What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-14 12:47:01 | BootHole vulnerability in Linux systems renders servers unbootable (lien direct) | It was reported this week by Naked Security that Linux systems are affected by a vulnerability that can render those Linux servers unbootable. BootHole leverages a vulnerability in both GRUB2 and Secure Boot, explains TechRepublic. To make BootHole a bit more daunting, it’s actually a really easy hack to pull off. The only thing blocking […] | Hack Vulnerability | ||
 |
2020-08-13 15:44:53 | Report: Unskilled hackers can breach about 3 out of 4 companies (lien direct) | Positive Technologies found in a recent study that criminals with few skills can hack a company in less than 30 minutes. | Hack | ||
 |
2020-08-13 15:00:00 | The Race to Hack a Satellite at DEF CON (lien direct) | Eight teams competed to win cash, bragging rights, and the chance to control a satellite in space. | Hack | ||
 |
2020-08-11 15:18:16 | Flaws in \'Find My Mobile\' exposed Samsung phones to hack (lien direct) | A researcher found multiple flaws in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. The security researcher Pedro Umbelino from Portugal-based cybersecurity services provider Char49 discovered multiple vulnerabilities in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy […] | Hack | ||
 |
2020-08-11 11:21:57 | Experts On News: Reddit hacked and defaced with pro-Trump messages (lien direct) | Reddit Inc. is the latest company to be hacked, with some 70 groups on the site defaced with pro-Donald Trump messages. The hack occurred on Friday and involved those behind the attack accessing accounts belonging to moderators of popular subreddits with millions of subscribers, including r/space, r/food, r/Japan, r/nfl, r/cfb and r/podcasts. The messages posted … The ISBuzz Post: This Post Experts On News: Reddit hacked and defaced with pro-Trump messages | Hack | ||
 |
2020-08-10 10:04:24 | Could the Twitter Social Engineering Hack Happen to You? (lien direct) | The phishing attack on Twitter employees serves as an opportunity for all businesses to reassess how they build and deploy application | Hack | ||
|
2020-08-09 15:40:50 | US OCC imposed an $80 Million fine to Capital One for 2019 hack (lien direct) | US Office of the Comptroller of the Currency (OCC) regulator has fined the credit card provider Capital One Financial Corp with $80 million over 2019 data breach. The US Office of the Comptroller of the Currency (OCC) has imposed an $80 million fine to the credit card provider Capital One Financial Corp over 2019 data breach. Capital One, one of […] | Hack | ||
|
2020-08-09 06:58:27 | Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated (lien direct) | Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. A team of Chinese experts from Sky-Go, the Qihoo 360 division focused on car hacking, discovered 19 vulnerabilities in a Mercedes-Benz E-Class, including some issues that can be exploited by attackers to remotely hack a […] | Hack | ||
|
2020-08-07 22:19:20 | Reddit massive hack: hackers defaced channels with pro-Trump messages (lien direct) | Reddit suffered a massive hack, threat actors compromised tens of Reddit channels and defaced them showing messages in support of Donald Trump’s campaign. Reddit suffered a massive hack, threat actors defaced tens of channel to display messages in support of Donald Trump’s reelection campaign. At the time of writing, the massive hack is still ongoing […] | Hack Threat | ||
 |
2020-08-07 17:37:00 | Hackers are defacing Reddit with pro-Trump messages (lien direct) | BREAKING: Massive hack hits Reddit. | Hack | ||
|
2020-08-07 08:08:00 | Intel investigates security breach after the leak of 20GB of internal documents (lien direct) | Intel is investigating reports of an alleged hack that resulted in the theft and leak of 20GB of data coming from the chip giant. Intel is investigating reports that an alleged hacker has leaked 20GB of exfiltrated from its systems. The stolen data includes source code and developer documents and tools, some documents are labeled […] | Hack | ||
 |
2020-08-07 07:00:00 | Intel s\'est fait voler une belle quantité de données sensibles, certaines concernent de futurs processeurs (lien direct) | Hack ou abus de confiance ? Le géant des processeurs doit faire face à une fuite conséquente d'informations techniques sur ses produits.  |
Hack | ||
|
2020-08-06 18:56:19 | Twitter Hack Virtual Bail Hearing Hacked By Porn (lien direct) | A bail hearing by Zoom for the 17-year-old who hacked some of the world's highest-profile Twitter accounts last month was interrupted by participants showing porn, according to Bloomberg.Graham Ivan Clark, who was arrested last week and hacking into many notable Twitter accounts, was represented by lawyers asking a Florida court to lower their client's bail. … The ISBuzz Post: This Post Twitter Hack Virtual Bail Hearing Hacked By Porn | Hack | ||
|
2020-08-06 17:31:00 | Capital One fined $80 million for 2019 hack (lien direct) | Office of the Comptroller of the Currency imposes mammoth fine for the bank's failure to secure its data in the cloud. | Hack | ||
 |
2020-08-06 17:05:49 | Live from Black Hat: Hacking Public Opinion with Renée DiResta (lien direct) |  Psychological operations, orツ?PsyOps, is a topic I???ve been interested in for a while. It???s aツ?blend of social engineering and marketing, both passions of mine. That's why I found the keynote byツ?Renテゥeツ?DiResta,ツ?Research Managerツ?at theツ?Stanford Internet Observatory, particularly interesting.ツ?
