What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-18 13:34:58 | NSA warns of federated login abuse for local-to-cloud attacks (lien direct) | The US National Security Agency describes two techniques abused in recent attacks for escalating attacks from local networks to cloud infrastructure. | |||
|
2020-12-18 03:59:45 | Microsoft says it identified 40+ victims of the SolarWinds hack (lien direct) | Microsoft says 80% of the victims it identified were located in the United States. | Hack | ||
|
2020-12-17 23:46:00 | Microsoft was also breached in recent SolarWinds supply chain hack, report (lien direct) | Report claims that after hackers breached Microsoft, they used Microsoft's own products to attack other companies. | |||
|
2020-12-17 16:20:20 | Ad-blocker AdGuard deploys world\'s first DNS-over-QUIC resolver (lien direct) | DNS-over-QUIC, or DoQ, is viewed as a superior, faster, and more private version of the DNS protocol, even DoH and DoT. | |||
|
2020-12-17 12:29:01 | This \'off the shelf\' Tor backdoor malware is now a firm favorite with ransomware operators (lien direct) | SystemBC is making its mark as a popular tool used in high-profile ransomware campaigns. | Ransomware Malware Tool | ||
|
2020-12-17 11:00:00 | IBM launches experimental homomorphic data encryption environment for the enterprise (lien direct) | Is it possible for fully homomorphic encryption to be a “game-changer” for data privacy? IBM intends to find out. | |||
|
2020-12-17 06:39:54 | Phobos launches Orbital, a tool for finding attack pathways and entry points into your network (lien direct) | After months of work, teasing, and planning, Phobos Orbital is out of beta and available for trials. | Tool | ||
|
2020-12-17 02:30:32 | Three million users installed 28 malicious Chrome or Edge extensions (lien direct) | Extensions could redirect users to ads, phishing sites, collect user data, or download malware on infected systems. | Malware | ||
|
2020-12-16 22:29:16 | FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay (lien direct) | FBI says ransomware group has been calling victims, threatening to send individuals to their homes if they don't pay the ransom. | Ransomware | ||
|
2020-12-16 13:00:04 | FICO launches cryptocurrency trade risk solution for banks (lien direct) | The software will bring crypto risk assessment to KYC processes. | |||
|
2020-12-16 05:01:04 | New Goontact spyware discovered targeting Android and iOS users (lien direct) | Most Goontact-laced apps are targeting Asian users in Chinese speaking countries, Korea, and Japan. | |||
|
2020-12-16 03:04:57 | SolarWinds said no other products were compromised in recent hack (lien direct) | SolarWinds has released today updates that "replaces the compromised component" in its Orion platform. | Hack | ||
|
2020-12-16 00:17:59 | Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow (lien direct) | After only showing detection alerts, Microsoft moves to block trojanized SolarWinds apps from running, opening the door for some IT issues for some of its customers. | Hack | ||
|
2020-12-15 20:18:00 | Microsoft and industry partners seize key domain used in SolarWinds hack (lien direct) | By seizing the domain, Microsoft and its partners hope to identify all victims, but are also preventing attackers from escalating intrusions in currently infected networks. | Hack | ||
|
2020-12-15 13:35:00 | Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems (lien direct) | AIR-FI technique can send stolen data at speeds of up to 100 b/s to Wi-Fi receivers at a distance of a few meters. | |||
|
2020-12-15 11:03:33 | Pornhub suspends over 10 million videos to eradicate illegal content (lien direct) | Roughly 13.5 million videos hosted on Pornhub are now reduced to only 2.9 million. | |||
|
2020-12-14 17:36:00 | SEC filings: SolarWinds says 18,000 customers were impacted by recent hack (lien direct) | In SEC documents filed today, SolarWinds said it notified 33,000 customers of its recent hack, but that only 18,000 used a trojanized version of its Orion platform. | Hack | ||
|
2020-12-14 04:02:30 | (Déjà vu) FireEye confirms SolarWinds supply chain attack (lien direct) | Known victims so far include the US Treasury, the US NTIA, and FireEye itself. | |||
|
2020-12-14 04:02:00 | Microsoft, FireEye confirm SolarWinds supply chain attack (lien direct) | Known victims so far include the US Treasury, the US NTIA, and FireEye itself. | |||
|
2020-12-13 07:50:03 | PgMiner botnet attacks weakly secured PostgreSQL databases (lien direct) | Only PostgreSQL databases running on Linux servers have been attacked so far. | |||
|
2020-12-11 20:31:07 | Zero-day in WordPress SMTP plugin abused to reset admin account passwords (lien direct) | A patch has been released earlier this week but many WordPress sites remained unpatched -as usual. | |||
|
2020-12-11 10:58:10 | Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations (lien direct) | Mastercard has terminated services whereas Visa has placed a temporary hold on card payments. | |||
|
2020-12-11 09:27:49 | Critical CSRF vulnerability found on Glassdoor company review platform (lien direct) | The critical flaw impacted both job seeker and employer accounts on the web domain. | Vulnerability | ||
|
2020-12-11 06:00:03 | CISA and FBI warn of rise in ransomware attacks targeting K-12 schools (lien direct) | The percentage of ransomware attacks against K-12 schools increased at the beginning of the 2020 school year | Ransomware | ||
|
2020-12-11 01:56:06 | Facebook doxes APT32, links Vietnam\'s primary hacking group to local IT firm (lien direct) | Facebook suspends accounts linked to APT32, says the group used its platform to spread malware. | APT 32 | ||
