What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-17 01:37:05 | Chase bank accidentally leaked customer info to other customers (lien direct) | Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers. [...] | |||
|
2021-08-16 19:06:36 | Hive ransomware attacks Memorial Health System, steals patient data (lien direct) | In what appears to be an attack from the Hive ransomware gang, computers of the non-profit Memorial Health System have been encrypted, forcing staff to work with paper charts. [...] | Ransomware | ||
|
2021-08-16 15:52:44 | T-Mobile confirms servers were hacked, investigates data breach (lien direct) | T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen. [...] | Data Breach Threat | ||
|
2021-08-16 15:38:27 | Malware dev infects own PC and data ends up on intel platform (lien direct) | A malware developer unleashed their creation on their system to try out new features and the data ended up on a cybercrime intelligence platform, exposing a glimpse of the cybercriminal endeavor. [...] | Malware | ||
|
2021-08-16 15:23:21 | Education giant Pearson fined $1M for downplaying data breach (lien direct) | The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019. [...] | Data Breach | ||
|
2021-08-16 12:55:11 | Secret terrorist watchlist with 2 million records exposed online (lien direct) | A secret terrorist watchlist with 1.9 million records, including "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. [...] | |||
|
2021-08-16 11:27:17 | SIM swap scammer pleads guilty to Instagram account hijacks, crypto theft (lien direct) | Declan Harrington, a Massachusetts man charged two years ago for his alleged involvement in a series of SIM swapping attacks, pleaded guilty to stealing cryptocurrency from multiple victims and hijacking the Instagram account of others. [...] | Guideline | ||
|
2021-08-16 09:06:46 | Hackers behind Iranian wiper attacks linked to Syrian breaches (lien direct) | Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [...] | Malware Threat | ||
|
2021-08-16 07:23:27 | Colonial Pipeline reports data breach after May ransomware attack (lien direct) | Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [...] | Ransomware Data Breach | ||
|
2021-08-15 18:27:28 | Hacker claims to steal data of 100 million T-mobile customers (lien direct) | A threat actor claims to have hacked T-Mobile's servers and stolen databases containing the personal data of approximately 100 million customers. [...] | Threat | ★★★ | |
|
2021-08-15 10:21:42 | EasyWSL turns Linux docker images into a Windows 10 WSL distro (lien direct) | If you can't find your favorite Windows Subsystem for Linux distribution available in the Microsoft Store, a new program called EasyWSL can convert almost any Linux Docker image into a WSL distro. [...] | |||
|
2021-08-15 09:15:00 | Ford bug exposed customer and employee records from internal systems (lien direct) | A bug on Ford's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega customer engagement system running on Ford's servers. [...] | |||
|
2021-08-14 10:00:00 | US brokers warned of ongoing phishing attacks impersonating FINRA (lien direct) | The US Financial Industry Regulatory Authority (FINRA) warns US brokerage firms and brokers of an ongoing phishing campaign impersonating FINRA officials and asking them to hand over sensitive information under the threat of penalties. [...] | Threat | ★★★ | |
|
2021-08-13 16:20:00 | Facebook rolls out end-to-end encryption for Messenger calls (lien direct) | Facebook has announced the roll-out of end-to-end encrypted Messenger voice and video calls five years after making it available in one-on-one text chats. [...] | |||
|
2021-08-13 16:00:51 | The Week in Ransomware - August 13th 2021 - The rise of LockBit (lien direct) | This week we saw an existing operation rise in attacks while existing ransomware operations turn to Windows vulnerabilities to elevate their privileges. [...] | Ransomware | ||
|
2021-08-13 15:04:03 | Emails from Lithuanian Ministry of Foreign Affairs for sale on data-trading forum (lien direct) | The Lithuanian Ministry of Foreign Affairs has declined to comment about the authenticity of email files allegedly stolen from its network and offered for sale on a data-trading forum.Lith [...] | |||
|
