What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-03 00:30:15 | US government calls foul on Apple and Google over walled gardens for apps (lien direct) | As for actually doing anything about it - that'll have to wait The US Commerce Department is putting an official stamp on what many have saying for years: the iOS and Android app store model "is harmful to consumers and developers." … | ★★ | ||
|
2023-02-02 19:27:14 | Malvertising attacks are distributing .NET malware loaders (lien direct) | The campaign illustrates another option for miscreants who had relied on Microsoft macros Malvertising attacks are being used to distribute virtualized .NET loaders that are highly obfuscated and dropping info-stealer malware.… | Malware | ★★ | |
|
2023-01-30 19:45:11 | Gootloader malware updated with PowerShell, sneaky JavaScript (lien direct) | Perhaps a good time to check for unwelcome visitors The operators behind Gootloader, a crew dubbed UNC2565, have upgraded the code in cunning ways to make it more intrusive and harder to find.… | Malware | ★★ | |
|
2023-01-30 03:01:09 | Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine (lien direct) | Also: a week of leaks; Riot Games says 'LoL' to source code ransom demands; and Yandex source also appears online in brief Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country's plan to send tanks to Ukraine.… | ★★★ | ||
|
2023-01-27 23:59:06 | Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA (lien direct) | New meaning to sweetening the pot Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty.… | Ransomware | ★★ | |
|
2023-01-27 05:32:10 | UK Cyber Security Centre\'s scary new story: One phish, two phish, Russia phish, Iran phish (lien direct) | Nice people on LinkedIn want to harvest logins from politicians, boffins, and defense types The UK's National Cyber Security Centre (NSCS) has warned of two similar spear-phishing campaigns, one originating from Russia, the other from Iran.… | ★★★ | ||
|
2023-01-26 14:30:08 | Google gives in to India Android antitrust verdict, kinda (lien direct) | Tech behemoth says it will appeal 'certain aspects' of the decision Google appears to be ready to abide by an Indian court's antitrust verdict that it was exploiting its dominant position on Android, and will allow OEMs to license individual apps for pre-installation on devices and let users select their own default search engine.… | ★★ | ||
|
2023-01-26 02:07:08 | Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched (lien direct) | You know when we all said quit using MD5? We really meant it Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai's researchers.… | ★★ | ||
|
2023-01-25 21:59:06 | Microsoft closes another door to attackers by blocking Excel XLL files from the internet (lien direct) | More of them used by baddies since Redmond blocked VBA macros Microsoft in March will start blocking Excel XLL add-ins from the internet to shut down an increasingly popular attack vector for miscreants.… | ★★ | ||
|
2023-01-25 08:28:08 | Go to security school, GoTo – theft of encryption keys shows you need it (lien direct) | Ongoing investigation into cloud storage attack finds customer data exfiltrated Remote access outfit GoTo has admitted that a threat actor exfiltrated an encryption key that allowed access to "a portion" of encrypted backup files.… | Threat | ★★ | |
|
2023-01-24 17:59:25 | US Cyber Command, DARPA ink cyberwar R&D pact (lien direct) | Out of the valley of death and into operational use, ideally Interview An agreement between US Cyber Command and DAPRA aims to move innovative technologies out of the "valley of death" and into the hands of warfighters.… | ★★★★ | ||
|
2023-01-24 08:25:09 | Ukraine inches closer to NATO with cybersecurity collab (lien direct) | 'Now Russia will have to play defense' Ukraine has taken another step toward deepening its ties to NATO by signing an agreement to formalize its participation in the security alliance's Joint Center for Advanced Technologies in Cyber Defense (CCDCOE). … | ★★ | ||
|
2023-01-24 01:15:13 | We\'re just shouting into the void, says US watchdog offering cybersecurity advice (lien direct) | Federal depts ignore almost 60% of IT defense recommendations Since coming into office two years ago, the Biden Administration has made the cyber defenses of US government agencies – as well as the private sector – a key focus.… | ★★ | ||
|
