What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-26 16:26:51 | Entersekt releases findings from State of Online Shopping Report UK (lien direct) | Entersekt has released results of its State of Online Shopping Report that examined the shopping habits of 1000 UK consumers since the start of the COVID-19 pandemic. Carried out by Censuswide and completed on the 6th November 2020, the study looked at consumers' shopping behaviours, priorities when shopping online, how they make their decisions on […] | |||
|
2020-11-26 11:08:44 | (Déjà vu) Researchers discover Windows zero-day vulnerability (lien direct) | A French security research firm has accidentality discovered a zero-day vulnerability that affects the Windows 7 and Windows Server 2008 R2 operating systems. The researchers found the vulnerability while they were working on updating a Windows security tool. The vulnerability can be found in two misconfigured registry keys for the DNSCache and RPC Endpoint Mapper […] | Vulnerability | ★★★★ | |
|
2020-11-26 10:59:41 | Fake Among Us app used to distribute malware (lien direct) | InterSloth’s ‘Among Us’ is one of the latest games to be hitting the world by storm, with it being popular among PC and mobile gamers alike. Cybercriminals have noted the games popularity and begun to take advantage of it, creating fake versions of the game in order to distribute malware. New research from the app […] | Malware | ||
|
2020-11-26 10:38:26 | Hackers could get anyones email on Xbox Live due to bug (lien direct) | A flaw in Xbox Live has allowed hackers to find out anyone’s email address that was used for an Xbox gamertag. An anonymous hacker told Motherboard last week that they were able to discover the email addresses of anyone who had registered for an Xbox gamertag. Email addresses are linked to the gamertags by default, […] | |||
|
2020-11-25 17:26:26 | Feedzai\'s Financial Crime Report shows increase in fraud rate by 60% during the pandemic (lien direct) | Feedzai has published its Quarterly Financial Crime Report. The report analysed financial crime indicators and consumer trends while drawing spending comparisons during one of the most complex shifts in consumer behaviour – the COVID-19 pandemic. The report also identified the top 3 Global Fraud Contributors in 2020 with card cloning, high-speed ordering/spending, and high-risk merchant […] | |||
|
2020-11-25 17:21:06 | Is 2FA by SMS a bad idea? (lien direct) | Two-factor authentication is ubiquitous and it's a really valuable tool to protect systems and data assets. But with increasing reliance on home working and remote access in the current pandemic, what mechanism should we choose? It's very common these days for SMS messages to be used for two-factor authentication – many cloud service providers use […] | Tool | ||
|
2020-11-25 14:16:11 | Android users targeted by WAPDropper malware (lien direct) | The security firm Check Point has recently discovered a new malware called WAPDropper. The malware is spread through malicious apps and is targeting Android users in Southeast Asia. If victims download the infected app through unofficial app stores then they will be charged an expensive premium mobile service. This is a similar method of malware […] | Malware | ||
|
2020-11-25 11:22:11 | Ritzau news agency suffers cyberattack (lien direct) | One of Denmark’s largest news agency that delivers text and photos to the Danish media has recently been pushed offline after they were targetted by a hacking attack. The CEO of Ritzau, Lars Vesterloekke, said “Ritzau has been the target of a hacker attack early this morning. It appears to be a professional attack.” He […] | ★★★★ | ||
|
2020-11-25 11:15:38 | (Déjà vu) Baidu caught collecting sensitive data from Android users (lien direct) | Two Android applications owned by Chinese tech giant Baidu have recently been removed from the Google Play Store following a scandal where they were found to be collecting sensitive data from their users. Two of Baidu’s apps, Baidu Maps and Baidu Search Box, were removed from Google’s app store after they received a report from […] | |||
|
2020-11-24 12:18:43 | Brazilian government recovers from their worst cyberattack yet (lien direct) | Brazil’s public sector institution, the Superior Electoral Court (STJ, in the Portuguese acronym), recently suffered the most server cyberattack to ever target their government. Following this attack, the STJ is finally managing to get their systems back up and running, after over two weeks of disruptions. On the Novermber 3 the ransomware attack targetted STJ’s […] | Ransomware | ||
|
