Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-07-30 11:43:00 |
US prosecutors seek years in prison for Uber self-driving exec who stole Google trade secrets (lien direct) |
Anthony Levandowski pleaded guilty and has recently filed for bankruptcy. |
Guideline
|
Uber
|
|
|
2020-07-30 04:01:08 |
US defense and aerospace sectors targeted in new wave of North Korean attacks (lien direct) |
Cyber-security firm McAfee publishes details about "Operation North Star." |
|
|
|
|
2020-07-29 18:00:00 |
Kaspersky: New hacker-for-hire mercenary group is targeting European law firms (lien direct) |
The Deceptikons group is the second major hacker-for-hire mercenary group exposed this year after Dark Basin. |
|
|
|
|
2020-07-29 17:00:00 |
\'BootHole\' attack impacts Windows and Linux systems using GRUB2 and Secure Boot (lien direct) |
Microsoft, Red Hat, Canonical, SuSE, Oracle, VMWare, Citrix, and many OEMs are expected to release BootHole patches. |
|
|
|
|
2020-07-29 16:55:40 |
Microsoft to remove all SHA-1 Windows downloads next week (lien direct) |
Microsoft says file downloads signed with the SHA-1 algorithm are insecure and will be removed on August 3, 2020. |
|
|
|
|
2020-07-29 14:00:05 |
New tool detects shadow admin accounts in AWS and Azure environments (lien direct) |
CyberArk releases new SkyArk tool for scanning AWS and Azure infrastructure for misconfigured accounts. |
Tool
|
|
|
|
2020-07-29 10:00:07 |
OkCupid: Hackers want your data, not a relationship (lien direct) |
Researchers discovered a way to steal the personal and sensitive data of users on the popular dating app. |
|
|
|
|
2020-07-29 04:01:04 |
Today\'s \'mega\' data breaches now cost companies $392 million to recover from (lien direct) |
When consumer PII is involved, the cost increases. |
|
|
|
|
2020-07-28 20:59:05 |
Hacker gang behind Garmin attack doesn\'t have a history of stealing user data (lien direct) |
There's a high probability that Garmin user data might be safe, after all. |
|
|
|
|
2020-07-28 13:38:33 |
Kaspersky: North Korean hackers are behind the VHD ransomware (lien direct) |
North Korean hackers return to actively deploying ransomware after the huge WannaCry debacle. |
Ransomware
|
Wannacry
|
|
|
2020-07-28 12:43:00 |
New Linux malware uses Dogecoin API to find C&C server addresses (lien direct) |
Security researchers discover Doki, a new backdoor malware strain targeting Docker instances. |
Malware
|
|
|
|
2020-07-27 16:13:04 |
CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malware (lien direct) |
QSnatch malware, first spotted in late 2019, has grown from 7,000 bots to more than 62,000, according to a join US CISA and UK NCSC security alert. |
Malware
|
|
|
|
2020-07-27 14:10:00 |
Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev (lien direct) |
OAuth tokens have been abused for intrusions at least two other companies, Dave.com and Flood.io. |
|
|
|
|
2020-07-27 13:27:02 |
Cerberus banking Trojan team breaks up, source code goes to auction (lien direct) |
The Android malware's operator is hoping the code and client list will net them up to $100,000. |
|
|
|
|
2020-07-27 04:45:05 |
FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins (lien direct) |
FBI believes device vendors won't disable these protocols and warns companies to take preventive and protective measures. |
|
|
|
|
2020-07-26 17:28:36 |
Apple sued for not taking action against iTunes gift card scams (lien direct) |
Plaintiffs in new class-action lawsuit claim Apple is directly benefiting and enabling iTunes gift card scams. |
|
|
|
|
2020-07-26 01:46:29 |
Tech unicorn Dave admits to security breach impacting 7.5 million users (lien direct) |
Dave user data is now available for download on a public hacking forum. |
|
|
|
|