The Internet Makes Spreading Information Cheap & Easyツ?
Disinformation and propaganda areツ?oldツ?phenomenaツ?that can be traced back to the invention of the printing press ??? and arguably before then.ツ?With the advent of theツ?Internet, the cost of publishing dropped to zero. There are no hosting costs on certain platforms, butツ?especially in the beginning, theツ?blogosphere was veryツ?decentralized,ツ?and it was hard to get people to read your content.ツ?With theツ?rise of social media,ツ?you can share your content and it can become viral. At the same time, content creation becomes easier.ツ?All of thisツ?eliminates cost barriers andツ?gatekeepers.ツ?ツ?
State Actors ???Hack??? Our Opinionsツ?
As social media platforms matured, the algorithms that curate content become more and more sophisticated. They are trying to group people and deliver personalized targeting of content, which allows adversaries to analyze and game the algorithms.ツ?ツ?
State actors don???t just influence, they start hacking public opinion, which involves fake content producers and fake accounts. They can do this more effectively because they understand the ecosystem extremely well, typically applying one of four tactics, sometimes in combination:ツ?ツ?ツ?
Distract:ツ?Taki |
Hack | APT 28 | ★★★★★ |
|
2020-08-06 14:55:00 | Remotely Hacking Operations Technology Systems (lien direct) | Marco Balduzzi senior research scientist with Trend Micro, tells us how the often-overlooked ICS protocol gateways contain serious vulnerabilities that allow attackers to hack OT systems remotely. | Hack | ★★★★★ | |
 |
2020-08-06 12:00:00 | The Feds Want These Teams to Hack a Satellite-From Home (lien direct) | Meet the hackers who, this weekend, will try to commandeer an actual orbiter as part of a Defcon contest hosted by the Air Force and the Defense Digital Service. | Hack | ★★★★ | |
 |
2020-08-06 10:21:59 | Porn-wielding Zoom bombers disrupt Twitter hack court hearing (lien direct) | Uh-oh… someone didn’t lock their Zoom meeting down properly. That’s probably particularly important when the person charged is an alleged hacker. | Hack | ||
|
2020-08-06 00:22:25 | Smashing Security podcast #190: Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition (lien direct) | Special guest Geoff White can’t resist using the podcast to promote his new book, “Crime Dot Com”, but other than that we also discuss the creepy (and apparently legal) way websites can find out your email and postal address even if you don’t give it to them, take a look at how the alleged Twitter hackers were identified, and learn about Fawkes – the technology fighting back at facial recognition. | Hack | ||
 |
2020-08-05 20:18:39 | Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker (lien direct) | Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding. | Hack | ★★★★★ | |
 |
2020-08-05 16:14:16 | Twitter hack teen\'s court date \'Zoombombed\' with porn (lien direct) | Reporters suggested the hearing was not password-protected, allowing disruption in. | Hack | ★★★★★ | |
|
2020-08-05 13:33:41 | Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze (lien direct) | Technology and elections are heavily interrelated ??? but it wasn???t always that way. We started to adopt technology once weツ?weren???t able toツ?fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it asツ?technology,ツ?but the ballot box can be tampered with.ツ?ツ?
