Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-05 22:09:03 |
FBI criticized for delaying breach notifications, including insufficient details (lien direct) |
Department of Justice report highlights several problems with the FBI's automated breach notifications. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-05 18:45:05 |
IoT botnet targeting your enterprise? Nope. Just a kid with an ExploitDB account (lien direct) |
Most IoT botnets are the work of kids playing with exploits they've found online. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-05 13:48:00 |
Twelve years later: Firefox to add full protection against \'login prompt\' spam (lien direct) |
Firefox to limit the number of "Authentication Required" popups to two per page. |
Spam
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-05 09:31:04 |
Apple scammed by college students through fake iPhone replacement scheme (lien direct) |
The students who are allegedly involved in the scam stole close to a million dollars. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-05 01:35:00 |
Backdoor code found in popular Bootstrap-Sass Ruby library (lien direct) |
Bootstrap-Sass Ruby library had been downloaded more than 28 million times. Backdoored version only 1,470 times. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 21:43:05 |
Hacker group has been hijacking DNS traffic on D-Link routers for three months (lien direct) |
Other router models have also been targeted, such as ARG, DSLink, Secutech, and TOTOLINK. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 15:40:00 |
Vulnerability found in Xiaomi phones\' pre-installed security app (lien direct) |
Interactions between Avast and AVL SDKs spawned dangerous flaw on Xiaomi smartphones. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 12:17:00 |
Researcher publishes Google Chrome exploit (lien direct) |
Vulnerability patched in Chrome's V8 JavaScript engine, but the fix has not yet reached the Chrome stable branch. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 10:53:03 |
Pharmaceutical giant Bayer targeted by cyberattack, threat \'contained\' (lien direct) |
The German company says the Winnti hacking group is to blame. |
Threat
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 10:09:02 |
Georgia Tech reveals data breach, 1.3 million records exposed (lien direct) |
Students and staff have been involved in the breach. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 07:23:03 |
A dozen US web servers are spreading 10 malware families, Necurs link suspected (lien direct) |
It is suspected that the servers may be connected to the Necurs botnet operators. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-04 05:00:00 |
Chinese companies have leaked over 590 million resumes via open databases (lien direct) |
Leaks have taken place in the first three months of the year, via either ElasticSearch or MongoDB databases. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 22:11:02 |
Over 58,000 Android users had stalkerware installed on their phones last year (lien direct) |
Kaspersky plans to show a special alert on Android devices when it finds stalkerware-like apps. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 18:32:03 |
Over 540 million Facebook records found on exposed AWS servers (lien direct) |
Leak originated at two third-party companies that had collected Facebook data on their own servers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 15:03:00 |
Bashlite IoT malware upgrade lets it target WeMo home automation devices (lien direct) |
New Bashlite version not widely detected, but was spotted infecting devices in the wild. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 12:05:01 |
Facebook demand for new user email passwords reveals appalling lack of security awareness (lien direct) |
Facebook says it understood the practice was poor -- but did it anyway. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 11:03:00 |
Home DNA kit company asks you to upload your family tree for the FBI (lien direct) |
Opinion: No consent required from family members impacted by your decision, of course. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 04:30:00 |
Apache web server bug grants root access on shared hosting environments (lien direct) |
Companies using Apache on private, non-shared servers are also at risk, but to a lesser degree. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-03 00:09:02 |
Asian woman with a thumb drive containing malware arrested at Mar-a-Lago (lien direct) |
Woman said a WeChat friend invited her to attend a UN event at Mar-a-Lago. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 22:44:00 |
Former Mozilla CTO detained at US border and denied a lawyer (lien direct) |
Former Mozilla CTO and current Apple engineer Andreas Gal details another case of CBP abuse. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 19:19:00 |
WordPress iOS app leaked authentication tokens (lien direct) |
Automattic plugs leaky WordPress.com iOS app that exposed account security tokens to third-party sites. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 17:57:00 |
Researcher prints \'PWNED!\' on hundreds of GPS watches\' maps due to unfixed API (lien direct) |
Over 20 GPS watch models still allow threat actors to track device owners, tinker with watch functions. |
Threat
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 11:55:05 |
Hackers reveal how to trick a Tesla into steering towards oncoming traffic (lien direct) |
A root vulnerability and a few stickers were all it took. |
Vulnerability
|
Tesla
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 10:04:00 |
Firefox to run experiment to reduce push notification permission spam (lien direct) |
Experiments will run this month in Firefox Beta and Nightly distributions. |
Spam
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-02 07:54:00 |
Security clashes with cloud: Offensive Security CEO talks cultural mindsets, leadership challenges (lien direct) |
Offensive Security CEO Ning Wang talks to ZDNet about the challenge of her new role and the cybersecurity industry at large. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-01 19:27:00 |
