What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-03 10:03:47 | LinkedIn says iOS clipboard snooping after every key press is a bug, will fix (lien direct) | The new clipboard access detection and warning feature in iOS 14 exposes another app. | |||
|
2020-07-02 23:05:08 | Roblox accounts hacked with pro-Trump messages (lien direct) | Hackers are taking Roblox credentials leaked on Pastebin, accessing accounts, and leaving the same "Ask your parents to vote for Trump this year" message on thousands of Roblox profiles. | |||
|
2020-07-02 18:21:00 | Sixteen Facebook apps caught secretly sharing data with third-parties (lien direct) | Academic study used unique "honeytoken" emails to install Facebook apps and see which inboxes received emails from unrecognized senders. | |||
|
2020-07-02 14:00:05 | V Shred data leak exposes PII, sensitive photos of fitness customers and trainers (lien direct) | V Shred defended the public status of its open bucket and only partially solved the problem. | |||
|
2020-07-02 12:02:24 | This is how EKANS ransomware is targeting industrial control systems (lien direct) | New samples of the ransomware reveal the techniques used to attack critical ICS systems. | Ransomware | ||
|
2020-07-02 02:26:31 | Facebook says 5,000 app developers got user data after cutoff date (lien direct) | A Facebook privacy mechanism blocks apps from receiving user data if users didn't use an app for 90 days. Facebook said 5,000 apps continued to receive user data regardless. | |||
|
2020-07-02 01:25:33 | Connection discovered between Chinese hacker group APT15 and defense contractor (lien direct) | Lookout said it linked APT15 malware to Xi'an Tianhe Defense Technology, a Chinese defense contractor. | Malware | APT 15 | |
|
2020-07-01 21:14:04 | Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities (lien direct) | The hacker has attempted to ransom nearly 47% of all MongoDB databases left exposed online. | |||
|
2020-07-01 15:09:11 | One out of every 142 passwords is \'123456\' (lien direct) | The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind. | Studies | ||
|
2020-07-01 12:38:03 | AT&T dragged to court, again, over SIM hijacking and cryptocurrency theft (lien direct) | A customer allegedly lost $1.9 million due to AT&T's handling of a number transfer request. | |||
|
2020-07-01 10:59:33 | UK court shuts down scam cryptocurrency platform GPay Ltd, £1.5 million in client funds lost (lien direct) | GPay used fake celebrity endorsements and ads to lure traders to invest. | |||
|
2020-07-01 01:44:00 | Microsoft releases emergency security update to fix two bugs in Windows codecs (lien direct) | Security updates have been silently deployed to customers on Tuesday through the Windows Store app. | |||
|
2020-07-01 00:31:24 | Apple tells app devs to use IPv6 as it\'s 1.4 times faster than IPv4 (lien direct) | Company also urges app devs to start using newer web tech like HTTP/2 and TLS 1.3, citing similar performance and speed improvements. | |||
|
2020-06-30 16:02:23 | New EvilQuest ransomware discovered targeting macOS users (lien direct) | EvilQuest ransomware encrypts macOS systems but also installs a keylogger and a reverse shell for full control over infected hosts. | Ransomware | ||
|
2020-06-30 12:35:52 | Promethium APT attacks surge, new Trojanized installers uncovered (lien direct) | The hacking group behind StrongPity is ignoring constant exposure by researchers in its quest for global intelligence and surveillance. | |||
|
2020-06-30 10:02:51 | University of California SF pays ransomware hackers $1.14 million to salvage research (lien direct) | The malware infected crucial research stored in the UCSF medical school's network. | Ransomware Malware | ||
|
2020-06-30 10:00:04 | The more cybersecurity tools an enterprise deploys, the less effective their defense is (lien direct) | New research highlights how throwing money indiscriminately at security doesn't guarantee results. | |||
|
2020-06-30 09:49:55 | Google removes 25 Android apps caught stealing Facebook credentials (lien direct) | The malicious apps were downloaded more than 2.34 million times. | |||
|
2020-06-30 01:04:42 | (Déjà vu) US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug (lien direct) | Palo Alto Networks disclosed today a major bug that lets hackers bypass authentication on its firewall and corporate VPN products. | |||
|
2020-06-30 01:04:00 | US Cyber Command says foreign hackers will attempt to exploit new PAN-OS security bug (lien direct) | Palo Alto Networks disclosed today a major bug that lets hackers bypass authentication on its firewall and corporate VPN products. | |||
|
2020-06-29 19:57:15 | A hacker gang is wiping Lenovo NAS devices and asking for ransoms (lien direct) | Ransom notes signed by 'Cl0ud SecuritY' hacker group are being found on old LenovoEMC NAS devices. | |||
|
2020-06-29 16:00:33 | India bans 59 Chinese apps, including TikTok, UC Browser, Weibo, and WeChat (lien direct) | Indian government ban comes after the Indian military has clashed with Chinese forces on the country's northern border. | |||
|
2020-06-29 14:00:04 | HackerOne\'s 2020 Top 10 public bug bounty programs (lien direct) | The HackerOne bug bounty platform reveals its most successful bug bounty programs. | |||
|
2020-06-29 11:09:12 | Michigan tackles compulsory microchip implants for employees with new bill (lien direct) | RFID implants for workers are not an issue now, but the state wants to get ahead on what could become a huge privacy problem in the future. | |||
|
2020-06-29 10:09:19 | SEC warns off investment in iBSmartify Nigeria cryptocurrencies (lien direct) | iBledger and InksNation are unregistered, and therefore a financial risk outside of the local commission's regulatory protections. | |||
