Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-06-28 10:12:54 |
Own an old WD My Book Live? Disconnect it from the internet right now (lien direct) |
Active attacks are indiscriminately wiping user devices. |
|
|
|
|
2021-06-28 08:28:30 |
GitHub bug bounties: payouts surge past $1.5 million mark (lien direct) |
GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure. |
Vulnerability
|
|
|
|
2021-06-28 07:11:52 |
Ministry of Defence employee charged in child pornography case (lien direct) |
The charges stem from his participation in the “PedoPub” web forum. |
|
|
|
|
2021-06-25 12:49:30 |
Three Texan men jailed after using Grindr to find targets for theft, kidnap, assault (lien direct) |
Prosecutors say the men abused the app to perform “bias-motivated violence.” |
|
|
|
|
2021-06-25 11:43:24 |
Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency (lien direct) |
The malware is thought to have generated millions of dollars in just a few short years. |
Malware
|
|
|
|
2021-06-25 10:57:27 |
\'Pen tester\' FIN7 hacking group member lands seven-year prison term (lien direct) |
The “high-level” member must also pay $2.5 million in damages. |
|
|
|
|
2021-06-24 10:48:35 |
Cybersecurity firms battle DMCA rules over good-faith research (lien direct) |
The argument is that current rules are hampering ethical and effective vulnerability reporting. |
Vulnerability
|
|
|
|
2021-06-24 10:08:44 |
BIOSConnect code execution bugs impact millions of Dell devices (lien direct) |
A critical bug chain allows attackers to impersonate the vendor and impact code at the root level. |
|
|
|
|
2021-06-24 10:00:00 |
One-click account takeover vulnerabilities in Atlassian domains patched (lien direct) |
Research was conducted in light of the increasing threat of supply-chain attacks. |
Threat
|
|
|
|
2021-06-23 13:00:00 |
ChaChi: a new GoLang Trojan used in attacks against US schools (lien direct) |
The malware has found a role to play in ransomware strikes. |
Ransomware
Malware
|
|
|
|
2021-06-18 10:48:33 |
A deep dive into the operations of the LockBit ransomware group (lien direct) |
Most victims are from the enterprise and are expected to pay an average ransom of $85,000. |
Ransomware
|
|
|
|
2021-06-17 13:00:05 |
This strange malware stops you from visiting pirate websites (lien direct) |
An odd vigilante campaign is preventing victims from accessing pirate content online. |
Malware
|
|
|
|
2021-06-16 14:00:05 |
Billions of records belonging to CVS Health exposed online (lien direct) |
The exposure is another example of misconfiguration that can impact security. |
|
|
|
|
2021-06-16 08:21:30 |
Facebook awards $30,000 bounty for exploit exposing private Instagram content (lien direct) |
The bug allowed users to view content without following an account. |
|
|
|
|
2021-06-16 07:43:20 |
SEC settles with First American over massive leak of mortgage data, disclosure (lien direct) |
First American has agreed to a penalty of close to half a million dollars. |
|
|
|
|
2021-06-15 13:00:00 |
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched (lien direct) |
Close to a month on, internet-facing servers remain vulnerable to attack. |
|
|
|
|
2021-06-15 04:01:04 |
Pandemic prompts digital \'boom\' in account creation - as well as password fatigue (lien direct) |
Lockdown forced many of us online and this hasn't helped our security postures. |
|
|
|
|
2021-06-14 10:45:14 |
Dentist charged by SEC for digital token project fraud, pump-and-dump AI stock scheme (lien direct) |
The “adviser” was allegedly responsible for three securities frauds. |
|
|
|
|
2021-06-14 09:33:07 |
Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers (lien direct) |
An unsecured treasure trove of data used for sales was exposed online. |
Data Breach
|
|
|
|
2021-06-14 08:49:00 |
Codecov to retire the Bash script responsible for supply chain attack wave (lien direct) |
A new uploader, shipped as a NodeJS executable, has been introduced in its place. |
|
|
|
|
2021-06-11 13:00:03 |
Lax security around URL shortener exposed PII of US retailer Carter\'s customer base (lien direct) |
Hundreds of thousands of customers may have been impacted. |
|
|
|
|
2021-06-11 08:30:01 |
Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering (lien direct) |
Criminals involved in telecom scams allegedly funneled their profits through cryptocurrency platforms. |
|
|
|
|
2021-06-11 07:48:15 |
Feds strike Slilpp, a marketplace for flogging initial access credentials (lien direct) |
The marketplace was one of the largest sellers of stolen login information. |
|
|
|
|
2021-06-10 13:00:03 |
This new hacking group has a nasty surprise for African, Middle East diplomats (lien direct) |
The newly-discovered APT pulls no punches when it comes to cyberespionage. |
|
|
|
|
2021-06-10 10:13:00 |
Amazon data usage to feature in new UK antitrust probe: report (lien direct) |
Reports suggest a formal investigation into potential merchant favoritism is planned. |
|
|
|
|
2021-06-09 09:19:00 |
Apple pays millions of dollars to student after repair staff leak her explicit photos online (lien direct) |
