Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-05-18 12:01:42 |
VMware patches critical auth bypass flaw in multiple products (lien direct) |
VMware warned customers today to immediately patch a critical authentication bypass vulnerability "affecting local domain users" in multiple products that can be exploited to obtain admin privileges. [...] |
Vulnerability
|
|
|
|
2022-05-18 11:20:56 |
CISA shares guidance to block ongoing F5 BIG-IP attacks (lien direct) |
In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388). [...] |
Vulnerability
|
|
|
|
2022-05-18 10:54:14 |
Fake crypto sites lure wannabe thieves by spamming login credentials (lien direct) |
Threat actors are luring potential thieves by spamming login credentials for other people account's on fake crypto trading sites, illustrating once again, that there is no honor among thieves. [...] |
Threat
|
|
|
|
2022-05-18 09:27:23 |
Microsoft warns of brute-force attacks targeting MSSQL servers (lien direct) |
Microsoft warned of brute-forcing attacks targeting Internet-exposed and poorly secured Microsoft SQL Server (MSSQL) database servers using weak passwords. [...] |
|
|
|
|
2022-05-17 18:16:00 |
(Déjà vu) North Korean devs pose as US freelancers to aid DRPK govt hackers (lien direct) |
The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions. [...] |
|
|
|
|
2022-05-17 18:16:00 |
North Korean devs pose as US freelancers and aid DRPK govt hackers (lien direct) |
The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions. [...] |
|
|
|
|
2022-05-17 16:22:43 |
Microsoft: Windows Server 20H2 reaches end of service in August (lien direct) |
Microsoft has reminded customers today that Windows Server, version 20H2 will be reaching the end of service (EOS) on August 9, 2022. [...] |
|
|
|
|
2022-05-17 15:12:06 |
NVIDIA fixes ten vulnerabilities in Windows GPU display drivers (lien direct) |
NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers. [...] |
|
|
|
|
2022-05-17 14:47:48 |
Microsoft Defender for Endpoint gets new troubleshooting mode (lien direct) |
Microsoft says Defender for Endpoint now comes with a new 'troubleshooting mode' that will help Windows admins test Defender Antivirus performance and run compatibility scenarios without getting blocked by tamper protection. [...] |
|
|
|
|
2022-05-17 11:33:32 |
Cybersecurity agencies reveal top initial access attack vectors (lien direct) |
A joint security advisory issued by multiple national cybersecurity authorities revealed today the top 10 attack vectors most exploited by threat actors for breaching networks. [...] |
Threat
|
|
|
|
2022-05-17 10:30:19 |
Hackers can steal your Tesla Model 3, Y using new Bluetooth attack (lien direct) |
Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy (BLE) relay attack that bypasses all existing protections to authenticate on target devices. [...] |
Tool
|
|
|
|
2022-05-17 10:01:02 |
What is ISO 27001 and Why it Matters for Compliance Standards (lien direct) |
ISO 27001 may seem like a big undertaking, but the certification can pay off in more ways than one-including overlap with compliance regulations. Read about the benefits of ISO 27001 and how to get started. [...] |
|
|
|
|
2022-05-17 08:00:00 |
(Déjà vu) CISA warns admins to patch actively exploited Spring, Zyxel bugs (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...] |
|
|
|
|
2022-05-17 08:00:00 |
CISA warns admins to patch actively exploited VMware, Zyxel bugs (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...] |
|
|
|
|
2022-05-17 07:16:46 |
Hackers target Tatsu WordPress plugin in millions of attacks (lien direct) |
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. [...] |
|
|
|
|
2022-05-16 18:32:04 |
HTML attachments remain popular among phishing actors in 2022 (lien direct) |
HTML files remain one of the most popular attachments used in phishing attacks for the first four months of 2022, showing that the technique remains effective against antispam engines and works well on the victims themselves. [...] |
|
|
|
|
2022-05-16 17:15:41 |
Third-party web trackers log what you type before submitting (lien direct) |
An extensive study looking into the top 100k ranking websites has revealed that many are leaking information you enter in the site forms to third-party trackers before you even press submit. [...] |
|
|
|
|
2022-05-16 16:46:50 |
US links Thanos and Jigsaw ransomware to 55-year-old doctor (lien direct) |
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. [...] |
Ransomware
|
|
|
|
2022-05-16 14:33:32 |
Apple emergency update fixes zero-day used to hack Macs, Watches (lien direct) |
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices. [...] |
Hack
Vulnerability
Threat
|
|
|
|
2022-05-16 14:05:30 |
Ukraine supporters in Germany targeted with PowerShell RAT malware (lien direct) |
An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT (remote access trojan) and stealing their data. [...] |
Malware
Threat
|
|
|
|
2022-05-16 13:24:38 |
CISA warns not to install May Windows updates on domain controllers (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it. [...] |
|
|
|
|
2022-05-16 12:35:18 |
Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more (lien direct) |
Offensive Security has released Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all, new tools to play with! [...] |
|
|
★★★★
|
|
2022-05-16 11:43:07 |
Sophos antivirus driver caused BSODs after Windows KB5013943 update (lien direct) |
Sophos has released a fix for a known issue triggering blue screens of death (aka BSODs) on Windows 11 systems running Sophos Home antivirus software after installing the KB5013943 upda [...] |
