What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-18 06:27:06 | Cops swoop after crooks use wireless keyfob hack to steal cars (lien direct) | Hotwiring is so 2021 Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles.… | Hack | ||
|
2022-10-17 05:58:14 | Loathsome eighties ladder-climber levelled by a custom DOS prompt (lien direct) | This wasn't WarGames – it was far more serious Who, Me? The working week is upon us again, so what better way to mark it than with another of The Reg's weekly tales of readers getting away with it after perhaps not having done their very best work.… | |||
|
2022-10-16 22:46:14 | Xi Jinping hails \'improved cyber ecology\', says state to direct strategic tech research (lien direct) | Samsung and TSMC hit with chip tech patent suit; Ant Group's DB hits AWS; PayPal drops Hong Kong rights group; and more Asia In Brief Chinese president Xi Jinping has opened the 20th Congress of the Chinese Communist Party with a call for the nation he leads to win the race for development of “core technologies” and to become self-reliant in strategic tech.… | Guideline | ||
|
2022-10-14 08:32:11 | LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites (lien direct) | Managed software provider Advanced admits some customer data 'exfiltrated' in August ransomware attack Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months.… | Ransomware Malware | ||
|
2022-10-13 23:35:05 | Banks face their \'darkest hour\' as malware steps up, maker of antivirus says (lien direct) | When I saw it, I had to reverse engineer it, Kaspersky's lead security researcher tells us Interview Crimeware targeting banks and other financial-services organizations today features sophisticated capabilities and evasion tools, according to Kaspersky's lead security researcher Sergey Lozhkin.… | Malware Guideline | ||
|
2022-10-11 14:00:11 | Samsung\'s Ukraine headquarters damaged by Russian missile strike (lien direct) | R&D Center focuses on autonomous AI, otherwise known as On-Device AI Samsung's Ukraine headquarters were damaged during a Russian attack on Kyiv that began Monday morning and which killed at least 14, injuring others.… | |||
|
2022-10-11 10:32:14 | Fortinet warns of critical flaw in its security appliance OSes, admin panels (lien direct) | Naturally, they're already under attack – so you know what to do next Security appliance vendor Fortinet has become the subject of a bug report by its own FortiGuard Labs after the discovery of a critical-rated flaw in three of its products.… | |||
|
2022-10-11 04:57:05 | Optus data breach prompts pincer movement of twin regulatory probes (lien direct) | Data retention requirements to be considered alongside infosec failings Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident – which saw almost ten million locals' personal data exposed online.… | Data Breach | ★★★ | |
|
2022-10-10 16:45:13 | Intel Alder Lake BIOS code leak may contain vital secrets (lien direct) | Gurus say source includes secret hardware info, private signing key for Boot Guard protection Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel's Boot Guard security technology.… | |||
|
2022-10-10 10:47:12 | Singtel confirms digital burglary at Dialog subsidiary (lien direct) | Second of Singapore telco's Australian businesses to be prised open by criminals in weeks Singtel has confirmed that another Australian business it owns, consulting unit Dialog, has fallen victim to a cyber burglary just weeks after the mammoth data leak at telco Optus was revealed.… | |||
|
2022-10-10 09:29:11 | Criminal multitool LilithBot arrives on malware-as-a-service scene (lien direct) | Bespoke botnet up for grabs from outfit praised for, er, customer service A Russia based threat group that set up a malware distribution shop earlier this year is behind a Swiss Army knife-like botnet that comes with a range of other malicious capabilities, from stealing information to mining cryptocurrency.… | Malware Threat | ||
|
2022-10-09 08:12:08 | When are we gonna stop calling it ransomware? It\'s just data kidnapping now (lien direct) | It's not like the good old days with iffy cryptography and begging for keys Comment It's getting difficult these days to find a ransomware group that doesn't steal data and promise not to sell it if a ransom is paid off. What's more, these criminals are going down the extortion-only route, and not even bothering to scramble your files with encryption.… | Ransomware | ||
|
