What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-05 15:52:17 | 15 Cybersecurity Pitfalls and Fixes for SMBs (lien direct) | In this roundtable, security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources. | |||
|
2021-04-02 19:56:57 | FBI: APTs Actively Exploiting Fortinet VPN Security Holes (lien direct) | Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. | |||
|
2021-04-02 18:16:10 | Call of Duty Cheats Expose Gamers to Malware, Takeover (lien direct) | Activision is warning that cyberattackers are disguising malware -- a remote-access trojan (RAT) -- in cheat programs. | Malware | ||
|
2021-04-02 16:45:29 | From PowerShell to Payload: An Analysis of Weaponized Malware (lien direct) | John Hammond, security researcher with Huntress, takes a deep-dive into a malware's technical and coding aspects. | Malware | ||
|
2021-04-02 13:09:25 | Robinhood Warns Customers of Tax-Season Phishing Scams (lien direct) | Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. | |||
|
2021-04-01 20:58:32 | 80% of Global Enterprises Report Firmware Cyberattacks (lien direct) | A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags. | |||
|
2021-04-01 19:53:04 | Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack (lien direct) | Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. | |||
|
2021-04-01 18:07:13 | Ragnarok Ransomware Hits Boggi Milano Menswear (lien direct) | The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details. | Ransomware | ||
|
2021-04-01 16:22:38 | Building a Fortress: 3 Key Strategies for Optimized IT Security (lien direct) | Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize. | |||
|
2021-04-01 14:51:02 | Google: North Korean APT Gearing Up to Target Security Researchers Again (lien direct) | Cyberattackers have set up a website for a fake company called SecuriElite, as well as associated Twitter and LinkedIn accounts. | |||
|
2021-03-31 19:43:03 | Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out (lien direct) | Google's Pixel and Apple's iPhone both in privacy hot seat for siphoning mobile device data without consent. | |||
|
2021-03-31 18:26:26 | Fraud Ring Lauders Money Via Fake Charity Donations (lien direct) | The Cart Crasher gang is testing stolen payment cards while cleaning ill-gotten funds. | |||
|
2021-03-31 18:22:48 | Child Tweets Gibberish from U.S. Nuke Account (lien direct) | Telecommuting social-media manager for the U.S. Strategic Command left the laptop open and unsecured while stepping away. | |||
|
2021-03-31 12:48:58 | APT Charming Kitten Pounces on Medical Researchers (lien direct) | Researchers uncover a credential-stealing campaign targeting genetic, neurology and oncology professionals. | APT 35 APT 35 | ||
|
2021-03-30 20:31:44 | Ziggy Ransomware Gang Offers Refunds to Victims (lien direct) | Ziggy joins Fonix ransomware group and shuts down, with apologies to targets. | Ransomware | ||
|
2021-03-30 20:22:42 | Malicious Docker Cryptomining Images Rack Up 20M Downloads (lien direct) | Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers. | Malware | ||
|
2021-03-30 16:54:20 | SolarWinds Attackers Accessed DHS Emails, Report (lien direct) | Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others. | |||
|
2021-03-30 12:49:12 | Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website (lien direct) | A class-action suit in Florida accuses the tech giant of unlawfully intercepting communications by using session-replay software to capture the interaction of people visiting the corporate homepage Intel.com. | |||
|
2021-03-29 21:07:56 | Pair of Apex Legends Players Banned for DDoS Server Attacks (lien direct) | Predator-ranked players on Xbox console game version rigged matches with DDoS attacks. | |||
|
2021-03-29 18:57:53 | Hades Ransomware Gang Exhibits Connections to Hafnium (lien direct) | There could be more than immediately meets the eye with this targeted attack group. | Ransomware | ||
|
2021-03-29 15:42:50 | PHP Infiltrated with Backdoor Malware (lien direct) | The server for the web-application scripting language was compromised on Sunday. | Malware | ||
|
2021-03-26 20:08:27 | Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies (lien direct) | The post-SolarWinds EO could be issued as soon as next week, according to a report. | |||
|
2021-03-26 19:09:55 | Employee Lockdown Stress May Spark Cybersecurity Risk (lien direct) | Younger employees and caregivers report more stress than other groups-- and more shadow IT usage. | |||
|
2021-03-26 16:06:25 | Insurance Giant CNA Hit with Novel Ransomware Attack (lien direct) | The incident, which forced the company to disconnect its systems, caused significant business disruption. | Ransomware | ||
|
2021-03-25 21:28:26 | Fleeceware Apps Bank $400M in Revenue (lien direct) | The cache of apps, found in Apple and Google's official marketplaces is largely targeted towards children, including several "slime simulators." | |||
|
2021-03-25 20:04:36 | Microsoft Offers Up To $30K For Teams Bugs (lien direct) | A bug-bounty program launched for the Teams desktop videoconferencing and collaboration application has big payouts for finding security holes. | |||
