Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-14 08:12:04 |
North Korea claims hacker responsible for WannaCry outbreak does not exist (lien direct) |
The country insists the indictment of the hacker is nothing more than a smear campaign. |
|
Wannacry
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 23:04:02 |
Sly malware author hides cryptomining botnet behind ever-shifting proxy service (lien direct) |
Botnet author appears to be successful at hiding cryptocurrency mining botnet behind reverse proxy network used by enterprises and the developer community. |
Malware
|
|
★★★
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 19:26:00 |
Security flaw can leak Intel ME encryption keys (lien direct) |
Intel has released updates for Intel ME, SPS, and TXE firmware to address encryption key-spilling flaw. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 15:00:00 |
Two billion devices still vulnerable to Blueborne flaws a year after discovery (lien direct) |
Countless devices are still vulnerable to the set of Bluetooth-based security flaws 12 months after being made public. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 15:00:00 |
Windows support scam uses evil cursor attack to hijack Google Chrome sessions (lien direct) |
Partnerstroka uses an "evil cursor" attack to hijack the mouse of Google Chrome browser users. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 14:24:03 |
Apple, Amazon, Google, others called to testify on consumer privacy protections (lien direct) |
Apple, Amazon, AT&T, Charter, Google, and Twitter called to testify in front of the Senate Committee on Commerce, Science, and Transportation. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 13:00:00 |
Windows and Linux Kodi users infected with cryptomining malware (lien direct) |
Kodi media player users who installed add-ons from the Bubbles, Gaia, and XvBMC repositories might have been infected with a coinminer. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 12:00:00 |
Kernel exploit discovered in macOS Webroot SecureAnywhere antivirus software (lien direct) |
The severe memory corruption flaw permitted attackers to execute malware at the kernel level. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 11:58:00 |
Jaxx wallet phishing campaign aimed to steal user cryptocurrency (lien direct) |
Phishing emails and poisoned search results may have allowed the spread of the cryptocurrency-stealing scam. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 10:37:05 |
BEC scam artist ordered to pay back $2.5 million, lands hefty prison sentence (lien direct) |
A Nigerian man has paid dearly for scamming victims out of hundreds of millions of dollars. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 09:07:00 |
Kelihos botnet operator jailed for account theft, ID trading in the Dark Web (lien direct) |
Prosecutors say the man lived comfortably by selling stolen credentials harvested through the botnet's activities. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 08:30:04 |
New cold boot attack affects "nearly all modern computers" (lien direct) |
Security researchers find a new way to disable current cold boot attack firmware security measures to steal sensitive data from high-value computers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-13 08:13:00 |
Scareware scheme operator thrown behind bars for targeting US media (lien direct) |
Visitors of the Minneapolis Star Tribune found their computers infected with malware and were exposed to fake Windows support messages. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 21:45:00 |
Brave browser files GDPR breach complaints against Google in the EU (lien direct) |
Google and fellow ad tech firms accused of violating GDPR during the "bid request" process used in behavioral ads. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 20:01:00 |
State Department shamed for poor adoption of multi-factor authentication (lien direct) |
Senators demand answers after government report finds that only 11 percent of the Department of State's devices use multi-factor authentication. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 16:44:00 |
Uproar after Adobe winds down Magento rewards-based bug bounty program (lien direct) |
Adobe announces plans to integrate Magento bug bounty program into existing vulnerabilities disclosure platform that offers no monetary rewards to bug hunters. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 16:00:01 |
A question of security: What is obfuscation and how does it work? (lien direct) |
With off-the-shelf malware becoming increasingly popular, hackers need to use a variety of techniques to disguise their activities. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 15:43:00 |
Feedify becomes latest victim of the Magecart malware campaign (lien direct) |
Magecart crew strikes again! This time they infect the infrastructure of a website push notification service. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 10:20:02 |
OpenSSL 1.1.1 out with TLS 1.3 support and "complete rewrite" of RNG component (lien direct) |
TLS 1.3 brings speed improvements and better cryptography to OpenSSL, the most popular open source cryptography library on the market |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 09:35:04 |
Data management firm Veeam mismanages own data, leaks 445m records (lien direct) |
The server was reportedly available for anyone to access and lacked any form of protection against intrusion. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 08:42:01 |
Adobe patch update tackles six critical vulnerabilities in ColdFusion (lien direct) |
The worst vulnerabilities lead to arbitrary code execution. |
Guideline
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-12 05:20:02 |
Publication of PoC in popular WordPress plugin leads to scans for vulnerable sites (lien direct) |
WordPress security firm Defiant reports "very noticeable uptick" in scans for vulnerable plugin installations. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 23:06:00 |
Judge rules cryptocurrency ICO scam case falls under securities law (lien direct) |
Judge rules that initial coin offerings are "securities" and SEC can go after ICO scammers for securities fraud under US securities laws. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 19:45:05 |
Microsoft patches recent ALPC zero-day in September 2018 Patch Tuesday updates (lien direct) |
Microsoft engineers patch 62 vulnerabilities, including 17 rated 'Critical' |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 15:53:03 |
First IoT security bill reaches governor\'s desk in California (lien direct) |
California IoT security bill criticized by security researcher. Expert says bill "is based upon an obviously superficial understanding of the problem." |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 12:00:01 |
\'Father of Zeus\' Kronos malware exploits Office bug to hijack your bank account (lien direct) |