2021-08-13 14:24:07 | Windows 365 exposes Microsoft Azure credentials in plaintext (lien direct) | A security researcher has figured out a way to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new Windows 365 Cloud PC service using Mimikatz. [...] | |||
|
2021-08-13 14:02:01 | Microsoft Teams will alert users of incoming spam calls (lien direct) | Microsoft is working on adding a spam call notification feature to the Microsoft 365 Teams collaboration platform. [...] | Spam | ★★★ | |
|
2021-08-13 11:20:23 | SynAck ransomware releases decryption keys after El_Cometa rebrand (lien direct) | The SynAck ransomware gang released the master decryption keys for their operation after rebranding as the new El_Cometa group. [...] | Ransomware | ||
|
2021-08-13 10:18:51 | Bugs in gym management software let hackers wipe fitness history (lien direct) | Security researchers found vulnerabilities in the Wodify fitness platform that allows an attacker to view and modify user workouts from any of the more than 5,000 gyms that use the solution worldwide. [...] | |||
|
2021-08-13 05:42:22 | Vice Society ransomware joins ongoing PrintNightmare attacks (lien direct) | The Vice Society ransomware gang is now also actively exploiting Windows print spooler PrintNightmare vulnerability for lateral movement through their victims' networks. [...] | Ransomware Vulnerability | ||
|
2021-08-12 18:10:33 | GitHub deprecates account passwords for authenticating Git operations (lien direct) | GitHub has announced today that account passwords will no longer be accepted for authenticating Git operations starting tomorrow. [...] | |||
|
2021-08-12 17:24:22 | (Déjà vu) Microsoft Exchange servers are getting hacked via ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-12 17:24:22 | Hackers now backdoor Microsoft Exchange using ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-12 14:14:26 | Microsoft: Evasive Office 365 phishing campaign active since July 2020 (lien direct) | Microsoft says that a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020. [...] | |||
|
2021-08-12 13:51:56 | Windows 11 gets new versions of Snipping Tool, Mail, and Calculator (lien direct) | Microsoft is rolling out its first Windows 11 app updates with new versions of the Calculator, Mail and Calendar, and the Snipping Tool apps. [...] | Tool | ||
|
2021-08-12 13:07:54 | Notorious AlphaBay darknet market comes back to life (lien direct) | The AlphaBay darkweb market has come back to life after an administrator of the original project relaunched it over the weekend. [...] | |||
|
2021-08-12 12:16:47 | Ukraine shuts down money laundering cryptocurrency exchanges (lien direct) | The Security Service of Ukraine (SBU) took down a network of cryptocurrency exchanges used to anonymize transactions since the beginning of 2021. [...] | |||
|
2021-08-12 05:03:11 | Ransomware gang uses PrintNightmare to breach Windows servers (lien direct) | Ransomware operators have added PrintNightmare exploits to their arsenal and are targeting Windows servers to deploy Magniber ransomware payloads. [...] | Ransomware | ||
|
2021-08-11 18:10:25 | Microsoft confirms another Windows print spooler zero-day bug (lien direct) | Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer. [...] | Vulnerability | ||
|
2021-08-11 17:21:22 | (Déjà vu) Hacker behind biggest ever cryptocurrency heist returns stolen funds (lien direct) | The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. [...] | Threat | ||
|
2021-08-11 17:21:22 | Hacker behind biggest cryptocurrency heist ever returns stolen funds (lien direct) | The threat actor who hacked Poly Network's cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. [...] | Threat | ||
|
2021-08-11 12:22:06 | Accenture confirms hack after LockBit ransomware data leak threats (lien direct) | Accenture, a global IT consultancy giant has likely been hit by a ransomware cyberattack. The ransomware group LockBit is threatening to publish data on its leak site within hours, as seen by BleepingComputer. [...] | Ransomware Hack | ||
|
2021-08-11 09:00:00 | New AdLoad malware variant slips through Apple\'s XProtect defenses (lien direct) | A new AdLoad malware variant is slipping through Apple's YARA signature-based XProtect built-in antivirus tech to infect Macs. [...] | Malware | ||
|
2021-08-11 02:01:21 | Kaseya\'s universal REvil decryption key leaked on a hacking forum (lien direct) | The universal decryption key for REvil's attack on Kaseya's customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key. [...] | |||
