Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-01-14 16:13:42 |
Goodwill discloses data breach on its ShopGoodwill platform (lien direct) |
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. [...] |
Data Breach
|
|
|
|
2022-01-14 15:22:52 |
Former DHS official charged with stealing govt employees\' PII (lien direct) |
A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information. [...] |
Guideline
|
|
|
|
2022-01-14 14:04:10 |
(Déjà vu) White House reminds tech giants open source is a national security issue (lien direct) |
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks. [...] |
Threat
|
|
|
|
2022-01-14 13:35:13 |
Researchers develop CAPTCHA solver to aid dark web research (lien direct) |
A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. [...] |
|
|
|
|
2022-01-14 12:33:39 |
Defense contractor Hensoldt confirms Lorenz ransomware attack (lien direct) |
Hensoldt, a multinational defense contractor headquartered in Germany, has confirmed that some of its UK subsidiary's systems were compromised in a ransomware attack. [...] |
Ransomware
|
|
|
|
2022-01-14 11:46:42 |
New Intel chips won\'t play Blu-ray disks due to SGX deprecation (lien direct) |
Intel has removed support for SGX (software guard extension) in 12th Generation Intel Core 11000 and 12000 processors, rendering modern PCs unable to playback Blu-ray disks in 4K resolution. [...] |
|
|
★★★★★
|
|
2022-01-14 11:11:14 |
Multiple Ukrainian government websites hacked and defaced (lien direct) |
At least 15 websites belonging to various Ukrainian public institutions were compromised, defaced, and subsequently taken offline. [...] |
|
|
|
|
2022-01-14 08:51:17 |
(Déjà vu) Russia arrests REvil ransomware gang members, seize $6.6 million (lien direct) |
The Federal Security Service (FSB) of the Russian Federation has announced today that they shut down the REvil ransomware gang after U.S. authorities reported on the leader. [...] |
Ransomware
Guideline
|
|
|
|
2022-01-14 08:51:17 |
Russian government arrests REvil ransomware gang members (lien direct) |
The Federal Security Service (FSB) of the Russian Federation has announced today that they shut down the REvil ransomware gang after U.S. authorities reported on the leader. [...] |
Ransomware
Guideline
|
|
|
|
2022-01-13 16:56:28 |
Android users can now disable 2G to block Stingray attacks (lien direct) |
Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators. [...] |
|
|
|
|
2022-01-13 16:39:48 |
FCC wants new data breach reporting rules for telecom carriers (lien direct) |
The Federal Communications Commission (FCC) has proposed more rigorous data breach reporting requirements for telecom carriers in response to breaches that recently hit the telecommunications industry. [...] |
Data Breach
|
|
|
|
2022-01-13 15:14:32 |
BlueNoroff hackers steal crypto using fake MetaMask extension (lien direct) |
The North Korean threat actor group known as 'BlueNoroff' has been spotted targeting cryptocurrency startups with malicious documents and fake MetaMask browser extensions. [...] |
Threat
|
|
|
|
2022-01-13 15:04:55 |
AWS fixes security flaws that exposed AWS customer data (lien direct) |
Amazon Web Services (AWS) has addressed an AWS Glue security issue that allowed attackers to access and alter data linked to other AWS customer accounts. [...] |
|
|
|
|
2022-01-13 13:35:33 |
Microsoft pulls new Windows Server updates due to critical bugs (lien direct) |
Microsoft has pulled the January Windows Server cumulative updates after critical bugs caused domain controllers to reboot, Hyper-V to not work, and ReFS volume systems to become unavailable. [...] |
|
|
|
|
2022-01-13 13:08:36 |
Microsoft Defender weakness lets hackers bypass malware detection (lien direct) |
Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. [...] |
Malware
Threat
|
|
|
|
2022-01-13 12:31:13 |
Windows \'RemotePotato0\' zero-day gets an unofficial patch (lien direct) |
A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "won't fix." [...] |
Vulnerability
|
|
|
|
2022-01-13 11:21:53 |
Carding site UniCC retires after generating $358 million in sales (lien direct) |
UniCC, the largest carding site operating on the dark web at the moment, has announced its retirement, claiming reasons of tiredness. [...] |
|
|
|
|
2022-01-13 07:47:19 |
Ukranian police arrests ransomware gang that hit over 50 firms (lien direct) |
