Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-09-30 16:00:04 |
Linkury adware caught distributing full-blown malware (lien direct) |
Linkury (SafeFinder) installations linked to infections with the Socelars and Kpot infostealer trojans. |
Malware
|
|
|
|
2020-09-30 13:30:03 |
$15 million business email scam campaign in the US exposed (lien direct) |
The FBI is investigating the global campaign in which millions of dollars have been stolen from at least 150 victims. |
|
|
|
|
2020-09-30 10:18:45 |
This worm phishing campaign is a game-changer in password theft, account takeovers (lien direct) |
The security incident highlights the need for multi-factor authentication in the enterprise. |
|
|
|
|
2020-09-29 23:20:30 |
Twitter hires new CISO in industry veteran Rinki Sethi (lien direct) |
Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay. |
|
|
|
|
2020-09-29 15:33:58 |
Microsoft: Some ransomware attacks take less than 45 minutes (lien direct) |
Microsoft goes over the recent malware trends in its new "Digital Defense Report." |
Ransomware
Malware
|
|
|
|
2020-09-29 09:36:53 |
Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data (lien direct) |
Thousands of students have reportedly had their private data released online. |
Ransomware
|
|
|
|
2020-09-29 08:10:03 |
Former Amazon finance manager and family charged with $1.4m insider trading scheme (lien direct) |
The charges relate to trading made before Amazon earnings announcements. |
|
|
|
|
2020-09-29 05:00:04 |
QNAP tells NAS users to update firmware to avoid new type of ransomware (lien direct) |
AgeLocker ransomware has been seen infecting QNAP NAS systems since June. |
Ransomware
|
|
|
|
2020-09-29 01:52:00 |
911 services down in multiple US states (lien direct) |
Most services are now restored. Recent Microsoft cloud service outage blamed. |
|
|
|
|
2020-09-28 23:21:32 |
All four of the world\'s largest shipping companies have now been hit by cyber-attacks (lien direct) |
Maritime industry needs to focus more on securing shore-based systems and stop prioritizing the less likely ship-based attacks. |
|
|
|
|
2020-09-28 15:19:03 |
UHS hospital network hit by ransomware attack (lien direct) |
UHS operates more than 400 hospitals across the US and UK. Some US hospitals have been down since Sunday. |
Ransomware
|
|
|
|
2020-09-28 12:36:00 |
Suspicious logins reported after ransomware attack on US govt contractor (lien direct) |
Ransomware attack on Tyler Technologies is looking worse by the day. |
Ransomware
|
|
|
|
2020-09-28 11:18:07 |
Students rise up against forced remote spy app usage in colleges, universities (lien direct) |
Recent clashes highlight concerns that forcing students to use remote exam monitoring software is an affront to personal privacy. |
|
|
|
|
2020-09-27 09:05:07 |
Google removes 17 Android apps doing WAP billing fraud from the Play Store (lien direct) |
The 17 apps were infected with the Joker (Bread) malware, which Google described in January 2020 as one of the most persistent threats it dealt with since 2017. |
|
|
|
|
2020-09-26 07:35:00 |
KuCoin cryptocurrency exchange hacked for $150 million (lien direct) |
KuCoin said an intruder drained all its hot wallets today. |
|
|
|
|
2020-09-26 05:50:03 |
Pastebin adds \'Burn After Read\' and \'Password Protected Pastes\' to the dismay of the infosec community (lien direct) |
The two new features will make it easier to disguise malware operations. |
Malware
|
|
|
|
2020-09-25 17:10:00 |
Twitter warns of possible API keys leak (lien direct) |
Incorrect server settings on the Twitter Developer portal led to browsers caching API keys, account access token and secret. |
|
|
|
|
2020-09-25 16:23:00 |
You can bypass TikTok\'s MFA by logging in via a browser (lien direct) |
Enabling MFA in the TikTok mobile app doesn't apply it for the web dashboard. TikTok promised to fix the issue. |
|
|
|
|
2020-09-25 11:39:00 |
Verizon, AT&T settle overcharging whistleblower case for $116 million (lien direct) |
Updated: The lawsuit alleged that both telecoms giants overcharged government agencies for over a decade. |
|
|
|
|
2020-09-25 10:56:52 |
Airbnb may be exposing private host inbox messages, bookings and earnings data (lien direct) |
Airbnb hosts report that they are able to access inboxes that do not belong to them. |
|
|
|
|
2020-09-24 22:34:55 |
CISA says a hacker breached a federal agency (lien direct) |
CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step. |
|
|
|
|
2020-09-24 21:09:50 |
Microsoft removed 18 Azure AD apps used by Chinese state-sponsored hacker group (lien direct) |
Azure AD apps were abused by the Gadolinium (APT40) group to attack Microsoft Azure customers. |
Industrial
|
APT 40
|
|
|
2020-09-24 17:22:00 |
Twitter prepares for US election with new security training, penetration tests (lien direct) |
Twitter has also rolled out hardware security keys to all employees to prevent social engineering and phishing attacks. |
|
|
|
|
2020-09-24 15:48:48 |
Polish police shut down hacker super-group involved in bomb threats, ransomware, SIM swapping (lien direct) |
The hackers also distributed Windows and Android malware, and even ran 50 fake online stores where they defrauded buyers. |
|
|
|
|
2020-09-24 12:58:23 |
ICO fines profiteering UK firm for touting coronavirus products over spam texts (lien direct) |
