What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-20 09:01:27 | Google looking outside the usual channels to fix security skills gap (lien direct) | 'If your input continues to be monoculture, you can expect the same outcomes' Cybersecurity moves fast. New and bigger threats emerge all the time across an ever-expanding attack surface and there's not enough people to fill vacant jobs.… | |||
|
2022-11-20 09:00:12 | Serendipitous discovery nets security researcher $70k bounty (lien direct) | Also, a phishing gang goes Royal, while another employee at Snowden's old haunt gets caught nabbing data In brief A security researcher whose Google Pixel battery died while sending a text is probably thankful for the interruption - powering it back up led to a discovery that netted him a $70,000 bounty from Google for a lock screen bypass bug.… | |||
|
2022-11-17 20:13:34 | Koch-funded group sues US state agency for installing \'spyware\' on 1m Android devices (lien direct) | Class-action lawsuit seeks $1 in nominal damages The Massachusetts Department of Public Health conspired with Google to secretly install a COVID-19 tracing app onto more than 1 million Android users' devices without their knowledge and without obtaining warrants, according to a class-action lawsuit filed this week by the New Civil Liberties Alliance.… | |||
|
2022-11-17 08:30:10 | Notorious Emotet botnet returns after a few months off (lien direct) | And it's been sending out hundreds of thousands of malicious emails a day The Emotet malware-delivery botnet is back after a short hiatus, quickly ramping up the number of malicious emails it's sending and sporting additional capabilities, including changes to its binary and delivering a new version of the IcedID malware dropper.… | Malware | ||
|
2022-11-16 23:30:13 | Iranian cyberspies exploited Log4j to break into a US govt network (lien direct) | It's the gift to cybercriminals that keeps on giving Iranian state-sponsored cyber criminals used an unpatched Log4j flaw to break into a US government network, illegally mine for cryptocurrency, steal credentials and change passwords, and then snoop around undetected for several months, according to CISA.… | |||
|
2022-11-16 19:30:07 | WASP malware puts a sting in Python developers (lien direct) | Info-stealing trojan is hidden in malicious PyPI packages on GitHub WASP malware is using steganography and polymorphism to evade detection with malicious Python packages designed to steal credentials, personal information, and cryptocurrency.… | Malware | ||
|
2022-11-14 01:15:18 | Australia to \'stand up and punch back\' against cyber crims (lien direct) | Creates 100-strong squad comprising cops and spooks with remit to disrupt ransomware ops Australia's government has declared the nation is planning to go on the offensive against international cyber crooks following recent high-profile attacks on local health insurer Medibank and telco Optus.… | Ransomware | ||
|
2022-11-11 20:06:11 | World Cup apps pose a data security and privacy nightmare (lien direct) | Unless you're fine with Qatar snoops remotely accessing your phone With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game.… | |||
|
2022-11-11 07:34:10 | Europe calls for joint cyber defense to ward off Russia (lien direct) | EC veep: 'Cyber is the new domain in warfare' The European Commission on Thursday proposed a cyber defense policy in response to Europe's "deteriorating security environment" since Russia illegally invaded Ukraine earlier this year.… | |||
|
2022-11-10 04:46:41 | Windows breaks under upgraded IceXLoader malware (lien direct) | We're the malware of Nim! A malware loader deemed in June to be a "work in progress" is now fully functional and infecting thousands of Windows corporate and home PCs.… | Malware | ||
|
2022-11-08 20:30:09 | Swiss Re wants government bail out as cybercrime insurance costs spike (lien direct) | Giant forecasts premiums rising to $23b by 2025 As insurance companies struggle to stay afloat amid rising cyber claims, Swiss Re has recommended a public-private partnership insurance scheme with one option being a government-backed fund to help fill the coverage gap.… | |||
|
2022-11-07 15:30:08 | Oh, look: More malware in the Google Play store (lien direct) | Also, US media hit with JavaScript supply chain attack, while half of govt employees use out-of-date mobile OSes in brief A quartet of malware-laden Android apps from a single developer have been caught with malicious code more than once, yet the infected apps remain on Google Play and have collectively been downloaded more than one million times. … | Malware | ★★★★★ | |
