Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 13:51:46 |
Microsoft Launches Xbox Bounty Program With $20K Maximum Payout (lien direct) |
Microsoft just announced the launch of an Xbox bug bounty program to allow gamers and security researchers to report security vulnerabilities found in the Xbox Live network and services. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 13:23:32 |
The Adware Families That Changed the Antivirus Industry (lien direct) |
This story takes us back to 2003 and for a better understanding, you would need to be aware of the fact that the cybersecurity industry back then was shaped very differently from today. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 12:19:46 |
Russia Blocks ProtonMail and ProtonVPN, Tor to the Rescue (lien direct) |
Proton Technologies' security-focused ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government within Russia since yesterday. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 03:34:00 |
Linux Kernel 5.6 Source Tree Includes WireGuard VPN (lien direct) |
The lean-coded, fast, modern, and secure WireGuard VPN protocol has made it into the Linux kernel as Linus Torvalds merged it into the git repository for version 5.6. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 19:34:59 |
Malware Tries to Trump Security Software With POTUS Impeachment (lien direct) |
The TrickBot malware has been spotted using text from articles about President Trump's impeachment to bypass the scanning engines of security software. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 18:03:43 |
AlphaBay Dark Web Market Mod Faces 20 Years After Pleading Guilty (lien direct) |
Bryan Connor Herrell, a 25-year-old from Fresno, California, pleaded guilty this week in the US to racketeering charges related to the now-defunct dark web marketplace Alphabay. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 16:15:00 |
Emotet Uses Coronavirus Scare to Infect Japanese Targets (lien direct) |
A malspam campaign is actively distributing Emotet payloads via emails that warn the targets of Coronavirus infection reports in various prefectures from Japan, including Gifu, Osaka, and Tottori. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 15:36:09 |
New \'I Got Phished\' Service Alerts Companies of Phished Employees (lien direct) |
A new service called 'I Got Phished' has launched that will alert domain and security administrators when an employee in their organization falls for a phishing attack. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 13:10:08 |
Google Chrome Tests Replacing URLs With Search Queries in Address Bar (lien direct) |
Google has started testing a feature that will display the search query in the Chrome address bar rather than the actual page's URL when performing searches on Google. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 11:20:00 |
(Déjà vu) 200K WordPress Sites Exposed to Takeover Attacks by Plugin Bug (lien direct) |
A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 11:20:00 |
200K WordPress Sites Exposed to Takeoker Attacks by Plugin Bug (lien direct) |
A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 10:51:36 |
Critical Remote Code Execution Bug Fixed in OpenBSD SMTP Server (lien direct) |
A critical vulnerability in the free OpenSMTPD email server present in many Unix-based systems can be exploited to run shell commands with root privileges. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-29 03:29:00 |
FBI Warns of Rise in Social Security Scams Spoofing Its Phone Number (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) on Tuesday has issued a warning about a spike in its phone number being used for Social Security fraud. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 19:17:00 |
Magento 2.3.4 Fixes Critical Code Execution Vulnerabilities (lien direct) |
Magento today updated its e-commerce software for all supported platforms with fixes for multiple vulnerabilities. Some of them have critical severity and hackers could exploit them to run arbitrary code. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 18:42:00 |
Ubuntu Invites Windows 7 Users With Linux Switch Guides (lien direct) |
Canonical today published the first part of a tutorial series designed to help Windows 7 users migrate to Ubuntu Linux after Microsoft's decade-old OS reached end of support this month and stopped receiving security and bug fixes. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 18:02:07 |
Apple iOS 13.3.1 Released With Fix for Location Tracking (lien direct) |
Apple has released iOS 13.3.1 with numerous bug fixes including a new setting that allows you to disable the constant location checks being performed by the iPhone 11 U1 chip. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 16:01:54 |
Windows 10 1909 KB4532695 Update Fixes File Explorer Bugs (lien direct) |
Today's Windows 1909 cumulative update fixes some of the bugs that made File Explorer search unusable since the November 2019 Update was released, but there is still more room for improvement. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 15:45:02 |
(Déjà vu) Google Pays $6.5 Million to Hackers for Reporting Security Bugs (lien direct) |
More than $6.5 million were paid to researchers for reporting security bugs through Google's Vulnerability Reward Program (VRP) in 2019, the company said in an announcement published today. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 15:45:02 |
