What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-10 18:22:01 | U.S. warns of increased cyberattacks against K-12 distance learning (lien direct) | K-12 educational institutions in the U.S. are being targeted by malicious actors for extortion, data theft, and general disruption of normal activity. The trend will continue through the 2020/2021 academic year. [...] | |||
|
2020-12-10 17:54:40 | Fake data breach alerts used to steal Ledger cryptocurrency wallets (lien direct) | A phishing scam is underway that targets Ledger wallet users with fake data breach notifications used to steal cryptocurrency from recipients. [...] | Data Breach | ||
|
2020-12-10 16:17:18 | Sophos fixes SQL injection vulnerability in their Cyberoam OS (lien direct) | Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. [...] | Vulnerability | ||
|
2020-12-10 13:39:46 | 250,000 stolen MySQL databases for sale on dark web auction site (lien direct) | Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers. [...] | |||
|
2020-12-10 12:08:50 | Windows Kerberos Bronze Bit attack gets public exploit, patch now (lien direct) | Proof-of-concept exploit code and full details on a Windows Kerberos security bypass vulnerability have been published earlier this week by Jake Karnes, the NetSPI security consultant and penetration tester who reported the security bug to Microsoft. [...] | Vulnerability | ||
|
2020-12-10 11:00:00 | Cisco fixes new Jabber for Windows critical code execution bug (lien direct) | Cisco has addressed a new critical severity remote code execution (RCE) vulnerability affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms after patching a related security bug in September. [...] | Vulnerability Patching | ||
|
2020-12-10 09:47:27 | Hackers can use WinZip insecure server connection to drop malware (lien direct) | The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users. [...] | Malware Tool | ||
|
2020-12-10 09:24:28 | Teen who shook the Internet in 2016 pleads guilty to DDoS attacks (lien direct) | One of the operators behind a Mirai botnet pleaded guilty to their involvement in a huge DDoS attack that caused a massive Internet disruption during October 2016. [...] | Guideline | ||
|
2020-12-10 08:01:35 | Microsoft Edge gets a performance boost with sleeping tabs (lien direct) | Microsoft is rolling out a sleeping tabs feature to the new Chromium-based Edge web browser which will drastically reduce memory and CPU resource usage. [...] | |||
|
2020-12-09 16:00:00 | Qbot malware switched to stealthy new Windows autostart method (lien direct) | A new Qbot malware version now activates its persistence mechanism right before infected Windows devices shutdown and it automatically removes any traces when the system restarts or wakes up from sleep. [...] | Malware | ||
|
2020-12-09 13:51:08 | (Déjà vu) Pfizer COVID-19 vaccine documents accessed in EMA cyberattack (lien direct) | The European Medicines Agency (EMA) responsible for COVID-19 vaccine approval has suffered a cyberattack of an undisclosed nature, according to a statement posted on their website. [...] | |||
|
2020-12-09 13:51:08 | European Medicines Agency fully operational after cyberattack (lien direct) | The European Medicines Agency (EMA) responsible for COVID-19 vaccine approval has suffered a cyberattack of an undisclosed nature, according to a statement posted on their website. [...] | |||
|
2020-12-09 12:25:53 | DHS-CISA urges admins to patch OpenSSL DoS vulnerability (lien direct) | This week OpenSSL has released fixes for a high severity Denial of Service (DoS) vulnerability, CVE-2020-1971. U.S. DHS Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to upgrade their vulnerable OpenSSL instances immediately. [...] | Vulnerability | ||
|
2020-12-09 11:38:46 | Credit card stealer hides in CSS files of hacked online stores (lien direct) | Credit card stealer scripts are evolving and become increasingly harder to detect due to novel hiding tactics. The latest example is a web skimmer that uses CSS code to blend within the pages of a compromised store and to steal customers' personal and payment information. [...] | |||
|
2020-12-09 11:10:41 | Russian hackers hide Zebrocy malware in virtual disk images (lien direct) | Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection. [...] | Malware | ||
|
2020-12-09 09:26:48 | Adobe fixes critical security vulnerabilities in Lightroom, Prelude (lien direct) | Adobe has released security updates to address critical severity security bugs affecting Windows and macOS versions of Adobe Lightroom and Adobe Prelude. [...] | |||
|
