What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-05 21:50:00 | (Déjà vu) SAP notifying 9% of customers about security bugs in some cloud products (lien direct) | SAP says an internal security review found issues with seven of its cloud products. | |||
|
2020-05-05 21:50:00 | SAP notifying 9% of customers about mysterious cloud products security holes (lien direct) | SAP says an internal security review found issues with seven of its cloud products. | |||
|
2020-05-05 18:27:55 | A hacker group tried to hijack 900,000 WordPress sites over the last week (lien direct) | Massive hacking operations causes a 30 times spike in bad traffic. | |||
|
2020-05-05 14:15:00 | Europol arrests hackers behind Infinity Black hacker group (lien direct) | Polish police arrests five hackers for selling stolen user credentials and hacking tools. | |||
|
2020-05-05 13:00:04 | The Firefox password manager now tells you when you use leaked passwords (lien direct) | The Firefox password manager also tells you when a website has suffered a security breach. | |||
|
2020-05-05 12:00:08 | Enterprises throw money at cybersecurity but half of attacks are still a success (lien direct) | Mandiant says that intrusions, policy evasion, and reconnaissance are commonplace in today's enterprise environments. | |||
|
2020-05-05 11:06:27 | German authorities charge Russian hacker for 2015 Bundestag hack (lien direct) | The same hacker was previously charged in the US in 2018 for hacking the DNC and WADA. | Hack | ||
|
2020-05-05 05:00:07 | New Kaiji malware targets IoT devices via SSH brute-force attacks (lien direct) | Researchers say the malware was coded by a Chinese developer for the sole purpose of launching DDoS attacks. | Malware | ||
|
2020-05-04 23:29:00 | US financial industry regulator warns of widespread phishing campaign (lien direct) | FINRA warns of phishing campaign aimed at stealing members' Microsoft Office or SharePoint passwords. | |||
|
2020-05-04 16:06:00 | Academics turn PC power units into speakers to leak secrets from air-gapped systems (lien direct) | POWER-SUPPLaY technique uses "singing capacitor" phenomenon for data exfiltration. | |||
|
2020-05-04 15:05:38 | Microsoft warns of multiple malspam campaigns carrying malicious disk image files (lien direct) | Microsoft: Threat group uses malware-laced ISO and IMG files to infect companies with a remote access trojan. | Threat | ||
|
2020-05-04 10:37:46 | Hackers are targeting UK universities to steal coronavirus research, NCSC warns (lien direct) | State-sponsored hackers from Russia, Iran, and China are suspected. | |||
|
2020-05-04 01:47:09 | CursedChrome turns your browser into a hacker\'s proxy (lien direct) | CursedChrome shows how hackers can take full control over your Chrome browser using just one extension. | |||
|
2020-05-03 17:46:00 | Ghost blogging platform servers hacked and infected with crypto-miner (lien direct) | Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before. | Vulnerability | ||
|
2020-05-03 09:25:15 | Hackers breach LineageOS servers via unpatched vulnerability (lien direct) | LineageOS source code, OS builds, and signing keys were unaffected, developers said. | Vulnerability | ||
|
2020-05-03 00:02:35 | UK NCSC to stop using \'whitelist\' and \'blacklist\' due to racial stereotyping (lien direct) | UK cyber-security agency to use "allow list" and "deny list" on its website, going forward. | |||
|
2020-05-02 14:10:00 | Hacker leaks 15 million records from Tokopedia, Indonesia\'s largest online store (lien direct) | The Tokopedia data has been published on a well-known hacking forum. | |||
|
2020-05-01 18:26:58 | Trump bans acquisition of foreign power grid equipment, citing hacking threats (lien direct) | White House says foreign-made equipment "augments the ability of foreign adversaries to create and exploit vulnerabilities" in the US power grid. | |||
|
2020-05-01 14:42:18 | New Firefox service will generate unique email aliases to enter in online forms (lien direct) | Firefox Private Relay add-on to help users safeguard their email addresses from spammers. | |||
|
2020-05-01 11:55:00 | Oracle warns of attacks against recently patched WebLogic security bug (lien direct) | Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub. | |||
|
2020-05-01 11:36:00 | SaltStack Salt critical bugs allow data center, cloud server hijacking as root (lien direct) | Researchers expect the vulnerabilities to be exploited in the wild within days. | |||
|
2020-05-01 10:22:09 | Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking (lien direct) | The severe XSS vulnerability permitted site takeover and visitor browser redirection to malicious websites. | Vulnerability | ||
|
2020-05-01 09:00:09 | Dreambot malware operation goes silent (lien direct) | Dreambot backend servers have gone down and no new samples have been spotted for weeks. | Malware | ||
|
2020-04-30 23:25:23 | DHS CISA to provide DoH and DoT servers for government use (lien direct) | Until official servers are available, government agencies told to disable DoH (DNS-over-HTTPS) and DoT (DNS-over-TLS) on their networks. | |||
|
2020-04-30 21:43:46 | Ransomware mentioned in 1,000+ SEC filings over the past year (lien direct) | A growing number of public companies have started listing ransomware as a forward-looking risk factor in their SEC documents. | Ransomware | ||
|
