Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-22 19:40:00 |
Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak (lien direct) |
Shadow Brokers data dump yields another one of its secrets |
|
|
|
|
2020-04-22 15:43:00 |
Apple investigating report of a new iOS exploit being used in the wild (lien direct) |
Cyber-security firm ZecOps said today it detected attacks against high-profile targets using a new iOS email exploit. |
|
|
|
|
2020-04-22 13:00:09 |
This is what happens to cryptocurrency paid out in sextortion campaigns (lien direct) |
Researchers have followed the trail of dirty coins generated through extorting sextortion spam victims. |
Spam
|
|
|
|
2020-04-22 13:00:00 |
Hackers have breached 60 ad servers to load their own malicious ads (lien direct) |
Why buy legitimate ad slots to deliver malvertising when you can just hack the server instead. |
Hack
|
|
|
|
2020-04-22 09:29:41 |
Smart IoT home hubs vulnerable to remote code execution attacks (lien direct) |
IoT hubs used in homes and offices were found to be susceptible to exploit due to critical bugs in their firmware. |
|
|
|
|
2020-04-21 18:43:28 |
New iOS exploit discovered being used to spy on China\'s Uyghur minority (lien direct) |
New "Insomnia" exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year. |
|
|
|
|
2020-04-21 15:14:00 |
Here\'s a list of all the ransomware gangs who will steal and leak your data if you don\'t pay (lien direct) |
Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand. |
Ransomware
|
|
|
|
2020-04-21 11:36:11 |
Security researcher discloses four IBM zero-days after company refused to patch (lien direct) |
Zero-days impact the IBM Data Risk Manager (IDRM), one of IBM's enterprise security tools. |
|
|
|
|
2020-04-21 08:11:37 |
France asks Apple to relax iPhone security for coronavirus tracking app development (lien direct) |
A technical issue is stymying the development of a government app for tracing COVID-19. |
|
|
|
|
2020-04-21 07:56:00 |
Nintendo accounts are getting hacked and used to buy Fortnite currency (lien direct) |
Nintendo has recommended that users enable two-factor authentication on their accounts. |
|
|
|
|
2020-04-20 22:51:36 |
Chinese hackers targeted company behind \'Ragnarok Online\' MMORPG (lien direct) |
Security firm finds new Chinese malware aimed at the Gravity game maker's network. Unclear if the attempted intrusion succeeded. |
Malware
|
|
|
|
2020-04-20 20:45:10 |
Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment (lien direct) |
Xilinx 7-series and some 6-series FPGAs deemed vulnerable to new Starbleed vulnerability. |
|
|
|
|
2020-04-20 12:04:12 |
Cloudflare debuts Border Gateway Protocol safety check tool (lien direct) |
The tool can be used to see if your ISP is adhering to modern BGP security frameworks. |
Tool
|
|
|
|
2020-04-20 10:15:29 |
Students, university clash over forced installation of remote exam monitoring software on home PCs (lien direct) |
The use of remote spying software to prevent cheating has raised an outcry from students. |
|
|
|
|
2020-04-20 08:45:01 |
Proposed government coronavirus tracking app falls at the first hurdle due to data breach (lien direct) |
The source code of a proposed app for tracing COVID-19 exposed user data after being published online. |
Data Breach
|
|
|
|
2020-04-19 14:50:05 |
Hackers steal $25 million worth of cryptocurrency from Uniswap and Lendf.me (lien direct) |
Hacker is believed to have used an exploit shared on GitHub last year to steal funds from both platforms. |
|
|
|
|
2020-04-18 23:54:29 |
Hacker leaks 23 million usernames and passwords from Webkinz children\'s game (lien direct) |
Exclusive: Webkinz security breach occurred earlier this month, sources have told ZDNet. |
|
|
|
|
2020-04-18 22:07:24 |
Tor Project lays off a third of its staff (lien direct) |
Tor Project lays off 13 out of 35 staffers. |
|
|
|
|
2020-04-18 11:56:09 |
FBI says cybercrime reports quadrupled during COVID-19 pandemic (lien direct) |
FBI official also says foreign hackers targeted andCOVID-19 research |
|
|
|
|
2020-04-18 06:30:08 |
(Déjà vu) German government loses tens of millions of euros in COVID-19 phishing attack (lien direct) |
German state of North Rhine-Westphalia failed to put in place a citizen verification procedure and allowed fraudsters to steal millions of euros. |
|
|
|
|
2020-04-18 06:30:00 |
German government might have lost tens of millions of euros in COVID-19 phishing attack (lien direct) |
German state of North Rhine-Westphalia failed to put in place a citizen verification procedure and allowed fraudsters to steal millions of euros. |
|
|
|
|
2020-04-17 23:02:00 |
Details of 20 million Aptoide app store users leaked on hacking forum (lien direct) |
Hacker claims to be in possession of 39 million Aptoide user records. Leaks 20 million today. |
|
|
|
|
2020-04-17 12:52:50 |
DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs (lien direct) |
Hackers compromised Pulse Secure VPNs, stole AD credentials, and are now using the stolen passwords to access internal networks even after companies patched their VPN servers. |
Patching
|
|
|
|
2020-04-17 11:55:36 |
PoetRAT Trojan targets energy sector using coronavirus lures (lien direct) |
Wind turbine operators are the focus of a new data-stealing campaign. |
|
|
|
|
2020-04-17 10:24:47 |
Facebook will now warn you if you\'ve interacted with fake, dangerous coronavirus posts (lien direct) |
