Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-10-12 05:00:03 |
Hacker groups chain VPN and Windows bugs to attack US government networks (lien direct) |
Some attacks were successful and intruders gained "unauthorized access to elections support systems." |
|
|
|
|
2020-10-11 17:44:35 |
Five Eyes governments, India, and Japan make new call for encryption backdoors (lien direct) |
Another Five Eyes meeting, another call for encryption backdoors in modern tech. |
|
|
|
|
2020-10-10 18:56:36 |
Google Cloud kicks out Proud Boys websites (lien direct) |
Official website and online store for the Proud Boys far-right group have been kicked off Google Cloud on Thursday. |
|
|
|
|
2020-10-10 18:56:00 |
Proud Boys websites kicked off web host, Google Cloud (lien direct) |
Following years of lobbying efforts, Google intervenes with one of its customers to have Proud Boys websites moved off its platform. |
|
|
|
|
2020-10-10 08:36:03 |
Children and parent info exposed in Georgia DHS data breach (lien direct) |
The personal and health data of children and adults involved in Child Protective Services cases was exposed. |
Data Breach
|
|
|
|
2020-10-10 07:39:23 |
New self-erasing chip could be used to detect counterfeit or tampered products (lien direct) |
Special chips holding messages can be placed inside products. When the chip is exposed to natural light, the message disappears. |
|
|
|
|
2020-10-09 23:56:45 |
Document-signing service Docsketch discloses security breach (lien direct) |
Docsketch says an unauthorized third-party accessed a three-week old copy of its database. |
|
|
|
|
2020-10-09 16:39:06 |
German tech giant Software AG down after ransomware attack (lien direct) |
The Clop ransomware gang is demanding more than $20 million from the German software firm. |
Ransomware
|
|
|
|
2020-10-09 14:20:02 |
Chrome changes how its cache system works to improve privacy (lien direct) |
Chrome 86, launched this week, introduces new privacy-focused "cache partitioning" mechanism. |
|
|
|
|
2020-10-09 10:57:38 |
US unveils enforcement framework to combat terrorist, criminal cryptocurrency activities (lien direct) |
Blockchain technologies are described as “breathtaking,” but still, the US wants to tighten its grip on emerging criminal use cases. |
|
|
|
|
2020-10-09 10:00:03 |
Facebook launches bug bounty \'loyalty program\' (lien direct) |
Facebook to rank bug hunters based on past activity and provide bonuses and special perks. |
|
|
|
|
2020-10-09 06:49:00 |
Microsoft warns of Android ransomware that activates when you press the Home button (lien direct) |
New MalLocker.B ransomware is currently spreading via online forums and third-party websites |
Ransomware
|
|
|
|
2020-10-08 11:42:59 |
Waterbear malware used in attack wave against government agencies (lien direct) |
The loader has been launched against a number of Taiwanese government entities. |
Malware
|
|
|
|
2020-10-08 11:00:03 |
240+ Android apps caught showing out-of-context ads (lien direct) |
The malicious applications were showing ads but making them appear as coming from other, legitimate apps. |
|
|
|
|
2020-10-08 10:42:33 |
Tesla accuses employee of Californian factory sabotage (lien direct) |
This is not the first time the company has been targeted by individuals seeking to disrupt operations. |
|
|
|
|
2020-10-08 09:42:57 |
US seizes Iranian government domains masked as legitimate news outlets (lien direct) |
The web of domains was utilized to spread propaganda and disinformation. |
|
|
|
|
2020-10-07 10:55:25 |
UK Department For Education fails to meet UK, GDPR data protection standards - with flying colors (lien direct) |
A compulsory audit has revealed severe security failings and data management problems. |
|
|
|
|
2020-10-07 09:19:56 |
Hackers exploit Windows Error Reporting service in new fileless attack (lien direct) |
The Kraken attack technique abuses WER to avoid detection. |
|
|
|
|
2020-10-07 07:51:28 |
GitLab patches Elasticsearch private group data leak bug (lien direct) |
Public group projects made private were still searchable via an API. |
|
|
|
|
2020-10-07 06:55:03 |
ZeroFOX acquires Cyveillance threat intelligence business from LookingGlass (lien direct) |
The deal focuses on improving threat intelligence features on the ZeroFOX platform. |
Threat
|
|
|
|
2020-10-06 19:33:53 |
New HEH botnet can wipe routers and IoT devices (lien direct) |
The disk-wiping feature is present in the code but has not been used yet. |
|
|
|
|
2020-10-06 16:00:07 |
Chrome 86 released with password-related security improvements (lien direct) |
The new Native File System API now also lets websites to interact with any file or folder stored on the user's local disk. |
|
|
|
|
2020-10-06 12:00:03 |
FireEye\'s Mandiant debuts new SaaS threat intelligence suite (lien direct) |
The threat intelligence solution is the first of many planned to augment global security teams. |
Threat
|
|
|
|
2020-10-06 10:29:08 |
Boom! Mobile falls prey to Magecart card-skimming attack (lien direct) |
Researchers say the website is still compromised, placing consumers at risk. |
|
|
|
|
2020-10-06 10:03:00 |
UN maritime agency says it was hacked (lien direct) |
Attack took place last week and "overcame robust security measures" the agency had in place to protect IT systems. |
|
|
|
|
2020-10-06 04:40:03 |
Five bar and cafe owners arrested in France for running no-log WiFi networks (lien direct) |