|
2021-08-10 18:30:13 | Microsoft revives deprecated RDCMan after fixing security flaw (lien direct) | Microsoft has revived the Remote Desktop Connection Manager (RDCMan) app that was deprecated last year due to an important severity information disclosure bug the company decided not to fix. [...] | |||
|
2021-08-10 17:08:46 | Adobe fixes critical preauth vulnerabilities in Magento (lien direct) | Adobe has released a large Patch Tuesday security update that fixes critical vulnerabilities in Magento and important bugs in Adobe Connect. [...] | |||
|
2021-08-10 15:45:12 | Crytek confirms Egregor ransomware attack, customer data theft (lien direct) | Game developer and publisher Crytek has confirmed that the Egregor ransomware gang breached its network in October 2020, encrypting systems and stealing files containing customers' personal info later leaked on the gang's dark web leak site. [...] | Ransomware | ||
|
2021-08-10 15:28:07 | Windows security update blocks PetitPotam NTLM relay attacks (lien direct) | Microsoft has released security updates that block the PetitPotam NTLM relay attack that allows a threat actor to take over a Windows domain. [...] | Threat | ||
|
2021-08-10 13:48:16 | Windows 10 KB5005033 & KB5005031 cumulative updates released (lien direct) | The August 2021 Patch Tuesday is out and Microsoft has published several new cumulative updates (KB5005033 & KB5005031) for recent versions of Windows 10. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update, and May 2020 Update. [...] | |||
|
2021-08-10 13:36:53 | Microsoft August 2021 Patch Tuesday fixes 3 zero-days, 44 flaws (lien direct) | Today is Microsoft's August 2021 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 44 flaws, so please be nice to your Windows admins as they scramble to installed patches. [...] | |||
|
2021-08-10 13:00:00 | Microsoft fixes Windows Print Spooler PrintNightmare vulnerability (lien direct) | Microsoft has fixed the PrintNightmare vulnerability in the Windows Print Spooler by requiring users to have administrative privileges when using the Point and Print feature to install printer drivers. [...] | Vulnerability | ||
|
2021-08-10 12:19:15 | Over $600 million reportedly stolen in cryptocurrency hack (lien direct) | Over $611 million have reportedly been stolen in one of the largest cryptocurrency hacks. Decentralized cross-chain protocol and network, Poly Network announced today that it was attacked with cryptocurrency assets having successfully been transferred into the attackers' wallets. [...] | Hack | ||
|
2021-08-10 09:54:10 | Firefox adds enhanced cookie clearing, HTTPS by default in private browsing (lien direct) | Mozilla says that, starting in Firefox 91 released today, users will be able to fully erase the browser history for all visited websites which prevents privacy violations due to "sneaky third-party cookies sticking around." [...] | |||
|
2021-08-10 08:10:35 | eCh0raix ransomware now targets both QNAP and Synology NAS devices (lien direct) | A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices. [...] | Ransomware | ||
|
2021-08-09 18:19:37 | One million stolen credit cards leaked to promote carding market (lien direct) | A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums. [...] | Threat | ||
|
2021-08-09 17:43:03 | FlyTrap malware hijacks thousands of Facebook accounts (lien direct) | A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. [...] | Malware Threat | ||
|
2021-08-09 17:22:46 | Microsoft adds Fusion ransomware attack detection to Azure Sentinel (lien direct) | Microsoft says that the Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform is now able to detect potential ransomware activity using the Fusion machine learning model. [...] | Ransomware | ||
|
2021-08-09 15:23:25 | Mozilla tests if \'Firefox/100.0\' user agent breaks websites (lien direct) | Mozilla has launched an experiment where they change the Firefox browser user agent to a three-digit "Firefox/100.0" version to see if it will break websites. [...] | |||
|
2021-08-09 14:25:53 | Google drops Bluetooth Titan Security Keys in favor of NFC versions (lien direct) | Google is discontinuing the Bluetooth Titan Security Key to focus on security keys with Near Field Communication (NFC) functionality. [...] |
To see everything:
Our RSS (filtrered)
