What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-09-10 14:23:00 | Mirai, Gafgyt Botnets Return to Target Infamous Apache Struts, SonicWall Flaws (lien direct) | By implementing the "Equifax bug," it's the first known time a Mirai IoT botnet variant has targeted an Apache Struts vulnerability. | Equifax | ||
|
2018-09-07 21:11:03 | \'Domestic Kitten\' Mobile Spyware Campaign Aims at Iranian Targets (lien direct) | Spreading via fake Android apps, the malware lifts a range of sensitive information from victims' devices. | Malware | ||
|
2018-09-07 19:01:03 | Open .Git Directories Leave 390K Websites Vulnerable (lien direct) | An exhaustive scan shows hundreds of thousands of websites potentially exposing sensitive data such as database passwords, API keys and so on. | |||
|
2018-09-07 15:36:04 | British Airways Website, Mobile App Breach Compromises 380k (lien direct) | The airline said information like name, address and bank card details like CVC code were compromised. | |||
|
2018-09-07 14:00:01 | Threatpost News Wrap Podcast For Sept. 7 (lien direct) | The Threatpost team breaks down the biggest news from the week ended Sept. 7. | |||
|
2018-09-07 13:08:01 | Threat Actors Eyeing IQY Files To Peddle Malspam (lien direct) | The Necurs Botnet, DarkHydrus and other threat actors are turning to the inconspicuous files. | Threat | ||
|
2018-09-07 12:00:05 | Top MacOS App Exfiltrates Browser Histories Behind Users\' Backs (lien direct) | A macOS App called Adware Doctor blocks ads, but share's user browser history with a China-based domain. | |||
|
2018-09-07 11:00:04 | ThreatList: Attacks on Industrial Control Systems on the Rise (lien direct) | The main source of infection on industrial control systems was the internet, researchers at Kaspersky Lab found in a new report. | |||
|
2018-09-06 23:00:05 | U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy (lien direct) | The DoJ said a DPRK spy, Park Jin-hyok, was involved in “a conspiracy to conduct multiple destructive cyberattacks around the world." | APT 38 | ||
|
2018-09-06 16:01:03 | Active Spy Campaign Exploits Unpatched Windows Zero-Day (lien direct) | The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed. | |||
|
2018-09-06 14:34:02 | Mozilla Patches Critical Code Execution Bug in Firefox 62 (lien direct) | The update includes nine security patches overall. | |||
|
2018-09-06 11:30:05 | High-Severity Flaws in Cisco Secure Internet Gateway Service Patched (lien direct) | The two bugs were disclosed Wednesday in Cisco Umbrella, the tech giant's cloud-based security service. | |||
|
2018-09-05 21:04:04 | OilRig Sends an OopsIE to Mideast Government Targets (lien direct) | The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. | APT 34 | ||
|
2018-09-05 18:34:04 | Google Rolls Out 40 Fixes with Chrome 69 (lien direct) | The official release of the version includes 40 fixes, seven of which are rated "High." | |||
|
2018-09-05 17:48:00 | Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild (lien direct) | A Monero cryptomining script is spreading in an ongoing campaign using the recently disclosed critical remote command-execution flaw. | |||
|
2018-09-05 17:03:00 | The Vulnerability Disclosure Process: Still Broken (lien direct) | Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits. | Vulnerability | ||
|
2018-09-05 11:00:01 | Tiny Island Atoll\'s Domain Used in Widespread Ad Fraud (lien direct) | The campaign is believed to bring in close to $22,000 per month for bad actors. | |||
|
2018-09-04 20:21:01 | Multiple Remote Code-Execution Flaws Patched in Opsview Monitor (lien direct) | Five flaws were disclosed Tuesday in monitoring software Opsview Monitor. | |||
|
2018-09-04 18:34:01 | Thousands of MikroTik Routers Hijacked for Eavesdropping (lien direct) | Using a known vulnerability, the threat actor is listening to a variety of ports. | Threat | ||
|
2018-09-04 17:49:05 | ThreatList: 60% of BEC Attacks Fly Under the Radar (lien direct) | The report also found that simply protecting employees in sensitive departments is not sufficient to protect against BEC. | |||
|
2018-09-04 10:00:04 | \'CamuBot\' Banking Malware Ups the Trojan Game with Biometric Bypass (lien direct) | CamuBot is a unique malware targeting Brazilian bank customers that attempts to bypass biometric account protections. | Malware | ||
|
2018-09-03 12:49:03 | APT10 Under Close Scrutiny as Potentially Linked to Chinese Ministry of State Security (lien direct) | An advanced threat actor has been associated with China's Ministry of State Security via two individuals and a Chinese firm. | Threat | APT 10 | |
|
2018-07-12 15:15:04 | Chrome Now Features Site Isolation to Defend Against Spectre (lien direct) | A new feature called site isolation is being tapped to protect Chrome users against Spectre. | |||
|
2018-07-01 19:19:03 | Bug Bounty Programs Turn Attention to Data Abuse (lien direct) | More companies – particularly social media firms – may follow Facebook's footsteps in turning to bug bounty programs to scout out any data privacy abuse on their platforms, experts say. | |||
|
2018-07-01 18:58:00 | MacOS Malware Targets Cryptocurrency Community on Slack, Discord (lien direct) | New macOS malware targets crypto community via chat networks Slack and Discord. | Malware | ||
|
2018-06-29 17:51:04 | EFF Sues to Repeal Controversial Online Sex Trafficking FOSTA Law (lien direct) | The Electronic Frontier Foundation on Thursday announced a lawsuit against the recently passed controversial FOSTA law. | |||
|
2018-06-29 16:27:05 | Rowhammer Variant \'RAMpage\' Targets Android Devices All Over Again (lien direct) | The attack allows malicious applications to break out of their sandbox and access the entire operating system, giving an adversary complete control of the targeted device. | |||
