What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-18 19:12:53 | Botnet malware disguises itself as password cracker for industrial controllers (lien direct) | Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.… | Malware | ||
|
2022-07-18 01:15:11 | Alibaba execs hauled in to discuss Shanghai Police data leak (lien direct) | Plus: Weibo cracks down on political puns; Singaporean crypto biz Vauld restructures; Philippines fights Facebook rumors Asia In Brief Senior execs from Alibaba Cloud were summoned to discuss the data leak that saw information pertaining to a billion Chinese citizens sold on the dark web, according to Nikkei and The Wall Street Journal.… | |||
|
2022-07-16 14:34:10 | North Koreans spotted harassing SMBs with malware (lien direct) | Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more In brief SMBs, beware: Microsoft said this week it has discovered a North Korean crew targeting small businesses with ransomware since September of last year.… | Ransomware Malware | ||
|
2022-07-15 02:28:01 | Meet Mantis, the tiny shrimp that launched 3,000 DDoS attacks (lien direct) | Watch out for deadly pinchers after that record-breaking attack The botnet behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack is now named after a tiny shrimp.… | |||
|
2022-07-13 21:06:50 | 1.9m patient records exposed in healthcare debt collector ransomware attack (lien direct) | The P in PFC now stands for Pwned Professional Finance Company, a Colorado-based debt collector whose customers include hundreds of US hospitals, medical clinics, and dental groups, recently disclosed that more than 1.9 million people's private data – including names, addresses, social security numbers and health records – was exposed during a ransomware infection.… | Ransomware | ||
|
2022-07-12 16:00:14 | Older AMD, Intel chips vulnerable to data-leaking \'Retbleed\' Spectre variant (lien direct) | Speculative execution side-channels continue to haunt silicon world Older AMD and Intel chips are vulnerable to yet another Spectre-based speculative-execution attack that exposes secrets within kernel memory despite defenses already in place. Mitigating this side channel is expected to take a toll on performance.… | |||
|
2022-07-12 15:00:10 | Hive to end support for variety of smart home gadgets in 2025 (lien direct) | Company says it is pivoting to systems 'that'll help get us closer to achieving Net Zero' Home automation platform Hive plans to terminate key products in its line, including the Hive View cameras, HomeShield, and Leak products.… | |||
|
2022-07-12 14:30:14 | NYC issues super upbeat PSA for surviving the nuclear apocalypse (lien direct) | It's the end of the world as we know it, and you'll be fine Ever the optimist, New York has reminded its citizens of what they should do in the event of a nuclear attack. And not just any nuclear attack either, but the "big one."… | |||
|
2022-07-12 02:45:10 | Twitter claims Elon Musk bailed from sale with \'invalid and wrongful\' reasons (lien direct) | Tesla chief seemingly responds with ... a Chuck Norris meme that shows all the brilliance of the CEO mindset Twitter has fired back at Elon Musk's allegations the micro-blogging network is in breach of its agreement to be acquired, claiming the billionaire is the one at fault and vowing to see the deal through to a conclusion.… | |||
|
2022-07-11 13:00:12 | US military contractor moves to buy Israeli spy-tech company NSO Group (lien direct) | Biden blacklist a stumbling block for any possible deal US security technology provider L3Harris has courted controversial Israeli spyware firm NSO with an aim to buy it, according to reports.… | |||
|
2022-07-11 12:15:05 | Microsoft resorts to Registry hack to keep Outlook from using Windows 11 search (lien direct) | Only a short-term solution to prevent the OS interfering with email results Microsoft has identified Windows Indexing as the culprit for broken Outlook Search results in Windows 11.… | Hack | ||
|
2022-07-11 06:45:08 | Leaked Uber docs reveal frequent use of \'kill switch\' to deactivate tech, thwart investigators (lien direct) | Staff told to tell cops that the IT team was in San Francisco, asleep, and couldn't restore systems A data leak from ride-sharing app Uber revealed activities allegedly geared to avoid regulation and law enforcement – including a "kill switch" that would remotely cut computer access to servers at its headquarters in San Francisco in case of a raid – according to weekend media.… | Uber Uber | ||
|