2020-04-30 14:02:08 | Spear-phishing campaign compromises executives at 150+ companies (lien direct) | PerSwaysion group appears to be formed of members based in Nigeria and South Africa. | |||
|
2020-04-30 13:28:10 | Here\'s the NSA\'s guide for choosing a safe text chat and video conferencing service (lien direct) | NSA publishes guidance on choosing a secure teleworking service. Assessed tools include Slack, Zoom, Signal, Skype, more. | |||
|
2020-04-30 10:00:09 | Critical vulnerabilities in WordPress plugins lead to e-learning platform hijacking (lien direct) | The most serious issues discovered can be used in remote code execution attacks. | |||
|
2020-04-30 09:02:29 | Investors sue LabCorp over security failures in light of data breach, ransomware attack (lien direct) | The lawsuit claims that the company's security posture led to investor losses. | Ransomware | ||
|
2020-04-30 04:00:04 | This new Android mobile malware targets banks, financial services across Europe (lien direct) | Researchers believe EventBot has the potential to become the “next big mobile threat.” | Malware | ||
|
2020-04-29 19:39:00 | Google announces Chrome Web Store crackdown for August 2020 (lien direct) | Google plans to remove a bunch of garbage and useless Chrome extensions from the Web Store. | |||
|
2020-04-29 17:17:48 | Kaspersky: RDP brute-force attacks have gone up since start of COVID-19 (lien direct) | RDP brute-force attack numbers rose in mid-March as quarantines were being imposed over the globe. | |||
|
2020-04-29 13:13:37 | Estonia: Foreign hackers breached local email provider for targeted attacks (lien direct) | Hackers hijacked a small number of Mail.ee accounts "belonging to persons of interest to a foreign country." | |||
|
2020-04-29 08:25:42 | GitLab awards researcher $20,000, patches remote code execution bug (lien direct) | Engineers jumped on the issue which earned the researcher $1,000 at the point of triage. | |||
|
2020-04-29 08:18:11 | Microsoft open-sources in-house library for handling QUIC connections (lien direct) | Microsoft says MsQuic will soon be part of most of its products, like Windows, .NET, Microsoft 365, and others. | |||
|
2020-04-29 07:27:34 | Adobe patches critical code, corruption bugs across Bridge, Illustrator, Magento (lien direct) | The company has squashed a range of critical flaws leading to arbitrary code execution. | Guideline | ||
|
2020-04-29 00:17:57 | Two Usenet providers blame data breaches on partner company (lien direct) | Remember Usenet? | |||
|
2020-04-28 22:11:00 | Google discloses zero-click bugs impacting several Apple operating systems (lien direct) | Apple needs to follow in Google and Mozilla's footsteps and secure its multimedia processing libraries. | |||
|
2020-04-28 17:17:51 | (Déjà vu) Hackers threaten to leak data from famous high-end Zaha Hadid architecture firm (lien direct) | Hackers have stolen data from the company's network, encrypted everything with ransomware, and are now threatening to release files on the dark web if the company doesn't pay a ransom demand. | |||
|
2020-04-28 17:17:00 | Hackers threaten to leak data from high-end architecture firm Zaha Hadid (lien direct) | Hackers have stolen data from the company's network, encrypted everything with ransomware, and are now threatening to release files on the dark web if the company doesn't pay a ransom demand. | |||
|
2020-04-28 14:00:00 | PhantomLance spying campaign breaches Google Play security (lien direct) | The four-year-long attack wave has been connected to dozens of malicious apps found in app stores. | |||
|
2020-04-28 05:15:06 | Android OEM patch rates have improved, with Nokia and Google leading the charge (lien direct) | The Android OEM patch rate has gone down from 44 days in 2018 to 38 days today. | |||
|
2020-04-28 04:30:08 | Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone (lien direct) | Attacks began earlier this month after WordPress theme developer did not release a patch for a trivial bug. | |||
|
2020-04-28 04:00:09 | Consumers benefit as video call vendors scramble to revamp security in a COVID-19 world (lien direct) | Houseparty, Discord, and Doxy.me, however, fail to meet basic security standards, new research suggests. | |||
|
2020-04-27 19:50:00 | You can now manage Windows 10 devices through G Suite (lien direct) | G Suite gets a long-awaited feature -- Windows 10 device management. | |||
|
2020-04-27 19:00:00 | Financial sector is seeing more credential stuffing than DDoS attacks (lien direct) | North American financial institutions and banks are targeted the most, primarily because most leaked credentials are from US services. | |||
|
2020-04-27 16:34:00 | Shade (Troldesh) ransomware shuts down and releases decryption keys (lien direct) | The Shade ransomware gang have published more than 750,000 decryption keys on GitHub. Kaspersky is working on a decryption app. | Ransomware | ||
|
2020-04-27 13:34:25 | Israel government tells water treatment companies to change passwords (lien direct) | Israel cyber-security agency reported intrusion attempts last week. | |||
|
2020-04-27 10:39:30 | Germany pivots from centralized coronavirus tracing app to privacy-protecting alternative (lien direct) | The move will likely be applauded by privacy and civil rights groups. | |||
|
2020-04-27 04:01:06 | This is how viewing a GIF in Microsoft Teams triggered account hijacking bug (lien direct) | Seeing an animation was enough to be impacted, researchers say. |
To see everything:
Our RSS (filtrered)
