Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-07 15:10:51 |
Misconfigured Docker Registries Expose Orgs to Critical Risks (lien direct) |
Some organizations have improperly configured Docker registries exposed to the public web, leaving a door open for attackers to infiltrate and compromise operations. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-07 14:04:29 |
Emotet Hacks Nearby Wi-Fi Networks to Spread to New Victims (lien direct) |
A recently spotted Emotet Trojan sample features a Wi-Fi worm module that allows the malware to spread to new victims connected to nearby insecure wireless networks according to researchers at Binary Defense. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 19:44:10 |
Critical Android Bluetooth Flaw Exploitable without User Interaction (lien direct) |
Android users are urged to apply the latest security patches released for the operating system on Monday that address a critical vulnerability in the Bluetooth subsystem. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 16:05:20 |
Japanese Defense Contractors Kobe Steel, Pasco Disclose Breaches (lien direct) |
Japanese defense contractors Pasco Corporation (Pasco) and Kobe Steel (Kobelco) today disclosed security breaches that happened in May 2018 and in June 2015/August 2016, respectively. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 15:08:26 |
Google Chrome to Block Mixed Content Downloads, Prevents MiTM Attacks (lien direct) |
Google is moving forward with its plan to block mixed content downloads from web sites to protect users from man-in-the-middle attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 14:36:49 |
Phishing Attack Disables Google Play Protect, Drops Anubis Trojan (lien direct) |
Android users are targeted in a phishing campaign that will infect their devices with the Anubis banking Trojan that can steal financial information from more than 250 banking and shopping applications. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 13:18:11 |
DoJ Asks Victims of the Quantum DDoS Service to Come Forward (lien direct) |
The U.S. Department of Justice (DoJ) today issued a notification to raise awareness among victims of the Quantum Stresser Distributed Denial of Service (DDoS) for-hire service operated by David Bukoski. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 12:37:37 |
Ransomware Exploits GIGABYTE Driver to Kill AV Processes (lien direct) |
The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows that is used to terminate antivirus and security software. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 11:33:09 |
Oscar Nominated Movies Featured in Phishing, Malware Attacks (lien direct) |
Attackers are exploiting the hype surrounding this year's Oscar Best Picture nominated movies to infect fans with malware and to bait them to phishing websites designed to steal sensitive info such as credit card details and personal information. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 10:30:12 |
BEC Scammers\' Interest in the Real Estate Sector Rises (lien direct) |
Cybercriminals choose their targets by the profit they can make off them and the real estate business seems ripe for the picking, security researchers warn after looking at some 600 attacks focused on this sector. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-06 00:03:35 |
Bug in Philips Smart Light Allows Hopping to Devices on the Network (lien direct) |
Security researchers at Check Point discovered the issue and developed an attack that allowed them to hack into other devices on the same network as the vulnerable Philips Hue bulb. [...] |
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 16:40:00 |
Medicaid CCO Vendor Breach Exposes Health, Personal Info of 654K (lien direct) |
Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 16:08:26 |
Mailto (NetWalker) Ransomware Targets Enterprise Networks (lien direct) |
With the high ransom prices and big payouts of enterprise-targeting ransomware, we now have another ransomware known as Mailto or Netwalker that is compromising enterprise networks and encrypting all of the Windows devices connected to it. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 14:36:59 |
Cisco Patches Critical CDP Flaws Affecting Millions of Devices (lien direct) |
Five critical vulnerabilities found in various implementations of the Cisco Discovery Protocol (CDP) could allow attackers on the local network to take over tens of millions of enterprise devices as discovered by IoT security company Armis. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 13:46:38 |
Microsoft Starts Testing Hyper-V for Windows 10 ARM64 Devices (lien direct) |
Microsoft is bringing their Hyper-V virtual machine feature to ARM64 devices in upcoming Windows 10 builds. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 12:57:16 |
(Déjà vu) Charming Kitten Hackers Impersonate Journalist in Phishing Attacks (lien direct) |
A hacker group linked with the Iranian government attempted to steal email login information from their targets through fake interview requests and impersonating a New York Times journalist. [...] |
|
APT 35
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 12:57:16 |
Charming Kitty Hackers Impersonate Journalist in Phishing Attacks (lien direct) |
A hacker group linked with the Iranian government attempted to steal email login information from their targets through fake interview requests and impersonating a New York Times journalist. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 11:27:22 |
