Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-27 17:33:57 |
TurkeyBombing Puts New Twist on Zoom Abuse (lien direct) |
Threat actors already stole nearly 4,000 credentials before the holiday was even over, according to report. |
Threat
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-27 14:00:32 |
Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes (lien direct) |
While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-27 14:00:28 |
ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats (lien direct) |
Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-26 14:00:52 |
Federated Learning: A Therapeutic for what Ails Digital Health (lien direct) |
Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-26 14:00:32 |
Changing Employee Security Behavior Takes More Than Simple Awareness (lien direct) |
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-25 17:05:37 |
Major BEC Phishing Ring Cracked Open with 3 Arrests (lien direct) |
Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-25 16:55:48 |
Critical MobileIron RCE Flaw Under Active Attack (lien direct) |
Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-25 15:25:53 |
How to Update Your Remote Access Policy – And Why You Should Now (lien direct) |
Reducing the risks of remote work starts with updating the access policies of yesterday. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-25 14:40:09 |
Light-Based Attacks Expand in the Digital Home (lien direct) |
The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 21:02:58 |
Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram (lien direct) |
Events application Peatix this week disclosed a data breach, after user account information reportedly began circulating on Instagram and Telegram. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 20:04:19 |
\'Minecraft Mods\' Attack More Than 1 Million Android Devices (lien direct) |
Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 17:46:45 |
Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues (lien direct) |
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 17:36:36 |
Baidu Apps in Google Play Leak Sensitive Data (lien direct) |
Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 15:57:40 |
Blackrota Golang Backdoor Packs Heavy Obfuscation Punch (lien direct) |
Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-24 12:59:12 |
Tesla Hacked and Stolen Again Using Key Fob (lien direct) |
Belgian researchers demonstrate third attack on the car manufacturer's keyless entry system, this time to break into a Model X within minutes. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 21:46:22 |
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending (lien direct) |
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 21:08:46 |
GoDaddy Employees Tricked into Compromising Cryptocurrency Sites (lien direct) |
'Vishing' attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 20:38:19 |
TA416 APT Rebounds With New PlugX Malware Variant (lien direct) |
The TA416 APT has returned in spear phishing attacks against a range of victims - from the Vatican to diplomats in Africa - with a new Golang version of its PlugX malware loader. |
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 18:50:40 |
Spotify Users Hit with Rash of Account Takeovers (lien direct) |
Users of the music streaming service were targeted by attackers using credential-stuffing approaches. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 17:15:49 |
Manchester United: IT Systems Disrupted in Cyberattack (lien direct) |
The popular U.K. soccer club confirmed an attack but said personal fan data remains secure. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-23 16:46:37 |
Joe Biden Campaign Subdomain Down After Hacktivist Defacement (lien direct) |
A Turkish hacktivist defaced a subdomain of the president-elect's campaign website. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-20 20:56:10 |
Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns (lien direct) |
Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-20 20:18:13 |
VMware Fixes Critical Flaw in ESXi Hypervisor (lien direct) |
The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-20 20:17:13 |
Good Heavens! 10M Impacted in Pray.com Data Exposure (lien direct) |
The information exposed in a public cloud bucket included PII, church-donation information, photos and users' contact lists. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-20 17:23:33 |
New Grelos Skimmer Variants Siphon Credit Card Data (lien direct) |
Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-20 15:11:25 |
Facebook Messenger Bug Allows Spying on Android Users (lien direct) |
The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them. |
Vulnerability
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 22:03:23 |
Robot Vacuums Suck Up Sensitive Audio in \'LidarPhone\' Hack (lien direct) |
Researchers have unveiled an attack that allows attackers to eavesdrop on homeowners inside their homes, through the LiDAR sensors on their robot vacuums. |
Hack
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 21:34:25 |
German COVID-19 Contact-Tracing Vulnerability Allowed RCE (lien direct) |
Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. |
Vulnerability
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 19:52:25 |
GO SMS Pro Android App Exposes Private Photos, Videos and Messages (lien direct) |
