Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-08-31 17:26:01 |
FDA Recalls 465K Pacemakers Tied to MedSec Research (lien direct) |
Abbott Laboratories releases software fixes for pacemakers that could allow an attacker to wirelessly access the devices and steal personal data, drain the battery and disrupt normal life-sustaining operations. |
|
|
|
|
2017-08-31 13:30:02 |
Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin (lien direct) |
Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin. |
|
|
|
|
2017-08-30 21:43:31 |
Intel Confirms Its Much-Loathed ME Feature Has A Kill Switch (lien direct) |
A previously undocumented kill switch for a remote management feature baked into many Intel chips can be switched off. |
|
|
|
|
2017-08-30 19:18:08 |
Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies (lien direct) |
The Turla APT's WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016. |
|
|
|
|
2017-08-30 18:13:30 |
New Locky Variant \'IKARUSdilapidated\' Strikes Again (lien direct) |
For a second time this month, a Locky ransomware variant called IKARUSdilapidated is part of a calculated phishing attack targeting office workers with fake scanned image attachments. |
|
|
|
|
2017-08-30 17:11:41 |
Siemens Fixes Session Hijacking Bug in LOGO!, Warns of Man-in-the-Middle Attacks (lien direct) |
Siemens fixed a session hijacking vulnerability in its LOGO! logic module Wednesday but says a second issue, one that could help facilitate a man-in-the-middle attack, has no fix currently. |
|
|
|
|
2017-08-30 16:10:36 |
Spambot Contains \'Mind-Boggling\' Amount of Email, SMTP Credentials (lien direct) |
Researchers accessed the Onliner spambot and found 711 million records, including email addresses, email and password combinations, and SMTP credentials and configuration files. |
|
|
|
|
2017-08-29 19:12:10 |
Google Reminding Admins HTTP Pages Will Be Marked \'Not Secure\' in October (lien direct) |
Google began sending out notices to site owners this month who haven't yet migrated from HTTP to HTTPS warning them that in October their sites will be marked "NOT SECURE." |
|
|
|
|
2017-08-29 19:04:33 |
Researchers Figure Out How to Blind ISPs from Smart Home Device Traffic (lien direct) |
Researchers have come up with a way to blind ISPs and attackers in a man-in-the-middle position to network traffic emanating from smart home devices. |
|
|
|
|
2017-08-29 18:54:22 |
Revamped Nukebot Malware Changes Targets, Adds Functions (lien direct) |
Researchers warn a retooled 'Jimmy' Nukebot no longer steals bankcard data, rather focuses on avoiding detection as it downloads malicious modules. |
|
|
|
|
2017-08-29 15:22:59 |
Telnet Credential Leak Reinforces Bleak State of IoT Security (lien direct) |
The disclosure and recent analysis of thousands of leaked telnet credentials paints a bleak picture of the state of IoT security. |
|
|
|
|
2017-08-29 13:41:12 |
DJI Launches Drone Bug Bounty Program (lien direct) |
Drone manufacturer DJI announced Monday it was launching a bug bounty program to reward researchers who find vulnerabilities in its drones. |
|
|
|
|
2017-08-28 20:59:18 |
Fraudulent Donations Lead to Disbanding of Hutchins Legal Defense Fund (lien direct) |
A legal defense fund established to ease Marcus Hutchins' attorney costs has been disbanded after a sizable number of fraudulent donations were discovered. |
|
|
|
|
2017-08-28 20:50:45 |
CEOs Resign from Trump\'s Cybersecurity Commission (lien direct) |
Eight members of the National Infrastructure Advisory Council resigned last week, citing insufficient attention to the growing threats to the cybersecurity by the Trump Administration. |
|
|
|
|
2017-08-28 19:44:59 |
Mobile WireX DDoS Botnet \'Neutralized\' by Collaboration of Competitors (lien direct) |
A large botnet of Android devices called WireX is responsible for large-scale application-layer DDoS attacks against businesses in the hospitality, porn and gambling industries.