New Ransomware Strain Halts Toll Group Deliveries (lien direct) |
Australian transportation and logistics company Toll Group confirmed today that systems across multiple sites and business units were encrypted by a new variant of the Mailto ransomware. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 09:13:22 |
Windows 10 Search Is Broken and Shows Blank Results, How to Fix (lien direct) |
A bug in the Windows 10 Search is causing blank results to be shown in both the Start Menu and in File Explorer. This is making it impossible to search for and launch an application from the Start Menu. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-05 01:00:00 |
Bitbucket Abused to Infect 500,000+ Hosts with Malware Cocktail (lien direct) |
Attackers are abusing the Bitbucket code hosting service to store seven types of malware threats used in an ongoing campaign that has already claimed more than 500,000 business computers across the world. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 18:48:51 |
Realtek Fixes DLL Hijacking Flaw in HD Audio Driver for Windows (lien direct) |
Realtek fixed a security vulnerability discovered in the Realtek HD Audio Driver Package that could allow potential attackers to gain persistence, plant malware, and evade detection on unpatched Windows systems. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 17:51:32 |
Chrome 80 Released With 56 Security Fixes, Cookie Changes, More (lien direct) |
Google has released Chrome 80 today, February 4th, 2020, to the Stable desktop channel for the Windows, macOS, Linux, Chrome OS, iOS, and Android platforms with bug fixes, new features, and 56 security fixes. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 16:39:30 |
Emotet Gets Ready for Tax Season With Malicious W-9 Forms (lien direct) |
The Emotet Trojan is getting ready for the tax season with a fresh spam campaign pretending to be signed W-9 tax forms. [...] |
Spam
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 16:01:09 |
FBI Warns of DDoS Attack on State Voter Registration Site (lien direct) |
The US Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN) released today. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 12:57:00 |
WhatsApp Bug Allowed Attackers to Access the Local File System (lien direct) |
Facebook patched a critical WhatsApp vulnerability that would have allowed potential attackers to read files from a user's local file system, on both macOS and Windows platforms. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 09:41:20 |
Google Bug Sent Private Google Photos Videos to Other Users (lien direct) |
In a serious privacy lapse, Google is notifying users that videos stored in their Google Photos account were mistakenly shared with other unrelated users. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 03:30:00 |
(Déjà vu) Office 365 to Block Harmful Content Regardless of Custom Configs (lien direct) |
Microsoft is currently working on new features designed to block malicious content in Office 365 regardless of the custom configurations set up by administrators or users unless manually overridden. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-04 03:30:00 |
Microsoft Office 365 Will Block Malicious Content Unless Overridden (lien direct) |
Microsoft is currently working on new features designed to block malicious content in Office 365 regardless of the custom configurations set up by administrators or users unless manually overridden. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 17:06:56 |
New EmoCheck Tool Checks if You\'re Infected With Emotet (lien direct) |
A new utility has been released by Japan CERT (computer emergency response team) that allows Windows users to easily check if they are infected with the Emotet Trojan. [...] |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 16:35:27 |
Twitter Fixed Issue Exploited to Match Phone Numbers to Accounts (lien direct) |
Twitter says that it discovered and fixed an issue exploited by attackers to match specific phone numbers to their corresponding Twitter accounts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 14:29:09 |
Nintendo Hacker Pleads Guilty to Child Porn Charges, Faces 25 Years (lien direct) |
21-year-old Californian Ryan S. Hernandez pleaded guilty to hacking into several Nintendo servers, stealing confidential information on hardware, games, and developer tools, and leaking it to others. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 12:40:43 |
Bouygues Construction Shuts Down Network to Thwart Maze Ransomware (lien direct) |
French construction giant Bouygues Construction shut down their computer network to avoid having all of their data encrypted by the Maze Ransomware. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 12:02:15 |
DoD to Require Cybersecurity Certification From Defense Contractors (lien direct) |
The United States Department of Defense (DoD) announced that defense contractors will have to meet a basic level of cybersecurity standards when replying to a government acquisition program's request for proposals by 2026. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 11:21:45 |
DoppelPaymer Ransomware Sells Victims\' Data on Darknet if Not Paid (lien direct) |