A 2006 French law says any person who provides internet access must keep access logs for at least one year. |
|
|
|
|
2020-10-05 23:50:39 |
Microsoft says Iranian hackers are exploiting the Zerologon vulnerability (lien direct) |
Microsoft links back the attacks to an Iranian hacker group known as Mercury, or MuddyWater. |
Vulnerability
|
|
|
|
2020-10-05 22:57:40 |
Hackers claim they can now jailbreak Apple\'s T2 security chip (lien direct) |
Jailbreak involves combining last year's checkm8 exploit with the Blackbird vulnerability disclosed this August. |
Vulnerability
|
|
★★★★
|
|
2020-10-05 14:00:44 |
Chinese hacker group spotted using a UEFI bootkit in the wild (lien direct) |
Targets included diplomatic entities and NGOs in Africa, Asia, and Europe. |
|
|
|
|
2020-10-05 11:18:58 |
Four npm packages found uploading user details on a GitHub page (lien direct) |
Collected information included IP address, country, city, computer username, home directory path, and CPU model. |
|
|
|
|
2020-10-05 07:38:05 |
Microsoft releases tool to update Defender inside Windows install images (lien direct) |
The new tool supports installation images for Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016. |
Tool
|
|
|
|
2020-10-05 07:09:01 |
Leaders of \'notorious\' Team Xecuter game piracy, homebrew group arrested (lien direct) |
US prosecutors allege the team spearheaded the sale of devices for hacking popular consoles. |
|
|
|
|
2020-10-04 14:06:31 |
New Ttint IoT botnet caught exploiting two zero-days in Tenda routers (lien direct) |
Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before. |
|
|
|
|
2020-10-04 00:15:08 |
Two North American hospitality merchants hacked in May and June (lien direct) |
Visa did not share the name of the two victims but said that one company had three different strains of point-of-sale (POS) malware on its network. |
Malware
|
|
|
|
2020-10-02 16:53:00 |
Google is creating a special Android security team to find bugs in sensitive apps (lien direct) |
Android apps that will be on the team's radar include COVID-19 contact tracing apps and election-related apps. |
|
|
|
|
2020-10-02 14:37:49 |
Google sets up research grant for finding bugs in browser JavaScript engines (lien direct) |
Eligible browser JavaScript engines include JavaScriptCore (Safari), V8 (Chrome, Edge), and Spidermonkey (Firefox). |
|
|
|
|
2020-10-02 10:00:03 |
Researchers track hacking \'fingerprints,\' link Russian attackers to Windows exploit sellers (lien direct) |
The new technique was used to profile prolific Windows LPE exploit sellers. |
|
|
|
|
2020-10-02 09:31:37 |
ESET discovers a rare APT that stayed undetected for nine years (lien direct) |
Active since 2011 but only discovered this year, the XDSpy hacker group targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine. |
|
|
|
|
2020-10-02 06:50:53 |
4G, 5G networks could be vulnerable to exploit due to \'mishmash\' of old technologies (lien direct) |
The decades-old SS7 signaling system is one of numerous protocols exposing 5G networks to abuse. |
|
|
|
|
2020-10-01 21:34:18 |
Facebook sues two Chrome extension makers for scraping user data (lien direct) |
Facebook has sued today the makers of the UpVoice and Ads Feed Chrome extensions. |
|
|
|
|
2020-10-01 18:13:00 |
US Treasury says some ransomware payments may need its express approval (lien direct) |
US Treasury says companies paying ransoms to previously-sanctioned cybercrime groups may face sanctions unless it is notified of the payment beforehand. |
Ransomware
|
|
|
|
2020-10-01 18:00:00 |
How a Chinese malware gang defrauded Facebook users of $4 million (lien direct) |
SilentFade group utilized a Windows rootkit, browser injections, clever scripting, and a Facebook platform bug to buy and post ads on behalf of hacked users. |
Malware
|
|
|
|
2020-10-01 13:00:03 |
With API attacks rising, Cloudflare launches a free API security tool (lien direct) |
Claudflare launches API Shield, a new service to protect web APIs against attacks. |
Tool
|
|
|
|
2020-10-01 12:45:03 |
Imperva acquires database security startup jSonar (lien direct) |
jSonar secured a $50 million investment from Goldman Sachs only a few months ago. |
|
|
|
|
2020-10-01 07:00:04 |
IPStorm botnet expands from Windows to Android, Mac, and Linux (lien direct) |
IPStorm botnet quadruples in size to reach 13,500 infected systems. |
|
|
|
|
2020-10-01 05:00:03 |
UK NCSC: Don\'t disable updates so you can continue using Adobe Flash past its EOL (lien direct) |
UK cybersecurity agency warns system administrators not to disable app and browser updates as a way to continue using Flash inside current or legacy enterprise software. |
|
|
|
|
2020-10-01 00:48:00 |
Twitter removes 130 Iranian accounts for trying to disrupt the US Presidential Debate (lien direct) |
Twitter says it removed the accounts following a tip from the FBI. |
|
|
|
|
2020-09-30 19:50:00 |
North Korea has tried to hack 11 officials of the UN Security Council (lien direct) |
New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year. |
Hack
|
|
|
|
2020-09-30 16:23:05 |
Windows XP leak confirmed after user compiles the leaked code into a working OS (lien direct) |
The Windows XP source code that leaked last week is incomplete, lacking some components, but is authentic. |
|
|
|
|
2020-09-30 16:00:05 |
GitHub rolls out new Code Scanning security feature to all users (lien direct) |
New Code Scanning feature will tell GitHub users when they've added known security flaws in their code |
|
|
|