Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2016-09-12 18:12:21 |
Thousands of infected FTP servers net attackers $88k in cryptocurrency (lien direct) |
Targets foot hardware and electricity costs of mining Minero coins. |
|
|
|
|
2016-09-09 20:22:29 |
Two critical bugs and more malicious apps make for a bad week for Android (lien direct) |
Google releases fixes for newer devices and ejects apps following reports. |
|
|
|
|
2016-09-09 00:08:08 |
Two men charged with hacking CIA director and other high-ranking officials (lien direct) |
"Crackas with Attitude" members accused of posing as Verizon and FBI support personnel. |
|
|
|
|
2016-09-08 00:45:17 |
Stealing login credentials from a locked PC or Mac just got easier (lien direct) |
20 seconds of physical access with a $50 device is all it takes. |
|
|
|
|
2016-09-07 16:44:13 |
Surprise! House Oversight report blames OPM leadership for breach of records (lien direct) |
OPM failed to set up "basic cyber hygiene;" Dems say contractors share blame. |
|
|
|
|
2016-09-07 12:01:14 |
Meet PocketBlock, the crypto engineering game for kids of all ages (lien direct) |
When you're a cryptographer, telling your preteen kids what you do isn't easy. |
|
|
|
|
2016-09-06 13:46:12 |
98 million passwords from 2012 breach of “Russia\'s Yahoo†Rambler.ru leaked (lien direct) |
News, e-mail portal used no encryption to protect passwords (at least before breach). |
|
Yahoo
|
★★★★★
|
|
2016-09-02 21:20:34 |
Feds pin brazen kernel.org intrusion on 27-year-old programmer (lien direct) |
Indictment comes five years after mysterious breach of the Linux repository. |
|
|
|
|
2016-09-02 16:53:00 |
OpenOffice, after years of neglect, could shut down (lien direct) |
As LibreOffice soars, OpenOffice management considers retiring the project. |
|
|
|
|
2016-09-02 15:00:25 |
Over 40 million usernames, passwords from 2012 breach of Last.fm surface (lien direct) |
While Last.fm informed users in 2012, passwords were easily cracked. |
|
|
|
|
2016-09-01 22:30:41 |
Golden State Warriors Android app constantly listens to nearby audio, fan says [Updated] (lien direct) |
Official app of the NBA's Golden State Warriors is the subject of a federal lawsuit. |
|
|
|
|
2016-09-01 20:50:12 |
“Foghorn†takes users out of phish-fighting with DNS “greylisting†(lien direct) |
Prototype security tool stops clicks on bad links, blocking DNS lookup for 24 hours. |
|
|
|
|
2016-08-31 21:46:59 |
New attack steals private crypto keys by corrupting data in computer memory (lien direct) |
Existing crypto software "wholly unequipped" to counter Rowhammer attacks. |
|
|
|
|
2016-08-31 19:01:47 |
So much for counter-phishing training: Half of people click anything sent to them (lien direct) |
Even people who claimed to be aware of risks clicked out of curiosity.
|
|
|
|
|
2016-08-31 13:06:40 |
Dropbox hackers stole e-mail addresses, hashed passwords from 68M accounts (lien direct) |
"Scope of password reset completed last week protected all impacted users," says Dropbox. |
|
|
|
|
2016-08-31 12:42:45 |
Building a new Tor that can resist next-generation state surveillance (lien direct) |
Tor is an imperfect privacy platform. Ars meets the researchers trying to replace it. |
|
|
|
|
2016-08-30 19:12:08 |
Officials blame “sophisticated†Russian hackers for voter system attacks (lien direct) |
FBI reportedly informed Arizona of possible Russian hack in June. |
|
|
★★
|
|
2016-08-29 19:26:47 |
Meet USBee, the malware that uses USB drives to covertly jump airgaps (lien direct) |
Technique works on virtually all USB drives with no modifications necessary. |
|
|
|
|
2016-08-29 15:55:07 |
After Illinois hack, FBI warns of more attacks on state election board systems (lien direct) |
Concern about more attacks mounting as presidential elections approach. |
|
|
|
|
2016-08-26 21:22:58 |
Trading in stock of medical device paused after hackers team with short seller (lien direct) |
St. Jude Medical declares claim of vulnerability "false and misleading" |
Guideline
|
|
|
|
2016-08-26 19:00:23 |
Congressman to FCC: Fix phone network flaw that allows eavesdropping (lien direct) |
SS7 weakness, leak of phone numbers could let hackers spy on "half of Congress." |
|
|
|
|
2016-08-25 19:10:37 |
Actively exploited iOS flaws that hijack iPhones likely spread for years (lien direct) |
Jailbreak vulnerabilities allowed attackers to tap encrypted chat messages. |
|
|
|
|
2016-08-25 17:21:30 |
Apple releases iOS 9.3.5 with “an important security update†(lien direct) |
Update fixes three zero-day vulnerabilities called "Trident." |
|
|
★★★★★
|
|
2016-08-25 17:00:12 |
Hackers attack site of Ghostbusters star Leslie Jones, post racist abuse (lien direct) |
Naked photos seemingly taken from actor's iCloud account allegedly posted online. |
|
|
★★★
|
|
2016-08-24 15:45:30 |
HTTPS and OpenVPN face new attack that can decrypt secret cookies (lien direct) |
More than 600 sites found to be vulnerable to demanding exploit called Sweet32. |
|
|
★★★
|
|
2016-08-24 15:21:42 |
Military submarine maker springs leak after “hackâ€-India, Oz hit dive alarm (lien direct) |
Massive leak of French shipbuilder's documents reveal detailed defense plans. |
|
|
|
|
2016-08-23 18:09:03 |
NSA-linked Cisco exploit poses bigger threat than previously thought (lien direct) |
With only a small amount of work, ExtraBacon will commandeer new versions of ASA. |
|
|
★★★
|
|
2016-08-22 22:05:20 |
Hints suggest an insider helped the NSA “Equation Group†hacking tools leak (lien direct) |
Structure of leaked files, other factors suggest someone inside "air gap" snuck them out. |
|
|
|
|
2016-08-17 22:35:44 |
Cisco confirms NSA-linked zeroday targeted its firewalls for years (lien direct) |
Company advisories further corroborate authenticity of mysterious Shadow Brokers leak. |
|
|
|
|
2016-08-16 20:05:23 |
Snowden speculates leak of NSA spying tools is tied to Russian DNC hack (lien direct) |
Former NSA security scientist concurs exposure by "Equation Group" connected to DNC leak. |
|
|
|
|
2016-08-15 18:25:57 |
Linux bug leaves 1.4 billion Android users vulnerable to hijacking attacks (lien direct) |
Off-path attack means malicious hackers can be located anywhere on the Internet. |
|
|
★★★
|
|
2016-08-15 18:10:22 |
20 hotels suffer hack costing tens of thousands their credit card information (lien direct) |
Starwood, Hyatt, Marriott, and Intercontinental hotels across the country hacked.
