What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-10 15:10:43 | Hacker Selling User Info Stolen From Prostitution Forums (lien direct) | Popular prostitution and escort forums in the Netherlands and Italy have suffered data breaches that exposed the usernames, email addresses, and hashed passwords for their registered members. [...] | |||
|
2019-10-10 13:34:16 | Apple Software Update Zero-Day Used by BitPaymer Ransomware (lien direct) | Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows. [...] | Ransomware Vulnerability | ||
|
2019-10-10 10:52:52 | HP Touchpoint Analytics LPE Vulnerability Affects Most HP PCs (lien direct) | HP patched a vulnerability discovered in the HP Touchpoint Analytics software installed by default on most of its Windows laptops and desktops, a flaw allowing attackers to escalate privileges and execute arbitrary code using SYSTEM privileges. [...] | Vulnerability | ||
|
2019-10-10 03:16:19 | iTerm2 Patches Critical Vulnerability Active for 7 Years (lien direct) | The most popular terminal emulator for macOS, iTerm2, has been updated to fix a critical security issue that survived undisclosed for at least seven years. [...] | Vulnerability | ||
|
2019-10-09 20:09:01 | Singapore Man Faces 34 Years for Amazon AWS Cryptomining Fraud (lien direct) | 29-year old Singapore citizen Ho Jun Jia aka Matthew Ho was charged today under a 14-count indictment for allegedly mining cryptocurrency using stolen Amazon AWS and Google Cloud computing power and services. [...] | |||
|
2019-10-09 18:18:00 | Phishing Incident Exposes Medical, Personal Info of 60K Patients (lien direct) | Community-based healthcare system Methodist Hospitals from Gary, Indiana, disclosed that sensitive personal and medical information of 68,039 individuals may have been exposed following a successful phishing attack against two of its employees. [...] | |||
|
2019-10-09 13:08:47 | EU Member States Publish Joint Report on 5G Networks Security (lien direct) | European Union (EU) member states published a joint high-level report on the coordinated risk assessment on the security of 5G networks, identifying the main threats and threats actors, the most sensitive assets, and the main vulnerabilities behind them. [...] | |||
|
2019-10-09 12:44:11 | Games and Utility Apps in Play Store Hide Bankers and Spyware (lien direct) | Despite Google's efforts to keep its Android store risk free, malicious apps continue to make it past the verification process. In September, the assortment of trojans detected in Google Play included downloaders, bankers, adware, and spyware. [...] | |||
|
2019-10-09 11:15:23 | New Microsoft NTLM Flaws May Allow Full Domain Compromise (lien direct) | Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full domain compromise of a network. [...] | Guideline | ||
|
2019-10-09 03:41:07 | Beware of Fake Amazon AWS Suspension Emails for Unpaid Bills (lien direct) | In this article we take a look at a phishing campaign that pretends to be an Amazon AWS suspension notice for unpaid bills that looks good enough to trick many users. [...] | |||
|
2019-10-08 18:33:40 | C is for Credit Card: MageCart Hits Volusion E-Commerce Sites (lien direct) | Hackers compromised the infrastructure of Volusion cloud-based e-commerce platform to inject customer checkout pages with malicious JavaScript code that steals payment card data. [...] | |||
|
2019-10-08 17:53:35 | Windows 10 Insider Build 18999 Gives all Insiders a Resizable Cortana (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18999 (20H1) to Insiders in the Fast ring and brings the ability to move and resize Cortana to all Insiders. [...] | |||
|
2019-10-08 17:05:50 | Twitter Apologizes for Using Your Phone Number for Advertising (lien direct) | Twitter says that some of its users' phone numbers and email addresses provided for account security like two-factor authentication may have been used accidentally for ad targeting. [...] | |||
|
2019-10-08 17:00:00 | (Déjà vu) Windows 10 Servicing Stack Updates Fix Secure Boot Issues (lien direct) | Microsoft released October's servicing stack quality improvements for all Windows 10 versions, the component which allows users to receive and install Windows updates. [...] | |||
|
2019-10-08 14:00:06 | Windows 10 Cumulative Update KB4517389 & KB4519338 Released (lien direct) | It's Patch Tuesday and Microsoft is servicing all supported version of Windows. If you use Windows 10 May 2019 Update and Windows 10 October 2018 Update on your computer at home or office, a new cumulative update is out with fixes and improvements. [...] | |||
|
2019-10-08 13:51:55 | (Déjà vu) Microsoft Releases the October 2019 Security Updates for Office (lien direct) | Microsoft released the October 2019 Microsoft Office security updates, bundling a total of 14 security updates and four cumulative updates across seven different products, nine of them patching remote code execution flaws. [...] | Patching | ||
|
2019-10-08 13:20:32 | Microsoft\'s October 2019 Patch Tuesday Fixes 59 Vulnerabilities (lien direct) | Today is Microsoft's October 2019 Patch Tuesday, which means your Windows admins are not having a good day. So be particularly nice to them! With the release of the October 2019 security updates, Microsoft has released 1 advisory (Windows 10 Servicing Stack Update) and updates for 59 vulnerabilities [...] | |||