Over 13K iSCSI storage clusters left exposed online without a password (lien direct) |
New attack vector opens backdoor inside enterprise disk storage arrays and people's NAS devices. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-04-01 15:00:00 |
Indian govt agency left details of millions of pregnant women exposed online (lien direct) |
Medical records removed from leaky server after more than three weeks. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-31 18:18:00 |
Popup enlarges at the last second so users click on ads instead of \'Close\' button (lien direct) |
Trick has been used for a few months as part of an active traffic re-distribution campaign. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-30 20:28:00 |
Bithumb cryptocurrency exchange hacked a third time in two years (lien direct) |
Hackers believed to have made off with nearly $20 million in EOS and Ripple cryptocurrencies. |
|
Bithumb
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 21:37:00 |
Card breach reported at Buca di Beppo, Planet Hollywood, and other restaurants (lien direct) |
Impacted restaurants include Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 15:50:00 |
Researchers publish list of MAC addresses targeted in ASUS hack (lien direct) |
Most of the targeted MAC addresses are used by ASUStek, Intel, and AzureWave devices. |
Hack
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 13:06:03 |
Google security engineer discloses zero-day flaw in TP-Link smart home routers (lien direct) |
The zero-day vulnerability was disclosed publicly after TP-Link failed to respond. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 12:37:00 |
Toyota announces second security breach in the last five weeks (lien direct) |
Toyota Japan says hackers might have stolen details of 3.1 million Toyota and Lexus car owners. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 11:42:00 |
FireEye debuts Windows Commando VM as Linux Kali rival (lien direct) |
The toolkit is aimed at filling a gap in the Windows-based penetration testing space. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 10:24:02 |
Data breach exposes diagnosis data of 34,000 medical marijuana patients (lien direct) |
An electronic system used by a Canadian service and its parent company was compromised. |
Data Breach
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-29 05:20:00 |
Researchers discover and abuse new undocumented feature in Intel chipsets (lien direct) |
Researchers find new Intel VISA (Visualization of Internal Signals Architecture) debugging technology. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-28 16:56:05 |
Report deems Russia a pioneer in GPS spoofing attacks (lien direct) |
Russia has become the de-facto expert in GPS spoofing attacks, which it uses both internally and outside its borders. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-28 11:11:00 |
Office Depot settles tech support scam FTC complaint (lien direct) |
Office Depot agrees to pay $25 million in damages. Support.com, a partner company, will also pay $10 million. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-28 10:00:00 |
Gustuff Android banking trojan targets 125+ banking, IM, and cryptocurrency apps (lien direct) |
Gustuff also possesses a feature unique among all Android banking trojans. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-28 05:30:00 |
Cisco bungled RV320/RV325 patches, routers still exposed to hacks (lien direct) |
Cisco blacklists curl instead of fixing vulnerable code. No new patches available, meaning devices still vulnerable to attacks. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 22:26:00 |
French gas stations robbed after forgetting to change gas pump PINs (lien direct) |
Criminal group steals 120,000 litres of fuel from Total gas stations around Paris. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 18:04:01 |
Microsoft takes control of 99 domains operated by Iranian state hackers (lien direct) |
Microsoft takes control of 99 domains operated by APT35/Phosphorus cyber-espionage group. |
Conference
|
APT 35
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 17:03:02 |
Cryptocurrency platforms DragonEx and CoinBene disclose hacks (lien direct) |
DragonEx is believed to have lost at least $1 million, while CoinBene losses are estimated around $45 million. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 12:00:00 |
Researchers warn open sky drone policy poses cybercriminal risk (lien direct) |
Left unchecked, our drones may pose significant risks to our privacy and security. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 10:52:01 |
North Korean hackers continue attacks on cryptocurrency businesses (lien direct) |
Lazarus Group hackers seamlessly integrate Mac malware into their normal attack routine. |
Malware
Medical
|
APT 38
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 10:25:00 |
Nvidia patches code execution vulnerability in GeForce Experience (lien direct) |
The severe security flaw can also lead to denial of service attacks and privilege escalation. |
Vulnerability
Guideline
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-27 05:30:00 |
Hackers abuse Magento PayPal integration to test validity of stolen credit cards (lien direct) |
Attacks observed targeting online stores running Magento 2.1.x and 2.2.x versions. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-26 21:43:00 |
Norsk Hydro ransomware incident losses reach $40 million after one week (lien direct) |
Norsk Hydro up and running with the exception of one business unit where "operations remain almost at a standstill." |
Ransomware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-26 19:34:04 |
FTC asks broadband providers to disclose how they collect user data (lien direct) |
The FTC wants to know what user data broadband ISPs are collecting about their customers, and how they're doing it. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-03-26 17:57:00 |
Top dark web marketplace will shut down next month (lien direct) |
Dream Market admins say the site will shut down on April 30, 2018. |
|
|
|