2020-11-24 11:45:48 | Tesla\'s bluetooth vulnerabilities mean X models can be stolen in a matter of minutes (lien direct) | Security researcher, Lennert Wouters, at Belgian university KU Leuven has discovered a number of security vulnerabilities in Tesla Model X cars and their keyless entry fobs. Wouters found that a combination of the uncovered vulnerabilities could be exploited by anyone who can read a car’s vehicle identification number, which is typically visible on a car’s […] | |||
|
2020-11-24 11:34:38 | Spotify passwords stored on a cloud database by a hacker with no password (lien direct) | Hackers who stole 350,000 Spotify passwords stored them on a cloud server without a password. The hackers access the passwords using a cache of login credentials stolen from other data breaches, as all of the the users who had their Spotify passwords stolen were reusing the same password acorss multiple accounts- the biggest error of […] | |||
|
2020-11-23 11:07:02 | (Déjà vu) Manchester United suffer cyberattack (lien direct) | The football club Manchester United have recently been hit by a major cyberattack, but they report that they are not “currently aware of any breach of personal data associated with our fans and customers.” Manchester United, who hosted West Bromwich Albion at their home stadium on Saturday, has confirmed the attack took place on Friday […] | |||
|
2020-11-23 11:00:26 | Korean Retailer suffers Ransomware attack (lien direct) | The South Korean fashion retailed, E-Land, has recently fallen victims to a major security threat after a ransomware attack plagued the company’s corporate network. The ransomware attack resulted in E-Land having to shut down almost half of their operations in South Korea, with the attacks becoming one of the country’s largest mass attacks to date. […] | Ransomware Threat | ||
|
2020-11-23 10:50:14 | Private pictures of female British athletes posted online after cyberattacks (lien direct) | Four female British athletes have recently been victims of a cyber-attack which has resulted in their intimate photos and videos being posted online. The attacks that the athletes were victims of also targeted hundreds of other female sports stars and celebrities. The latest victims of these attacks were British female sports stars, with one of […] | |||
|
2020-11-20 12:12:17 | Robot vacuums can allow bad actors into your home (lien direct) | Researchers have discovered a new way for bad actors to listen to homeowners’ private conversations by hacking into their robot vacuums. Robot vacuums, such as Roombas, use smart sensors to autonomously operate. Attackers hack into the targets vacumes using the LiDAR smart sensors, with researchers thus giving the attacks the name “LidarPhone”. LiDAR stands for […] | Hack | ||
|
2020-11-20 12:06:45 | Nozomi Networks partners with Honeywell to strengthen OT cybersecurity (lien direct) | Honeywell (NYSE: HON) and Nozomi Networks have announced a cybersecurity partnership today to deliver more comprehensive, end-to-end cybersecurity for Operational Technology (OT) environments. The partnership combines Nozomi Networks' industry-leading OT & Internet of Things (IoT) security and visibility capabilities with the strengths of Honeywell Forge Cybersecurity software, professional consulting and managed security services from Honeywell. […] | Guideline | ||
|
2020-11-20 11:34:42 | Android users could spy on others using the Facebook Messenger (lien direct) | A critical flaw in Facebook’s messenger app allowed Android users to listen to other users surroundings without their permission when calling using the app. Facebook has recently fixed the fatal flaw, but the app had been downloaded by 1 billion Android devices according to the Play Stores official page, putting 1 billion users at risk. | |||
|
2020-11-20 11:23:42 | REvil claim attack on televangelist Kenneth Copeland (lien direct) | The Russian hacker group REvil have recently launched an attack on famed televangelist Kenneth Copeland. The group are threatening to release 1.2 terabytes of his personal sensitive data if he refuses to pay their ransom demands. REvil published a public statement on Wednesday saying that they had taken over the servers of Kenneth Copelands Ministries, […] | |||
|
2020-11-20 10:23:35 | Why test data does not need to be protected (lien direct) | The title of this article might seem contradictory, but it is not as conflicting as you might think. Sure, we all know that the General Data Protection Regulation (GDPR) prescribes us to protect personal data, wherever it may be. Production, development, testing, QA, training environments – data is stored everywhere. Most people assume that all […] | |||
|