|
2018-06-28 19:06:00 | Norwegian Agency Dings Facebook, Google For “Unethical” Privacy Tactics (lien direct) | Facebook and Google are doing anything they can to nudge users away from data privacy, a Norwegian agency alleged in a new report. | |||
|
2018-06-28 17:38:00 | Rewards Points Targeted by Teens in Hack of 500K Accounts (lien direct) | The two teens used the rewards points built up in the accounts to make purchases, before selling the account credentials on the Dark Web. | Hack | ||
|
2018-06-28 14:41:04 | Ticketmaster Chat Feature Leads to Credit-Card Breach (lien direct) | Name, address, email address, telephone number, payment details and Ticketmaster login details were potentially compromised for tens of thousands of customers. | |||
|
2018-06-28 13:02:03 | Reality Winner, N.S.A. Contractor, Sentenced to 5+ Years in Leak Case (lien direct) | A former National Security Agency contractor pleaded guilty Tuesday to espionage, becoming the first person to be prosecuted under the Trump administration for leaking classified information. | Guideline | ||
|
2018-06-27 18:26:03 | WebAssembly Changes Could Ruin Meltdown and Spectre Browser Patches (lien direct) | The planned threading in shared memory update gives bad actors a way around the timer mitigations released by browser vendors. | |||
|
2018-06-26 21:51:03 | Mozilla Announces Firefox Monitor Tool Testing, Firefox 61 (lien direct) | Mozilla is testing a new tool that securely checks to see if users' accounts have been hacked. | Tool | ||
|
2018-06-26 15:14:01 | Simple Security Flaws Could Steer Ships Off Course (lien direct) | A PoC shows how ships could be hacked and fooled into changing direction - all due to simple security issues. | |||
|
2018-06-25 20:02:05 | WannaCry Extortion Fraud Reemerges (lien direct) | The emails claim that all of the victim's devices have been hacked and infected with the infamous ransomware -- and then ask for Bitcoin to "fix" it. | Ransomware | Wannacry | |
|
2018-06-25 16:12:00 | UK Tax Agency Collects 5.1M Biometric Voice IDs, May Violate GDPR (lien direct) | The agency doesn't ask for explicit consent to collect the voiceprints; and, the deletion and erasure process lacks transparency. | |||
|
2018-06-22 20:44:00 | Fortnite Fraudsters Infest the Web with Fake Apps, Scams (lien direct) | Malefactors have doubled down on duping Fortnite enthusiasts, releasing YouTube videos with links to scam versions of the game. And that's not all. | |||
|
2018-06-22 19:09:01 | Malicious App Infects 60,000 Android Devices – But Still Saves Their Batteries (lien direct) | A battery-saving app enables attackers to snatch text messages and read sensitive log data - but it also holds true to its advertising. | |||
|
2018-06-22 17:40:00 | Supreme Court Bolsters Mobile-Phone Privacy Rights (lien direct) | Supreme Court decision requires law enforcement to obtain a warrant to gain access to cellphone records for tracking citizens. | |||
|
2018-06-22 17:13:02 | DDoS-Happy \'Bitcoin Baron\' Sentenced to Almost 2 Years in Jail (lien direct) | Far from being a simple hacktivist filled with an impulse for social justice, a different picture emerges when his activity is collated together. | |||
|
2018-06-22 15:35:05 | Roku TV, Sonos Speaker Devices Open to Takeover (lien direct) | The Roku streaming video device and the Sonos Wi-Fi speakers suffer from the same DNS rebinding flaw reported in Google Home and Chromecast devices earlier this week. | |||
|
2018-06-21 20:47:05 | Sneaky Web Tracking Technique Under Heavy Scrutiny by GDPR (lien direct) | Don't expect tracking methods such as browser fingerprinting to disappear anytime soon, even with GDPR, warns the EFF. | |||
|
2018-06-21 18:36:04 | Financial Services Sector Rife with Hidden Tunnels (lien direct) | Attackers use the approach to look like legitimate traffic and hide data exfiltration in plain sight. | |||
|
2018-06-20 19:43:04 | New Phishing Scam Reels in Netflix Users to TLS-Certified Sites (lien direct) | Researchers are warning of a new Netflix phishing scam that leads to sites with valid TLS certificates. | Guideline | ||
|
2018-06-20 17:12:03 | Mylobot Botnet Emerges with Rare Level of Complexity (lien direct) | A new botnet from the Dark Web displays a never-before-seen level of complexity in terms of the sheer breadth of its various tools. | |||
|
2018-06-19 21:58:03 | APT15 Pokes Its Head Out With Upgraded MirageFox RAT (lien direct) | This is the first evidence of the China-linked threat actor's activity since hacked the U.K. government and military in 2017 (which wasn't made public until 2018). | APT 15 | ||
|
2018-06-19 21:05:03 | When It Comes To IoT Security, Liability Is Muddled (lien direct) | The onus behind IoT security has become so muddled that no one knows who to point fingers at. | |||
|
2018-06-19 19:29:05 | Olympic Destroyer Returns to Target Biochemical Labs (lien direct) | The threat actors appear to be in a reconnaissance phase, which could be a prelude to a larger cyber-sabotage attack meant to destroy and paralyze infrastructure. | |||
|
2018-06-18 20:57:02 | “Unbreakable” Smart Lock Tapplock Issues Critical Security Patch (lien direct) | Researchers were able to discover a way to hack the device in less than an hour. | |||
|
2018-06-18 20:38:00 | Google Home, Chromecast Leak Location Information (lien direct) | The devices don't require authentication for connections received on a local network; and, HTTP is used to configure or control embedded devices. |
To see everything:
Our RSS (filtrered)
