Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-09-07 16:31:00 |
Chilean bank shuts down all branches following ransomware attack (lien direct) |
All BancoEstado branches will remain closed on Monday, September 7, and possibly more days. |
Ransomware
|
|
|
|
2020-09-07 13:00:15 |
Money from bank hacks rarely gets laundered through cryptocurrencies (lien direct) |
SWIFT: "Identified cases of laundering through cryptocurrencies remain relatively small compared to the volumes of cash laundered through traditional methods." |
|
|
|
|
2020-09-07 13:00:03 |
Webmaster forum database exposed data of 800,000 users (lien direct) |
A database belonging to Digital Point exposed user email addresses, names, and more. |
|
|
|
|
2020-09-07 01:12:00 |
Most cyber-security reports only focus on the cool threats (lien direct) |
Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. |
Threat
|
|
|
|
2020-09-06 08:46:32 |
Millions of WordPress sites are being probed & attacked with recent plugin bug (lien direct) |
An easy-to-exploit vulnerability in a popular WordPress plugin has triggered an internet-wide hacking spree. |
Vulnerability
|
|
|
|
2020-09-05 19:13:56 |
Malware gang uses .NET library to generate Excel docs that bypass security checks (lien direct) |
They were still Excel documents. Just not your typical Excel files. Enough to trick some security systems, though. |
Malware
|
|
|
|
2020-09-04 23:17:00 |
White House publishes a cyber-security rulebook for space systems (lien direct) |
Nothing in it about protecting thermal exhaust ports, though. |
|
|
|
|
2020-09-04 18:06:00 |
Threema E2EE chat app to go \'fully open source\' within months (lien direct) |
Threema follows in the footsteps of Signal and Wickr and opens its apps' codebase. |
|
|
|
|
2020-09-04 13:56:25 |
US election: Two-thirds of typosquatted domains are non-malicious or parked sites (lien direct) |
Digital Shadows researchers analyzed 225 typosquatted domains registered using election-related terms such as Trump, Biden, Pence, and others. |
|
|
|
|
2020-09-04 10:12:00 |
Firefox will add a new drive-by-download protection (lien direct) |
Firefox will block automatic downloads initiated from sandboxed iframes -- the technology usually used for web embeds. |
|
|
|
|
2020-09-03 23:11:58 |
Warner Music discloses months-long web skimming incident (lien direct) |
Magecart hacker gangs strike again! |
|
|
|
|
2020-09-03 21:00:05 |
Facebook explains how it will notify third-parties about bugs in their products (lien direct) |
Companies have 21 days to acknowledge reports and 90 days to patch vulnerabilities; otherwise, Facebook will go public with bug details. |
|
|
|
|
2020-09-03 21:00:04 |
Facebook to list all WhatsApp security issues on a new dedicated website (lien direct) |
New WhatsApp web page will let users and security researchers know when Facebook engineers patched a major security hole. |
|
|
|
|
2020-09-03 14:51:43 |
European ISPs report mysterious wave of DDoS attacks (lien direct) |
Over the past week, multiple ISPs in Belgium, France, and the Netherlands reported DDoS attacks that targeted their DNS infrastructure. |
|
|
|
|
2020-09-03 13:02:08 |
MIT SCRAM: a new analysis platform for prioritizing enterprise security investments (lien direct) |
The platform shows that data analysis can provide actionable insight for enterprise security. |
|
|
|
|
2020-09-03 11:03:20 |
Inter: a \'low bar\' kit for Magecart credit card skimmer attacks on e-commerce websites (lien direct) |
Researchers say that any attacker with a “little cash to burn” can join the attack trend. |
|
|
|
|
2020-09-03 09:29:35 |
WordPress File Manager plugin flaw causing website hijack exploited in the wild (lien direct) |
The critical vulnerability has been utilized in hundreds of thousands of attacks. |
Vulnerability
