What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-27 16:42:03 | Cisco Patches High-Severity Webex Vulnerability For Third Time (lien direct) | Third time's hopefully a charm for Cisco, which has patched a high-severity flaw once again in its Webex video conferencing platform. | Vulnerability | ||
|
2019-02-27 15:45:02 | Thunderclap Flaws Shatter Peripheral Security (lien direct) | Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals. | |||
|
2019-02-27 12:30:04 | Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks (lien direct) | The China-linked threat group has returned in 2018 using updated RATs to launch its attacks, including ZxShell, Gh0st RAT, and SysUpdate malware. | Threat | APT 27 | |
|
2019-02-26 18:46:01 | \'Cloudborne\' IaaS Attack Allows Persistent Backdoors in the Cloud (lien direct) | A known vulnerability combined with a weakness in bare-metal server reclamation opens the door to powerful, high-impact attacks. | Vulnerability | ||
|
2019-02-26 16:33:05 | High-Severity SHAREit App Flaws Open Files for the Taking (lien direct) | SHAREit has fixed two flaws in its app that allow bad actors to authenticate their devices and steal files from a victim's device. | |||
|
2019-02-26 14:51:00 | Critical WinRAR Flaw Found Actively Being Exploited (lien direct) | The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January. | Spam Vulnerability | ||
|
2019-02-26 11:58:01 | The Dark Sides of Modern Cars: Hacking and Data Collection (lien direct) | How features such as infotainment and driver-assist can give others a leg up on car owners. | |||
|
2019-02-25 20:45:04 | Threatpost Data: Password Managers Are Worth the Risk, Readers Say (lien direct) | A Threatpost reader poll examined risk, vulnerabilities, 2FA, the human element, attitudes on spreadsheets and more when it comes to password managers. | |||
|
2019-02-25 16:39:02 | ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers (lien direct) | The attack threatens users with location-tracking, DoS, fake notifications and more. | |||
|
2019-02-25 14:17:00 | Google Ditches Passwords in Latest Android Devices (lien direct) | Google has announced FIDO2 certification for devices running on Android 7 and above - meaning that users can use biometrics, fingerprint login or PINs instead of passwords. | |||
|
2019-02-22 21:29:02 | Phishing Scam Cloaks Malware With Fake Google reCAPTCHA (lien direct) | Phishing emails target a bank's users with malware - and make their landing page look more legitimate with fake Google reCAPTCHAs. | Malware | ||
|
2019-02-22 21:23:04 | Reddit Gold: Alice and Bob, Caught in a Web of Lies (lien direct) | There was a shocking turn of events in crypto-world. | |||
|
2019-02-22 18:53:00 | Video: HackerOne CEO on the Evolving Bug Bounty Landscape (lien direct) | Threatpost talks to HackerOne CEO Marten Mickos on the EU's funding of open source bug bounty programs, how a company can start a program, and the next generation of bounty hunters. | |||
|
2019-02-22 18:32:00 | Data Breaches of the Week: Tales of PoS Malware, Latrine Status (lien direct) | U.S. and subcontinent consumers were the most affected by this week's exposure revelations. | |||
|
2019-02-22 17:21:01 | Threatpost News Wrap Podcast For Feb. 22 (lien direct) | From password manager vulnerabilities to 19-year-old flaws, the Threatpost team broke down this week's biggest news stories. | |||
|
2019-02-22 12:11:04 | Threatpost Poll: Are Password Managers Too Risky? (lien direct) | Weigh in on password managers with our Threatpost poll. | |||
|
2019-02-21 19:01:05 | ThreatList: Porn-Focused Malware Triples, Dark Web Loves It (lien direct) | Premium-access credentials to porn sites are hot in the cyber-underground, as credential-harvesting malware proliferates. | Malware | ||
|
2019-02-21 17:05:03 | Adobe Re-Patches Critical Acrobat Reader Flaw (lien direct) | Adobe has issued yet another patch for a critical vulnerability in its Acrobat Reader - a week after the original fix. | Vulnerability | ||
|
2019-02-21 15:54:05 | Highly Critical Drupal RCE Flaw Affects Millions of Websites (lien direct) | Admins should update immediately to fix a remote code-execution vulnerability. | |||
|
2019-02-21 15:05:04 | 19-Year-Old WinRAR Flaw Plagues 500 Million Users (lien direct) | Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR. | Tool | ||
|
2019-02-20 21:33:05 | Researcher: Not Hard for a Hacker to Capsize a Ship at Sea (lien direct) | Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners. | |||
|
2019-02-20 20:48:05 | Separ Malware Plucks Hundreds of Companies\' Credentials in Ongoing Phish (lien direct) | An ongoing phishing campaign is targeting hundreds of businesses to steal their email and browser credentials using a simply - but effective - malware. | Malware | ||
|
2019-02-20 20:10:02 | Apple\'s Shazam App Boots Facebook Ads and Other Third-Party SDKs (lien direct) | The music-recognition app that Apple bought for $400 million is removing Facebook Ads, DoubleClick, Facebook Analytics and more. | |||
|
2019-02-20 19:27:05 | Password Manager Firms Blast Back at \'Leaky Password\' Revelations (lien direct) | 1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory. | LastPass | ||
|