2020-11-19 11:53:37 | Cisco Webex flaw leaves meetings open to snooping (lien direct) | A vulnerability has been discovered in Cisco’s Webex conferencing application which allows meeting attendees to act as ‘ghosts’. The flaw (CVE-2020-3419) allows any member of the meeting to spy on potential company secrets being shared. Attacks can be remote, but they would need to access the meeting before joining it, having the meetings ‘join’ links […] | Vulnerability | ||
|
2020-11-19 11:15:44 | Major global hack found to be state-funded by China (lien direct) | Researchers from the security firm Symantec have discovered a major hacking campaign that is using sophisticated techniques in order to compromise companies networks worldwide. It is thought that the hack has been funded by the Chinese government, with a well-know hacking group initiating the attacks using both off-the-shelf and custom-made tools. One of the tools […] | Hack | ||
|
2020-11-19 11:14:08 | The US Senate has passed a bill to secure internet devices (lien direct) | This week the Senate has unanimously passed a bipartisan legislation bill which aims to increase the cybersecurity of internet-connected devices. The Internet of Things Cybersecurity Improvement Act will require all internet-connected devices purchased by the US government, such as computers, tablets and mobile phones, to comply with the minimum security recommendations which will be issued […] | |||
|
2020-11-18 12:16:49 | Phishing attacks set to spike ahead of Black Friday (lien direct) | Security researchers have already begun to see a spike in the number of phishing attacks in the build-up to Black Friday and Cyber Monday, taking place November 27th and 30th. Check Point Software have recently published a new report that has shown a rise in phishing emails, with an increase of over 13 times in […] | |||
|
2020-11-18 12:09:20 | Canadian privacy laws could place hefty fines on companies (lien direct) | Canada’s federal government are planning to charge fines to any company that violates their privacy laws, with fines running up millions of dollars. Navdeep Bains, the Innovation Minister, has introduced the Digital Charter Implementation Act – officially titled “Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act […] | |||
|
2020-11-18 11:55:04 | Trump fires the head of election cybersecurity via Twitter (lien direct) | President Donald Trump has recently fired his head of Cybersecurity and Infrastructure Security Agency (CISA). Christopher Krebs was heading up the federal government’s election cybersecurity efforts but was recently fired via Twitter by the president. Krebs began to be a target of Trump’s after the November 3rd election. Kreb’s agency runs a Rumor Control blog, […] | |||
|
2020-11-17 17:44:22 | Menlo Security and Smartworld announce partnership in Middle East (lien direct) | Smartworld, one of the UAE's leading technology providers, has today announced that it has joined the EMEA Partner Programme of Menlo Security, Inc. (Menlo Security™), provider of the world’s first and only Cloud Security Platform built on an Isolation Core™. The Partnership provides UAE organizations the most effective way to eliminate all internet threats while […] | Guideline | ★★★★★ | |
|
2020-11-17 11:46:07 | Hacker \'Mudge\' to head up Twitter\'s security (lien direct) | On Monday Twitter assigned Pieter Zatko, also known by his hacker handle name Mudge, as their new head of security. Zatko will be responsible for recommending changes in the structure and functions of the social media giant. Zatko is under a 40 to 60-day review and will be reporting to Twitter’s CEO, Jack Dorsey, during […] | |||
|
2020-11-17 11:40:52 | Channel News: Corelight partners with Redington Group to bring powerful open NDR solutions to businesses in the Middle East and Africa (lien direct) | Corelight, provider of the industry's first open network detection and response (NDR) platform, today announced a new distribution agreement with Redington Group, a global provider of end-to-end supply chain solutions for all categories of IT, telecom, and digital lifestyle solutions, to grow and support Corelight's channel community across the Middle East and Africa. “As we […] | |||
|
2020-11-17 11:35:45 | US military mining data from Muslim prayer app (lien direct) | A report by Motherboard says that the US military has been mining data from the Muslim prayer app, Muslim Pro. Muslim Pro is one of the “most popular Muslim apps”, boasting over 98 million downloads. The app reminds users of their daily prayers and provides them with readings from the Quran. The app also tracks […] | |||
|