|
|
|
|
2020-09-03 08:52:33 |
Former IT director gets jail time for selling government\'s Cisco gear on eBay (lien direct) |
Former Horry County IT security director sentenced to two years in federal prison. |
|
|
|
|
2020-09-02 21:14:00 |
Google removes Android app that was used to spy on Belarusian protesters (lien direct) |
App mimicked a popular anti-government news site and collected location and device owner details. |
|
|
|
|
2020-09-02 17:37:23 |
DNS-over-HTTPS (DoH) support added to Chrome on Android (lien direct) |
DoH support added to Chrome 85, released last week, and slowly rolling out to all Android users in the coming weeks. |
|
|
|
|
2020-09-02 16:00:04 |
Backdoors left unpatched in MoFi routers (lien direct) |
MoFi Network patched only six of ten reported vulnerabilities, leaving three hard-coded undocumented backdoor systems in place. |
|
|
|
|
2020-09-02 09:30:08 |
New KryptoCibule Windows malware is a triple threat for cryptocurrency users (lien direct) |
The malware has been active since late 2018 and has targeted users in the Czech Republic and Slovakia primarily (for now). |
Malware
Threat
|
|
|
|
2020-09-02 08:29:45 |
AusCERT says alleged DoE hack came from a third-party (lien direct) |
AusCERT says a data breach occurred at K7Maths, a company providing services to schools. |
Data Breach
Hack
|
|
|
|
2020-09-01 22:35:39 |
CISA and FBI say they have not seen cyber-attacks this year on voter registration databases (lien direct) |
CISA and the FBI issue a joint statement about election and voter database hacking threats after a misleading article in Russian media today. |
Guideline
|
|
|
|
2020-09-01 18:50:27 |
Facebook and Twitter suspend Russian propaganda accounts following FBI tip (lien direct) |
The banned accounts belonged to PeaceData, a news website publishing misleading articles about world politics. |
Guideline
|
|
|
|
2020-09-01 17:30:33 |
Norwegian Parliament discloses cyber-attack on internal email system (lien direct) |
Norway's Parliament, Stortinget, says hackers gained access and downloaded content for "a small number of parliamentary representatives and employees." |
|
|
|
|
2020-09-01 11:13:24 |
FBI warned of how Ring doorbell surveillance can be used against police officers (lien direct) |
Smart doorbells can provide the police with valuable intelligence -- but the network can also be turned against them. |
|
|
|
|
2020-09-01 08:34:48 |
Tor launches membership program to secure finance, boost integration (lien direct) |
Members include Avast, DuckDuckGo, and Insurgo. |
|
|
|
|
2020-09-01 02:02:53 |
Iranian hackers are selling access to compromised companies on an underground forum (lien direct) |
The Iranian hacker group who's been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers. |
|
|
|
|
2020-09-01 00:49:32 |
Average BEC attempts are now $80k, but one group is aiming for $1.27m per attack (lien direct) |
A Russian cyber-crime group named Cosmic Lynx has been focused on tricking companies into sending over huge wire transfers. |
|
|
|
|
2020-08-31 18:06:16 |
Mozilla research: Browsing histories are unique enough to reliably identify users (lien direct) |
Online advertisers don't need huge lists of the sites we access. Just 50-150 of our favorite sites are enough. |
|
|
|
|
2020-08-31 13:58:27 |
Cisco warns of actively exploited IOS zero-day (lien direct) |
The vulnerability has been used to exhaust process memory and crash devices. |
Vulnerability
|
|
|
|
2020-08-31 13:58:00 |
(Déjà vu) Cisco warns of actively exploited IOS XR zero-days (lien direct) |
Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate. |
|
|
|
|
2020-08-31 13:58:00 |
Cisco warns of actively exploited IOS XR zero-day (lien direct) |
Cisco said it discovered the attacks last week during a support case the company's support team was called in to investigate. |
