What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-11-16 17:57:00 | Critical WordPress Flaw Grants Admin Access to Any Registered Site User (lien direct) | The privilege-escalation vulnerability would allow an attacker to inject malware, place ads and load custom code on an impacted website. | Vulnerability | ★★★★★ | |
|
2018-11-16 16:42:04 | Lock-Screen Bypass Bug Quietly Patched in Handsets (lien direct) | The flaw in a high-end phones and up-and-coming handsets made by top OEMs allows hackers to bypass handset lock screens in seconds. | |||
|
2018-11-15 22:53:03 | tRat Emerges as New Pet for APT Group TA505 (lien direct) | The modular malware seems to be in a testing phase, but TA505's interest made researchers take note. | Malware | ||
|
2018-11-15 17:34:02 | Managing the Risk of IT-OT Convergence (lien direct) | Why manufacturing and logistics are especially challenged. | |||
|
2018-11-15 17:04:04 | Connected Wristwatch Allows Hackers to Stalk, Spy On Children (lien direct) | "Our advice is to stop using this watch" as mitigations are not available, researchers told Threatpost. | |||
|
2018-11-15 16:19:00 | Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers (lien direct) | As consumers skip the store crowds in favor of online deals, cyberattackers have geared up to victimize them. | Malware | ||
|
2018-11-14 22:39:03 | Bitcoin Giveaway Scam Balloons, with Google the Latest Victim (lien direct) | A slew of verified Twitter accounts have been hijacked and altered, used to tweet out a bogus Bitcoin giveaway scam. | |||
|
2018-11-14 22:31:03 | Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers (lien direct) | Hacker contest earns participants $325,000 based on the discovery of 18 vulnerabilities. | |||
|
2018-11-14 17:40:01 | Siemens Patches Firewall Flaw That Put Operations at Risk (lien direct) | The industrial company on Tuesday released mitigations for eight vulnerabilities overall. | |||
|
2018-11-13 22:10:04 | Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2 (lien direct) | Microsoft's November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack. | Vulnerability | ||
|
2018-11-13 17:44:04 | Google\'s G Suite, Search and Analytics Taken Down in Hijacking (lien direct) | Google cloud business customers were impacted by a Border Gateway Protocol hijacking. | |||
|
2018-11-13 16:44:01 | Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC (lien direct) | Overall, the company released only three patches as part of its regularly-scheduled November update. | ★★ | ||
|
2018-11-13 14:39:01 | Podcast: IoT Firms Face a \'Tidal Wave\' of Lawsuits, Attorney Explains (lien direct) | An attorney in the infamous 2015 Jeep hack predicts that more lawsuits related to IoT security are looming in the future. | Hack | ||
|
2018-11-12 22:07:02 | Emotet Campaign Ramps Up with Mass Email Harvesting Module (lien direct) | The new variant can exfiltrate emails for a period going back 180 days, en masse. | |||
|
2018-11-12 17:50:04 | U.S. Chip Cards Are Being Compromised in the Millions (lien direct) | A full 60 million U.S. cards were compromised in the past 12 months. While 93 percent of those were EMV chip-enabled, merchants continued to use mag stripes. | |||
|
2018-11-12 17:13:00 | Malware-Laced App Lurked on Google Play For a Year (lien direct) | Google Play's policy prohibits apps or SDKs that download executable code, such as dex files or native code, from a source other than Google Play | |||
|
2018-11-12 15:52:02 | New Boom in Facial Recognition Tech Prompts Privacy Alarms (lien direct) | Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. | |||
|
2018-11-09 22:50:04 | Lawsuits Aim Billions in Fines at Equifax and Ad-Targeting Companies (lien direct) | The results could start a wave of major damages for companies that collect and sell consumer information. | Equifax | ||
|
2018-11-09 22:16:02 | Recently-Patched Adobe ColdFusion Flaw Exploited By APT (lien direct) | The critical vulnerability, which was patched earlier in September, has put ColdFusion servers at risk. | |||
|
2018-11-09 17:28:05 | ThreatList: Google Play Nine Times Safer Than Third-Party App Stores (lien direct) | Out of the 2 billion Android users out there, the rate of potential malware infection is less than 1 percent across the board, Google says. | Malware | ||
|
2018-11-09 17:20:00 | (Déjà vu) Threatpost News Wrap Podcast for Nov. 9 (lien direct) | The Threatpost editors break down the top news stories from this week. | |||
|
2018-11-09 17:13:00 | Embracing the Cybersecurity \'Grey Space\' (lien direct) | Security teams carefully monitor potential threat activity, but incidents aren't always black and white. | Threat | ||
|
2018-11-08 21:56:00 | Pentagon Draws Back the Veil on APT Malware with Sudden Embrace of VirusTotal (lien direct) | Two samples have already been added to the malware zoo, indicating a new openness from the federal government when it comes to cyber. | Malware | ||
|
2018-11-08 17:39:00 | Cisco Accidentally Released Dirty Cow Exploit Code in Software (lien direct) | Cisco revealed that it had "inadvertently" shipped an in-house exploit code that was used in test scripts as part of its TelePresence Video Communication Server and Expressway Series software. | |||
|
2018-11-08 16:39:04 | \'DerpTroll\' Faces 10 Years in Prison for DDoSing Gaming Sites as a Teen (lien direct) | He admitted to taking Steam, EA Origin and Sony Online Entertainment offline in 2013 and 2014, causing at least $95,000 in damages. | |||