2020-11-17 11:19:05 | COVID-19 vaccine research firms targeted by Russian and North Korean hackers (lien direct) | Microsoft has recently alerted governments across the globe that the North Korean hacker groups Cerium and Zinc, as well as the Russian hacker group Strontium, have been targeting organisations involved in COVID-19 vaccine research using brute-force, credential stuffing and spear-phishing attacks. Tom Burt, Microsoft’s Corporate Vice President for Customer Security & Trust, said in a […] | Medical | APT 38 APT 28 APT 43 | |
|
2020-11-16 17:17:10 | Internet freedom in Asian countries: an analysis (lien direct) | Asia is a controversial region when it comes to civil liberties, in general, and Internet freedom, in particular. Even in countries like Japan and Singapore, which boast a high level of technological progress and mind-boggling Internet penetration rates, the web is an increasingly regulated environment. Residents of some Asian countries can be subject to severe […] | ★★★ | ||
|
2020-11-16 11:58:29 | DarkSide placed on restricted list following Iranian hosting announcement (lien direct) | Coveware, the ransomware negotiation firm, have recently placed DarkSide operation on an internal restricted list following the threat actor’s announcement to host infrastructure in Iran. DarkSide ransomware operation usually encrypts a network from which their affiliates will steal an unencrypted file from, which they will then threaten to release if their ransom is not paid. […] | Ransomware Threat | ||
|
2020-11-16 11:51:03 | Pluto TV suffer a major security breach with users data posted online (lien direct) | Pluto TV are an online TV provider who offers ad-supported channels for various topics such as gaming, as well as real-life networks, such as NBC. Unfortunately, Pluto TV has recently suffered a security breach, affecting the millions of accounts linked to the platform since 2018, with the details for these accounts now available online. The […] | |||
|
2020-11-16 11:47:53 | DTX Manchester 2020 (lien direct) | The DTX Cyber Security Mini-Summit is a virtual event run by the team at Digital Transformation EXPO. Taking place on 25-26 November 2020, the event will help cyber leaders overcome the challenges of securing a hybrid workforce, connect with employees and resolve some of their daily headaches. Tune in to find out: How you can […] | Guideline | ||
|
2020-11-16 11:43:21 | WEF report that we may need to change our approach to cybersecurity (lien direct) | The World Economic Forum and the University of Oxford have published a 14-month long study examining the shift in technology and the impact it will have on the cybersecurity industry. The study is based on the expertise of over 100 leaders in the cybersecurity space, including those in businesses, government, civil society and academia. The […] | Guideline | ||
|
2020-11-13 15:26:43 | Ransomware-as-a-Service gang DarkSide creates server for data leaks (lien direct) | Cybercriminal groups are scaling up their operations. According to BleepingComputer, the DarkSide Ransomware operation have claimed they are creating a distributed storage system in Iran to store and leak data stolen from victims. Since double-extortion ransomware became threat actors’ attack of choice, law enforcement and security firms have been actively searching the stolen data in order […] | Ransomware Threat | ||
|
2020-11-13 11:35:46 | Major retailers in the EU and US at risk to web attacks (lien direct) | Research has revealed that the likes of Costco, Walmart and The Home Depot are more at risk to web-based cyberattacks then compared to their EU counterparts, according to findings from Outpost24. In a year that saw a global pandemic leading to a 30% surge in online shopping and exponential growth in cybersecurity threats for enterprises, […] | Guideline | ||
|
2020-11-13 10:43:03 | Stressed employees behind data breaches survey finds (lien direct) | The Outbound Email Security Report by Egress has recently found that tired and stressed employees are the cause of 4 in 10 of the most severe data breaches. As stress levels rise and remote working increase, rushed employees are more likely to make easy mistakes such as attaching the wrong file to an email or […] | |||
|
2020-11-13 10:41:01 | Possible ransomware attack warnings from the Australian government (lien direct) | The Australian government have recently sent out a security alert encouraging health sector organisation to check their cyber-security defences, and most importantly their controls for detecting ransomware attacks. Australia's Cyber Security Centre said that it “observed increased targeting activity against the Australian Health sector by actors using the SDBBot Remote Access Tool (RAT).” This warning […] | Ransomware Tool | ||
|
