Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-09 10:46:00 |
Threesome app exposes user data, locations from London to the White House (lien direct) |
'Special relationships' appear to also be blooming at Number 10, Downing Street. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-09 06:16:00 |
Microsoft names top security researchers, zero-day contributors (lien direct) |
Yuki Chen of Qihoo 360's Vulcan team named top bug hunter. Palo Alto Networks named top zero-day reporter. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 21:44:00 |
Apple expands bug bounty to macOS, raises bug rewards (lien direct) |
Apple also announces it will provide selected security researchers with access to special "hackable" phones. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 19:22:01 |
Windows malware strain records users on adult sites (lien direct) |
New Varenyky trojan records videos of users navigating adult sites. Currently targeting only French users. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 19:00:00 |
Decade-old remote code execution bug found in phones used by Fortune 500 (lien direct) |
The firmware vulnerability lurked undetected for ten years. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 15:17:03 |
WordPress team working on daring plan to forcibly update old websites (lien direct) |
WordPress team wants to forcibly auto-update older WordPress versions to newer releases. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 11:42:01 |
Trojan targets news website with watering hole attack to backdoor your PC (lien direct) |
Hackers are experimenting with ways to use legitimate websites to infect user systems. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 11:00:00 |
Spanish brothel chain leaves internal database exposed online (lien direct) |
"Men's club" exposes data about escort girls, customer reviews, and club finances. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 10:43:05 |
WhatsApp vulnerabilities \'put words in your mouth,\' lets hackers take over conversations (lien direct) |
The bugs could be used to dictate your responses in conversations. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 08:59:05 |
Instagram boots ad partner Hyp3r for mass collection of user data (lien direct) |
The startup has allegedly been scraping data for the purposes of user profiling. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-08 05:00:00 |
Three ads generate 5.5 times more revenue than a web-based cryptojacking script (lien direct) |
New academic research shows web-based cryptojacking nowhere near as efficient as ads at generating website revenues. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 20:17:05 |
State Farm says hackers confirmed valid usernames and passwords in credentials stuffing attack (lien direct) |
State Farm suffered a credential stuffing attack in July and is now notifying impacted customers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 11:40:00 |
New Windows malware can also brute-force WordPress websites (lien direct) |
Avast discovers strange new malware strain that besides stealing and mining cryptocurrency on infected hosts, it also launches brute-force attacks on WordPress sites. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 10:00:04 |
LokiBot malware now hides its source code in image files (lien direct) |
The sophisticated malware has been upgraded to hide its source code in seemingly innocent images. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 10:00:01 |
Smominru hijacks half a million PCs to mine cryptocurrency, steals access data for Dark Web sale (lien direct) |
Commodity cryptomining appears to be shifting to a data theft model. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 07:04:00 |
Twitter may have shared user data with ad partners without user consent (lien direct) |
Twitter said it shared some user data such as country and device type with some advertisers since May 2018. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-07 04:01:00 |
New \'warshipping\' technique gives hackers access to enterprise offices (lien direct) |
Delivery workers may inadvertently provide the bridge between hacker and victim. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-06 21:35:00 |
Facebook files lawsuit against two Android app developers for click fraud (lien direct) |
Facebook sues LionMobi and JediMobi, two Android app developers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-06 19:34:04 |
Security bugs in popular Cisco switch brand allow hackers to take over devices (lien direct) |
The three vulnerabilities are as bad as it gets in terms of security flaws -- an authentication bypass, a remote code execution, and a command injection. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-06 14:02:00 |
AT&T employees took bribes to plant malware on the company\'s network (lien direct) |
DOJ charges Pakistani man with bribing AT&T employees more than $1 million to install malware on the company's network, unlock more than 2 million devices. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-06 11:05:00 |
Unpatched KDE vulnerability disclosed on Twitter (lien direct) |
Just viewing --not running-- a malicious .desktop or .directory file inside a file browser can run malicious code on a user's system. |
Vulnerability
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-06 00:11:00 |
QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices (lien direct) |
Patches for the QualPwn vulnerabilities have been released earlier today by both Qualcomm and the Android team. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 22:47:02 |
(Déjà vu) FBI warns of new trend where cybercriminals recruit money mules via dating sites (lien direct) |
Instead of requesting money from victims, romance scammers are now tricking partners into relaying stolen funds. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 22:47:00 |
FBI warns of rising trend where cybercriminals recruit money mules via dating sites (lien direct) |
Instead of requesting money from victims, romance scammers are now tricking partners into relaying stolen funds. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 18:30:00 |
Microsoft: Russian state hackers are using IoT devices to breach enterprise networks (lien direct) |
