What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-20 12:10:44 | Apple Exec Calls Level of Mac Malware \'Unacceptable\' (lien direct) | Company is using threat of attacks as defense in case brought against it by Epic Games after Fortnite was booted from the App Store for trying to circumvent developer fees. | Malware Threat | ★★★★ | |
|
2021-05-19 20:24:50 | Can Nanotech Secure IoT Devices From the Inside-Out? (lien direct) | Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats. | Uber | ||
|
2021-05-19 20:16:31 | Microsoft, Google Clouds Hijacked for Gobs of Phishing (lien direct) | Attackers sent 52M malicious messages leveraging the likes of Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage in Q1 2021. | |||
|
2021-05-19 16:53:32 | Keksec Cybergang Debuts Simps Botnet for Gaming DDoS (lien direct) | The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities. | Malware | ||
|
2021-05-19 14:35:06 | Windows PoC Exploit Released for Wormable RCE (lien direct) | The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft's Patch Tuesday release last week. | |||
|
2021-05-19 13:28:38 | Bug Exposes Eufy Camera Private Feeds to Random Users (lien direct) | Customers panic and question parent company Anker's security and privacy practices after learning their home videos could be accessed and even controlled by strangers due to a server-upgrade glitch. | |||
|
2021-05-18 20:48:13 | Scammers Pose as Meal-Kit Services to Steal Customer Data (lien direct) | Attackers are sending messages disguised as offers from meal-kit services, like HelloFresh. | |||
|
2021-05-18 18:36:38 | Stalkerware Apps Riddled with Security Bugs (lien direct) | Attackers can take advantage of the fact these apps access, gather, store and transmit more information than any other app their victims have installed. | |||
|
2021-05-18 16:01:11 | It\'s Time to Prepare for a Rise in Insider Threats (lien direct) | Anurag Kahol, CTO at Bitglass, discusses options for detecting malicious or dangerous activity from within an organization. | |||
|
2021-05-18 14:57:33 | Unsuccessful Conti Ransomware Attack Still Packs Costly Punch (lien direct) | Separate attacks last week on the country's Department of Health and Health Service Executive forced the shutdown of networks and services that still haven't been fully restored. | Ransomware | ||
|
2021-05-18 12:32:46 | Microsoft, Adobe Exploits Top List of Crooks\' Wish List (lien direct) | You can't possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as tracked in a study of the underground exploit market. | |||
|
2021-05-17 21:46:14 | Magecart Goes Server-Side in Latest Tactics Changeup (lien direct) | The latest Magecart iteration is finding success with a new PHP web shell skimmer. | |||
|
2021-05-17 19:40:27 | What a Year It\'s Been: RSA 2021 Embraces \'Resilience\' (lien direct) | Keynoters from Cisco, Netflix and RSA highlighted lessons from the last year, and cybersecurity's new mandate in the post-pandemic world: Bounce back stronger. | |||
|
2021-05-17 16:23:35 | DarkSide Hits Toshiba; XSS Forum Bans Ransomware (lien direct) | The criminal forum washed its hands of ransomware after DarkSide's pipeline attack & alleged shutdown: A "loss of servers" that didn't stop another attack. | Ransomware | ||
|
2021-05-17 16:19:34 | Bizarro Banking Trojan Sports Sophisticated Backdoor (lien direct) | The advanced Brazilian malware has gone global, harvesting bank logins from Android mobile users. | Malware | ||
|
2021-05-14 17:36:33 | FIN7 Backdoor Masquerades as Ethical Hacking Tool (lien direct) | The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines. | Tool | ||
|
2021-05-14 16:05:13 | DarkSide Ransomware Suffers \'Oh, Crap!\' Server Shutdowns (lien direct) | The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil's gonads shrank in response. | Ransomware | ||
|
2021-05-14 14:03:01 | \'Scheme Flooding\' Allows Websites to Track Users Across Browsers (lien direct) | A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor. | |||
|
2021-05-14 13:26:48 | Verizon: Pandemic Ushers in ⅓ More Cyber-Misery (lien direct) | The DBRI – Verizon's 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. | Data Breach | ||
|
2021-05-14 12:30:43 | Ransomware\'s New Swindle: Triple Extortion (lien direct) | Ransomware attackers are now demanding cash from the customers of victims too. | Ransomware | ||
|
2021-05-14 12:00:27 | How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly (lien direct) | Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting. | |||
|
2021-05-13 20:22:15 | Colonial Pipeline Shells Out $5M in Extortion Payout, Report (lien direct) | According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key. | |||
|
2021-05-13 19:52:33 | Ransomware Going for $4K on the Cyber-Underground (lien direct) | An analysis of three popular forums used by ransomware operators reveals a complex ecosystem with many partnerships. | Ransomware | ||
|
2021-05-13 15:39:01 | Beyond MFA: Rethinking the Authentication Key (lien direct) | Tony Lauro, director of security technology and strategy at Akamai, discusses hardware security dongles and using phones to act as surrogates for them. | |||
|
2021-05-13 14:55:53 | Fresh Loader Targets Aviation Victims with Spy RATs (lien direct) | The campaign is harvesting screenshots, keystrokes, credentials, webcam feeds, browser and clipboard data and more, with RevengeRAT or AsyncRAT payloads. | |||
