Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-01-12 19:59:00 |
Google reveals sophisticated Windows & Android hacking operation (lien direct) |
The attackers used a combination of Android, Chrome, and Windows vulnerabilities, including both zero-days and n-days exploits. |
|
|
|
|
2021-01-12 18:18:00 |
Microsoft fixes Defender zero-day in January 2021 Patch Tuesday (lien direct) |
Microsoft fixes 83 security bugs in the January 2021 Patch Tuesday releases. |
|
|
|
|
2021-01-12 15:44:00 |
Mimecast says hackers abused one of its certificates to access Microsoft accounts (lien direct) |
Mimecast, a provider of email management software, said learned of the security incident from Microsoft. |
|
|
|
|
2021-01-12 14:53:19 |
macOS malware used run-only AppleScripts to avoid detection for five years (lien direct) |
The macOS.OSAMiner has been active since 2015, primarily infecting users in Asia. |
Malware
|
|
|
|
2021-01-12 10:30:03 |
Colombian energy, metal firms under fire in new Trojan attack wave (lien direct) |
Threat actors have selected three different Trojans to conduct cyberespionage. |
Threat
|
|
|
|
2021-01-12 08:12:40 |
Facebook targets “stop the steal” content ahead of Inauguration Day (lien direct) |
Facebook is ramping up content moderation efforts with “new urgency.” |
|
|
|
|
2021-01-12 01:45:00 |
Third malware strain discovered in SolarWinds supply chain attack (lien direct) |
CrowdStrike, one of the two security firms formally investigating the hack, sheds some light on how hackers compromised the SolarWinds Orion app build process. |
Malware
|
|
|
|
2021-01-11 21:30:22 |
Ubiquiti tells customers to change passwords after security breach (lien direct) |
Data for UI.com accounts was accessed in mysterious data breach. |
|
|
|
|
2021-01-11 21:30:04 |
CES 2021: Intel adds ransomware detection capabilities at the silicon level (lien direct) |
Intel 11th Gen Intel Core vPro CPUs with support for the Hardware Shield and TDT features will be able to detect ransomware attacks at the hardware level, many layers below antivirus software. |
Ransomware
|
|
|
|
2021-01-11 19:28:12 |
Microsoft Sysmon adds support for detecting Process Herpaderping attacks (lien direct) |
Sysmon 13.00, released today, can detect both Process Hollowing and Process Herpaderping attacks, giving system administrators an edge in detecting and debugging malware attacks. |
Malware
|
|
|
|
2021-01-11 15:52:48 |
Free decrypter released for victims of Darkside ransomware (lien direct) |
A new tool released today by Romanian security firm Bitdefender allows victims of the Darkside ransomware to recover their files without paying the ransom demand. |
Ransomware
Tool
|
|
|
|
2021-01-09 08:00:03 |
Some ransomware gangs are going after top execs to pressure companies into paying (lien direct) |
Ransomware gangs are prioritizing stealing data from workstations used by executives in the hopes of finding and using valuable information to use in the extortion process. |
Ransomware
|
|
|
|
2021-01-09 01:08:00 |
Google removes Parler app from Play Store (lien direct) |
Google cites the lack of content moderation on the platform and "ongoing and urgent public safety threat." |
|
|
|
|
2021-01-08 21:36:00 |
CISA: SolarWinds hackers also used password guessing to breach targets (lien direct) |
CISA says the threat actor behind the SolarWinds hack also used password guessing and password spraying to breach targets, not just trojanized updates. |
Hack
Threat
|
|
|
|
2021-01-08 19:03:10 |
State Department creates bureau to reduce \'likelihood of cyber conflict\' (lien direct) |
The new Bureau of Cyberspace Security and Emerging Technologies (CSET) will manage cybersecurity issues as part of the US' foreign policy and diplomatic efforts. |
|
|
|
|
2021-01-08 15:22:53 |
A crypto-mining botnet is now stealing Docker and AWS credentials (lien direct) |
