Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-05-26 10:38:01 |
EasyJet faces £18 billion class-action lawsuit over data breach (lien direct) |
The lawsuit aims to secure up to £2,000 per impacted customer. |
Data Breach
|
|
|
|
2020-05-26 09:30:05 |
Turla hacker group steals antivirus logs to see if its malware was detected (lien direct) |
Turla, one of Russia's most advanced hacker groups, has created malware that gets its orders from email attachments sent to an arbitrary Gmail inbox. |
Malware
|
|
|
|
2020-05-25 21:28:05 |
RangeAmp attacks can take down websites and CDN servers (lien direct) |
Twelve of thirteen CDN providers said they fixed or planned to fix the problem. |
|
|
|
|
2020-05-25 14:33:16 |
Thousands of enterprise systems infected by new Blue Mockingbird malware gang (lien direct) |
Hackers are exploiting a dangerous and hard to patch vulnerability to go after enterprise servers. |
Malware
Vulnerability
|
|
|
|
2020-05-24 10:52:55 |
New Unc0ver jailbreak released, works on all recent iOS versions (lien direct) |
New "Unc0ver" jailbreak unlocks devices, even those running the current iOS 13.5 release. |
|
|
|
|
2020-05-23 06:00:05 |
Chrome: 70% of all security bugs are memory safety issues (lien direct) |
Google software engineers are looking into ways of eliminating memory management-related bugs from Chrome. |
|
|
|
|
2020-05-22 16:45:00 |
25 million user records leak online from popular math app Mathway (lien direct) |
The Mathway user data has been previously on sale on the dark web, hacker forums, and Telegram channels for the past two weeks. |
|
|
|
|
2020-05-22 14:50:38 |
Windows malware opens RDP ports on PCs for future remote access (lien direct) |
Security experts believe the malware's operators are very likely to sell access to infected hosts to other hacker groups. |
Malware
|
|
|
|
2020-05-22 12:21:19 |
Privilege escalation vulnerability patched in Docker Desktop for Windows (lien direct) |
The security flaw could be used to trick the service into connecting to malicious processes. |
Vulnerability
|
|
|
|
2020-05-22 11:05:47 |
Silent Night Zeus financial botnet sold in underground forums (lien direct) |
The botnet is being spread through the RIG exploit kit and COVID-19 spam campaigns. |
Spam
|
|
|
|
2020-05-22 00:49:27 |
Ransomware deploys virtual machines to hide itself from antivirus software (lien direct) |
The operators of the RagnarLocker ransomware are running Oracle VirtualBox to hide their presence on infected computers inside a Windows XP virtual machine. |
Ransomware
|
|
|
|
2020-05-21 21:22:00 |
New \'Spectra\' attack breaks the separation between Wi-Fi and Bluetooth (lien direct) |
Technical details to be presented in August at the Black Hat 2020 security conference. |
|
|
|
|
2020-05-21 18:40:00 |
RSA Conference moves 2021 event from February to May (lien direct) |
RSA plays it safe for 2021 after ignoring COVID-19 warnings earlier this year and getting at least two attendees infected. |
|
|
|
|
2020-05-21 17:03:00 |
Hackers tried (and failed) to install ransomware using a zero-day in Sophos firewalls (lien direct) |
Sophos acted quickly to put out a patch that stopped the hackers' attempts to deploy ransomware on enterprise networks protected by Sophos firewall devices. |
Ransomware
|
|
|
|
2020-05-21 11:38:02 |
Thousands of Israeli sites defaced with code seeking permission to access users\' webcams (lien direct) |
The hacks have been linked back to a local Israeli WordPress hosting provider. |
|
|
|
|
2020-05-21 11:21:41 |
Japan investigates potential leak of prototype missile data in Mitsubishi hack (lien direct) |
The country is analyzing how such a leak could impact national security. |
Hack
|
|
|
|
2020-05-21 09:30:04 |