The fight against COVID-19 scams, misinformation, and fake cures continues. |
|
|
|
|
2020-04-17 09:57:50 |
Clipboard hijacking malware found in 725 Ruby libraries (lien direct) |
The malware would replace Bitcoin addresses copied to the clipboard with one controlled by the attacker. |
Malware
|
|
|
|
2020-04-17 04:20:04 |
Academics steal data from air-gapped systems using PC fan vibrations (lien direct) |
Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and to nearby receives, breaking air-gapped system protections. |
|
|
|
|
2020-04-16 16:49:13 |
Linksys asks users to reset passwords after hackers hijacked home routers last month (lien direct) |
Linksys locks Smart WiFi cloud accounts and asks users to reset passwords after hackers hijacked routers to redirect traffic to malware sites. |
Malware
|
|
|
|
2020-04-16 13:38:53 |
Kernel vulnerabilities in Android devices using Qualcomm chips explored (lien direct) |
The security flaws that allowed attackers to achieve root capabilities on handsets have now been described in detail. |
|
|
|
|
2020-04-16 13:00:00 |
ICEBUCKET group mimicked smart TVs to steal ad money (lien direct) |
White Ops: The ICEBUCKET operation is the largest case of SSAI spoofing that has been uncovered to date. |
|
|
|
|
2020-04-16 11:56:00 |
SentinelOne researcher trolled in new MBRLocker ransomware campaign (lien direct) |
Malware was released using the researcher's name as author, alongside his contact details. |
Ransomware
Malware
|
|
|
|
2020-04-16 10:11:49 |
Zoom to revamp bug bounty program, bring in more security experts (lien direct) |
Zoom brings in Luta Security to reboot bug bounty program. |
|
|
|
|
2020-04-16 09:04:57 |
Zoom-bombing disrupted a House Oversight Committee meeting (lien direct) |
Zoom-bombing has now disrupted a meeting at the highest level of the US government. |
|
|
|
|
2020-04-15 22:49:16 |
Wappalyzer discloses security breach after hacker starts emailing users (lien direct) |
Wappalyzer tells ZDNet that only 16,000 users have been impacted in the incident. |
|
|
|
|
2020-04-15 18:01:18 |
US offers $5 million reward for information on North Korean hackers (lien direct) |
US says North Korean hackers pose a significant threat to the integrity and stability of the international financial system. |
Threat
|
|
|
|
2020-04-15 13:03:42 |
Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments (lien direct) |
AttackerKB portal enters public beta. |
Vulnerability
|
|
|
|
2020-04-15 13:00:07 |
New tool detects AWS intrusions where hackers abuse self-replicating tokens (lien direct) |
New SkyWrapper tool generates Excel spreadsheets so AWS account owners can easily spot compromised tokens. |
Tool
|
|
|
|
2020-04-15 09:50:00 |
Nemty ransomware operation shuts down (lien direct) |
Another ransomware operation bites the dust. Good riddance! |
Ransomware
|
|
|
|
2020-04-15 09:00:04 |
Phishing kit prices skyrocketed in 2019 by 149% (lien direct) |
The average price for a phishing kit in 2019 was $304, up from $122 recorded in 2018. |
|
|
|
|
2020-04-14 22:23:23 |
Microsoft opens AccountGuard to healthcare providers on the COVID-19 front lines (lien direct) |
Microsoft says the service will remain free for all healthcare organizations "until the COVID-19 pandemic subsides." |
|
|
|
|
2020-04-14 18:59:32 |
(Déjà vu) Microsoft April 2020 Patch Tuesday comes with fixes for four zero-days (lien direct) |
Microsoft fixes another 113 bugs this month after patching a whopping 115 last month. |
Patching
|
|
|
|
2020-04-14 18:59:00 |
Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days (lien direct) |
Microsoft fixes another 113 bugs this month after patching a whopping 115 last month. |
Patching
|
|
|
|
2020-04-14 18:00:07 |
Exclusive: Google removes 49 Chrome extensions caught stealing crypto-wallet keys (lien direct) |
The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users' private keys and mnemonic phrases. |
|
|
|
|
2020-04-14 13:46:46 |
Russian state hackers behind San Francisco airport hack (lien direct) |
ESET says a Russian hacker group known as Energetic Bear (DragonFly) is behind a hack of two of the airport's websites. |
Hack
|
|
|
|
2020-04-14 12:49:00 |
Zoom security: Your meetings will be safe and secure if you do these 10 things (lien direct) |
Is Zoom video conferencing safe to use or isn't it? That all depends on how well you follow these best practices. |
|
|
|
|
2020-04-14 06:54:48 |
Account details for 4 million Quidd users shared on hacking forum (lien direct) |
Users of Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, are advised to change account passwords as soon as possible. |
|
|
|
|
2020-04-13 16:28:17 |
Dell releases new tool to detect BIOS attacks (lien direct) |
Dell makes new tool named SafeBIOS Events & Indicators of Attack available for download for all Dell commercial PCs. |
Tool
|
|
|
|
2020-04-10 17:52:25 |
Dutch police take down 15 DDoS services in a week (lien direct) |
Dutch authorities launch sudden strike against DDoS-for-hire operators; take down 15 sites in a week. |
|
|
|
|
2020-04-10 15:16:15 |
Gambling company to set aside $30 million to deal with cyber-attack fallout (lien direct) |
In the middle of a merger, SBTech will have $30 million placed in escrow to deal with the repercussions of a suspected ransomware infection. |
Ransomware
|
|
|
|
2020-04-10 10:04:43 |
SEC settles with two suspects in EDGAR hacking case (lien direct) |
Hacker directly responsible for the hack is still at large, though. |
Hack
|
|
|