Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-08-31 12:00:00 |
Cyberattackers are now quietly selling off their victim\'s internet bandwidth (lien direct) |
Proxyware is yet another way for criminals to generate revenue from their victims. |
|
|
|
|
2021-08-27 10:45:24 |
Parents of teens who stole $1 million in Bitcoin sued by alleged victim (lien direct) |
Clipboard malware was developed with the sole purpose of stealing cryptocurrency. |
Malware
|
|
|
|
2021-08-27 09:51:00 |
US charges HeadSpin ex-CEO over fake $1bn valuation scheme (lien direct) |
The SEC claims the startup's metrics were inflated. |
|
|
|
|
2021-08-26 16:34:56 |
Chinese developers expose data belonging to Android gamers (lien direct) |
In the end, Hong Kong CERT was contacted in an attempt to resolve the security issue. |
|
|
|
|
2021-08-25 13:00:16 |
IBM launches new SASE service to bolster zero-trust enterprise security (lien direct) |
The service is the result of a partnership with Zscaler. |
|
|
|
|
2021-08-25 09:09:49 |
Proofpoint awarded $13.5 million in IP theft lawsuit against Vade Secure (lien direct) |
The company claimed that Vade "willfully" misappropriated trade secrets. |
|
|
|
|
2021-08-10 18:12:00 |
Microsoft\'s August 2021 Patch Tuesday: 44 flaws fixed, seven critical including Print Spooler vulnerability (lien direct) |
The latest Patch Tuesday sees Microsoft release fixes for 44 different vulnerabilities, including the much-discussed Print Spooler flaw. |
Vulnerability
|
|
|
|
2021-08-09 17:42:00 |
How to find and remove spyware from your phone (lien direct) |
Surveillance isn't just the purview of nation-states and government agencies -- sometimes, it's closer to home. |
|
|
|
|
2021-08-06 11:21:30 |
Black Hat: BadAlloc bugs expose millions of IoT devices to hijack (lien direct) |
BadAlloc vulnerabilities impact millions of devices worldwide. |
|
|
|
|
2021-08-05 22:07:00 |
Black Hat: How cybersecurity incidents can become a legal minefield (lien direct) |
Facing a cyberattack? Pick up the phone and talk to legal help as well as incident response. |
|
|
|
|
2021-08-05 20:40:02 |
Black Hat: Enterprise players face \'one-two-punch\' extortion in ransomware attacks (lien direct) |
Intrusions have become even more costly to the enterprise due to double-extortion tactics. |
Ransomware
|
|
|
|
2021-08-05 10:27:59 |
There\'s been a rise in stalkerware. And the tech abuse problem goes beyond smartphones (lien direct) |
No matter how stalkerware is marketed, it is part of a wider problem: the use of technology in coercive control. |
|
|
|
|
2021-08-04 21:02:00 |
Black Hat: This is how a naive NSA staffer helped build an offensive UAE security branch (lien direct) |
If that job offer looks too good to be true, something else may be afoot. |
|
|
|
|
2021-08-04 18:52:00 |
Bob had a bad night: IoT mischief takes neighbourly revenge to the next level in a capsule hotel (lien direct) |
When you hand over control of capsule bedrooms to guests, you also offer them the means to troll others. |
|
|
|
|
2021-08-04 16:00:02 |
The Graph Foundation launches bug bounty program (lien direct) |
Bugs in scope include RCE and those leading to the loss of user funds. |
Guideline
|
|
|
|
2021-08-03 13:00:02 |
Raccoon stealer-as-a-service will now try to grab your cryptocurrency (lien direct) |
The malware has been upgraded to target even more financial information. |
Malware
|
|
★★★★★
|
|
2021-08-03 04:01:02 |
DeadRinger: Chinese APTs strike major telecommunications companies (lien direct) |
Previously unknown campaigns center around "Chinese state interests." |
|
|
|
|
2021-08-02 10:00:02 |
Ransomware operators love them: Key trends in the Initial Access Broker space (lien direct) |
In a threat actor's mind, take out the legwork, reap the proceeds of blackmail. |
Threat
|
|
|
|
2021-07-28 04:01:02 |
Enterprise data breach cost reached record high during COVID-19 pandemic (lien direct) |
IBM research estimates that the average data breach now costs upward of $4 million. |
Data Breach
|
|
|
|
2021-07-27 10:13:55 |
Malware developers turn to \'exotic\' programming languages to thwart researchers (lien direct) |
They are focused on exploiting pain points in code analysis and reverse-engineering. |
|
|
|
|
2021-07-26 11:49:00 |
Twitter handle swatter jailed after victim dies following home raid (lien direct) |
The 60-year-old victim's daughter believes he was "scared to death." |
|
|
|
|
2021-07-26 10:36:52 |
WhatsApp chief says government officials, US allies targeted by Pegasus spyware (lien direct) |
The officials were allegedly targeted in attacks dating back to 2019. |
|
|
|
|
2021-07-23 13:01:08 |
GitHub boosts supply chain security for Go modules (lien direct) |
Go is now one of the most popular programming languages on the platform. |
|
|
|
|
2021-07-21 10:00:01 |
$49 malware receives major upgrade to strike both Windows and macOS PCs (lien direct) |
The new family stems from Formbook, an old but prevalent malware strain. |
Malware
|
|
|
|
2021-07-21 09:13:33 |
Joker billing fraud malware found in Google Play Store (lien direct) |
