What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-16 10:12:27 | Slack fixes vulnerability exploitable for session hijacking, account takeovers (lien direct) | Slack's team jumped on the critical bug and patched the flaw within a matter of hours. | Vulnerability | ||
|
2020-03-16 06:00:07 | WordPress to add auto-update feature for themes and plugins (lien direct) | Auto-update feature is only available for the WordPress CMS core now. To be expanded for themes and plugins. | |||
|
2020-03-15 23:43:00 | Microsoft Bing team launches COVID-19 tracker (lien direct) | Microsoft's COVID-19 tracker is located at bing.com/covid. | |||
|
2020-03-14 08:00:06 | Browser vendor leaks data via open server (lien direct) | Blisk browser devs left an Elasticsearch server exposed online without a password. | |||
|
2020-03-13 17:36:47 | Czech hospital hit by cyber-attack while in the midst of a COVID-19 outbreak (lien direct) | One of the Czech Republic's biggest COVID-19 testing laboratories hit by mysterious cyber-attack. | |||
|
2020-03-13 13:37:00 | Tor team warns of Tor Browser bug that runs JavaScript on sites it shouldn\'t (lien direct) | Tor team says it's working on a fix, but has no timeline. | |||
|
2020-03-13 11:07:33 | Europol takes down SIM-swap hacking rings responsible for theft of millions of euros (lien direct) | Arrests have been made across Europe in an effort to stamp out gangs specializing in SIM-swapping attacks. | |||
|
2020-03-13 02:00:00 | State-sponsored hackers are now using coronavirus lures to infect their targets (lien direct) | Chinese, North Korean, and Russian government cyberspies caught using COVID-19-themed emails to infect victims with malware. | |||
|
2020-03-12 18:31:08 | Microsoft discontinues RDCMan app following security bug (lien direct) | Microsoft recommends using the Windows in-box remote desktop client (MSTSC) instead. | |||
|
2020-03-12 16:06:00 | Microsoft patches SMBv3 wormable bug that leaked earlier this week (lien direct) | Fix for CVE-2020-0796 is now rolling out to Windows 10 and Windows Server 2019 systems worldwide. | |||
|
2020-03-12 14:00:08 | Card data from the Volusion web skimmer incident surfaces on the dark web (lien direct) | In September-October 2019, hackers planted malware to steal card data from 6,589 online stores. | Malware | ||
|
2020-03-12 12:14:17 | Cookiethief Android malware uses proxies to hijack your Facebook account (lien direct) | Cookiethief Trojan infections are on the rise and Facebook cookies appear to be a prime target. | Malware | ||
|
2020-03-11 20:25:06 | Avast disables JavaScript engine in its antivirus following major bug (lien direct) | Vulnerability would have allowed attackers to take over computers running the Avast antivirus. | Vulnerability | ||
|
2020-03-11 17:25:00 | Dutch government loses hard drives with data of 6.9 million registered donors (lien direct) | External hard drives stored all donor data from February 1998 to June 2010. | |||
|
2020-03-11 12:30:05 | Why are governments so vulnerable to ransomware attacks? (lien direct) | Government systems paralyzed by malware cause chaos. New research explores why are attacks so frequently successful. | Ransomware Malware | ||
|
2020-03-11 11:57:05 | Whisper, an anonymous secret-sharing app, failed to keep messages or profiles private (lien direct) | Millions of users' private profiles and highly sensitive datasets were viewable online. | |||
|
2020-03-11 08:58:15 | University of Hertfordshire avoids data breach action by UK watchdog (lien direct) | The ICO is taking no further action despite student information being inappropriately shared. | Data Breach | ||
|
2020-03-11 02:03:50 | Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks (lien direct) | Academics break TRR protections on RAM cards for new Rowhammer attacks. | |||
|
2020-03-10 22:55:25 | Microsoft March 2020 Patch Tuesday fixes 115 vulnerabilities (lien direct) | The March 2020 Patch Tuesday is the largest Patch Tuesday release in Microsoft's history. | |||
|
2020-03-10 20:58:00 | Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu (lien direct) | SMB vulnerability is currently not patched, but now everyone knows it's there. | Vulnerability | ||
|
2020-03-10 17:26:27 | Microsoft orchestrates coordinated takedown of Necurs botnet (lien direct) | Microsoft and partners in 35 countries move to bring down Necurs, today's largest malware botnet. | Malware | ||
|
2020-03-10 17:00:06 | Intel CPUs vulnerable to new LVI attacks (lien direct) | Researchers say Intel processors will need another round of silicon chip re-designs to protect against new attack. | |||
|
2020-03-10 13:59:50 | Avast AntiTrack certificate bug allowed others to snoop on your online activities (lien direct) | The vulnerability opened up PCs to browser hijacking and more. | Vulnerability | ||
|
2020-03-10 05:50:00 | FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime (lien direct) | Feds say Deer.io has been hosting hundreds of online shops where hackers are selling hacked accounts. | |||
|
2020-03-10 04:03:00 | Years-long campaign targets hackers through trojanized hacking tools (lien direct) | A group believed to reside in Vietnam has been hacking other hackers for years. | |||
|
2020-03-09 23:11:27 | Spying concerns raised over Iran\'s official COVID-19 detection app (lien direct) | Google removes Iran's official COVID-19 detection app from the Play Store. | |||