|
2021-03-25 18:31:27 | Facebook Disrupts Spy Effort Aimed at Uyghurs (lien direct) | The social-media giant took down legions of fake profiles aimed at spreading espionage malware. | |||
|
2021-03-25 17:11:28 | Manufacturing\'s Cloud Migration Opens Door to Major Cyber-Risk (lien direct) | New research shows that while all sectors are at risk, 70 percent of manufacturing apps have vulnerabilities. | |||
|
2021-03-24 20:53:54 | ProtonVPN CEO Blasts Apple for \'Aiding Tyrants\' in Myanmar (lien direct) | CEO says Apple rejected a security update needed to protect human-rights abuse evidence. | |||
|
2021-03-24 20:36:46 | Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws (lien direct) | Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes - but attackers are targeting those who haven't yet applied security updates. | |||
|
2021-03-24 18:39:29 | Ransomware Attack Foils IoT Giant Sierra Wireless (lien direct) | The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations. | Ransomware | ||
|
2021-03-24 18:39:26 | Microsoft Exchange Servers See ProxyLogon Patching Frenzy (lien direct) | Vast swathes of companies were likely compromised before patches were applied, so the danger remains. | Patching | ||
|
2021-03-24 14:56:09 | Purple Fox Malware Targets Windows Machines With New Worm Capabilities (lien direct) | A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing. | Malware | ★★★★ | |
|
2021-03-23 20:27:24 | Security Analysis Clears TikTok of Censorship, Privacy Accusations (lien direct) | TikTok's source code is in line with industry standards, security researchers say. | |||
|
2021-03-23 20:05:30 | Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail (lien direct) | A former IT contractor is facing jailtime after a retaliatory hack into a company's network and wiping the majority of its employees' Microsoft Office 365 accounts. | Hack | ||
|
2021-03-23 19:50:40 | MangaDex Site Offline Following Hacking Incident (lien direct) | A cyberattacker taunted the site about open security vulnerabilities on the site, prompting a code review. | |||
|
2021-03-23 19:46:43 | Hobby Lobby Exposes Customer Data in Cloud Misconfiguration (lien direct) | The arts-and-crafts retailer left 138GB of sensitive information open to the public internet. | |||
|
2021-03-23 16:39:43 | Podcast: Microsoft Exchange Server Attack Onslaught Continues (lien direct) | Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week. | Threat | ||
|
2021-03-23 14:16:14 | Energy Giant Shell Is Latest Victim of Accellion Attacks (lien direct) | Attackers accessed personal and business data from the company's legacy file-transfer service in a recent data-security incident but core IT systems remained untouched. | |||
|
2021-03-22 20:39:08 | CISA Warns of Security Flaws in GE Power Management Devices (lien direct) | The flaws could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition. | |||
|
2021-03-22 19:01:10 | Critical Security Bugs Fixed in Virtual Learning Software (lien direct) | Remote ed software bugs give attackers wide access student computers, data. | |||
|
2021-03-22 15:49:59 | Adobe Fixes Critical ColdFusion Flaw in Emergency Update (lien direct) | Attackers can leverage the critical Adobe ColdFusion flaw to launch arbitrary code execution attacks. | |||
|
2021-03-19 20:52:15 | Critical F5 BIG-IP Flaw Now Under Active Attack (lien direct) | Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure. | |||
|
2021-03-19 18:18:52 | Office 365 Phishing Attack Targets Financial Execs (lien direct) | Attackers move on new CEOs, using transition confusion to harvest Microsoft credentials. | |||
|
2021-03-19 15:21:45 | Bogus Android Clubhouse App Drops Credential-Swiping Malware (lien direct) | The malicious app spreads the BlackRock malware, which steals credentials from 458 services - including Twitter, WhatsApp, Facebook and Amazon. | Malware | ||
|
2021-03-19 14:52:21 | CopperStealer Malware Targets Facebook and Instagram Business Accounts (lien direct) | A previously undocumented password and cookie stealer has been compromising accounts of big guns like Facebook, Apple, Amazon and Google since 2019 and then using them for cybercriminal activity. | Malware | ||
|
2021-03-18 20:15:37 | Fiserv Forgets to Buy Domain It Used as System Default (lien direct) | Fintech security provider Fiserv acknowledges it used unregistered domain as default email. | |||
|
2021-03-18 19:42:21 | Trojanized Xcode Project Slips MacOS Malware to Apple Developers (lien direct) | In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects. | Malware Threat | ||
|
2021-03-18 15:52:29 | Zoom Screen-Sharing Glitch \'Briefly\' Leaks Sensitive Data (lien direct) | A glitch in Zoom's screen-sharing feature shows parts of presenters' screens that they did not intend to share - potentially leaking emails or passwords. | |||
|
2021-03-18 14:53:23 | Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter (lien direct) | The newly discovered steganography method could be exploited by threat actors to obscure nefarious activity inside photos hosted on the social-media platform. | Threat |
To see everything:
Our RSS (filtrered)