That technology gave us ballot secrecy, a trait that aツ?hand-raiseツ?in the town hall didn???t. This raised the barツ?to a level that is expected from other voting technologies since then, which can be tougher with voting machines and electronic evaluation of ballot boxes. Our Confidence in the outcome of an election depends on the integrity of the methodology we use to do this.
 ???ツ?ツ?
Matt Blaze, this year???sツ?Black Hat keynoteツ?speaker,ツ?is a researcher in the areas of secure systems, cryptography, and trust management. He is currently the McDevitt Chair of Computer Science and Law at Georgetown University.ツ?ツ?
Blazeツ?has been working on election security for years. He???s neverツ?encounteredツ?a problem bigger andツ?moreツ?complexツ?than democraticツ?elections. The reason for this is that the requirements are contradictory: Weツ?don???t want to be able to figure out how someone voted, but we wantツ?transparencyツ?into whether or notツ?our vote was counted as cast and that the system is not corrupted. The paper ballot box seems to do thisツ?pretty well, and other technology solutions require you to be a lotツ?more clever.ツ?Another snag is that you cannot recover from a bad election very easily. You can???t redo it easily before the term is up.ツ?ツ?
U.S.ツ?voting isツ?highlyツ?decentralized |
Hack | ★★★★★ | |
 |
2020-08-05 09:00:00 | What the Twitter hack reveals about spear phishing – and how to prevent it (lien direct) | Twitter has now confirmed spear phishing was the cause of last month's attack. This blog looks at the limitations in our current defenses against this well-known attack technique, and how a layered AI approach identifies and stops it. | Hack | ||
|
2020-08-01 12:21:27 | Four individuals charged for the recent Twitter hack (lien direct) | Four suspects were charged for their alleged involvement in the recent Twitter hack, announced the Department of Justice. US authorities announced the arrest of 17-year-old Graham Ivan Clark from Tampa, Florida, it is suspected to have orchestrated the recent Twitter hack. The arrest is the result of an operation coordinated by the FBI, the IRS, and […] | Hack | ||
|
2020-08-01 11:00:00 | The Garmin Hack Was a Warning (lien direct) | As ransomware groups turn their attention to bigger game, expect more high-profile targets to fall. | Ransomware Hack | ||
|
2020-08-01 01:01:00 | How the FBI tracked down the Twitter hackers (lien direct) | A timeline of the Twitter hack composed from court documents published today. | Hack | ||
|
2020-07-31 21:43:11 | Three Charged in July 15 Twitter Compromise (lien direct) | Three individuals have been charged for their alleged roles in the July 15 hack on Twitter, an incident that resulted in Twitter profiles for some of the world's most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam. | Hack | ||
|
2020-07-31 19:21:00 | Florida teen arrested for orchestrating Twitter hack (lien direct) | Main suspect identified as Graham Ivan Clark, a 17-year-old teen from Tampa, Florida. | Hack | ★★★★ | |
 |
2020-07-31 18:24:29 | (Déjà vu) Three suspects charged for roles in Twitter hack, Bitcoin scam (lien direct) | Four suspects were charged today for their supposed involvement in this month's Twitter hack according to press releases from the Department of Justice and State Attorney Andrew H. Warren. [...] | Hack | ||
 |
2020-07-31 13:01:24 | 17-Year-Old \'Mastermind\', 2 Others Behind the Biggest Twitter Hack Arrested (lien direct) | Three young individuals - 17, 19, and 22-year-old - have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts as part of a massive bitcoin scam.