2020-07-24 21:14:00 |
Academics smuggle 234 policy-violating skills on the Alexa Skills Store (lien direct) |
Academics said they also identified 52 problematic skills already available on the Alexa store, all targeted at children. |
|
|
|
|
2020-07-24 16:41:00 |
A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs (lien direct) |
Emotet botnet activity goes down as Emotet admins are wrestling with a vigilante for control over parts of their infrastructure. |
Malware
|
|
|
|
2020-07-24 11:15:00 |
FBI warns US companies about backdoors in Chinese tax software (lien direct) |
Following the GoldenHelper and GoldenSpy malware reports, the FBI is now warning US companies operating in China. |
Malware
|
|
|
|
2020-07-23 17:34:00 |
Garmin services and production go down after ransomware attack (lien direct) |
Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident. |
Ransomware
|
|
|
|
2020-07-23 11:26:00 |
Fawkes protects your identity from facial recognition systems, pixel by pixel (lien direct) |
Changes made to photos undetectable to the naked eye could still prevent matches in deep learning systems. |
|
|
|
|
2020-07-23 11:09:06 |
CouchSurfing investigates data breach after 17m user records appear on hacking forum (lien direct) |
EXCLUSIVE: CouchSurfing working with law enforcement and security firm to investigate incident. |
Data Breach
|
|
|
|
2020-07-23 09:08:50 |
New \'Shadow Attack\' can replace content in digitally signed PDF files (lien direct) |
15 out of the 28 biggest desktop PDF viewers are vulnerable, German academics say. |
|
|
|
|
2020-07-23 08:59:31 |
Chinese hackers blamed for the spread of MgBot Trojan across India, Hong Kong (lien direct) |
The APT is focused on breaking into both Windows PCs and Android mobile devices. |
|
|
|
|
2020-07-23 07:20:53 |
IBM Verify Gateway vulnerability allowed remote attackers to brute-force their way in (lien direct) |
The severe bug could be harnessed for brute-force attacks. |
Vulnerability
|
|
|
|
2020-07-23 00:48:35 |
Slack credentials abundant on cybercrime markets, but little interest from hackers (lien direct) |
Security researchers find more than 17,000 Slack credentials for roughly 12,000 Slack workspaces being sold online. |
|
|
|
|
2020-07-22 22:53:31 |
Google\'s Project Zero team won\'t be applying for Apple\'s SRD program (lien direct) |
Other security researchers have expressed similar intentions to skip the Apple SRD program after the program rules give Apple full control of the vulnerability disclosure process. |
Vulnerability
|
|
|
|
2020-07-22 15:22:49 |
Prometei botnet exploits Windows SMB to mine for cryptocurrency (lien direct) |
The new botnet has been quietly operating since March. |
|
|
|
|
2020-07-22 13:13:34 |
University of York discloses data breach, staff and student records stolen (lien direct) |
Third-party cloud service provider Blackbaud has been blamed. |
|
|
|
|
2020-07-22 07:41:08 |
Adobe issues emergency fixes for critical vulnerabilities in Photoshop, Bridge, Prelude (lien direct) |
13 vulnerabilities, the majority critical, are being tackled in the out-of-band security update. |
|
|
|
|
2020-07-21 15:00:09 |
Microsoft Double Key Encryption enters public preview (lien direct) |
Microsoft rolls out public preview of a new data encryption feature specifically designed for companies in highly-regulated environments, such as financial services and healthcare. |
|
|
|
|
2020-07-21 09:21:12 |
Twitter hack: Coinbase blocks $280,000 in Bitcoin theft (lien direct) |
Cryptocurrency exchanges did their part in preventing customers from being scammed. |
|
|
|
|
2020-07-21 08:34:24 |
Fortinet snaps up OPAQ in secure access, cloud security push (lien direct) |
The company says remote working trends are making zero trust access to networks even more critical. |