The Android malware circumvented security controls by using short URL tricks. |
Malware
|
|
|
|
2021-07-20 11:00:02 |
HP patches vulnerable driver lurking in printers for 16 years (lien direct) |
Cyberattackers could exploit the bug to secure system-level privileges. |
|
|
|
|
2021-07-20 09:44:41 |
Microsoft heads to court to take on imposter, homoglyph domains (lien direct) |
Fake domains impersonating Microsoft are a thorn not only in the company's side but in that of its customers. |
|
|
|
|
2021-07-19 14:47:00 |
(Déjà vu) UK and White House blame China for Microsoft Exchange Server hack (lien direct) |
Updated: The UK government says the country is responsible for "systematic cyber sabotage." |
Hack
|
|
★★
|
|
2021-07-19 11:18:49 |
UK blames China for Microsoft Exchange Server hack (lien direct) |
The government says the country is responsible for "systematic cyber sabotage." |
Hack
|
|
|
|
2021-07-19 10:26:51 |
NSO Group\'s Pegasus spyware used against journalists, political activists worldwide: report (lien direct) |
A probe into the group suggests that its products are being used for purposes beyond criminal or terrorist investigations. |
|
|
|
|
2021-07-19 08:47:12 |
Facebook fights Biden claim that social media is \'killing people\' through anti-vax, COVID-19 misinformation spread (lien direct) |
Facebook says it is time to move past "finger pointing." |
|
|
|
|
2021-07-19 07:49:49 |
Swedish man sentenced for gold-backed cryptocurrency scam (lien direct) |
Prosecutors say that investors were defrauded out of over $16 million. |
|
|
|
|
2021-07-16 13:00:02 |
Artwork Archive cloud storage misconfiguration exposed user data, revenue records (lien direct) |
An unsecured bucket exposed PII and sales information. |
|
|
|
|
2021-07-16 11:01:02 |
Toddler mobile banking malware surges across Europe (lien direct) |
The Android malware is a new and persistent threat to European citizens and banks alike. |
Malware
Threat
|
|
|
|
2021-07-16 10:09:19 |
Chinese APT LuminousMoth abuses Zoom brand to target gov\'t agencies (lien direct) |
Fake Zoom apps are being spread to conduct cyber surveillance. |
|
|
|
|
2021-07-16 08:28:33 |
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks (lien direct) |
Updates released this week protect against two key zero-day vulnerabilities weaponized by customers. |
|
|
|
|
2021-07-14 12:02:58 |
Does cybercrime impact cryptocurrency prices? Researchers find out (lien direct) |
Memestocks can ramp up with hype: can crypto do the same due to criminality? |
|
|
|
|
2021-07-14 08:40:45 |
US charges Greek national for selling insider trading subscriptions in the Dark Web (lien direct) |
"TheBull" offered customers insider information, tips, and pre-release earnings. |
|
|
|
|
2021-07-14 08:30:39 |
Thousands of PS4s seized in Ukraine in illegal cryptocurrency mining sting (lien direct) |
The cryptocurrency farm was hidden in an old warehouse. |
|
|
|
|
2021-07-13 19:02:00 |
Amazon rolls out encryption for Ring doorbells (lien direct) |
Privacy advocates have been asking for Amazon to encrypt its popular Ring doorbells audio and video traffic, and Amazon is finally delivering it. |
|
|
|
|
2021-07-13 18:16:00 |
Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed (lien direct) |
Over 100 CVEs, many of which lead to RCE, have been tackled this month. |
Guideline
|
|
|
|
2021-07-13 11:22:55 |
Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs (lien direct) |
The security flaw allows attackers to obtain full control over a PLC. |
Vulnerability
|
|
★★★
|
|
2021-07-13 11:07:01 |
Google\'s Certificate Authority Service leaves preview, now generally available (lien direct) |
Google CAS was launched to handle the "growth in certificates in the digital world." |
|
|
|
|
2021-07-12 10:12:00 |
Cybercriminals troll Iran\'s leader, cause railway network \'chaos\' (lien direct) |
Train services were disrupted and the help desk number given was that of Iran's Supreme Leader. |
Guideline
|
|
|
|
2021-07-12 09:15:16 |
Kaseya issues patch for on-premise customers, SaaS rollout underway (lien direct) |
Support teams are working with clients to apply critical security fixes. |
|
|
|
|
2021-07-09 10:15:13 |
Scam artists exploit Kaseya security woes to deploy malware (lien direct) |
The company is being impersonated in the fallout of a recent ransomware attack. |
Ransomware
Malware
|
|
|
|
2021-07-09 09:10:36 |
Texas resident jailed for role in $2.2 million romance, business email scams (lien direct) |
The Nigerian national will spend over seven years behind bars. |
|
|
|
|
2021-07-08 14:00:04 |
Ransomware as a service: Negotiators are now in high demand (lien direct) |
RaaS groups are hiring negotiators whose primary role is to force victims to pay up. |
|
|
|
|
2021-07-08 13:00:04 |
Coursera API vulnerabilities disclosed by researchers (lien direct) |
Coursera took “prompt ownership” of the bugs, once reported. |
|
|
|
|
2021-07-08 09:39:32 |
170 Android cryptocurrency mining scam apps have stolen $350,000 from users (lien direct) |
Users are paying up in the belief they are mining cryptocurrency. In reality, they get nothing. |
|
|
|