Goole Pays $6.5 Million to Hackers for Reporting Security Bugs (lien direct) |
More than $6.5 million were paid to researchers for reporting security bugs through Google's Vulnerability Reward Program (VRP) in 2019, the company said in an announcement published today. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 14:36:24 |
Windows 10 Optional Cumulative Update KB4532695 Released (lien direct) |
Microsoft is rolling out a new optional cumulative update for Windows 10 November 2019 Update (version 1909) and May 2019 Update (version 1903. The optional monthly update for Windows 10 comes with non-security fixes and important general bug fixes for Windows 10 November 2019 Update and May 2019 Update. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 14:10:00 |
Android Flash Tool Lets You Install Android Using a Browser (lien direct) |
Google announced the release of a web-based tool that can be used by developers to install Android Open Source Project (AOSP) builds on recent Pixel phones and some Android development devices from the web browser, without building and flashing manually. [...] |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 13:41:05 |
Ransomware Bitcoin Wallet Frozen by UK Court to Recover Ransom (lien direct) |
A victim's insurance company convinced the UK courts to freeze a bitcoin wallet containing over $800K worth of a ransomware payment. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 12:32:35 |
Kali Linux Adds Single Installer Image, Default Non-Root User (lien direct) |
Kali Linux 2020.1 was released today by Kali Linux team at Offensive Security with a new Kali Single Installer image for all desktop environments and a previously announced move to a non-root default user. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-28 11:48:07 |
Ring Android App Sent Sensitive User Data to 3rd Party Trackers (lien direct) |
Amazon's Ring doorbell app for Android is sending to third-party trackers information that can be used to identify customers, research from the Electronic Frontier Foundation (EFF) has found. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 20:16:47 |
OurMine Hackers Are Back, Hijack NFL Teams\' Social Accounts (lien direct) |
It looks like the OurMine crew is back and they're on a hacking spree, taking brief control of the social media accounts of high-profile individuals. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 18:35:06 |
FBI Releases Alert on Iranian Hackers\' Defacement Techniques (lien direct) |
The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers' TTPs to help administrators and users to protect their websites. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 16:05:00 |
Microsoft Asked to Unshackle Windows 7 From Proprietary Tyranny (lien direct) |
The Free Software Foundation (FSF) is asking Microsoft to 'upcycle' Windows 7 and allow the community to continue to improve it after its end of life. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 15:26:39 |
Google Chrome Gets Improved Tab Feature, Thanks to Microsoft (lien direct) |
Microsoft announced late last year that Windows 10's default Edge browser would use open-source Chromium platform as a base. Since Edge is now built on Chromium, Microsoft has been actively contributing to the open-source platform and the under-the-hood improvements benefit both Edge and Chrome. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 12:47:19 |
Windows 7 To Get Post End of Life Update to Fix Wallpaper Bug (lien direct) |
Microsoft plans to release an additional update for all users of Windows 7 that fixes a wallpaper bug even though the operating system has reached the end of support. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 11:41:19 |
Google Rolls Back Change Making Search Results Look Like Ads (lien direct) |
After receiving negative feedback regarding the use of site icons in desktop search results, Google has decided to roll back this design change as they continue to experiment further. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 10:14:27 |
RCE Exploit for Windows RDP Gateway Demoed by Researcher (lien direct) |
A remote code execution (RCE) exploit for Windows Remote Desktop Gateway (RD Gateway) was demoed by InfoGuard AG penetration tester Luca Marcelli, after a proof-of-concept denial of service exploit was released by Danish security researcher Ollypwn on Friday for the same pair of flaws. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-27 08:41:38 |
First MageCart Hackers Caught, Infected Hundreds of Web Stores (lien direct) |
Suspected members of a MageCart group that stole payment card information from customers of hundreds of hacked online stores are now in custody of the Indonesian police. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-26 12:35:12 |
Microsoft\'s IE Zero-day Fix is Breaking Windows Printing (lien direct) |
Microsoft's temporary fix for a recently disclosed Internet Explorer zero-day vulnerability is causing numerous problems in Windows, including breaking printing for some users. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-26 10:31:32 |
Patching the Citrix ADC Bug Doesn\'t Mean You Weren\'t Hacked (lien direct) |
