What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-12 17:00:00 | Winnti APT group docks in Sri Lanka for new campaign (lien direct) | >Categories: Threat IntelligenceTags: Winnti Tags: APT Tags: China Tags: Sri Lanka Tags: India Tags: Keyplug Tags: malware Tags: dropbox Tags: C2 Tags: DBoxAgent In this research paper, we document a new campaign we attribute to the Winnti APT group. The victims are located in Sri Lanka at a point in time where the country is going through economic hardship while China makes headlines for docking on of its special vessels there. (Read more...) | |||
|
2022-10-12 16:15:00 | Top 5 ransomware detection techniques: Pros and cons of each (lien direct) | >Categories: BusinessDetecting ransomware can be tricky. Attackers use obfuscation and evasion techniques to avoid detection, and new ransomware variants are produced every day. In this post, we look at five ransomware detection techniques and their pros and cons. (Read more...) | Ransomware | ||
|
2022-10-11 23:30:00 | An 18 year scam odyssey of stranded astronauts (lien direct) | >Categories: NewsTags: scam Tags: fake Tags: fraud Tags: phish Tags: romance Tags: 419 Tags: astronaut Tags: space Tags: station Tags: shuttle Tags: rocket Tags: fake Tags: email We take a look at a scam which has come around every couple of years and which has finally claimed a sizable bounty from a victim. (Read more...) | |||
|
2022-10-11 23:00:00 | Security awareness campaign highlights things your bank will never say (lien direct) | >Categories: NewsTags: Bank Tags: awareness Tags: campaign Tags: never say that Tags: security Tags: phish Tags: phishing We take a look at an awareness campaign based around the kind of thing you should never hear your bank saying. (Read more...) | |||
|
2022-10-11 11:00:00 | Court rules webcam monitoring of remote employee was an invasion of privacy (lien direct) | >Categories: NewsCategories: PrivacyTags: Dutch Tags: court Tags: webcam monitoring Tags: privacy A Dutch court has ruled that demanding a remote employee submit to constant webcam monitoring was an invasion of their privacy (Read more...) | |||
|
2022-10-11 10:45:00 | Smart lights vulnerable to "blink and you\'ll miss it" attack (lien direct) | >Categories: NewsTags: smart light system Tags: light bulb Tags: IoT Tags: Internet of Things Tags: compromise Tags: CVE In 2022, even our light bulbs have CVEs ( | |||
|
2022-10-10 15:00:00 | Teen talk: What it\'s like to grow up online, and the role of parents: Lock and Code S03E21 (lien direct) | >Categories: PodcastThis week on Lock and Code, we speak with a Bay Area teen about the difficulties of growing up with the Internet, and with 1Password co-founder Sara Teare about how to raise kids online today. (Read more...) | |||
|
2022-10-10 13:30:00 | White House unveils Blueprint for an AI Bill of Rights (lien direct) | >Categories: NewsThe blueprint aims to make AI less harmful to Americans by holding its creators accountable. (Read more...) | |||
|
2022-10-07 16:15:00 | Romance scammer given 25 years of alone time (lien direct) | >Categories: NewsTags: Scam Tags: spam Tags: phish Tags: BEC Tags: business email compromise Tags: romance Tags: fake Tags: fraud Tags: wire Tags: money mule We take a look at a scammer, involved in both BEC fraud and romance scams, who has been jailed for a whopping 25 years. (Read more...) | |||
|
2022-10-07 15:00:00 | Meta accuses apps of stealing WhatsApp accounts (lien direct) | >Categories: NewsTags: Meta Tags: WhatsApp Tags: apps Tags: mobile Tags: android Tags: device Tags: account Tags: credentials Tags: spam Meta is suing developers for multiple credential-stealing apps found on Google Play and elsewhere. (Read more...) | |||
|
2022-10-07 15:00:00 | Credential stuffers take aim at Final Fantasy XIV players (lien direct) | >Categories: NewsTags: Final Fantasy XIV Tags: Square Enix Tags: phishing Tags: credential stuffing Tags: theft Tags: steal Tags: compromise Tags: hijack Attackers are preying on accounts with passwords used on other sites and services. (Read more...) | |||
|
2022-10-07 10:30:00 | Malwarebytes\' modernized bug bounty program-here\'s all you need to know (lien direct) | >Categories: BusinessWe've updated our bug bounty program with increased rewards and a new way to submit vulnerabilities (Read more...) | |||
