Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-06-26 10:08:26 |
More than 75% of all vulnerabilities reside in indirect dependencies (lien direct) |
JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies. |
|
|
|
|
2020-06-26 09:36:39 |
Nvidia squashes display driver code execution, information leak bugs (lien direct) |
The vulnerabilities impact both Windows and Linux machines. |
|
|
|
|
2020-06-26 00:17:00 |
DDoS botnet coder gets 13 months in prison (lien direct) |
Kenneth Schuchman, known as Nexus Zeta, created multiple DDoS botnets, including Satori, Okiru, Masuta, and Fbot/Tsunami. |
|
Satori
|
|
|
2020-06-25 19:18:00 |
Apple adds support for encrypted DNS (DoH and DoT) (lien direct) |
Apple said this week that iOS 14 and macOS 11 will support the DNS-over-HTTPS and DNS-over-TLS protocols. |
|
|
|
|
2020-06-25 17:30:01 |
Chinese bank forced western companies to install malware-laced tax software (lien direct) |
GoldenSpy backdoor trojan found in a Chinese bank's official tax software, which the bank has been forcing western companies to install. |
|
|
|
|
2020-06-25 08:31:00 |
Lucifer: Devilish malware that abuses critical vulnerabilities on Windows machines (lien direct) |
Researchers say the powerful malware has been “wreaking havoc” on Windows hosts. |
Malware
|
|
|
|
2020-06-25 07:36:32 |
FBI warns K12 schools of ransomware attacks via RDP (lien direct) |
The FBI has issued a security alert warning K12 schools of the "ransomware threat" during the COVID-19 pandemic. |
Ransomware
|
|
|
|
2020-06-24 23:47:32 |
WikiLeaks founder charged with conspiring with Anonymous and LulzSec hackers (lien direct) |
US Department of Justice claims Assange tried to recruit hackers to commit crimes on his behalf. One of the hackers was an FBI informant, said the FBI. |
|
|
|
|
2020-06-24 19:33:00 |
Zoom hires Jason Lee from Salesforce to serve as new CISO (lien direct) |
Lee to become Zoom's new CISO starting June 29, next week. |
|
|
|
|
2020-06-24 18:45:35 |
(Déjà vu) Sony launches PlayStation bug bounty program with rewards of up to $50,000 (lien direct) |
Sony will pay security researchers for bugs in the PlayStation 4 gaming console, its operating system, official PS4 accessories, but also the PlayStation Network and related websites. |
|
|
|
|
2020-06-24 18:45:00 |
Sony launches PlayStation bug bounty program with rewards of $50K+ (lien direct) |
Sony will pay security researchers for bugs in the PlayStation 4 gaming console, its operating system, official PS4 accessories, but also the PlayStation Network and related websites. |
|
|
|
|
2020-06-24 13:39:51 |
CryptoCore hacker group has stolen more than $200m from cryptocurrency exchanges (lien direct) |
The hacker group is believed to operate out of Eastern Europe, based on current evidence. |
|
|
|
|
2020-06-24 10:25:00 |
New Zealand freezes $90 million in BTC-e money laundering case (lien direct) |
The ongoing case claims the owner of BTC-e permitted the platform to be used for money laundering. |
|
|
|
|
2020-06-24 09:10:00 |
New ransomware masquerades as COVID-19 contact-tracing app on your Android device (lien direct) |
The malware surfaced just days after health officials in Canada announced the launch of a tracing app in the fight against COVID-19. |
Ransomware
Malware
|
|
|
|
2020-06-23 23:13:42 |
Twitter bans DDoSecrets account over \'BlueLeaks\' police data dump (lien direct) |
Twitter said DDoSecrets account leaked and promoted BlueLeaks, a huge collection of files stolen from more than 200 US police departments and fusion training centers. |
|
|
|
|
2020-06-23 17:13:00 |
Microsoft releases first public preview of its Defender antivirus on Android (lien direct) |
UPDATE: Microsoft Defender ATP for Linux has also exited public preview and is now generally available for all users. |
|
|
|
|
2020-06-23 12:00:00 |