|
2020-03-09 15:05:17 | Brave to generate random browser fingerprints to preserve user privacy (lien direct) | "Brave's new approach aims to make every browser look completely unique, both between websites and between browsing sessions." | |||
|
2020-03-09 09:37:00 | NordVPN HTTP POST bug exposed customer information, no authentication required (lien direct) | The exploit could be triggered with a simple request. | |||
|
2020-03-09 00:14:47 | Multiple nation-state groups are hacking Microsoft Exchange servers (lien direct) | Government-backed groups are exploiting CVE-2020-0688 to take over Exchange email servers. | |||
|
2020-03-07 20:58:00 | A list of security conferences canceled or postponed due to coronavirus concerns (lien direct) | Some conferences have canceled, some have postponed the event, while others have gone virtual. | |||
|
2020-03-07 15:39:00 | AMD processors from 2011 to 2019 vulnerable to two new attacks (lien direct) | Academics disclose new Collide+Probe and Load+Reload attacks on AMD CPUs. | |||
|
2020-03-07 07:30:06 | Google could have fixed 2FA code-stealing flaw in Authenticator app years ago (lien direct) | Google Authenticator app lets other apps take screenshots of its code. Issue was first reported to Google in October 2014, but it was never addressed. | |||
|
2020-03-06 17:25:00 | Former DHS official charged with theft of confidential government software, databases (lien direct) | Former DHS Acting Inspector General accused of stealing DHS software in an attempt to make a profit by reselling it back to the US government. | |||
|
2020-03-06 12:10:00 | Zoho zero-day published on Twitter (lien direct) | Security experts fear the bug may be soon exploited by ransomware gangs. | Ransomware | ||
|
2020-03-06 06:00:04 | Microsoft: 99.9% of compromised accounts did not use multi-factor authentication (lien direct) | Only 11% of all enterprise accounts use a MFA solution overall. | |||
|
2020-03-05 23:05:36 | Virgin Media exposes data of 900,000 users via unprotected marketing database (lien direct) | UK telephone, television, and internet provider Virgin Media discloses data leak. | |||
|
2020-03-05 21:25:47 | One of Roman Abramovich\'s companies got hit by ransomware (lien direct) | Steel maker EVRAZ's North American operations are down after an infection with the Ryuk ransomware. | Ransomware | ||
|
2020-03-05 20:08:38 | (Déjà vu) Facebook sues Namecheap for letting scammers register lookalike domains (lien direct) | Facebook says Namecheap did not cooperate and share details about owners of suspicious domains. | |||
|
2020-03-05 20:08:00 | Facebook sues Namecheap to unmask hackers who registered malicious domains (lien direct) | Facebook says Namecheap did not cooperate and share details about the owners of the suspicious domains. | |||
|
2020-03-05 18:18:01 | Microsoft, Google, Facebook, and others join forces with law enforcement on child abuse crackdown (lien direct) | Participating tech firms include Facebook, Google, Microsoft, Twitter, Snap, and Roblox. | |||
|
2020-03-05 14:00:09 | Intel CSME bug is worse than previously thought (lien direct) | Researchers say a full patch requires replacing hardware. Only the latest Intel 10th generation CPUs are not affected. | |||
|
2020-03-05 12:57:00 | T-Mobile says hacker gained access to employee email accounts, user data (lien direct) | This is the second security breach T-Mobile discloses in the last six months, after a first incident in November 2019. | |||
|
2020-03-05 11:42:07 | Backdoor malware is being spread through fake security certificate alerts (lien direct) | Victims of this new technique are invited to install a malicious "security certificate update" when they visit compromised websites. | Malware | ||
|
2020-03-05 10:00:04 | Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns (lien direct) | The RAT's core functions remain the same but it is unusual that the malware has been rehashed over so many years. | Malware | ||
|
2020-03-05 03:25:47 | Ryuk ransomware hits Fortune 500 company EMCOR (lien direct) | Company expects the incident to have an impact on its 2020 earnings, according to its 2019 Q4 financial report. | Ransomware | ||
|
2020-03-05 02:26:00 | Malicious Chrome extension caught stealing Ledger wallet recovery seeds (lien direct) | A Chrome extension named Ledger Live was exposed today as malicious. It is currently heavily promoted via Google search ads. | |||
|
2020-03-04 23:21:00 | Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month (lien direct) | More than 850,000 websites still use outdated TLS 1.0 and 1.1 protocols. | |||
|
2020-03-04 12:00:02 | Coronavirus claims another major tech event: Kaspersky\'s Security Analyst Summit postponed (lien direct) | Organizers say that it won't be a “real” SAS without the hugs and clinking of beer glasses. | |||
|
2020-03-04 00:41:00 | Let\'s Encrypt to revoke 3 million certificates on March 4 due to software bug (lien direct) | Let's Encrypt issued 3,048,289 TLS certificates without checking the CAA field for the requesting domain. | |||
|
2020-03-03 20:25:59 | Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums (lien direct) | Impacted projects include WordPress, Concrete5, Composr, SilverStripe, ZenCart, and others. |
To see everything:
Our RSS (filtrered)