|
2022-10-07 01:45:00 | Android vulnerabilities could allow arbitrary code execution (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsTags: Google Tags: Android Tags: Qualcomm Tags: WLAN Tags: CVE-2022-25720 Tags: CVE-2022-25718 Tags: CVE-2022-25748 Tags: CVE-2022-20419 Tags: ActivityManager Google has issued patches for 42 vulnerabilities, including four marked critical (Read more...) | |||
|
2022-10-06 15:30:00 | Hundreds of Microsoft SQL servers found to be backdoored (lien direct) | >Categories: NewsTags: Microsoft SQL Tags: brute force Tags: Maggie Tags: Extended Stored Procedure Researchers have found a backdoor that specifically targets Microsoft SQL servers. (Read more...) | |||
|
2022-10-06 15:00:00 | Data Access Agreement offers a new path for UK - US data requests (lien direct) | >Categories: NewsTags: Data access agreement Tags: DAA Tags: UK Tags: US Tags: crime Tags: criminal Tags: telecommunications Tags: request Tags: share Tags: data We take a look at a possibly controversial new way for two governments to make direct data requests in cases of law enforcement. (Read more...) | |||
|
2022-10-06 13:00:00 | Cyberstalking, pig masks, and cockroaches: Former eBay execs are sentenced (lien direct) | >Categories: NewsTags: ebay Tags: harassment Tags: doxing Tags: online threats Tags: stalking Tags: cyberstalking Two former eBay executives have been sentenced to prison for their roles in a cyberstalking campaign aimed at the company's critics. (Read more...) | |||
|
2022-10-06 11:00:00 | BOD 23-01: Improving asset visibility and vulnerability detection on federal networks (lien direct) | >Categories: NewsTags: BOD 23-01 Tags: asset visibility Tags: vulnerability detection Tags: federal networks Tags: CISA Tags: CDM Tags: CISA has issued BOD 23-10 which requires all FCEB entities to maintain an inventory of all IPv4- and IPv6-networked assets, perform regular, periodic scans of these devices, and provide this information to CISA. (Read more...) | Vulnerability | ||
|
2022-10-05 22:45:00 | Admin from hell facing 10 years for sabotaging ex-employer\'s network (lien direct) | >Categories: NewsTags: hire Tags: hiring Tags: rehire Tags: insider threat Tags: ex-employee Tags: logins Tags: network Tags: FBI Failing to keep a tight reign on ex-employees' credentials can lead to all manner of chaos. (Read more...) | Guideline | ||
|
2022-10-05 15:45:00 | Bogus job offers hide trojanised open-source software (lien direct) | >Categories: NewsTags: malware Tags: ZINC Tags: microsoft Tags: infection Tags: C&C Tags: open source Tags: job offer Tags: fake Tags: LinkedIn A North Korean ZINC group is accused of creating compromised versions of KiTTY, PuTTY, TightVNC, and other popular open-source software apps (Read more...) | Guideline Medical | APT 38 | |
|
2022-10-05 11:30:00 | Kim Kardashian gets huge fine for crypto ad (lien direct) | >Categories: NewsThe SEC fined the celebrity $1.26 million for touting a crypto security without telling followers what she was paid to promote it. (Read more...) | |||
|
2022-10-04 15:00:00 | TikTok\'s "secret operation" tracks you even if you don\'t use it (lien direct) | >Categories: NewsCategories: PrivacyIf you think TikTok is acting like Google or Meta when collecting data, you're not wrong. (Read more...) | |||
|
2022-10-04 12:00:00 | Huge increase in smishing scams, warns IRS (lien direct) | >Categories: NewsCategories: ScamsTags: IRS Tags: smishing The Internal Revenue Service has issued a warning for taxpayers over a recent increase in IRS-themed smishing scams. (Read more...) | |||
|
2022-10-04 11:00:00 | Ransomware review: September 2022 (lien direct) | >Categories: Threat IntelligenceIn September, LockBit accounted for almost half of all known ransomware attacks. (Read more...) | Ransomware | ||
|
2022-10-04 08:00:00 | Ransomware-affected school district refuses to pay, gets stolen data released (lien direct) | >Categories: NewsTags: compromise Tags: ransomware Tags: leak Tags: extortion Tags: LAUSD Data stolen from Los Angeles Unified School District has been leaked online, after staff refused to pay the ransom related to a ransomware attack. (Read more...) | Ransomware | ||
|
