What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-09-26 18:09:01 | VPNFilter\'s Arsenal Expands With Newly Discovered Modules (lien direct) | Seven new modules discovered in VPNFilter further fill in the blanks about how the malware operates and reveals a wider breath of capabilities. | Malware | VPNFilter | |
|
2018-09-26 14:48:04 | Google Vows Privacy Changes in Chrome Browser After User Backlash (lien direct) | The tech giant promised that it will be more transparent about users' data in Chrome 70 after coming under fire for its privacy policies earlier this week. | |||
|
2018-09-25 19:55:05 | Once Popular Online Ad Format Opens Top Tier Sites to XSS Attacks (lien direct) | Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities. | |||
|
2018-09-25 19:33:02 | Malware on SHEIN Servers Compromises Data of 6.4M Customers (lien direct) | A data breach targeting women's apparel giant SHEIN occurred between June and August 2018. | Data Breach Malware | ||
|
2018-09-25 14:51:02 | Mac Mojave Zero-Day Allows Malicious Apps to Access Sensitive Info (lien direct) | Malicious apps can trivially thwart Mojave 10.14's new privacy protections. | |||
|
2018-09-24 20:30:03 | Cybercriminals Target Kodi Media Player for Malware Distribution (lien direct) | A recent cryptomining campaign shows criminal ingenuity. | Malware | ||
|
2018-09-24 17:13:04 | Adwind RAT Scurries By AV Software With New DDE Variant (lien direct) | The spam campaign mostly targets victims in Turkey and Germany. | Spam | ||
|
2018-09-24 16:33:04 | Google\'s Forced Sign-in to Chrome Raises Privacy Red Flags (lien direct) | Chrome users are now automatically signed into the browser if they're signed into any other Google service, such as Gmail. | |||
|
2018-09-24 15:22:01 | Assessing the Human Element in Cyber Risk Analysis (lien direct) | The human factor doesn't have to be an intangible when assessing cyber risks within a company. | |||
|
2018-09-24 13:59:01 | Tricky DoS Attack Crashes Mozilla Firefox (lien direct) | There are currently no mitigations for the Firefox attack, a researcher told Threatpost. | |||
|
2018-09-23 22:04:02 | Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug (lien direct) | Up to two billion devices are still vulnerable to the BlueBorne IoT attack - and may not ever get a patch. | |||
|
2018-09-21 22:01:02 | Critical Vulnerability Found in Cisco Video Surveillance Manager (lien direct) | Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems. | Vulnerability | ||
|
2018-09-21 20:21:01 | Twitter Flaw Exposed Direct Messages To External Developers (lien direct) | The company said it has issued a patch for the issue, which has been ongoing since May 2017. | |||
|
2018-09-21 19:45:02 | Delphi Packer Looks for Human Behavior Before Deploying Payload (lien direct) | Many different threat actors are using this crypting service/tool for their operations, possibly buying it from the developer itself. | Threat | ||
|
2018-09-21 15:09:02 | Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution (lien direct) | Microsoft said that it's working on a fix for a zero-day flaw in its JET Database Engine. | |||
|
2018-09-20 21:07:05 | Lucy Gang Debuts with Unusual Android MaaS Package (lien direct) | The threat actor's Android-focused cyber-arms package, dubbed Black Rose Lucy, is limited in reach for now, but clearly has global ambitions. | Threat | ||
|
2018-09-20 16:10:04 | Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE (lien direct) | Vulnerability allowed an unauthenticated remote attacker to log in to a device at the time the system initially boots up. | Vulnerability | ||
|
2018-09-20 14:23:01 | Magecart Strikes Again, Siphoning Payment Info from Newegg (lien direct) | The incident, hard on the heels of the British Airways breach, shows that Magecart is quickly evolving and shows no signs of slowing down. | |||
|
2018-09-20 13:02:03 | Thousands of Breached Websites Turn Up MagBo Black Market (lien direct) | The research team said it has shared its findings with law enforcement and victims are being notified. | |||
|
2018-09-19 17:11:04 | Mirai Masterminds Helping FBI Snuff Out Cybercrime (lien direct) | The three hackers behind the infamous Mirai botnet have been helping law enforcement take down cybercriminals across the globe. | |||
|
2018-09-19 16:54:02 | Critical Out-of-Band Patch Issued for Adobe Acrobat Reader (lien direct) | Overall seven flaws were patched - including one critical vulnerability that could lead to arbitrary code execution. | Vulnerability Guideline | ||
|
2018-09-19 13:51:02 | A Hybrid Solution to Taming SOC Alert Overload (lien direct) | Technology can free analysts from the burden of manual and tedious tasks so they can operate at the highest level of their abilities. | |||
|
2018-09-19 13:30:05 | XBash Malware Packs Double Punch: Destroys Data and Mines for Crypto Coins (lien direct) | A newly discovered malware has different capabilities for Windows and Linux systems, including ransomware and cryptomining. | Ransomware Malware | ||
|
2018-09-18 19:40:01 | ThreatList: Malware Samples Targeting IoT More Than Double in 2018 (lien direct) | A honeypot set up to sniff out data on infected IoT devices found a broad array of compromised devices – from Mikrotik routers to dishwashers. | Malware | ||
|
2018-09-18 17:11:02 | State Government Online Payment Service Exposes 14M Customers (lien direct) | Outdated security practices made it simple to access other people's receipts for everything from traffic tickets to paying bail. | |||
|