New WastedLocker ransomware demands payments of millions of USD (lien direct) |
Evil Corp, one of the biggest malware operations on the planet, has returned to life after the December 2019 DOJ charges with a new ransomware strain. |
Ransomware
Malware
|
|
|
|
2020-06-23 08:47:00 |
80,000 printers are exposing their IPP port online (lien direct) |
Printers are leaking device names, locations, models, firmware versions, organization names, and even WiFi SSIDs. |
|
|
|
|
2020-06-23 06:34:00 |
Microsoft\'s \'Safe Documents\' feature reaches general availability in Office 365 (lien direct) |
New Safe Documents feature available for all Office 365 E5 license holders. |
|
|
|
|
2020-06-22 18:40:00 |
New privacy and security features announced at Apple\'s WWDC 2020 (lien direct) |
Proxy location sharing, new app privacy disclosure prompts, new webcam and microphone indicator in the iOS status bar. |
|
|
|
|
2020-06-22 08:54:00 |
BlueLeaks: Data from 200 US police departments & fusion centers published online (lien direct) |
Activist group DDoSecrets published 296 GB of police data on Friday, June 19. |
|
|
|
|
2020-06-20 09:10:04 |
Adobe wants users to uninstall Flash Player by the end of the year (lien direct) |
Adobe Flash Player will reach End-Of-Life on December 31, 2020. |
|
|
|
|
2020-06-20 06:00:05 |
AMD says it will fix new CPU bugs by the end of June 2020 (lien direct) |
AMD Accelerated Processing Unit (APU) processors released between 2016 and 2019 impacted by new "SMM Callout" bugs. |
|
|
|
|
2020-06-19 17:31:15 |
Academics studied DDoS takedowns and said they\'re ineffective, recommend patching vulnerable servers (lien direct) |
The volume of DDoS traffic to victims remained the same. The number of DDoS-for-hire domains went up. |
Patching
|
|
|
|
2020-06-19 13:46:00 |
Elon Musk Bitcoin vanity addresses used to scam users out of $2 million (lien direct) |
While Bitcoin giveaway scams have been around for more than two years, new trick helps scammers net massive profits. |
|
|
|
|
2020-06-18 21:29:00 |
Mozilla to launch VPN product \'in the next few weeks\' (lien direct) |
Mozilla VPN to exit beta this summer. Future plans include launching a Mac client. Currently only available on Windows, Android, iOS, and Firefox extension. |
|
|
|
|
2020-06-18 18:55:46 |
Facebook sues websites that sold Instagram likes and scraped Facebook user data (lien direct) |
Facebook files lawsuits against MGP25 Cyberint Services in Spain and against Massroot8 in the US. |
|
|
|
|
2020-06-18 16:49:14 |
Russia unbans Telegram (lien direct) |
Russia's media watchdog Roskomnadzor said Telegram has agreed to help Russian law enforcement fight against extremist and terrorist content shared on its platform. |
|
|
|
|
2020-06-18 15:09:00 |
Google removes 106 Chrome extensions for collecting sensitive user data (lien direct) |
Security firm identifies 111 malicious Chrome extensions collecting user keystrokes, clipboard content, cookies, more. |
|
|
|
|
2020-06-18 07:10:28 |
Microsoft: COVID-19 malware attacks were barely a blip in total malware volume (lien direct) |
COVID-19-themed malware attacks began in February, peaked in March, and are slowly dying out. |
Malware
|
|
|
|
2020-06-17 17:33:00 |
Zoom backtracks and plans to offer end-to-end encryption to all users (lien direct) |
E2EE calls were initially planned for Zoom paying customers only, but the company has reconsidered following the public's outcry. |
|
|
|
|
2020-06-17 16:03:00 |
AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever (lien direct) |
The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, recorded in March 2018. |
|
|
|
|
2020-06-17 09:30:00 |
North Korea\'s state hackers caught engaging in BEC scams (lien direct) |
ESET researchers said they spotted North Korean state-sponsored hackers attempting to steal money from targets they initially breached for cyber-espionage purposes. |