2023-01-23 06:32:12 | India\'s Supreme Court finds Google\'s appeal against monopoly fines unappealing (lien direct) | Vast and unpleasant – for Google – changes to the Android ecosystem remain a possibility Google has lost a court bid to avoid payment of fines levied on it by India's Competition Commission, and massive changes to the way it does business in India.… | ★★ | ||
|
2023-01-19 23:45:04 | PayPal says crooks accessed 34,942 customers\' info in credential stuffing attack (lien direct) | That passwordless option is looking really good right about now The personal information of 35,000 PayPal users was exposed in December, according to a notification letter sent to the online payment company's customers this week.… | ★★ | ||
|
2023-01-19 11:01:15 | Ransomware attack severs 1,000 ships from their on-shore servers (lien direct) | Get your eyepatch out: Cyber attacks on the high seas are trending A Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. … | Ransomware | ★★ | |
|
2023-01-19 06:29:13 | If your DNS queries LoOk liKE tHIs, it\'s not a ransom note, it\'s a security improvement (lien direct) | It's not Google's plan. There's no way it's Google's plan. It was Google's plan Google has begun broadly enabling case randomization in domain queries sent to authoritative name servers, in an effort to make cache poisoning attacks less effective.… | ★★★ | ||
|
2023-01-19 02:30:14 | FTX audit finds $415 million in crypto has mysteriously vanished (lien direct) | Meanwhile SBF proclaims he's both innocent and solvent Liquidators at bankrupt crypto exchange FTX say they've thus far located $5.5 billion in assets, and confirmed that $415 million stolen in a November hack is still missing. … | Hack | ★★★ | |
|
2023-01-19 01:30:10 | As if Elon didn\'t have enough problems – Twitter sued over leaky servers (lien direct) | Damages and security improvements? Or maybe settle for a neon bird light A Twitter user has sued the troubled social media platform over an alleged data leak that exposed more than 200 million account users' information.… | ★★★ | ||
|
2023-01-18 19:30:13 | Founder of FreeDOS recounts the story so far, and the future (lien direct) | What is dead may never die, and it's all thanks to Jim Hall Retro Tech Week The last mainstream DOS-based OS was Windows ME, which went out of support 20 years ago. And yet, thanks to free software, DOS lives on. We spoke to FreeDOS founder Jim Hall about how the project started and how it's progressing.… | ★★ | ||
|
2023-01-17 21:01:08 | What\'s called Grogu but isn\'t that cute? Google\'s leaked answer to Apple AirTags (lien direct) | Rumored product looks like part of a larger effort to compete with Cupertino's Find My network Google leaks point to the Android maker working on an Apple AirTags competitor, news of which could indicate a broader effort to compete with Apple's Find My network.… | ★★★ | ||
|
2023-01-16 11:30:11 | For password protection, dump LastPass for open source Bitwarden (lien direct) | After the security breach last summer, staying put is playing with fire Opinion For better or worse, we still need passwords, and to protect and organize them, I recommend the open source Bitwarden password manager.… | LastPass | ★★★ | |
|
2023-01-14 20:57:07 | NSA asks Congress to let it get on with that warrantless data harvesting, again (lien direct) | Also: That Pokemon is actually a RAT, Uncle Sam fails a password audit In brief A US intelligence boss has asked Congress to reauthorize a controversial set of powers that give snoops warrantless authorization to surveil electronic communications in the name of fighting terrorism and so forth.… | ★★★ | ||
|
2023-01-13 13:30:06 | Microsoft Defender ASR rules remove icons and apps shortcuts from Taskbar (lien direct) | Happy Friday 13th sysadmins! Techies find workarounds but Redmond still 'investigating' Techies are reporting that Microsoft Defender for Endpoint attack surface reduction (ASR) rules have gone haywire and are removing icons and applications shortcuts from the Taskbar and Start Menu.… | ★★★★ | ||
|
2023-01-11 17:45:13 | Stranded ISS astronauts are getting a new Soyuz to ride home (lien direct) | The coolant-deprived vessel that got them there will return to Earth alone Russian space agency Roscosmos has decided to send another Soyuz capsule to the International Space Station to rescue crew stranded by a coolant leak in their return ride. … | ★★ | ||
|