After if began stealing AWS credentials last summer, the TeamTNT botnet is now also stealing Docker API logins, making the use of firewalls mandatory for all internet-exposed Docker interfaces. |
|
|
|
|
2021-01-08 12:44:00 |
Nvidia releases security update for high-severity graphics driver vulnerabilities (lien direct) |
Exploits include data tampering, denial of service, and privilege escalation. |
|
|
|
|
2021-01-08 00:47:16 |
New side-channel attack can recover encryption keys from Google Titan security keys (lien direct) |
Attack requires physical access to the devices but Titan and other keys can be cloned if attacks are successful. |
|
|
|
|
2021-01-07 19:22:43 |
Ryuk gang estimated to have made more than $150 million from ransomware attacks (lien direct) |
Most of the Ryuk gang's "earnings" are being cashed out through accounts at crypto-exchanges Binance and Huobi. |
Ransomware
|
|
|
|
2021-01-07 15:09:00 |
Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020 (lien direct) |
Security firm Recorded Future said it tracked more than 10,000 malware command and control servers last year, used across more than 80 malware families. |
Malware
|
|
|
|
2021-01-07 12:01:54 |
(Déjà vu) Former VP with an ax to grind hacks company, disrupts PPE supply, earns jail term (lien direct) |
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic. |
|
|
|
|
2021-01-07 12:01:00 |
Disgruntled former VP hacks company, disrupts PPE supply, earns jail term (lien direct) |
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic. |
|
|
|
|
2021-01-07 11:00:15 |
North Korean hackers launch RokRat Trojan in campaigns against the South (lien direct) |
A VBA self decoding technique is being used to hide the malware on impacted systems. |
Malware
|
|
|
|
2021-01-07 00:52:00 |
JetBrains denies being involved in SolarWinds hack (lien direct) |
JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach. |
Hack
|
|
★★★★★
|
|
2021-01-06 19:41:18 |
SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server (lien direct) |
The US Department of Justice is one of the rare SolarWinds victims where hackers escalated the hack to a second phase and moved to access internal email inboxes, the agency said today. |
Hack
|
|
|
|
2021-01-06 15:40:25 |
Nissan source code leaked online after Git repo misconfiguration (lien direct) |
Nissan was allegedly running a Bitbucket Git server with the default credentials of admin/admin. |
|
|
|
|
2021-01-05 21:18:00 |
US government formally blames Russia for SolarWinds hack (lien direct) |
Joint statement from the FBI, CISA, ODNI, and NSA says SolarWinds hack was "likely Russian in origin." |
Hack
|
|
|
|
2021-01-05 17:15:29 |
Italian mobile operator offers to replace SIM cards after massive data breach (lien direct) |
Hackers stole the personal data for 2.5 million Ho Mobile subscribers. |
Data Breach
|
|
|
|
2021-01-05 15:00:03 |
Hackers target cryptocurrency users with new ElectroRAT malware (lien direct) |
Intezer Labs said it discovered fake cryptocurrency apps laced with ElectroRAT, a new Go-based malware strain. |
Malware
|
|
|
|
2021-01-05 11:51:18 |
As coronavirus cases surge, so do cyberattacks against the healthcare sector (lien direct) |
Researchers say healthcare organizations have faced a 45% spike in attacks since November. |
|
|
|
|
2021-01-04 20:35:13 |
SolarWinds: The more we learn, the worse it looks (lien direct) |
While you've been distracted by the holidays, coronavirus, and politics, the more we learn about the SolarWinds security fiasco, the worse it looks. |
|
|
|
|
2021-01-04 19:33:57 |
Malware uses WiFi BSSID for victim identification (lien direct) |
Malware authors are using the WiFi AP MAC address (also known as the BSSID) as a way to geo-locate infected hosts. |
Malware
|
|
|
|
2021-01-04 15:02:00 |
