What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-05-15 16:19:04 | Attackers Use UPnP to Sidestep DDoS Defenses (lien direct) | Universal Plug and Play networking protocols can be exploited to bypass DDoS mitigations. | |||
|
2018-05-15 15:26:05 | Adobe Doles Out Second Round of Higher Priority Patches (lien direct) | Adobe has issued a round of higher priority patches less than a week after its Patch Tuesday updates last week. | |||
|
2018-05-14 20:09:05 | EFAIL Opens Up Encrypted Email to Prying Eyes (lien direct) | The flaws threaten to expose corporate communications in Outlook as well as the messages of at-risk users like political dissidents. | |||
|
2018-05-14 20:06:05 | Chili\'s Doesn\'t Leave Data Breach on the Back Burner (lien direct) | The fajitas purveyor announced the point-of-sale payment-card breach on Friday May 11, the same day that it learned about it. | |||
|
2018-05-14 19:19:02 | GDPR Phishing Scam Targets Apple Accounts, Financial Data (lien direct) | A phishing scam fooled victims by claiming to be Apple and scooping up personal details – including financial information and Apple account information. | |||
|
2018-05-14 18:04:00 | Samsung Patches Six Critical Bugs in Flagship Handsets (lien direct) | Samsung updates S9, Note 8 and S8 phones with 27 patches from a RCE bug to a patch that prevents an ancient peek-and-poke attack first identified in 1980s. | |||
|
2018-05-11 21:18:01 | Google Project Zero Calls Windows 10 Edge Defense \'ACG\' Flawed (lien direct) | Researchers maintain Microsoft's vaunted Arbitrary Code Guard in the Edge browser can't stop hackers from mounting attacks. | |||
|
2018-05-11 19:44:00 | Vega Stealer Malware Takes Aim at Chrome, Firefox (lien direct) | While it's a simple payload for now, researchers said Vega has the ability to evolve into something more concerning in the future. | |||
|
2018-05-11 17:29:03 | Panda Banking Trojan Diversifies into Cryptocurrency, Porn, Other Targets (lien direct) | The Panda banking trojan, a spin-off from the infamous Zeus malware, is widening its net to attack more than just financial services targets, as seen in three ongoing campaigns discovered in May. | |||
|
2018-05-10 20:23:02 | GandCrab Ransomware Found Hiding on Legitimate Websites (lien direct) | The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns. | |||
|
2018-05-10 20:04:02 | PoS Malware \'TreasureHunter\' Source Code Leaked (lien direct) | The leak of point-of-sale malware source code is a double-edge sword to researchers who view it as boon to research, but a headache when it comes to inspiring future variants and attacks. | |||
|
2018-05-10 18:00:03 | New Facebook-Spread Malware Triggers Credential Theft, Cryptomining (lien direct) | A new malware campaign being rapidly spread on Facebook is infecting users' systems to perform credential theft, cryptomining, and click fraud. | |||
|
2018-05-10 15:37:00 | Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked (lien direct) | Apple, Microsoft, Red Hat and others have built an uncannily similar privilege escalation flaw into their Intel-based products. | |||
|
2018-05-10 14:45:03 | Nigerian BEC Scammers Growing Smarter, More Dangerous (lien direct) | Nigerian-based cybercriminals are growing more dangerous as they add sophisticated tools to their arsenal, including complex remote access trojans, a new report reveals. | |||
|
2018-05-10 10:35:02 | Secrets of the Wiper: Inside the World\'s Most Destructive Malware (lien direct) | The actors behind this kind of code, whether they're bent on sending a political message or simply wanting to cover their tracks after data exfiltration, have adopted various techniques to carry out those activities. | |||
|
2018-05-09 20:20:03 | Bugs in Logitech Harmony Hub Put Connected IoT Devices at \'High Risk\' (lien direct) | Researchers found an array of vulnerabilities in the Logitech Harmony Hub, shedding light on IoT security. | |||
|
2018-05-09 17:00:01 | Severe Keyboard Flaws in LG Smartphones Allow Remote Code Execution (lien direct) | An attacker can gain man-in-the-middle access to inject a rogue executable file onto the phone. | |||