Ukrainian police officers have arrested a ransomware affiliate group responsible for attacking at least 50 companies in the U.S. and Europe. [...] |
Ransomware
|
|
|
|
2022-01-12 16:45:03 |
Apple fixes doorLock bug that can disable iPhones and iPads (lien direct) |
Apple has released security updates to address a persistent denial of service (DoS) dubbed doorLock that would altogether disable iPhones and iPads running HomeKit on iOS 14.7 and later. [...] |
|
|
|
|
2022-01-12 15:27:30 |
US links MuddyWater hacking group to Iranian intelligence agency (lien direct) |
US Cyber Command (USCYBERCOM) has officially linked the Iranian-backed MuddyWatter hacking group to Iran's Ministry of Intelligence and Security (MOIS). [...] |
|
|
|
|
2022-01-12 14:53:07 |
New Windows Server updates cause DC boot loops, break Hyper-V (lien direct) |
The latest Windows Server updates are causing severe issues for administrators, with domain controllers having spontaneous reboots, Hyper-V not starting, and inaccessible ReFS volumes until the updates are rolled back [...] |
|
|
|
|
2022-01-12 14:32:07 |
Microsoft adds macOS-like hardware indicators to Windows 11 (lien direct) |
Microsoft is now rolling out redesigned hardware indicator flyouts (uncannily similar to macOS and iOS ones) that align with Windows 11's design to all Windows Insiders in the Dev Channel. [...] |
|
|
|
|
2022-01-12 13:38:11 |
UK jails man for spying on teenagers, stealing photos using RATs (lien direct) |
A Nottingham man was imprisoned this week for more than two years after hacking the computers and phones of dozens of victims, some of them underage, and spying on them using remote access trojans (RATs). [...] |
|
|
|
|
2022-01-12 12:53:27 |
Magniber ransomware using signed APPX files to infect systems (lien direct) |
The Magniber ransomware has been spotted using Windows application package files (.APPX) signed with valid certificates to drop malware pretending to be Chrome and Edge web browser updates. [...] |
Ransomware
Malware
|
|
|
|
2022-01-12 11:36:26 |
TellYouThePass ransomware returns as a cross-platform Golang threat (lien direct) |
TellYouThePass ransomware has re-emerged as a Golang-compiled malware, making it easier to target major platforms beyond Windows, like macOS and Linux. [...] |
Ransomware
Threat
|
|
|
|
2022-01-12 10:40:38 |
New Windows KB5009543, KB5009566 updates break L2TP VPN connections (lien direct) |
Windows 10 users and administrators report problems making L2TP VPN connections after installing the recent Windows 10 KB5009543 and Windows 11 KB5009566 cumulative updates. [...] |
|
|
|
|
2022-01-12 10:20:43 |
OceanLotus hackers turn to web archive files to deploy backdoors (lien direct) |
Vietnamese hackers of the APT32 group (Ocean Lotus) are now using Web Archive files (.mht and .mhtml) to deploy backdoors on their targets. [...] |
|
APT 32
|
|
|
2022-01-12 04:43:13 |
EA: 50 high-profile FIFA 22 accounts taken over by phishing actors (lien direct) |
Electronic Arts (EA) has published an official response to numerous reports about hacked player accounts, confirming the problem and attributing it to phishing actors. [...] |
|
|
|
|
2022-01-12 03:35:06 |
Hackers take over diplomat\'s email, target Russian deputy minister (lien direct) |
Hackers believed to work for the North Korean government have compromised the email account of a staff member of Russia's Ministry of Foreign Affairs (MID) and deployed spear-phishing attacks against the country's diplomats in other regions. [...] |
|
|
|
|
2022-01-11 18:17:45 |
State hackers use new PowerShell backdoor in Log4j attacks (lien direct) |
Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. [...] |
Conference
|
APT 35
|
|
|
2022-01-11 17:02:44 |
(Déjà vu) Microsoft: New critical Windows HTTP vulnerability is wormable (lien direct) |
Microsoft has patched a critical flaw tagged as wormable and found to impact the latest desktop and server Windows versions, including Windows 11 and Windows Server 2022. [...] |
Vulnerability
|
|
|
|
2022-01-11 17:02:44 |
Microsoft: Critical Windows HTTP vulnerability is wormable (lien direct) |
Microsoft has patched a critical flaw tagged as wormable and found to impact the latest desktop and server Windows versions, including Windows 11 and Windows Server 2022. [...] |
Vulnerability