2020-11-13 10:37:04 | Stock photo service 123RD suffered major data breach (lien direct) | The stock photo service 123RF has recently suffered a data breach after their database containing 8.3 million users records has been hacked and put up for sale on a hacker forum. Over the weekend a data breach broker put 123RF's database of 8.3 million users records online following a data breach. The database includes personal […] | Data Breach | ||
|
2020-11-12 15:56:51 | Cyberattacks increase by 260% in the first nine months of 2020 (lien direct) | New research by Zscaler, analyzing 6.6 billion security threats, has discovered a 260% increase in attacks during the first nine months of 2020. Among the encrypted attacks was an increase of the amount of ransomware by 500%, with the most prominent variants being FileCrypt/FileCoder, followed by Sodinokibi, Maze and Ryuk. Here’s what security experts had to […] | Ransomware | ||
|
2020-11-12 10:58:21 | Former NCSC cyber-chief, Ciaran Martin, says \'Don\'t weaponise the net\' (lien direct) | The UK’s ex-chief of National Cyber Security Centre (NCSC), Ciaran Martin, has warned that we should avoid arming ourselves with new weapons and instead maintain a strong defence in the cyber realm. Martin added that if we do weaponise then we do so ‘at our peril’. Martins remarks follow on from reports that nations such […] | |||
|
2020-11-12 10:48:39 | (Déjà vu) Microsoft calls for users to stop using phone-based multi-factor authentication (lien direct) | Microsoft has recently begun to urge users to stop using mobile-based multi-factor authentication (MFA), such as one-time SMS codes or voice calls, and instead are encouraging users to use newer MFA solutions such as security keys or app-based authentication. Alex Weinert, Directory of Identity Security at Microsoft has issued these warnings, with Weinert being Microsofts […] | |||
|
2020-11-12 10:41:28 | Ransomware attacks targeting Israel are thought to be linked to Iranian threat actors (lien direct) | Multiple sources have reported that Iranian threat actors have been identified as being responsible for the two recent ransomware waves targeting Israeli companies. These ransomware attacks targeting Israeli targets have been happening since mid-October, and have intensified this month. There have been Israeli companies of all sizes targetted by the attacks, with the actors using […] | Ransomware Threat | ||
|
2020-11-11 17:40:14 | Future-proof attack protection (lien direct) | One of the greatest truths in cybersecurity is that defenders need to be right all the time, while cybercriminals only need to be right once. Attacks are increasingly sophisticated and ramified, simultaneously targeting a range of potential entry points with multiple tactics, techniques and procedures. One the other hand, security professionals are faced with a […] | |||
|
2020-11-11 12:05:44 | EU retailers are less vulnerable to web app attacks than US counterparts (lien direct) | Outpost 24’s 2020 Web Application Security for Retail & E-commerce Report has found that US retailers are far more vulnerable to web application attacks than EU based retailers. The cybersecurity firm Outpost 24 discovered that web apps used by US retailers had a higher aggregated average risk score of 35 compared to EU retailers who […] | |||
|
2020-11-11 11:58:57 | The Department of Work and Pensions leaves citizens personal data exposed for over 2 years (lien direct) | Over 6,000 people’s personal data has been published online by Bungling officials following a ‘serious’ data breach. The Department for the Work and Pensions (DWP) has apologised after it was discovered that an extensive list of National Insurance numbers was left exposed online for over two years. The data that has been left exposed is […] | |||
|
2020-11-11 11:57:51 | Facebook\'s link preview feature abused for website-scraping scheme (lien direct) | A number of data-scraping groups have been using the Facebook link preview feature to scrape data from internet sites which disguised as Facebook’s content crawler. They are using a technique which consists of utilising Facebooks developer accounts in order to place calls to Facebook or Facebook’s Messenger API servers requesting a link preview for pages […] | |||
|
2020-11-10 15:26:09 | AI, ML, or just automation? (lien direct) | We all experience artificial intelligence (AI) and machine learning (ML) every day, whether through search engines, voice-controlled devices or simply taking a photograph on a smartphone. For certain areas of industry that rely on big data analysis, both are already proving their value, identifying patterns in data, or relationships between seemingly unrelated information and then […] |
To see everything:
Our RSS (filtrered)