|
2022-11-07 11:32:10 | Japan officially joins NATO\'s cyber defense center (lien direct) | Reports also say it's joined forces with US to make chips, to the tune of $2.4 billion Japan's Ministry of Defence (JMOD) announced on Friday that it has formally joined NATO's Cooperative Cyber Defense Centre of Excellence (CCDCOE).… | |||
|
2022-11-07 07:56:05 | China is likely stockpiling and deploying vulnerabilities, says Microsoft (lien direct) | Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities.… | |||
|
2022-11-07 01:45:10 | Breached health insurer won\'t pay ransom to protect customers, warns of more attacks (lien direct) | Australia's Medibank uses a government-approved Band-Aid to cover a gaping 10-milion-record wound Australian health insurer Medibank – which spent October discovering a security incident was worse than it first thought – has announced it will not pay a ransom to attackers that made off with personal info describing nearly ten million customers.… | |||
|
2022-11-03 18:00:08 | Kyndryl loses $281m in the quarter as modernization agenda continues (lien direct) | How to turn a classic infrastructure biz into something fit for the cloud era Shapeshifting infrastructure services biz Kyndryl can't plug its revenue leak but cutting costs did cut losses in half.… | |||
|
2022-11-03 08:29:13 | Royal Mail customer data leak shutters online Click and Drop (lien direct) | Customers complain of exposed order info, multiple charges - but still no postage A technical SNAFU shut down the UK's Royal Mail Click and Drop website on Tuesday after a security "issue" allowed some customers to see others' order information. … | |||
|
2022-11-02 20:45:13 | US Treasury thwarts DDoS attack from Russian Killnet group (lien direct) | Yet another pathetic 'stunt' from pro-Kremlin criminals The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet.… | |||
|
2022-11-02 07:29:05 | Ritz cracker giant settles bust-up with insurer over $100m+ NotPetya cleanup (lien direct) | Deal could 'upend the entire cyber-insurance ecosystem and make it almost impossible to get meaningful cyber coverage' Mondelez International has settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover the snack giant's $100-million-plus cleanup bill following the 2017 NotPetya outbreak.… | NotPetya NotPetya | ||
|
2022-11-01 23:52:06 | Dropbox admits 130 of its private GitHub repos were copied after phishing attack (lien direct) | Personal info and data safe, stolen code not critical, apparently Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials.… | |||
|
2022-11-01 21:39:28 | OpenSSL downgrades horror bug after week of panic, hype (lien direct) | Relax, there's more chance of Babbage coming back to life to hack your system than this flaw being exploited OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week. … | Hack Vulnerability | ||
|
2022-11-01 14:30:05 | Government by Gmail catches up with UK minister... who is reappointed anyway (lien direct) | Home Secretary 'nominally in charge' of nation's security apologizes for breach of tech protocols The UK's Home Secretary – the minister in charge of policing and internal security – has been forced to apologize for breaching IT security protocols in government.… | |||
|
2022-10-31 17:30:09 | The White House\'s global ransomware summit couldn\'t come at a better time (lien direct) | As cyber threats ramp up, businesses and organizations will be hoping for more than platitudes The White House has begun its second annual International Counter Ransomware Summit in which Biden administration officials will convene with representatives of three dozen nations, the EU, and private business to discuss the growing threat posed by data-destroying cyber attacks.… | Ransomware Threat | ||
|
2022-10-31 16:30:08 | Ordinary web access request or command to malware? (lien direct) | Cranefly group unleashes nasty little technique using Microsoft Internet Information Services (IIS) logs A threat group that targets corporate emails is delivering dropper malware through a novel technique that uses Microsoft Internet Information Services (IIS) logs to send commands disguised as web access requests.… | Malware Threat | ||
|
2022-10-28 11:15:05 | Apple boosts bug bounties but may not fix some bugs in past operating systems (lien direct) | Where's your spirit of Ventura? Apple has opened up a bit about its product security, though the iGiant's slightly chattier demeanor, via a new security blog, may be appreciated less than its bug bounty upgrade.… | |||
