Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-07 07:43:00 |
Microsoft announces IPE, a new code integrity feature for Linux (lien direct) |
Microsoft says IPE (Integrity Policy Enforcement) was designed for immutable and embedded systems (e.g. network firewall device in a data center). |
|
|
|
|
2020-04-07 04:28:02 |
Email provider got hacked, data of 600,000 users now sold on the dark web (lien direct) |
Italian email provider Email.it confirms security breach. |
|
|
|
|
2020-04-06 09:47:12 |
UK government slams \'crackpot\' 5G-coronavirus theories following mast arson attacks (lien direct) |
Suspected arson attacks have been connected to theories spreading online of 5G as a cause of coronavirus. |
|
|
|
|
2020-04-06 08:21:56 |
DarkHotel hackers use VPN zero-day to breach Chinese government agencies (lien direct) |
Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad. |
|
|
|
|
2020-04-05 21:53:00 |
Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others (lien direct) |
Rostelecom involved in two BGP hijacking incidents this week impacting more than 200 CDNs and cloud providers. |
|
|
|
|
2020-04-05 03:15:52 |
Docker servers targeted by new Kinsing malware campaign (lien direct) |
Hackers breach Docker clusters via administrative API ports left exposed online without a password. |
Malware
|
|
|
|
2020-04-04 05:23:38 |
12k+ Android apps contain master passwords, secret access keys, secret commands (lien direct) |
Comprehensive academic study finds hidden backdoor-like behavior in 6,800 Play Store apps, 1,000 apps from third-party app stores, and almost 4,800 apps pre-installed on user devices. |
|
|
|
|
2020-04-04 03:18:52 |
DOJ says Zoom-bombing is a crime (lien direct) |
DOJ officials say Zoom-bombing raids could lead to arrests, fines, and even prison sentences. |
Guideline
|
|
|
|
2020-04-03 22:33:00 |
Google rolls back Chrome privacy feature due to COVID-19 (lien direct) |
Google disables SameSite cookie support to prevent any unforseen breakage to sites during the coronavirus outbreak. |
|
|
|
|
2020-04-03 21:26:18 |
Firefox gets fixes for two zero-days exploited in the wild (lien direct) |
Mozilla releases Firefox 74.0.1 to patch two bugs exploited by hackers. |
|
|
|
|
2020-04-03 13:19:40 |
Web skimming attacks not expected to intensify during COVID-19 quarantines (lien direct) |
Contrary to popular belief. |
|
|
|
|
2020-04-03 13:19:00 |
Web skimming attacks did not see a big spike during COVID-19 quarantines (lien direct) |
However, experts expect to see an increase in web skimming attacks going forward. |
|
|
|
|
2020-04-03 11:14:01 |
Researchers propose method to track coronavirus through smartphones while protecting privacy (lien direct) |
The concept itself is quite simple but could be invaluable in shielding the general public from privacy violations. |
|
|
|
|
2020-04-03 04:49:06 |
A hacker has wiped, defaced more than 15,000 Elasticsearch servers (lien direct) |
Hacker tries to pin the blame on Night Lion Securty, a US cyber-security firm. |
|
|
|
|
2020-04-03 01:04:00 |
Hacking forum gets hacked for the second time in a year (lien direct) |
Forum where hackers sold and bought hacked accounts gets hacked itself. |
|
|
|
|
2020-04-02 19:01:23 |
(Déjà vu) Twitter discloses bug that accidentally cached DMs in Firefox for 7 days (lien direct) |
Some private Twitter data was cached inside Firefox browsers even after users logged off. |
|
|
|
|
2020-04-02 19:01:00 |
Twitter discloses Firefox bug that cached private files sent or received via DMs (lien direct) |
Private files sent via DMs were cached inside Firefox browsers for as long as a week, even after users logged off. |
|
|
|
|
2020-04-02 12:17:09 |
Cloudflare debuts 1.1.1.1 for Families, comes under fire for blocking LGBTQIA+ sites (lien direct) |
The company immediately apologized, branding the blocks as a “mistake.” |
|
|
|
|
2020-04-02 08:06:32 |
The internet is now rife with places where you can organize Zoom-bombing raids (lien direct) |
Zoom-raiding parties are everywhere now - Discord, Reddit, Twitter, hacking forums. |
|
|
|
|
2020-04-02 02:32:22 |
There\'s now COVID-19 malware that will wipe your PC and rewrite your MBR (lien direct) |
Security researchers have discovered coronavirus-themed malware created to destroy users' computers. |
Malware
|
|
|
|
2020-04-01 20:55:00 |
Microsoft is working on mitigating an entire Windows bug class (lien direct) |
Researcher set out to find 15 new Windows bugs last year. He found 25, and Microsoft already patched 11. |
|
|
|
|
2020-04-01 13:28:30 |
LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique (lien direct) |
The old tactic is proving fruitful in a new campaign. |
Malware
|
|
|
|
2020-04-01 13:00:06 |
A crypto-mining botnet has been hijacking MSSQL servers for almost two years (lien direct) |
Vollgar botnet launches brute-force attacks against MSSQL databases to take over servers and install Monero and Vollar cryptocurrency miners. |
|
|
|
|
2020-03-31 19:54:39 |
FCC tells US telcos to implement caller ID authentication by June 30, 2021 (lien direct) |
FCC says all US telcos must use the new SHAKEN/STIR protocol to support caller ID authentication by June, next year. |
|
|
|
|
2020-03-31 18:09:16 |
Marriott discloses new data breach impacting 5.2 million hotel guests (lien direct) |
Marriott says a hacker gained access to the accounts of two employees. |