|
2018-05-09 16:08:02 | Georgia Governor Vetoes Controversial Hack-Back Bill (lien direct) | The bill would have allowed companies in the state to perform offensive cyberactions in the face of an attack. | |||
|
2018-05-08 20:42:02 | May Patch Tuesday Fixes Two Bugs Under Active Attack (lien direct) | In total, Microsoft's May Patch Tuesday roundup included 68 security patches, with 21 listed as critical, 45 rated important and two listed low in severity. | |||
|
2018-05-08 20:27:00 | Sierra Wireless Patches Critical Vulns in Range of Wireless Routers (lien direct) | The flaws would leave the enterprise devices helpless to a range of remote threats, including the charms of the Reaper IoT botnet. | Cloud | APT 37 | |
|
2018-05-08 16:56:04 | Adobe Patches Critical Bugs In Flash Player, Creative Cloud (lien direct) | Adobe fixed critical vulnerabilities in Adobe Flash Player and Creative Cloud as part of its regularly scheduled May Security Bulletin, on Tuesday. | |||
|
2018-05-08 16:45:05 | “Equi-Facts”: Equifax Clarifies the Numbers for Its Massive Breach (lien direct) | As companies continue to install the vulnerable version of Apache Struts behind the breach, Equifax has filed a clarification statement. | Equifax | ||
|
2018-05-08 15:39:00 | FBI: Cyber-Fraud Losses Rise to Reach $1.4B (lien direct) | Tech-support scams took off during the year, while whaling/business email compromise was the main threat, accounting for losses of more than $675 million. | |||
|
2018-05-07 19:06:04 | Romanian Hackers Extradited to U.S. over $18M Vishing Scam (lien direct) | The two have been arraigned in a Georgia district court on charges relating to an elaborate voice- and SMS-phishing (i.e., vishing/smishing) scheme. | |||
|
2018-05-07 18:54:04 | Variant of SynAck Malware Adopts Doppelgänging Technique (lien direct) | Ransomware adopts Process Doppelgänging technique to avoid antivirus researchers and avoid detection in a newly identified malware double threat targeting users in the U.S., Kuwait and Germany. | |||
|
2018-05-07 17:14:02 | Asylo Open-Source Framework Tackles TEEs for Cloud (lien direct) | The idea is to use trusted execution environments to build trust across various cloud-related use cases, including 5G, virtual network functions (VNFs), blockchain and more. | |||
|
2018-05-04 20:38:00 | Report: Intel Facing New Spectre-Like Security Flaws (lien direct) | Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a German magazine alleges. | |||
|
2018-05-04 20:36:01 | Pr0nbot is Back – and Evading Twitter Censors (lien direct) | A rapidly swelling botnet of Twitter accounts advertising “adult dating”-themed scam websites has at least 80,000 nodes to date. | |||
|
2018-05-04 19:27:00 | Abbott Addresses Life-Threatening Flaw in a Half-Million Pacemakers (lien direct) | A backdoor could be exploited to allow an attacker to manipulate the implants and cause heart problems and even death, | |||
|
2018-05-03 22:13:01 | (Déjà vu) Twitter Urges Users to Change Passwords Due to Glitch (lien direct) | A glitch caused Twitter passwords to be stored in plain text on an internal log. | |||
|
2018-05-03 20:26:03 | MassMiner Takes a Kitchen-Sink Approach to Cryptomining (lien direct) | The malware targets Windows servers with a cornucopia of well-known exploits, all within a single executable -- including the EternalBlue NSA hacking tool. | |||
|
2018-05-03 20:14:00 | Phone Maker BLU Settles with FTC Over Unauthorized User Data Extraction (lien direct) | Florida-based phone maker BLU is facing an FTC complaint over allegations it shared detailed personal user data with a third-party firm that included full text messages, call logs and contact lists. | |||
|
2018-05-03 19:57:05 | A Look Inside: Bug Bounties and Pen Testing (lien direct) | Threatpost talks to Christie Terrill of Bishop Fox about the pros and cons of using bug bounty programs versus penetration testing for companies. | |||
|
2018-05-03 16:57:01 | Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0 (lien direct) | Bad actors are leveraging the critical Drupal vulnerability to install cryptomining malware on servers and browsers, | |||