Citrix on Friday released the final patch for the critical vulnerability tracked as CVE-2019-19781 in its affected appliances. Many organizations are still at risk, though, as they continue to run Citrix servers without a fix or the advised [...] |
Vulnerability
Patching
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-25 12:30:40 |
PayPal, American Express Phishing Kits Added to 16Shop Service (lien direct) |
The 16Shop phishing kit distribution network has expanded its portfolio with new templates that target PayPal and American Express users. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-25 11:00:00 |
10% of All Macs Shlayered, Malware Cocktail Served (lien direct) |
Many people think that malware only targets Windows and that Macs are safe, but a new report shows how a single Apple malware called Shlayer has attacked over 10% of all Apple computers monitored by an antivirus company. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 18:13:22 |
The Week in Ransomware - January 24th 2020 - Duck for Cover! (lien direct) |
Ransomware continues its onslaught against cities, the enterprise, and even houses of worship as threat actors attempt to encrypt as much as they can to earn big payouts. [...] |
Ransomware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 16:51:53 |
Microsoft To Fix Windows 7 Black Wallpaper Bug for ESU Customers (lien direct) |
Microsoft says that a bugfix will be provided for organizations that purchased Windows 7 Extended Security Updates (ESU) to fix a newly acknowledged issue leading to the desktop wallpaper being replaced by a blank black screen. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 15:07:38 |
Citrix Releases Final Patch as Ransomware Attacks Ramp Up (lien direct) |
Citrix released the final permanent fix for the actively exploited CVE-2019-19781 vulnerability, needed to secure all vulnerable Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 14:12:06 |
New Ryuk Info Stealer Targets Government and Military Secrets (lien direct) |
A new version of the Ryuk Stealer malware has been enhanced to allow it to steal a greater amount of confidential files related to the military, government, financial statements, banking, and other sensitive data. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 14:10:11 |
DOS Exploit PoC Released for Critical Windows RDP Gateway Bugs (lien direct) |
A proof-of-concept (PoC) denial of service exploit has been published by Danish security researcher Ollypwn for the CVE-2020-0609 and CVE-2020-0610 flaws affecting the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 11:59:55 |
City of Potsdam Servers Offline Following Cyberattack (lien direct) |
The City of Potsdam severed the administration servers' Internet connection following an attack that took place earlier this week. Emergency services including the city's fire department fully operational and payments are not affected. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 09:43:58 |
Microsoft is Adding Classic \'Edge Mode\' to New Edge Browser (lien direct) |
Microsoft is developing a new 'Edge Mode' that lets users visit sites using the same rendering engine as Classic Edge to continue using legacy web applications. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-24 03:35:33 |
U.S. Govt Agency Hit with New CARROTBALL Malware Dropper (lien direct) |
A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 17:15:50 |
Sonos Backtracks: Legacy Devices Will Get Updates After May (lien direct) |
In an email being sent to customers, Sonos has stated that they have heard everyone's concerns and while older devices will not get new features, they will continue to receive software updates with security and bug fixes after May 2020. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 16:41:17 |
Bipartisan Coalition Bill Introduced to Reform NSA Surveillance (lien direct) |
A bipartisan coalition of U.S. lawmakers introduced a new bill that wants to protect Americans from warrantless government surveillance such as the one run by the National Security Agency (NSA). [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 16:07:08 |
(Déjà vu) TrickBot Now Steals Windows Active Directory Credentials (lien direct) |
A new module for the TrickBot trojan has been discovered that targets the Active Directory database stored on compromised Windows domain controllers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 16:07:08 |
TrickBot Now Harvests Windows Active Directory Credentials (lien direct) |
A new module for the TrickBot trojan has been discovered that targets the Active Directory database stored on compromised Windows domain controllers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 15:02:36 |
Buchbinder Car Renter Exposes Info of Over 3 Million Customers (lien direct) |
German car rental company Buchbinder exposed the personal information of over 3.1 million customers including federal ministry employees, diplomats, and celebrities, all of it stored within a ten terabytes MSSQL backup database left unsecured on the Internet. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-23 14:01:49 |
(Déjà vu) Critical MDhex Vulnerabilities Shake the Healthcare Sector (lien direct) |
Critical vulnerabilities have been discovered in popular medical devices from GE Healthcare that could allow attackers to alter the way they function or render them unusable. [...] |
|
|
|