|
2022-10-28 06:26:12 | Ubuntu continues expanding RISC-V support – now, the $17 Sipeed LicheeRV (lien direct) | As progress revealed on Android port to the open ISA Canonical has brought its Ubuntu Linux operating system to another RISC-V system: this week, Sipeed's LicheeRV single board computer.… | |||
|
2022-10-27 16:45:13 | KDE 5.26 gets a second point release (yes, already) (lien direct) | It's worth it, though. And it's easy to install the latest KDE on the latest Kubuntu KDE 5.26.2 is out with an emergency fix for a memory leak – so if you already have the new version, you should update. If you don't have 5.26, we're here to tell you how.… | |||
|
2022-10-27 05:02:15 | India fines Google another $114 million, demands Play open to third party payments (lien direct) | Ad and search giant protests even though it's already made the same changes in other countries Fresh from fining Google $162 million for abusing its Android monopoly, India's Competition Commission has announced it will fine Google another ₹936.44 crore ($114 million) for anti-competitive practices in relation to its Play store.… | |||
|
2022-10-26 23:06:26 | Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiends (lien direct) | Separately, charges slapped on alleged operator of dark market, The Real Deal Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday.… | Malware | ||
|
2022-10-26 20:31:23 | Cisco AnyConnect Windows client under active attack (lien direct) | Make sure you're patched – and update VMware Cloud Foundation, too, by the way Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers.… | |||
|
2022-10-26 04:27:05 | If someone tries ransacking your Windows network, it\'s a bit easier now to grok in Microsoft 365 Defender (lien direct) | Blinking, beeping, and flashing lights, blinking and beeping and flashing... Microsoft is bringing Azure Active Directory Identity Protection alerts to Microsoft 365 Defender to seemingly help IT folks thwart criminals infiltrating corporate networks via compromised users.… | |||
|
2022-10-26 03:45:08 | Health insurer Medibank\'s data breach diagnosis keeps getting worse (lien direct) | All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a regulatory filing stating that info describing all four million customers has been accessed.… | Data Breach | ||
|
2022-10-25 22:55:07 | Meta met a programming language it likes better than Java (lien direct) | Goggles giant on how it gave its Android apps a Kotlin makeover Meta, parent of Facebook, is in the midst of migrating its Android app Java code to Kotlin, a younger programming language that also relies on the Java Virtual Machine, or JVM.… | |||
|
2022-10-25 08:30:06 | Gone phishing: UK data watchdog fines construction biz £4.4m for poor infosec hygiene (lien direct) | Staff member bit on lure, ultimately exposed up to 113,000 colleagues' personal information Britain's data watchdog has slapped construction business Interserve Group with a potential £4.4 million ($4.98M) fine after a successful phishing attack by criminals exposed the personal data of up to 113,000 employees.… | |||
|
2022-10-24 22:11:11 | Payment terminal malware steals $3.3m worth of credit card numbers – so far (lien direct) | With shops leaving VNC and RDP open, quelle surprise Cybercriminals have used two strains of point-of-sale (POS) malware to steal the details of more than 167,000 credit cards from payment terminals. If sold on underground forums, the haul could net the thieves upwards of $3.3 million.… | Malware | ||
|
2022-10-24 17:00:13 | CISA, FBI warn healthcare organizations of Daixin ransomware (lien direct) | Gang was behind the attack on OakBend Medical Center Federal agencies are warning of a threat group called Daixin Team that is using ransomware and data extortion tactics to target US healthcare organizations.… | Ransomware Threat | ||
|
2022-10-24 00:15:05 | Blazing South Korean datacenter operator raided by cops, blames its own batteries (lien direct) | PLUS: Australia boosts data breach fines; India outlet drops Meta allegations; AWS spices up Thailand's cloud; and more Asia In Brief South Korean police have reportedly raided the premises of SK C&C, the operator of the datacenter that caught fire on the weekend of October 15 and disrupted the operations of local web giants Naver and Kakao.… | Data Breach | ||
|