Microsoft said it detected Strontium (APT28) targeting VoIP phones, printers, and video decoders. |
|
APT 28
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 16:06:05 |
Monzo admits to storing payment card PINs in internal logs (lien direct) |
Bug in Monzo mobile apps sent account PINs to internal logs. The logs were encrypted, Monzo said. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 16:05:00 |
Microsoft launches Azure Security Lab, expands bug bounty rewards (lien direct) |
Researchers can earn up to $40,000 for reporting Azure vulnerabilities. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 12:05:00 |
MegaCortex ransomware slams enterprise firms with $5.8 million blackmail demands (lien direct) |
New malware strains are hitting enterprise companies in Europe and the US. |
Ransomware
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 11:11:05 |
Google, Arm team up to tackle memory vulnerabilities through MTE (lien direct) |
It is hoped that adopting MTE might help track and detect memory security flaws. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 09:30:00 |
A cyber-espionage group has been stealing files from the Venezuelan military (lien direct) |
It is unclear if the Machete group is state-sponsored, or a freelancer selling data to the highest bidder. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 07:00:00 |
Cloudflare terminates service to 8chan after recent US shootings (lien direct) |
8chan has harbored a community of hate and three mass-shooters have now hosted manifestos on the platform. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-05 04:01:00 |
Cyberattacks against industrial targets have doubled over the last 6 months (lien direct) |
12,000 workstations on average will be damaged in cases of destructive malware. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-04 17:52:01 |
US military purchased $32.8m worth of electronics with known security risks (lien direct) |
List of vulnerable products purchased by the DoD includes Lexmark printers, GoPro cameras, and Lenovo computers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-03 09:08:00 |
GitHub sued for aiding hacking in Capital One breach (lien direct) |
Class-action lawsuit filed in California against Capital One... and GitHub??? |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-03 07:00:00 |
New Dragonblood vulnerabilities found in WiFi WPA3 standard (lien direct) |
Two new Dragonblood bugs allow attackers to recover passwords from WPA3 WiFi networks |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 18:33:00 |
GermanWiper ransomware hits Germany hard, destroys files, asks for ransom (lien direct) |
Users advised not to pay the ransom under any circumstances! |
Ransomware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 14:29:00 |
Google Project Zero: 95.8% of all bug reports are fixed before deadline expires (lien direct) |
Google Project Zero: Disclosing technical bug reports and PoCs help defenders more than attackers. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 10:42:04 |
DealPly adware abuses Microsoft, McAfee services to evade detection (lien direct) |
The malware leverages interesting techniques to avoid discovery by AVs. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 09:33:01 |
Suspected state-sponsored hacking group tried to break into US utilities (lien direct) |
Researchers say the phishing attempts were spotted in July. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 07:02:00 |
Poshmark clothing marketplace says hacker stole customer details (lien direct) |
Usernames, emails, and hashed passwords were among the stolen data, Poshmark said. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-02 04:40:00 |
New Windows malware sets up proxies on your PC to relay malicious traffic (lien direct) |
New SystemBC malware spotted in the wild helping other malware strains bypass firewalls, hide bad traffic. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 19:00:00 |
Breach alert in South Korea after 1m card details were put up for sale online (lien direct) |
Source of the card records remains a mystery. Could be a bank, a restaurant chain, a PoS provider. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 18:00:00 |
Voter records for 80% of Chile\'s population left exposed online (lien direct) |
Chile's Electoral Service confirms the data's authenticity, but denies it owns the leaky server. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 12:56:03 |
Development stops on PowerShell Empire framework after project reaches its goal (lien direct) |
Everybody knows that PowerShell can be used for malware now. No need for Empire to exist. |
Malware
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 11:45:03 |
New Mirai botnet lurks in the Tor network to stay under the radar (lien direct) |
The malware's command center is hidden to make takedowns a more complicated process. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 10:42:01 |
FTC: Too many people signed up for Equifax cash, so they\'ll be getting less than $125 (lien direct) |
FTC recommends that users switch some of their claims from cash payments to free credit monitoring services, as they provide a better value. |
|
Equifax
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-08-01 08:58:02 |
Fake iPhone, iPad smuggler lands behind bars (lien direct) |
Over 40,000 dodgy devices and accessories were smuggled into the United States. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-07-31 23:25:00 |
Cisco to pay $8.6 million for selling vulnerable software to US government (lien direct) |
Danish contractor gets $1.6 million of the final settlement for reporting Cisco to the US government. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-07-31 21:30:01 |
MICROCHIPS Act wants to secure US govt supply chain against Chinese sabotage (lien direct) |
New bill would create new government body tasked with reviewing equipment and technologies used by government agencies and US military. |
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-07-31 13:15:00 |
iPhone Bluetooth traffic leaks phone numbers -- in certain scenarios (lien direct) |
The Apple bug that might accidentally help catch people behind the recent AirDrop dick pic epidemic. |
|
|
|