|
|
|
|
|
2017-08-28 17:27:29 |
Anonymous Messaging App Sarahah to Halt Collection of User Data With Next Update (lien direct) |
The anonymous messaging app Sarahah says it plans to remove a feature that uploads users contacts, including phone numbers and email addresses to the company's servers, in the next update.
|
|
|
|
|
2017-08-26 12:20:08 |
Race is On To Notify Owners After Public List of IoT Device Credentials Published (lien direct) |
A list of device IPs and credentials has gone viral since Thursday, kicking off an effort by researchers to notify the owners of these connected devices before they're hacked. |
|
|
|
|
2017-08-25 19:21:27 |
Defray Ransomware Seen Targeting Education, Healthcare Industry (lien direct) |
Defray, a new, although small strain of ransomware, was spotted by researchers targeting comapnies in the education and healthcare verticals. |
|
|
|
|
2017-08-25 15:30:40 |
Threatpost News Wrap, August 25, 2017 (lien direct) |
The news of the week is discussed, including the AWS S3 leaks, Zerodium's bounty on messaging app zero days, Ropemaker, and cobot vulnerabilities. |
|
|
|
|
2017-08-25 14:00:12 |
Cryptocurrency Mining Malware Hosted in Amazon S3 Bucket (lien direct) |
Attackers are using an exploit kit to spread the Zminer executable that downloads a cryptocurrency miner hosted in an Amazon S3 bucket. |
|
|
|
|
2017-08-25 10:00:19 |
Security Lacking in Previous AppleAVEDriver iOS Kernel Extension (lien direct) |
An obscure Apple kernel extension patched in iOS 10.3.3 was originally built without security measures in place, according to the researcher who privately disclosed the flaws. |
|
|
|
|
2017-08-24 18:15:44 |
Adware Spreading Via Social Engineering, Facebook Messenger (lien direct) |
Attackers have taken to Facebook Messenger with a combination of social engineering and malicious JavaScript to spread adware.
|
|
|
|
|
2017-08-24 14:32:18 |
Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root (lien direct) |
An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers to run code as root. |
|
|
|
|
2017-08-23 18:32:42 |
Zerodium Offers $500K for Secure Messaging App Zero Days (lien direct) |
Zerodium announced new $500,000 payouts for zero days in secure messaging apps such as Signal, WhatsApp and others. |
|
|
|
|
2017-08-23 17:53:16 |
ROPEMAKER Exploit Allows for Changing of Email Post-Delivery (lien direct) |
An exploit dubbed ROPEMAKER relies on taking advantage of email design functionality, namely by remotely changing CSS in HTML-based emails after they've been sent. |
|
|
|
|
2017-08-23 17:02:01 |
Business Email Compromise Campaign Harvesting Credentials in Numerous Industries (lien direct) |
Flashpoint warns of a new business email compromise campaign targeting organizations in various industries with the aim of harvesting credentials. |
|
|
|
|
2017-08-22 21:51:58 |
Neptune Exploit Kit Dropping Cryptocurrency Miners Through Malvertisements (lien direct) |
Researchers say the Neptune, or Terror exploit kit has been spreading Monero cryptocurrency miners via malvertisements. |
|
|
|
|
2017-08-22 17:28:01 |
Android Spyware Linked to Chinese SDK Forces Google to Boot 500 Apps (lien direct) |
More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK called Igenix could be leveraged to quietly install spyware on devices. |
|
|
|
|
2017-08-22 16:33:26 |
Foxit to Fix PDF Reader Zero Days by Friday (lien direct) |
Foxit Software says it will fix two vulnerabilities in its PDF reader products that could be triggered through its JavaScript API to execute code. |
|
|
|
|
2017-08-22 12:05:16 |
Fuze Patches TPN Handset Vulnerabilities (lien direct) |
VoIP vendor Fuze earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication. |
|
|
|
|
2017-08-22 12:00:47 |
Industrial Cobots Might Be The Next Big IoT Security Mess (lien direct) |
Researchers at IOActive are sounding an early alarm on the security of industrial collaboration robots, or cobots. These machines work side-by-side with people and contain vulnerabilities that could put physical safety at risk. |
|
|
|
|
2017-08-21 18:28:59 |
Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method (lien direct) |
Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week. |
|
|
|
|
2017-08-21 15:13:36 |
Meeting and Hotel Booking Provider\'s Data Found in Public Amazon S3 Bucket (lien direct) |
Personal and business data belonging to Boston area meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has since been locked down. |
|
|
★★★★
|
|
2017-08-18 17:55:09 |
Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket (lien direct) |
Voter registration data belonging to the entirety of Chicago's electoral roll-1.8 million records-was found a week ago in an Amazon Web Services bucket. |
|
|
|
|
2017-08-18 16:00:46 |
It\'s Not Exactly Open Season on the iOS Secure Enclave (lien direct) |
Despite yesterday's leak of the Apple iOS Secure Enclave decryption key, experts are urging calm over claims of an immediate threat to user data. |
|
|
|
|
2017-08-18 13:30:15 |
Threatpost News Wrap, August 18, 2017 (lien direct) |
Mike Mimoso and Tom Spring discuss this week's security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe's decision to end-of-life Flash Player. |
|
|
|
|
2017-08-18 00:32:28 |
Hacker Publishes iOS Secure Enclave Firmware Decryption Key (lien direct) |
A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor. |
|
|
★★★★
|
|
2017-08-17 19:55:54 |
Cisco Patches Privilege Escalation Bugs in APIC (lien direct) |
Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine. |
|
|
★★★
|
|
2017-08-17 19:50:33 |
Drupal Patches Critical Access Bypass in Core Engine (lien direct) |
A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.
|
|
|
★★★★
|
|
2017-08-17 17:48:13 |
Rowhammer Attacks Come to MLC NAND Flash Memory (lien direct) |
IBM researchers have demonstrated a filesystem-level version of the Rowhammer attack against MLC NAND flash memory. |
|
|
★★★★★
|
|
2017-08-16 21:41:11 |
Locky Ransomware Variant Slips Past Some Defenses (lien direct) |
Ransomware called IKARUSdilapidated is managing to slip into unsuspecting organizations as an unknown file.
|
|
|
|
|
2017-08-16 17:59:55 |
Flash\'s Final Countdown Has Begun (lien direct) |
The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base. |
|
|
|
|
2017-08-16 17:33:36 |
Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack (lien direct) |
A.P. Moller -Maersk said June's NotPetya wiper malware attacks would cost the world's largest shipping container company $300M USD in lost revenue. |
|
NotPetya
|
|
|
2017-08-16 15:14:31 |
Google Removes Chrome Extension Used in Banking Fraud (lien direct) |
Google has removed the Interface Online Chrome extension from the Chrome Web Store. The plugin was used by criminals in Brazil to target corporate users with the aim of stealing banking credentials. |
|
|
|
|
2017-08-15 18:58:49 |
Seven More Chrome Extensions Compromised (lien direct) |
The list of compromised Chrome extensions that hijack traffic and substitute advertisements on victims' browsers grows. |
|
|
|
|
2017-08-15 18:00:45 |
Attackers Backdoor Another Software Update Mechanism (lien direct) |
Researchers at Kaspersky Lab said today that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.
|
|
|
|
|
2017-08-15 14:36:31 |
Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan (lien direct) |
Researchers at My Online Security and the SANS Internet Storm Center have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware. |
|
|
|
|
2017-08-14 21:37:39 |
Blizzard Entertainment Hit With Weekend DDoS Attack (lien direct) |
Blizzard Entertainment was hit with a crippling DDoS attack over the weekend that followed similar attacks last week that knocked gamers offline. |
|
|
|
|
2017-08-14 19:22:49 |
Windows Search Bug Worth Watching, and Squashing (lien direct) |
Patches are available-and should be applied-that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren't so ready to do that. |
|
Wannacry
|
|
|
2017-08-14 18:28:14 |
Smart Locks Bricked by Bad Update (lien direct) |
LockState's CEO says he is “deeply sorry†about an erroneous wireless update that bricked hundreds of smart locks. |
|
|
|