The UK company sent cold texts offering products “effective against coronavirus.” |
Spam
|
|
|
|
2020-09-24 11:27:22 |
Next-generation police dogs now sniff out your electronics (lien direct) |
Drugs and weapons are not the only criminal evidence police dogs are on the hunt for. |
|
|
|
|
2020-09-24 10:00:03 |
Instagram bug opened a path for hackers to hijack app, turn smartphones into spies (lien direct) |
The RCE vulnerability, now patched, took nothing more than an image file to trigger. |
|
|
|
|
2020-09-24 07:52:52 |
Microsoft says it detected active attacks leveraging Zerologon vulnerability (lien direct) |
Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild. |
Vulnerability
Patching
|
|
|
|
2020-09-24 07:00:03 |
New \'Alien\' malware can steal passwords from 226 Android apps (lien direct) |
Most targets are banking apps, but Alien can also show phishing pages for social, instant messaging, and cryptocurrency apps. |
Malware
|
|
|
|
2020-09-23 20:31:07 |
Microsoft, Italy, and the Netherlands warn of increased Emotet activity (lien direct) |
New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month. |
|
|
|
|
2020-09-23 10:42:41 |
Facebook wipes out Chinese, Filipino misinformation campaigns (lien direct) |
Facebook has removed two separate networks flooding the platform with inauthentic content and spam. |
|
|
|
|
2020-09-23 09:00:03 |
Ransomware gang targets Russian businesses in rare coordinated attacks (lien direct) |
Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space. |
Ransomware
|
|
|
|
2020-09-23 08:57:31 |
Shopify discloses security incident caused by two rogue employees (lien direct) |
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores. |
|
|
|
|
2020-09-22 20:24:40 |
Google deprecates Web Store Payments API, effectively nuking Chrome paid extensions (lien direct) |
Move comes after a wave of fraudulent transactions over the winter. |
|
|
|
|
2020-09-22 17:27:33 |
CISA warns of notable increase in LokiBot malware (lien direct) |
"CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020." |
Malware
|
|
|
|
2020-09-22 16:00:03 |
Healthcare lags behind in critical vulnerability management, banks hold their ground (lien direct) |
New research sheds light on which industries are performing well when it comes to patching high-risk bugs. |
Vulnerability
Patching
|
|
|
|
2020-09-22 15:10:37 |
Firefox 81 released with new browser theme (lien direct) |
Other Firefox 81 features include a new look for the PDF viewer, support for auto-filling card data, and support for hardware media keys. |
|
|
|
|
2020-09-22 15:00:00 |
Microsoft renames and unifies more products under Microsoft Defender brand (lien direct) |
Microsoft Threat Protection, Defender ATP, Azure Security Center, and others brought under the Microsoft Defender umbrella brand. |
Threat
|
|
|
|
2020-09-22 12:33:00 |
Russia wants to ban the use of secure protocols such as TLS 1.3, DoH, DoT, ESNI (lien direct) |
Amendment to IT law would make it illegal to use encryption protocols that fully hide the traffic's destination. |
|
|
|
|
2020-09-21 23:46:14 |
Details of 540,000 sports referees taken in failed ransomware attack (lien direct) |
ArbiterSports said it paid the hackers to delete the stolen data - a database backup. |
Ransomware
|
|
|
|
2020-09-21 21:41:46 |
Member of \'The Dark Overlord\' hacking group sentenced to five years in prison (lien direct) |
UK national Nathan Wyatt gets five years in prison after pleading guilty today. |
Guideline
|
|
|
|
2020-09-21 18:00:03 |
Microsoft secures backend server that leaked Bing data (lien direct) |
No personal user data was leaked in the incident. |
|
|
|
|
2020-09-21 12:44:00 |
Phishing awareness training wears off after a few months (lien direct) |
Retraining employees after six months is recommended. |
|
|
|
|
2020-09-21 12:02:22 |
Code execution, defense evasion are top tactics used in critical attacks against corporate endpoints (lien direct) |
Cisco examines MITRE ATT&CK data to suggest the threat vectors enterprise security staff should focus their efforts on. |
Threat
|
|
|
|
2020-09-21 08:33:02 |
Consultants charged for bribing Amazon Marketplace employees to game the platform (lien direct) |
Prosecutors allege the group paid handsome bribes to give clients a competitive advantage. |
|
|
|
|
2020-09-20 17:02:37 |
US govt orders federal agencies to patch dangerous Zerologon bug by Monday (lien direct) |
DHS CISA tells government agencies to patch Zerologon bug by Monday, citing "unacceptable risk" posed to federal networks. |
|
|
|
|
2020-09-20 13:34:22 |
Hackers leak details of 1,000 high-ranking Belarus police officers (lien direct) |
Hackers promise to leak more if police crackdown against anti-government protesters continues. |
|
|
|
|
2020-09-18 21:17:39 |
Firefox bug lets you hijack nearby mobile browsers via WiFi (lien direct) |
Mozilla says users should update as soon as possible to Firefox v79 for Android. |
|
|
|
|
2020-09-18 17:16:00 |
Spammers use hexadecimal IP addresses to evade detection (lien direct) |
Links in spam emails looked like http://0xD83AC74E instead of "domain.com." |
Spam
|
|
|
|
2020-09-18 12:06:13 |
Iranian hacker group developed Android malware to steal 2FA SMS codes (lien direct) |
The malware could steal 2FA SMS codes for Google accounts. Also contained vague functionality to do the same for Telegram and various social networks. |
Malware
|
|
|