According to the U.S. Department of Justice, Mason Sheppard, aka "Chaewon," 19, from the United Kingdom, Nima Fazeli, aka "Rolex," 22, from Florida and an |
Hack | ||
|
2020-07-31 11:22:44 | Blackbaud hack affects Labour party data (lien direct) | Hackers gained access to confidential information about thousands of Labour party donors, ITV reported today. This security compromise is the result of a wider cyber-attack directed at cloud computing provider Blackbaud, which affected over 125 institutions in the UK, including many universities. The compromise affected the fundraising and donor management software Raiser’s Edge, which is […] | Hack | ||
|
2020-07-31 10:40:48 | Hackers stole Twitter employee credentials via phone phishing (lien direct) | Twitter today said that the attackers behind this month's hack were able to take control of high-profile accounts after stealing Twitter employees' credentials as part of a phone spear phishing attack on July 15, 2020. ddd29e6efee4c391a7acce4012ba507d [...] | Hack | ||
|
2020-07-31 08:46:25 | Twitter confirms spear-phishing attack on employees (lien direct) | Following the major security breach suffered by Twitter on 15 July, it has confirmed that the hack targeted a small number of employees through a phone “spear-phishing” attack. Attackers targeted specific employees who had access to account support tools, Twitter said. The company added it has since restricted access to its internal tools and systems. The ISBuzz Post: This Post Twitter confirms spear-phishing attack on employees | Hack | ||
 |
2020-07-30 15:20:47 | Is Your Smart Home Vulnerable to a Hack Attack? (lien direct) | 
Is Your Smart Home Vulnerable to a Hack Attack? Your smart home device creates a computer network which can function as your incredibly convenient garage door opener, appliance manager, lighting designer, In-House DJ, and even security system supervisor, among many other selected duties. Yet cybersecurity experts frequently caution that this ultra-convenient home network provided through […]
|
Hack | ||
|
2020-07-30 14:08:30 | Smashing Security podcast #189: DNA cock-up, Garmin hack, and virtual kidnappings (lien direct) | Why are students faking their own kidnappings? What’s the story behind Garmin’s ransomware attack? And a genetic genealogy website suffers a hack or two. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray REDACTED. | Ransomware Hack | ||
|
2020-07-30 10:25:39 | Announcing Veracode Security Labs Community Edition (lien direct) |  We recently partnered with Enterprise Strategy Group (ESG) to survey software development and security professionals about modern application development and how applications are tested for security. The soon-to-be-announced survey found that 53% of organizations provide security training for developers less than once a year, which is woefully inadequate for the rapid pace of change in software development. At the same time, 41% say that it???s up to security analysts to educate developers to try to prevent them from introducing significant security issues. So, where???s the disconnect?
Communication breakdowns and misaligned training priorities between security and development teams are part of the problem. As developers are being asked to ???Shift Left??? to take on more responsibility for secure code earlier in the software development lifecycle, it???s increasingly more important for developers to get the training they need to not just create world-class applications ??? ones that have security designed in from the beginning.
Enterprise-grade tools for all developers
Veracode Security Labs Enterprise Edition is perfect for engineering teams, but we wanted every individual developer to have access to the same quality of training, from casual hobbyists to professionals interested in improving their secure coding skills. I???m excited to announce Veracode Security Labs Community Edition, where developers worldwide can hack and patch real applications to learn the latest tactics and security best practices with guidance while exploring actual code on their own time; and it???s free!
With Veracode Security Labs Community Edition, you now have the tools you need to close any gaps in security knowledge that are holding you back. It???s a module that fits within the Veracode Developer Training product family, featuring tools and robust programs built with interactivity in mind so that developers can get their hands on a practical training tool at a moment???s notice.
Here are the differences between the Community Edition and Enterprise Edition:
 ???
While the Enterprise Edition has features that support the efforts of development teams with full compliance-based curricula, rollout strategies, and progress reporting, the Community Edition offers selected topics and one-off labs for individuals who are looking to strengthen their security knowledge. Though there are differences that enable scalability for organizations and teams, the benefits for individual developers remain the same:
The ability to exploit and remediate real-world vulnerabilities to learn what to look for in insecure code.
Fast and relevant remediation guidance in the context of the most popular programming languages.
Easy and fun hands-on training that provides professional growth.
Improved security knowledge while building confidence through interactive trial and error.
