Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-02 12:54:07 |
Popular Twitch AdBlock shuts down after Twitch breaks extension (lien direct) |
The popular Twitch AdBlock extension has been removed from both Chrome Web Store and Firefox Addons. Twitch AdBlock was the choice of extension among Twitch users for restricting ads when using Twitch. The extension's author stated before its removal, the ad blocker had over 150,000 users and 6 million daily views. [...] |
|
|
|
|
2021-04-02 12:28:39 |
Qualys says Accellion hackers did not breach production systems (lien direct) |
Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments. [...] |
|
|
|
|
2021-04-02 11:46:15 |
Capital One notifies more clients of SSNs exposed in 2019 data breach (lien direct) |
US bank Capital One notified additional customers that their Social Security numbers were exposed in a data breach announced in July 2019. [...] |
Data Breach
|
|
|
|
2021-04-02 07:03:11 |
Ransomware gang wanted $40 million in Florida schools cyberattack (lien direct) |
Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment. [...] |
Ransomware
Threat
|
|
|
|
2021-04-02 04:26:23 |
(Déjà vu) GitHub Arctic Vault likely contains leaked MedData patient records (lien direct) |
GitHub Arctic Code Vault has likely inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years. [...] |
|
|
|
|
2021-04-02 04:26:23 |
(Déjà vu) GitHub Arctic Vault likely has leaked MedData patient records (lien direct) |
GitHub Arctic Code Vault has likely inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years. [...] |
|
|
|
|
2021-04-02 04:26:23 |
GitHub Arctic Vault captures leaked patient medical data for 1,000 years (lien direct) |
GitHub Arctic Code Vault has inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years. [...] |
|
|
|
|
2021-04-02 03:19:00 |
MacKenzie Scott Grant scam more widespread than initially thought (lien direct) |
A massive phishing campaign reaching tens of thousands of inboxes impersonated the MacKenzie Bezos-Scott grant foundation promising financial benefits to recipients in exchange of a processing fee. [...] |
|
|
|
|
2021-04-01 14:15:28 |
US DOJ: Phishing attacks use vaccine surveys to steal personal info (lien direct) |
The US Department of Justice warns of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. [...] |
|
|
|
|
2021-04-01 13:24:59 |
Coinhive domain repurposed to warn visitors of hacked sites, routers (lien direct) |
After taking over the domains for the notorious Coinhive in-browsing Monero mining service, a researcher is now displaying alerts on hacked websites that are still injecting the mining service's JavaScript. [...] |
|
|
|
|
2021-04-01 12:58:28 |
VMware fixes authentication bypass in data center security software (lien direct) |
VMware has addressed a critical vulnerability in the VMware Carbon Black Cloud Workload appliance that could allow attackers to bypass authentication after exploiting vulnerable servers. [...] |
Vulnerability
|
|
|
|
2021-04-01 10:28:51 |
Microsoft fixes Outlook \'Cannot send this item\' email bug (lien direct) |
Microsoft has fixed an Outlook bug that blocked users from forwarding or replying to emails containing embedded hyperlinks pointing to long URLs. [...] |
|
|
|
|
2021-04-01 09:31:00 |
Ubiquiti confirms extortion attempt following security breach (lien direct) |
Networking device maker Ubiquiti has confirmed that it was the target of an extortion attempt following a January security breach, as revealed by a whistleblower earlier this week. [...] |
|
|
|
|
2021-04-01 03:04:05 |
Ubiquiti cyberattack may be far worse than originally disclosed (lien direct) |
The data breach report from Ubiquiti in January is allegedly a cover-up of a massive incident that put at risk customer data and devices deployed on corporate and home networks. [...] |
Data Breach
|
|
|
|
2021-03-31 17:31:30 |
800Gbps DDoS extortion attack hits gambling company (lien direct) |
Distributed denial-of-service (DDoS) attacks started strong this year, setting new records and taking the extortion trend that started last August to the next level. [...] |
|
|
|
|
2021-03-31 17:02:15 |
Microsoft kills off the Cortana app for Android and iOS (lien direct) |
Microsoft today confirmed that it has officially ended support for Cortana on mobile, and the apps will stop working after March 31, 2021. [...] |
|
|
|
|
2021-03-31 14:55:11 |
