Information Security newsfeed from around the world in English and French. Find it all in one place… here.
Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on […]
Continue ReadingFormer CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group – and have been hired by SolarWinds. Source: Threatpost.com
Continue ReadingResearcher uses an old unCAPTCHA trick against latest the audio version of reCAPTCHA, with a 97 percent success rate. Source: Threatpost.com
Continue ReadingSeveral Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt to ‘choke off’ its business. Source: Threatpost.com
Continue ReadingAn attacker stole FireEye’s Red Team assessment tools that the company uses to test its customers’ security. Source: Threatpost.com
Continue ReadingSpotify pages for Dua Lipa, Lana Del Rey, Future and others were defaced by an attacker pledging his love for Taylor Swift and Trump. Source: Threatpost.com
Continue ReadingBelgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes. Source: Threatpost.com
Continue ReadingA critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. Source: Threatpost.com
Continue ReadingThree major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says. Source: Threatpost.com Nation-State Attackers Actively Target COVID-19 Vaccine-Makers
Continue ReadingThe North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website. Source: Threatpost.com Credential-Stuffing Attack Hits The North Face
Continue Reading