The $7000 malware shows there is serious money to be made in the banking Trojan market. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 12:00:01 |
Alexa\'s land-and-expand strategy is racking up the numbers (lien direct) |
While Google is outselling Amazon in global units of smart speakers, other numbers show Amazon is doing just fine in expanding Alexa's reach and usage |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 09:28:00 |
How to steal a Tesla Model S in seconds (lien direct) |
An attack technique has been revealed which allows threat actors to unlock a Tesla vehicle in no time at all. |
Threat
|
Tesla
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-11 07:00:01 |
British Airways breach caused by the same group that hit Ticketmaster (lien direct) |
Security researchers find clues connecting the Magecart group to the breach at British Airways. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 23:28:00 |
Tech support scammers find a home on Microsoft TechNet pages (lien direct) |
Security researcher finds over 3,000 TechNet pages flooded with tech support scams pushing shady phone numbers for cryptocurrency exchanges and social media platforms. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 20:46:00 |
Microsoft details for the first time how it classifies Windows security bugs (lien direct) |
The Microsoft Security Response Center publishes two documents detailing internal procedures used by its staff to prioritize and classify security bugs. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 14:29:00 |
Exploit vendor drops Tor Browser zero-day on Twitter (lien direct) |
A company that sells exploits to government agencies drops Tor Browser zero-day on Twitter after recent Tor Browser update renders exploit less valuable. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 13:24:00 |
LuckyMouse uses malicious NDISProxy Windows driver to target gov\'t entities (lien direct) |
The hacking group is covertly infecting Windows machines with Trojans by way of stolen certificates belonging to a Chinese security company. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 10:47:01 |
Researcher finds new malware persistence method leveraging Microsoft UWP apps (lien direct) |
New malware persistence method works only on Windows 10 and abuses built-in UWP apps like the Cortana and People apps. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 10:45:00 |
These are the warning signs of a fraudulent ICO (lien direct) |
Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fake and what is legitimate? |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 09:05:02 |
Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits (lien direct) |
The IoT botnets are back with a new arsenal containing a vast array of vulnerabilities. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-10 06:59:00 |
Popular VPNs contain code execution security flaws, despite patches (lien direct) |
ProtonVPN and NordVPN contain severe bugs which impact Windows users and threaten their privacy. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-09 15:21:05 |
Standard to protect against BGP hijack attacks gets first official draft (lien direct) |
NIST and DHS project publishes first draft of new BGP Route Origin Validation (ROV) standard that will help ISPs and cloud providers protect against BGP hijack attacks. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-09 01:06:05 |
Worries arise about security of new WebAuthn protocol (lien direct) |
Cryptography experts point out that new WebAuthn protocol recommends or requires the implementation of old and weak algorithms known to be vulnerable to attacks for years |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-08 16:43:00 |
Peeled onions and a Minus Touch: Verizon data breach digest lifts the lid on theft tactics (lien direct) |
The 2018 report gives us a glimpse of tactics hackers are using today in the name of data exfiltration. |
Data Breach
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-08 00:39:01 |
Bill that would have the White House create a database of APT groups passes House vote (lien direct) |
US hopes that a name-and-shame strategy would deter foreign nation-state hacking groups to attack US infrastructure as often as now. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 23:03:04 |
Tens of iOS apps caught collecting and selling location data (lien direct) |
Apps collect data such as GPS coordinates, WiFi network IDs and more, and pass all of it to advertising and monetization firms. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 19:48:00 |
Tor Project releases first alpha of Android mobile browser (lien direct) |
After yesterday the Tor Project released Tor Browser v8, today, the organization had another surprise in store for its loyal fanbase -an Android mobile browser. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 18:17:01 |
US Government releases post-mortem report on Equifax hack (lien direct) |
Template has following fields pre-populated: Author, Buying Cycle, Blog, and Primary topic. Please adjust/add to secondary topics as appropriate for specific articles. |
Hack
|
Equifax
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 14:13:00 |
Top Mac anti-adware software in App Store steals your browsing history (lien direct) |
A Mac app ranked in the top App Store tiers secretly sends the browsing history of users to a server in China. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 07:18:00 |
Schneider Electric may have shipped USB drives infested with malware (lien direct) |
The flash drives were "contaminated" during the manufacturing process. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 01:58:00 |
Hacker uses ProtonMail VPN. Hacker DDoSes ProtonMail. Hacker gets arrested. (lien direct) |
Braggadocio teen part of up-and-coming Apophis Squad hacking squad fails to protect his identity. Gets promptly arrested by UK police. Pleads guilty. |
Guideline
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-07 00:22:00 |
Alex Stamos: Pretty clear GRU\'s goal was to weaken a future Clinton presidency (lien direct) |
Former Facebook CSO breaks down differences between fake news, GRU operations, and IRA troll farms |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-06 21:43:04 |
How US authorities tracked down the North Korean hacker behind WannaCry (lien direct) |
US authorities put together four years worth of malware samples, domain names, email and social media accounts to track down one of the Lazarus Group hackers. |
Malware
Medical
|
Wannacry
APT 38
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2018-09-06 17:32:02 |
Tesla modifies product policy to accommodate "good-faith" security research (lien direct) |
Tesla promises to reset car firmware and software damaged during security research. Also promises not to go after "good-faith" researchers in court. |
|
Tesla
|
|