Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-06-28 09:00:00 |
Messenger chatbots now used to steal Facebook accounts (lien direct) |
A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. [...] |
|
|
|
|
2022-06-28 06:39:23 |
Over 900,000 Kubernetes instances found exposed online (lien direct) |
Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. [...] |
|
Uber
|
|
|
2022-06-27 15:44:22 |
Bank of the West found debit card-stealing skimmers on ATMs (lien direct) |
The Bank of the West is warning customers that their debit card numbers and PINs have been stolen by skimmers installed on several of the bank's ATMs. [...] |
|
|
|
|
2022-06-27 14:30:15 |
Android malware \'Revive\' impersonates BBVA bank\'s 2FA app (lien direct) |
A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. [...] |
Malware
|
|
|
|
2022-06-27 14:00:18 |
(Déjà vu) US, Brazil seize 272 websites used to illegally download music (lien direct) |
The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] |
|
|
|
|
2022-06-27 14:00:18 |
US seizes websites used to illegally download and stream music (lien direct) |
The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] |
|
|
|
|
2022-06-27 12:40:00 |
Microsoft will fix Windows RRAS, VPN issues for all users in July (lien direct) |
Microsoft has finally confirmed Internet connectivity issues affecting servers with Routing and Remote Access Service (RRAS) enabled after installing Windows updates released as part of this month's Patch Tuesday. [...] |
|
|
|
|
2022-06-27 12:31:49 |
Vice Society claims ransomware attack on Med. University of Innsbruck (lien direct) |
The Vice Society ransomware gang has claimed responsibility for last week's cyberattack against the Medical University of Innsbruck, which caused severe IT service disruption and the alleged theft of data. [...] |
Ransomware
|
|
|
|
2022-06-27 11:39:17 |
Microsoft Exchange bug abused to hack building automation systems (lien direct) |
A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. [...] |
Hack
Threat
|
|
|
|
2022-06-27 11:09:44 |
LockBit 3.0 introduces the first ransomware bug bounty program (lien direct) |
The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. [...] |
Ransomware
|
|
|
|
2022-06-27 10:08:37 |
Microsoft: Recent Windows updates caused Edge freeze issues (lien direct) |
Microsoft says it addressed a known issue that was causing all Microsoft Edge tabs running IE mode to stop responding if one of the opened sites displayed a modal dialog box after issuing a window.focus call. [...] |
|
|
|
|
2022-06-26 12:04:08 |
LGBTQ+ community warned of extortionists abusing dating apps (lien direct) |
The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld. [...] |
|
|
|
|
2022-06-26 11:05:10 |
Fake copyright infringement emails install LockBit ransomware (lien direct) |
LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. [...] |
Ransomware
Malware
|
|
|
|
2022-06-26 10:12:06 |
Clever phishing method bypasses MFA using Microsoft WebView2 apps (lien direct) |
A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...] |
Threat
|
|
|
|
2022-06-26 09:14:28 |
NetSec Goggle shows search results only from cybersecurity sites (lien direct) |
A new Brave Search Goggle modifies Brave Search results to only show reputable cybersecurity sites, making it easier to search for and find security information. [...] |
|
|
|
|
2022-06-25 11:32:26 |
(Déjà vu) PyPi python packages caught sending stolen AWS keys to unsecured sites (lien direct) |
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...] |
|
|
|
|
2022-06-25 11:32:26 |
PyPi packages caught sending stolen AWS keys to unsecured sites (lien direct) |
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...] |
|
|
|
|
2022-06-25 10:06:00 |
Microsoft: Exchange Server 2013 reaches end of support in 9 months (lien direct) |
Microsoft has reminded customers that the Exchange Server 2013 mail and calendaring platform will reach its extended end-of-support date roughly nine months from now, on April 11, 2021. [...] |
|
|
|
|
2022-06-25 09:12:06 |
Automotive fabric supplier TB Kawashima announces cyberattack (lien direct) |
TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack. [...] |
|
|
|
|
2022-06-24 18:20:35 |
The Week in Ransomware - June 24th 2022 - Splinter Cells (lien direct) |
The Conti ransomware gang has finally ended their charade and turned off their Tor data leak and negotiation sites, effectively shutting down the operation. [...] |
Ransomware
|
|
★★★★★
|
|
2022-06-24 16:28:35 |
Russia fines Google for spreading \'unreliable\' info defaming its army (lien direct) |
Roskomnadzor, Russia's telecommunications watchdog, has fined Google 68 million rubles (roughly $1.2 million) for helping spread what it called "unreliable" information on the war in Ukraine and the failure to remove it from its platforms. [...] |
|
|
|
|
2022-06-24 16:13:13 |
Windows 10 22H2 accidentally confirmed by latest preview update (lien direct) |
Microsoft has accidentally leaked that Windows 10 22H2 is on its way by including an enablement package in the latest Windows 10 KB5014666 preview update available to Insiders on the Release channel. [...] |
|
|
|
|
2022-06-24 13:13:16 |
Mitel zero-day used by hackers in suspected ransomware attack (lien direct) |
Hackers used a zero-day exploit on Linux-based Mitel MiVoice VOIP appliances for initial access in what is believed to be the beginning of a ransomware attack. [...] |
Ransomware
|
|
|
|
2022-06-24 12:48:42 |
(Déjà vu) CafePress fined $500,000 for breach affecting 23 million users (lien direct) |
The U.S. Federal Trade Commission (FTC) today ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for attempting to cover up a major data breach impacting more than 23 million customers and failing to protect their data. [...] |
Data Breach
|
|
|
|
2022-06-24 12:48:42 |
FTC fines CafePress $500K for breach affecting 23 million users (lien direct) |
The U.S. Federal Trade Commission (FTC) today ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for attempting to cover up a major data breach impacting more than 23 million customers and failing to protect their data. [...] |
Data Breach
|
|
|
|
2022-06-24 11:53:53 |
Fast Shop Brazilian retailer discloses "extortion" cyberattack (lien direct) |
Fast Shop, one of Brazil's largest online retailers, has suffered an 'extortion' cyberattack that led to network disruption and the temporary closure of its online store. [...] |
|
|
|
|
2022-06-24 10:35:20 |
Conti ransomware finally shuts down data leak, negotiation sites (lien direct) |
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand. [...] |
Ransomware
|
|
|
|
2022-06-24 06:11:47 |
June Windows preview updates fix VPN, RDP, RRAS, and Wi-Fi issues (lien direct) |
The optional Windows update previews released by Microsoft this week come with more than the regular performance improvements and bug fixes. [...] |
|
|
|
|
2022-06-23 17:45:27 |
Windows 11 KB5014668 update fixes upgrade fails, game crashes (lien direct) |
Microsoft has released the optional KB5014668 cumulative update previews for Windows 11 with fixes for issues leading to game crashes and failed upgrades to the latest Windows version. [...] |
Guideline
|
|
|
|
2022-06-23 16:47:42 |
Scalper bots out of control in Israel, selling state appointments (lien direct) |
Out-of-control scalper bots have created havoc in Israel by registering public service appointments for various government services and then offering to sell them to disgruntled citizens. [...] |
|
|
|
|
2022-06-23 15:28:48 |
CISA: Log4Shell exploits still being used to hack VMware servers (lien direct) |
CISA warned today that threat actors including state-backed hacking groups are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability. [...] |
Hack
Threat
|
|
|
|
2022-06-23 13:07:15 |
Spyware vendor works with ISPs to infect iOS and Android users (lien direct) |
Google's Threat Analysis Group (TAG) revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers (ISPs) to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools. [...] |
Threat
|
|
|
|
2022-06-23 13:01:23 |
Microsoft aims to make Edge the go-to browser for gaming (lien direct) |
Microsoft wants to make Edge the go-to browser for gaming, with new features unveiled today, including a new gaming portal and the public release of its Clarity boost upscaling feature when using Xbox Cloud Gaming. [...] |
