Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-02-20 10:21:02 |
NoRelationship phishing attack dances around Microsoft Office 365 email filters (lien direct) |
Small changes to relationship files manage to foil scans for malicious links. |
|
|
|
|
2019-02-20 08:20:05 |
Microsoft reveals new APT28 cyber-attacks against European political entities (lien direct) |
Microsoft also expands AccountGuard security service for political entities in 12 European countries. |
|
APT 28
|
|
|
2019-02-20 00:51:04 |
POS firm says hackers planted malware on customer networks (lien direct) |
Nearly 140 bars, restaurants, and coffee shops all over the US have had POS systems infected with malware. |
Malware
|
|
|
|
2019-02-19 23:14:05 |
Congress wants Facebook to explain why closed groups leaked user data (lien direct) |
Little-known user data leak uncovered in July 2018 comes back to haunt Facebook. |
|
|
|
|
2019-02-19 19:50:00 |
Malvertising campaign hits US users hard over Presidents\' Day weekend (lien direct) |
Cyber-security firm Confiant reports as many as 800 million malicious ad impressions recorded over a three-day period. |
|
|
|
|
2019-02-19 13:24:00 |
Splunk pulls out of Russia with mysterious statement (lien direct) |
Company to honor ongoing contracts, but the long term plan is to stop selling Splunk access to Russian companies. |
|
|
|
|
2019-02-19 13:14:03 |
This malware turns ATM hijacking into a slot machine game (lien direct) |
WinPot can force infected ATMs to automatically dispense cash. Just spin. |
Malware
|
|
|
|
2019-02-19 12:00:00 |
Microsoft\'s M12 leads $15m funding round for cyberfraud startup nsKnox (lien direct) |
nsKnox intends to use the cash injection to boost its global footprint in the cybersecurity arena. |
|
|
|
|
2019-02-19 11:53:00 |
You have around 20 minutes to contain a Russian APT attack (lien direct) |
Russian state hackers don't leave room for error in your cyber-security defenses. |
|
|
|
|
2019-02-19 11:32:01 |
LandMark White data breach could impact Westpac property service customers (lien direct) |
Westpac Group says names, addresses, and contact details may have been exposed through the third party breach. |
Data Breach
|
|
|
|
2019-02-19 09:51:00 |
Bitdefender releases third GandCrab ransomware free decrypter in the past year (lien direct) |
Recent decrypter update lets victims who got infected with GandCrab between November 2018 and February 2019 recover files without paying the ransom demand. |
Ransomware
|
|
|
|
2019-02-19 00:53:00 |
Rietspoof malware spreads via Facebook Messenger and Skype spam (lien direct) |
Avast researchers spot new malware spreading via instant messaging clients. |
Spam
Malware
|
|
|
|
2019-02-18 17:34:03 |
Tor traffic from individual Android apps detected with 97 percent accuracy (lien direct) |
New machine learning algorithm can detect when you're using a specific app, such as YouTube, Instagram, Spotify, others. |
|
|
|
|
2019-02-18 11:09:04 |
Google Earth accidentally reveals secret military sites (lien direct) |
The sites offer a glimpse of missiles and launchers in excruciating detail. |
|
|
|
|
2019-02-18 11:03:00 |
White hats spread VKontakte worm after social network doesn\'t pay bug bounty (lien direct) |
VKontakte flooded with spam over Valentine's Day as part of a revenge prank. |
Spam
|
|
|
|
2019-02-18 09:33:01 |
Key takeaways from damning UK report on Facebook\'s world of “digital gangsters” (lien direct) |
The committee report on fake news and data misuse says Facebook maximizes revenue “at all costs” -- even when the cost is user privacy and trust. |
|
|
|
|
2019-02-17 14:05:00 |
Hacker puts up for sale third round of hacked databases on the Dark Web (lien direct) |
Hacker is selling 93 million user records from eight companies, including GfyCat. |
|
|
|
|
2019-02-15 21:57:02 |
Google working on new Chrome security feature to \'obliterate DOM XSS\' (lien direct) |
Google announces Trusted Types browser API, a new defense against DOM-based XSS attacks. |
|
|
|
|
2019-02-15 18:11:00 |
GAO gives Congress go-ahead for a GDPR-like privacy legislation (lien direct) |
Government officials, academia, and advocacy groups say it's time for the US to get its own GDPR-type law. |
|
|
|
|
2019-02-15 14:34:05 |
Thousands of Android apps permanently record your online activity for ad targeting (lien direct) |
Your unique ID is being connected to devices to create an immutable record even when you ask for your history to be forgotten. |
|
|
|
|
2019-02-15 12:50:00 |
Facebook tackles developer databases leaking at least one million user records (lien direct) |
The external databases were used by Android app developers who harvested and stored user data. |
|
|
|
|
2019-02-15 11:00:00 |
Microsoft removes eight cryptojacking apps from official store (lien direct) |
Eight Windows 10 apps removed from the Microsoft Store after getting caught mining Monero behind users' backs. |
|
|
|
|
2019-02-14 23:02:01 |
Hackers tried to steal €13 million from Malta\'s Bank of Valletta (lien direct) |
Hackers tried to send funds to banks in the UK, the US, the Czech Republic, and Honk Kong. Transactions are being reverted. |
|
|
|
|
2019-02-14 21:03:00 |
127 million user records from 8 companies put up for sale on the dark web (lien direct) |
The same individual sold 620 million user accounts from 16 other companies earlier this week. |
|
|
|
|
2019-02-14 18:17:00 |
Chinese company leaves Muslim-tracking facial recognition database exposed online (lien direct) |