|
2018-11-08 14:29:00 | DJI Patches Forum Bug That Allowed Drone Account Takeovers (lien direct) | Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers. | |||
|
2018-11-08 14:04:01 | Podcast: Troy Hunt Talks Bad Passwords – and Who\'s to Blame for Them (lien direct) | Troy Hunt sounds off on how both consumers and services have a joint role in creating and enforcing strong passwords. | |||
|
2018-11-08 13:52:00 | Apple Modernizes Its Hardware Security with T2 (lien direct) | Apple has widened the range of Macs running its T2 security chip. Is macOS finally catching up with other platforms when it comes to secure computing? | |||
|
2018-11-07 19:26:02 | Program Looks to Tap Military Vets for Cyber-Jobs (lien direct) | The training and job-matching effort is a public-private partnership to address a growing workforce gap. | |||
|
2018-11-07 16:33:05 | WordPress Flaw Opens Millions of WooCommerce Shops to Takeover (lien direct) | A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce. | Vulnerability | ||
|
2018-11-07 16:23:02 | Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw (lien direct) | A sophisticated proxy code has infected hundreds of thousands of devices already. | |||
|
2018-11-06 22:53:03 | HSBC Data Breach Hits Online Banking Customers (lien direct) | The data breach includes names, addresses, transaction histories, account information and more. | Data Breach | ||
|
2018-11-06 20:51:01 | ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers (lien direct) | One-third of respondents in a new poll said that have been a victim of fraud or identity theft in the past. | |||
|
2018-11-06 16:15:03 | U.S. Elections True Test for Facebook\'s Disinformation Crackdown (lien direct) | Facebook continues to address the challenges faced during the 2016 election. | ★★ | ||
|
2018-11-06 13:27:01 | Apache Struts Warns Users of Two-Year-Old Vulnerability (lien direct) | Users must update their vulnerable libraries manually. | Vulnerability | ||
|
2018-11-05 21:27:00 | Online Radio Stations at Risk from Icecast Flaw (lien direct) | A buffer overflow bug could silence online stations. | |||
|
2018-11-05 17:59:03 | Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections (lien direct) | Concerns over midterm election tampering reach a boiling point in the days leading up to actual voting. | Guideline | ||
|
2018-11-05 17:56:00 | PortSmash Side-Channel Attack Siphons Data From Intel, Other CPUs (lien direct) | An exploit was released for a flaw existing in a process in CPUs called Simultaneous Multithreading (SMT). | |||
|
2018-11-05 17:51:01 | Passwords: Here to Stay, Despite Smart Alternatives? (lien direct) | "Password-killing" authentication efforts may be on a road to nowhere. | |||
|
2018-11-02 20:39:03 | Facebook Blames Malicious Extensions in Breach of 81K Private Messages (lien direct) | Investigators posed as buyers and were offered the messages at 10 cents per Facebook account. | |||
|
2018-11-02 16:50:05 | Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild (lien direct) | A high severity zero-day flaw exists in Cisco System's SIP inspection engine. | |||
|
2018-11-02 15:16:03 | ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady (lien direct) | Meanwhile, Saturday now is the most “dangerous” day of the week for DDoS attacks. | |||
|
2018-11-01 21:50:01 | Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities (lien direct) | Five of them allow remote compromise of the IoT gadgets, so attackers can intercept video feeds and more. | |||
|
2018-11-01 21:31:01 | GDPR\'s First 150 Days Impact on the U.S. (lien direct) | Weighing the impact of GDPR and how the historic legislation has shaped privacy protection measures in the U.S., so far. | |||
|
2018-11-01 16:37:03 | Utilities, Energy Sector Attacked Mainly Via IT, Not ICS (lien direct) | Stealing administrative credentials to carry out months-long spy campaigns is a top threat. | ★★★★ | ||
|
2018-11-01 15:44:05 | PoC Exploit Compromises Microsoft Live Accounts via Subdomain Hijacking (lien direct) | Poor DNS housekeeping opens the door to account takeover. | |||
|
2018-11-01 15:20:00 | Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack (lien direct) | Called BleedingBit, this vulnerability impacts wireless networks used in a large percentage of enterprise companies. | Vulnerability | ||
|
2018-10-31 16:52:04 | Apple Fixes Multiple macOS, iOS Bugs Including a Quirky FaceTime Bug (lien direct) | Security updates across all Apple platforms released alongside its new products. | |||
|
2018-10-31 15:38:02 | Kraken Ransomware Upgrades Distribution with RaaS Model (lien direct) | The Kraken ransomware author has released a second version of the malicious code, along with a unique affiliate program on the Dark Web. According to research into Kraken v.2 the new version is being promoted in a ransomware-as-a-service (RaaS) model to underground forum customers, via a video demoing its capabilities. Those interested can complete a […] | Ransomware | ||
|
2018-10-30 21:10:03 | Square, PayPal POS Hardware Open to Multiple Attack Vectors (lien direct) | Popular card readers like Square and PayPal have various flaws that allow attacks ranging from fraud to card data theft. | ★★★★★ |
To see everything:
Our RSS (filtrered)