2022-07-07 13:45:11 | Microsoft cloud exec accused of verbal attack on staff exits (lien direct) | Tom Keane helped Redmond win JEDI deal, respond to GDPR, and ran Azure datacenter infrastructure worldwide Microsoft cloud lieutenant Tom Keane is departing the megacorp where he has spent the past 21 years in various senior roles. He is heading for the exit a month after featuring in a report about the toxic culture among company execs.… | |||
|
2022-07-06 22:51:04 | Here today, gone to Maui: That\'s your data captured by North Korean ransomware (lien direct) | CISA, FBI, US Treasury warn Kim Jong-un's latest malware has hit healthcare orgs For the past year, state-sponsored hackers operating on behalf of North Korea have been using ransomware called Maui to attack healthcare organizations, US cybersecurity authorities said on Wednesday.… | Ransomware Malware | ||
|
2022-07-06 17:50:04 | Hive ransomware gang rapidly evolves with complex encryption, Rust code (lien direct) | RaaS malware devs have been busy bees The Hive group, which has become one of the most prolific ransomware-as-a-service (RaaS) operators, has significantly changed its malware, including migrating the code to the Rust programming language and using a more complex encryption technique.… | Ransomware Malware | ||
|
2022-07-06 14:30:06 | Typo-squatting NPM software supply chain attack uncovered (lien direct) | Beawre teh mizpelled pakcage naem Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM.… | |||
|
2022-07-06 14:00:13 | Marriott Hotels admits to third data breach in 4 years (lien direct) | Digital thieves made off with 20GB of internal documents and customer data Marriott Hotels has leaked data to attackers again and this time the culprits made off with 20GB of information, which reportedly included credit card info and internal company documents. … | Data Breach | ||
|
2022-07-06 05:27:10 | Near-undetectable malware linked to Russia\'s Cozy Bear (lien direct) | The fun folk who attacked Solar Winds using a poisoned CV and tools from the murky world of commercial hackware Palo Alto Networks' Unit 42 threat intelligence team has claimed that a piece of malware that 56 antivirus products were unable to detect is evidence that state-backed attackers have found new ways to go about the evil business.… | Malware Tool Threat | APT 29 | |
|
2022-07-05 20:06:42 | Pentagon: We\'ll pay you if you can find a way to hack us (lien direct) | DoD puts money behind bug bounty program after reward-free pilot The US Department of Defense has created a broad but short bug bounty program for vulnerabilities in public-facing systems and applications.… | Hack | ||
|
2022-07-05 07:46:32 | Dutch University retrieves Bitcoin ransomware payment and makes a profit (lien direct) | Promises funds will be used to support struggling students The Netherlands' Maastricht University has managed to recoup the Bitcoin ransom it paid to ransomware scum in 2019 – and has made a tidy profit on the deal.… | Ransomware | ||
|
2022-07-05 06:04:18 | Billion-record stolen Chinese database for sale on breach forum (lien direct) | Appears to have leaked from a cloud thanks to sloppy coding A threat actor has taken to a forum for news and discussion of data breaches with an offer to sell what they assert is a database containing records of over a billion Chinese civilians – allegedly stolen from the Shanghai Police.… | Threat | ||
|
2022-07-04 06:58:10 | Microsoft teases Outlook Lite for Android (lien direct) | What are the 'main benefits' of Outlook? Whatever they are, that's all you'll get Microsoft is readying a "Lite" version of its flagship messaging and calendar app for Android.… | |||
|
2022-07-04 01:07:07 | British Army\'s Twitter and YouTube feeds hijacked by crypto-promos (lien direct) | If you can't defend against crypto bros … The British Army has apologised after its Twitter and YouTube accounts were compromised by entities that used them to promote NFT.… | |||
|
2022-07-02 10:07:09 | The App Gap and supply chains: Purism CEO on what\'s ahead for the Librem 5 USA (lien direct) | Freedoms eroded, iOS-Android duopoly under fire, chip sources questioned – it's all an opportunity for this phone Interview In June, Purism began shipping a privacy-focused smartphone called Librem 5 USA that runs on a version of Linux called PureOS rather than Android or iOS. As the name suggests, it's made in America – all the electronics are assembled in its Carlsbad, California facility, using as many US-fabricated parts as possible.… | |||
|
2022-06-30 21:20:11 | OpenSea phishing threat after rogue insider leaks customer email addresses (lien direct) | Worse, imagine someone finding out you bought one of its NFTs The choppy waters continue at OpenSea, whose security boss this week disclosed the NFT marketplace suffered an insider attack that could lead to hundreds of thousands of people fending off phishing attempts.… | Threat Guideline | ||
