SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2019-10-08 23:24:33	Microsoft October 2019 Patch Tuesday is a light one (lien direct)	No zero-days this month. Only 59 security updates.
	2019-10-08 21:48:41	Twitter used 2FA phone numbers for ad targeting (lien direct)	Twitter couldn't say how many users had been impacted by this latest bug.
	2019-10-08 19:38:00	Hackers breach Volusion and start collecting card details from thousands of sites (lien direct)	More than 6,500 stores have been compromised, but the number could be around 20,000.
	2019-10-08 16:41:08	Thunderbird to add built-in support for OpenPGP email encryption standard (lien direct)	Built-in OpenPGP support coming to Thunderbird 78, scheduled for release in the summer of 2020.
	2019-10-08 14:15:20	France warns of cyberattacks against service providers and engineering offices (lien direct)	French cyber-security agency warns of ongoing cyber-espionage campaign after Airbus and Expleo hacks.
	2019-10-08 13:00:09	76 percent of US businesses have experienced a cyberattack in the past year (lien direct)	SMBs in the country are becoming a firm favorite as targets for cybercriminals.
	2019-10-08 13:00:08	New sextortion campaign taps altcoins to avoid detection (lien direct)	Cryptocurrency rules designed to protect email accounts from phishing are being fooled through a pivot from Bitcoin to Litecoin.
	2019-10-08 11:27:43	California takes on deepfakes in porn and politics (lien direct)	The state hopes new laws will stop the use of deepfake technology to manipulate political speech and sexual content.
	2019-10-08 10:00:06	Cybersecurity giants join forces to combat cyberthreats under OASIS umbrella (lien direct)	IBM and McAfee aim to tie cybersecurity products and data together through open source code and standards.
	2019-10-08 09:58:20	Tū Ora Compass Health data breach exposes medical data of one million people (lien direct)	The health organization has admitted its failure in safeguarding user data.	Data Breach
	2019-10-08 04:50:07	Zero-day published for old Joomla CMS versions (lien direct)	Proof-of-concept code available online; trivial to exploit.
	2019-10-07 20:33:25	Data breach at Russian ISP impacts 8.7 million customers (lien direct)	Security breach took place in 2017, but user details are only now being shared online, including on Telegram channels.	Data Breach
	2019-10-07 13:58:51	White-hat hacks Muhstik ransomware gang and releases decryption keys (lien direct)	Annoyed victim hacks back ransomware gang and releases all their decryption keys, along with a free decrypter.	Ransomware
	2019-10-07 13:00:00	A year after patch, Drupalgeddon2 is still being employed in cybercriminal attacks (lien direct)	The remote code execution bug is being used in attacks against high-profile websites.
	2019-10-07 12:15:00	FBI warns about attacks that bypass multi-factor authentication (MFA) (lien direct)	FBI warns about SIM swapping and tools like Muraen and NecroBrowser.
	2019-10-07 09:25:04	D-Link router remote code execution vulnerability will not be patched (lien direct)	The security issue won't be resolved, considering the age of the products.	Vulnerability
	2019-10-06 16:35:52	DNS-over-HTTPS causes more problems than it solves, experts say (lien direct)	Several experts, companies, and national entities have voiced very convincing concerns about DoH and its features.
	2019-10-04 21:49:55	Signal fixes FaceTime-like eavesdropping bug (lien direct)	Signal bug lets attackers place and then auto-answer a call by pressing the Mute button.
	2019-10-04 19:12:51	DHS and FDA warn about much broader impact of Urgent/11 vulnerabilities (lien direct)	Urgent/11 vulnerabilities impact multiple operating systems, not just VxWorks.
	2019-10-04 17:19:07	Microsoft: Iranian hackers targeted a 2020 presidential campaign (lien direct)	The Iranian hackers also targeted current and former US government officials, journalists, and Iranians living abroad.
	2019-10-04 13:50:52	EA website snafu leaks data of 1,600 FIFA 20 pro gamers (lien direct)	Glitch in EA FIFA 20 tournament site accidentally leaked some players' data to other players.
	2019-10-04 12:03:47	Russian hacker group patches Chrome and Firefox to fingerprint TLS traffic (lien direct)	Turla hacker group lives up to its reputation with another clever/wacky hacking technique.
	2019-10-04 07:29:17	Google finds Android zero-day impacting Pixel, Samsung, Huawei, Xiaomi devices (lien direct)	Vulnerability was patched in older Android OS versions, but resurfaced in newer releases.	Vulnerability		★★★
	2019-10-04 04:30:06	Microsoft: MFA bypass attacks are so rare we don\'t have good statistics on them (lien direct)	Microsoft security expert also ranks authentication factors based on their ability to fend off attackers.
	2019-10-03 19:35:32	Google gets tougher on HTTPS with ban on mixed content (lien direct)	Google to stop loading "mixed content" in Chrome starting next year.
	2019-10-03 17:37:59	macOS systems abused in DDoS attacks (lien direct)	Up to 40,000 macOS systems expose a particular port online that can be abused for pretty big DDoS attacks.
