Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-29 13:13:37 |
Estonia: Foreign hackers breached local email provider for targeted attacks (lien direct) |
Hackers hijacked a small number of Mail.ee accounts "belonging to persons of interest to a foreign country." |
|
|
|
|
2020-04-29 08:25:42 |
GitLab awards researcher $20,000, patches remote code execution bug (lien direct) |
Engineers jumped on the issue which earned the researcher $1,000 at the point of triage. |
|
|
|
|
2020-04-29 08:18:11 |
Microsoft open-sources in-house library for handling QUIC connections (lien direct) |
Microsoft says MsQuic will soon be part of most of its products, like Windows, .NET, Microsoft 365, and others. |
|
|
|
|
2020-04-29 07:27:34 |
Adobe patches critical code, corruption bugs across Bridge, Illustrator, Magento (lien direct) |
The company has squashed a range of critical flaws leading to arbitrary code execution. |
Guideline
|
|
|
|
2020-04-29 00:17:57 |
Two Usenet providers blame data breaches on partner company (lien direct) |
Remember Usenet? |
|
|
|
|
2020-04-28 22:11:00 |
Google discloses zero-click bugs impacting several Apple operating systems (lien direct) |
Apple needs to follow in Google and Mozilla's footsteps and secure its multimedia processing libraries. |
|
|
|
|
2020-04-28 17:17:51 |
(Déjà vu) Hackers threaten to leak data from famous high-end Zaha Hadid architecture firm (lien direct) |
Hackers have stolen data from the company's network, encrypted everything with ransomware, and are now threatening to release files on the dark web if the company doesn't pay a ransom demand. |
|
|
|
|
2020-04-28 17:17:00 |
Hackers threaten to leak data from high-end architecture firm Zaha Hadid (lien direct) |
Hackers have stolen data from the company's network, encrypted everything with ransomware, and are now threatening to release files on the dark web if the company doesn't pay a ransom demand. |
|
|
|
|
2020-04-28 14:00:00 |
PhantomLance spying campaign breaches Google Play security (lien direct) |
The four-year-long attack wave has been connected to dozens of malicious apps found in app stores. |
|
|
|
|
2020-04-28 05:15:06 |
Android OEM patch rates have improved, with Nokia and Google leading the charge (lien direct) |
The Android OEM patch rate has gone down from 44 days in 2018 to 38 days today. |
|
|
|
|
2020-04-28 04:30:08 |
Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone (lien direct) |
Attacks began earlier this month after WordPress theme developer did not release a patch for a trivial bug. |
|
|
|
|
2020-04-28 04:00:09 |
Consumers benefit as video call vendors scramble to revamp security in a COVID-19 world (lien direct) |
Houseparty, Discord, and Doxy.me, however, fail to meet basic security standards, new research suggests. |
|
|
|
|
2020-04-27 19:50:00 |
You can now manage Windows 10 devices through G Suite (lien direct) |
G Suite gets a long-awaited feature -- Windows 10 device management. |
|
|
|
|
2020-04-27 19:00:00 |
Financial sector is seeing more credential stuffing than DDoS attacks (lien direct) |
North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services. |
|
|
|
|
2020-04-27 16:34:00 |
Shade (Troldesh) ransomware shuts down and releases decryption keys (lien direct) |
The Shade ransomware gang have published more than 750,000 decryption keys on GitHub. Kaspersky is working on a decryption app. |
Ransomware
|
|
|
|
2020-04-27 13:34:25 |
Israel government tells water treatment companies to change passwords (lien direct) |
Israel cyber-security agency reported intrusion attempts last week. |
|
|
|
|
2020-04-27 10:39:30 |
Germany pivots from centralized coronavirus tracing app to privacy-protecting alternative (lien direct) |
The move will likely be applauded by privacy and civil rights groups. |
|
|
|
|
2020-04-27 04:01:06 |
This is how viewing a GIF in Microsoft Teams triggered account hijacking bug (lien direct) |
Seeing an animation was enough to be impacted, researchers say. |
|
|
|
|
2020-04-26 02:39:25 |
Hackers are exploiting a Sophos firewall zero-day (lien direct) |
Sophos releases emergency patch to fix SQL injection bug exploited in the wild, impacting its XG Firewall product. |
|
|
|
|
2020-04-24 20:01:00 |
Symlink race bugs discovered in 28 antivirus products (lien direct) |
Most products have patched, researchers said, without naming the ones who skipped. |
|
|
|
|
2020-04-24 16:12:00 |
Facebook-NSO lawsuit: Hundreds of WhatsApp attacks linked to one IP address (lien direct) |
Facebook fights to keep the lawsuit on track after NSO filed a motion to dismiss the case earlier this month. |
|
|
|
|
2020-04-24 12:05:00 |
Nintendo says 160,000 users impacted in recent account hacks (lien direct) |
Nintendo disconnects NNID legacy login system from main Nintendo profiles after massive account hijacking campaign. |
|
|
|
|
2020-04-24 08:26:00 |
Apple disputes recent iOS zero-day claim (lien direct) |
Apple says it "thoroughly investigated" a recent report about three iOS Mail bugs but "found no evidence they were used against customers." |
|
|
|
|
2020-04-24 07:17:38 |
Stuck at home, UK lockdown DIY fans slammed with Robert Dyas data breach (lien direct) |
The hardware store is the latest victim of card-skimmer malware. |
Data Breach
|
|
|
|
2020-04-24 06:34:11 |
Google will now demand online advertisers provide proof of identity and location (lien direct) |
The company is clamping down on fake content and scams by expanding checks previously reserved for political advertising. |
|
|
|
|