2022-10-08 10:56:05 | Biden\'s Privacy Shield 2.0 order may not satisfy Europe (lien direct) | Also, Albania almost called in NATO over cyber attacks, and Facebook warns of account-stealing mobile apps In brief An executive order signed by President Biden on Friday to setting out fresh rules on how the US and Europe share people's private personal info may still fall short of the EU's wishes, says the privacy advocate who defeated the previous regulations in court.… | |||
|
2022-10-06 17:30:13 | FBI, CISA aren\'t worried about cyber threats to US midterms (lien direct) | Besides, authorities are plenty familiar with what foreign interference looks like The FBI and Cybersecurity and Infrastructure Security Agency (CISA) claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity or manipulate votes at scale.… | |||
|
2022-10-06 07:22:07 | AI eye-scanner can tell whether you\'ll croak it from a heart attack (lien direct) | If and when this hits the mainstream, who's going to trust their retinas to random models? AI algorithms can predict whether a patient is at risk of suffering a stroke, heart attack, or dying from heart disease just by studying images of their retinas, according to research out of England.… | |||
|
2022-10-06 00:33:21 | Former Uber CSO convicted of covering up massive 2016 data theft (lien direct) | Passing off a ransom payment as a bug bounty? That's obstruction of justice Joe Sullivan, Uber's former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers' personal information.… | Uber Uber | ||
|
2022-10-05 05:31:06 | DoJ \'very disappointed\' with probation sentence for Capital One hacker Paige Thompson (lien direct) | 'This is not what justice looks like' says US attorney of sanction for leak of 100 million records Convicted wire fraud perpetrator Paige Thompson (aka "erratic") has been sentenced to time served and five years of probation with location and computer monitoring, prompting U.S. Attorney Nick Brown to label the sanctions unsatisfactory.… | |||
|
2022-10-05 02:15:05 | No Shangri-La for you: Top hotel chain confirms data leak (lien direct) | In Xanadu did Kubla Khan a stately pleasure-dome decree Hotel chain Shangri-La Group has admitted to its systems being attacked, and personal data describing guests accessed by unknown parties, over a timeframe that includes the dates on which a high-level international defence conference was staged at one of its Singapore properties.… | |||
|
2022-10-04 16:15:07 | Microsoft: Watch out for password spray attacks – especially you, Basic Auth (lien direct) | Exchange Online users should have authentication policies in place Microsoft is warning Exchange Online users about a rise in password spray attacks, urging those that have yet to disable Basic Authentication to at least set up authentication policies to protect their users and data.… | |||
|
2022-10-04 11:32:15 | Don\'t mind Facebook, just putting its own browser in its Android app (lien direct) | Totally not for data collection Analysis Meta's Facebook has been testing its own custom-browser engine within its Android app and plans to distribute the code more widely, ostensibly for the sake of better security and an improved user experience.… | |||
|
2022-10-04 05:56:10 | Japanese sushi chain boss resigns amid accusation of improper data access (lien direct) | Data theft stinks, says victim. Alleged perp claims he's getting a raw deal The president of casual Japanese chain restaurant Kappa Sushi resigned yesterday in the wake of a data-theft scandal that has rocked the world of sushi trains.… | |||
|
2022-10-03 10:00:10 | Between ransomware and month-long engagements, IR teams need a hug - and a nap (lien direct) | Here's what 1,100 incident responders say about their jobs, just in time for NSCAM Remember the good old days of cyber-incident response, when the job involved digital forensics and lots of stolen credit cards, as opposed to power-grid-breaking malware and multi-million-dollar ransom demands?… | Ransomware Malware | ||
|
2022-10-02 12:56:07 | (Déjà vu) Steganography alert: Backdoor spyware stashed in Microsoft logo (lien direct) | Now that's sticker shock Internet snoops have been caught concealing spyware in an old Windows logo in an attack on governments in the Middle East.… | |||
|
2022-10-02 12:56:07 | Stenography alert: Backdoor spyware stashed in Microsoft logo (lien direct) | Now that's sticker shock Internet snoops has been caught concealing spyware in an old Windows logo in an attack on governments in the Middle East.… | |||
|
2022-10-02 08:47:05 | BlackCat malware lashes out at US defense IT contractor (lien direct) | Also, Amazon's Ring footage TV shows draws criticism, US v Societ spying docs found, and more In Brief The BlackCat ransomware gang, also known as ALPHV, has allegedly broken into IT firm NJVC, a provider of services to civilian US government agencies and the Department of Defense.… | Ransomware Malware | ||
