What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-19 13:31:00 | Malaysia arrests 11 suspects for hacking government sites (lien direct) | A similar government website defacement campaign is also taking place this week in Myanmar, in support of the country's jailed elected leader. | Guideline | ||
|
2021-02-18 17:44:00 | Microsoft says SolarWinds hackers downloaded some Azure, Exchange, and Intune source code (lien direct) | Microsoft says it has completed its investigation into its SolarWinds-related breach. | |||
|
2021-02-18 16:59:00 | RIPE NCC discloses failed brute-force attack on its SSO service (lien direct) | RIPE NCC, which manages the IP address space for the EMEA region, is now asking its 20,000 member orgs to enable 2FA for their accounts. | |||
|
2021-02-18 15:20:50 | CrowdStrike acquires Humio for $400 million (lien direct) | Deal expected to close at the end of Q1 2021. | |||
|
2021-02-18 11:54:37 | Windows and Linux servers targeted by new WatchDog botnet for almost two years (lien direct) | WatchDog botnet uses exploits to take over servers and mine cryptocurrency. | |||
|
2021-02-18 11:38:40 | Masslogger Trojan reinvented in quest to steal Outlook, Chrome credentials (lien direct) | The operators have also been linked to the use of AgentTesla, Formbook, and AsyncRAT. | |||
|
2021-02-17 22:06:16 | Microsoft starts removing Flash from Windows devices via new KB4577586 update (lien direct) | Windows 10 users are reporting seeing a new update this week that permanently removes Flash from their systems. | |||
|
2021-02-17 17:33:00 | (Déjà vu) US charges two more members of the \'Lazarus\' North Korean hacking group (lien direct) | The US DOJ described the North Korean hackers as "the world's leading bank robbers" and "a criminal syndicate with a flag." | Guideline | APT 38 | |
|
2021-02-17 13:15:12 | Dutch police post \'friendly\' warnings on hacking forums (lien direct) | Dutch police: "Hosting criminal infrastructure in The Netherlands is a lost cause." | |||
|
2021-02-17 13:00:05 | Bug in shared SDK can let attackers join calls undetected across multiple apps (lien direct) | Apps that use the SDK include MeetMe, Skout, Nimo TV, temi, and Talkspace. | |||
|
2021-02-17 12:01:29 | Owner of app that hijacked millions of devices with one update exposes buy-to-infect scam (lien direct) | The owners of the once-legitimate Android app insist that a buyer was responsible for a malicious update with far-reaching consequences. | |||
|
2021-02-17 10:42:51 | Tracker pixels in emails are now an \'endemic\' privacy concern (lien direct) | Critics suggest the practice is marketing gone too far. | |||
|
2021-02-16 23:17:27 | Centreon says only 15 entitites were targeted in recent Russian hacking spree (lien direct) | Hacked companies were using very outdated versions of Centreon's open-source IT monitoring software. | |||
|
2021-02-16 19:52:40 | Malvertiser abused WebKit zero-day to redirect iOS & macOS users to shady sites (lien direct) | Malicious ad campaigns have taken place all last year. Patches shipped on February 1, 2021. | |||
|
2021-02-16 06:00:03 | Losses to romance scams reached a record $304 million in 2020 (lien direct) | The FTC believes the pandemic limited people's ability to meet in person, which contributed to a spike in successful online romance scams. | |||
|
2021-02-16 00:21:27 | Security bugs left unpatched in Android app with one billion downloads (lien direct) | The vulnerabilities impact SHAREit, an app used for sharing files between users and their devices. | |||
|
2021-02-15 18:18:00 | France: Russian state hackers targeted Centreon servers in years-long campaign (lien direct) | New ANSSI report exposes new Sandworm APT attacks targeting IT companies using Centreon servers. | |||
|
2021-02-15 16:25:45 | (Déjà vu) 270 addreses are responsible for 55% of all cryptocurrency money laundering (lien direct) | Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law enforcement actions. | |||
|
2021-02-15 16:25:00 | 270 addresses are responsible for 55% of all cryptocurrency money laundering (lien direct) | Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law enforcement actions. | |||
|
2021-02-14 15:41:34 | Egregor ransomware operators arrested in Ukraine (lien direct) | Arrested suspects are believed to be clients of the Egregor RaaS, not the Egregor gang itself. | Ransomware | ||
|
2021-02-12 19:42:13 | Apple will proxy Safe Browsing traffic on iOS 14.5 to hide user IPs from Google (lien direct) | iOS 14.5 is currently in beta. | |||
|
2021-02-12 13:55:00 | Yandex said it caught an employee selling access to users\' inboxes (lien direct) | The Russian company said the employee sold access to 4,887 user email accounts. | |||
|
2021-02-12 13:20:00 | Microsoft said the number of web shells has doubled since last year (lien direct) | Microsoft says it's seeing around 140,000 web shells a month, up from roughly 77,000 last August. | |||
|
2021-02-11 20:57:22 | Accellion to retire product at the heart of recent hacks (lien direct) | The Accellion FTA file transfer service has been at the heart of recent hacks at banks, telcos, and government organizations across the world. | |||
|
2021-02-11 17:16:00 | Free decrypter released for Avaddon ransomware victims... aaand, it\'s gone! (lien direct) | The Avaddon ransomware gang said in a forum post they already updated their code to counter the tool's release. | Ransomware | ||
|