2019-02-20 18:34:01 | GitHub Increases Rewards, Scope For Bug-Bounty Program (lien direct) | GitHub is offering unlimited rewards for critical vulnerabilities - and has added "safe harbor" terms to its bug bounty program. | |||
|
2019-02-20 16:16:05 | Microsoft: Russia\'s Fancy Bear Working to Influence EU Elections (lien direct) | As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts. | APT 28 | ||
|
2019-02-19 22:36:01 | Microsoft to Kill Updates for Legacy OS Using SHA-1 (lien direct) | Windows 7 and Windows Server 2008 users are being asked to upgrade their encryption support. | |||
|
2019-02-19 22:07:01 | ThreatList: APT Adversaries Up the Ante on Speed, Target Telecom (lien direct) | Russia-linked actors need just 18 minutes to go from compromise to lateral movement. | |||
|
2019-02-19 19:00:01 | New GandCrab Decryptor Unlocks Files of Updated Ransomware (lien direct) | This is the third update to the prolific GandCrab malware within the past year. | Ransomware Malware | ||
|
2019-02-19 17:23:00 | ATM Jackpotting Malware Hones Its Heist Tools (lien direct) | The WinPot malware takes its cues from slot machines. | Malware | ||
|
2019-02-18 21:26:03 | When Cyberattacks Pack a Physical Punch (lien direct) | Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked? | |||
|
2019-02-16 00:26:03 | Where\'s the Equifax Data? Does It Matter? (lien direct) | Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, indicating a spy job. | Equifax | ||
|
2019-02-15 22:30:01 | Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps (lien direct) | Data-exposure "lowlights" for the week ending Feb. 15, 2019. | Data Breach | Equifax | |
|
2019-02-15 20:19:02 | Eight Cryptojacking Apps Booted From Microsoft Store (lien direct) | The eight apps were secretly stealing victims' CPU power to mine for Monero. | |||
|
2019-02-15 20:04:04 | Tips on How to Fight Back Against DNS Spoofing Attacks (lien direct) | Despite a welcome and needed DNS revamp, preventable abuse continues. | |||
|
2019-02-15 17:15:02 | Trickbot Malware Goes After Remote Desktop Credentials (lien direct) | The banking trojan is consistently evolving in hopes of boosting its efficacy. | Malware | ||
|
2019-02-15 15:27:05 | Ultra-Sneaky Phishing Scam Swipes Facebook Credentials (lien direct) | Researchers warn that the phishing campaign looks "deceptively realistic." | |||
|
2019-02-14 18:33:05 | Ever-Changing Emotet Evolves Again with Fresh Evasion Tactic (lien direct) | It has added the technique of using malicious XML files as its delivery method. | |||
|
2019-02-14 18:20:02 | Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security (lien direct) | A Threatpost poll found that 52 percent don't feel prepared to prevent a mobile security incident from happening. The results reflect a challenging mobile security landscape. | |||
|
2019-02-14 17:27:01 | Coffee Meets Bagel Dating App Warns Users of Breach (lien direct) | The dating site said users' names and email addresses that were added to the system prior to May 2018 may be impacted. | |||
|
2019-02-14 16:32:01 | Google Play Cracks Down on Malicious Apps (lien direct) | Google Play said that app suspensions increased by 66 percent in 2018 on its platform. | |||
|
2019-02-14 12:30:00 | Critical OkCupid Flaw Exposes Daters to App Takeovers (lien direct) | The flaw is only one of many romance-related security issues as bad actors take advantage of Valentine's Day. | |||
|
2019-02-13 22:24:03 | Lenovo Watch X Riddled with Security Vulnerabilities (lien direct) | Researchers have identified multiple security issues with this Lenovo smartwatch. | |||
|
2019-02-13 20:55:00 | ThreatList: Banking Trojans Are Still The Top Big Bad for Email (lien direct) | Banking trojans, led by the ever-changing Emotet, dominated the email-borne threat landscape in Q4, according to Proofpoint. | Threat | ||
|
2019-02-13 15:20:00 | \'Dirty Sock\' Flaw in snapd Allows Root Access to Linux Servers (lien direct) | The issue affects default installations of Ubuntu Server and Desktop and is likely included in many Ubuntu-like Linux distributions. | |||
|
2019-02-13 15:15:05 | Unpatched Apple macOS Hole Exposes Safari Browsing History (lien direct) | There are no permission dialogues for apps in certain folders for macOS Mojave, which allows a malicious app to spy on browsing histories.. | |||
|
2019-02-12 22:59:04 | Siemens Warns of Critical Remote-Code Execution ICS Flaw (lien direct) | The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications. | |||
|
2019-02-12 21:37:04 | Double-Stuffed: Dunkin\' Hit by Another Credential-Stuffing Attack (lien direct) | Dunkin’ Donuts may have just launched its first double-filled doughnut, but another doubling up is not quite as tasty. The chain has suffered its second credential-stuffing attack in three months. Like the first incident, the attack targeted pastry aficionados that have DD Perks accounts, which is Dunkin’s loyalty program. Names, email addresses, 16-digit DD Perks […] | |||
|
2019-02-12 21:34:00 | Microsoft Patches Zero-Day Browser Bug Under Active Attack (lien direct) | In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack. | |||
|
2019-02-12 20:29:01 | Critical WordPress Plugin Flaw Allows Complete Website Takeover (lien direct) | Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22. |
To see everything:
Our RSS (filtrered)