Data Breach
|
|
|
|
2020-03-31 06:14:17 |
FBI re-sends alert about supply chain attacks for the third time in three months (lien direct) |
The FBI says some attacks have also targeted the healthcare industry, currently grappling with the coronavirus outbreak. |
|
|
|
|
2020-03-31 04:36:37 |
Houseparty app offers $1m reward to unmask entity behind hacking smear campaign (lien direct) |
App maker denies getting hacked after multiple reports in British media. |
|
|
|
|
2020-03-30 16:42:00 |
Hacker hijacks YouTube accounts to broadcast Bill Gates-themed crypto Ponzi scam (lien direct) |
UPDATE: Microsoft says none of its verified accounts were hacked. YouTube has also intervened to take down the scam's live streams. |
|
|
|
|
2020-03-30 16:42:00 |
Hacker hijacks Microsoft YouTube accounts to broadcast crypto Ponzi scam (lien direct) |
Several of Microsoft's YouTube accounts appear to have been hacked. |
|
|
|
|
2020-03-30 09:57:18 |
Zeus Sphinx malware resurrects to abuse COVID-19 fears (lien direct) |
Operators are exploiting the pandemic in the quest to steal your financial information. |
Malware
|
|
|
|
2020-03-30 03:57:17 |
RDP and VPN use skyrocketed since coronavirus onset (lien direct) |
RDP use is up by 41%, enterprise VPN use is up by 33%. |
|
|
|
|
2020-03-30 02:07:33 |
(Déjà vu) Voter records for the entire country of Georgia published online (lien direct) |
A file containing voter information for 4,934,863 Georgians has been published on a hacker forum over the weekend. |
|
|
|
|
2020-03-30 02:07:00 |
Personal details for the entire country of Georgia published online (lien direct) |
A file containing personal information for 4,934,863 Georgians has been published on a hacker forum over the weekend. |
|
|
|
|
2020-03-29 05:16:10 |
Source code of Dharma ransomware pops up for sale on hacking forums (lien direct) |
The source code of one of today's most profitable and advanced ransomware strains is up for sale on two Russian-language hacking forums. |
Ransomware
|
|
|
|
2020-03-28 03:54:00 |
A mysterious hacker group is eavesdropping on corporate email and FTP traffic (lien direct) |
Hacker group uses zero-day in DrayTek Vigor enterprise routers and VPN gateways to record network traffic. |
|
|
|
|
2020-03-27 21:09:36 |
Network of fake QR code generators will steal your Bitcoin (lien direct) |
Nine malicious QR code generator sites have stolen $46,000 from users so far. |
|
|
|
|
2020-03-27 03:40:24 |
Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics (lien direct) |
Booz Allen: Russia uses its GRU military hackers following predictable patterns based on a public military doctrine. |
|
|
|
|
2020-03-26 19:26:27 |
Google says no APP users have been phished to date (lien direct) |
Google lauds its Advanced Protection Program (APP) that provides enhanced security features. |
|
|
|
|
2020-03-26 16:34:57 |
Google to resume Chrome updates it paused last week due to COVID-19 (lien direct) |
Google Chrome 81 to be released next month, on April 7. |
|
|
|
|
2020-03-26 13:00:00 |
4G networks vulnerable to denial of service attacks, subscriber tracking (lien direct) |
Don't think you're protected on upcoming 5G networks, either. |
|
|
|
|
2020-03-26 13:00:00 |
Rare BadUSB attack detected in the wild against US hospitality provider (lien direct) |
Hackers use snail-mail to send target company an envelope with a malware-laced USB thumb drive. |
|
|
|
|
2020-03-26 11:56:00 |
Apple iOS users served mobile malware in Poisoned News campaign (lien direct) |
As we all devour online news sources in the current climate, cyberattackers are waiting to spring. |
Malware
|
|
|
|
2020-03-26 04:45:59 |
D-Link and Linksys routers hacked to point users to coronavirus-themed malware (lien direct) |
Hackers hijack routers' DNS settings to point users to malware-infected downloads. |
Malware
|
|
|
|
2020-03-25 22:06:24 |
Dark web hosting provider hacked again -- 7,600 sites down (lien direct) |
EXCLUSIVE: Dark web hosting provider shuts down after getting hacked for the second time in 16 months. |
|
|
|
|
2020-03-25 15:58:53 |
Tupperware website hacked and infected with payment card skimmer (lien direct) |
Malicious code still active at the time of writing. |
|
|
|
|
2020-03-25 13:44:55 |
World Health Organization, Facebook, Microsoft team up in COVID-19 hackathon (lien direct) |
#BuildforCOVID19 focuses on the development of technology of value during the coronavirus outbreak. |
|
|
|
|
2020-03-25 04:38:13 |
Microsoft announces new \'Hardware-enforced Stack Protection\' feature (lien direct) |
The new "Hardware-enforced Stack Protection" feature is under development and an early preview is available in Windows 10 Insider previews builds (fast ring). |
|
|
|
|
2020-03-25 02:25:24 |
Android lets advertisers get a list of all your apps -- and this API feature is broadly used (lien direct) |
In-depth study looks at the usage of installed application methods (IAMs) API calls across the Android ecosystem. |
|
|
|
|
2020-03-24 22:30:00 |
Apple blocks third-party cookies in Safari (lien direct) |
Safari becomes second browser after the Tor Browser to block third-party cookies by default for all users. |
|
|
|
|
2020-03-24 19:41:21 |
Akamai to slow down video game downloads during COVID-19 outbreak (lien direct) |
Akamai says its working together with Microsoft and Sony to avoid global internet traffic bottlenecks. |
|
|
|