2022-10-03 12:00:00 | Actively exploited vulnerability in Bitbucket Server and Data Center (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsTags: Atlassian Tags: Bitbucket Tags: git Tags: CVE-2022-36804 Tags: RCE Tags: read permission International cybersecurity authorities are warning about the active exploitation of a vulnerability in Bitbucket Server and Data Center (Read more...) | Vulnerability | ||
|
2022-10-03 10:00:00 | Romance scammer deepfakes Mark Ruffalo to con elderly artist (lien direct) | >Categories: NewsTags: romance scam Tags: deepfake Tags: mark ruffalo Tags: manga Tags: theft Tags: online Tags: social media We take a look at a romance scammer getting ahead of the game and using deepfakes to steal a huge amount of money from a victim. (Read more...) | |||
|
2022-10-02 19:00:00 | Why (almost) everything we told you about passwords was wrong (lien direct) | Categories: NewsSorry. (Read more...) | |||
|
2022-09-30 13:00:00 | Two new Exchange Server zero-days in the wild (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsTags: Exchange Tags: ProxyShell Tags: remote PowerShell Tags: web shell Tags: CVE-2022-41040 Tags: CVE-2022-41082 Tags: SSRF Tags: RCE Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers (Read more...) | |||
|
2022-09-29 17:00:00 | Local government cybersecurity: 5 best practices (lien direct) | >Categories: BusinessWith a few best practices, local governments can improve their cybersecurity posture and make it less likely that threat actors attack their systems. We'll break down five best practices for local government cybersecurity in this post. (Read more...) | Threat | ||
|
2022-09-29 16:00:00 | Optus data breach "attacker" says sorry, it was a mistake (lien direct) | >Categories: NewsTags: Optus Tags: breach Tags: optusdata Tags: text messages Tags: drivers' licenses Tags: Medicare Tags: identity protection A hacker stole the personal information of 10 million Optus customers, threatened to publish them in lots of 10,000 a day unless the ransom was paid, and then suddenly did a 180 degree turn. (Read more...) | Data Breach | ||
|
2022-09-29 12:00:00 | Fast Company hacked to send obscene and racist messages (lien direct) | >Categories: CybercrimeCategories: NewsThe US business magazine appeared to have two separate and related incidents in which it was compromised. (Read more...) | |||
|
2022-09-28 21:15:00 | APT28 attack uses old PowerPoint trick to download malware (lien direct) | >Categories: NewsTags: APT28 Tags: Fancy Bear Tags: PowerPoint Tags: PowerShell Tags: One Drive Tags: SyncAppvPublishingServer The Russian APT known as Fancy Bear was caught using an old mouseover technique that doesn't need macros (Read more...) | Malware | APT 28 | |
|
2022-09-28 13:00:00 | FCC moves to block robotexts (lien direct) | >Categories: NewsCategories: ScamsThe Federal Communications Commission wants mobile carriers to block spam texts at the network level. (Read more...) | Spam | ||
|
2022-09-28 13:00:00 | Spyware disguises itself as Zoom downloads (lien direct) | >Categories: NewsCriminals are taking advantage Zoom's continuing popularity (Read more...) | |||
|
2022-09-28 10:30:00 | Erbium stealer on the hunt for data (lien direct) | >Categories: NewsTags: erbium Tags: malware Tags: data theft Tags: stealer Tags: wallets Tags: cryptocurrency Tags: browsers Tags: browser Tags: infection Tags: malware as a service We take a look at reports of new data theft malware relying on sold old tricks (Read more...) | Malware | ||
|
2022-09-28 03:00:00 | 4 times students compromised school cybersecurity (lien direct) | >Categories: NewsTags: School Tags: password Tags: sticky note Tags: lax security Tags: Sometimes we hear stories about brilliant students that hack their school and get celebrated, but it doesn't always end well. (Read more...) | Hack | ||
|
2022-09-27 12:15:00 | Facebook users sue Meta for allegedly building "secret workaround" to Apple privacy safeguards (lien direct) | >Categories: NewsCategories: PrivacyMeta is being sued by a couple of its users for allegedly deliberately circumventing Apple's privacy features on the iPhone. (Read more...) | |||
|