2023-01-11 03:29:09 | Health insurer Aflac blames US partner for leak of Japanese cancer policy info (lien direct) | Zurich's Japanese outpost also leaks a couple of million records Global insurer Aflac's Japanese branch has revealed that personal data describing more than three million customers of its cancer insurance product has been leaked online.… | ★★★ | ||
|
2023-01-11 01:58:18 | Privacy on the line: Boffins break VoLTE phone security (lien direct) | Call metadata can be ferreted out Boffins based in China and the UK have devised a telecom network attack that can expose call metadata during VoLTE/VoNR conversations.… | ★★★ | ||
|
2023-01-11 00:00:09 | First Patch Tuesday of the year explodes with an in-the-wild exploit (lien direct) | Plus Intel, Adobe, SAP and Android bugs Patch Tuesday Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that's already been exploited and another listed as publicly known. Of the new January vulnerabilities, 11 are rated critical because they lead to remote code execution.… | Guideline | ★★ | |
|
2023-01-10 09:30:12 | 2002 video streaming patent holder sues Amazon and Twitch (lien direct) | Both companies knew about the patent, claims lawsuit Media solutions company BSD Crown, best known for video encoding products as well as building Android smartphones in the Noughties, has filed a lawsuit against Amazon and livestreaming offshoot Twitch, claiming the pair infringed its patent.… | ★★ | ||
|
2023-01-10 02:29:10 | Pakistan\'s government to agencies: Dark web is dangerous, please don\'t go there (lien direct) | Advice follows embarrassing leak of audio from Prime Minister's office Pakistan's government has warned its agencies that the dark web exists, is home to all sorts of unpleasant people, and should be avoided.… | ★★ | ||
|
2023-01-09 21:15:11 | Python Package Index found stuffed with AWS keys and malware (lien direct) | British developer uses homegrown scanning tool to check for risks The Python Package Index, or PyPI, continues to surprise and not in a good way.… | Malware Tool | ★★ | |
|
2023-01-09 20:30:12 | US Supremes deny Pegasus spyware maker\'s immunity claim (lien direct) | NSO maintains that it's all legit The US Supreme Court has quashed spyware maker NSO Group's argument that it cannot be held legally responsible for using WhatsApp technology to deploy its Pegasus snoop-ware on users' phones.… | ★★ | ||
|
2023-01-06 15:30:06 | Dridex malware pops back up and turns its attention to macOS (lien direct) | Malware testers spot attempt to attack Macs. But (try not to weep for the bad guys) there are still compatibility issues with MS exe files A variant of the bad penny that is Dridex, the general-purpose malware that has been around for years, now has macOS platforms in its sights and a new way of delivering malicious macros via documents.… | Malware | ★★★ | |
|
2023-01-05 23:40:42 | Rackspace blames ransomware woes on zero-day attack (lien direct) | Play gang blamed, ProxyNotShell cleared and hosted Exchange doomed Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack.… | Ransomware | ★★ | |
|
2023-01-05 20:45:05 | FCC suggests licensing 5GHz spectrum to drone operators (lien direct) | What's the WiFly password again? The US Federal Communications Commission (FCC) is considering opening a swath of 5GHz spectrum up for use by the growing number of unmanned aerial vehicles and drones.… | ★ | ||
|
2023-01-05 17:45:08 | Lenovo adds rugged ThinkPhone to appeal to ThinkPad users (lien direct) | Gorilla Glass-plated Android gadget for the biz crowd but it won't be cheap... CES Lenovo has unveiled the ThinkPhone, an Android smartphone the company is positioning as a business device alongside its ThinkPad laptops, with a number of features designed to make the two devices work better together.… | ★★ | ||
|
2023-01-05 12:30:11 | Twitter whistleblower Peiter \'Mudge\' Zatko lands new gig at Rapid7 (lien direct) | A long way from password crackers for Windows NT for former L0pht legend Former Twitter security chief and whistleblower Peiter "Mudge" Zatko has landed his first official role since he left the company, a part-time job as "executive in residence" with cybersecurity firm Rapid7.… | ★★ | ||
|
2023-01-04 20:00:11 | The Guardian ransomware attack hits week two as staff told to work from home (lien direct) | UK data watchdog would like a word over failure to systems Long-standing British broadsheet The Guardian has told staff to continue working from home and notified the UK's data privacy watchdog about the security breach following a suspected ransomware attack before Christmas.… | Ransomware | ★★★ | |
|
