What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-06 11:00:00 | The ethics of biometric data use in security (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In a world where you can scan the veins in your hand to unlock a smartphone, how do you maintain control over personal data? Biometric authentication, the use of distinctive human features like iris patterns, fingerprints and even gait in lieu of a password, is gaining ground in the tech world. Proponents tout its inherent, hard-to-replicate qualities as a security benefit, while detractors see the same features as an invasion of privacy. Both sides may be right. The problems with biometrics Unlike a password, you can’t forget your face at home. But also, unlike a password, you can’t reset your face — meaning you’re out of luck if someone steals a photo of it. In 2016, a biometrics researcher helped investigators hack into a murder victim’s phone with only a photo of the man’s fingerprint. While security systems are getting more advanced all the time, current technology also allows cybercriminals to run wild with a single piece of biometric data, accessing everything from laptop logins to bank accounts. By its very nature, biometric authentication requires third parties to store biometric data. What happens if the information is exposed? In addition to potential hacking, breaching people’s personal data might reveal something they’d rather keep private. Vein patterns could reveal that a person has a vascular disorder, raising their insurance premiums. Fingerprints could expose a chromosomal disease. True, people give this same information to their doctors, and a medical data breach could have the same repercussions. But handing off biometric data to a commercial company — which isn’t bound by HIPAA or sworn to do no harm — is a much grayer area. Another issue that occasionally plagues biometric authentication is injuries and natural bodily changes. A single paper cut can derail a fingerprint scanner, and an aging eye throws iris scanners for a loop. People will have to update their photos every few years to remind the system what they look like. Some facial recognition programs can even predict how long a person will live. Insurance companies have expressed interest in getting hold of this data, since the way a person ages says a lot about their health. If stolen biometric data fed into an algorithm predicts a person won’t make it past 50, will their employer pass them up for a promotion? In the event of an accident, your family won’t easily be able to access your accounts if you use biometric authentication, since it’s not as simple as writing down a list of passwords. Maybe that’s a good thing — but maybe not. Another ethical dilemma with biometric data use is identifying people without their consent. Most people are used to being on camera at the grocery store, but if that same camera snaps a photo without permission and stores it for later retrieval, they probably won’t be too happy. Some people point out that you have no right to privacy in a public space, and that’s true — to an extent. But where do you draw the line between publicity and paparazzi? Is it OK to snap a stranger’s photo while you’re talking to them, or is that considered rude and intrusive? The benefits of biometric data Of course, no one would be handing off a photo of their face if the | Data Breach Hack Prediction Medical | ★★ | |
 |
2023-02-05 12:00:11 | Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears (lien direct) | From frameworks to new federal offices it's time to get busy The hack of SolarWinds' software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?.… | Threat Hack | ★★ | |
 |
2023-02-02 10:02:17 | City Of London Traders Hit By Russia-Linked Cyberattack (lien direct) | Following an attack on a firm that is crucial to the British financial system by a ransomware group with Russian ties, trading in the City of London has fallen into disarray. A top official in the US Treasury Department said on Wednesday that the hack on a UK-based software company that disrupted some futures trading […] | Ransomware Hack | ★★ | |
 |
2023-02-01 17:00:00 | Google Fi Confirms Data Breach, Hints At Link to T-Mobile Hack (lien direct) | The company uses a combination of T-Mobile and US Cellular for network connectivity | Hack | ★★ | |
 |
2023-02-01 14:24:06 | Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen? (lien direct) |
|
Hack | ChatGPT | ★★ |
 |
2023-02-01 11:00:00 | Hackers Abused Microsoft\'s "Verified Publisher" OAuth Apps to Hack Corporate Email Accounts (lien direct) | Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting | Hack | ★★ | |
 |
2023-02-01 09:13:44 | Kevin Bocek - Venafi commente la révocation des certificats de signature de code volés dans repo hack par GitHub (lien direct) | GitHub révoque les certificats de signature de code volés dans repo hack Commentaires de Kevin Bocek - Venafi - Points de Vue | Hack | ★ | |
|