|
2020-06-29 09:23:25 | Russian leader of Infraud stolen ID, credit card ring pleads guilty (lien direct) | The Infraud Organization was once known as a major player in the carding world. | |||
|
2020-06-28 22:56:54 | Apple strong-arms entire CA industry into one-year certificate lifespans (lien direct) | Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities. | |||
|
2020-06-28 16:55:28 | Apple declined to implement 16 Web APIs in Safari due to privacy concerns (lien direct) | Apple said these 16 new Web APIs add new user fingerprinting opportunities for online advertisers. | |||
|
2020-06-27 12:58:16 | Adobe, Mastercard, Visa warn online store owners of Magento 1.x EOL (lien direct) | Almost 110,000 online stores are still running the soon-to-be-outdated Magento 1.x CMS. | |||
|
2020-06-26 16:04:24 | Docker servers infected with DDoS malware in extremely rare attacks (lien direct) | Most Docker servers are usually infected with cryptocurrency-mining malware. | Malware | ||
|
2020-06-26 10:52:48 | Credit card skimmers are now being buried in image file metadata on e-commerce websites (lien direct) | Magecart attackers are suspected of using an interesting technique to steal your financial data. | |||
|
2020-06-26 10:08:26 | More than 75% of all vulnerabilities reside in indirect dependencies (lien direct) | JavaScript, Ruby, and Java are the ecosystems with most bugs in indirect dependencies. | |||
|
2020-06-26 09:36:39 | Nvidia squashes display driver code execution, information leak bugs (lien direct) | The vulnerabilities impact both Windows and Linux machines. | |||
|
2020-06-26 00:17:00 | DDoS botnet coder gets 13 months in prison (lien direct) | Kenneth Schuchman, known as Nexus Zeta, created multiple DDoS botnets, including Satori, Okiru, Masuta, and Fbot/Tsunami. | Satori | ||
|
2020-06-25 19:18:00 | Apple adds support for encrypted DNS (DoH and DoT) (lien direct) | Apple said this week that iOS 14 and macOS 11 will support the DNS-over-HTTPS and DNS-over-TLS protocols. | |||
|
2020-06-25 17:30:01 | Chinese bank forced western companies to install malware-laced tax software (lien direct) | GoldenSpy backdoor trojan found in a Chinese bank's official tax software, which the bank has been forcing western companies to install. | |||
|
2020-06-25 08:31:00 | Lucifer: Devilish malware that abuses critical vulnerabilities on Windows machines (lien direct) | Researchers say the powerful malware has been “wreaking havoc” on Windows hosts. | Malware | ||
|
2020-06-25 07:36:32 | FBI warns K12 schools of ransomware attacks via RDP (lien direct) | The FBI has issued a security alert warning K12 schools of the "ransomware threat" during the COVID-19 pandemic. | Ransomware | ||
|
2020-06-24 23:47:32 | WikiLeaks founder charged with conspiring with Anonymous and LulzSec hackers (lien direct) | US Department of Justice claims Assange tried to recruit hackers to commit crimes on his behalf. One of the hackers was an FBI informant, said the FBI. | |||
|
2020-06-24 19:33:00 | Zoom hires Jason Lee from Salesforce to serve as new CISO (lien direct) | Lee to become Zoom's new CISO starting June 29, next week. | |||
|
2020-06-24 18:45:35 | (Déjà vu) Sony launches PlayStation bug bounty program with rewards of up to $50,000 (lien direct) | Sony will pay security researchers for bugs in the PlayStation 4 gaming console, its operating system, official PS4 accessories, but also the PlayStation Network and related websites. | |||
|
2020-06-24 18:45:00 | Sony launches PlayStation bug bounty program with rewards of $50K+ (lien direct) | Sony will pay security researchers for bugs in the PlayStation 4 gaming console, its operating system, official PS4 accessories, but also the PlayStation Network and related websites. | |||
|
2020-06-24 13:39:51 | CryptoCore hacker group has stolen more than $200m from cryptocurrency exchanges (lien direct) | The hacker group is believed to operate out of Eastern Europe, based on current evidence. | |||
|
2020-06-24 10:25:00 | New Zealand freezes $90 million in BTC-e money laundering case (lien direct) | The ongoing case claims the owner of BTC-e permitted the platform to be used for money laundering. | |||
|
2020-06-24 09:10:00 | New ransomware masquerades as COVID-19 contact-tracing app on your Android device (lien direct) | The malware surfaced just days after health officials in Canada announced the launch of a tracing app in the fight against COVID-19. | Ransomware Malware | ||
|
2020-06-23 23:13:42 | Twitter bans DDoSecrets account over \'BlueLeaks\' police data dump (lien direct) | Twitter said DDoSecrets account leaked and promoted BlueLeaks, a huge collection of files stolen from more than 200 US police departments and fusion training centers. | |||
|
2020-06-23 17:13:00 | Microsoft releases first public preview of its Defender antivirus on Android (lien direct) | UPDATE: Microsoft Defender ATP for Linux has also exited public preview and is now generally available for all users. | |||
|
2020-06-23 12:00:00 | New WastedLocker ransomware demands payments of millions of USD (lien direct) | Evil Corp, one of the biggest malware operations on the planet, has returned to life after the December 2019 DOJ charges with a new ransomware strain. | Ransomware Malware | ||
|
2020-06-23 08:47:00 | 80,000 printers are exposing their IPP port online (lien direct) | Printers are leaking device names, locations, models, firmware versions, organization names, and even WiFi SSIDs. | |||
|
2020-06-23 06:34:00 | Microsoft\'s \'Safe Documents\' feature reaches general availability in Office 365 (lien direct) | New Safe Documents feature available for all Office 365 E5 license holders. |
To see everything:
Our RSS (filtrered)