When you practice breaking and fixing real applications using real vulnerabilities, you become a sharper, more efficient developer ??? especially with a variety of challenges to choose from as you go. We plan to expand the number of labs and challenges over time but initially, the Community Edition will cover topics ranging from beginner to advanced, including:
|
Hack Tool Vulnerability | ★★★★ | |
|
2020-07-29 18:20:32 | Expert Commentary: Drizly Breach And Its Implications (lien direct) | It was announced today that Drizly, an alcohol delivery startup, experienced a data breach. In an email to customers obtained by TechCrunch, the company said that a hacker “obtained” some customer data. The hacker took customer email addresses, date-of-birth, hashed passwords, and in some cases delivery addresses.Drizly did not say when the hack occurred or … The ISBuzz Post: This Post Expert Commentary: Drizly Breach And Its Implications | Hack | ||
|
2020-07-28 10:52:28 | Expert On Malware replaced with GIFs in Emotet hack (lien direct) | Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, substituting malware for humorous GIFs. As a result, instead of being hit with malware, users who click on malicious links from Emotet spam have been seeing images of James Franco and others such as “Hackerman” from the 2015 film “Kung … The ISBuzz Post: This Post Expert On Malware replaced with GIFs in Emotet hack | Spam Malware Hack Threat | ||
|
2020-07-28 10:10:26 | National Cardiovascular Partners (NCP) Notifies Patients of Data Breach (lien direct) | US healthcare service National Cardiovascular Partners (NCP) has fallen victim of an email hack that exposed 78,000 cardiovascular patients’ data. The data was archived in an Excel spreadsheet, which was accessed by malicious actors back in April. The breach remained undetected until nearly a month late, when NCP responded by securing the compromised email and […] | Data Breach Hack | ||
|
2020-07-25 13:00:00 | Russia Tested a Space Weapon Last Week (lien direct) | Twitter hack details, a botnet vigilante, and more of the week's top security news. | Hack | ||
 |
2020-07-25 05:22:55 | CarryMinati\'s YouTube Channel Hacked To Stream Bitcoin Scam (lien direct) | Popular Indian roaster and streamer on YouTube, Ajey Nagar, aka CarryMinati is the latest victim of the ongoing BitCoin hack scandal. The hack happened on the second channel of CarryMinati, which goes by the name of CarryisLive, where he streams himself playing video games, often with other YouTubers and celebrities. Just a week ago in […] | Hack | Uber | |
|
2020-07-24 20:55:41 | Blackbaud Hack: Aberystwyth university\'s data attacked in global hack (lien direct) | Aberystwyth University has told students that "no bank account or credit card details were taken" | Hack | ||
|
2020-07-24 10:19:08 | Hack de Twitter : plus de 1 000 employés avaient accès à l\'interface de gestion des comptes (lien direct) | Le nombre de personnes capables de modifier les informations personnelles des utilisateurs était bien trop élevé, augmentant les probabilités de piratage.  |
Hack | ||
|
2020-07-23 16:36:59 | PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack (lien direct) | Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […] | Hack Vulnerability | ||
 |
2020-07-23 15:45:18 | Checklist 192: Twitter Hack 2020 (lien direct) | A week behind us, the great Twitter hack is still unfolding. We'll look at what we think we know so far and why the hack itself matters on this edition of The Checklist, brought to you by SecureMac. | Hack | ||
|
2020-07-23 11:44:52 | (Déjà vu) Politician amongst those who had their direct messages accessed during Twitter hack (lien direct) | More information has emerged related to last week's attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam, as it is revealed a far-right politician had his private messages accessed. Read more in my article on the Tripwire State of Security blog. | Hack | ||
 |
2020-07-23 11:40:27 | Politician Amongst Those Who Had Their Direct Messages Accessed During Twitter Hack (lien direct) | More information has emerged related to last week’s attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam. Twitter has already said that 130 Twitter accounts were targeted by hackers, using tools that should only have been available to the site’s internal support team. Those tools […]… Read More | Hack | ||
|
2020-07-23 11:14:00 | Hack de Twitter : 36 comptes ont été victimes du vol de leurs messages privés (lien direct) | Sur les 130 comptes piratés dans la nuit du 15 au 16 juillet, 36 ont été également compromis par l'accès à leurs messages privés.  |
Hack | ||
|
2020-07-23 11:06:15 | Private Messages from 36 Twitter Accounts Exposed to Hackers (lien direct) | Following the great Twitter hack last week, it has been revealed that hackers had viewed the private messages of 36 of the affected accounts. While it has not been announced who these accounts belong to, one is believed to be owned by an elected official in the Netherlands. According to Twitter, no other former or […] | Hack | ★★★★★ | |
|
2020-07-23 10:46:49 | Premier League Clubs Targeted by Cyber Hackers, Almost Lost £1M (lien direct) | During a transfer deal, a Premier League club almost lost £1m and this was only halted because of an intervention by the unnamed club’s bank, reports the BBC. A report from the NCSC revealed that the attempted theft came about as a result of an email address hack; specifically, a hack of the Premier League […] | Hack |
To see everything:
Our RSS (filtrered)