2018-09-18 14:40:05 | Dangerous Pegasus Spyware Has Spread to 45 Countries (lien direct) | The malicious spyware has also been found in use in countries known for targeting human rights. | |||
|
2018-09-18 13:52:04 | Insiders Continue to be Data Theft\'s Best Friend (lien direct) | The enemy within the enterprise is often employees who are either malicious or unwittingly allowing attackers inside a protected network. | |||
|
2018-09-17 21:13:04 | Zero-Day Bug Allows Hackers to Access CCTV Surveillance Cameras (lien direct) | Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug. | |||
|
2018-09-17 17:43:03 | Facebook Now Offers Bounties For Access Token Exposure (lien direct) | The newly expanded Facebook bug bounty program sniffs out access token exposure flaws. | |||
|
2018-09-17 17:19:02 | Old WordPress Plugin Being Exploited in RCE Attacks (lien direct) | Old instances of the popular WordPress Duplicator Plugin are leaving sites open to remote code execution attacks. | |||
|
2018-09-17 15:20:03 | CSS-Based Attack Causes iOS, macOS Devices to Crash (lien direct) | The attack stems from a glitch in WebKit, an HTML layout browser engine in Apple's Safari browser. | |||
|
2018-09-14 21:45:04 | Researchers Heat Up Cold-Boot Attack That Works on All Laptops (lien direct) | The attack bypasses BIOS mitigations for cold-boot compromise on models from Apple, Dell, Lenovo and all others made in the last 10 years. | |||
|
2018-09-14 20:32:04 | E.U.: Tech Giants Face Big Fines, 1 Hour Limit to Remove Extremist Content (lien direct) | The rules would apply to all hosting service providers offering services in the E.U., regardless of size, even if they're not based there. | |||
|
2018-09-14 16:09:05 | Five Weakest Links in Cybersecurity That Target the Supply Chain (lien direct) | Third-party breaches have become an epidemic as cybercriminals target the weakest link. Organizations such as BestBuy, Sears, Delta and even NYU Medical Center are just a few that have felt the impact of cyberattacks through third-party vendors. The fallout from these breaches can be costly, as the average enterprise pays $1.23 million per incident, up […] | |||
|
2018-09-14 13:26:02 | Magecart Threat Group Racks Up More Hack Victims (lien direct) | The threat group has racked up a list of victims including Feedify, Groopdealz and British Airways. | Hack Threat | ||
|
2018-09-13 21:19:00 | OilRig APT Continues Its Ongoing Malware Evolution (lien direct) | The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. | Malware Tool | APT 34 | |
|
2018-09-13 19:26:04 | ThreatList: Microsoft Macros Remain Top Vector for Malware Delivery (lien direct) | The second-most popular delivery method is CVE-2017-11882, a patched Microsoft vulnerability that allows the attacker to perform arbitrary code-execution. | Malware Vulnerability | ||
|
2018-09-13 13:14:01 | Experts Bemoan Shortcomings with IoT Security Bill (lien direct) | The infosec community say California's IoT security bill is "nice," but doesn't hit on the important issues. | |||
|
2018-09-12 20:07:03 | PowerShell Obfuscation Ups the Ante on Antivirus (lien direct) | The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods. | Threat | ||
|
2018-09-12 16:17:04 | Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw (lien direct) | A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched. | |||
|
2018-09-12 16:12:05 | Osiris Banking Trojan Displays Modern Malware Innovation (lien direct) | Osiris' fundamental makeup positions it in the fore of malware trends, despite being based on old source code that's been knocking around for years. | Malware | ||
|
2018-09-11 22:17:02 | Threatlist: Email Attacks Surge, Targeting Execs (lien direct) | Overall, the number of email fraud attacks per targeted company rose 25 percent from the previous quarter (to 35 on average) and 85 percent from the year-ago quarter. | |||
|
2018-09-11 21:04:01 | (Déjà vu) Microsoft Patches Three Actively Exploited Bugs as Part of Patch Tuesday (lien direct) | Microsoft's September Patch Tuesday release tackles three vulnerabilities actively being exploited in the wild. | |||
|
2018-09-11 19:56:03 | Bad Actors Sizing Up Systems Via Lightweight Recon Malware (lien direct) | These stealthy downloaders initially infect systems and then only install additional malware on systems of interest. | Malware | ||
|
2018-09-11 19:55:01 | Millions of Records Exposed in Veeam Misconfigured Server (lien direct) | Exposed data included names, emails addresses and IP addresses. | |||
|
2018-09-11 14:52:03 | Adobe Patches Six Critical Flaws in ColdFusion (lien direct) | Adobe issued fixes for versions of its ColdFusion web development platform - including six critical flaws. | |||
|
2018-09-11 12:54:04 | Magecart Group Pinned in Recent British Airways Breach (lien direct) | The Magecart Group has been blamed for the British Airways breach that compromised 380k payment cards. | |||
|
2018-09-10 19:39:03 | ProtonVPN, NordVPN Flaws Open Door to Privilege Escalation (lien direct) | The flaws disclosed this month are related to a critical bug previously discovered by VerSprite in April 2018. | |||
|
2018-09-10 17:00:00 | Tor Brings Onion Browser to Android Devices (lien direct) | In parts of the developing world, dissidents and journalists face hostile governments and other threats -- and mobile is their only access to the internet. | |||
|
2018-09-10 16:47:00 | Apple Finally Boots Sneaky Adware Doctor App from Mac App Store (lien direct) | Hours after researchers publicly disclosed an app that was caught stealing and uploading browser history data, Apple removed it from the Mac App Store. |
To see everything:
Our RSS (filtrered)
