What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-10 21:16:00 | Security researcher publishes details and exploit code for a vBulletin zero-day (lien direct) | Proof-of-concept exploit code available in Bash, Python, and Ruby. | |||
|
2020-08-10 19:18:35 | A mysterious group has hijacked Tor exit nodes to perform SSL stripping attacks (lien direct) | At one point, the group ran almost a quarter of all Tor exit nodes. Group still controls 10% of all Tor exit nodes today. | |||
|
2020-08-10 10:52:54 | Have I Been Pwned to release code base to the open source community (lien direct) | Troy Hunt has made the decision following an unsuccessful attempt to have the platform acquired. | |||
|
2020-08-10 03:04:00 | FBI says an Iranian hacking group is attacking F5 networking devices (lien direct) | Sources: Attacks linked to a hacker group known as Fox Kitten (or Parasite), considered Iran's "spear tip" when it comes to cyber-attacks. | |||
|
2020-08-08 18:04:31 | China is now blocking all encrypted HTTPS traffic using TLS 1.3 and ESNI (lien direct) | Block was put in place at the end of July and is enforced via China's Great Firewall internet surveillance technology. | |||
|
2020-08-08 07:00:08 | DEF CON: New tool brings back \'domain fronting\' as \'domain hiding\' (lien direct) | After Amazon and Google stopped supporting the censorship-evading domain fronting technique on their clouds in 2018, new Noctilucent toolkit aims to bring it back in a new form as "domain hiding." | Tool | ||
|
2020-08-07 17:37:00 | Hackers are defacing Reddit with pro-Trump messages (lien direct) | BREAKING: Massive hack hits Reddit. | Hack | ||
|
2020-08-07 16:30:00 | Bulgarian police arrest hacker Instakilla (lien direct) | Hacker accused of hacking and extorting companies, selling stolen data online. | |||
|
2020-08-07 16:00:00 | Facebook open-sources one of Instagram\'s security tools (lien direct) | In the first half of 2020, Pysa detected 44% of all security bugs in Instagram's server-side Python code. | |||
|
2020-08-07 11:02:30 | Canon suffers ransomware attack, Maze claims responsibility (lien direct) | Reports based on an internal memo suggest an external security firm has been hired to investigate. | Ransomware | ||
|
2020-08-07 09:34:46 | Magecart group uses homoglyph attacks to fool you into visiting malicious websites (lien direct) | A new campaign is utilizing the Inter kit and favicons to hide skimming activities. | |||
|
2020-08-06 21:59:12 | Black Hat: Hackers are using skeleton keys to target chip vendors (lien direct) | Operation Chimera focuses on the theft of valuable intellectual property and semiconductor designs. | |||
|
2020-08-06 19:23:28 | Intel investigating breach after 20GB of internal documents leak online (lien direct) | EXCLUSIVE: Data was leaked online today by a Swiss security researcher after receiving it from an anonymous hacker. | |||
|
2020-08-06 18:30:06 | Black Hat: Entropy - the solution to malvertising and malspam? (lien direct) | A researcher explores how entropy could be used to flag suspicious images and documents hiding malicious secrets. | |||
|
2020-08-06 17:31:00 | Capital One fined $80 million for 2019 hack (lien direct) | Office of the Comptroller of the Currency imposes mammoth fine for the bank's failure to secure its data in the cloud. | Hack | ||
|
2020-08-06 11:42:00 | Firefox gets fix for evil cursor attack (lien direct) | Tech support scam group found a way to abuse Firefox's previous evil cursor patch to enable new attacks. | |||
|
2020-08-06 08:45:12 | (Déjà vu) Smart locks can be opened with nothing more than a MAC address (lien direct) | Researchers demonstrated how remote attackers can steal UltraLoq digital keys with minimal effort. | |||
|
2020-08-06 08:45:00 | Smart locks opened with nothing more than a MAC address (lien direct) | Researchers demonstrated how remote attackers could steal UltraLoq digital keys with minimal effort. | |||
|
2020-08-06 04:01:05 | Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots (lien direct) | Temi's interactive assistance robots are remotely exploitable with little more than a phone number. | |||
|
2020-08-06 00:33:00 | Google said it took down ten influence operation campaigns in Q2 2020 (lien direct) | Google said the influence ops were traced back to China, Russia, Iran, and Tunisia. | |||
|
2020-08-05 21:17:00 | US offers $10 million reward for hackers meddling in US elections (lien direct) | This includes attacks against US election officials, election infrastructure, voting machines, but also candidates and their staff. | |||
|
2020-08-05 20:30:37 | Black Hat: When penetration testing earns you a felony arrest record (lien direct) | Coalfire takes us through the story of security professionals arrested at a courthouse while conducting tests on behalf of the state. | |||
|
2020-08-05 18:30:28 | Black Hat: How hackers gain root access to SAP enterprise servers through SolMan (lien direct) | Researchers demonstrated how the SAP Solution Manager could provide a bridge to full server access. | |||
|
2020-08-05 18:03:08 | Twitter patches Android app to prevent exploitation of bug that can grant access to DMs (lien direct) | Actual bug resided in the Android 8 and Android 9 operating systems. Twitter updated its Android app to prevent exploitation. | |||
|