|
2018-05-03 14:42:04 | Critical Cisco WebEx Bug Allows Remote Code Execution (lien direct) | Attackers can leverage the flaw by convincing users to open a file purported to be a recording of a past WebEx event. | |||
|
2018-05-03 11:54:04 | Free Speech Advocates Blast Amazon Over Threats Against Signal (lien direct) | Secure-messaging firm Signal was told by Amazon not to use its AWS servers for domain-fronting, a technique used to enable communications in countries such as Egypt, Oman, Qatar and UAE where the service is banned. | |||
|
2018-05-03 10:00:04 | Boutique Shops Offering Rewards Points Pop Up on the Dark Web (lien direct) | These small specialty shops make rewards-point abuse more accessible to fraudsters by offering credentials for direct account access. | |||
|
2018-05-02 20:13:03 | Hacktivists, Tech Giants Protest Georgia\'s \'Hack-Back\' Bill (lien direct) | Google, Microsoft, security researchers and hacking groups have lined up to protest the bill, which would criminalize unauthorized computer access. | |||
|
2018-05-02 16:07:05 | Facebook Introduces \'Clear History\' Option Amid Data Scandal (lien direct) | Facebook hopes to improve data privacy with a new feature letting users flush their history so that it is cleared from their account. | |||
|
2018-05-02 14:13:00 | Schneider Electric Patches Critical RCE Vulnerability (lien direct) | Researchers found a critical remote code execution vulnerability afflicting two Schneider Electric products that could give attackers to disrupt or shut down plant operations. | |||
|
2018-05-01 21:21:01 | Millions of Home Fiber Routers Vulnerable to Complete Takeover (lien direct) | Exploitation can result in hackers gaining access to full browsing histories and all of the user's internet activities. | |||
|
2018-05-01 20:55:00 | Samples of SiliVaccine Offer Rare Peek Inside North Korea\'s Antivirus Software (lien direct) | Samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor. | |||
|
2018-05-01 20:19:04 | Volkswagen Cars Open To Remote Hacking, Researchers Warn (lien direct) | Vulnerable in-vehicle infotainment systems have left some Volkswagen cars open to remote hacking, researchers warn. | |||
|
2018-05-01 14:53:04 | Tens of Thousands of Malicious Apps Using Facebook APIs (lien direct) | The apps are deemed malicious by doing things such as capturing pictures and audio when the app is closed, or making an unusually large amount of network calls. | |||
|
2018-04-30 20:52:05 | USB Sticks Can Trigger BSOD – Even on a Locked Device (lien direct) | Thanks to auto-play, it's possible to crash Windows systems by simply inserting the drive into the USB port, no further user interaction necessary. | |||
|
2018-04-30 20:43:01 | KRACK Vulnerability Puts Medical Devices At Risk (lien direct) | A slew of products from medical dispensing company BD are susceptible to the KRACK vulnerability disclosed last fall. | |||
|
2018-04-30 18:20:04 | Updated GravityRAT Malware Adds Advanced AV Detection (lien direct) | Researchers warn that the code behind this remote access trojan has been tweaked in an attempt to decrease antivirus detection. | |||
|
2018-04-30 15:49:05 | NIST Updates Cybersecurity Framework to Tackle Supply Chain Threats, Vulnerability Disclosure and More (lien direct) | Version 1.1 includes updates on authentication and identity, self-assessment, supply-chain security and vulnerability disclosure, among other changes. | |||
|
2018-04-30 15:02:01 | Twitter Sold Data To Cambridge Analytica-Linked Company (lien direct) | Twitter is the latest company to face backlash for how it handles data privacy after disclosing that it sold data access to a Cambridge Analytica-linked researcher. | |||
|
2018-04-27 19:41:03 | SamSam Ransomware Evolves Its Tactics Towards Targeting Whole Companies (lien direct) | The gang behind the Atlanta city shutdown and other attacks is selecting victims carefully and offering volume discounts to unlock whole organizations. |
To see everything:
Our RSS (filtrered)