2023-01-30 15:00:00 | Realtek Vulnerability Under Attack: 134 Million Attempts in 2 Months to Hack IoT Devices (lien direct) | Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months. Close to 50% of the attacks | Hack Vulnerability | ★★★ | |
 |
2023-01-30 13:27:03 | GitHub revokes code signing certificates stolen in repo hack (lien direct) | GitHub says that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. [...] | Hack | ★★ | |
|
2023-01-30 12:34:09 | Breaking: JD Sports Data Breach Following Cyberattack (lien direct) | JD Sports has issued a warning that a cyberattack that affected the company may have exposed the personal information of roughly 10 million customers, including personal contact information, such as phone and email addresses. The hack may have affected customers who ordered goods from the business between 2018 and 2020. The company claimed that credit […] | Data Breach Hack | ★★ | |
 |
2023-01-28 11:28:51 | Could hackers change the daily Wordle? Researchers are torn (lien direct) |  Researchers are split on whether someone could hack into the New York Times' massively popular game Wordle and change the daily word users are forced to figure out. In a blog post last month, Noname Security's David Thomason said the the entire list of daily Wordles for the next few months could be discovered by [… |
Hack | ★★★ | |
|
2023-01-27 18:42:03 | (Déjà vu) Bitwarden Password Vaults Subject Of Google Ads Phishing (lien direct) | Google Adwords phishing campaigns steal Bitwarden and other password managers’ vault passwords. As enterprises and consumers use unique passwords at every site, password managers must keep track of them. Unless you use KeePass, most password managers are cloud-based, allowing users to access their credentials via websites and mobile apps. “Password vaults” on the cloud encrypt […] | Hack | ★★★ | |
 |
2023-01-27 15:49:00 | How Noob Website Hackers Can Become Persistent Threats (lien direct) | An academic analysis of website defacement behavior by 241 new hackers shows there are four clear trajectories they can take in future, researchers say. | Hack | ★★★ | |
|
2023-01-26 16:40:34 | Bitwarden password vaults targeted in Google ads phishing attack (lien direct) | Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials. [...] | Hack | ★★★ | |
 |
2023-01-26 09:30:21 | Crypto : le FBI a démasqué le coupable d\'un des plus grands hacks de 2022 (lien direct) |  Le FBI vient de confirmer l'identité des pirates derrière le hack de la blockchain Harmony. En coopérant avec des plates-formes comme Binance, les autorités sont remontées jusqu'à un groupe de pirates passé maître dans le vol de cryptomonnaies… |
Hack | ★★ | |
|
2023-01-25 21:43:00 | Zacks Investment Research Hack Exposes Data for 820K Customers (lien direct) | Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com. | Hack | ★ | |
|
2023-01-25 14:34:52 | Hackers auction alleged source code for League of Legends (lien direct) | Threat actors are auctioning the alleged source code for Riot Game's League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company's developer environment. [...] | Threat Hack | ★★ | |
|
2023-01-25 13:54:59 | Hilton denies hack after data from 3.7 million Honors customer offered for sale (lien direct) |  Hotel giant Hilton denied that it has been hacked after cybercriminals claimed to have breached the company's systems and stolen data related to 3.7 million customers. On Monday, hackers said they stole a database from 2017 consisting of information from customers enrolled in the Hilton Hotel Honors program. The information in the database includes names, [… |
Hack | ★★★★ | |
 |
2023-01-25 12:00:00 | Password Dependency: How to Break the Cycle (lien direct) | >Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That's why it's so critical to break the password dependency cycle. But how can this be done? | Hack | ★ | |
|
2023-01-25 10:00:00 | New Cheats May Emerge After Riot Games Hack (lien direct) | Ransomware actors stole source code, company reveals | Ransomware Hack | ★★★ | |
|
2023-01-24 17:28:00 | FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft (lien direct) | The U.S. Federal Bureau of Investigation (FBI) on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38, the latter of which is a North Korean state-sponsored threat group that specializes in financial cyber | Threat Hack Medical | APT 38 | ★★ |
|
2023-01-24 17:00:00 | FBI Confirms Lazarus Group Was Behind $100m Harmony Hack (lien direct) | The North Korean cyber actors laundered over $60m worth of Ethereum stolen during the heist | Hack | APT 38 | ★★★ |
|
2023-01-24 11:40:14 | How To Safeguard Your Business From Cybersecurity Stress And Prevent IT Burnout (lien direct) | The number of data breaches and their effects are increasing as more aspects of our lives move online. It’s not surprising that the latest IBM Data Breach report found that the average cost of a hack to businesses has reached a record $4.35 million when combined with inflationary levels that are unheard of. Employees are […] | Data Breach Hack | ★★ | |
|