|
2022-09-30 22:48:12 | As Hurricane Ian hits, FCC rules cell carriers must help each other in disasters (lien direct) | You will or won't do it voluntarily? Doesn't matter, we'll mandate it The Federal Communications Commission today issued rules codifying a voluntary 2016 agreement between cellular networks that they cover for their competitors knocked offline during a natural or cyber disaster.… | |||
|
2022-09-29 13:00:09 | Covert malware targets VMware for hypervisor-level espionage (lien direct) | VMware, Mandiant track back operators, finding ties to China Emerging covert malware families that target VMware environments could allow criminals to gain persistent administrative access to the hypervisor, transfer files, and execute arbitrary commands between virtual machines, according to VMware and Mandiant, which discovered the software nasty earlier this year.… | Malware | ||
|
2022-09-28 17:00:07 | Want to sneak a RAT into Windows? Buy Quantum Builder on the dark web (lien direct) | Beware what could be hiding in those LNK shortcuts A tool sold on the dark web that allows cybercriminals to build malicious shortcuts for delivering malware is being used in a campaign pushing a longtime .NET keylogger and remote access trojan (RAT) named Agent Tesla.… | Malware Tool | ||
|
2022-09-28 16:30:07 | Hacked Fast Company sends \'obscene and racist\' alerts via Apple News (lien direct) | Someone going by 'Thrax' claims responsibility for 'incredibly easy' breach Apple News shut down Fast Company's news channel after "an incredibly offensive alert" was sent to subscribers following a hack of the business publication on Tuesday evening.… | Hack | ||
|
2022-09-28 03:35:31 | Australia asks FBI to help find attacker who stole data from millions of users (lien direct) | Apparent perp claims to have deleted swiped info as carrier Optus struggles to get its story straight +Comment Australian authorities have asked the United States Federal Bureau of Investigation (FBI) to assist with investigations into the data breach at local telco Optus.… | |||
|
2022-09-27 18:15:08 | Samsung sued for gobbling up too much personal info that miscreants then stole (lien direct) | If you're gonna force everyone to register an account, at least protect that data, lawsuit argues A lawsuit has accused Samsung of failing to address a cyber-intrusion in early 2022, leading to the theft of US customers' personally identifiable information (PII) in a second attack months later in July.… | Guideline | ||
|
2022-09-27 18:15:08 | Samsung facing class action over customer data leaks (lien direct) | Not only did the company fail to protect their data, the suit alleges, it also forced users to register A class action lawsuit has accused Samsung of failing to address a data breach in early 2022, leading to the theft of US customers' personally identifiable information (PII) in a second attack earlier this month.… | Data Breach Guideline | ||
|
2022-09-27 14:00:12 | Microsoft boosts phishing protection in Windows 11 22H2 (lien direct) | Security tool warns admins and users when a password is used on an untrusted site or stored locally In the latest version of Windows 11, Microsoft is introducing a feature in its Microsoft Defender SmartScreen tool designed to keep passwords safer.… | Tool | ||
|
2022-09-25 08:50:14 | Noberus ransomware gets info-stealing upgrades, targets Veeam backup software (lien direct) | 'One of the most dangerous and active malware developers operating at the moment' Crooks spreading the Noberus ransomware are adding weapons to their malware to steal data and credentials from compromised networks.… | Ransomware Malware | ||
|
2022-09-23 17:29:13 | Significant customer data exposed in attack on Australian telco (lien direct) | Subscribers have questions – like 'When were you going to tell us?' Australian telecommunications company Optus has fallen victim to a significant cyberattack and data breach.… | |||
|
2022-09-22 20:15:34 | Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws (lien direct) | While issuing an emergency patch for Endpoint Configuration Manager Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft's security team has warned.… | |||
|
2022-09-22 15:15:05 | Cambodian authorities crack down on cyber slavery amid international pressure (lien direct) | Lured by fake jobs, victims are isolated abroad and forced to carry out crypto, romance scams and more Authorities in Sihanoukville, Cambodia announced on Sunday that a raid last week uncovered evidence of forced labor cybercrime syndicates that participated in human trafficking and torture.… | |||
