Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-01-04 09:14:01 |
Adobe squashes critical bugs in Acrobat, Reader (lien direct) |
The critical security flaws can lead to privilege escalation and code execution. |
Guideline
|
|
|
|
2019-01-03 21:37:01 |
Security researcher cracks Google\'s Widevine DRM (L3 only) (lien direct) |
Widevine hack is clever, but it won't spur any waves of Netflix piracy any time soon. |
Hack
|
|
|
|
2019-01-03 16:16:00 |
New ReiKey app can detect macOS keyloggers (lien direct) |
A free macOS keylogger detector for those who can't afford an antivirus just yet. |
|
|
|
|
2019-01-03 14:31:00 |
Dublin\'s Luas tram system threatened with private data leak (lien direct) |
Hackers defaced the Luas website and demanded a ransom in Bitcoin. |
|
|
|
|
2019-01-03 14:06:00 |
\'Town of Salem\' game suffers data breach exposing 7.6 million user details (lien direct) |
Game maker has yet to alert users outside a short forum post. |
Data Breach
|
|
|
|
2019-01-03 12:38:04 |
Revamped cryptominer strikes Asia through EternalBlue exploit (lien direct) |
A new version of the NRSMiner cryptominer is making the rounds by exploiting PCs which are still not patched against the Windows vulnerability. |
|
|
|
|
2019-01-03 07:54:00 |
Google Chrome flaw patched three years after initial report (lien direct) |
Issue: Chrome for Android was revealing firmware build info that could have been used for exploit targeting. |
|
|
|
|
2019-01-02 19:51:03 |
Data of 2.4 million Blur password manager users left exposed online (lien direct) |
Company says data breach didn't expose any actual passwords stored inside users' Blur accounts. |
Data Breach
|
|
|
|
2019-01-02 18:27:00 |
Hacker hijacks thousands of Chromecasts and smart TVs to play PewDiePie ad (lien direct) |
Hacker is targeting smart TVs, Chromecasts, and Google Home devices. Sonos support also coming, hacker said. |
|
|
|
|
2018-12-30 12:44:05 |
Ransomware suspected in cyberattack that crippled major US newspapers (lien direct) |
Source inside Tribune Publishing says printing outage caused by Ryuk ransomware infection. |
Ransomware
|
|
|
|
2018-12-29 18:39:03 |
EU to fund bug bounty programs for 14 open source projects starting January 2019 (lien direct) |
Some of the approved projects include KeePass, 7-zip, VLC Media Player, Drupal, and FileZilla. |
|
|
|
|
2018-12-28 14:33:00 |
Hackers steal personal info of 1,000 North Korean defectors (lien direct) |
Hackers stole names, addresses, and dates of birth of 997 North Korean defectors. |
|
|
|
|
2018-12-28 13:11:04 |
CenturyLink outage takes down several 911 emergency services across the US (lien direct) |
Downtime caused by network issue affecting 15 of CenturyLink's data centers. |
|
|
|
|
2018-12-27 22:00:00 |
2018\'s most high-profile cryptocurrency catastrophes and cyberattacks (lien direct) |
We explore the worst high-profile cyberattacks, data breaches, vulnerabilities, and cases of fraud to strike the cryptocurrency space over 2018. |
|
|
|
|
2018-12-27 14:53:02 |
Users report losing Bitcoin in clever hack of Electrum wallets (lien direct) |
Hacker has stolen over $750,000 worth of Bitcoin over the past seven days. |
Hack
|
|
|
|
2018-12-25 12:08:01 |
(Déjà vu) Hacker steals ten years worth of data from San Diego school district (lien direct) |
Officials said the hacker made off with the personal information of over 500,000 student and staff. |
|
|
|
|
2018-12-25 12:08:00 |
Hacker steals 10 years worth of data from San Diego school district (lien direct) |
Officials said the hacker made off with the personal information of over 500,000 student and staff. |
|
|
|
|
2018-12-24 00:38:00 |
Over 19,000 Orange modems are leaking WiFi credentials (lien direct) |
Headaches for Orange customers in France and Spain for the holidays. |
|
|
|
|
2018-12-23 13:34:03 |
Chrome OS to block USB access while the screen is locked (lien direct) |
Google takes steps to protect Chromebooks from some types of physical access attacks. |
|
|
|
|
2018-12-22 01:21:00 |
Researcher publishes proof-of-concept code for creating Facebook worm (lien direct) |
One group has already been abusing this issue to post spam on users' Facebook walls. |
Spam
|
|
|
|
2018-12-21 23:43:00 |
India authorizes 10 agencies to intercept, monitor, and decrypt citizens\' data (lien direct) |
Order sparks outrage in India with citizens, privacy advocates, and political opponents accusing the government of trying to establish a "surveillance state." |
|
|
|
|
2018-12-21 20:16:00 |
Chinese websites have been under attack for a week via a new PHP framework bug (lien direct) |
PoC for ThinkPHP security flaw sparks furious scans for vulnerable sites, most of which are based in China. |
|
|
|
|
2018-12-21 15:44:05 |
Five other countries formally accuse China of APT10 hacking spree (lien direct) |
Australia, Canada, Japan, New Zealand, and the UK also point the finger at the Beijing government. Germany expected as well. |
|
APT 10
|
|
|
2018-12-20 23:36:03 |
Caribou Coffee chain announces card breach impacting 239 stores (lien direct) |
Almost 40 percent of the company's coffee stores impacted by breach of its POS system. |
|
|
|
|
2018-12-20 18:56:00 |
Law enforcement shut down DDoS booters ahead of annual Christmas DDoS attacks (lien direct) |
Law enforcement launches preemptive strike to shut down some of the DDoS services that may be abused to attack gaming services over the Christmas holiday. |