|
|
|
|
2022-01-11 15:42:37 |
Firefox Focus now blocks cross-site tracking on Android devices (lien direct) |
Mozilla's Firefox Focus web browser can now protect Android users against cross-site tracking while browsing the Internet by preventing cookies from being used for advertising and monitoring your activity. [...] |
|
|
|
|
2022-01-11 15:05:22 |
CISA alerts federal agencies of ancient bugs still being exploited (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of known exploited vulnerabilities with 15 new security issues that serve as a frequent attack vector against federal enterprises. [...] |
|
|
|
|
2022-01-11 14:41:01 |
(Déjà vu) Windows 10 KB5009543 & KB5009545 updates released (lien direct) |
The new update is now available for Windows 10 version 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5009543 and KB5009545. [...] |
|
|
|
|
2022-01-11 14:33:19 |
Microsoft fixes critical Office bug, delays macOS security updates (lien direct) |
During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems. [...] |
Vulnerability
|
|
|
|
2022-01-11 14:28:14 |
Windows 11 KB5009566 update released with security fixes (lien direct) |
Microsoft has released the Windows 11 KB5009566 cumulative update with security updates, performance improvements, and fixes for known bugs. [...] |
|
|
|
|
2022-01-11 13:31:10 |
(Déjà vu) Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws (lien direct) |
Today is Microsoft's January 2022 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 97 flaws. [...] |
|
|
|
|
2022-01-11 12:39:53 |
New RedLine malware version spread as fake Omicron stat counter (lien direct) |
A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure. [...] |
Malware
|
|
|
|
2022-01-11 11:03:38 |
US govt warns of Russian hackers targeting critical infrastructure (lien direct) |
The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors, orchestrated by Russian-backed hacking groups. [...] |
|
|
|
|
2022-01-11 10:04:33 |
(Déjà vu) New SysJoker backdoor targets Windows, macOS, and Linux (lien direct) |
A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] |
Malware
|
|
|
|
2022-01-11 10:04:33 |
New SysJocker backdoor targets Windows, macOS, and Linux (lien direct) |
A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] |
Malware
|
|
|
|
2022-01-11 07:00:00 |
KCodes NetUSB bug exposes millions of routers to RCE attacks (lien direct) |
A high-severity remote code execution flaw tracked as CVE-2021-45388 has been discovered in the KCodes NetUSB kernel module, used by millions of router devices from various vendors. [...] |
|
|
|
|
2022-01-11 06:24:43 |
Night Sky ransomware uses Log4j bug to hack VMware Horizon servers (lien direct) |
The Night Sky ransomware gang has started to exploit the critical CVE-2021-4422 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems. [...] |
Ransomware
Hack
Vulnerability
|
|
|
|
2022-01-10 18:32:32 |
FinalSite: No school data stolen in ransomware attack behind site outages (lien direct) |
FinalSite announced today the findings of a six-day investigation into last week's ransomware attack, stating it found no evidence schools' data accessed or stolen by hackers. [...] |
Ransomware
|
|
|
|
2022-01-10 16:53:29 |
Extortion DDoS attacks grow stronger and more common (lien direct) |
The end of 2021 saw a rise in the number of distributed denial-of-service incidents that came with a ransom demand from the attackers to stop the assault. [...] |
|
|
|
|
2022-01-10 16:09:01 |
Linux version of AvosLocker ransomware targets VMware ESXi servers (lien direct) |
AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...] |
Ransomware
Malware
|
|
|
|
2022-01-10 13:43:47 |
Oops: Cyberspies infect themselves with their own malware (lien direct) |
After infecting themselves with their own custom remote access trojan (RAT), an Indian-linked cyber-espionage group has accidentally exposed its operations to security researchers. [...] |
Malware
|
|
|
|
2022-01-10 12:39:58 |
Microsoft: powerdir bug gives access to protected macOS user data (lien direct) |
Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology to access users' protected data. [...] |
Vulnerability
Threat
|
|
|
|
2022-01-10 11:43:41 |
Linux Mint 20.3 released promising security updates until 2025 (lien direct) |
Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. [...] |
|
|
|