What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-07 12:45:13 | Credit card stealer discovered in social media buttons (lien direct) | Web skimmer (Magecart) gangs find a new ways to attack e-commerce stores and online shoppers. | |||
|
2020-12-07 11:00:38 | Italian police arrest suspects in Leonardo military, defense data theft (lien direct) | A former employee and collaborator are accused of siphoning off sensitive information for almost two years. | |||
|
2020-12-07 08:07:00 | NSA warns of Russian state-sponsored hackers exploiting VMWare vulnerability (lien direct) | Russian hackers are using a VMWare bug to plant web shells inside hacked networks and pivot to Microsoft ADFS servers from where they steal sensitive data. | Vulnerability | ||
|
2020-12-07 00:58:04 | Hackers leak data from Embraer, world\'s third-largest airplane maker (lien direct) | The Brazilian company was the victim of a ransomware attack last month, in November. | Ransomware | ||
|
2020-12-06 15:46:33 | Kazakhstan government is intercepting HTTPS traffic in its capital (lien direct) | This marks the third time since 2015 that the Kazakh government is mandating the installation of a root certificate on its citizens' devices. | |||
|
2020-12-05 07:15:02 | Ransomware hits helicopter maker Kopter (lien direct) | Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web. | Ransomware | ||
|
2020-12-05 01:37:29 | Ransomware gangs are now cold-calling victims if they restore from backups without paying (lien direct) | Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk. | Ransomware | ||
|
2020-12-04 20:33:58 | Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day (lien direct) | Johnson & Johnson is one of six COVID-19 research companies that have been recently targeted by North Korean state-sponsored hackers. | |||
|
2020-12-04 07:39:03 | Ransomware attack cripples Vancouver public transportation agency (lien direct) | TransLink customers left unable to use the agency's public ticketing kiosks and cards for two days. | Ransomware | ||
|
2020-12-04 00:31:47 | Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange (lien direct) | Snowden claims the pardon would save Assange's life. | |||
|
2020-12-03 18:25:00 | Dell announces new protections for its PC and server supply chain (lien direct) | Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment. | |||
|
2020-12-03 14:17:08 | Data of 243 million Brazilians exposed online via website source code (lien direct) | The password to access a highly sensitive Ministry of Health database was stored inside a government site's source code. | |||
|
2020-12-03 11:00:05 | Mysterious phishing campaign targets organizations in COVID-19 vaccine cold chain (lien direct) | Targets include EU directorates, companies making vaccine shipping containers, a website development firm linked to vaccine supply chains. | |||
|
2020-12-03 11:00:04 | 8% of all Google Play apps vulnerable to old security bug (lien direct) | Devs have not updated a crucial library inside their apps, leaving users exposed to dangerous attacks. Some of the vulnerable apps include Microsoft's Edge browser, Grindr, OKCupid, and Cisco Teams. | |||
|
2020-12-03 11:00:03 | New TrickBot version can tamper with UEFI/BIOS firmware (lien direct) | New TrickBot feature scares security researchers. | |||
|
2020-12-03 11:00:00 | This phishing group is targeting COVID-19 vaccine supply chains (lien direct) | Clues indicate state-sponsored hackers may be to blame. | |||
|
2020-12-03 10:49:47 | Compounder Finance DeFi project allegedly pulls the rug from under investors, $11 million stolen (lien direct) | One investor is offering a $100,000 bounty leading to the unmasking of the thief, or thieves, involved. | Guideline | ||
|
2020-12-02 14:00:02 | Open source software security vulnerabilities exist for over four years before detection (lien direct) | GitHub research suggests there is a need to reduce the time between bug detection and fixes. | |||
|
2020-12-02 11:52:18 | Absa bank embroiled in data leak, rogue employee accused of theft (lien direct) | Personal information belonging to banking customers was compromised. | |||
|
2020-12-02 09:30:05 | Ivanti announces double acquisition of MobileIron, Pulse Secure in zero-trust security push (lien direct) | Ivanti says the deals strengthen the company in the mobile zero-trust security space. | |||
|
2020-12-01 19:00:00 | Malicious npm packages caught installing remote access trojans (lien direct) | JavaScript and Node.js developers who installed the jdb.js and db-json.js packages were infected with the njRAT malware. | |||
|
2020-12-01 17:55:51 | FBI warns of email forwarding rules being abused in recent hacks (lien direct) | FBI: "The web-based client's forwarding rules often do not sync with the desktop client, limiting the rules' visibility to cyber security administrators." | |||
|
2020-12-01 15:53:43 | Microsoft removes 18 malicious Edge extensions for injecting ads into web pages (lien direct) | Some extensions mimicked official apps while others copied popular Chrome extensions. | |||
|
2020-12-01 09:54:40 | \'Hacker_R_US\' gets eight years in prison for bomb threats and DDoS extortion (lien direct) | 'Hacker_R_US' was one of the two members of the Apophis Squad hacker group. | |||
|
2020-12-01 09:00:03 | 2020\'s worst cryptocurrency breaches, thefts, and exit scams (lien direct) | Cryptocurrency exchanges have felt the impact of everything from vulnerability exploit to social engineering scams over this year. | Vulnerability | ||
|
2020-12-01 06:00:03 | The biggest hacks, data breaches of 2020 (lien direct) | A pandemic is no reason for hackers to hold off cyberattacks against everything from government bodies to healthcare providers. | |||
|
2020-12-01 02:34:00 | Microsoft links Vietnamese state hackers to crypto-mining malware campaign (lien direct) | Vietnamese state hackers imitate Chinese groups and start making money on the side while spying for their government. | Malware | ||
|
2020-11-30 21:20:13 | Docker malware is now common, so devs need to take Docker security seriously (lien direct) | Three years after the first malware attacks targeting Docker, developers are still misconfiguring and exposing their Docker servers online. | Malware | ||
|
2020-11-30 13:36:00 | Four years after the Dyn DDoS attack, critical DNS dependencies have only gone up (lien direct) | If Cloudflare, AWS, or GoDaddy go down, around 40% of the Alexa Top 100,000 websites will also go down with DNS resolution problems. | |||
|
2020-11-30 10:00:03 | This new cyberattack can dupe DNA scientists into creating dangerous viruses and toxins (lien direct) | The research highlights the potential dangers of new 'biohacking' techniques. | |||
|
2020-11-27 14:09:25 | A hacker is selling access to the email accounts of hundreds of C-level executives (lien direct) | Access is sold for $100 to $1500 per account, depending on the company size and exec role. | |||
|
2020-11-27 10:07:06 | Networking equipment vendor Belden discloses data breach (lien direct) | Belden says hackers accessed a limited number of company's file servers. | Data Breach | ||
|
2020-11-26 21:22:59 | Personal data of 16 million Brazilian COVID-19 patients exposed online (lien direct) | Among those affected by the leak are Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors. | |||
|
2020-11-26 09:31:21 | Sophos notifies customers of data exposure after database misconfiguration (lien direct) | Exclusive: Company says that only a small subset of customers were impacted. | |||
|
2020-11-25 23:34:00 | Xbox bug could have allowed hackers to link gamer tags with players\' emails (lien direct) | The bug could have been exploited by playing around in a browser's developer console and editing a cookie field. | |||
|
2020-11-25 20:46:28 | Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day (lien direct) | The vulnerability was discovered while the security researcher was working on a Windows security tool. | Vulnerability | ||
|
2020-11-25 17:08:25 | Three members of TMT cybercrime group arrested in Nigeria (lien direct) | The TMT group has infected more than 50,000 organizations around the world with malware. | |||
|
2020-11-25 10:55:21 | YouTube suspends OANN for allegedly peddling fake COVID-19 cures (lien direct) | If the outlet wants to monetize videos in the future, it must reapply to YouTube's member program. | |||
|
2020-11-25 10:07:21 | Home Depot agrees to $17.5 million settlement over 2014 data breach (lien direct) | The US retailer's point-of-sale systems were infected with malware. | Data Breach | ||
|
2020-11-24 20:44:00 | 2FA bypass discovered in web hosting software cPanel (lien direct) | More than 70 million sites are managed via cPanel software, according to the company. | |||
|
2020-11-24 15:00:04 | Stantinko\'s Linux malware now poses as an Apache web server (lien direct) | Eight-year-old Stantinko botnet updates its Linux malware. | Malware | ||
|
2020-11-24 13:18:14 | Spotify launches \'rolling reset\' on customer accounts, passwords linked to data leak (lien direct) | A third-party server containing Spotify credentials was uncovered by researchers. | |||
|
2020-11-24 12:22:43 | Baidu\'s Android apps caught collecting sensitive user details (lien direct) | Data collection issue identified in Baidu Maps and Baidu Search Box apps, both removed from the Play Store in October 2020. | |||
|
2020-11-24 11:00:00 | New WAPDropper malware abuses Android devices for WAP fraud (lien direct) | New WAPDropper malware signs up Android users to premium services provided by telecoms in Thailand and Malaysia. | Malware | ||
|
2020-11-24 10:29:05 | SEC alleges Benja CEO duped investors to fund a non-existent e-commerce empire (lien direct) | The agency claims that business deals were made up to lure investors into funding the startup. | |||
|
2020-11-24 10:27:00 | Hacker leaks the user data of event management app Peatix (lien direct) | More than 4.2 million user accounts have been made available for download online earlier this month. | |||
|
2020-11-23 17:37:13 | Tesla Model X hacked and stolen in minutes using new key fob hack (lien direct) | Tesla is rolling out over-the-air software updates this week to prevent the attack from hijacking owner key fobs. | Hack | ||
|
2020-11-23 15:10:12 | Malware creates scam online stores on top of hacked WordPress sites (lien direct) | The malware gang also poisoned the victims' XML sitemaps with thousands of scammy entries, lowering the sites' SERP ranking. | Malware | ||
|
2020-11-23 13:35:05 | GoDaddy staff fall prey to social engineering scam in cryptocurrency exchange attack wave (lien direct) | The domain registrar has confirmed that employees became embroiled in wider attacks. | |||
|
2020-11-23 12:28:00 | TikTok patches reflected XSS bug, one-click account takeover exploit (lien direct) | The vulnerabilities impacted the video platform's website. |
To see everything:
Our RSS (filtrered)
