Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-09-18 10:11:49 |
CEO of cyber fraud startup NS8 arrested for defrauding investors in $123m scheme (lien direct) |
Irony aside, the former executive allegedly secured millions from investors based on fake financial statements. |
|
|
|
|
2020-09-17 23:41:21 |
US sanctions Iranian government front company hiding major hacking operations (lien direct) |
US says the Iranian government used the "Rana Intelligence Computing Company" as a front for the APT39 hacking group. |
Prediction
|
APT 39
|
|
|
2020-09-17 19:30:39 |
US charges Iranian hackers for breaching US satellite companies (lien direct) |
Three suspects were indicted, with one being a famous security researcher. |
|
|
|
|
2020-09-17 19:00:04 |
Mozilla shuts down Firefox Send and Firefox Notes services (lien direct) |
Mozilla will shut down Send for good after a ZDNet report over the summer that highlighted the service's popularity with malware operators. |
Malware
|
|
|
|
2020-09-17 16:24:00 |
First death reported following a ransomware attack on a German hospital (lien direct) |
Death occurred after a patient was diverted to a nearby hospital after the Duesseldorf University Hospital suffered a ransomware attack. |
Ransomware
|
|
|
|
2020-09-17 06:34:59 |
Human biohacking: an exciting prospect, but only for the rich? (lien direct) |
“You want a monkey tail? Good for you.” |
|
|
|
|
2020-09-17 00:45:00 |
Google \'formally\' bans stalkerware apps from the Play Store (lien direct) |
Ban is meaningless as Google leaves a giant loophole in the rules, allowing stalkerware devs to rebrand their apps as child trackers. |
|
|
|
|
2020-09-16 22:52:00 |
US charges two Iranian hackers for years-long cyber-espionage, cybercrime spree (lien direct) |
US government says the two hacked targets at the behest of the Iranian regime and for their personal financial gain. |
|
|
|
|
2020-09-16 19:51:00 |
US charges two Russians for stealing $16.8m via cryptocurrency phishing sites (lien direct) |
The two hackers stole from hundreds of users of cryptocurrency exchanges Poloniex, Binance, and Gemini. |
|
|
|
|
2020-09-16 17:00:03 |
Chrome now lets high-risk APP users scan suspicious files on demand (lien direct) |
Users part of Google's Advanced Protection Program can now send suspicious downloads to Google and have them scanned on demand. |
|
|
|
|
2020-09-16 15:03:00 |
US charges five hackers part of Chinese state-sponsored group APT41 (lien direct) |
US says APT41 orchestrated intrusions at more than 100 companies across the world, ranging from software vendors, video gaming companies, telcos, and more. |
Guideline
|
APT 41
|
|
|
2020-09-16 14:39:16 |
Cerberus banking Trojan source code released for free to cyberattackers (lien direct) |
An auction designed to net the developer of the Android malware $100,000 failed. |
Malware
|
|
|
|
2020-09-16 12:00:05 |
Half of US citizens would share medical data beyond COVID-19 despite surveillance state worries (lien direct) |
US residents are willing to serve the greater good but have reservations concerning government use of their data. |
|
|
|
|
2020-09-16 07:29:34 |
Adobe out-of-band patch released to tackle Media Encoder vulnerabilities (lien direct) |
The bugs could be exploited to leak information. |
|
|
|
|
2020-09-16 05:00:03 |
New MrbMiner malware has infected thousands of MSSQL databases (lien direct) |
A hacker group is brute-forcing MSSQL servers with weak passwords and installing crypto-mining malware. |
Malware
|
|
|
|
2020-09-15 21:27:43 |
Billions of devices vulnerable to new \'BLESA\' Bluetooth security flaw (lien direct) |
New BLESA attack goes after the often ignored Bluetooth reconnection process, unlike previous vulnerabilities, most found in the pairing operation. |
|
|
|
|
2020-09-15 18:56:14 |
US charges two hackers for defacing US websites following Soleimani killing (lien direct) |
US authorities have tracked down the two hackers behind a January 2020 mass-defacement campaign. |
|
|
|
|
2020-09-15 15:33:25 |
MITRE releases emulation plan for FIN6 hacking group, more to follow (lien direct) |
New MITRE project to provide free emulation plans that mimic major threat actors in order to train and help defenders. |
Threat
|
|
|
|
2020-09-15 10:56:03 |
US reaches $1.5 billion settlement with Daimler over emissions scandal (lien direct) |
Daimler must also recall and repair Mercedes-Benz diesel cars that cheat the system. |
|
|
|
|
2020-09-14 23:38:20 |
Department of Veteran Affairs discloses breach impacting 46,000 veterans (lien direct) |
Hackers accessed a VA online app and diverted payments meant for healthcare providers. |
|
|
|
|
2020-09-14 22:13:00 |
Magento online stores hacked in largest campaign to date (lien direct) |
Almost 2,000 Magento stores have been compromised over the weekend in the largest hacking campaign since 2015. |
|
|
|
|
2020-09-14 18:48:00 |
FBI says credential stuffing attacks are behind some recent bank hacks (lien direct) |
The FBI is raising a sign of alarm about the rising number of credential stuffing attacks targeting financial institutions. |
|
|
|
|
2020-09-14 14:45:23 |
CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs (lien direct) |
CISA says attacks have started a year ago and some have been successful. |
|
|
|
|
2020-09-14 12:00:03 |
Vast majority of cyber-attacks on cloud servers aim to mine cryptocurrency (lien direct) |
Cyber-attacks on cloud systems spiked 250% from 2019 to 2020. |
|
|
|
|
2020-09-14 10:15:33 |
