Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-05-20 23:07:17 |
Hacker selling 40 million user records from popular Wishbone app (lien direct) |
Seller claims the data was obtained following a hack that took place earlier this year. |
Hack
|
|
★★★
|
|
2020-05-20 17:11:43 |
Bank of America blames PPP applications leak on faulty SBA test server (lien direct) |
BofA says SBA test platform allowed others to view details for its customers' PPP loan applications. |
|
|
|
|
2020-05-20 14:06:00 |
Signal to move away from using phone numbers as user IDs (lien direct) |
Signal launches profile PINs, the first step in supporting Signal user accounts that are not tied to phone numbers. |
|
|
|
|
2020-05-20 11:00:10 |
\'Flight risk\' employees involved in 60% of insider cybersecurity incidents (lien direct) |
The majority of staff planning their exit also take sensitive information with them, research suggests. |
|
|
|
|
2020-05-20 10:08:43 |
Adobe issues out-of-band patch to fix remote code execution flaw in animation software (lien direct) |
Information leaks have also been patched up in Premiere Rush, Audition, and Premiere Pro. |
|
|
|
|
2020-05-19 21:23:00 |
NXNSAttack technique can be abused for large-scale DDoS attacks (lien direct) |
New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor. |
Vulnerability
|
|
|
|
2020-05-19 17:36:08 |
Hacker arrested in Ukraine for selling billions of stolen credentials (lien direct) |
Hacker "Sanix" has been selling billions of hacked user credentials on hacker forums and Telegram channels. |
|
|
|
|
2020-05-19 17:00:06 |
WolfRAT targets WhatsApp, Facebook Messenger app users on Android devices (lien direct) |
The new malware is unstable and appears to be a slapdash effort based on leaked DenDroid code. |
Malware
|
|
|
|
2020-05-19 16:05:51 |
Chrome 83 released with enhanced privacy controls, tab groups feature (lien direct) |
Chrome 83 is one of the feature-rich Chrome releases in recent years. |
|
|
|
|
2020-05-19 12:00:37 |
Hundreds of thousands of QNAP devices vulnerable to remote takeover attacks (lien direct) |
A firmware patch has been released last year, in November. |
|
|
|
|
2020-05-19 10:15:08 |
France defends \'centralized\' coronavirus tracing app, insists privacy held sacred (lien direct) |
The country says StopCovid could be valuable in preventing a second COVID-19 wave. |
|
|
|
|
2020-05-19 04:20:06 |
FBI warns about attacks on Magento online stores via old plugin vulnerability (lien direct) |
FBI says hackers have been planting card skimmers on online stores by exploiting a 2017 bug in the MAGMI plugin. |
Vulnerability
|
|
★★
|
|
2020-05-19 03:01:00 |
Supreme Court rejects lawsuit claiming Facebook provided terrorist forum support (lien direct) |
The case accused Facebook of being materially responsible for user-generated terrorist content. |
|
|
|
|
2020-05-18 22:07:00 |
Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack (lien direct) |
New BIAS attack works agaisnt Bluetooth devices and firmware from Apple, Broadcom, Cypress, Intel, Samsung, and others. |
|
|
|
|
2020-05-18 18:59:32 |
FBI criticizes Apple for not helping crack Pensacola shooter\'s iPhones (lien direct) |
Apple said back in January that it helped within hours and handed over to the FBI gigabytes of information. |
|
|
|
|
2020-05-18 14:32:46 |
Mercedes-Benz onboard logic unit (OLU) source code leaks online (lien direct) |
Daimler allowed anyone to register on one of its on-premise GitLab servers. |
|
|
|
|
2020-05-18 10:40:48 |
Face masks prompt London police to consider pause in rollout of facial recognition cameras (lien direct) |
The controversial scheme may be halted due to the widespread adoption of face coverings. |
|
|
|
|
2020-05-18 10:08:28 |
FBI: ProLock ransomware gains access to victim networks via Qakbot infections (lien direct) |
The FBI also warns that the ProLock decryptor doesn't always work correctly, even after victims pay the ransom. |
Ransomware
|
|
|
|
2020-05-18 09:18:08 |
Illinois blames \'glitch\' for exposure of PUA applicant Social Security numbers, private data (lien direct) |
Sensitive unemployment benefit claimant information was made public on an online portal. |
|
|
|
|
2020-05-16 19:42:12 |
Supercomputers hacked across Europe to mine cryptocurrency (lien direct) |
Confirmed infections have been reported in the UK, Germany, and Switzerland. Another suspected infection was reported in Spain. |
|
|
|
|
2020-05-15 19:13:25 |
Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump (lien direct) |
The REvil ransomware gang published last night 2.4 GB of Lady Gaga's legal documents. |
Ransomware
|
|
|
|
2020-05-15 13:22:00 |
Hackers preparing to launch ransomware attacks against hospitals arrested in Romania (lien direct) |
Hackers were planning to use COVID-19-themed emails to infect Romanian hospitals with ransomware and disrupt operations. |
Ransomware
|
|
|
|
2020-05-15 09:25:59 |
Hackers target the air-gapped networks of the Taiwanese and Philippine military (lien direct) |
Third state-sponsored malware strain disclosed this week that can jump the air gap and reach isolated networks. |
Malware
|
|
|
|
2020-05-15 09:19:31 |
Mikroceen RAT backdoors Asian government networks in new attack wave (lien direct) |
The backdoor paved the way for the deployment of other malware including Gh0st RAT. |
Malware
|
|
|
|
2020-05-15 08:10:16 |
This new, unusual Trojan promises victims COVID-19 tax relief (lien direct) |
