Firefox zero-day exploited in the wild (lien direct) |
Two days after patching the first zero-day, Mozilla fixes a second one, used in the same attacks as the first. |
Patching
|
|
|
|
2019-06-20 13:00:00 |
Meds prescriptions for 78,000 patients left in a database with no password (lien direct) |
Database containing 390,000 Vascepa prescriptions for 78,000 patients left open on the internet. |
|
|
|
|
2019-06-20 11:33:00 |
UK to withdraw from online porn block, censorship crusade (lien direct) |
Opinion: The irony is strong in enforcing ID verification laws when the government fails to implement its own legal checks. |
|
|
|
|
2019-06-20 11:21:03 |
Firefox zero-day was used in attack against Coinbase employees, not its users (lien direct) |
There were actually two zero-days -- not one -- combined into an exploit used in a spear-phishing attempt. Other cryptocurrency organizations were also targeted. |
|
|
|
|
2019-06-20 10:00:00 |
Russian APT hacked Iranian APT\'s infrastructure back in 2017 (lien direct) |
Turla APT hacked Iran's APT34 group and used its C&C servers to re-infect APT34 victims with its own malware. |
|
APT 34
|
|
|
2019-06-20 09:30:03 |
UK student charged for manufacturing gun through 3D printing (lien direct) |
The conviction is the first of its kind in the country. |
|
|
|
|
2019-06-20 08:51:00 |
Tor Browser 8.5.2 release patches critical Firefox vulnerability exploited in the wild (lien direct) |
The release resolves a critical Mozilla Firefox vulnerability in active use. |
Vulnerability
|
|
|
|
2019-06-20 00:39:00 |
HackerOne\'s top 20 public bug bounty programs (lien direct) |
These are the top 20 biggest, fastest, and most lucrative bounty programs on the HackerOne platform. |
|
|
|
|
2019-06-19 23:33:04 |
Florida city pays $600,000 to ransomware gang to have its data back (lien direct) |
Riviera City officials previously agreed to pay $941,000 to rebuild their entire computer network. |
Ransomware
|
|
|
|
2019-06-19 21:17:04 |
Ad agency leaks data on US military veterans\' combat injuries (lien direct) |
Florida ad agency leaks the keys to its entire kingdom, including invoices, campaign metrics, and all collected data. |
|
|
|
|
2019-06-19 13:23:02 |
Data breach forces medical debt collector AMCA to file for bankruptcy protection (lien direct) |
The aftermath of the data breach seems to be too much for AMCA to bear. |
Data Breach
|
|
|
|
2019-06-19 11:17:01 |
Oracle patches another actively-exploited WebLogic zero-day (lien direct) |
New wave of attacks against Oracle WebLogic servers using a brand new zero-day detected over the weekend. |
|
|
|
|
2019-06-19 08:16:02 |
Chrome extension caught hijacking users\' search engine results (lien direct) |
Extension developer says he sold the extension weeks before; not responsible for the shady behavior. |
|
|
|