US citizen charged with running diamond Ponzi scheme, cryptocurrency scam (lien direct) |
The operator claimed to have $25 million in diamond 'stock'. |
|
|
|
|
2020-09-14 10:00:00 |
Zerologon attack lets hackers take over enterprise networks (lien direct) |
If you're managing enterprise Windows Servers, don't skip on the August 2020 Patch Tuesday. |
|
|
|
|
2020-09-14 09:01:39 |
DeFi SushiSwap creator returns $14m in ETH to project after causing coin crash (lien direct) |
Chef Nomi says they are sorry for wreaking havoc by cashing out $14 million without warning. |
|
|
|
|
2020-09-14 08:04:50 |
New BlindSide attack uses speculative execution to bypass ASLR (lien direct) |
New BlindSide technique abuses the CPU's internal performance-boosting feature to bypass OS security protection. |
|
|
|
|
2020-09-13 13:00:03 |
Leaky server exposes users of dating site network (lien direct) |
Personal details of hundreds of thousands of dating site users were temporarily exposed online earlier this month. |
|
|
|
|
2020-09-12 10:25:00 |
Researcher kept a major Bitcoin bug secret for two years to prevent attacks (lien direct) |
The INVDoS bug would have allowed attackers to crash Bitcoin nodes and other similar blockchains. |
|
|
|
|
2020-09-11 12:48:00 |
Porn site users targeted with malicious ads redirecting to exploit kits, malware (lien direct) |
Adult ad networks abused in last hurrah attacks before Flash and IE near EOL. |
Malware
|
|
|
|
2020-09-11 11:43:00 |
IRS offers grants for software to trace privacy-focused cryptocurrency trades (lien direct) |
Grants of up to $625,000 will be issued in exchange for cryptocurrency tracking technologies. |
|
|
|
|
2020-09-11 09:24:36 |
ThreatConnect acquires enterprise risk management firm Nehemiah Security (lien direct) |
ThreatConnect aims to create a full security lifestyle solutions portfolio suitable for enterprise players. |
|
|
|
|
2020-09-10 19:46:00 |
Microsoft confirms Chinese, Iranian, and Russian cyber-attacks on Biden and Trump campaigns (lien direct) |
Microsoft said the "majority of these attacks" were detected and blocked. |
|
|
|
|
2020-09-10 13:00:05 |
Ransomware accounted for 41% of all cyber insurance claims in H1 2020 (lien direct) |
Cyber insurance claims ranged in size from $1,000 to well over $2,000,000 per security incident. |
Ransomware
|
|
|
|
2020-09-10 12:28:52 |
Secureworks acquires vulnerability management platform Delve (lien direct) |
Delve's SaaS solution will join the Secureworks portfolio. |
Vulnerability
|
|
|
|
2020-09-10 10:35:00 |
New CDRThief malware targets VoIP softswitches to steal call detail records (lien direct) |
Malware targets only two very specific softswitches (software switches): Linknat VOS2009 and VOS3000. |
Malware
|
|
|
|
2020-09-10 10:14:00 |
Privacy concerns prompt Irish regulators to ask Facebook to stop sending EU user data to the US (lien direct) |
A preliminary order brings to light concerns over US surveillance activities. |
|
|
|
|
2020-09-10 08:49:00 |
Data center giant Equinix discloses ransomware incident (lien direct) |
Equinix says ransomware hit internal systems but that data centers are OK. |
Ransomware
|
|
|
|
2020-09-10 08:00:00 |
ProLock ransomware - everything you need to know (lien direct) |
New strain joins the big players on the ransomware scene. |
Ransomware
|
|
|
|
2020-09-10 01:05:03 |
Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack (lien direct) |
Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets were stolen in the hack. |
Hack
|
|
|
|
2020-09-09 23:01:37 |
Raccoon attack allows hackers to break TLS encryption \'under certain conditions\' (lien direct) |
The Raccoon attack is described as "really hard to exploit" and its conditions as "rare." |
|
|
|
|
2020-09-09 19:18:00 |
BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys (lien direct) |
All devices using the Bluetooth standard 4.0 through 5.0 are vulnerable. Patches not immediately available. |
Vulnerability
|
|
|
|
2020-09-09 10:58:14 |
Weave Scope is now being exploited in attacks against cloud environments (lien direct) |
The legitimate cloud infrastructure monitoring tool has been added to attacker arsenals. |
Tool
|
|
|
|
2020-09-09 09:25:49 |
Adobe Experience Manager, InDesign, Framemaker receive fixes for critical bugs in new update (lien direct) |
The worst issues can lead to code and browser-based JavaScript execution. |
Guideline
|
|
|
|
2020-09-08 17:35:00 |
Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities (lien direct) |
Twenty critical remote code execution bugs have been patched this month, including in Windows and SharePoint enterprise servers. |
|
|
|
|
2020-09-08 15:19:00 |
City of Hartford postpones first day of school after ransomware attack (lien direct) |
Ransomware attack impacted the IT system that the school district uses to manage school buses and transportation routes. |
Ransomware
|
|
|
|
2020-09-08 09:44:10 |
Researcher reveals Google Maps XSS bug, patch bypass (lien direct) |
The bounty was doubled after the bug bounty hunter realized the original fix had failed. |
|
|
|
|
2020-09-08 04:00:03 |
Academics find crypto bugs in 306 popular Android apps, none get patched (lien direct) |
Only 18 of 306 app developers replied to the research team, only 8 engaged with the team after the first email. |
|
|
|
|
2020-09-08 02:48:59 |
France, Japan, New Zealand warn of sudden spike in Emotet attacks (lien direct) |
Emotet activity has ramped up to new levels in September 2020, alarming some cyber-security agencies. |
|
|
|