Be warned: COVID-19 vaccine scams are now appearing online, over text, and by email (lien direct) |
With millions of us waiting for our place in the vaccine queue, criminals are already trying to cash in. |
|
|
|
|
2021-01-04 10:52:00 |
Ticketmaster fined $10 million after staff hacked competitor to \'choke off\' presale ticket business (lien direct) |
US prosecutors say the goal was to “steal back” key clients. |
|
|
|
|
2021-01-04 10:45:24 |
T-Mobile discloses its fourth data breach in three years (lien direct) |
Personal details and financial information was not exposed, T-Mobile said. |
Data Breach
|
|
|
|
2021-01-02 03:59:00 |
Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways (lien direct) |
The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries. |
|
|
|
|
2020-12-31 20:20:26 |
SolarWinds hackers accessed Microsoft source code (lien direct) |
Microsoft says this is no big deal as the company doesn't rely on the secrecy of source code for the security of its products. |
|
|
|
|
2020-12-30 17:15:00 |
CISA updates SolarWinds guidance, tells US govt agencies to update right away (lien direct) |
US federal agencies must update by the end of the year or take all SolarWinds Orion apps offline. |
|
|
|
|
2020-12-29 23:12:00 |
FBI: Pranksters are hijacking smart devices to live-stream swatting incidents (lien direct) |
The FBI said it's working with smart device makers to address the issue. |
|
|
|
|
2020-12-28 18:06:35 |
Finland says hackers accessed MPs\' emails accounts (lien direct) |
The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament's email system. |
|
|
|
|
2020-12-24 22:36:26 |
Russian crypto-exchange Livecoin hacked after it lost control of its servers (lien direct) |
Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values. |
|
|
|
|
2020-12-24 17:34:16 |
Citrix devices are being abused as DDoS attack vectors (lien direct) |
Citrix says it's working on a fix, expected next year. |
|
|
|
|
2020-12-23 02:20:56 |
DHS warns against using Chinese hardware and digital services (lien direct) |
US says Chinese companies are engaging in "PRC government-sponsored data theft." |
|
|
|
|
2020-12-22 12:55:00 |
Law enforcement take down three bulletproof VPN providers (lien direct) |
The three VPN services provided safe haven for cybercriminals to carry out ransomware attacks, web skimming operations, spearphishing, and account takeovers. |
Ransomware
|
|
|
|
2020-12-22 06:00:03 |
Microsoft and McAfee headline newly-formed \'Ransomware Task Force\' (lien direct) |
The newly-founded Ransomware Task Force will work to put together a standard framework for dealing with ransomware attacks. |
Ransomware
|
|
|
|
2020-12-21 23:57:00 |
Microsoft, Google, Cisco, and others file amicus brief in support of Facebook\'s NSO lawsuit (lien direct) |
Tech giants show support for Facebook's legal case against spyware vendor NSO Group. |
|
|
|
|
2020-12-21 20:40:45 |
Partial lists of organizations infected with Sunburst malware released online (lien direct) |
As security researchers dig through forensic evidence in the aftermath of the SolarWinds supply chain attack, victim names are slowly starting to surface. |
Malware
|
Solardwinds
Solardwinds
|
|
|
2020-12-21 13:59:07 |
A second hacking group has targeted SolarWinds systems (lien direct) |
Some SolarWinds systems were found compromised with malware named Supernova and CosmicGale, unrelated to the recent supply chain attack. |
Malware
|
|
|
|
2020-12-20 23:14:24 |
Zero-click iOS zero-day found deployed against Al Jazeera employees (lien direct) |
Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14. |
Vulnerability
|
|
|
|
2020-12-19 08:00:04 |
Firefox to ship \'network partitioning\' as a new anti-tracking defense (lien direct) |
Firefox's "network partitioning" feature to ship in v85, scheduled for January 2021. |
|
|
|