Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-07-25 15:00:26 |
Novel Attack Tricks Servers to Cache, Expose Personal Data (lien direct) |
Researchers have a devised a way to trick a web server into caching pages and exposing personal data to attackers. |
|
|
|
|
2017-07-25 13:00:32 |
Black Hat USA 2017 Preview (lien direct) |
Mike Mimoso and Tom Spring preview Black Hat, which starts tomorrow in Las Vegas. |
|
|
★★★★★
|
|
2017-07-24 18:32:08 |
Hacker Admits to Mirai Attack Against Deutsche Telekom (lien direct) |
A hacker that goes by the name “BestBuy†admitted to a German court that he was behind an attack last year that knocked over a million Deutsche Telekom customers offline. |
|
|
★★★
|
|
2017-07-24 13:00:38 |
macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities (lien direct) |
This week at Black Hat, Mac malware expert Patrick Wardle will describe how he used a custom-built command and control server to analyze new spying capabilities in a variant of the FruitFly backdoor. |
|
|
★★★★★
|
|
2017-07-21 17:50:03 |
Trickbot Malware Now Targets US Banks (lien direct) |
Researchers with IBM and Flashpoint warn the Trickbot Trojan is growing more potent and now targeting U.S. banks. |
|
|
|
|
2017-07-21 16:31:11 |
Motivation Mystery Behind WannaCry, ExPetr (lien direct) |
A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit. |
|
Wannacry
|
|
|
2017-07-20 18:08:46 |
Apple Patches BroadPwn Bug in iOS 10.3.3 (lien direct) |
Apple released iOS 10.3.3 Wednesday that serves as a cumulative patch update for multiple vulnerabilities including the high-profile BroadPwn bug. |
|
|
|
|
2017-07-20 16:32:08 |
US, European Law Enforcement Shutter Massive AlphaBay Market (lien direct) |
U.S. authorities along with law enforcement Europe and Asia announced today the takedown of the dark web's largest illicit market, AlphaBay. |
|
|
|
|
2017-07-20 12:42:05 |
Tor Project Opens Bounty Program To All Researchers (lien direct) |
The Tor Project is launching a public bug bounty program to encourage security researchers to responsibly report issues they find in the software. |
|
|
|
|
2017-07-19 19:46:12 |
Senator Calls For Use Of DMARC To Curb Phishing (lien direct) |
Senator Ron Wyden is pushing to mandate government-wide use of the email authentication protocol DMARC “to ensure that hackers cannot send emails that impersonate federal agencies.†|
|
|
|
|
2017-07-19 13:56:16 |
Modified Versions of Nukebot in Wild Since Source Code Leak (lien direct) |
Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France. |
|
|
|
|
2017-07-19 10:00:19 |
Bad Code Library Triggers Devil\'s Ivy Vulnerability in Millions of IoT Devices (lien direct) |
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them. |
|
|
|
|
2017-07-18 20:47:29 |
Oracle Releases Biggest Update Ever: 308 Vulnerabilities Patched (lien direct) |
Oracle's July Critical Patch Update included fixes for 308 vulnerabilities, 165 of which are remotely exploitable. |
|
|
★★★
|
|
2017-07-18 19:45:27 |
Oracle E-Business Suite Flaw Allows Downloads of Documents (lien direct) |
Oracle today in its Critical Patch Update addressed a critical vulnerability in its Oracle E-Business Suite of business applications that allows for the download of business documents. |
|
|
|
|
2017-07-18 19:02:46 |
CoinDash Hacked During its ICO (lien direct) |