The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 19:25:45 |
Tis\' the Season for Online Holiday Shopping; and Phishing (lien direct) |
Watch out for these top phishing approaches this holiday season. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 18:45:53 |
Code42 Incydr Series: Protect IP with Code42 Incydr (lien direct) |
The Code42 Incydr data risk detection and response solution focuses on giving security teams simplicity, signal and speed. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 16:56:24 |
Food-Supply Giant Americold Admits Cyberattack (lien direct) |
A reported ransomware attack took down operations at the company, which in talks for COVID-19 vaccine-distribution contracts. |
Ransomware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 16:50:18 |
IoT Cybersecurity Improvement Act Passed, Heads to President\'s Desk (lien direct) |
Security experts praised the newly approved IoT law as a step in the right direction for insecure connected federal devices. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 14:34:36 |
APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies (lien direct) |
Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims' networks. |
Threat
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-19 14:00:45 |
Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks (lien direct) |
While the industry focus is on vehicle hacking, when it comes to the automotive industry cybercriminals are opting for less complex and sophisticated attacks - from phishing to ransomware. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-18 21:53:55 |
Widespread Scans Underway for RCE Bugs in WordPress Websites (lien direct) |
WordPress websites using buggy Epsilon Framework themes are being hunted by hackers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-18 19:56:11 |
LAPD Bans Facial Recognition, Citing Privacy Concerns (lien direct) |
The department has said no thanks to the Clearview AI platform, after an expose showing that officers had used it 475 times during a trial period alone. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-18 18:58:08 |
Cisco Webex \'Ghost\' Flaw Opens Meetings to Snooping (lien direct) |
Cisco patched the Webex flaw, as well as three critical-severity vulnerabilities, in a slew of security updates on Wednesday. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-18 17:37:45 |
Google Chrome 87 Closes High-Severity \'NAT Slipstreaming\' Hole (lien direct) |
Overall Google's Chrome 87 release fixed 33 security vulnerabilities. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-18 12:58:15 |
Firing of CISA Chief Christopher Krebs Widely Condemned (lien direct) |
President Trump fired US cybersecurity chief over Twitter Tuesday, an act widely condemned within the cybersecurity community. |
|
|
★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 22:38:27 |
Multiple Industrial Control System Vendors Warn of Critical Bugs (lien direct) |
Four industrial control system vendors each announced vulnerabilities that ranged from critical to high-severity. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 21:34:13 |
Defining Security Policies to Manage Remote Insider Threats (lien direct) |
This is the time to define the new normal; having well-defined policies in place will help businesses maintain its security posture while bolstering the security of the ever-increasing work-from-home population. |
|
|
★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 21:17:01 |
ThreatList: Pharma Mobile Phishing Attacks Turn to Malware (lien direct) |
After the breakout of the COVID-19 pandemic, mobile phishing attacks targeting pharmaceutical companies have shifted their focus from credential theft to malware delivery. |
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 19:16:56 |
COVID-19 Antigen Firm Hit by Malware Attack (lien direct) |
Global biotech firm Miltenyi, which supplies key components necessary for COVID-19 treatment research, has been battling a malware attack. |
Malware
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 17:18:07 |
Zoom Takes on Zoom-Bombers Following FTC Settlement (lien direct) |
The videoconferencing giant has upped the ante on cybersecurity with three fresh disruption controls. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 15:17:12 |
Cisco Patches Critical Flaw After PoC Exploit Code Release (lien direct) |
A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-17 13:23:21 |
Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs (lien direct) |
Attackers can exploit the feature and send people's data directly to remote servers, posing a privacy and security risk, researchers said. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-16 22:09:54 |
Dating Site Bumble Leaves Swipes Unsecured for 100M Users (lien direct) |
Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles. |
|
|
★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-16 21:47:33 |
Attackers Target Porn Site Goers in \'Malsmoke\' Zloader Attack (lien direct) |
A fake Java update found on various porn sites actually downloads the well-known Zloader malware. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2020-11-16 20:20:58 |
Citrix SD-WAN Bugs Allow Remote Code Execution (lien direct) |
The bugs tracked as CVE-2020–8271, CVE-2020–8272 and CVE-2020–8273 exist in the Citrix SD-WAN Center. |
|
|
★★★★★
|