Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-03-29 06:10:28 |
Brian Krebs: No, I didn\'t hack your Microsoft Exchange server (lien direct) |
The KrebsOnSecurity name is, once again, being abused by cyberattackers. |
Hack
|
|
|
|
2021-03-26 10:00:00 |
Hades ransomware operators are hunting big game in the US (lien direct) |
Companies with annual revenues of over $1 billion are being targeted. |
Ransomware
|
|
|
|
2021-03-25 15:44:44 |
Severe vulnerabilities patched in Facebook for WordPress Plugin (lien direct) |
The worst bug leads to remote code execution, if exploited. |
Guideline
|
|
|
|
2021-03-25 13:00:04 |
Cloudflare launches Page Shield to thwart Magecart card skimming attacks (lien direct) |
Magecart attacks remain a prolific threat to the security of our financial data. |
Threat
|
|
|
|
2021-03-25 09:56:18 |
University students refunded for false ads touting job opportunities with Microsoft, Twitter (lien direct) |
The FTC says students were impacted by the school's “deceptive ads.” |
|
|
|
|
2021-03-24 13:57:14 |
Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million (lien direct) |
Free trials can cost mobile app users thousands of dollars in the long run. |
|
|
|
|
2021-03-24 12:44:00 |
SaltStack revises partial patch for command injection, privilege escalation vulnerability (lien direct) |
The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure. |
Vulnerability
|
|
|
|
2021-03-24 11:21:49 |
Purple Fox malware evolves to propagate across Windows machines (lien direct) |
The malware's new worm capabilities have resulted in a rapidly-increasing infection rate. |
Malware
|
|
|
|
2021-03-24 10:05:30 |
Microsoft: 92% of vulnerable exchange servers are now patched, mitigated (lien direct) |
The latest telemetry suggests IT admins are taking the threat seriously. |
Threat
|
|
|
|
2021-03-23 13:47:56 |
Cybercriminals exchange tips on avoiding arrest, jail in underground forums (lien direct) |
Covering early mistakes, who to target, and what to do when on the verge of arrest are all hot topics. |
|
|
|
|
2021-03-23 13:27:15 |
Debt-chasing UK councils potentially expose private resident data (lien direct) |
Text reminders for debts to be paid opened up a security chasm for thousands of taxpayers. |
|
|
|
|
2021-03-23 13:00:03 |
Cloudflare debuts zero-trust browsing service for remote enterprise workforce (lien direct) |
Browsers will run under Cloudflare's umbrella in an attempt to isolate sessions from cyberattacks. |
|
|
|
|
2021-03-23 11:36:21 |
Oil giant Shell discloses data breach linked to Accellion FTA vulnerability (lien direct) |
The information of stakeholders has been compromised. |
Data Breach
Vulnerability
|
|
|
|
2021-03-23 09:02:52 |
IT admin with axe to grind sent to prison for wiping Microsoft user accounts (lien direct) |
The victim company's operations ground to a halt following the attack. |
|
|
|
|
2021-03-22 13:00:00 |
API security becomes a \'top\' priority for enterprise players (lien direct) |
As API attacks rise, the security surrounding their usage is now firmly on the radar. |
|
|
|
|
2021-03-22 12:05:00 |
Mozilla Firefox tweaks Referrer Policy to shore up user privacy (lien direct) |
Starting in Firefox 87, the browser will contain extra protections to stop information leaks. |
|
|
|
|
2021-03-22 08:28:40 |
China takes aim at \'spying\' Tesla cars, bans military staff use (lien direct) |
Musk has protested that his company would be “shut down” if the claims were true. |
|
|
|
|
2021-03-22 04:01:03 |
Popular remote lesson monitoring program could be exploited to attack student PCs (lien direct) |
The vulnerabilities allowed attackers full and unfettered access to student PCs. |
|
|
|
|
2021-03-19 12:40:50 |
SEC charges co-founders of bankrupt uBiome medical testing startup with operating $60m fraud (lien direct) |
The US agency claims uBiome's apparent success was only due to a web of deceit. |
|
|
|
|
2021-03-19 11:41:23 |
Fraudsters jump on Clubhouse hype to push malicious Android app (lien direct) |
The BlackRock Trojan is lurking in the malicious, fake Android version of Clubhouse. |
|
|
|
|
2021-03-19 09:34:47 |
Microsoft Defender Antivirus now automatically mitigates Exchange Server vulnerabilities (lien direct) |
Mitigation fixes will be applied automatically in a renewed effort by Microsoft to contain security incidents caused by the bugs. |
|
|
|
|
2021-03-18 16:04:06 |
SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests (lien direct) |
Existing victim networks are used to test out payloads as a novel form of sandbox. |
|
|
|
|
2021-03-18 13:00:05 |
Apple developers targeted by new malware, EggShell backdoor (lien direct) |
macOS malware is being spread via compromised Xcode projects. |
Malware
|
|
|
|
2021-03-18 13:00:00 |
US taxpayers targeted in NetWire, Remcos Trojan attack wave (lien direct) |
Cyberattackers are looking to cash in on this year's tax season. |
|
|
|
|
2021-03-18 08:50:33 |
Mimecast reveals source code theft in SolarWinds hack (lien direct) |
Some customer records were also compromised in the breach. |
Hack
|
|
|
|
2021-03-17 11:00:13 |