|
2020-12-10 22:40:39 | Tech unicorn UiPath discloses data breach (lien direct) | EXCLUSIVE: UiPath admits to accidentally exposing a sensitive file containing the personal details of some of its registered users. | Data Breach | ||
|
2020-12-10 20:57:27 | Chinese APT suspected of supply chain attack on Mongolian government agencies (lien direct) | Chinese hackers have compromised the update mechanism of a chat app used by hundreds of Mongolian government agencies. | |||
|
2020-12-10 18:37:42 | Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox (lien direct) | Microsoft says that at its peak, Adrozek had controlled more than 30,000 devices a day. | Malware | Adrozek | |
|
2020-12-10 16:40:36 | Pwnie Awards 2020 winners include Zerologon, CurveBall, Checkm8, BraveStarr attacks (lien direct) | The cybersecurity community voted for the best bugs and vulnerabilities discovered over the past year. | |||
|
2020-12-10 14:07:11 | Romania to host the EU\'s new cybersecurity research hub (lien direct) | Romania's capital, Bucharest, was selected as host for the EU's future cybersecurity research hub. | |||
|
2020-12-10 12:36:18 | Proof-of-concept exploit code published for new Kerberos Bronze Bit attack (lien direct) | The Kerberos Bronze Bit attack can allow intruders to bypass authentication and access sensitive network services. | |||
|
2020-12-10 09:52:12 | njRAT Trojan operators are now using Pastebin as alternative to central command server (lien direct) | Avoiding C2 infrastructure could help hackers avoid detection. | |||
|
2020-12-10 08:01:44 | Remote code execution vulnerability uncovered in Starbucks mobile platform (lien direct) | The researcher's report revealed multiple endpoints vulnerable to the same flaw. | Vulnerability | ||
|
2020-12-10 03:29:02 | Hackers are selling more than 85,000 SQL databases on a dark web portal (lien direct) | The hackers are breaking into SQL databases, stealing their content, holding it for ransom for 9 days, and then selling them to the highest bidder if the DB owner doesn't want to ransom their content back. | |||
|
2020-12-09 23:29:59 | Adobe to block Flash content from running on January 12, 2021 (lien direct) | Adobe releases final Flash update with stronger language asking users to uninstall the app before its EOL. | |||
|
2020-12-09 20:59:57 | Google open-sources Atheris, a tool for finding security bugs in Python code (lien direct) | Atheris helps developers find bugs in Python-based codebases using a technique called fuzzing. | Tool | ||
|
2020-12-09 17:27:00 | EU agency in charge of COVID-19 vaccine approval says it was hacked (lien direct) | The European Medicines Agency (EMA) says it's investigating a recent cyber-attack. | |||
|
2020-12-09 13:12:01 | Hackers hide web skimmer inside a website\'s CSS files (lien direct) | Previously, security researchers found web skimmers (Magecart scripts) inside favicons, site logos, live chat windows, and, most recently, in social media sharing buttons. | |||
|
2020-12-09 10:40:00 | Oblivious DoH: Cloudflare supports new privacy, security-focused DNS standard (lien direct) | Test clients for the new standard have been released to the open source community. | |||
|
2020-12-09 07:49:49 | Adobe security update squashes critical vulnerabilities in Lightroom, Prelude (lien direct) | Adobe's last major patch round of 2020 has dealt with arbitrary code and JavaScript execution bugs. | |||
|
2020-12-09 02:40:05 | Four sentenced to prison for planting malware on 20 million Gionee smartphones (lien direct) | Chinese quartet conspired to plant a malicious SDK inside an app that came preinstalled on Gionee devices. | Malware | ||
|
2020-12-08 21:54:00 | FireEye, one of the world\'s largest security firms, discloses security breach (lien direct) | FireEye suspects it was the victim of a nation-state hacking group. | |||
|
2020-12-08 17:30:00 | GitHub rolls out dependency review, vulnerability alerts for pull requests (lien direct) | The aim is to prevent vulnerable code from being added to dependencies by accident. | Vulnerability | ||
|
2020-12-08 17:00:03 | Accounts with default creds found in 100+ GE medical device models (lien direct) | GE Healthcare is embarking on a massive effort to help healthcare providers reconfigure vulnerable devices. | |||
|
2020-12-08 14:42:06 | Norway says Russian hacking group APT28 is behind August 2020 Parliament hack (lien direct) | Russian hackers breached the Norway's Parliament email accounts in August this year. | Hack | APT 28 | |
|
2020-12-08 12:47:46 | Amnesia:33 vulnerabilities impact millions of smart and industrial devices (lien direct) | Security researchers have identified 33 security flaws in four open-source TCP/IP stacks used across a wide range of smart products. | |||
|
2020-12-08 10:27:05 | Police officer abused vehicle database to track down women drivers (lien direct) | A court dismissed the idea that he did so to contact women for an Instagram comic project, or that this is in any way justifiable. | |||
|
2020-12-07 21:42:31 | BTC-e founder sentenced to five years in prison for laundering ransomware funds (lien direct) | French prosecutors weren't able to prove that Vinnik was also involved in the distribution of the Locky ransomware. | Ransomware | ||
|
2020-12-07 18:21:56 | Hacker opens 2,732 PickPoint package lockers across Moscow (lien direct) | PickPoint says this is the world's first targeted cyberattack against a post-gateway network. | |||
|
2020-12-07 15:17:02 | NortonLifeLock buys Avira in $360 million cash deal (lien direct) | Avira acquisitions brings 30M+ active devices to the Norton family, 1.5M paying customers. |
To see everything:
Our RSS (filtrered)