|
|
|
|
2020-08-30 12:14:51 |
Google Play apps promised free shoes, but users got ad fraud malware instead (lien direct) |
White Ops discovers a collection of Android apps that installed a hidden browser to load ad-heavy pages and commit ad fraud. |
Malware
|
|
|
|
2020-08-28 23:01:54 |
Malicious npm package caught trying to steal sensitive Discord and browser files (lien direct) |
Malicious code was hidden inside a JavaScript library for working with the "Fall Guys: Ultimate Knockout" game API. |
|
|
|
|
2020-08-28 10:11:39 |
Former engineer pleads guilty to Cisco network damage, causing Webex Teams account chaos (lien direct) |
The engineer was responsible for damage that cost Cisco $2.4 million to rectify. |
|
|
|
|
2020-08-28 03:20:00 |
Academics bypass PINs for Visa contactless payments (lien direct) |
Researchers: "In other words, the PIN is useless in Visa contactless transactions." |
|
|
|
|
2020-08-28 00:47:00 |
Elon Musk confirms Russian hacking plot targeted Tesla factory (lien direct) |
A Russian hacker tried to recruit a Tesla employee working for the company's factory in Sparks, Nevada. |
|
|
|
|
2020-08-27 20:01:00 |
US sues to recover cryptocurrency funds stolen by North Korean hackers (lien direct) |
US officials are going after 280 BTC and ETH accounts storing funds North Korean hackers stole from two cryptocurrency exchanges. |
|
|
|
|
2020-08-27 18:00:04 |
Facebook sues maker of advertising SDK for refusing to participate in audit (lien direct) |
Facebook also sued the operator of a website selling Instagram followers, likes, and comments. |
|
|
|
|
2020-08-27 16:50:00 |
Iranian hackers impersonate journalists to set up WhatsApp calls and gain victims\' trust (lien direct) |
Iranian hackers impersonated journalists from German TV Deutsche Welle and Israeli magazine Jewish Journal, and the Wall Street Journal in earlier attacks this year. |
|
|
|
|
2020-08-27 10:00:45 |
Your email threads are now being hijacked by the QBot Trojan (lien direct) |
Operators have changed their tactics in the quest for data theft. |
|
|
|
|
2020-08-27 02:45:00 |
DDoS extortionists target NZX, Moneygram, Braintree, and other financial services (lien direct) |
One of the victims, the New Zealand stock exchange (NZX), has halted trading for the third day in a row following the attacks. |
|
|
|
|
2020-08-26 20:54:16 |
Twitter botnet quoting Dracula book caught pushing pro-Chinese propaganda (lien direct) |
Botnet was estimated at around 3,000 bots, before Twitter suspended some accounts this month. |
|
|
|
|
2020-08-26 20:54:00 |
Twitter takes down \'Dracula\' botnet pushing pro-Chinese propaganda (lien direct) |
Botnet was estimated at around 3,000 bots, before accounts were suspended or restricted last week. |
|
|
|
|
2020-08-26 18:33:00 |
A quarter of the Alexa Top 10K websites are using browser fingerprinting scripts (lien direct) |
Academics also discover many new previously unreported JavaScript APIs that are currently being used to fingerprint users. |
|
|
|
|
2020-08-26 15:18:00 |
Two members of movie piracy group \'Sparks\' arrested in Cyprus and the US (lien direct) |
Investigators said the group posed as real-world DVD/Blu-Ray retailers to obtain and leak unreleased movies and TV shows. |
|
|
|
|
2020-08-26 08:00:07 |
Mercenary hacker group targets companies with 3Ds Max malware (lien direct) |
Hacker-for-hire group uses a malicious 3Ds Max plugin to infect companies with malware and steal proprietary information. |
Malware
|
|
|
|
2020-08-26 00:57:04 |
Russian arrested for trying to recruit an insider and hack a Nevada company (lien direct) |
A Russian national traveled to the US to recruit and convince an employee of a Nevada company to install malware on the company's network. |
Malware
Hack
|
|
|