The DoppelPaymer Ransomware is the latest family threatening to sell or publish a victim's stolen files if they do not pay a ransom demand. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 09:13:57 |
\'Hack\' Creates Fake Google Maps Traffic Jams With 99 Cell Phones (lien direct) |
A German artist illustrated how it is possible to create a virtual traffic jam in Google Maps by walking around the streets of Berlin with 99 cell phones. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-03 02:49:21 |
38,000 Flash Games Archived for Offline Play and Preservation (lien direct) |
With Flash being discontinued by the end of the year, over 38,000 Flash games have been archived so that they are available for offline play and historical purposes. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-02 14:04:04 |
Notepad and Paint Become Optional Features in Windows 10 (lien direct) |
In future versions of Windows 10, Microsoft is making it so you can now completely uninstall the venerable Notepad, Paint, and WordPad programs from the operating system. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-02 12:44:56 |
Tech Support Scam Hitting Microsoft Edge Start Page Takes a Break (lien direct) |
A sophisticated browser locker campaign that ran on high-profile pages, like Microsoft Edge's home or popular tech sites, was deactivated this week after in-depth research was published. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-02 10:24:24 |
Pirated Software is All Fun and Games Until Your Data\'s Stolen (lien direct) |
It may be tempting to try to download the latest games or applications for free, but doing so will ultimately land you in a hotbed of trouble as your computer becomes infected with adware, ransomware, and password-stealing Trojans. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-01 15:35:03 |
Devious Spamhaus Phishing Scam Warns You\'re on an Email Block List (lien direct) |
A new phishing campaign distributing malware pretends to be from the Spamhaus Project warning that the recipient's email address has been added to a spam block list due to sending unsolicited email. [...] |
Spam
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-02-01 08:00:00 |
Coronavirus Phishing Attacks Are Actively Targeting the US (lien direct) |
Ongoing phishing campaigns use the recent coronavirus outbreak as bait in attacks targeting individuals from the United States and the United Kingdom, impersonating the US CDC and virologists, warning of new infection cases in their area, and providing 'safety measures.' [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-31 18:52:44 |
The Week in Ransomware - January 31st 2020 - Taking it to The Courts (lien direct) |
This week we saw victim's continuing to use the legal system to target ransomware operator's assets and services as well as a new ransomware targeting vulnerabilities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-31 17:06:04 |
New Intel Microcodes for Windows 10 Released to Fix CPU Bugs (lien direct) |
Microsoft has released a new Intel Microcode update for Windows 10 1909, 1903, and older versions that contains software fixes for hardware bugs in Intel CPUs. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-31 15:40:45 |
Microsoft Offers Free Windows 10 VMs for Edge Legacy Testing (lien direct) |
Microsoft has released a free Windows 10 virtual machine containing Microsoft Edge Legacy and Internet Explorer 11 that you can use for 90 days to test applications or perform other development. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-31 14:25:57 |
Russia Threatens Facebook, Twitter With Fines, Demands User Data (lien direct) |
Roskomnadzor, Russia's telecommunications watchdog, announced today that it has instituted administrative proceedings against Facebook and Twitter because of their refusal to move the data of Russian users on servers located inside the country's borders. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-31 12:31:18 |
Winnti Group Infected Hong Kong Universities With Malware (lien direct) |
Computer systems at two Hong Kong universities were compromised in a Winnti Group campaign according to ESET researchers, during the Hong Kong protests that started in March 2019. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 19:16:35 |
(Déjà vu) Microsoft Detects New TA505 Malware Attacks After Short Break (lien direct) |
Microsoft says that an ongoing TA505 phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 19:16:35 |
Microsoft Detects New Evil Corp Malware Attacks After Short Break (lien direct) |
Microsoft says that an ongoing Evil Corp phishing campaign is using attachments featuring HTML redirectors for delivering malicious Excel documents, this being the first time the threat actors have been seen adopting this technique. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 16:14:23 |
NEC Defense Contracts Info Potentially Compromised in Breach (lien direct) |
The Japanese NEC electronics giant was the target of a cyberattack that resulted in unauthorized access to its internal network on Thursday according to information leaked to Japanese newspapers by sources close to the matter. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-01-30 15:54:32 |
TrickBot Uses a New Windows 10 UAC Bypass to Launch Quietly (lien direct) |
The TrickBot Trojan has switched to a new Windows 10 UAC bypass to execute itself with elevated privileges without showing a User Account Control prompt. [...] |
|
|
|