Sensitive photos were accessed and leaked by workers repairing her iPhone. |
|
|
|
|
2021-06-09 08:34:19 |
PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilities (lien direct) |
Two of the zero-days used were patched by Microsoft on Tuesday. |
|
|
|
|
2021-06-08 12:00:02 |
A deep dive into Nefilim, a ransomware group with an eye for $1bn+ revenue companies (lien direct) |
The group is one of many that employ two separate methods to blackmail victims. |
Ransomware
|
|
|
|
2021-06-07 16:00:03 |
Facebook ramps up privacy efforts with end-to-end encrypted audio, video calling trials in Secret Conversations (lien direct) |
The tech giant says that improving Secret Conversations will be the focus of the research. |
|
|
|
|
2021-06-07 10:00:00 |
Siloscape: this new malware targets Windows containers to access Kubernetes clusters (lien direct) |
Researchers say this is the first malware strain they know of that specifically targets Windows containers. |
Malware
|
Uber
|
|
|
2021-06-07 07:38:57 |
The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade (lien direct) |
Ransomware has been likened to a hydra -- cut off one head, and more appear in its place. |
Ransomware
|
|
|
|
2021-06-03 12:00:00 |
Necro Python bot revamped with new VMWare, server exploits (lien direct) |
The latest version of the bot has also been equipped with a cryptocurrency miner. |
|
|
|
|
2021-06-03 10:00:00 |
Chinese cybercriminals spent three years creating a new backdoor to spy on governments (lien direct) |
The new tool has been used in ongoing cyberespionage activities. |
Tool
|
|
|
|
2021-06-03 09:12:31 |
A new surprise feature for Norton 360 antivirus users: you can mine for cryptocurrency (lien direct) |
The vendor says that bringing mining in-house has security benefits. |
|
|
|
|
2021-06-03 08:21:27 |
WhatsApp backtracks on app limitations if you refuse new privacy terms (lien direct) |
App functionality will not be restricted if you refuse. |
|
|
|
|
2021-06-02 13:00:00 |
This is how attackers bypass Microsoft\'s AMSI anti-malware scanning protection (lien direct) |
Researchers outline common tactics for circumventing the security software. |
|
|
|
|
2021-06-02 12:00:06 |
XSS vulnerability found in popular WYSIWYG website editor (lien direct) |
The security flaw was found in how HTML sanitizing is performed. |
Vulnerability
|
|
|
|
2021-06-02 10:05:53 |
Russian underground forums launch competitions for cryptocurrency, NFT hacks (lien direct) |
Prizes are on offer for everything from stealing wallet funds to compromising NFTs. |
|
|
|
|
2021-06-02 10:00:03 |
US schools land IBM grants to protect themselves against ransomware (lien direct) |
The grants are worth a total of $3 million. |
Ransomware
|
|
|
|
2021-06-01 10:43:00 |
Asian cybercrime takedown leads to intercept of $83 million in financial theft (lien direct) |
Police intercepted funds that were on their way to the accounts of financial fraudsters. |
|
|
|
|
2021-06-01 09:53:44 |
SEC charges US promoters for marketing alleged BitConnect cryptocurrency Ponzi scheme (lien direct) |
Promoters of a suspected, high-profile exit scam are now in the hot seat. |
|
|
|
|
2021-05-28 09:42:00 |
Researchers find four new malware tools created to exploit Pulse Secure VPN appliances (lien direct) |
There are now at least 16 malware families designed to compromise Pulse Secure VPN products. |
Malware
|
|
|
|
2021-05-27 10:00:00 |
Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks (lien direct) |
The ethnic group is being targeted in spy campaigns under the guise of the United Nations. |
|
|
|
|
2021-05-26 10:52:40 |
Bluetooth bugs open the door for attackers to impersonate devices (lien direct) |
Devices supporting the Bluetooth Core and Mesh specifications are impacted. |
|
|
|
|
2021-05-26 09:37:00 |
Russian national jailed for running stolen data, hijacked account seller platform deer.io (lien direct) |
Kirill Victorovich Firsov was arrested by the FBI last year. |
|
|
|
|
2021-05-25 14:00:03 |
Not as complex as we thought: Cyberattacks on operational technology are on the rise (lien direct) |
Common techniques are setting a low bar for attacks on control processes. Sometimes, attackers have no idea what the system is used for. |
|
|
|
|
2021-05-25 11:00:00 |
Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys it instead (lien direct) |
The relatively new threat group has been connected to attacks against Israeli targets. |
Threat
|
|
|
|
2021-05-25 10:00:03 |
Russian dark web marketplace Hydra cryptocurrency transactions reached $1.37bn in 2020 (lien direct) |
The market is used to trade everything from drugs to stolen data. |
|
|
|
|
2021-05-25 09:07:31 |
Encrochat drug dealer betrayed by his love of cheese (lien direct) |
Police were able to arrest him by using a shared photo of Stilton as a starting point. |
|
|
|
|
2021-05-24 09:36:50 |
FBI identifies 16 Conti ransomware attacks striking US healthcare, first responders (lien direct) |
One of Conti's latest victims is Ireland's health service. |
Ransomware
|
|
|