|
|
|
|
2020-06-16 18:19:00 |
Super secretive Russian disinfo operation discovered dating back to 2014 (lien direct) |
Researchers uncover six-years-worth of Russian attempts to mold international politics using fake news and forged documents. |
|
|
|
|
2020-06-16 14:54:15 |
Avon recovering after mysterious cyber-security incident (lien direct) |
Parts of the Avon It network has been down since last week, according to SEC documents. |
|
|
|
|
2020-06-16 13:00:00 |
Ripple20 vulnerabilities will haunt the IoT landscape for years to come (lien direct) |
Security researchers disclose 19 vulnerabilities impacting a TCP/IP library found at the base of many IoT products. |
|
|
|
|
2020-06-15 23:22:07 |
Old GTP protocol vulnerabilities will also impact future 5G networks (lien direct) |
Bugs allow denial-of-service, user impersonation, user tracking, and fraud attacks, two separate reports warn. |
|
|
|
|
2020-06-15 14:40:00 |
South African bank to replace 12m cards after employees stole master key (lien direct) |
Postbank says employees printed its master key at one of its data centers and then used it to steal $3.2 million. |
|
|
|
|
2020-06-15 13:00:06 |
Intel brings novel CET technology to Tiger Lake mobile CPUs (lien direct) |
Intel says CET can protect against ROP/JOP/COP malware. |
|
|
|
|
2020-06-15 08:01:00 |
Web skimmers found on the websites of Intersport, Claire\'s, and Icing (lien direct) |
The malicious code has now been removed from all stores, but users are advised to review card statements for suspicious transactions. |
|
|
|
|
2020-06-13 17:45:06 |
Lamphone attack lets threat actors recover conversations from your light bulb (lien direct) |
Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. |
Threat
|
|
|
|
2020-06-12 14:36:52 |
Russia says Germany has not provided any evidence of Bundestag hack (lien direct) |
Germany may seek to impose sanctions on Russia, rather than actually trial the hacker. |
Hack
|
|
|
|
2020-06-12 12:07:18 |
Stalkerware detection rates are improving across antivirus products (lien direct) |
Between November 2019 and May 2020, Android and Windows antivirus software got better at detecting stalkerware. |
|
|
|
|
2020-06-12 08:52:00 |
Italian company exposed as a front for malware operations (lien direct) |
Italian company CloudEyE is believed to have made more than $500,000 from selling its binary crypter to malware gangs. |
Malware
|
|
|
|
2020-06-11 21:44:00 |
Twitter bans 32k accounts pushing Chinese, Russian, and Turkish propaganda (lien direct) |
All three networks targeted local users for the benefit of the ruling political party. |
|
|
|
|
2020-06-11 20:22:37 |
Knoxville shuts down IT network following ransomware attack (lien direct) |
Knoxville joins a list that also includes Atlanta, Baltimore, Denver, and New Orleans. |
Ransomware
|
|
|
|
2020-06-11 17:41:00 |
Congress wants to know what commercial spyware other countries are using (lien direct) |
Intelligence funding bill for 2021 to mandate DNI to submit report to Congress about surveillance vendors and the countries that use spyware. |
|
|
|
|
2020-06-11 10:35:58 |
Hackers breached A1 Telekom, Austria\'s largest ISP (lien direct) |
A1 needed more than six months to kick the hackers off its network. Whsitleblower claims the intruders were Chinese hackers. |
|
|
|
|
2020-06-11 07:55:00 |
Microsoft discovers cryptomining gang hijacking ML-focused Kubernetes clusters (lien direct) |
Attacks targeted Kubeflow servers that left their administration panel exposed on the internet. |
|
Uber
|
|
|
2020-06-10 22:45:00 |
(Déjà vu) Congress asks Juniper for the results of its 2015 NSA backdoor investigation (lien direct) |
Thirteen US government officials ask Juniper to publish the findings of its 2015 investigation. |
|
|
|