Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-09 21:14:15 |
Senator calls on FTC to create guidelines for video teleconferencing software (lien direct) |
Senator says online conferencing software needs to be regulated and follow basic privacy and security rules. |
|
|
|
|
2020-04-09 17:56:11 |
(Déjà vu) US Senate, German government tell employees not to use Zoom (lien direct) |
The two organizations now join a list that also includes the Taiwanese government, the Australian government, SpaceX, Google, and New York state area schools. |
|
|
|
|
2020-04-09 17:56:00 |
US Senate, German government tell staff not to use Zoom (lien direct) |
The two organizations now join a list that also includes the Taiwanese government, the Australian government, SpaceX, Google, and New York state area schools. |
|
|
|
|
2020-04-09 13:00:04 |
Bugcrowd vulnerability bounty platform snags $30 million in fresh funding round (lien direct) |
The Series D round capitalizes on enterprise booking growth of 100%. |
Vulnerability
|
|
|
|
2020-04-09 12:55:04 |
(Déjà vu) Fleeceware apps discovered on the iOS App Store (lien direct) |
More than 3.5 million iOS users installed 'fleeceware' apps from the Apple App Store. |
|
|
|
|
2020-04-09 11:21:00 |
Bisq Bitcoin exchange slams on the brakes after exploit of critical security flaw, crypto theft (lien direct) |
Over $250,000 in cryptocurrency has been stolen from users. |
|
|
|
|
2020-04-09 07:46:32 |
Cloudflare dumps reCAPTCHA as Google intends to charge for its use (lien direct) |
Cloudflare says its moving to hCaptcha, an alternative CAPTCHA service, more private than reCAPTCHA. |
|
|
|
|
2020-04-09 05:12:46 |
Zoom removes meeting IDs from app title bar to improve privacy (lien direct) |
Zoom app won't show meeting ID in the title bar going forward to avoid accidental leaks and Zoom-bombing disruptions. |
|
|
|
|
2020-04-08 18:31:37 |
Microsoft: Under 2% of all daily malspam uses COVID-19 lures (lien direct) |
Malicious email campaigns have not increased due to COVID-19. Attackers merely changed lures. |
|
|
|
|
2020-04-08 13:33:03 |
Former Facebook CSO Alex Stamos to join Zoom as outside security consultant (lien direct) |
Zoom also announces the creation of a CISO Council and Advisory Board to help its CEO through the current security and user privacy-related issues. |
|
|
|
|
2020-04-08 13:00:07 |
Can fingerprint authentication on smartphones be fooled with 3D printing? Researchers find out (lien direct) |
Extensive tests of optical, capacitance, and ultrasonic sensors have revealed interesting bypass rates. |
|
|
|
|
2020-04-08 11:42:36 |
This is why the vicious xHelper malware resists factory wipes and reboots (lien direct) |
The malware is a prime example of why you should not download apps from third-party sources. |
Malware
|
|
|
|
2020-04-08 08:00:04 |
Dark_nexus botnet outstrips other malware with new, potent features (lien direct) |
Researchers have found a botnet that borrows from Qbot and Mirai but goes much further in terms of power. |
Malware
|
|
|
|
2020-04-08 07:57:00 |
Tails, the security-focused OS, adds support for Secure Boot (lien direct) |
Tails, an OS recommended by Edward Snowden, is now capable of booting on systems where UEFI Secure Boot is enabled. |
|
|
|
|
2020-04-08 04:58:00 |
Microsoft to add DANE and DNSSEC support to Exchange Online servers (lien direct) |
Support for both protocols to roll out in two phases, with the last completing by the end of 2021. |
|
|
|
|
2020-04-07 19:38:25 |
Chrome 81 released with initial support for the Web NFC standard (lien direct) |
Chrome 81 was initially scheduled for release on March 17, but delayed to today due to the COVID-19 outbreak. |
|
|
|
|
2020-04-07 18:16:00 |
Google backs Apple\'s SMS OTP standard proposal (lien direct) |
Apple's proposal to standardize the format of SMS OTPs (one-time passcodes) moves to the WICG. |
|
|
|
|
2020-04-07 09:16:35 |
Europol arrests man for coronavirus business email scam peddling masks, sanitizer (lien direct) |
European police continue to fight criminal activity linked to the spread of COVID-19. |
|
|
|
|
2020-04-07 07:43:00 |
Microsoft announces IPE, a new code integrity feature for Linux (lien direct) |
Microsoft says IPE (Integrity Policy Enforcement) was designed for immutable and embedded systems (e.g. network firewall device in a data center). |
|
|
|
|
2020-04-07 04:28:02 |
Email provider got hacked, data of 600,000 users now sold on the dark web (lien direct) |
Italian email provider Email.it confirms security breach. |
|
|
|
|
2020-04-06 09:47:12 |
UK government slams \'crackpot\' 5G-coronavirus theories following mast arson attacks (lien direct) |
Suspected arson attacks have been connected to theories spreading online of 5G as a cause of coronavirus. |
|
|
|
|
2020-04-06 08:21:56 |
DarkHotel hackers use VPN zero-day to breach Chinese government agencies (lien direct) |
Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad. |
|
|
|
|
2020-04-05 21:53:00 |
Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others (lien direct) |
Rostelecom involved in two BGP hijacking incidents this week impacting more than 200 CDNs and cloud providers. |
|
|
|
|
2020-04-05 03:15:52 |
Docker servers targeted by new Kinsing malware campaign (lien direct) |
Hackers breach Docker clusters via administrative API ports left exposed online without a password. |
Malware
|
|
|
|
2020-04-04 05:23:38 |