|
2022-06-30 16:00:08 | Google battles bots, puts Workspace admins on alert (lien direct) | No security alert fatigue here Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.… | Tool | ||
|
2022-06-30 02:15:11 | Israel plans \'Cyber-Dome\' to defeat digital attacks from Iran and others (lien direct) | Already has 'Iron Dome' – does it need another hero? The new head of Israel's National Cyber Directorate (INCD) has announced the nation intends to build a "Cyber-Dome" – a national defense system to fend off digital attacks.… | |||
|
2022-06-29 14:05:08 | Ex-Uber security chief accused of hushing database breach must face fraud charges (lien direct) | Company execs and their lawyers are paying close attention to this one A US judge yesterday threw out an attempt to dismiss wire fraud charges against a former Uber employee accused of trying to cover up a computer crime.… | Uber Uber | ||
|
2022-06-28 14:01:44 | AMD targeted by RansomHouse, cybercrims claim to have \'450Gb\' in stolen data (lien direct) | Relatively cybercrime newbies not clear on whether it's alleging to have gigabits or gigabytes of chip biz's data If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year.… | |||
|
2022-06-28 08:52:09 | Running DOS on 64-bit Windows and Linux: Just because you can (lien direct) | DOS isn't dead. You can still run it and its apps, even now FOSS Fest There are still ways to run DOS apps under 64-bit Windows and Linux, and a lot of free apps to choose from.… | |||
|
2022-06-28 04:31:13 | Tencent admits to poisoned QR code attack on QQ chat platform (lien direct) | Could it be Beijing was right about games being bad for China? Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ.com messaging and social media platform.… | |||
|
2022-06-28 02:58:12 | Carnival Cruises torpedoed by US states, agrees to pay $6m after waves of cyber attacks (lien direct) | Now those are some phishing boats Carnival Cruise Lines will cough up more than $6 million to end two separate lawsuits filed by 46 states in the US after sensitive personal information on customers and employees was accessed in a string of cyber attacks.… | |||
|
2022-06-24 10:46:09 | Google: How we tackled this iPhone, Android spyware (lien direct) | Watching people's every move and collecting their info – not on our watch, says web ads giant Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan - in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).… | Threat | ||
|
2022-06-24 00:45:50 | ZTE intros \'cloud laptop\' that draws just five watts of power (lien direct) | The catch: It hooks up to desktop-as-a-service and runs Android – so while it looks like a laptop ... Chinese telecom equipment maker ZTE has announced what it claims is the first "cloud laptop" – an Android-powered device that the consumes just five watts and links to its cloud desktop-as-a-service.… | |||
|
2022-06-22 20:58:14 | Mega\'s unbreakable encryption proves to be anything but (lien direct) | Boffins devise five attacks to expose private files Mega, the New Zealand-based file-sharing biz co-founded a decade ago by Kim Dotcom, promotes its "privacy by design" and user-controlled encryption keys to claim that data stored on Mega's servers can only be accessed by customers, even if its main system is taken over by law enforcement or others.… | |||
|
2022-06-22 07:58:06 | Okta says Lapsus$ incident was actually a brilliant zero trust demonstration (lien direct) | Once former supplier Sitel coughed up its logs, it became apparent the attacker was hemmed in Okta has completed its analysis of the March 2022 incident that saw The Lapsus$ extortion crew get a glimpse at some customer information, and concluded that its implementation of zero trust techniques foiled the attack – and that its (former) outsourced customer service provider Sitel was largely to blame for the confusion surrounding the incident.… | |||
|
2022-06-21 15:30:05 | NASA tricks Artemis launch computer by masking data showing a leak (lien direct) | Plus it aborts ISS reboost. Not the greatest start to the week, was it? NASA engineers had to work fast to avoid another leak affecting the latest Artemis dry run, just hours after an attempt to reboost the International Space Station (ISS) via the Cygnus freighter was aborted following a few short seconds.… | |||
|
2022-06-20 03:32:08 | Indian government issues confidential infosec guidance to staff – who leak it (lien direct) | Bans VPNs, Dropbox, and more India's government last week issued confidential information security guidelines to the 30 million plus workers it employs – and as if to prove a point, the document quickly leaked on a government website.… | |||