2023-01-24 09:49:59 | FBI: North Korean hackers stole $100 million in Harmony crypto hack (lien direct) | The FBI has concluded its investigation on the $100 million worth of ETH heist that hit Harmony Horizon in June 2022 and validated that the hackers responsible for it are the Lazarus group and APT38. [...] | Hack Medical | APT 38 | ★★ |
|
2023-01-24 02:19:28 | Congressman \'coming for answers\' after \'no-fly list\' hack (lien direct) |  A Republican congressman on the House Committee on Homeland Security is seeking answers about last week’s hack of regional airline CommuteAir, which led to the exposure of a copy of the federal no-fly list from 2019. Alarm has grown since the researcher behind the hack, a Swiss national who goes by maia arson crimew, published [… |
Hack | ★★ | |
|
2023-01-23 10:02:40 | FanDuel Cautions Users Of Data Breach In Vendor Hack (lien direct) | Customers of the FanDuel sportsbook and betting platform are being cautioned that their names and email addresses were made public due to a security breach at MailChimp in January 2023. Users are advised to be on the lookout for scam communications. MailChimp announced a compromise on January 13th after hackers used a social engineering effort […] | Data Breach Hack | ★ | |
|
2023-01-22 13:56:45 | (Déjà vu) FanDuels warns of data breach after customer info stolen in vendor hack (lien direct) | The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. [...] | Data Breach Hack | ★★ | |
|
2023-01-22 13:56:45 | FanDuel discloses data breach caused by recent MailChimp hack (lien direct) | The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. [...] | Data Breach Hack | ★★ | |
|
2023-01-20 18:28:54 | Samsung investigating claims of hack on South Korea systems, internal employee platform (lien direct) |  Samsung is investigating a potential cyberattack and data breach on an internal employee platform and several systems in South Korea. On Tuesday, a group of hackers going by the name “Genesis Day” claimed it attacked Samsung's offices in South Korea because of the country's recent opening of a mission to the North Atlantic Treaty Organization [… |
Data Breach Hack | ★★ | |
|
2023-01-20 15:06:08 | 37 Million T-Mobile API Data On Customers Stolen in Hack (lien direct) | Following a network intrusion by a “unidentified malicious intruder,” around 37 million T-Mobile customers had their personal information taken. Its been confirmed that data taken were customers’ addresses, phone numbers, and dates of birth were among the data taken, the company informed the Security and Exchange Commission on January 5. This is the mobile company’s […] | Hack | ★ | |
|
2023-01-19 16:00:00 | Mailchimp Hit By Another Data Breach Following Employee Hack (lien direct) | According to the company, the incident was limited to 133 accounts | Data Breach Hack | ★★★ | |
|
2023-01-19 12:55:02 | Roaming Mantis\' Android malware adds DNS changer to hack WiFi routers (lien direct) | Starting in September 2022, the 'Roaming Mantis' credential theft and malware distribution campaign was observed using a new version of the Wroba.o/XLoader Android malware that incorporates a function for detecting specific WiFi routers and changing their DNS. [...] | Malware Hack | ★★ | |
|
2023-01-19 02:30:14 | FTX audit finds $415 million in crypto has mysteriously vanished (lien direct) | Meanwhile SBF proclaims he's both innocent and solvent Liquidators at bankrupt crypto exchange FTX say they've thus far located $5.5 billion in assets, and confirmed that $415 million stolen in a November hack is still missing. … | Hack | ★★★ | |
|
2023-01-18 16:10:16 | 1,000 Ships Affected By Ransomware Attack On DNV\'s Software (lien direct) | DNV, a Norwegian assurance and risk management firm and classification organization, has confirmed that almost 1,000 ships were affected by a recent ransomware cyberattack on its fleet management system. After the hack on its ShipManager fleet management and operations platform was discovered on Saturday, January 7, in the evening, the class society was obliged to […] | Ransomware Hack | ★★ | |
|
2023-01-18 13:19:15 | CREST and Hack The Box launch CREST certification-aligned penetration testing training labs (lien direct) | CREST and Hack The Box launch CREST certification-aligned penetration testing training labs New Hack The Box training pathway provides study support for CREST penetration testing exams - Product Reviews | Hack | ★★ | |
|
2023-01-17 05:31:58 | Datadog Changes RPM Signing Key Exposed in CircleCI Hack (lien direct) | Datadog, a cloud security company, reports that a recent CircleCI security incident exposed one of its RPM GPG signing keys and its passphrase. The business has yet to discover proof that this key has been compromised or misused. Datadog stated that as of January 16th, 2023, it had no proof that the key was actually […] | Hack | ★★ | |
|
2023-01-16 14:08:19 | Datadog rotates RPM signing key exposed in CircleCI hack (lien direct) | Cloud security firm Datadog says that one of its RPM GPG signing keys and its passphrase have been exposed during a recent CircleCI security breach. [...] | Hack | ★★ | |