|
2022-09-22 13:45:08 | Fake sites fool Zoom users into downloading deadly code (lien direct) | Ah, the human touch Beware the Zoom site you don't recognize, as a criminal gang is creating multiple fake versions aimed at luring users to download malware that can steal banking data, IP addresses, and other information.… | Malware | ||
|
2022-09-21 15:56:01 | Malwarebytes blocks Google, YouTube as malware (lien direct) | Sounds like fair comment Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites.… | Malware | ||
|
2022-09-21 09:26:11 | ChromeLoader, what took you so long? Malvertising irritant now slings ransomware (lien direct) | Doesn't make cents, makes bigger bucks instead ... probably ChromeLoader – the malware that exploded onto the scene this year by hijacking browsers to redirect users to pages of ads – is apparently evolving into a more significant threat by deploying malicious payloads that go beyond malvertising.… | Ransomware Malware Threat | ||
|
2022-09-20 00:09:39 | NASA to live-stream SLS rocket fuel leak repair test (lien direct) | For those on tenterhooks over this Moon mission NASA will televise a test on Wednesday to confirm whether a repair made to its Space Launch System (SLS) rocket has fixed the hydrogen leak that forced officials to scrub a previous launch attempt.… | |||
|
2022-09-19 17:12:15 | Grand Theft Auto 6 maker confirms source code, vids stolen in cyber-heist (lien direct) | So is that three or four stars? Take-Two Interactive confirmed on Monday that its Rockstar Games subsidiary has been compromised and confidential data for Grand Theft Auto 6 has been stolen.… | |||
|
2022-09-19 13:37:53 | GPT-3 \'prompt injection\' attack causes bad bot manners (lien direct) | Also, EA goes kernel-deep to stop cheaters, PuTTY gets hijacked by North Korea, and more. In Brief OpenAI's popular natural language model GPT-3 has a problem: It can be tricked into behaving badly by doing little more than telling it to ignore its previous orders.… | |||
|
2022-09-17 07:32:11 | Can reflections in eyeglasses actually leak info from Zoom calls? Here\'s a study into it (lien direct) | About time someone shined some light onto this Boffins at the University of Michigan in the US and Zhejiang University in China want to highlight how bespectacled video conferencing participants are inadvertently revealing sensitive on-screen information via reflections in their eyeglasses.… | |||
|
2022-09-16 21:45:39 | School chat app Seesaw abused to send \'inappropriate image\' to parents, teachers (lien direct) | This is why we don't reuse passwords, kids Parents and teachers received a link to an "inappropriate image" this week via Seesaw after miscreants hijacked accounts in a credential stuffing attack against the popular school messaging app.… | |||
|
2022-09-16 06:04:05 | Eastern European org hit by second record-smashing DDoS attack (lien direct) | Cough, cough, U, cough, kraine Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack – an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second.… | |||
|
2022-09-16 05:33:56 | EU puts smart device manufacturers on the hook for cyber security (lien direct) | Requires five years of patching, 24 hour incident reporting, and proper security … for starters The European Commission has revealed a Cyber Resilience Act that will require manufacturers of connected devices to secure them properly before shipping, disclose and fix flaws promptly, and guarantee fixes will flow for five years.… | |||
|
2022-09-16 03:13:43 | Uber reels from \'security incident\' in which cloud systems seemingly hijacked (lien direct) | AWS and G Suite admin accounts likely popped, HackerOne bug bounty page hit, and more Uber is tonight reeling from what looks like a substantial cybersecurity breach.… | Uber | ||
|
2022-09-15 02:12:07 | WordPress-powered sites backdoored after FishPig suffers supply chain attack (lien direct) | And two other security snafus in this web publishing world It's only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.… | |||
|
2022-09-14 13:30:10 | Google fined $4b after Euro court snips 5% off earlier price (lien direct) | Search giant's appeal lands flat as fine imposed for anticompetitive practice in Android search The European General Court has imposed a €4.125 billion (about $4.13 billion) fine on Google, largely upholding an earlier ruling on the ad-tech giant's anticompetitive practices in mobile search.… |
To see everything:
Our RSS (filtrered)