Hackers hijacked CoinDash's initial coin offering Monday, stealing $7.7 million in cryptocurrency from the nascent trading platform. |
|
|
|
|
2017-07-18 18:34:20 |
Privacy Activists Suffer Legal Setback In National Security Letter Case (lien direct) |
Cloudflare and network operator Credo Mobile suffered a legal defeat when U.S. appeals court ruled to uphold a gag order on FBI surveillance data. |
|
|
|
|
2017-07-17 21:17:54 |
Botnet Tweeting, Spamming Porn Shut Down (lien direct) |
Researchers discovered an active Twitter botnet made up of 38,000 bots, generating 8.5 million tweets and netting over 30 million clicks from its victims. |
|
|
★★★★★
|
|
2017-07-17 20:26:34 |
Cisco Patches Another Critical Ormandy Bug in WebEx Extension (lien direct) |
Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco's WebEx extension for Chrome and Firefox that allows for remote code execution. |
|
|
★★★
|
|
2017-07-17 18:09:42 |
FreeRADIUS Update Patches Bugs Static Analysis Tools Missed (lien direct) |
FreeRADIUS today released an update that patches a number of vulnerabilities uncovered in a commissioned engagement using a customer fuzzer. |
|
|
★★★★
|
|
2017-07-14 16:37:18 |
Siemens Patches Authentication Bypass Flaw in SiPass Server (lien direct) |
Siemens patches four vulnerabilities, including a critical authentication bypass flaw, in its SiPass integrated access control server. |
|
|
★★
|
|
2017-07-14 15:01:03 |
Cisco Patches Publicly Disclosed SNMP Vulnerabilities in IOS, IOS XE (lien direct) |
Cisco patched nine publicly disclosed remote code execution vulnerabilities in the SNMP subsystem running in its IOS and IOS XE software. |
|
|
|
|
2017-07-14 14:00:17 |
Threatpost News Wrap, July 14, 2017 (lien direct) |
Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner. |
|
|
|
|
2017-07-14 13:00:43 |
Experts Warn Too Often AWS S3 Buckets Are Misconfigured, Leak Data (lien direct) |
An analysis of Amazon Web Services storage containers reveals troubling trend of misconfigured S3 buckets that leak data. |
|
|
|
|
2017-07-13 18:35:51 |
Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines (lien direct) |
Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr. |
|
Wannacry
|
★★★★★
|
|
2017-07-13 18:24:52 |
Attackers Using Automated Scans to Takeover WordPress Installs (lien direct) |
Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it. |
|
|
★★★
|
|
2017-07-13 15:12:12 |
Google Changes How it Analyzes Misbehaving Mobile Apps (lien direct) |
Google has a new machine-learning algorithm it uses to compare new apps to known secure apps, improving the way it classifies submissions to Google Play. |
|
|
★★★★
|
|
2017-07-12 19:02:03 |
Third Party Exposes 14 Million Verizon Customer Records (lien direct) |
Data belonging to 14 million Verizon customers was exposed by a partner, which misconfigured a repository storing the personal information it had access to. |
|
|
|
|
2017-07-12 18:56:01 |
New Point-of-Sale Malware LockPoS Hitches Ride with FlokiBot (lien direct) |
Botnets distributing FlokiBot point-of-sale malware are back in business spewing a new malware dubbed LockPoS. |
|
|
|
|
2017-07-12 16:36:35 |
Uber Patches Authentication Bypass Vulnerability on Custom SSO Solution (lien direct) |
Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies. |
|
Uber
|
|
|
2017-07-12 16:25:39 |
SAP Patches High-Risk Flaws in SAP POS, Host Agent (lien direct) |
SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.
