What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-18 20:21:02 | Weather Channel Knocked Off-Air in Dangerous Precedent (lien direct) | The incident was the work of malicious cyberattackers. | ★★★ | ||
|
2019-04-18 18:56:03 | Shopify Flaw Exposed Thousands of Merchants\' Revenue, Traffic Numbers (lien direct) | The flaw, which existed in a Shopify API endpoint, has been patched. | ★★★★★ | ||
|
2019-04-18 18:03:00 | Poll: Facebook Harvests Email Contacts for 1.5M Users – Is Enough, Enough? (lien direct) | Take our short poll on how far Facebook can push its luck. | ★★ | ||
|
2019-04-18 16:00:03 | Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug (lien direct) | The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug. | ★★ | ||
|
2019-04-18 13:04:03 | Cisco Patches Critical Flaw In ASR 9000 Routers (lien direct) | The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said. | ★★ | ||
|
2019-04-17 20:59:05 | Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images (lien direct) | The ubiquitous nature of the flaw opens the door for rapidly spreading, crippling cyberattacks. | Malware | ★★★★ | |
|
2019-04-17 19:53:05 | Researchers: Facebook\'s Data-Leveraging Scandal Puts Users on Notice (lien direct) | After a report revealed that Facebook used user data to leverage its relationships with other companies, researchers are stressing that both firms and users need to re-assess data privacy. | ★★★★ | ||
|
2019-04-17 17:32:00 | State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally (lien direct) | An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks. | ★★★ | ||
|
2019-04-17 15:34:04 | ThreatList: Bad Bots Account for a Fifth of All Web Traffic, FinServ Hit the Worst (lien direct) | The financial services industry sees nearly half of all website traffic coming from malicious bots. | ★★★★ | ||
|
2019-04-17 13:33:00 | Oracle Squashes 53 Critical Bugs in April Security Update (lien direct) | Overall Oracle patched 297 flaws across multiple product as part of its April security update. | ★★★★ | ||
|
2019-04-12 16:56:02 | Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers (lien direct) | The duo are convicted of infecting 400,000 computers in the U.S. with malware and scamming victims out of millions of dollars. | Malware | ★★★★ | |
|
2019-04-12 14:58:05 | North Korea\'s Hidden Cobra Strikes U.S. Targets with HOPLIGHT (lien direct) | The custom malware is a spy tool and can also disrupt processes at U.S. assets. | Malware Tool | APT 38 | |
|
2019-04-12 14:13:00 | WordPress Yellow Pencil Plugin Flaws Actively Exploited (lien direct) | Yet another Wordpress plugin, Yellow Pencil Visual Theme Customizer, is being exploited in the wild after two software vulnerabilities were discovered. | |||
|
2019-04-12 14:08:04 | ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps (lien direct) | Convincing phishing pages and millions of suspicious apps are plaguing tax season. | |||
|
2019-04-11 17:19:04 | WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited (lien direct) | A vulnerability in the Yuzo Related Posts WordPress plugin, used by 60,000 websites, is being exploited in the wild. | Vulnerability | ||
|
2019-04-11 16:05:04 | SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter (lien direct) | At SAS 2019, Recorded Future CTO discusses a new kind of high-profile influence campaign spotted using a new technique: Old news. | |||
|
2019-04-11 12:54:05 | Amazon Auditors Listen to Echo Recordings, Report Says (lien direct) | Amazon is under fire for its privacy policies after a Bloomberg report revealed that the company hires auditors to listen to Echo recordings. | |||
|
2019-04-10 20:11:04 | SAS 2019: Joe FitzPatrick Warns of the \'$5 Supply Chain Attack\' (lien direct) | At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats. | |||
|
2019-04-10 15:21:02 | Yahoo Offers $117.5M Settlement in Data Breach Lawsuit (lien direct) | Yahoo is taking a second stab at settling a massive lawsuit regarding the data breaches that the Internet company faced between 2013 and 2016. | Data Breach | Yahoo | |
|
2019-04-10 04:30:03 | SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort (lien direct) | The SneakyPastes campaign was highly effective but hardly advanced. | ★★ | ||
|
2019-04-10 03:11:05 | SAS 2019: Meet \'TajMahal,\' A New and Highly Advanced APT Framework (lien direct) | A highly sophisticated APT framework has been found targeting a single Central Asian diplomatic entity for years. | ★★ | ||
|
2019-04-09 20:11:04 | Intel Patches High-Severity Flaws in Media SDK, Mini PC (lien direct) | Overall Intel patched four vulnerabilities, including high-severity flaws in its Media SDK and Intel NUC mini PC. | ★★ | ||
|
2019-04-09 18:08:00 | Adobe Fixes 24 Critical Flaws in Acrobat Reader, Flash, Shockwave Player (lien direct) | During its regularly scheduled April security update, Adobe overall issued 43 patches, including ones for 24 critical vulnerabilities in eight of its products. | ★★★ | ||
|
2019-04-09 16:22:00 | Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print (lien direct) | The Samsung Galaxy S10 fingerprint sensor can be fooled in a hack that takes a mere 13 minutes and involves a 3D printed fingerprint. | Hack | ||
|
2019-04-09 15:39:00 | Shadow App Development: Insider Threat or Opportunity? (lien direct) | The challenge for most enterprises is that the demand for software is so high that traditional development teams often can't keep up. | Threat | ||
|
2019-04-09 13:00:04 | Verizon Router Command Injection Flaw Impacts Millions (lien direct) | A high-severity flaw in the Verizon Fios Quantum Gateway, used in millions of U.S. homes, could allow for command injection. | |||
|
