Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-02-08 02:25:01 |
Windows 7 bug prevents users from shutting down or rebooting computers (lien direct) |
Another major bug hits Windows 7 after the January 14 end-of-life (EOL) deadline. |
|
|
|
|
2020-02-08 00:55:35 |
Hackers deface Facebook\'s official Twitter and Instagram accounts (lien direct) |
After hitting the NFL and ESPN, OurMine returns to strike at Facebook properties. |
|
|
|
|
2020-02-07 20:01:23 |
Apple deprecating macOS kernel extensions (KEXTs) is a great win for security (lien direct) |
Apple kernel extension APIs to be deprecated in macOS 10.15.4. |
|
|
|
|
2020-02-07 15:38:18 |
As coronavirus challenges mount, WHO\'s reputation is being hijacked for data theft scams (lien direct) |
A potential pandemic, an “infodemic,” and scams are all challenges being faced by the WHO. |
|
|
|
|
2020-02-07 15:22:49 |
Ransomware installs Gigabyte driver to kill antivirus products (lien direct) |
RobbinHood ransomware deploys novel technique to make sure it can encrypt files without being interrupted. |
Ransomware
|
|
|
|
2020-02-07 11:47:22 |
UK government rolls out red carpet for infamous spyware vendor (lien direct) |
NSO Group will be touting its wares to visiting officials, including those potentially from oppressive regimes. |
|
|
|
|
2020-02-07 10:35:33 |
Device security firm Forescout snapped up by Advent in $1.9 billion deal (lien direct) |
The agreement represents a premium of roughly 30 percent on closing share prices. |
|
|
|
|
2020-02-07 02:39:00 |
US Attorney General says US and allies should invest in Huawei competitors (lien direct) |
US Attorney General Barr says the US and its allies should invest in Nokia and Ericsson. |
|
|
|
|
2020-02-07 01:25:41 |
Malaysia warns of Chinese hacking campaign targeting government projects (lien direct) |
MyCERT security alert points the finger at APT40, a Chinese state-sponsored hacking crew. |
Industrial
|
APT 40
|
|
|
2020-02-06 23:43:41 |
Google fixes no-user-interaction bug in Android\'s Bluetooth component (lien direct) |
Fixes are available via the Android Security Bulletin for February 2020. |
|
|
|
|
2020-02-06 20:15:34 |
Google to block some HTTP file downloads starting with Chrome 83 (lien direct) |
Google will block files from being downloaded via HTTP when the website domain shows HTTPS. |
|
|
|
|
2020-02-06 15:36:50 |
Wacom drawing tablets track every app you open (lien direct) |
But there's a way to disable it. |
|
|
|
|
2020-02-06 13:30:40 |
Dutch court rules AI benefits fraud detection system violates EU human rights (lien direct) |
SyRI was used to predict who may be at high risk of conducting housing or social security fraud. |
|
|
|
|
2020-02-06 11:21:20 |
Health Share of Oregon discloses data breach, theft of member PII (lien direct) |
A break-in and stolen laptop are at the heart of the security incident. |
|
|
|
|
2020-02-06 06:00:05 |
Academics steal data from air-gapped systems using screen brightness variations (lien direct) |
Israeli researchers use quick flickers in LCD screen brightness to encode and exfiltrate data. |
|
|
|
|
2020-02-05 19:42:00 |
Bug hunter finds cryptocurrency-mining botnet on DOD network (lien direct) |
Monero-mining botnet infects one of the DOD's Jenkins servers. |
|
|
|
|
2020-02-05 18:01:00 |
Chrome to block intrusive video ads starting August 5, 2020 (lien direct) |
Google to implement new quality standard for video ads for Chrome, but also YouTube. |
|
|
|
|
2020-02-05 16:00:00 |
CDPwn vulnerabilities impact tens of millions of enterprise devices (lien direct) |
CDPwn vulnerabilities can be used to escalate initial access and completely take over entire networks. |
|
|
|
|
2020-02-05 12:31:16 |
UK small businesses say cyberattack fears, not cash flow, keeps them awake at night (lien direct) |
The use of consumer rather than business-grade cybersecurity solutions is not helping matters. |
|
|
|
|
2020-02-05 10:39:00 |
Irish watchdog launches Google, Tinder GDPR data processing probe (lien direct) |
The companies' roles as data controllers are being examined in depth. |
|
|
|
|
2020-02-05 10:07:00 |
Microsoft says it detects 77,000 active web shells on a daily basis (lien direct) |
Microsoft detects and tracks a daily average of around 77,000 active web shells, spread across 46,000 infected servers. |
|
|
|
|
2020-02-05 06:00:09 |
Malware stew cooked up on Bitbucket, deployed in attacks worldwide (lien direct) |
Bitbucket is being abused and used as the host for cryptocurrency miners, ransomware, and Trojans deployed in a single attack chain. |
Malware
|
|
|
|
2020-02-05 00:04:00 |
Chrome 80 released with silent notification popups, support for same-site cookies (lien direct) |
Chrome 80 also comes with support for blocking heavy-loading online ads. |
|
|
|
|
2020-02-04 21:07:55 |
Researcher: Backdoor mechanism discovered in devices using HiSilicon chips (lien direct) |
Researcher said he did not notify HiSilicon due to a lack of trust in the hardware vendor to adequately fix the issue. |
|
|
|
|
2020-02-04 21:07:00 |
Researcher: Backdoor mechanism still active in many IoT products (lien direct) |
Researcher says a backdoor mechanism in devices running Xiongmai firmware is still active years after first being discovered. |
|
|
|
|
2020-02-04 17:14:21 |
Nintendo hacker pleads guilty (lien direct) |