|
|
|
|
2018-12-20 16:38:00 |
US charges two Chinese nationals for hacking cloud providers, NASA, the US Navy (lien direct) |
The two Chinese nationals were members of the infamous APT10 cyber-espionage group, DOJ said. |
|
APT 10
|
|
|
2018-12-20 14:00:00 |
Nokia denies leaking internal credentials in server snafu (lien direct) |
Security researcher finds treasure trove of passwords and API keys on an internet-accessible etcd database. |
|
|
|
|
2018-12-20 13:53:05 |
Researcher publishes PoC for new Windows zero-day (lien direct) |
This is the third Windows zero-day the researcher dumps online in the last five months. |
|
|
|
|
2018-12-20 09:50:05 |
Hacker spoofing bypasses 2FA security in Gmail, targets secure email services (lien direct) |
Google, Yahoo, and ProtonMail accounts are being targeted in a new wave of phishing attacks. |
|
Yahoo
|
|
|
2018-12-20 06:50:05 |
Chinese hackers tap into EU diplomatic communications network (lien direct) |
The critical COREU network in the bloc has been reportedly compromised by a state-sponsored Chinese hacking group, leading to the theft of internal cables. |
Guideline
|
|
|
|
2018-12-20 05:16:00 |
Shamoon data-wiping malware believed to be the work of Iranian hackers (lien direct) |
Researchers say the Iranian hacker group APT33 is responsible for recent attacks in the Middle East and Europe. |
Malware
|
APT33
APT 33
|
|
|
2018-12-19 20:06:00 |
(Déjà vu) Microsoft releases security update for new IE zero-day (lien direct) |
Microsoft releases out-of-band security update for Internet Explorer zero-day discovered by Google threat analysts. |
Threat
|
|
★★★★
|
|
2018-12-19 17:22:05 |
New attack intercepts keystrokes via graphics libraries (lien direct) |
Attack can guess text input from both hardware and on-screen keyboards alike. |
|
|
|
|
2018-12-19 14:00:00 |
This business email scam spreads Trojans through Google Cloud storage (lien direct) |
Financial firms and services are being actively targeted in the UK and US. |
|
|
|
|
2018-12-19 13:23:03 |
Hackers have earned $1.7 million so far from trading data stolen from US gov payment portals (lien direct) |
User payment data was stolen from local Click2Gov government systems in US cities. |
|
|
|
|
2018-12-19 12:01:04 |
Facebook defends giving tech giants access to extensive user data (lien direct) |
In a story which unfortunately just keeps giving, Facebook has yet again awarded us with a privacy scandal worthy of note. |
|
|
|
|
2018-12-19 11:30:00 |
Watch researchers remotely brick a server by corrupting its BMC & UEFI firmware (lien direct) |
Attack is only a proof-of-concept, but one that can be as damaging as ransomware or disk-wiping malware. |
Ransomware
|
|
|
|
2018-12-19 01:55:02 |
NASA discloses data breach (lien direct) |
Hack took place in October 2018. Agency still doesn't know the number of impacted employees. |
Data Breach
Hack
|
|
|
|
2018-12-18 19:38:04 |
DOD doesn\'t keep track of duplicate or obsolete software (lien direct) |
July 2018 memorandum says DOD has yet to report over 30 percent of its software inventory. |
|
|
|
|
2018-12-18 13:09:02 |
Researchers slam Hola VPN over absent encryption, user IP leaks (lien direct) |
Trend Micro users will now receive a warning over the use of Hola as "unwanted" and risky software. |
|
|
|
|
2018-12-18 05:49:00 |
New machine learning algorithm breaks text CAPTCHAs easier than ever (lien direct) |
Algorithm tested against the text CAPTCHA systems used on 33 popular websites. |
|
|
|
|
2018-12-18 03:10:00 |
Google announces crackdown on Play Store ratings and reviews (lien direct) |
Company said it removes millions of Play Store reviews and ratings on a weekly basis. |
|
|
|
|
2018-12-18 01:52:00 |
WSJ website defaced by PewDiePie fan in ongoing YouTube subscribers battle (lien direct) |
Hacker posts apology on WSJ site and then urges users to follow the YouTube star. |
|
|
|
|
2018-12-18 01:38:00 |
Twitter discloses suspected state-sponsored attack (lien direct) |
Twitter says data leak occurred after an attack targeting a vulnerability in its support form system. |
Vulnerability
|
|
★★
|
|
2018-12-17 07:38:01 |
Insider awarded $10,000 bounty for reporting enterprise software piracy (lien direct) |
It is no longer just the average consumer that might wind up in court for using pirated software. |
|
|
|
|
2018-12-17 06:18:02 |
PewDiePie printer hacker strikes again: subscribe and sort out your security (lien direct) |
The attacker told users to sort out their printer security -- and subscribe to the vlogger "overlord," too. |
|
|
|
|
2018-12-17 01:21:00 |
US ballistic missile systems have very poor cyber-security (lien direct) |
DOD report finds no antivirus, no data encryption, no multifactor authentication. |
|
|
|
|
2018-12-16 15:27:05 |
Thousands of Jenkins servers will let anonymous users become admins (lien direct) |
Two vulnerabilities discovered and patched over the summer expose Jenkins servers to mass exploitation. |
|
|
|
|
2018-12-15 14:51:03 |
\'Bomb threat\' scammers are now threatening to throw acid on victims (lien direct) |
Bomb threat extortion campaign yielded less than $1 for the spammers. |
Threat
|
|
|
|
2018-12-14 23:49:02 |
SQLite bug impacts thousands of apps, including all Chromium-based browsers (lien direct) |
New 'Magellan' vulnerability will haunt the app ecosystem for years to come. |
Vulnerability
|
|
|