2019-04-09 12:06:00 | SAS 2019: 4 Stuxnet-Related APTs Form Gossip Girl, an \'Apex Threat Actor\' (lien direct) | Flowershop, Equation, Flame and Duqu appear to have a hand in the different phases of Stuxnet development, all working as part of an operation active as early as 2006. | Threat | ||
|
2019-04-09 07:20:04 | SAS 2019: Genesis Marketplace Peddles 60K Stolen Digital Identities (lien direct) | An underground marketplace is selling tens of thousands of compromised digital identities, paving the way for cybercriminals to commit online fraud. | |||
|
2019-04-05 20:29:00 | Cisco Finally Patches Router Bugs As New Unpatched Flaws Surface (lien direct) | Cisco repatched its RV320 and RV325 routers against two high-severity vulnerabilities, but at the same time reported two new medium-severity bugs with no fixes. | |||
|
2019-04-05 17:42:04 | Facebook Boots 74 Cybercrime Groups From Platform (lien direct) | The 74 cybercrime groups were offering illicit services - from email spamming tools to stolen credentials - right on Facebook's platform. | |||
|
2019-04-05 14:22:04 | Hackers Abuse Google Cloud Platform to Attack D-Link Routers (lien direct) | Three waves of DNS hijacking attacks against consumer routers have been linked back to Google Cloud Platform abuse. | |||
|
2019-04-05 14:01:02 | LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files (lien direct) | Spam campaign features obfuscated .zipx archive that unpacks LokiBot attack. | Spam | ||
|
2019-04-04 17:33:04 | This Preinstalled Mobile Security App Delivered Vulnerabilities, Not Protection (lien direct) | No. 4 global phone maker, Xiaomi, preinstalled a security app called 'Guard Provider' that had a major flaw. | ★★ | ||
|
2019-04-04 17:31:00 | Facebook and Amazon are Locked in a Blame Game Over Leaked Data: Who\'s Really To Blame? (lien direct) | After two databases were discovered leaking Facebook data, Facebook and Amazon are both pointing fingers - but researchers say the onus lies on all parties involved as data collection continues to grow. | ★★★★ | ||
|
2019-04-04 13:26:01 | Free Cynet Threat Assessment for Mid-sized and Large Organizations (lien direct) | Have your business try Cynet's Free Threat Assessment that checks for malware, C&C connections, data exfiltration, phishing link access, user credential thefts attempts, etc. | Threat | ||
|
2019-04-04 13:00:02 | BEC Scam Gang London Blue Evolves Tactics, Targets (lien direct) | Business email compromise group London Blue is back with evolved email domain spoofing tactics and a newfound interest in targets in Asia. | |||
|
2019-04-04 11:00:00 | SAS 2019 to Tackle APTs, Supply Chains and More (lien direct) | The Security Analyst Summit 2019 heads to Singapore where elite researchers, top cybersecurity firms and global law enforcement agencies fight cybercrime. | |||
|
2019-04-03 21:27:04 | Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution (lien direct) | Nvidia has patched eight high-severity flaws in its Tegra processors, which could enable denial of service and code execution. | |||
|
2019-04-03 18:36:00 | Facebook Data of Millions Exposed in Leaky Datasets (lien direct) | Researchers say that two publicly exposed dataset are leaking Facebook data- from user names to plaintext passwords. | ★★★ | ||
|
2019-04-03 17:57:04 | How to Maximize the Value of Your Cybersecurity Investment (lien direct) | Maximizing your security investment starts with hiring the right talent, harvesting data, spotting trends in logs and more. | ★★★★★ | ||
|
2019-04-03 14:44:02 | OceanLotus APT Uses Steganography to Shroud Payloads (lien direct) | The OceanLotus APT is using two new loaders which use steganography to read their encrypted payloads. | APT 32 | ★★★★ | |
|
2019-04-02 20:26:02 | ThreatList: Half of All Attacks Aim at Supply Chain (lien direct) | Attackers these days want to 'own' your entire system, including partners and suppliers. | ★★★★ | ||
|
2019-04-02 15:48:04 | Mobile-First Phishing Kit Targets Verizon Customers (lien direct) | The kit's authors demonstrate a knowledge of Verizon's infrastructure. | |||
|
2019-04-02 15:32:03 | (Déjà vu) Google\'s April Android Security Bulletin Warns of 3 Critical Bugs (lien direct) | Google's April Android Security update fixed 12 Android-specific vulnerabilities including three critical remote code execution flaws. | |||
|
2019-04-02 09:01:04 | Financial Apps are Ripe for Exploit via Reverse Engineering (lien direct) | White hat hacker reverse engineers financial apps and finds a treasure trove of security issues. | |||
|
2019-04-01 20:15:03 | March Madness Scams Give Attackers Fast Break (lien direct) | Researchers have seen March Madness-related phishing scams, fake domains and adware spike as cybercriminals take a pass at tournament viewers. | |||
|
2019-04-01 17:45:01 | Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps (lien direct) | Google said in 2018 it tracked a rise in the number of potentially harmful apps found on Android devices that were either pre-installed or delivered via over-the-air updates. | |||
|
2019-04-01 15:40:03 | ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals (lien direct) | As Game of Thrones' eighth season gets ready to kick off, a new report says the popular TV show accounted for 17 percent of all infected pirated content in the last year. | Malware | ||
|
2019-03-29 16:26:00 | Magento Patches Critical SQL Injection and RCE Vulnerabilities (lien direct) | Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. | Vulnerability | ||
|
2019-03-29 14:13:05 | Critical Rockwell Automation Bug in Drive Component Puts IIoT Plants at Risk (lien direct) | A critical Rockwell Automation flaw could be exploited to manipulate an industrial drive's physical process and or even stop it. |
To see everything:
Our RSS (filtrered)