|
2021-05-13 13:39:35 | Apple\'s \'Find My\' Network Exploited via Bluetooth (lien direct) | The 'Send My' exploit can use Apple's locator service to collect and send information from nearby devices for later upload to iCloud servers. | |||
|
2021-05-13 13:00:19 | Five Critical Password Security Rules Your Employees Are Ignoring (lien direct) | According to Keeper Security's Workplace Password Malpractice Report, many remote workers aren't following best practices for password security. | |||
|
2021-05-13 11:39:56 | Pipeline Update: Biden Executive Order, DarkSide Detailed and Gas Bags (lien direct) | FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware. | |||
|
2021-05-12 20:43:52 | Researchers Flag e-Voting Security Flaws (lien direct) | Paper ballots and source-code transparency are recommended to improve election security. | |||
|
2021-05-12 19:51:46 | Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales (lien direct) | A new type of fraud is spiking across the platform: Selling fake vax records to people who want to lie their way into places where proof of vaccine is required. | |||
|
2021-05-12 16:50:43 | Gig Workers Paid $500 for Payroll Passwords (lien direct) | Argyle is paying workers to help hack payroll providers, researchers suspect. | Hack | ||
|
2021-05-12 15:48:05 | \'FragAttacks\': Wi-Fi Bugs Affect Millions of Devices (lien direct) | Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're in range. | |||
|
2021-05-12 12:41:38 | TeaBot Trojan Targets Banks via Hijacked Android Handsets (lien direct) | Malware first observed in Italy can steal victims' credentials and SMS messages as well as livestream device screens on demand. | Malware | ||
|
2021-05-11 20:05:44 | Wormable Windows Bug Opens Door to DoS, RCE (lien direct) | Microsoft's May 2021 Patch Tuesday updates include fixes for four critical security vulnerabilities. | |||
|
2021-05-11 19:46:27 | GitHub Prepares to Move Beyond Passwords (lien direct) | GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords. | |||
|
2021-05-11 18:38:36 | Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader (lien direct) | A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. | Vulnerability Guideline | ||
|
2021-05-11 18:01:11 | Fake Chrome App Anchors Rapidly Worming \'Smish\' Cyberattack (lien direct) | An ingenious attack on Android devices self-propagates, with the potential for a range of damage. | |||
|
2021-05-11 16:08:19 | Shifting Threats in a Changed World: Edge, IoT and Vaccine Fraud (lien direct) | Aamir Lakhani, researcher at FortiGuard Labs, discusses leading-edge threats related to edge access/browsers/IoT, and the COVID-19 vaccine, as a way of getting into larger organizations. | Guideline | ||
|
2021-05-11 15:34:38 | 200K Veterans\' Medical Records Likely Stolen by Ransomware Gang (lien direct) | Analyst finds ransomware evidence, despite a contractor's denial of compromise. | Ransomware | ||
|
2021-05-11 14:45:48 | DarkSide Wanted Money, Not Disruption from Colonial Pipeline Attack (lien direct) | Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors. | Ransomware Threat | ||
|
2021-05-10 17:42:22 | Colonial Pipeline\'s Ransomware Attack Sparks Emergency Declaration (lien direct) | Security researchers mull possible perpetrators of the attack, and warned that the incident could be a harbinger of things to come. | Ransomware | ||
|
2021-05-10 17:37:44 | Lemon Duck Cryptojacking Botnet Changes Up Tactics (lien direct) | The sophisticated threat is targeting Microsoft Exchange servers via ProxyLogon in a wave of fresh attacks against North American targets. | Threat | ||
|
2021-05-08 19:28:28 | Major U.S. Pipeline Crippled in Ransomware Attack (lien direct) | Colonial Pipeline Company says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations. | Ransomware | ||
|
2021-05-07 20:28:41 | iPhone Hack Allegedly Used to Spy on China\'s Uyghurs (lien direct) | U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. | Hack | ||
|
2021-05-07 13:56:53 | 80% of Net Neutrality Comments to FCC Were Fudged (lien direct) | NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities. | |||
|
2021-05-06 19:55:31 | Qualcomm Chip Bug Opens Android Fans to Eavesdropping (lien direct) | A malicious app can exploit the issue, which could affect up to 30 percent of Android phones. | |||
|
2021-05-06 17:54:33 | Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks (lien direct) | The networking giant has rolled out patches for remote code-execution and command-injection security holes that could give attackers keys to the kingdom. | |||
|
2021-05-06 17:26:53 | Ryuk Ransomware Attack Sprung by Frugal Student (lien direct) | The student opted for “free” software packed with a keylogger that grabbed credentials later used by "Totoro" to get into a biomolecular institute. | Ransomware | ||
|
2021-05-06 15:48:13 | Massive DDoS Attack Disrupts Belgium Parliament (lien direct) | A large-scale incident earlier this week against Belnet and other ISPs has sent a wave of internet disruption across numerous Belgian government, scientific and educational institutions. | |||
|
2021-05-05 21:03:27 | New Crypto-Stealer \'Panda\' Spread via Discord (lien direct) | PandaStealer is delivered in rigged Excel files masquerading as business quotes, bent on stealing victims' cryptocurrency and other info. |
To see everything:
Our RSS (filtrered)