2023-01-04 14:00:13 | PyTorch dependency poisoned with malicious code (lien direct) | System data was exfiltrated during attack, but an anonymous person says it was a research project gone wrong An unknown attacker used the PyPI code repository to get developers to download a compromised PyTorch dependency that included malicious code designed to steal system data.… | ★★ | ||
|
2023-01-04 00:59:55 | LockBit: Sorry about the SickKids ransomware, not sorry about the rest (lien direct) | Blame it on the affiliate Notorious ransomware gang LockBit "formally apologized" for an extortion attack against Canada's largest children's hospital that the criminals blamed on a now-blocked affiliate group, and said it published a free decryptor for the victim to recover the files.… | Ransomware | ★★ | |
|
2022-12-30 01:50:37 | NASA may tap SpaceX to rescue ISS \'nauts after Soyuz leak (lien direct) | And Elon's still distracted by Twitter, yes? OK, that's probably for the best NASA is considering using SpaceX to bring three astronauts back to Earth from the International Space Station after the Russian spacecraft due to return the crew suffered a significant coolant leak. … | ★★ | ||
|
2022-12-23 20:00:07 | TikTok confirms it tracked journalists\' locations as part of leak investigation (lien direct) | As if you needed another reason to delete the app right now Video sharing platform TikTok and its parent company Bytedance are leakier than a sieve – and it has emerged that in an attempt to plug the holes, members of Bytedance's internal audit team tracked the physical location of journalists via their IP addresses.… | ★★★★ | ||
|
2022-12-23 06:35:07 | LastPass admits attackers have a copy of customers\' password vaults (lien direct) | Thankfully a well encrypted copy that could take an eon to crack, unless users practiced bad password hygiene Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts.… | LastPass | ★★ | |
|
2022-12-23 00:27:51 | Crooks copy source code from Okta\'s GitHub repository (lien direct) | The hack wraps up a year of bad security incidents for identity Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories.… | Hack | ★★ | |
|
2022-12-22 18:34:52 | Zerobot malware now shooting for Apache systems (lien direct) | Upgraded threat, time to patch The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things (IoT) devices it can compromise by going after Apache systems.… | Malware | ★★★ | |
|
2022-12-22 02:20:36 | Godfather malware makes banking apps an offer they can\'t refuse (lien direct) | No horse heads in beds...that we know of Crooks are using an Android banking Trojan dubbed Godfather to steal from banking and cryptocurrency exchange app users in 16 countries, according to Group-IB security researchers… | Malware | ★★★ | |
|
2022-12-21 15:40:06 | UK\'s Guardian newspaper breaks news of ransomware attack on itself (lien direct) | Reporters work from home as publication promises Thursday's print edition will hit newstands on time UK broadsheet media outlet The Guardian has become the victim of a ransomware attack which seems to have take out a large chunk of office-based systems.… | Ransomware | ★★ | |
|
2022-12-21 09:45:12 | Malicious PyPI package found posing as a SentinelOne SDK (lien direct) | Security firm tagged with malware misrepresentation Threat researchers have found a rapidly updated malicious Python package on PyPI masquerading as a legitimate software-development kit (SDK) from cybersecurity firm SentinelOne, but actually contains malware designed to exfiltrate data from infected systems.… | Malware | ★★ | |
|
2022-12-21 03:00:06 | Parental control apps prove easy to beat by kids and crims (lien direct) | 20m downloads can't be wrong? Or can they? Parental control apps may do more harm than good, according to researchers who found 18 bugs in eight Android apps with more than 20 million total downloads that could be exploited to, among many nefarious acts, control other devices on the parents' network.… | ★★★ | ||
|
2022-12-21 00:08:12 | Cisco\'s Talos security bods predict new wave of Excel Hell (lien direct) | Criminals have noticed that spreadsheet's XLL files add custom functionality - including malware It took a few years and one temporary halt, but in July Microsoft finally began blocking certain macros by default in Word, Excel, and PowerPoint, cutting off a popular attack vector for those who target users of Microsoft's Windows OS and Office suite.… | Prediction | ★★★ |
To see everything:
