What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-27 17:33:57 | TurkeyBombing Puts New Twist on Zoom Abuse (lien direct) | Threat actors already stole nearly 4,000 credentials before the holiday was even over, according to report. | Threat | ||
|
2020-11-27 14:00:32 | Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes (lien direct) | While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense. | |||
|
2020-11-27 14:00:28 | ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats (lien direct) | Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events. | |||
|
2020-11-26 14:00:52 | Federated Learning: A Therapeutic for what Ails Digital Health (lien direct) | Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world. | |||
|
2020-11-26 14:00:32 | Changing Employee Security Behavior Takes More Than Simple Awareness (lien direct) | Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. | |||
|
2020-11-25 17:05:37 | Major BEC Phishing Ring Cracked Open with 3 Arrests (lien direct) | Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares. | |||
|
2020-11-25 16:55:48 | Critical MobileIron RCE Flaw Under Active Attack (lien direct) | Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others. | |||
|
2020-11-25 15:25:53 | How to Update Your Remote Access Policy – And Why You Should Now (lien direct) | Reducing the risks of remote work starts with updating the access policies of yesterday. | |||
|
2020-11-25 14:40:09 | Light-Based Attacks Expand in the Digital Home (lien direct) | The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound. | |||
|
2020-11-24 21:02:58 | Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram (lien direct) | Events application Peatix this week disclosed a data breach, after user account information reportedly began circulating on Instagram and Telegram. | |||
|
2020-11-24 20:04:19 | \'Minecraft Mods\' Attack More Than 1 Million Android Devices (lien direct) | Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible. | |||
|
2020-11-24 17:46:45 | Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues (lien direct) | Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay. | |||
|
2020-11-24 17:36:36 | Baidu Apps in Google Play Leak Sensitive Data (lien direct) | Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls. | |||
|
2020-11-24 15:57:40 | Blackrota Golang Backdoor Packs Heavy Obfuscation Punch (lien direct) | Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze. | |||
|
2020-11-24 12:59:12 | Tesla Hacked and Stolen Again Using Key Fob (lien direct) | Belgian researchers demonstrate third attack on the car manufacturer's keyless entry system, this time to break into a Model X within minutes. | |||
|
2020-11-23 21:46:22 | Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending (lien direct) | VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One. | |||
|
2020-11-23 21:08:46 | GoDaddy Employees Tricked into Compromising Cryptocurrency Sites (lien direct) | 'Vishing' attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid. | |||
|
2020-11-23 20:38:19 | TA416 APT Rebounds With New PlugX Malware Variant (lien direct) | The TA416 APT has returned in spear phishing attacks against a range of victims - from the Vatican to diplomats in Africa - with a new Golang version of its PlugX malware loader. | Malware | ||
|
2020-11-23 18:50:40 | Spotify Users Hit with Rash of Account Takeovers (lien direct) | Users of the music streaming service were targeted by attackers using credential-stuffing approaches. | |||
|
2020-11-23 17:15:49 | Manchester United: IT Systems Disrupted in Cyberattack (lien direct) | The popular U.K. soccer club confirmed an attack but said personal fan data remains secure. | |||
|
2020-11-23 16:46:37 | Joe Biden Campaign Subdomain Down After Hacktivist Defacement (lien direct) | A Turkish hacktivist defaced a subdomain of the president-elect's campaign website. | |||
|
2020-11-20 20:56:10 | Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns (lien direct) | Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. | |||
|
2020-11-20 20:18:13 | VMware Fixes Critical Flaw in ESXi Hypervisor (lien direct) | The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge. | |||
|
2020-11-20 20:17:13 | Good Heavens! 10M Impacted in Pray.com Data Exposure (lien direct) | The information exposed in a public cloud bucket included PII, church-donation information, photos and users' contact lists. | |||
|
2020-11-20 17:23:33 | New Grelos Skimmer Variants Siphon Credit Card Data (lien direct) | Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. | |||
|
2020-11-20 15:11:25 | Facebook Messenger Bug Allows Spying on Android Users (lien direct) | The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them. | Vulnerability | ||
|
2020-11-19 22:03:23 | Robot Vacuums Suck Up Sensitive Audio in \'LidarPhone\' Hack (lien direct) | Researchers have unveiled an attack that allows attackers to eavesdrop on homeowners inside their homes, through the LiDAR sensors on their robot vacuums. | Hack | ||
|