2021-02-11 12:37:55 | KeepChange said it stopped hackers from stealing user funds, but not personal data (lien direct) | Stolen information includes names, email addresses, trade data, and hashed passwords. | |||
|
2021-02-11 11:00:04 | Android spyware strains linked to state-sponsored Confucius threat group (lien direct) | Hornbill and SunBird are being used to stalk and steal the data of Pakistani nationals. | Threat | ||
|
2021-02-11 10:30:28 | PayPal fixes reflected XSS vulnerability in user wallet currency converter (lien direct) | The currency conversion endpoint was susceptible to attacks. | Vulnerability | ||
|
2021-02-11 03:38:44 | Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests (lien direct) | Facebook's crackdown on lookalike domains last year has touched some of the domains security firm Proofpoint was using for security awareness training exercises. | |||
|
2021-02-10 22:26:27 | Following Oldsmar attack, FBI warns about using TeamViewer and Windows 7 (lien direct) | An FBI alert sent on Tuesday warns companies about the use of out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. | |||
|
2021-02-10 14:08:23 | Authorities arrest SIM swapping gang that targeted celebrities (lien direct) | Eight men were arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks targeting US celebrities. | |||
|
2021-02-10 12:36:31 | Investor data breach \'fatigue\' reduces Wall Street punishment for cybersecurity failures (lien direct) | As data breaches are now common, acceptance now lessens the impact on share prices. | Data Breach | ||
|
2021-02-10 10:25:23 | Adobe patches wave of critical bugs in Magento, Acrobat, Reader (lien direct) | Some of the vulnerabilities were reported through a hacking contest. | |||
|
2021-02-10 05:40:02 | Microsoft warns enterprises of new \'dependency confusion\' attack technique (lien direct) | New "dependency confusion" technique, also known as a "substitution attack," allows threat actors to sneak malicious code inside private code repositories by registering internal library names on public package indexes. | Threat | ||
|
2021-02-09 18:43:00 | Microsoft February 2021 Patch Tuesday fixes 56 bugs, including Windows zero-day (lien direct) | Microsoft also warns about three nasty vulnerabilities in the Windows TCP/IP stack. | |||
|
2021-02-09 16:37:51 | Web hosting provider shuts down after cyber-attack (lien direct) | Two other UK web hosting providers also suffered similar hacks over the weekend, although it's unconfirmed if the attacks are related. | |||
|
2021-02-09 13:19:22 | Appgate to go public through Newtown Lane merger (lien direct) | The cybersecurity firm intends to join the Nasdaq or NYSE through the agreement. | |||
|
2021-02-09 09:40:00 | CD Projekt Red game studio discloses ransomware attack, extortion attempt (lien direct) | The company behind games like Cyberpunk 2077 and The Witcher becomes the latest gaming studio to fall victim to a ransomware attack. | Ransomware | ||
|
2021-02-09 06:40:03 | Author of uPanel phishing kit arrested in Ukraine (lien direct) | More than 50% of all phishing attacks that targeted Australia in 2019 were carried out using uPanel, officials said. | |||
|
2021-02-09 05:30:03 | PyPI, GitLab dealing with spam attacks (lien direct) | Both sites have been flooded over the weekend with garbage content. | Spam | ||
|
2021-02-08 21:41:00 | Hacker modified drinking water chemical levels in a US city (lien direct) | The intrusion was detected right away and the hacker's modifications have been reversed right away. | |||
|
2021-02-08 18:41:33 | Microsoft to add \'nation-state activity alerts\' to Defender for Office 365 (lien direct) | Microsoft has been alerting users of nation-state attacks since 2016. Alerts will now be added to the Defender for Office 365 dashboard so companies can take quicker action. | |||
|
2021-02-08 15:16:42 | iPhone 12 magnet array can disrupt implantable medical devices (lien direct) | Doctors issue warning about new magnet-based MagSafe technology included with newer-gen iPhones. | |||
|
2021-02-08 11:45:32 | With one update, this malicious Android app hijacked millions of devices (lien direct) | All it takes is one tweak to change a legitimate app into a frustrating parasite on your handset. | |||
|
2021-02-08 11:01:52 | Domestic Kitten hacking group strikes local citizens considered a threat to Iranian regime (lien direct) | FurBall spyware pretends to be everything from a security app to screen wallpapers. | Threat | ||
|
2021-02-07 17:58:59 | Hacktivists deface multiple Sri Lankan domains, including Google.lk (lien direct) | Authorities said they detected the attack a few hours after it started and blocked it on Saturday. | |||
|
2021-02-05 20:31:39 | Webdev tutorials site SitePoint discloses data breach (lien direct) | SitePoint admits data breach after one million user creds were sold on a hacking forum last December. | Data Breach | ||
|
2021-02-05 15:38:00 | Google Chrome sync feature can be abused for C&C and data exfiltration (lien direct) | A security researcher has found a malicious Chrome extension in the wild abusing the Chrome Sync process. | |||
|
2021-02-05 10:47:38 | Woman pleads guilty for using gov\'t PC to steal photos of \'snitches\' in Iowa (lien direct) | The photos were shared in a group dedicated to outing “law enforcement cooperators.” | |||
|
2021-02-05 09:33:40 | Founder of cryptocurrency hedge funds charged over $90 million theft (lien direct) | Clients were allegedly lied to when they queried where their funds were being invested. |
To see everything:
Our RSS (filtrered)