2020-04-23 20:40:55 |
RIPE opposes China\'s internet protocols upgrade plan (lien direct) |
RIPE speaks out against China and Huawei's "New IP" internet upgrade plan, says internet standards should be left to the IETF, not the UN. |
|
|
|
|
2020-04-23 12:48:11 |
NSA shares list of vulnerabilities commonly exploited to plant web shells (lien direct) |
NSA and ASD issue joint advisory on detecting and dealing with web shells. |
|
|
|
|
2020-04-23 12:00:07 |
As we turn to remote working, Malwarebytes joins VPN fray (lien direct) |
The new Malwarebytes Privacy VPN has been launched at a time VPN adoption is likely on the rise. |
|
|
|
|
2020-04-23 11:50:30 |
SBA reveals potential data breach impacting 8,000 emergency business loan applicants (lien direct) |
A US Senator says that the White House has “got to get it together.” |
Data Breach
|
|
|
|
2020-04-23 10:16:03 |
ESET takes down VictoryGate cryptomining botnet (lien direct) |
More than 35,000 computers believed to have been infected, according to ESET's sinkhole data. |
|
|
|
|
2020-04-23 10:00:07 |
Scammers are now taking advantage of US small business relief fund in phishing emails (lien direct) |
New campaigns are capitalizing not just on coronavirus fears but also on the outbreak's financial ramifications. |
|
|
|
|
2020-04-22 22:49:45 |
Valve says it\'s safe to play CS:GO and TF2 after source code leaked online (lien direct) |
Old 2017 source code for Counter-Strike: Global Offensive and Team Fortress 2 leaked online today on 4chan. |
|
|
|
|
2020-04-22 19:40:00 |
Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak (lien direct) |
Shadow Brokers data dump yields another one of its secrets |
|
|
|
|
2020-04-22 15:43:00 |
Apple investigating report of a new iOS exploit being used in the wild (lien direct) |
Cyber-security firm ZecOps said today it detected attacks against high-profile targets using a new iOS email exploit. |
|
|
|
|
2020-04-22 13:00:09 |
This is what happens to cryptocurrency paid out in sextortion campaigns (lien direct) |
Researchers have followed the trail of dirty coins generated through extorting sextortion spam victims. |
Spam
|
|
|
|
2020-04-22 13:00:00 |
Hackers have breached 60 ad servers to load their own malicious ads (lien direct) |
Why buy legitimate ad slots to deliver malvertising when you can just hack the server instead. |
Hack
|
|
|
|
2020-04-22 09:29:41 |
Smart IoT home hubs vulnerable to remote code execution attacks (lien direct) |
IoT hubs used in homes and offices were found to be susceptible to exploit due to critical bugs in their firmware. |
|
|
|
|
2020-04-21 18:43:28 |
New iOS exploit discovered being used to spy on China\'s Uyghur minority (lien direct) |
New "Insomnia" exploit works on iOS versions 12.3, 12.3.1, and 12.3.2; was patched in iOS 12.4 last year. |
|
|
|
|
2020-04-21 15:14:00 |
Here\'s a list of all the ransomware gangs who will steal and leak your data if you don\'t pay (lien direct) |
Ransomware gangs are getting more aggressive these days about pursuing payments and have begun stealing and threatening to leak sensitive documents if victims don't pay the requested ransom demand. |
Ransomware
|
|
|
|
2020-04-21 11:36:11 |
Security researcher discloses four IBM zero-days after company refused to patch (lien direct) |
Zero-days impact the IBM Data Risk Manager (IDRM), one of IBM's enterprise security tools. |
|
|
|
|
2020-04-21 08:11:37 |
France asks Apple to relax iPhone security for coronavirus tracking app development (lien direct) |
A technical issue is stymying the development of a government app for tracing COVID-19. |
|
|
|
|
2020-04-21 07:56:00 |
Nintendo accounts are getting hacked and used to buy Fortnite currency (lien direct) |
Nintendo has recommended that users enable two-factor authentication on their accounts. |
|
|
|
|
2020-04-20 22:51:36 |
Chinese hackers targeted company behind \'Ragnarok Online\' MMORPG (lien direct) |
Security firm finds new Chinese malware aimed at the Gravity game maker's network. Unclear if the attempted intrusion succeeded. |
Malware
|
|
|
|
2020-04-20 20:45:10 |
Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment (lien direct) |
Xilinx 7-series and some 6-series FPGAs deemed vulnerable to new Starbleed vulnerability. |
|
|
|
|
2020-04-20 12:04:12 |
Cloudflare debuts Border Gateway Protocol safety check tool (lien direct) |
The tool can be used to see if your ISP is adhering to modern BGP security frameworks. |
Tool
|
|
|
|
2020-04-20 10:15:29 |
Students, university clash over forced installation of remote exam monitoring software on home PCs (lien direct) |
The use of remote spying software to prevent cheating has raised an outcry from students. |
|
|
|
|
2020-04-20 08:45:01 |
Proposed government coronavirus tracking app falls at the first hurdle due to data breach (lien direct) |
The source code of a proposed app for tracing COVID-19 exposed user data after being published online. |
Data Breach
|
|
|
|
2020-04-19 14:50:05 |
Hackers steal $25 million worth of cryptocurrency from Uniswap and Lendf.me (lien direct) |
Hacker is believed to have used an exploit shared on GitHub last year to steal funds from both platforms. |
|
|
|
|
2020-04-18 23:54:29 |
Hacker leaks 23 million usernames and passwords from Webkinz children\'s game (lien direct) |
Exclusive: Webkinz security breach occurred earlier this month, sources have told ZDNet. |
|
|
|
|
2020-04-18 22:07:24 |
Tor Project lays off a third of its staff (lien direct) |
Tor Project lays off 13 out of 35 staffers. |
|
|
|