Teen who hacked Nintendo twice and leaked data on the company's yet unreleased Switch console pleaded guilty last week. |
Guideline
|
|
|
|
2020-02-04 14:39:25 |
Teen takes down ISP with DDoS attacks to get info on one of its subscribers (lien direct) |
Ukrainian teen arrested last month for taking down a local ISP with DDoS attacks. |
|
|
|
|
2020-02-04 14:08:53 |
UK AI advisors call for online platforms to become accountable for user content targeting (lien direct) |
The advisory board says that online services should also allow researchers more scope to act on topics of public concern. |
|
|
|
|
2020-02-04 11:15:59 |
HPE acquires zero-trust networking, security firm Scytale (lien direct) |
The startup is made up of engineers from AWS, Google, Splunk, and other tech giants. |
|
|
|
|
2020-02-04 06:05:04 |
Tesla and other autopilot-driven cars tricked with 2D projections (lien direct) |
Car driving assistance systems and autopilots will need to be able to recognize 2D depthless objects going forward, similar to how facial recognition systems can distinguish between a real face and a photo. |
|
|
|
|
2020-02-03 23:10:25 |
Google cuts Chrome \'patch gap\' in half, from 33 to 15 days (lien direct) |
Future plans include cutting the patch gap further, which might mean that Google will have to release Chrome security fixes on a weekly basis. |
|
|
|
|
2020-02-03 21:21:00 |
Twitter says an attacker used its API to match usernames to phone numbers (lien direct) |
The attack took place on Christmas Eve and came from IP addresses from Iran, Israel, and Malaysia. |
|
|
|
|
2020-02-03 17:39:00 |
Only three of the Top 100 international airports pass basic security checks (lien direct) |
Tests involved scanning public websites, mobile apps, and exposures of sensitive airport data on public code repositories and the dark web. |
|
|
|
|
2020-02-03 12:44:12 |
Charges dropped against Coalfire security team who broke into courthouse during pen test (lien direct) |
Miscommunication led to arrests during a midnight physical security test. |
|
|
|
|
2020-02-03 11:32:40 |
ZeroHedge banned from Twitter over coronavirus bioweapon claims (lien direct) |
The financial news website came under fire for doxxing a Chinese scientist accused of being behind the virus. |
|
|
|
|
2020-02-03 09:40:00 |
Magecart group jumps from Olympic ticket website to new wave of e-commerce shops (lien direct) |
Skimmer references were spotted on domains serving customers worldwide. |
|
|
|
|
2020-02-02 18:48:00 |
Hackers are hijacking smart building access systems to launch DDoS attacks (lien direct) |
More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix. |
Vulnerability
|
|
|
|
2020-02-02 14:31:00 |
Raytheon engineer arrested for taking US missile defense data to China (lien direct) |
FBI arrests former Raytheon electric engineer for taking info about US missile defense systems to China and then lying about it. |
|
|
|
|
2020-02-01 07:50:08 |
Firefox now shows what telemetry data it\'s collecting about you (lien direct) |
Users can no go to about:telemetry and see what Mozilla is collecting about their Firefox installs. |
|
|
|
|
2020-01-31 18:41:35 |
Ransomware hits TV & radio news monitoring service TVEyes (lien direct) |
Newsrooms, political campaigns, and PR agencies panic as they lose access to one of their crucial media monitoring tools. |
Ransomware
|
|
|
|
2020-01-31 14:42:49 |
Three suspects arrested in Maltese bank cyber-heist (lien direct) |
Suspects used stolen funds to buy Rolex watches, along with a Jaguar and an Audi A5. |
|
|
|
|
2020-01-31 11:57:50 |
Japanese company NEC confirms 2016 security breach (lien direct) |
NEC needed seven months to discover the hack, did not disclose it publicly. |
|
|
|
|
2020-01-31 10:01:01 |
FBI launches investigation into Pegasus spyware vendor over US citizen hacks (lien direct) |
NSO Group denies any knowledge of a probe taking place. |
|
|
|
|
2020-01-31 08:59:00 |
Hacker snoops on art sale and walks away with $3.1m, victims fight each other in court (lien direct) |
Each impacted party is claiming the other is responsible for not detecting the scam. The ownership of a valuable painting is at stake. |
|
|
|
|
2020-01-30 21:44:29 |
Google open-sources the firmware needed to build hardware security keys (lien direct) |
Google open-sourced today OpenSK, a Rust-based project to aid hardware vendors build hardware security keys. |
|
|
|
|
2020-01-30 18:55:00 |
Microsoft launches Xbox bug bounty program with rewards of up to $20,000 (lien direct) |
Microsoft Security Response Center (MSRC) to start accepting vulnerabilities in Xbox gaming platform. |
|
|
|
|
2020-01-30 18:00:07 |
Iranian hackers target US government workers in new campaign (lien direct) |
New spear-phishing campaign targets government workers disguised as a well-known government survey service. |
|
|
|
|
2020-01-30 16:07:23 |
Apple wants to standardize the format of SMS OTPs (one-time passcodes) (lien direct) |
WebKit team proposal aims to improve the security of one-time passcodes sent to users via SMS. |
|
|
|
|
2020-01-30 12:16:33 |
Facebook agrees to pay $550 million to end facial recognition tech lawsuit (lien direct) |
The company says it is in the best interest of users and shareholders to pay up. |
|
|
|
|
2020-01-30 10:56:15 |
Avast winds down Jumpshot, cites user data sale privacy concerns (lien direct) |
Avast's CEO said the move is “absolutely the right thing to do.” |
|
|
|