What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-10 08:58:13 | Chrome to block tab-nabbing attacks (lien direct) | Firefox and Safari are already blocking these types of web attacks | |||
|
2020-11-10 06:00:04 | New \'Ghimob\' malware can spy on 153 Android mobile applications (lien direct) | New Ghimob Android trojan rises and evolves from Brazil to spread internationally. | Malware | ||
|
2020-11-09 23:18:13 | (Déjà vu) Npm package caught stealing sensitive Discord and browser files (lien direct) | Malicious code was found hidden inside a JavaScript library named Discord.dll. | |||
|
2020-11-09 20:59:00 | Bug hunter wins \'Researcher of the Month\' award for DOD account takeover bug (lien direct) | Severe bug would have allowed hackers to hijack DOD accounts just by modifying a few parameters in web requests sent to DOD servers. | |||
|
2020-11-09 19:13:40 | Zoom settles FTC charges for misleading users about security features (lien direct) | The FTC accused Zoom of misrepresenting how its call encryption features worked. | |||
|
2020-11-09 12:49:00 | Compal, the second-largest laptop manufacturer in the world, hit by ransomware (lien direct) | Compal factories build laptops for Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu. | Ransomware | ||
|
2020-11-09 06:00:02 | Ransomware hits e-commerce platform X-Cart (lien direct) | Company says it has now recovered from the attack and all customer sites are now back up. | Ransomware | ||
|
2020-11-08 16:25:12 | Windows 10, iOS, Chrome, and many others fall at China\'s top hacking contest (lien direct) | Winning hacker team pockets $744,500 at the Tianfu Cup, China's top hacking contest. | |||
|
2020-11-08 11:52:00 | Yahoo Mail discontinues automatic email forwarding for free users (lien direct) | Automatic email forwarding to be discontinued on January 1, 2021. Existing users told to get a Pro account. | Yahoo | ||
|
2020-11-07 08:00:03 | FBI: Hackers stole source code from US government agencies and private companies (lien direct) | FBI blames intrusions on improperly configured SonarQube source code management tools. | |||
|
2020-11-06 17:00:00 | Linux version of RansomEXX ransomware discovered (lien direct) | This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions. | Ransomware | ||
|
2020-11-06 12:42:03 | Israeli companies targeted with new Pay2Key ransomware (lien direct) | Security firm Check Point reports what appears to be a targeted attack against Israeli companies. | Ransomware | ||
|
2020-11-06 06:00:03 | Ransomware gangs that steal your data don\'t always delete it (lien direct) | Coveware: Half of the Q3 2020 ransomware investigations involved data exfiltration, with cases doubling from the previous quarter. | Ransomware | ||
|
2020-11-05 19:42:18 | Apple fixes three iOS zero-days exploited in the wild (lien direct) | Apple has patched the three zero-days with today's release of iOS 14.2. | |||
|
2020-11-05 17:20:09 | Italian beverage vendor Campari knocked offline after ransomware attack (lien direct) | Campari has refused to engage with the ransomware gang and is restoring systems. | Ransomware | ||
|
2020-11-05 14:06:00 | GitHub denies getting hacked (lien direct) | Someone attached a copy of the GitHub Enterprise Server source code to GitHub's DMCA section, but the GitHub CEO said they mistakenly leaked that code months ago. | |||
|
2020-11-05 10:46:53 | New APT hacking group leverages \'KilllSomeOne\' DLL side-loading (lien direct) | A new entry into the APT scene has peppered its malware with political messages. | Malware | ||
|
2020-11-05 09:21:31 | US, Brazilian law enforcement seize $24 million in cryptocurrency generated through online fraud (lien direct) | Suspects involved in the scheme are being accused of defrauding investors of over $200 million. | |||
|
2020-11-05 08:33:41 | Capcom quietly discloses cyberattack impacting email, file servers (lien direct) | The attack forced Capcom to temporarily pull services to stop the attack from spreading. | |||
|
2020-11-05 07:35:29 | Company that runs US illegal immigration detention centers discloses ransomware attack (lien direct) | Data for inmates and employees at three centers in California, Florida, and Pennsylvania was exposed in a ransomware attack on August 19. | Ransomware | ||
|
2020-11-04 17:50:03 | Russian authorities make rare arrest of malware author (lien direct) | Malware dev made the grave error of deploying his malware inside Russia's borders. | Malware | ||
|
2020-11-04 12:25:51 | As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor (lien direct) | The ransomware's 'retirement' has left a hole that Egregor operators may capitalize on. | Ransomware | ||
|
2020-11-04 11:22:48 | Police launch pilot program to tap resident Ring camera live streams (lien direct) | The small trial could herald a wider rollout with participating residents in the future. | |||
|
2020-11-04 10:12:33 | 23,600 hacked databases have leaked from a defunct \'data breach index\' site (lien direct) | Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September. | |||
|
2020-11-04 01:22:14 | Toy maker Mattel discloses ransomware attack (lien direct) | Mattel said the ransomware attack had "no material impact to [its] operations or financial condition." | Ransomware | ||
|