|
2022-06-18 00:48:00 | DeadBolt ransomware takes another shot at QNAP storage (lien direct) | Keep boxes updated and protected to avoid a NAS-ty shock QNAP is warning users about another wave of DeadBolt ransomware attacks against its network-attached storage (NAS) devices – and urged customers to update their devices' QTS or QuTS hero operating systems to the latest versions.… | Ransomware | ||
|
2022-06-17 21:34:06 | Inverse Finance stung for $1.2 million via flash loan attack (lien direct) | Just cryptocurrency things A decentralized autonomous organization (DAO) called Inverse Finance has been robbed of cryptocurrency somehow exchangeable for $1.2 million, just two months after being taken for $15.6 million.… | |||
|
2022-06-17 19:38:06 | International operation takes down Russian RSOCKS botnet (lien direct) | $200 a day buys you 90,000 victims A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.… | |||
|
2022-06-16 19:37:54 | Oracle sued by one of its own gold-level Partners of the Year over government IT contract (lien direct) | We want $56 million, systems integrator tells court Oracle has been sued by Plexada System Integrators in Nigeria for alleged breach of contract and failure to pay millions of dollars said to be owed for assisting with a Lagos State Government IT contract.… | |||
|
2022-06-16 08:13:12 | Elasticsearch server with no password or encryption leaks a million records (lien direct) | POS and online ordering vendor StoreHub offered free Asian info takeaways Researchers at security product recommendation service Safety Detectives claim they've found almost a million customer records wide open on an Elasticsearch server run by Malaysian point-of-sale software vendor StoreHub.… | |||
|
2022-06-15 11:00:12 | End-of-life smartphone? Penguins at postmarketOS aim to revive it (lien direct) | Alpine-based distro runs on old mobiles abandoned by Android and their manufacturers A Linux distro for smartphones abandoned by their manufacturers, postmarketOS, has introduced in-place upgrades.… | |||
|
2022-06-15 04:44:09 | Malaysia-linked DragonForce hacktivists attack Indian targets (lien direct) | Just what we needed: a threat to rival Anonymous A Malaysia-linked hacktivist group has attacked targets in India, seemingly in reprisal for a representative of the ruling Bharatiya Janata Party (BJP) making remarks felt to be insulting to the prophet Muhammad.… | Threat | ||
|
2022-06-14 23:44:10 | Cloudflare says it thwarted record-breaking HTTPS DDoS flood (lien direct) | 26m requests a second? Not legit traffic, not even Bill Gates doing $1m giveaways could manage that Cloudflare said it this month staved off another record-breaking HTTPS-based distributed denial-of-service attack, this one significantly larger than the previous largest DDoS attack that occurred only two months ago.… | |||
|
2022-06-13 17:30:09 | HelloXD ransomware bulked up with better encryption, nastier payload (lien direct) | Russian-based group doubles the extortion by exfiltrating the corporate data before encrypting it. Windows and Linux systems are coming under attack by new variants of the HelloXD ransomware that includes stronger encryption, improved obfuscation and an additional payload that enables threat groups to modify compromised systems, exfiltrate files and execute commands.… | Ransomware Threat | ||
|
2022-06-10 20:57:06 | OVHcloud datacenter fire last year possibly due to water leak (lien direct) | French investigative report draws no conclusion but hints at inverter malfunction Late last month, France's BEA-RI, or Bureau of Investigation and Analysis on industrial risks, issued its technical report on the March 10th, 2021 fire at the OVH datacenter in Strasbourg.… | |||
|
2022-06-10 14:50:38 | Symbiote Linux malware spotted, and infections are \'very hard to detect\' (lien direct) | 'Performing live forensics on an infected machine may not turn anything up' warn researchers Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.… | Malware Threat | ||
|
2022-06-10 11:00:08 | Apple M1 chip contains hardware vulnerability that bypasses memory defense (lien direct) | MIT CSAIL boffins devise PACMAN attack to let existing exploits avoid pointer authentication Apple's M1 chip has been found to contain a hardware vulnerability that can be abused to disable one of its defense mechanisms against memory corruption exploits, giving such attacks a greater chance of success.… | Vulnerability |
To see everything:
Our RSS (filtrered)