Video game developers under siege by cyberattacks seeking to plunder in-game cash (lien direct) |
The Winnti Group is targeting gaming vendors once more with a new backdoor. |
|
|
|
|
2020-05-21 03:57:35 |
BlockFi discloses failed hack attempt after SIM swapping incident (lien direct) |
BlockFi says a hacker SIM swapped an employee to gain access to its platform, but the hacker failed in their attempt to steal BlockFi customer funds. |
Hack
|
|
|
|
2020-05-20 23:07:17 |
Hacker selling 40 million user records from popular Wishbone app (lien direct) |
Seller claims the data was obtained following a hack that took place earlier this year. |
Hack
|
|
★★★
|
|
2020-05-20 17:11:43 |
Bank of America blames PPP applications leak on faulty SBA test server (lien direct) |
BofA says SBA test platform allowed others to view details for its customers' PPP loan applications. |
|
|
|
|
2020-05-20 14:06:00 |
Signal to move away from using phone numbers as user IDs (lien direct) |
Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers. |
|
|
|
|
2020-05-20 11:00:10 |
\'Flight risk\' employees involved in 60% of insider cybersecurity incidents (lien direct) |
The majority of staff planning their exit also take sensitive information with them, research suggests. |
|
|
|
|
2020-05-20 10:08:43 |
Adobe issues out-of-band patch to fix remote code execution flaw in animation software (lien direct) |
Information leaks have also been patched up in Premiere Rush, Audition, and Premiere Pro. |
|
|
|
|
2020-05-19 21:23:00 |
NXNSAttack technique can be abused for large-scale DDoS attacks (lien direct) |
New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor. |
Vulnerability
|
|
|
|
2020-05-19 17:36:08 |
Hacker arrested in Ukraine for selling billions of stolen credentials (lien direct) |
Hacker "Sanix" has been selling billions of hacked user credentials on hacker forums and Telegram channels. |
|
|
|
|
2020-05-19 17:00:06 |
WolfRAT targets WhatsApp, Facebook Messenger app users on Android devices (lien direct) |
The new malware is unstable and appears to be a slapdash effort based on leaked DenDroid code. |
Malware
|
|
|
|
2020-05-19 16:05:51 |
Chrome 83 released with enhanced privacy controls, tab groups feature (lien direct) |
Chrome 83 is one of the feature-rich Chrome releases in recent years. |
|
|
|
|
2020-05-19 12:00:37 |
Hundreds of thousands of QNAP devices vulnerable to remote takeover attacks (lien direct) |
A firmware patch has been released last year, in November. |
|
|
|
|
2020-05-19 10:15:08 |
France defends \'centralized\' coronavirus tracing app, insists privacy held sacred (lien direct) |
The country says StopCovid could be valuable in preventing a second COVID-19 wave. |
|
|
|
|
2020-05-19 04:20:06 |
FBI warns about attacks on Magento online stores via old plugin vulnerability (lien direct) |
FBI says hackers have been planting card skimmers on online stores by exploiting a 2017 bug in the MAGMI plugin. |
Vulnerability
|
|
★★
|
|
2020-05-19 03:01:00 |
Supreme Court rejects lawsuit claiming Facebook provided terrorist forum support (lien direct) |
The case accused Facebook of being materially responsible for user-generated terrorist content. |
|
|
|
|
2020-05-18 22:07:00 |
Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack (lien direct) |
New BIAS attack works agaisnt Bluetooth devices and firmware from Apple, Broadcom, Cypress, Intel, Samsung, and others. |
|
|
|
|
2020-05-18 18:59:32 |
FBI criticizes Apple for not helping crack Pensacola shooter\'s iPhones (lien direct) |
Apple said back in January that it helped within hours and handed over to the FBI gigabytes of information. |
|
|
|
|
2020-05-18 14:32:46 |
Mercedes-Benz onboard logic unit (OLU) source code leaks online (lien direct) |