2020-11-04 00:30:00 | REvil ransomware gang \'acquires\' KPOT malware (lien direct) | Ransomware gang who claims to have earned $100 million buys the source code of the KPOT information stealer trojan for $6,500. | Ransomware Malware | ||
|
2020-11-03 21:42:00 | US voters targeted with robocalls telling them to stay home or vote tomorrow (lien direct) | Robocalls have been reported in Florida, Georgia, Iowa, Kansas, Michigan, Nebraska, New York, New Hampshire, and North Carolina. | |||
|
2020-11-03 18:24:54 | After two zero-days in Chrome desktop, Google patches a third zero-day in the Android version (lien direct) | Android smartphone users are advised to update Chrome to version 86.0.4240.185 or later. | |||
|
2020-11-03 17:01:52 | Configuration snafu exposes passwords for two million marijuana growers (lien direct) | Passwords for GrowDiaries users were stored using the weak MD5 hashing function, putting customer accounts at risk of attacks. | |||
|
2020-11-03 10:17:28 | FireEye releases ThreatPursuit, a Windows VM for threat intel analysts (lien direct) | ThreatPursuit VM comes packed with more than 50 tools threat intelligence analysts use to hunt adversaries. | Threat | ||
|
2020-11-03 09:41:56 | Russian hacker jailed over botnet data scraping scheme that drained victim bank accounts (lien direct) | Prosecutors estimate the scheme has caused financial losses of at least $100 million. | |||
|
2020-11-03 06:00:04 | Oracle publishes rare out-of-band security update for WebLogic servers (lien direct) | Oracle releases additional fix to patch a bug for the second time after the publication of proof-of-concept exploit code. | |||
|
2020-11-03 00:40:58 | Adobe hires new CSO in Mark Adams to guide the company in its post-Flash era (lien direct) | Adams served as CSO for Blizzard Entertainment for four years before joining Adobe today. | |||
|
2020-11-02 22:34:56 | Google patches second Chrome zero-day in two weeks (lien direct) | Google Chrome 86.0.4240.183 available for download. Patches 10 security bugs, including an actively-exploited zero-day. | |||
|
2020-11-02 21:48:06 | Hacker group uses Solaris zero-day to breach corporate networks (lien direct) | The zero-day appears to have been bought off a black-market website for $3,000. | |||
|
2020-11-02 20:01:47 | Malicious npm package opens backdoors on programmers\' computers (lien direct) | JavaScript library posing as a Twilio-related library opens backdoors to let attackers access infected workstations. | |||
|
2020-11-02 08:31:26 | Marriott fined £18.4 million by UK watchdog over customer data breach (lien direct) | The fine has been slashed from over £99 million originally proposed In light of the pandemic. | Data Breach | ||
|
2020-11-02 06:00:03 | CERT/CC launches Twitter bot to give security bugs random names (lien direct) | CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users. | Vulnerability | ★★★★ | |
|
2020-11-01 11:36:20 | US Cyber Command exposes new Russian malware (lien direct) | Together with CISA and the FBI, US Cyber Command wish Russian state hackers a "Happy Halloween!" | Malware | ||
|
2020-10-31 16:30:02 | Chrome will soon have its own dedicated certificate root store (lien direct) | Currently, Chrome uses the certificate root store part of each operating system. Google plans to manage its own list of "approved" certificates from now on, similar to Firefox. | |||
|
2020-10-30 18:29:00 | Google discloses Windows zero-day exploited in the wild (lien direct) | Windows zero-day (not yet patched) is used as part of an exploit chain that also includes a Chrome zero-day (already patched). | |||
|
2020-10-29 11:05:05 | McAfee debuts remote browser isolation solution, XDR platform (lien direct) | The company's new offerings are designed with real-time protection and incident management in mind. | |||
|
2020-10-26 22:27:31 | Hacker steals $24 million from cryptocurrency service \'Harvest Finance\' (lien direct) | Hacker returned $2.5 million while Harvest Finance authors put out a $100,000 reward for anyone who can return the rest of the funds. | |||
|
2020-10-26 18:51:57 | Adware found in 21 Android apps with more than 7 million downloads (lien direct) | Six of the 21 apps are still available on the Google Play Store. | |||
|
2020-10-26 15:42:49 | Over 100 irrigation systems left exposed online without a password (lien direct) | More than half of the exposed systems are located inside Israel. | |||
|
2020-10-26 11:54:30 | The rise of the social bandits: How politics, injustice shapes how we view hacktivism (lien direct) | If they don't listen to us, do they deserve it? | |||
|
2020-10-26 09:09:22 | KashmirBlack botnet behind attacks on CMSs like WordPress, Joomla, Drupal, others (lien direct) | New KashmirBlack botnet is believed to have infected hundreds of thousands of websites since November 2019. | |||
|
2020-10-23 18:31:26 | Apple notarizes six malicious apps posing as Flash installers (lien direct) | Apple notarization process bypassed for the second time in six weeks. | |||
|
2020-10-23 15:04:27 | Phishing groups are collecting user data, email and banking passwords via fake voter registration forms (lien direct) | With the election window closing, phishing groups are striking the iron while it's hot. | |||
|
2020-10-23 11:52:36 | Nvidia tackles code execution flaws, data leaks in GeForce Experience (lien direct) | The worst of the bugs is an uncontrolled search path issue with severe, exploitable consequences. |
To see everything:
Our RSS (filtrered)