|
2023-01-16 13:18:41 | Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems (lien direct) | The US Department of Defense (DoD) is getting ready to launch the third installment of its 'Hack the Pentagon' bug bounty program, which will focus on the Facility Related Controls System (FRCS) network. | Hack | ★★★ | |
|
2023-01-14 17:28:34 | CircleCI\'s hack caused by malware stealing engineer\'s 2FA-backed session (lien direct) | Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that stole the employee's 2FA-backed SSO session, allowing access to the company's internal systems. [...] | Malware Hack | ★★★★ | |
|
2023-01-13 11:21:01 | Fortinet Says Recently Patched Vulnerability Exploited to Hack Governments (lien direct) | Fortinet reported this week that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations. The security hole impacts the FortiOS SSL-VPN and it can allow a remote, unauthenticated hacker to execute arbitrary code or commands using specially crafted requests. | Hack Vulnerability | ★★★ | |
|
2023-01-12 14:42:00 | (Déjà vu) Hack the Box Secures $55 Million in Series B Funding Led by Carlyle (lien direct) | Fortinet reported this week that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations. The security hole impacts the FortiOS SSL-VPN and it can allow a remote, unauthenticated hacker to execute arbitrary code or commands using specially crafted requests. | Hack | ★★ | |
|
2023-01-12 11:16:48 | Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers (lien direct) | Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit. | Hack Vulnerability | ★★ | |
|
2023-01-11 13:45:01 | EfficientIP Launches Free Tool to Detect Enterprises Risk of Data Exfiltration (lien direct) | EfficientIP Launches Free Tool to Detect Enterprises Risk of Data Exfiltration New tool enables organisations to ethically hack their own network and test DNS Robustness - Business News | Hack Tool | ★★ | |
|
2023-01-11 13:36:09 | Hack The Box announces a Series B investment round of $55 million led by Carlyle (lien direct) | Hack The Box announces a Series B investment round of $55 million led by Carlyle. Minority growth investment in gamified cybersecurity online upskilling & talent assessment platform is set to reduce the severe global cybersecurity skills shortage and help organizations enhance their cyberattack readiness - Business News | Hack | ★ | |
|
2023-01-10 14:00:00 | Black Hat Flashback: The Deadly Consequences of Weak Medical Device Security (lien direct) | Hacking to kill: Dark Reading's Fahmida Y. Rashid reflects on the monumental Black Hat 2011 moment when Jay Radcliffe showed how to hack his insulin pump. | Hack Medical | ★ | |
 |
2023-01-09 14:00:41 | Cracked it! Highlights from KringleCon 5: Golden Rings (lien direct) | >Learning meets fun at the 2022 SANS Holiday Hack Challenge – strap yourself in for a crackerjack ride at the North Pole as I foil Grinchum's foul plan and recover the five golden rings | Hack | ★★ | |
 |
2023-01-06 06:51:00 | 14 UK schools suffer cyberattack, highly confidential documents leaked (lien direct) | More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That's according to a report from the BBC which claimed that children's SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries.Passport, contract data stolen and posted on dark web Pates Grammar School in Gloucestershire is one of 14 to have been impacted by the data breach, the BBC reported, with Vice Society hackers using generic search terms to steal documents. “One folder marked 'passports' contains passport scans for pupils and parents on school trips going back to 2011, whereas another marked 'contract' contains contractual offers made to staff alongside teaching documents on muscle contractions. Another folder marked 'confidential' contains documents on the headmaster's pay and student bursary fund recipients,” the BBC wrote. The hack at Pates is estimated to have taken place on September 28 before data was published on the dark web. The UK Information Commissioner's Office (ICO) and Gloucestershire Police confirmed they were investigating the alleged breaches in 2022.To read this article in full, please click here | Ransomware Hack | ★★ | |
 |
2023-01-05 17:14:37 | Twitter: Millions of users\' email addresses \'stolen\' in data hack (lien direct) | Reports suggest more than 200 million sets of data were taken and are being given away on an online forum. | Hack | ★★ | |
 |
2023-01-05 11:35:01 | Roblox Prison, 3DS RCE, Puckungfu, Google Home Wiretaps, & Lastpass Hack - PSW #768 (lien direct) | Reports suggest more than 200 million sets of data were taken and are being given away on an online forum. | Hack | LastPass | ★ |
|
2023-01-03 19:39:05 | Scripps Health, Avalon Healthcare reach settlements after data breaches (lien direct) | Avalon Healthcare settled with state regulators after its 2019 email hack due to failing to timely report, while Scripps Health will pay $3.5 million after its 2021 data theft tied to ransomware. | Hack | ★★ |
To see everything:
Our RSS (filtrered)