	2019-10-03 12:54:29	Minerva attack can recover private keys from smart cards, cryptographic libraries (lien direct)	Older Athena IDProtect smart cards are impacted, along with the WolfSSL, MatrixSSL, Crypto++, Oracle SunEC, and Libgcrypt crypto libraries.
	2019-10-03 11:40:56	Court reinstates lawsuit over Google iPhone user tracking (lien direct)	The lawsuit alleges Google should be held accountable for bypassing default iPhone privacy settings.
	2019-10-03 10:45:45	WhatsApp vulnerability exploited through malicious GIFs to hijack chat sessions (lien direct)	Personal files and messages are at risk in unpatched builds of the app.	Vulnerability		★★
	2019-10-03 08:59:50	EA to give users a free month of Origin Access if they enable 2FA (lien direct)	Offer stands only for October 2019. Origin users will get November for free.
	2019-10-02 22:52:16	Dutch police take down hornets\' nest of DDoS botnets (lien direct)	Police seize servers from bulletproof hosting provider that harbored tens of DDoS botnets.
	2019-10-02 17:42:00	Zendesk discloses 2016 data breach (lien direct)	Zendesk said hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers.	Data Breach
	2019-10-02 11:07:25	Tax and PII records of 20 million Russians stored without encryption, leaked online (lien direct)	Sensitive data was available to anyone with a browser.
	2019-10-02 10:49:00	Google launches Incognito Mode for Google Maps, and more (lien direct)	Google expands history auto-delete to YouTube, adds better privacy controls to voice assistant.
	2019-10-02 10:00:08	Google launches Password Checkup feature, will add it to Chrome later this year (lien direct)	Google's Password Checkup is currently available for Android devices and Google's web dashboard.
	2019-10-01 23:17:36	Intel proposes new SAPM memory type to protect against Spectre-like attacks (lien direct)	New CPU memory type proposed. No silicon prototype. Just a research paper and a lot of hope.
	2019-10-01 19:08:27	Academics find eight vulnerabilities in Android\'s VoIP components (lien direct)	The vulnerabilities can be exploited to make unauthorized VoIP calls, spoof caller IDs, deny voice calls, and even execute malicious code on users' devices.
	2019-10-01 14:24:00	Over 500 US schools were hit by ransomware in 2019 (lien direct)	Fifteen US school districts, accounting for 100 schools, were hit in the past two weeks alone.	Ransomware
	2019-10-01 12:09:24	German police storm bulletproof data center in former NATO bunker (lien direct)	The military bunker was allegedly used to host servers catering for Dark Web markets and child pornography websites.
	2019-10-01 10:20:30	Vengeful IT admin thrown behind bars for destroying Army systems on exit (lien direct)	His efforts have earned him two years in prison.
	2019-10-01 09:07:07	Former Yahoo engineer pleads guilty to hacking user emails in search for porn (lien direct)	Former Yahoo engineer accessed about 6,000 email accounts, primarily belonging to young women.		Yahoo
	2019-09-30 21:26:13	Ransomware incident to cost Danish company a whopping $95 million (lien direct)	After a month, hearing aid manufacturer Demant has yet to recover after the attack.	Ransomware
	2019-09-30 14:00:00	Malvertiser exploited two browser bugs to show over one billion malicious ads (lien direct)	eGobbler group exploits bugs in Chrome for iOS, and Chrome and Safari for desktop to show popup ads and redirect users to malicious sites.
	2019-09-30 11:47:06	New PDFex attack can exfiltrate data from encrypted PDF files (lien direct)	All the 27 desktop and web PDF viewer apps that were tested were found to be vulnerable in a way or another.
	2019-09-29 23:24:41	Linux to get kernel \'lockdown\' feature (lien direct)	New Linux kernel "lockdown" module to limit high-privileged users -- even root -- from tampering with some kernel functionality.
	2019-09-29 07:30:04	Pi-hole drops support for ad blocklists used by browser-based ad-blockers (lien direct)	The ad-blocking landscape is in line for some standardization, starting with the blocklists' synthax.
	2019-09-28 07:00:04	Most malspam contains a malicious URL these days, not file attachments (lien direct)	Proofpoint: 85% of all malicious email spam sent in Q2 2019 contained a link to download a malicious file.	Spam
	2019-09-27 21:15:39	New SIM card attack disclosed, similar to Simjacker (lien direct)	There's now an app to test your phone's SIM card for both Simjacker and WIBattack
	2019-09-27 17:27:57	Malware infection disrupts production at defence contractor plants in three countries (lien direct)	Rheinmetall plants in Brazil, Mexico, and the US disrupted by malware infection.	Malware
	2019-09-27 13:04:01	WhiteShadow downloader uses Microsoft SQL queries to deliver malicious payloads (lien direct)	The downloader has an unusual way of executing next-stage payloads.

Last update at: 2024-07-07 10:07:40
See our sources.

To see everything: Our RSS (filtrered)