Daimler allowed anyone to register on one of its on-premise GitLab servers. |
|
|
|
|
2020-05-18 10:40:48 |
Face masks prompt London police to consider pause in rollout of facial recognition cameras (lien direct) |
The controversial scheme may be halted due to the widespread adoption of face coverings. |
|
|
|
|
2020-05-18 10:08:28 |
FBI: ProLock ransomware gains access to victim networks via Qakbot infections (lien direct) |
The FBI also warns that the ProLock decryptor doesn't always work correctly, even after victims pay the ransom. |
Ransomware
|
|
|
|
2020-05-18 09:18:08 |
Illinois blames \'glitch\' for exposure of PUA applicant Social Security numbers, private data (lien direct) |
Sensitive unemployment benefit claimant information was made public on an online portal. |
|
|
|
|
2020-05-16 19:42:12 |
Supercomputers hacked across Europe to mine cryptocurrency (lien direct) |
Confirmed infections have been reported in the UK, Germany, and Switzerland. Another suspected infection was reported in Spain. |
|
|
|
|
2020-05-15 19:13:25 |
Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump (lien direct) |
The REvil ransomware gang published last night 2.4 GB of Lady Gaga's legal documents. |
Ransomware
|
|
|
|
2020-05-15 13:22:00 |
Hackers preparing to launch ransomware attacks against hospitals arrested in Romania (lien direct) |
Hackers were planning to use COVID-19-themed emails to infect Romanian hospitals with ransomware and disrupt operations. |
Ransomware
|
|
|
|
2020-05-15 09:25:59 |
Hackers target the air-gapped networks of the Taiwanese and Philippine military (lien direct) |
Third state-sponsored malware strain disclosed this week that can jump the air gap and reach isolated networks. |
Malware
|
|
|
|
2020-05-15 09:19:31 |
Mikroceen RAT backdoors Asian government networks in new attack wave (lien direct) |
The backdoor paved the way for the deployment of other malware including Gh0st RAT. |
Malware
|
|
|
|
2020-05-15 08:10:16 |
This new, unusual Trojan promises victims COVID-19 tax relief (lien direct) |
QNodeService's codebase may have helped it avoid detection by traditional antivirus solutions. |
|
|
|
|
2020-05-14 22:12:23 |
UK electricity middleman hit by cyber-attack (lien direct) |
Elexon said the incident only impacted its internal IT network, employee laptops, and company email server. |
|
|
|
|
2020-05-14 20:17:18 |
Google to block ads that use too many system resources starting August 2020 (lien direct) |
New "Heavy Ad Intervention" will save battery life and network bandwidth usage on mobile data plans. |
|
|
|
|
2020-05-14 18:04:21 |
(Déjà vu) Russian hacker group use HTTP status codes to control malware implants (lien direct) |
New Turla cyber-espionage operation targets diplomatic entities in Europe with new COMpfun malware. |
Malware
|
|
|
|
2020-05-14 18:04:00 |
Russian hacker group using HTTP status codes to control malware implants (lien direct) |
New Turla cyber-espionage operation targets diplomatic entities in Europe with new COMpfun malware. |
Malware
|
|
|
|
2020-05-14 11:59:40 |
COVID-19 blamed for 238% surge in cyberattacks against banks (lien direct) |
Disarray caused by the pandemic has become a breeding ground for financially-motivated attacks. |
|
|
|
|
2020-05-14 11:52:02 |
A cybercrime store is selling access to more than 43,000 hacked servers (lien direct) |
The MagBo portal provides access hacked servers, with some belonging to local and state government, hospitals, and financial organizations. |
|
|
|
|
2020-05-13 22:35:00 |
(Déjà vu) Microsoft adds initial support for DNS-over-HTTPS (DoH) in Windows Insiders (lien direct) |
DoH support now available in current Windows 10 Insiders Fast Ring distributions. |
|
|
|