2022-09-27 12:00:00 | TikTok faces $28m fine for failing to protect children\'s privacy (lien direct) | >Categories: NewsTags: ICO Tags: tiktok Tags: data Tags: protection Tags: kids Tags: children Tags: fine Tags: privacy Tags: safety The ICOs is looking to fine TikTok over what it claims are issues related to the UK's data protection laws. (Read more...) | |||
|
2022-09-27 11:30:00 | Flaw in some ManageEngine apps is being actively exploited, says CISA (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsThe critical CVE-2022-35405 flaw affects several Zoho ManageEngine products. Federal and private organizations must patch now! (Read more...) | |||
|
2022-09-27 11:00:00 | Exchange servers abused for spam through malicious OAuth applications (lien direct) | >Categories: NewsTags: Exchange Tags: OAuth Tags: spam Tags: MFA Tags: Transport rules Tags: connector Threat actors have been using malicious OAuth applications to abuse Microsoft Exchange servers for their spam campaign. (Read more...) | Spam | ||
|
2022-09-26 13:30:00 | Calling in the ransomware negotiator, with Kurtis Minder: Lock and Code S03E20 (lien direct) | >Categories: PodcastThis week on Lock and Code, we speak with Kurtis Minder, CEO of GroupSense, about how a company decides to bring in a ransomware negotiator when it's hit with the destructive malware. (Read more...) | Ransomware | ||
|
2022-09-26 13:00:00 | Windows 11 pulls ahead of Windows 10 in anti-phishing stakes (lien direct) | >Categories: NewsTags: Windows 11 Tags: Windows 10 Tags: phishing Tags: protection Tags: warning Tags: message Tags: Defender Smartscreen We take a look at a new set of security features for Windows 11, and see what Windows 10 can expect to miss out on. (Read more...) | |||
|
2022-09-26 12:00:00 | Twitter fixes bug that left devices logged in after password reset (lien direct) | >Categories: NewsCategories: PrivacyTwitter says it has fixed a bug that meant users weren't logged out of active sessions on all devices after manually resetting their passwords. (Read more...) | |||
|
2022-09-26 10:00:00 | Critical WhatsApp vulnerabilities patched: Check you\'ve updated! (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsTags: WhatsApp Tags: CVE-2022-36934 Tags: CVE-2022-27492 Two RCE vulnerabilities were patched in WhatsApp. Both vulnerabilities were video related and could be used to compromise your device. (Read more...) | |||
|
2022-09-23 18:00:00 | Malwarebytes recognized as endpoint security leader by G2 (lien direct) | >Categories: BusinessG2 has released their Fall 2022 reports, ranking Malwarebytes as the leader across a number of endpoint protection categories based on factual customer reviews. (Read more...) | Guideline | ||
|
2022-09-23 09:00:00 | A first look at the builder for LockBit 3.0 Black (lien direct) | >Categories: NewsCategories: RansomwareTags: LockBit Tags: builder Tags: leaked The LockBit gang's latest ransomware builder has been leaked, and we have a copy (Read more...) | Ransomware | ||
|
2022-09-22 13:15:00 | Medtronic\'s MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsMedtronic, an insulin pump company, notified its users of a potential risk of attack due to a flaw in its pump's communication protocol. (Read more...) | |||
|
2022-09-22 12:00:00 | Welcome to high tech hacking in 2022: Annoying users until they say "yes" (lien direct) | >Categories: NewsTags: MFA fatigue Tags: 2FA Tags: push notification Tags: security Tags: phishing Tags: attack Tags: burnout Tags: stress Tags: verify Cybercriminals' new tactic of simply boring victims into submission has had some surprising succcess. (Read more...) | |||
|
2022-09-22 12:00:00 | Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities (lien direct) | >Categories: Exploits and vulnerabilitiesCategories: NewsTags: CVE-2022-40959 Tags: CVE-2022-40960 Tags: CVE-2022-40962 Tags: CVE-2022-3033 Tags: Mozilla Tags: Firefox Tags: Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system. (Read more...) | |||
|
2022-09-22 11:45:00 | Morgan Stanley\'s years-long "extensive failure" to protect customer data ends in huge fine (lien direct) | >Categories: NewsCategories: PrivacyThe SEC has unearthed a long list of whoopsies by Morgan Stanley, all involving the mishandling of sensitive data when disposing of devices. (Read more...) |
To see everything:
Our RSS (filtrered)