2020-11-19 21:34:25 | German COVID-19 Contact-Tracing Vulnerability Allowed RCE (lien direct) | Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. | Vulnerability | ||
|
2020-11-19 19:52:25 | GO SMS Pro Android App Exposes Private Photos, Videos and Messages (lien direct) | The vulnerable version of the app, which has 100 million users, uses easily predictable URLs to link to private content. | |||
|
2020-11-19 19:25:45 | Tis\' the Season for Online Holiday Shopping; and Phishing (lien direct) | Watch out for these top phishing approaches this holiday season. | |||
|
2020-11-19 18:45:53 | Code42 Incydr Series: Protect IP with Code42 Incydr (lien direct) | The Code42 Incydr data risk detection and response solution focuses on giving security teams simplicity, signal and speed. | |||
|
2020-11-19 16:56:24 | Food-Supply Giant Americold Admits Cyberattack (lien direct) | A reported ransomware attack took down operations at the company, which in talks for COVID-19 vaccine-distribution contracts. | Ransomware | ||
|
2020-11-19 16:50:18 | IoT Cybersecurity Improvement Act Passed, Heads to President\'s Desk (lien direct) | Security experts praised the newly approved IoT law as a step in the right direction for insecure connected federal devices. | |||
|
2020-11-19 14:34:36 | APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies (lien direct) | Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims' networks. | Threat | ||
|
2020-11-19 14:00:45 | Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattacks (lien direct) | While the industry focus is on vehicle hacking, when it comes to the automotive industry cybercriminals are opting for less complex and sophisticated attacks - from phishing to ransomware. | |||
|
2020-11-18 21:53:55 | Widespread Scans Underway for RCE Bugs in WordPress Websites (lien direct) | WordPress websites using buggy Epsilon Framework themes are being hunted by hackers. | |||
|
2020-11-18 19:56:11 | LAPD Bans Facial Recognition, Citing Privacy Concerns (lien direct) | The department has said no thanks to the Clearview AI platform, after an expose showing that officers had used it 475 times during a trial period alone. | |||
|
2020-11-18 18:58:08 | Cisco Webex \'Ghost\' Flaw Opens Meetings to Snooping (lien direct) | Cisco patched the Webex flaw, as well as three critical-severity vulnerabilities, in a slew of security updates on Wednesday. | |||
|
2020-11-18 17:37:45 | Google Chrome 87 Closes High-Severity \'NAT Slipstreaming\' Hole (lien direct) | Overall Google's Chrome 87 release fixed 33 security vulnerabilities. | |||
|
2020-11-18 12:58:15 | Firing of CISA Chief Christopher Krebs Widely Condemned (lien direct) | President Trump fired US cybersecurity chief over Twitter Tuesday, an act widely condemned within the cybersecurity community. | ★★★ | ||
|
2020-11-17 22:38:27 | Multiple Industrial Control System Vendors Warn of Critical Bugs (lien direct) | Four industrial control system vendors each announced vulnerabilities that ranged from critical to high-severity. | |||
|
2020-11-17 21:34:13 | Defining Security Policies to Manage Remote Insider Threats (lien direct) | This is the time to define the new normal; having well-defined policies in place will help businesses maintain its security posture while bolstering the security of the ever-increasing work-from-home population. | ★★ | ||
|
2020-11-17 21:17:01 | ThreatList: Pharma Mobile Phishing Attacks Turn to Malware (lien direct) | After the breakout of the COVID-19 pandemic, mobile phishing attacks targeting pharmaceutical companies have shifted their focus from credential theft to malware delivery. | Malware | ||
|
2020-11-17 19:16:56 | COVID-19 Antigen Firm Hit by Malware Attack (lien direct) | Global biotech firm Miltenyi, which supplies key components necessary for COVID-19 treatment research, has been battling a malware attack. | Malware | ||
|
2020-11-17 17:18:07 | Zoom Takes on Zoom-Bombers Following FTC Settlement (lien direct) | The videoconferencing giant has upped the ante on cybersecurity with three fresh disruption controls. | |||
|
2020-11-17 15:17:12 | Cisco Patches Critical Flaw After PoC Exploit Code Release (lien direct) | A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. | |||
|
2020-11-17 13:23:21 | Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs (lien direct) | Attackers can exploit the feature and send people's data directly to remote servers, posing a privacy and security risk, researchers said. | |||
|
2020-11-16 22:09:54 | Dating Site Bumble Leaves Swipes Unsecured for 100M Users (lien direct) | Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles. | ★★★ | ||
|
2020-11-16 21:47:33 | Attackers Target Porn Site Goers in \'Malsmoke\' Zloader Attack (lien direct) | A fake Java update found on various porn sites actually downloads the well-known Zloader malware. | |||
|
2020-11-16 20:20:58 | Citrix SD-WAN Bugs Allow Remote Code Execution (lien direct) | The bugs tracked as CVE-2020–8271, CVE-2020–8272 and CVE-2020–8273 exist in the Citrix SD-WAN Center. | ★★★★★ |
To see everything:
Our RSS (filtrered)