|
2019-10-08 12:15:27 | Microsoft Blocks Credential Theft Attack Targeting Dozens of Orgs (lien direct) | Roughly 100 organizations were targeted in a large scale spear-phishing attack during early July by a malspam campaign distributing LokiBot information stealer payloads. [...] | |||
|
2019-10-08 10:30:26 | Researcher Adds $100,000 Worth of Credit to Voi E-Scooter App (lien direct) | A Swedish security enthusiast was able to take advantage of some weaknesses in the Voi scooter mobile app to get $100,000 worth of free rides. [...] | |||
|
2019-10-08 09:00:00 | 57% of Businesses Use Multi-Factor Auth (MFA), Says LastPass (lien direct) | Approximately 57% of businesses around the world are currently using multi-factor authentication (MFA), with a 12% gain over the stats from last year according to research from LastPass based on data from 47,000 orgs. [...] | LastPass | ||
|
2019-10-08 08:00:05 | Windows 10 1803 Users Warned to Update Before End of Support (lien direct) | Microsoft has started to display a warning to users running Windows 10 1803, otherwise known as the April 2018 Update, that states the version is nearing end of support and that they should update to the latest version of Windows. [...] | |||
|
2019-10-08 03:28:14 | Hackers Patch Web Browsers to Track Encrypted Traffic (lien direct) | Researchers have found a new piece of malware, likely from an advanced threat group, that can patch Chrome and Firefox browsers to identify the encrypted traffic from a victim's computer. [...] | Threat | ||
|
2019-10-07 16:40:05 | (Déjà vu) Credit Info Exposed in TransUnion Data Security Incident (lien direct) | Using a credential stuffing attack, an unauthorized person was able to gain access to a TransUnion Canada web portal and use it to pull consumer credit files. [...] | |||
|
2019-10-07 16:40:05 | Credit Info Exposed in TransUnion Credential Stuffing Attack (lien direct) | Using a credential stuffing attack, an unauthorized person was able to gain access to a TransUnion Canada web portal and use it to pull consumer credit files. [...] | |||
|
2019-10-07 16:13:36 | Adobe To Ban Users From Venezuela Due to U.S. Executive Order (lien direct) | Adobe published today a support document saying that the company is deactivating all accounts in Venezuela starting October 28 due to U.S. Government's Executive Order 13884 issued on August 7, 2019. [...] | |||
|
2019-10-07 14:02:04 | 1 Million People Had Their Medical Data Exposed in Tū Ora Breach (lien direct) | Primary health organization (PHO) Tū Ora Compass Health from New Zealand disclosed a security breach that led to the exposure of medical and personally identifiable information (PII) of roughly 1 million people. [...] | |||
|
2019-10-07 13:15:52 | RobbinHood Ransomware Using Street Cred to Make Victims Pay (lien direct) | The operators behind the RobbinHood ransomware have changed their language in the ransom note in an effort to take from victims all hope of decrypting the files for free and to make them pay for the recovery. [...] | Ransomware | ||
|
2019-10-07 11:55:01 | Muhstik Ransomware Victim Hacks Back, Releases Decryption Keys (lien direct) | A victim of the Muhstik Ransomware has hacked back against his attackers and released close to 3,000 decryption keys for victims along with a free decryptor to get their files back. [...] | Ransomware | ||
|
2019-10-07 11:31:41 | Some Windows 10 Users Can\'t Use Firefox for Downloads (lien direct) | Mozilla says in an update to the Firefox 69.0.2 changelog that downloading files from the Internet may not work for Windows 10 users who have the Parental Controls feature toggled on and are part of a family group. [...] | |||
|
2019-10-07 04:01:12 | DCH Hospital Pays Ryuk Ransomware for Decryption Key (lien direct) | DCH hospitals in Alabama have decided to the pay ransom for the Ryuk Ransomware in order to receive a decryptor and get their computer systems back up and running. [...] | Ransomware | ||
|
2019-10-06 18:43:33 | Check If You Are in the Sephora and StreetEasy Data Breaches (lien direct) | Data breach lookup site Have I Been Pwned has added the stolen data from the StreetEasy and Sephora data breaches to their engine so that users can check if their information was exposed. [...] | Data Breach | ||
|
2019-10-05 16:47:56 | HildaCrypt Ransomware Developer Releases Decryption Keys (lien direct) | The developer behind the HildaCrypt Ransomware has decided to release the ransomware's private decryption keys. With these keys a decryptor can be made that would allow any potential victims to recover their files for free. [...] | Ransomware | ||
|
2019-10-05 11:23:23 | Windows 10 KB4524147 Update May Cause Boot and Printing Issues (lien direct) | Windows 10 1903 users have started reporting boot, printing, and Start Menu issues after installing the KB4524147 cumulative update that go away once the update is uninstalled. Microsoft has not acknowledged any of these issues as of yet, but the amount of reports indicate that there is something going on with this update. [...] | |||
|