|
|
|
|
|
2017-07-12 12:18:30 |
Vulnerabilities Expose Oracle OAM 10g to Remote Session Hijacking (lien direct) |
Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions. |
|
|
★★★
|
|
2017-07-11 20:55:56 |
Telegram-Controlled Hacking Tool Targets SQL Injection at Scale (lien direct) |
The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone. |
|
|
|
|
2017-07-11 20:36:23 |
Microsoft Patch Tuesday Update Fixes 19 Critical Vulnerabilities (lien direct) |
Microsoft releases a total of 57 security patches, part of its July Patch Tuesday, with 20 rated critical. |
|
|
|
|
2017-07-11 17:43:16 |
Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks (lien direct) |
Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks. |
|
|
|
|
2017-07-11 16:33:17 |
Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update (lien direct) |
Adobe only fixed six vulnerabilities in two products, making it the company's smallest security bulletin of the year. |
|
|
|
|
2017-07-10 21:59:01 |
Micro Market Vendor Warns of Bankcard And Biometric Data Breach (lien direct) |
Avanti Markets notified customers of a possible breach of personal and payment card data as well as biometric user information that likely occurred July 4. |
|
|
★★★
|
|
2017-07-10 20:30:52 |
Telcos Singled Out for Prioritizing Government Requests for Data Over Privacy (lien direct) |
The EFF's annual Who Has Your Back report singles out giant telecommunications providers for their prioritization of government requests for data over privacy. |
|
|
|
|
2017-07-10 18:34:03 |
Energy, Nuclear Targeted with Template Injection Attacks (lien direct) |
Adversaries are using the SMB communications channel to launch template injection attacks against the energy sector, including nuclear facilities. |
|
|
|
|
2017-07-10 18:28:56 |
Google to Fully Distrust WoSign/StartCom SSL Certs in Chrome 61 (lien direct) |
Google has put websites signed with WoSign/StartCom SSL certificates on notice that it will no longer trust certs from the Chinese CA starting in Chrome 61. |
|
|
|
|
2017-07-10 17:27:36 |
International Investigatory Group Also Target of Government Spyware (lien direct) |
An international group of investigators were infected by Pegasus spyware while in Mexico, Citizen Lab reports. |
|
|
|
|
2017-07-07 20:56:49 |
Hard Rock, Loews Hotels Among Sabre Corp Hospitality Breach Victims (lien direct) |
Victims of Sabre Corp's SynXis reservation system breach reportedly include both the Hard Rock Hotel and Casino chain and the Loews Hotel chain. |
|
|
|
|
2017-07-07 16:32:52 |
Leaky WWE Database Exposes Personal Data of 3M Wrestling Fans (lien direct) |
Personal data of 3 million wrestling fans were left exposed on a database owned by World Wide Entertainment. |
|
|
|
|
2017-07-07 13:11:31 |
Decryption Key to Original Petya Ransomware Released (lien direct) |
The key to decrypt the original Petya ransomware has been reportedly released by the ransomware's author. |
|
|
|
|
2017-07-06 20:04:15 |
Let\'s Encrypt to Offer Wildcard Certificates in 2018 (lien direct) |
Certificate authority Let's Encrypt said this week it will begin offering wildcard certificates in 2018.
|
|
|
|
|
2017-07-06 17:49:02 |
CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016 (lien direct) |
Over the course of two months last year the Copycat malware infected 14 million Android devices and rooted more than half of them, roughly eight million devices. |
|
|
|
|
2017-07-06 16:30:16 |
Google Patches Critical \'Broadpwn\' Bug in July Security Update (lien direct) |
The July Android Security Bulletin patches 11 critical remote-code execution bugs including one dubbed 'Broadpwn' that impacts both Android and iOS devices. |
|
|
|
|
2017-07-05 18:56:53 |
Threat Actors Target Chinese Language News Sites (lien direct) |
Citizen Lab investigates the targeting of Chinese language news websites in a phishing attack that leveraged the NetWire remote access Trojan. |
|
|
|
|
2017-07-05 17:48:09 |
Libgcrypt \'Sliding Right\' Attack Allows Recovery of RSA-1024 Keys (lien direct) |
GnuPG recently patched cryptographic library Libgcrypt, preventing a local side-channel attack; something that could have allowed full key recovery for RSA-1024.
|
|
|
|
|
2017-07-03 18:31:16 |
Researchers Find BlackEnergy APT Links in ExPetr Code (lien direct) |
Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month's global attacks. |
|
|
|
|
2017-07-03 18:10:53 |
Classic Ether Wallet Compromised via Social Engineering (lien direct) |
Developers of Classic Ether Wallet said an attacker managed to hijack the domain for the wallet via social engineering late Thursday evening. |
|
|
|