|
|
|
|
2022-05-16 10:17:58 |
Engineering firm Parker discloses data breach after ransomware attack (lien direct) |
The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month. [...] |
Ransomware
Data Breach
|
|
|
|
2022-05-15 18:15:20 |
What\'s new and improved in Windows 11 22H2, coming soon (lien direct) |
Windows 11 version 22H2 aka Sun Valley 2 is set to launch later this year. Unlike the original Windows 11 release, it won't be a massive update with radical design changes. Instead, Sun Valley 2 will be similar to Windows 10 Anniversary Update, so you can expect minor improvements and a few new features. [...] |
|
|
|
|
2022-05-15 14:47:10 |
Hackers are exploiting critical bug in Zyxel firewalls and VPNs (lien direct) |
Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. [...] |
|
|
|
|
2022-05-15 12:34:09 |
Fake Pixelmon NFT site infects you with password-stealing malware (lien direct) |
A fake Pixelmon NFT site entices fans with free tokens and collectibles while infecting them with malware that steals their cryptocurrency wallets. [...] |
Malware
|
|
|
|
2022-05-15 10:00:00 |
Windows admins frustrated by Quick Assist moving to Microsoft Store (lien direct) |
Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store. [...] |
Tool
|
|
|
|
2022-05-14 15:39:02 |
(Déjà vu) Microsoft fixes new PetitPotam Windows NTLM Relay attack vector (lien direct) |
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...] |
|
|
|
|
2022-05-14 15:39:02 |
New Windows PetitPotam NTLM Relay attack vector fixed in May updates (lien direct) |
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...] |
|
|
|
|
2022-05-14 11:18:09 |
Angry IT admin wipes employer\'s databases, gets 7 years in prison (lien direct) |
Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. [...] |
|
|
|
|
2022-05-14 10:02:27 |
(Déjà vu) Crypto robber who lured victims via Snapchat and stole £34,000 jailed (lien direct) |
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [...] |
|
|
|
|
2022-05-14 10:02:27 |
Crypto thief threatened to cut man\'s fingers \'one by one,\' stole £34K (lien direct) |
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [...] |
|
|
|
|
2022-05-13 16:58:23 |
The Week in Ransomware - May 13th 2022 - A National Emergency (lien direct) |
While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...] |
Ransomware
Malware
Threat
|
|
|
|
2022-05-13 14:16:08 |
Italian CERT: Hacktivists hit govt sites in \'Slow HTTP\' DDoS attacks (lien direct) |
Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days. [...] |
|
|
|
|
2022-05-13 13:48:24 |
Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits (lien direct) |
Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. [...] |
Malware
|
|
|
|
2022-05-13 12:24:40 |
Fake Binance NFT Mystery Box bots steal victim\'s crypto wallets (lien direct) |
A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. [...] |
Malware
|
|
|
|
2022-05-13 11:38:42 |
SonicWall \'strongly urges\' admins to patch SSLVPN SMA1000 bugs (lien direct) |
SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances. [...] |
|
|
|
|
2022-05-13 09:52:18 |
Google Chrome updates failing on Android devices in Russia (lien direct) |
A growing number of Russian Chrome users on Android report getting errors when attempting to install the latest available update of the popular web browser. [...] |
|
|
|
|
2022-05-12 17:30:15 |
Iranian hackers exposed in a highly targeted espionage campaign (lien direct) |
Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. [...] |
Threat
|
APT 34
|
|
|
2022-05-12 17:10:53 |
Ukrainian imprisoned for selling access to thousands of PCs (lien direct) |
Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace. [...] |
|
|
|
|
2022-05-12 15:18:45 |
Eternity malware kit offers stealer, miner, worm, ransomware tools (lien direct) |
Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...] |
Ransomware
Malware
Threat
|
|
|
|
2022-05-12 14:13:52 |
Zyxel fixes firewall flaws that could lead to hacked networks (lien direct) |
Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...] |
Vulnerability
Threat
|
|
|
|
2022-05-12 13:07:33 |
BPFdoor: Stealthy Linux malware bypasses firewalls for remote access (lien direct) |
A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years. [...] |
Malware
|
|
|
|
2022-05-12 10:31:20 |
NVIDIA has open-sourced its Linux GPU kernel drivers (lien direct) |
NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable. [...] |
|
|
|
|
2022-02-14 18:34:11 |
Google Chrome emergency update fixes zero-day exploited in attacks (lien direct) |
Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. [...] |
Vulnerability
Threat
|
|
|
|
2022-02-14 16:21:26 |
Ukraine says it\'s targeted by \'massive wave of hybrid warfare\' (lien direct) |
The Security Service of Ukraine (SSU) today said the country is the target of an ongoing "wave of hybrid warfare," aiming to instill anxiety and undermine Ukrainian society's confidence in the state's ability to defend its citizens. [...] |
|
|
|
|
2022-02-14 14:31:00 |
Sports brand Mizuno hit with ransomware attack delaying orders (lien direct) |
Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. [...] |
Ransomware
|
|
|
|
2022-02-14 14:05:18 |
FTC warns VoIP providers: Share your robocall info or get sued (lien direct) |
The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations. [...] |
|
|
|
|
2022-02-14 13:03:24 |
QNAP extends critical updates for some unsupported NAS devices (lien direct) |
QNAP has extended support and will keep issuing security updates for some end-of-life (EOL) network-attached storage (NAS) devices until October 2022. [...] |
|
|
|