2019-10-04 17:34:15 | Dutch Govt Explains the Risks Behind DNS-Over-HTTPS Move (lien direct) | The Dutch National Cyber Security Centre (NCSC) explains how DNS-monitoring will get more difficult as modern encrypted DNS transport protocols are getting more popular in a fact sheet published this week. [...] | |||
|
2019-10-04 16:45:16 | The Week in Ransomware - October 4th 2019 - That\'s all Folks (lien direct) | This has been quite a busy week with lots of new variants, new ransomware attacks, including those targeting hospitals, and new information coming out about the REvil/Sodinokibi Ransomware. [...] | Ransomware | ||
|
2019-10-04 15:10:00 | UAB Medicine Data Breach Exposes Patient Info in Phishing Attack (lien direct) | UAB Medical is the victim of a phishing attack that targeted the medical center's payroll department. This allowed the attackers to gain access to numerous employee emails that contained the health information for 19,557 patients. [...] | Data Breach | ||
|
2019-10-04 14:53:19 | Microsoft Discovers Iranian Hacking Campaign Targeting U.S. Politics (lien direct) | Microsoft says that a state-sponsored Iranian cyber-espionage group tracked as Phosphorus by the Microsoft Threat Intelligence Center (MSTIC) attempted to get account info on over 2,700 of its customers, attack 241 of them, and compromised four accounts between August and September. [...] | Threat Conference | APT 35 | |
|
2019-10-04 12:39:40 | Windows 10 KB4524147 Cumulative Update Breaks the Start Menu (lien direct) | The KB4524147 Cumulative Update for Windows 10, version 1903 is causing the Windows start menu to crash with a critical error according to numerous user reports. [...] | |||
|
2019-10-04 10:19:29 | Actively Exploited Android Zero-Day Impacts Google, Samsung Devices (lien direct) | Google's Threat Analysis Group (TAG) says that a new Android zero-day is actively being exploited in the wild in attacks targeting vulnerable Google Pixel, Huawei, Xiaomi, Samsung, Oppo, and Moto devices. [...] | Threat | ||
|
2019-10-04 09:33:56 | Magecart Impacts Hundreds of Thousands of Websites, Still Growing (lien direct) | With over two million detections to date, compromising shopping sites' resources to steal customer payment card info is a global phenomenon unlikely to end soon. [...] | |||
|
2019-10-04 08:04:31 | Novter Trojan Sets its Sights on Microsoft Windows Defender (lien direct) | The Novter Trojan, also known as Nodersok or Divergent, is the latest Trojan to actively target Microsoft's Windows Defender by attempting to disable it. [...] | |||
|
2019-10-04 04:56:07 | Details of 92 Million Brazilians Auctioned on Underground Forums (lien direct) | Someone is offering to auction on underground forums a database containing personal information of 92 million Brazilian citizens. They claim that every record is real and unique. [...] | |||
|
2019-10-04 03:30:00 | Australian Govt Issues Android and iOS Security Hardening Guides (lien direct) | The Australian Signals Directorate (ASD)'s Australian Cyber Security Centre (ACSC) has published a set of two guides designed to help Australian government, commercial organizations, and enterprises harden the security of iOS and Android devices in their fleets. [...] | |||
|
2019-10-03 20:15:27 | Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware (lien direct) | Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers' payment card information. [...] | Malware | ||
|
2019-10-03 16:00:04 | \'Lost Files\' Data Wiper Poses as a Windows Security Scanner (lien direct) | A Windows Security Scanner that states it encrypted your files is being distributed by spam, but whether by bug or design, it instead corrupts binary data in a victim's files. [...] | |||
|
2019-10-03 15:35:43 | Google Chrome to Gradually Start Blocking Mixed Content by Default (lien direct) | Google announced that the Chrome web browser will gradually start blocking HTTPS pages from loading insecure resources to improve the users' privacy and security while browsing the web. [...] | |||
|
2019-10-03 14:42:15 | Windows 10 Insider Build 18995 Adds PIN Sign-ins to Safe Mode (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18995 (20H1) to Insiders in the Fast ring, which now allows you to sign into Windows using your Windows Hello Pin even when in Safe Mode. [...] | |||
|
2019-10-03 13:43:42 | Microsoft Releases Windows Security Updates to Fix Printing Issue (lien direct) | Microsoft today released out of band security updates, cumulative updates, and monthly rollup updates to address a printing issue plaguing all Windows client and server versions acknowledged on September 30. [...] | |||
|
2019-10-03 12:25:06 | Office 365 Admins Can Now Block Malicious Microsoft Query IQY Files (lien direct) | Microsoft has silently added new group policies to allow Office 365 admins to block Excel users from opening untrusted Microsoft Query files with IQY, OQY, DQY, and RQY extensions. [...] | |||
|
2019-10-03 09:45:21 | Cyber-Spy Group Active Since 2013 Now Tied to Chinese State Actor (lien direct) | Multiple cyber-espionage campaigns that remained unattributed over the years have now been linked to a single threat actor that researchers named PKPLUG, attacking targets across Asia. [...] | Threat |
To see everything:
Our RSS (filtrered)