2020-08-05 17:26:55 | Black Hat: How your pacemaker could become an insider threat to national security (lien direct) | Implanted medical devices are an overlooked security challenge that is only going to increase over time. | Threat | ||
|
2020-08-05 16:52:00 | New EtherOops attack takes advantage of faulty Ethernet cables (lien direct) | EtherOops attack can be used to bypass network defenses and attack devices inside closed enterprise networks. | |||
|
2020-08-05 12:03:38 | FBI issues warning over Windows 7 end-of-life (lien direct) | The FBI says companies running Windows 7 systems are now in greater risk of getting hacked due to a lack of security updates. | |||
|
2020-08-05 02:19:58 | Cluster of 295 Chrome extensions caught hijacking Google and Bing search results (lien direct) | The malicious Chrome extensions have been installed by more than 80 million users. | |||
|
2020-08-04 22:44:00 | Hacker leaks passwords for 900+ enterprise VPN servers (lien direct) | EXCLUSIVE: The list has been shared on a Russian-speaking hacker forum frequented by multiple ransomware gangs. | Ransomware | ||
|
2020-08-04 18:02:58 | Firefox adds protections against redirect tracking (lien direct) | New protection already active in Firefox 79; will roll out to all Firefox users in the next few weeks. | |||
|
2020-08-04 16:20:12 | Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH) (lien direct) | Kaspersky says Oilrig (APT34) group has been using DoH to silently exfiltrate data from hacked networks. | APT 34 | ||
|
2020-08-04 02:46:53 | Ransomware gang publishes tens of GBs of internal data from LG and Xerox (lien direct) | Maze gang publishes internal data from LG and Xerox after failed extortion attempt. | Ransomware | ||
|
2020-08-03 23:08:46 | Ahead of US election, Google bans ads linking to hacked political content (lien direct) | New Google Ads policy to enter into effect on September 1, 2020. | |||
|
2020-08-03 17:35:27 | CISA, DOD, FBI expose new Chinese malware strain named Taidoor (lien direct) | US government agencies say the Taidoor remote access trojan (RAT) has been used as far back as 2008. | Malware | ||
|
2020-08-03 15:00:06 | BlackBerry releases new security tool for reverse-engineering PE files (lien direct) | BlackBerry open-sources PE Tree, a new malware reverse-engineering tool for analyzing Portable Executable (PE) files. | Malware Tool | ||
|
2020-08-03 14:00:04 | NetWalker ransomware gang has made $25 million since March 2020 (lien direct) | The NetWalker gang has established itself as one of the most dangerous ransomware groups out there. | Ransomware | ||
|
2020-08-03 09:59:27 | 2gether hacked: €1.2m in cryptocurrency stolen, native tokens offered in exchange (lien direct) | Almost a third of funds stored in cryptocurrency investment accounts have been taken. | |||
|
2020-08-03 04:40:05 | GandCrab ransomware distributor arrested in Belarus (lien direct) | Creator of the actual ransomware still at large. | Ransomware | ||
|
2020-08-02 19:18:30 | Google: Eleven zero-days detected in the wild in the first half of 2020 (lien direct) | A report from Google's Project Zero also looks at 2019 zero-day statistics and draws some interesting conclusions. | |||
|
2020-08-01 15:14:37 | Phishing campaigns, from first to last victim, take 21h on average (lien direct) | Most phishing victims experience a fraudulent transaction around 5 days after getting phished, new research shows. | |||
|
2020-08-01 10:00:27 | Author of FastPOS malware revealed, pleads guilty (lien direct) | A 30-year-old Moldovan man admitted this month to creating the FastPOS malware. | Malware | ||
|
2020-08-01 01:01:00 | How the FBI tracked down the Twitter hackers (lien direct) | A timeline of the Twitter hack composed from court documents published today. | Hack | ||
|
2020-07-31 19:21:00 | Florida teen arrested for orchestrating Twitter hack (lien direct) | Main suspect identified as Graham Ivan Clark, a 17-year-old teen from Tampa, Florida. | Hack | ★★★★ | |
|
2020-07-31 13:07:31 | BootHole fixes causing boot problems across multiple Linux distros (lien direct) | Debian, Ubuntu, Red Hat, CentOS, Fedora users reports issues with booting or dual-booting their devices. | |||
|
2020-07-31 08:36:58 | China arrests over 100 people suspected of involvement in PlusToken cryptocurrency scam (lien direct) | Many of the alleged fraudsters had previously fled overseas. | |||
|
2020-07-31 07:25:31 | Mimecast acquires communication security provider MessageControl (lien direct) | The email and data security firm says the deal will help protect customers against phishing campaigns. | |||
|
2020-07-31 04:35:08 | Theoretical technique to abuse EMV cards detected used in the real world (lien direct) | Known as EMV-Bypass Cloning, a technique first described in 2008 has been seen abused in the wild this year. | |||
|
2020-07-30 18:37:00 | EU sanctions China, Russia, and North Korea for past hacks (lien direct) | The EU has imposed today its first-ever economical sanctions following cyber-attacks from foreign adversaries. | |||
|
2020-07-30 14:44:19 | (Déjà vu) Two Tor zero-days disclosed, more to come (lien direct) | A security researcher has published details about two Tor zero-days and promises to release three more. | |||
|
2020-07-30 14:44:00 | Multiple Tor security issues disclosed, more to come (lien direct) | A security researcher has published details about two Tor security issues and promises to release three more. | ★★ |
To see everything:
Our RSS (filtrered)