CISA gives federal agencies 5 days to find hacked Exchange servers (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to scan their networks again for any signs of compromised on-premises Microsoft Exchange servers and report their findings within five days. [...] |
|
|
|
|
2021-03-31 13:33:45 |
Google: North Korean hackers target security researchers again (lien direct) |
Google's Threat Analysis Group (TAG) says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts. [...] |
Threat
|
|
|
|
2021-03-31 13:05:58 |
BazarCall malware uses malicious call centers to infect victims (lien direct) |
For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware. [...] |
Malware
|
|
|
|
2021-03-31 12:31:49 |
Malware hidden in game cheats and mods used to target gamers (lien direct) |
Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] |
Malware
Threat
|
|
|
|
2021-03-31 10:09:24 |
Scammers steal New Yorkers\' private info for benefits fraud (lien direct) |
New York's Department of Financial Services (DFS) warns of an ongoing series of attacks resulting in the theft of personal information belonging to hundreds of thousands of New Yorkers. [...] |
|
|
|
|
2021-03-31 07:55:47 |
(Déjà vu) Fake jQuery files infect WordPress sites with malware (lien direct) |
Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] |
Malware
|
|
|
|
2021-03-31 07:55:47 |
Fake jQuery files load obfuscated malware on WordPress sites (lien direct) |
Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] |
Malware
|
|
|
|
2021-03-31 03:41:14 |
Google Chrome for Linux is getting DNS-over-HTTPS, but there\'s a catch (lien direct) |
Google Chrome developers have announced plans to roll out DNS-over-HTTPS (DoH) support to Chrome web browser for Linux. DoH has been supported on Google Chrome for other platforms, including Android, since at least 2020. But, there's a catch. [...] |
|
|
|
|
2021-03-30 14:50:38 |
US govt warns that buying fake COVID-19 vaccine cards is a crime (lien direct) |
US federal agencies have warned today against making or selling fake COVID-19 vaccination record cards as this is breaking the law. [...] |
|
|
|
|
2021-03-30 14:01:52 |
VMware fixes bug allowing attackers to steal admin credentials (lien direct) |
VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers. [...] |
|
|
|
|
2021-03-30 12:43:59 |
Scammers target universities in ongoing IRS phishing attacks (lien direct) |
The Internal Revenue Service (IRS) is warning of ongoing phishing attacks impersonating the IRS and targeting educational institutions. [...] |
|
|
|
|
2021-03-30 11:20:35 |
Leading Indian fintech platform MobiKwik denies data breach (lien direct) |
Indian digital financial services platform Mobikwik denies claims that almost 8 TB of data put up for sale was allegedly stolen from its servers. [...] |
Data Breach
|
|
|
|
2021-03-30 07:56:19 |
Microsoft Exchange attacks increase while WannaCry gets a restart (lien direct) |
The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector. [...] |
|
Wannacry
Wannacry
|
|
|
2021-03-29 18:30:59 |
(Déjà vu) Windows 10 KB5000842 cumulative update fixes freezing issues (lien direct) |
Microsoft has released the KB5000842 non-security preview update for all editions of Windows 10, version 20H2, and Windows 10, version 2004, with fixes for system freezing and activation issues. [...] |
|
|
|
|
2021-03-29 17:15:27 |
Microsoft working to fix Windows 10 21H1 update install issue (lien direct) |
Microsoft is working to fix an issue causing a recently released Windows 10 21H1 build to fail to install for customers enrolled in the Windows Insider program. [...] |
|
|
|
|
2021-03-29 15:29:05 |
Windows 10 is getting OEMDRIVERS, a folder for third-party drivers (lien direct) |
Microsoft is adding a dedicated OEMDRIVERS folder to Windows 10 that will be used to store third-party drivers. [...] |
|
|
|
|
2021-03-29 14:30:59 |
Docker Hub images downloaded 20M times come with cryptominers (lien direct) |
Researchers found that more than two-dozen containers on Docker Hub have been downloaded more than 20 million times for cryptojacking operations spanning at least two years. [...] |
|
|
|
|
2021-03-29 14:00:25 |
Harris Federation hit by ransomware attack affecting 50 schools (lien direct) |
The IT systems and email servers of London-based nonprofit multi-academy trust Harris Federation were taken down by a ransomware attack on Saturday. [...] |