Researcher finds one of the databases used to track Uyghur Muslim population in Xinjiang. |
|
|
|
|
2019-02-14 16:34:00 |
GandCrab ransomware gang infects customers of remote IT support firms (lien direct) |
At least 126 managed service providers forgot to update a plugin back in 2017 and are now vulnerable to attacks. |
Ransomware
|
|
|
|
2019-02-14 14:17:02 |
Today in thoughtcrime: UK bill makes clicking on \'terrorism\' links worth a jail term (lien direct) |
Opinion: One click may be enough to ensure prosecution in the future, and this is one step too far towards rampant censorship. |
|
|
|
|
2019-02-14 12:33:04 |
Emotet malware tweaks tactics in fresh attack wave (lien direct) |
The threat distribution platform has introduced a new method to snare the unsuspecting. |
Malware
Threat
|
|
|
|
2019-02-14 10:52:05 |
MacOS Trojan disables Gatekeeper to deploy malicious payloads (lien direct) |
Shlayer has been spreading as a fake Adobe Flash update. |
|
|
|
|
2019-02-14 10:42:04 |
Another WordPress commercial plugin gets exploited in the wild (lien direct) |
The large number of WordPress commercial plugins are creating a new attack surface on the WordPress site landscape. |
|
|
|
|
2019-02-13 19:25:04 |
Google Play Store app rejections up 55% from last year, app suspensions up 66% (lien direct) |
80% of Google Play Store policy violations caused by repeat offenders |
|
|
|
|
2019-02-13 17:58:01 |
Game of Thrones hacker worked with US defector to hack Air Force employees for Iran (lien direct) |
Former US Air Force intelligence agent passed crucial information to Iranian state hackers after she defected to Iran in 2013. |
Hack
|
|
|
|
2019-02-13 13:00:01 |
This Trojan exploits antivirus software to steal your data (lien direct) |
Astaroth disguises itself as image and GIF files to infect PCs. |
|
|
|
|
2019-02-13 13:00:00 |
One in three enterprises can\'t protect themselves from data breaches (lien direct) |
Ponemon says that a third of companies do not believe they could fend off a data-stealing cyberattack in 2019. |
|
|
|
|
2019-02-13 11:37:01 |
Adobe\'s massive patch update fixes critical Acrobat, Reader bugs (lien direct) |
The February security release resolves 44 critical vulnerabilities in Adobe software. |
|
|
|
|
2019-02-13 11:27:01 |
FBI arrests second Apophis Squad hacker in the US (lien direct) |
First hacker already serving a three-year prison sentence in the UK. |
|
|
|
|
2019-02-13 09:10:04 |
Xiaomi electric scooters vulnerable to remote hijacking (lien direct) |
Researchers say the vehicle's authentication protocols leave much to be desired. |
|
|
|
|
2019-02-13 01:33:05 |
New macOS security flaw lets malicious apps steal your Safari browsing history (lien direct) |
Vulnerability is not remotely exploitable. Users need to install a malicious app beforehand. Exploitation details have been shared privately with Apple's security team last week. |
Vulnerability
|
|
|
|
2019-02-12 22:37:04 |
Dirty Sock vulnerability lets attackers gain root access on Linux systems (lien direct) |
After Dirty COW caused headaches in 2016, now Linux sysadmins have to worry about Dirty Sock. |
Vulnerability
|
|
|
|
2019-02-12 20:33:04 |
Microsoft February Patch Tuesday fixes 77 security flaws, including IE zero-day (lien direct) |
Microsoft's February security updates address 76 bugs, 20 of which have been classified as "critical." |
|
|
|
|
2019-02-12 15:37:00 |
Researchers hide malware in Intel SGX enclaves (lien direct) |
Research team also publish proof-of-concept code for enclave malware on GitHub. |
Malware
|
|
|
|
2019-02-12 10:59:00 |
Hackers wipe US servers of email provider VFEmail (lien direct) |
Hackers did not ask for a ransom. VFEmail described the incident as "attack and destroy." |
|
|
|
|
2019-02-12 09:34:05 |
Micropatch released for Adobe Reader zero-day vulnerability (lien direct) |
The 0patch fix temporarily patches a data-stealing exploit in Adobe Reader. |
Vulnerability
|
|
|
|
2019-02-12 01:43:01 |
Dunkin\' Donuts accounts compromised in second credential stuffing attack in three months (lien direct) |
Hacked Dunkin' Donuts accounts are now being sold on Dark Web forums. |
|
|
|
|
2019-02-11 23:41:00 |
Microsoft & Google expand security tools to political parties in Canada & Europe (lien direct) |
Microsoft extends AccountGuard to Canada while Google expands Project Shield to EU Parliament political campaigns. |
|
|
|
|
2019-02-11 21:10:03 |
WordPress plugin flaw lets you take over entire sites (lien direct) |
Vulnerability found in social sharing plugin named "Simple Social Buttons," installed on more than 40,000 WordPress sites. |
Vulnerability
|
|
|
|
2019-02-11 15:48:03 |
Microsoft: 70 percent of all security bugs are memory safety issues (lien direct) |
Percentage of memory safety issues has been hovering at 70 percent for the past 12 years. |
|
|
|
|
2019-02-11 12:18:03 |
Winnie The Pooh takes over Reddit due to Chinese investment, censorship fears (lien direct) |
You will probably never see as many Winnie The Pooh memes in one place ever again. |
|
|
|
|
2019-02-11 00:33:01 |
Russia to disconnect from the internet as part of a planned test (lien direct) |
Russia's internet contingency plan gets closer to reality. |
|
|
|
|
2019-02-10 18:37:04 |
Microsoft: Improved security features are delaying hackers from attacking Windows users (lien direct) |
If a vulnerability is exploited, it is most likely going to be exploited as zero-day, or an old security bug for which users and companies have had enough time to patch. |
Vulnerability
|
|
|