12k+ Android apps contain master passwords, secret access keys, secret commands (lien direct) |
Comprehensive academic study finds hidden backdoor-like behavior in 6,800 Play Store apps, 1,000 apps from third-party app stores, and almost 4,800 apps pre-installed on user devices. |
|
|
|
|
2020-04-04 03:18:52 |
DOJ says Zoom-bombing is a crime (lien direct) |
DOJ officials say Zoom-bombing raids could lead to arrests, fines, and even prison sentences. |
Guideline
|
|
|
|
2020-04-03 22:33:00 |
Google rolls back Chrome privacy feature due to COVID-19 (lien direct) |
Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak. |
|
|
|
|
2020-04-03 21:26:18 |
Firefox gets fixes for two zero-days exploited in the wild (lien direct) |
Mozilla releases Firefox 74.0.1 to patch two bugs exploited by hackers. |
|
|
|
|
2020-04-03 13:19:40 |
Web skimming attacks not expected to intensify during COVID-19 quarantines (lien direct) |
Contrary to popular belief. |
|
|
|
|
2020-04-03 13:19:00 |
Web skimming attacks did not see a big spike during COVID-19 quarantines (lien direct) |
However, experts expect to see an increase in web skimming attacks going forward. |
|
|
|
|
2020-04-03 11:14:01 |
Researchers propose method to track coronavirus through smartphones while protecting privacy (lien direct) |
The concept itself is quite simple but could be invaluable in shielding the general public from privacy violations. |
|
|
|
|
2020-04-03 04:49:06 |
A hacker has wiped, defaced more than 15,000 Elasticsearch servers (lien direct) |
Hacker tries to pin the blame on Night Lion Securty, a US cyber-security firm. |
|
|
|
|
2020-04-03 01:04:00 |
Hacking forum gets hacked for the second time in a year (lien direct) |
Forum where hackers sold and bought hacked accounts gets hacked itself. |
|
|
|
|
2020-04-02 19:01:23 |
(Déjà vu) Twitter discloses bug that accidentally cached DMs in Firefox for 7 days (lien direct) |
Some private Twitter data was cached inside Firefox browsers even after users logged off. |
|
|
|
|
2020-04-02 19:01:00 |
Twitter discloses Firefox bug that cached private files sent or received via DMs (lien direct) |
Private files sent via DMs were cached inside Firefox browsers for as long as a week, even after users logged off. |
|
|
|
|
2020-04-02 12:17:09 |
Cloudflare debuts 1.1.1.1 for Families, comes under fire for blocking LGBTQIA+ sites (lien direct) |
The company immediately apologized, branding the blocks as a “mistake.” |
|
|
|
|
2020-04-02 08:06:32 |
The internet is now rife with places where you can organize Zoom-bombing raids (lien direct) |
Zoom-raiding parties are everywhere now - Discord, Reddit, Twitter, hacking forums. |
|
|
|
|
2020-04-02 02:32:22 |
There\'s now COVID-19 malware that will wipe your PC and rewrite your MBR (lien direct) |
Security researchers have discovered coronavirus-themed malware created to destroy users' computers. |
Malware
|
|
|
|
2020-04-01 20:55:00 |
Microsoft is working on mitigating an entire Windows bug class (lien direct) |
Researcher set out to find 15 new Windows bugs last year. He found 25, and Microsoft already patched 11. |
|
|
|
|
2020-04-01 13:28:30 |
LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique (lien direct) |
The old tactic is proving fruitful in a new campaign. |
Malware
|
|
|
|
2020-04-01 13:00:06 |
A crypto-mining botnet has been hijacking MSSQL servers for almost two years (lien direct) |
Vollgar botnet launches brute-force attacks against MSSQL databases to take over servers and install Monero and Vollar cryptocurrency miners. |
|
|
|
|
2020-03-31 19:54:39 |
FCC tells US telcos to implement caller ID authentication by June 30, 2021 (lien direct) |
FCC says all US telcos must use the new SHAKEN/STIR protocol to support caller ID authentication by June, next year. |
|
|
|
|
2020-03-31 18:09:16 |
Marriott discloses new data breach impacting 5.2 million hotel guests (lien direct) |
Marriott says a hacker gained access to the accounts of two employees. |
Data Breach
|
|
|
|
2020-03-31 06:14:17 |
FBI re-sends alert about supply chain attacks for the third time in three months (lien direct) |
The FBI says some attacks have also targeted the healthcare industry, currently grappling with the coronavirus outbreak. |
|
|
|
|
2020-03-31 04:36:37 |
Houseparty app offers $1m reward to unmask entity behind hacking smear campaign (lien direct) |
App maker denies getting hacked after multiple reports in British media. |
|
|
|
|
2020-03-30 16:42:00 |
Hacker hijacks YouTube accounts to broadcast Bill Gates-themed crypto Ponzi scam (lien direct) |
UPDATE: Microsoft says none of its verified accounts were hacked. YouTube has also intervened to take down the scam's live streams. |
|
|
|
|
2020-03-30 16:42:00 |
Hacker hijacks Microsoft YouTube accounts to broadcast crypto Ponzi scam (lien direct) |
Several of Microsoft's YouTube accounts appear to have been hacked. |
|
|
|
|
2020-03-30 09:57:18 |
Zeus Sphinx malware resurrects to abuse COVID-19 fears (lien direct) |
Operators are exploiting the pandemic in the quest to steal your financial information. |
Malware
|
|
|
|
2020-03-30 03:57:17 |
RDP and VPN use skyrocketed since coronavirus onset (lien direct) |
RDP use is up by 41%, enterprise VPN use is up by 33%. |
|
|
|
|
2020-03-30 02:07:33 |
(Déjà vu) Voter records for the entire country of Georgia published online (lien direct) |
A file containing voter information for 4,934,863 Georgians has been published on a hacker forum over the weekend. |
|
|
|