QNodeService's codebase may have helped it avoid detection by traditional antivirus solutions. |
|
|
|
|
2020-05-14 22:12:23 |
UK electricity middleman hit by cyber-attack (lien direct) |
Elexon said the incident only impacted its internal IT network, employee laptops, and company email server. |
|
|
|
|
2020-05-14 20:17:18 |
Google to block ads that use too many system resources starting August 2020 (lien direct) |
New "Heavy Ad Intervention" will save battery life and network bandwidth usage on mobile data plans. |
|
|
|
|
2020-05-14 18:04:21 |
(Déjà vu) Russian hacker group use HTTP status codes to control malware implants (lien direct) |
New Turla cyber-espionage operation targets diplomatic entities in Europe with new COMpfun malware. |
Malware
|
|
|
|
2020-05-14 18:04:00 |
Russian hacker group using HTTP status codes to control malware implants (lien direct) |
New Turla cyber-espionage operation targets diplomatic entities in Europe with new COMpfun malware. |
Malware
|
|
|
|
2020-05-14 11:59:40 |
COVID-19 blamed for 238% surge in cyberattacks against banks (lien direct) |
Disarray caused by the pandemic has become a breeding ground for financially-motivated attacks. |
|
|
|
|
2020-05-14 11:52:02 |
A cybercrime store is selling access to more than 43,000 hacked servers (lien direct) |
The MagBo portal provides access hacked servers, with some belonging to local and state government, hospitals, and financial organizations. |
|
|
|
|
2020-05-13 22:35:00 |
(Déjà vu) Microsoft adds initial support for DNS-over-HTTPS (DoH) in Windows Insiders (lien direct) |
DoH support now available in current Windows 10 Insiders Fast Ring distributions. |
|
|
|
|
2020-05-13 18:45:28 |
US formally accuses China of hacking US entities working on COVID-19 research (lien direct) |
DHS CISA and the FBI issue joint statement on recent Chinese cyber-attacks against COVID-19-related targets. |
|
|
|
|
2020-05-13 17:31:09 |
PrintDemon vulnerability impacts all Windows versions (lien direct) |
PrintDemon vulnerability impacts Windows versions released as far back as 1996. Patches available. |
Vulnerability
|
|
|
|
2020-05-13 11:37:55 |
New Ramsay malware can steal sensitive documents from air-gapped networks (lien direct) |
Ramsay can infect air-gapped computers, collect Word, PDF, and ZIP files in a hidden folder, and then wait for exfiltration. |
Malware
|
|
|
|
2020-05-13 10:01:40 |
Adobe issues patches for 36 vulnerabilities in DNG, Reader, Acrobat (lien direct) |
May's patch round includes fixes for remote code execution flaws. |
|
|
|
|
2020-05-13 08:04:09 |
Windows 10 to get PUA/PUP protection feature (lien direct) |
New PUA/PUP-blocking security feature to roll out with the Windows 10 May 2020 update. |
|
|
|
|
2020-05-13 04:20:00 |
DHS CISA and FBI share list of top 10 most exploited vulnerabilities (lien direct) |
Office is the most exploited technology, followed by Apache Struts. |
|
|
|
|
2020-05-13 01:27:00 |
Huawei denies involvement in buggy Linux kernel patch proposal (lien direct) |
Huawei says employee submitted code as part of a personal project, not on behalf of the company. |
|
|
|
|
2020-05-12 20:38:14 |
Google removed 813 creepware apps from the Android Play Store (lien direct) |
The applications were discovered with a new algorithm called CreepRank, developed by a team of academics. |
|
|
|
|
2020-05-12 17:53:00 |
Microsoft May 2020 Patch Tuesday fixes 111 vulnerabilities (lien direct) |
Third-largest Patch Tuesday in Microsoft's history started rolling out earlier today. |
|
|
|
|
2020-05-12 16:36:18 |
On the three-year anniversary of WannaCry, US exposes new North Korean malware (lien direct) |
US cyber-security officials expose today three new North Korean malware strains named COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. |
Malware
|
Wannacry
|
|
|
2020-05-12 10:41:09 |
Texas courts slammed by ransomware attack (lien direct) |
Officials say they will not bow to any blackmail or ransom demands. |
Ransomware
|
|
|
|
2020-05-12 09:46:15 |
WordPress plugin Page Builder by SiteOrigin patched against code execution attacks (lien direct) |
The vulnerabilities impacted over one million websites. |
|
|
|
|
2020-05-12 08:17:44 |
Android app promised to serve news updates, served ESET with a DDoS attack instead (lien direct) |
The app managed to slither into Google Play and was downloaded at least 50,000 times. |
|
|
|
|
2020-05-12 04:02:46 |
Astaroth malware hides command servers in YouTube channel descriptions (lien direct) |
Astaroth continues to evolve into a dangerous threat. Luckily, it's only spreading in Brazil only, right now. |
Malware
|
|
|
|
2020-05-11 19:42:37 |
Iran reports failed cyber-attack on Strait of Hormuz port (lien direct) |
Iranian officials said hackers infiltrated and damaged a small number of computers at the port of Shahid Rajaei in the city of Bandar Abbas. |
|
|
|
|
2020-05-11 16:13:00 |
Package delivery giant Pitney Bowes confirms second ransomware attack in 7 months (lien direct) |
Pitney Bowes network infected with Maze ransomware, after the company got hit by the Ryuk gang in October last year. |
Ransomware
|
|
|
|
2020-05-11 12:29:53 |
Zeus Sphinx revamped as coronavirus relief payment attack wave continues (lien direct) |
The financial malware has been upgraded with new C2 setups and encryption keys. |
Malware
|
|
|
|
2020-05-11 09:20:45 |
Data leak, phishing security flaws disclosed in Oracle iPlanet Web Server (lien direct) |
Security patches will not be issued to fix the problems. |
|
|
|