Ransomware
|
|
|
|
2021-03-29 03:32:59 |
PHP\'s Git server hacked to add backdoors to PHP source code (lien direct) |
In the latest software supply chain attack, the official PHP Git repository was hacked and tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The threat actors had signed off on these commits as if they were made by known PHP developers. [...] |
Threat
|
|
|
|
2021-03-28 18:53:34 |
Ransomware admin is refunding victims their ransom payments (lien direct) |
After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back. [...] |
Ransomware
|
|
|
|
2021-03-28 16:20:04 |
Critical netmask networking bug impacts thousands of applications (lien direct) |
Popular npm component netmask has a critical networking vulnerability, CVE-2021-28918. netmask is frequently used by hundreds of thousands of applications to parse IPv4 addresses and CIDR blocks or compare them. The component gets over 3 million weekly downloads, and as of today, has scored over 238 million total downloads. [...] |
|
|
|
|
2021-03-28 14:00:00 |
Take control of Windows 10 feature updates using these settings (lien direct) |
In this article, we're highlighting two group policies that you can try to take control over Windows 10 feature updates. [...] |
|
|
|
|
2021-03-28 10:41:12 |
CompuCom MSP expects over $20M in losses after ransomware attack (lien direct) |
American managed service provider CompuCom is expecting losses of over $20 million following this month's DarkSide ransomware attack that took down most of its systems. [...] |
Ransomware
|
|
★★★
|
|
2021-03-28 09:37:51 |
New Windows 10 File Explore icons favor design over function (lien direct) |
Microsoft has updated the icons used in File Explorer to be the new Fluent icons, and while they look great, there is a tradeoff between design and functionality. [...] |
|
|
★★
|
|
2021-03-27 14:01:33 |
What\'s next from Microsoft, Windows 10, and Surface in 2021 (lien direct) |
In 2021, Microsoft is planning to release exciting new Surface products and software updates for Windows 10. This includes Windows 10X, Windows 10 Sun Valley Update, Windows Cloud PC, Surface Laptop 4, Surface Duo 2, and more. [...] |
|
|
★★★★
|
|
2021-03-27 10:57:04 |
(Déjà vu) Windows 95 Easter egg discovered after being hidden for 25 years (lien direct) |
A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, twnty-five years after the software was released. [...] |
|
|
|
|
2021-03-27 10:57:04 |
Windows 95 Easter egg discovered after being hidden for 15 years (lien direct) |
A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, fifteen years after the software was released. [...] |
|
|
★★★★
|
|
2021-03-27 09:41:12 |
FatFace sends controversial data breach email after ransomware attack (lien direct) |
British clothing brand FatFace has sent a controversial 'confidential' data breach notification to customers after suffering a ransomware attack earlier this year. [...] |
Ransomware
Data Breach
|
|
|
|
2021-03-27 01:00:00 |
New Android malware spies on you while posing as a System Update (lien direct) |
New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. [...] |
Malware
|
|
|
|
2021-03-26 19:45:19 |
The Week in Ransomware - March 26th 2021 - Attacks increase (lien direct) |
Ransomware attacks against the enterprise continue in the form of Accellion data leaks, full-fledged ransomware attacks, and more ransomware gangs targeting Microsoft Exchange. [...] |
Ransomware
|
|
|
|
2021-03-26 15:42:58 |
(Déjà vu) Ransomware gang urges victims\' customers to demand a ransom payment (lien direct) |
A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. [...] |
Ransomware
|
|
|
|
2021-03-26 15:42:58 |
Ransomware gang urges victims\' customers to fight for their privacy (lien direct) |
A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. [...] |
Ransomware
|
|
|
|
2021-03-26 15:14:55 |
German Parliament targeted again by Russian state hackers (lien direct) |
Email accounts of multiple German Parliament members were targeted in a spearphishing attack. It is not yet known if any data was stolen during the incident. [...] |
|
|
|
|
2021-03-26 13:58:23 |
(Déjà vu) Apple fixes a iOS zero-day vulnerability actively used in attacks (lien direct) |
Apple has released security updates today to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices. [...] |
Vulnerability
|
|
|