|
|
|
★★★★
|
|
2016-08-13 01:26:10 |
Guccifer 2.0 doxes hundreds of House Democrats with massive document dump (lien direct) |
Trove includes home and cell phone numbers, e-mail addresses and some home addresses. |
|
|
★★★
|
|
2016-08-12 05:03:11 |
New air-gap jumper covertly transmits data in hard-drive sounds (lien direct) |
"DiskFiltration" siphons data even when computers are disconnected from the Internet. |
|
|
|
|
2016-08-11 15:47:55 |
Hackers use Arduino to unlock 100 million Volkswagens (lien direct) |
It's not easy, but it is possible. |
|
|
★★★★★
|
|
2016-08-11 12:57:38 |
Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open (lien direct) |
Microsoft quiet as researchers spot debug mode flaw that bypasses OS checks. |
|
|
|
|
2016-08-10 18:26:59 |
Linux bug leaves USA Today, other top sites vulnerable to serious hijacking attacks (lien direct) |
"Off-path" attack means hackers can be anywhere with no man-in-the-middle needed. |
|
|
★★
|
|
2016-08-10 13:36:57 |
Copperhead OS: The startup that wants to solve Android\'s woeful security (lien direct) |
A multi-billion-dollar megacorp, Google, apparently needs help to secure its OS. |
|
|
★★★
|
|
2016-08-09 14:17:57 |
IPv6 router bug: Juniper spins out hotfix to thwart DDoS attacks (lien direct) |
Vulnerability common to devices routing IPv6; Cisco offered partial fix in July. |
|
|
|
|
2016-08-09 00:41:58 |
Researchers crack open unusually advanced malware that hid for 5 years (lien direct) |
Espionage platform with more than 50 modules was almost certainly state sponsored. |
|
|
|
|
2016-08-08 17:38:59 |
Oracle-owned point-of-sale service suffers from malware attack (lien direct) |
Oracle confirms to Krebs that all MICROS customers have been asked to reset passwords. |
|
|
★★★
|
|
2016-08-08 14:14:23 |
Major Qualcomm chip security flaws expose 900M Android users (lien direct) |
Range of devices open to exploit by "Quadrooter" collection of vulnerabilities. |
|
|
|
|
2016-08-04 23:30:57 |
Starting this fall, Apple will pay up to $200,000 for iOS and iCloud bugs (lien direct) |
Bug bounty program will start small and slowly expand over time. |
|
|
|
|
2016-08-04 13:40:55 |
Report claims more than half of UK firms have been hit by ransomware (lien direct) |
Ransomware is booming, and UK firms are seriously lacking on the security front. |
|
|
|
|
2016-08-03 16:30:41 |
DNC staffers: FBI didn\'t tell us for months about possible Russian hack (lien direct) |
FBI told DNC to "look for signs of unusual activity" on network in fall of 2015. |
|
|
|
|
2016-08-03 16:03:50 |
New attack steals SSNs, e-mail addresses, and more from HTTPS pages (lien direct) |
Approach exploits how HTTPS responses are delivered over transmission control protocol. |
|
|
|
|
2016-08-03 13:40:46 |
Bitcoin value falls off cliff after $77M stolen in Hong Kong exchange hack (lien direct) |
Many investors holding BTC sell holdings in wake of Bitfinex hack. |
|
|
|
|
2016-08-03 13:00:23 |
Yahoo investigating claimed breach and data dump of 200 million users (lien direct) |
Black hat hacker is selling the dump on the dark Web; Yahoo won't confirm or deny it. |
|
Yahoo
|
|
|
2016-08-02 21:51:18 |
Frequent password changes are the enemy of security, FTC technologist says (lien direct) |
Contrary to what you've been told, frequent changes can be counterproductive. |
|
|
★★★★
|
|
2016-08-01 20:50:45 |
DNC Staffer got pop-up messages alerting of “state-sponsored actors” (lien direct) |
Attack on congressional campaign committee tied to "Fancy Bear" hack of DNC. |
|
APT 28
|
|