\'Bit-Con\' Twitter teen hacker accepts plea agreement, three years behind bars (lien direct) |
The teenager was responsible for breaking into the accounts of Elon Musk, Bill Gates, and others to tout a Bitcoin scam. |
|
|
|
|
2021-03-17 10:00:03 |
Coalition raises $175 million to boost cyber insurance offerings (lien direct) |
The company says it is now valued at $1.75 billion. |
|
|
|
|
2021-03-17 09:42:21 |
FBI warns of rise in PYSA ransomware operators targeting US, UK schools (lien direct) |
Data is being stolen ahead of encryption in extortion attempts. |
Ransomware
|
|
|
|
2021-03-17 08:57:39 |
Recorded Future acquires Gemini Advisory in $52 million deal (lien direct) |
The company will leverage the purchase to carve a place in the fraud analytics market. |
|
|
|
|
2021-03-16 10:09:58 |
SEC charges US trader for allegedly abusing Twitter to pump cannabis penny stock prices (lien direct) |
The agency says social media was used in an alleged pump-and-dump scam. |
|
|
|
|
2021-03-16 08:41:26 |
(Déjà vu) Microsoft releases one-click mitigation tool for Exchange Server hacks (lien direct) |
Another tool is at the disposal of admins struggling to protect their systems. |
Tool
|
|
|
|
2021-03-15 14:33:12 |
Google fails to quash Incognito mode user tracking, privacy lawsuit (lien direct) |
The company may now have to fight against user privacy violation claims in court. |
|
|
|
|
2021-03-15 13:04:07 |
Hafnium\'s China Chopper: a \'slick\' and tiny web shell for creating server backdoors (lien direct) |
Hafnium has been linked to recent attacks on Microsoft Exchange Server. |
|
|
|
|
2021-03-15 10:46:00 |
Microsoft investigates potential ties between partner security firm, Exchange Server attack code leak (lien direct) |
Exploit tools used in widespread attacks reportedly are similar to PoC code privately distributed by Microsoft to vendors. |
|
|
|
|
2021-03-15 09:48:12 |
Sky Global CEO indicted over encrypted chat drug trafficking, calls allegations an \'outrage\' (lien direct) |
The executive says the indictment highlights the “vilification” of anyone “who takes a stance against unwarranted surveillance.” |
|
|
|
|
2021-03-12 11:38:31 |
Uber, Lyft to share data on drivers banned for sexual, physical assault (lien direct) |
The measure may stop banned drivers from being able to jump between platforms. |
|
Uber
|
|
|
2021-03-12 10:13:42 |
The future of data privacy: confidential computing, quantum safe cryptography take center stage (lien direct) |
IBM is working on future-proof encryption methods able to keep our data safe both in storage and active use. |
|
|
|
|
2021-03-12 09:24:06 |
Netflix wants to stop you sharing your password (lien direct) |
Many of us do it. Netflix is testing ways to restrict you from sharing your account details. |
|
|
|
|
2021-03-12 08:35:20 |
Microsoft Exchange Server hacks \'doubling\' every two hours (lien direct) |
A ransomware variant is now also leveraging the critical vulnerabilities. |
Ransomware
|
|
|
|
2021-03-11 14:00:00 |
Icon files abused in malspam to spread NanoCore Trojan (lien direct) |
.zipx has been employed to deploy both Lokibot and NanoCore malware. |
|
|
|
|
2021-03-11 10:30:00 |
Smart sex toys: appealing to you, exploitable to hackers (lien direct) |
Some of the most popular sex toys on the market are anything but smart when it comes to security. |
|
|
|
|
2021-03-11 10:09:50 |
F5 issues BIG-IP patches to tackle unauthenticated remote code execution, critical flaws (lien direct) |
Four out of seven vulnerabilities are considered critical. |
|
|
|
|
2021-03-11 08:35:35 |
Sky ECC denies police have \'cracked\' encrypted messaging platform (lien direct) |
Europol, however, says arrests have been made based on monitoring conversation flows. |
|
|
|
|
2021-03-10 16:00:03 |
2020 was a \'record-breaking\' year in US school hacks, security failures (lien direct) |
New research suggests “cybersecurity risks are now neither hypothetical, nor trivial.” |
|
|
|
|
2021-03-10 13:39:13 |
Microsoft expands AccountGuard ahead of elections, deepens Yubico partnership (lien direct) |
Enhanced identity and access features are on offer in 31 democracies. |
|
|
|
|
2021-03-10 09:30:00 |
OVHcloud data centers engulfed in flames (lien direct) |
Customers are being urged to launch their own disaster recovery plans. |
|
|
|
|
2021-03-09 19:59:53 |
Adobe releases batch of security fixes for Framemaker, Creative Cloud, Connect (lien direct) |
This month's security release tackles a handful of vulnerabilities. |
|
|
|
|
2021-03-09 19:41:14 |
Microsoft\'s March Patch Tuesday: Critical remote code execution flaws, IE zero-day fixed (lien direct) |
The fixes follow an unscheduled emergency release for Microsoft Exchange Server. |
|
|
|
|
2021-03-09 11:00:00 |
Malicious apps on Google Play dropped banking Trojans on user devices (lien direct) |
The utility apps contained a previously-unknown dropper for financial malware. |
|
|
|
|
2021-03-09 09:35:35 |
UnityMiner cryptocurrency malware hijacks QNAP storage devices (lien direct) |
A remote code execution bug is to blame this time. |
Malware
|
|
|