|
|
|
|
2020-07-20 13:05:23 |
Ransomware gang demands $7.5 million from Argentinian ISP (lien direct) |
Telecom Argentina had roughly 18,000 computers infected during a ransomware attack over the weekend. |
Ransomware
|
|
|
|
2020-07-20 09:44:28 |
Two more cyber-attacks hit Israel\'s water system (lien direct) |
First attack hit in April when hackers tried to modify water chlorine levels, officials said. |
|
|
|
|
2020-07-20 07:14:47 |
Uber drivers demand to see algorithms, data that determines their working lives (lien direct) |
The court case claims increased data transparency is necessary to prevent discriminative practices. |
|
Uber
|
|
|
2020-07-20 00:38:33 |
BadPower attack corrupts fast chargers to melt or set your device on fire (lien direct) |
Attackers can alter the firmware of fast charger devices to deliver extra voltage and damage connected equipment. |
|
|
|
|
2020-07-19 20:47:34 |
Three Trump officials have now hinted at a TikTok ban this month (lien direct) |
US Secretary of State Mike Pompeo, National Security Advisor Robert O'Brien, and Trump's Chief of Staff Mark Meadows have suggested that a TikTok ban is on its way. |
|
|
|
|
2020-07-19 14:16:00 |
Hacker behind Ripoff Report extortion attempt extradited to the US (lien direct) |
Hacker emailed the Ripoff Report CEO, shared a video accessing the exec's account, and asked for a $90,000 payment. |
|
|
|
|
2020-07-18 19:43:17 |
Twitter says hackers downloaded the data of eight users in Wednesday\'s hack (lien direct) |
Hackers targeted 130 accounts, tweeted on behalf of 45, and downloaded data from eight. |
Hack
|
|
★★★★
|
|
2020-07-17 18:52:00 |
Emotet botnet returns after a five-month absence (lien direct) |
2019's most active malware botnet returns to life with new spam campaign after it previously went dark on February 7, 2020. |
Spam
Malware
|
|
|
|
2020-07-17 11:55:52 |
Cloud provider stopped ransomware attack but had to pay ransom demand anyway (lien direct) |
BlackBaud said it had to pay a ransom demand to ensure hackers would delete data they stole from its network. |
Ransomware
|
|
|
|
2020-07-17 10:42:17 |
Cisco releases security fixes for critical VPN, router vulnerabilities (lien direct) |
The worst bugs can be exploited for remote code execution and privilege escalation attacks. |
|
|
|
|
2020-07-17 00:20:05 |
Google says a bug is erroneously showing security alerts for TiVO devices (lien direct) |
TiVO streaming dongle owners are getting a security alert when linking their Google account to their device. |
|
|
|
|
2020-07-16 21:18:55 |
DHS CISA tells government agencies to patch Windows Server DNS bug within 24h (lien direct) |
CISA cites "likelihood of the vulnerability being exploited" and widespread use of Windows Server as primary reason for today's rare measure. |
Vulnerability
|
|
|
|
2020-07-16 19:46:33 |
Twitter: No evidence hackers accessed user passwords (lien direct) |
Social network has no plans to reset user passwords after yesterday's massive hack that spread a Bitcoin scam on the platform. |
Hack
|
|
|
|
2020-07-16 16:15:26 |
Diebold Nixdorf warns of a new class of ATM \'black box\' attacks across Europe (lien direct) |
New ATM black box (jackpotting) attacks have been spotted in Belgium. |
|
|
|
|
2020-07-16 14:00:00 |
US actor casting company leaked private data of over 260,000 individuals (lien direct) |
Exclusive: The site has been used to cast members in Pitch Perfect and Terminator Genisys, among other shows. |
|
|
|
|
2020-07-16 12:50:00 |
European court strikes down EU-US Privacy Shield user data exchange agreement as invalid (lien direct) |
The decision could have immediate ramifications for the transfer of user data between the US and Europe. |
|
|
|