2022-10-22 22:53:26 | Russia wages disinformation war. Ukraine\'s cyber chief calls for global anti-fake news fight (lien direct) | 'Completely new approaches should be developed to prevent the influence of this propaganda' As a hybrid offline and online war wages on in Ukraine, Viktor Zhora, who leads the country's cybersecurity agency, has had a front-row seat of it all.… | Guideline | ||
|
2022-10-21 10:28:06 | Good news, URSNIF no longer a banking trojan. Bad news, it\'s now a backdoor (lien direct) | And one designed to slip ransomware and data-stealing code onto infected machines URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.… | Ransomware Malware | ||
|
2022-10-21 04:59:12 | Windows Subsystem for Android declared ready for prime time (lien direct) | Works well, but selection of available apps is meagre First Look Microsoft has decided the Windows Subsystem for Android (WSA) – its offering that runs Android VMs which behave just like another application in Windows – is sufficiently stable that it can be designated version 1.0 and made available to all.… | |||
|
2022-10-21 01:58:07 | India fines Google $162 million for abusing Android monopoly (lien direct) | That's a whole six hours of revenue, but requirements to open the Android ecosystem will hit harder India's Competition Commission has announced it will fine Google ₹1,337.76 crore (₹13,377,600,000 or $161.5 million) for abusing its dominant position in multiple markets in the Android Mobile device ecosystem and ordered the company to open the Android ecosystem to competition.… | |||
|
2022-10-20 15:00:10 | BlueBleed: Microsoft customer data leak claimed to be \'one of the largest\' in years (lien direct) | SOCRadar says sensitive information from 150,000 companies was exposed but Redmond disputes findings Microsoft has confirmed a data leak linked to a misconfigured server for a cloud storage service but is disputing the extent of the problem.… | |||
|
2022-10-20 09:30:14 | Biden administration wants standard cyber security labelling for smart devices (lien direct) | May follow Finland and Germany in adopting Singapore's standard The Biden administration has accelerated its efforts to add cyber security labelling for consumer Internet of Things (IoT) devices, and may join other nations in adopting the scheme pioneered by Singapore.… | |||
|
2022-10-19 22:04:12 | Verizon prepaid accounts hijacked by SIM swap crooks (lien direct) | Nightmare for those with one-time security codes texted to their phones Verizon has notified some prepaid customers that their accounts were compromised and their phone numbers potentially hijacked by crooks via SIM swaps.… | |||
|
2022-10-19 07:30:12 | Germany stands down cyber boss over Russian ties (lien direct) | Involvement with lobby group that welcomed Putin's pals presses buttons Germany's government has stood down the president of its Federal Office for Information Security, Arne Schönbohm, over his links to Russia.… | |||
|
2022-10-19 06:58:09 | Kakao CEO resigns, South Korean gov hits Cyber Emergency button, after disruptive data centre fire (lien direct) | Almost, but not quite, that moment of Big Tech accountability you've been waiting for One of the CEOs of South Korean super-app Kakao has resigned in the wake of the data centre fire that disrupted it and other web giants.… | |||
|
2022-10-18 11:44:09 | (Déjà vu) Upstart Ransom Cartel linked to REvil veterans (lien direct) | Lesser of two REvils? There's a relationship, say infosec bods, but not enough to say one evolved into the other It has been almost a year since the ransomware gang Ransom Cartel was first detected and the crew over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.… | Ransomware | ||
|
2022-10-18 11:44:09 | Ransom Cartel linked to Colonial Pipeline attacker REvil, says infosec crew (lien direct) | The lesser of two REvils? There's a relationship there, but not enough to say one evolved into the other It has been almost a year since the emerging ransomware gang Ransom Cartel was first detected and the group over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.… | Ransomware | ||
|
2022-10-18 07:31:14 | Imagine surviving a wiper attack only for ransomware to scramble your restored files (lien direct) | Then again, imagine being invaded by Russia Organizations hit earlier by the HermeticWiper malware have reportedly been menaced by ransomware unleashed this month against transportation and logistics industries in Ukraine and Poland.… | Ransomware Malware | ||
|
2022-10-18 06:27:06 | Cops swoop after crooks use wireless keyfob hack to steal cars (lien direct) | Hotwiring is so 2021 Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.… | Hack |
To see everything:
Our RSS (filtrered)