|
|
|
|
2022-06-23 12:00:46 |
Lithuania warns of rise in DDoS attacks against government sites (lien direct) |
The National Cyber Security Center (NKSC) of Lithuania has issued a public warning about a steep increase in distributed denial of service (DDoS) attacks directed against public authorities in the country. [...] |
|
|
|
|
2022-06-23 11:04:57 |
Malicious Windows \'LNK\' attacks made easy with new Quantum builder (lien direct) |
Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. [...] |
Malware
|
|
|
|
2022-06-23 10:04:25 |
Automotive hose maker Nichirin hit by ransomware attack (lien direct) |
Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline. [...] |
Ransomware
|
|
|
|
2022-06-23 09:00:00 |
Chinese hackers use ransomware as decoy for cyber espionage (lien direct) |
Two Chinese hacking groups conducting cyber espionage and stealing intellectual property from Japanese and western companies are deploying ransomware as a decoy to cover up their malicious activities. [...] |
Ransomware
|
|
|
|
2022-06-23 08:00:00 |
New MetaMask phishing campaign uses KYC lures to steal passphrases (lien direct) |
A new phishing campaign is targeting users on Microsoft 365 while spoofing the popular MetaMask cryptocurrency wallet provider and attempting to steal recovery phrases. [...] |
|
|
|
|
2022-06-23 06:05:37 |
Conti ransomware hacking spree breaches over 40 orgs in a month (lien direct) |
The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month. [...] |
Ransomware
Hack
|
|
|
|
2022-06-22 18:10:37 |
NSA shares tips on securing Windows devices with PowerShell (lien direct) |
The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. [...] |
|
|
|
|
2022-06-22 14:28:14 |
Chinese hackers target script kiddies with info-stealer trojan (lien direct) |
Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. [...] |
|
APT 23
|
|
|
2022-06-22 13:59:54 |
Microsoft: Russia stepped up cyberattacks against Ukraine\'s allies (lien direct) |
Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. [...] |
|
|
|
|
2022-06-22 12:00:00 |
Privacy-focused Brave Search grew by 5,000% in a year (lien direct) |
Brave Search, the browser developer's privacy-centric Internet search engine, is celebrating its first anniversary after surpassing 2.5 billion queries and seeing almost 5,000% growth in a year. [...] |
|
|
|
|
2022-06-22 11:00:43 |
MEGA fixes critical flaws that allowed the decryption of user data (lien direct) |
MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. [...] |
|
|
|
|
2022-06-22 09:00:00 |
(Déjà vu) June Windows Server 2022 update adds support for WSL2 (lien direct) |
Microsoft says support for Windows Subsystem for Linux (WSL 2) distros can now be added to any machine running Windows Server 2022 by installing this month's Patch Tuesday updates. [...] |
|
|
|
|
2022-06-22 09:00:00 |
Microsoft: KB5014678 Windows Server 2022 update adds WSL2 support (lien direct) |
Microsoft says support for Windows Subsystem for Linux (WSL 2) distros can now be added to any machine running Windows Server 2022 by installing this month's Patch Tuesday updates. [...] |
|
|
|
|
2022-06-22 07:23:46 |
Microsoft reveals cause behind this week\'s Microsoft 365 outage (lien direct) |
Microsoft has revealed that this week's Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions. [...] |
|
|
|
|
2022-06-22 06:20:54 |
Critical PHP flaw exposes QNAP NAS devices to RCE attacks (lien direct) |
QNAP has warned customers today that many of its Network Attached Storage (NAS) devices are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution. [...] |
|
|
|
|
2022-06-21 18:43:00 |
Yodel parcel company confirms cyberattack is disrupting delivery (lien direct) |
Services for the U.K.-based Yodel delivery service company have been disrupted due to a cyberattack that caused delays in parcel distribution and tracking orders online. [...] |
|
|
|
|
2022-06-21 17:46:17 |
7-zip now supports Windows \'Mark-of-the-Web\' security feature (lien direct) |
7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. [...] |
|
|
|