Safari, other mobile browsers affected by address bar spoofing flaws

Security researcher Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, which could allow attackers to trick users into sharing sensitive information through legitimate-looking phishing sites. “With ever growing sophistication of spear phishing attacks, exploitation of browser-based vulnerabilities such as address bar spoofing may exacerbate the success of spear phishing attacks and […]

Continue Reading

Bitcoin 'Mixer' Fined $60 Million

FinCEN: Helix and Coin Ninja Sites Violated Anti-Money Laundering LawsThe Treasury Department has fined the owner of two bitcoin “mixing” sites $60 million for violating anti-money laundering laws. It’s the first time the department’s Financial Crimes Enforcement Network has issued a civil monetary penalty against the operator of a cryptocurrency site. Source: Bank Info Security […]

Continue Reading

Tom Kellermann on the Price of Digital Transformation

Analysis of Latest Global Incident Response Threat ReportVMware Carbon Black is out with its latest Global Incident Response Threat Report, which describes “the perfect storm” for increasingly sophisticated attacks heading into 2021. Cybersecurity strategist Tom Kellermann discusses what that means – and how these trends should inform our defensive strategies. Source: Bank Info Security Tom […]

Continue Reading

Trickbot Rebounds After 'Takedown'

CrowdStrike: Botnet’s Activity Has Already Picked UpThe recent “takedown” of Trickbot by Microsoft and others had only a temporary effect; the botnet’s activity levels have already rebounded, according to Crowdstrike and other security firms. Source: Bank Info Security Trickbot Rebounds After 'Takedown'

Continue Reading

Étude : quelle est la perception des Français concernant la collecte et l’utilisation de leurs données personnelles ?

A la veille du lancement de la nouvelle version de l’application de « contact tracing » rebaptisée « Tous Anti-Covid », beaucoup continuent de se poser des questions quant à son utilité. En effet, lors de son lancement en juin dernier, l’application française « StopCovid » n’avait pas rencontré le succès escompté alors que les applications similaires avaient décollé dans les […]

Continue Reading

Lightning Network discloses "concerning" crypto vulnerabilities

The team behind Lightning Network have disclosed full details on multiple vulnerabilities that had been partially disclosed on October 9th, 2020. Attackers could have exploited these vulnerabilities to cause DoS and to disrupt crypto transactions by intercepting “smart contracts” made between two parties. […] Source: leepingcomputer.com Lightning Network discloses "concerning" crypto vulnerabilities

Continue Reading

Phishing & entreprise : Quels sont services les plus ciblés par les cyberattaquants ?

Les salariés des TPE/PME consultent fréquemment divers sites web et plateformes en ligne durant leur journée de travail, selon une étude Kaspersky. Ceux-ci incluent notamment YouTube, Facebook, les différents services de Google et WhatsApp – certaines de ces applications étant aussi les plus utilisées par les cyberattaquants comme un tremplin pour le phishing. The post […]

Continue Reading