2020-12-09 08:25:38 | Microsoft fixes new Windows Kerberos security bug in staged rollout (lien direct) | Microsoft has issued security updates to address a Kerberos security feature bypass vulnerability impacting multiple Windows Server versions in a two-phase staged rollout. [...] | Vulnerability | ||
|
2020-12-08 18:13:21 | Ransomware forces hosting provider Netgain to take down data centers (lien direct) | Cloud hosting and IT services provider Netgain was forced to take some of their data centers offline after suffering a ransomware attack in late November. [...] | Ransomware | ||
|
2020-12-08 16:58:18 | FireEye reveals that it was hacked by a nation state APT group (lien direct) | Leading cybersecurity company FireEye disclosed today that it was hacked by a threat actor showing all the signs of a state-sponsored hacking group. [...] | Threat Guideline | ||
|
2020-12-08 13:58:20 | Microsoft issues guidance for DNS cache poisoning vulnerability (lien direct) | Microsoft issued guidance on how to mitigate a DNS cache poisoning vulnerability reported by security researchers from the University of California and Tsinghua University. [...] | Vulnerability | ||
|
2020-12-08 13:37:31 | Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities (lien direct) | Today is Microsoft's December 2020 Patch Tuesday, and Windows administrators will be scrambling to put out fires, so be kind to them. As part of this Patch Tuesday, Microsoft fixed 58 security vulnerabilities and release a DNS cache poisoning vulnerability advisory. [...] | Vulnerability | ||
|
2020-12-08 13:27:45 | Windows 10 Cumulative Updates KB4592449 & KB4592438 released (lien direct) | The first batch of security updates or 'B' updates for the month of 'December 2020' is now available for all supported versions of Windows 10 including version 20H2. [...] | |||
|
2020-12-08 12:48:37 | Norway: Russian APT28 state hackers likely behind Parliament attack (lien direct) | Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). [...] | APT 28 | ||
|
2020-12-08 12:00:00 | Severe MDHexRay bug affects 100+ GE Healthcare imaging systems (lien direct) | A vulnerability in GE Healthcare's proprietary management software used for medical imaging devices could put patients' health privacy at risk, potentially their lives. [...] | Vulnerability | ||
|
2020-12-08 11:35:00 | Credit card stealing malware bundles backdoor for easy reinstall (lien direct) | An almost impossible to remove malware set to automatically activate on Black Friday was deployed on multiple Magento-powered online stores by threat actors according to researchers at Dutch cyber-security company Sansec. [...] | Malware Threat | ||
|
2020-12-08 11:03:52 | Scammers spoof Target\'s gift card balance checking page (lien direct) | It's the giving season, and cybercriminals are more actively looking to steal gift cards. One of the most popular brands in their sight is giant retailer Target. [...] | |||
|
2020-12-08 09:20:00 | All Kubernetes versions affected by unpatched MiTM vulnerability (lien direct) | The Kubernetes Product Security Committee has provided advice on how to temporarily block attackers from exploiting a vulnerability that could enable them to intercept traffic from other pods in multi-tenant Kubernetes clusters in man-in-the-middle (MiTM) attacks. [...] | Vulnerability | Uber | |
|
2020-12-08 09:02:55 | D-Link VPN routers get patch for remote command injection bugs (lien direct) | An vulnerability in D-link firmware powering multiple routers with VPN passthrough functionality allows attackers to take full control of the device. [...] | Vulnerability | ||
|
2020-12-07 19:13:06 | Monster Azure VM used to play Tetris in Windows Task Manager (lien direct) | Microsoft Azure CTO Mark Russinovich utilized a monster 420 logical processor virtual machine to play Tetris using the CPU core list in Windows Task Manager. [...] | |||
|
2020-12-07 16:18:57 | PlayStation Now bugs let sites run malicious code on Windows PCs (lien direct) | Security bugs found in the PlayStation Now (PS Now) cloud gaming Windows application allowed attackers to execute arbitrary code on Windows devices running vulnerable app versions. [...] | |||
|
2020-12-07 13:36:07 | Cisco fixes Security Manager vulnerabilities with public exploits (lien direct) | Cisco has released security updates to address multiple pre-authentication vulnerabilities with public exploits affecting Cisco Security Manager that could allow for remote code execution after successful exploitation. [...] | |||
|
2020-12-07 13:01:04 | Foxconn electronics giant hit by ransomware, $34 million ransom (lien direct) | Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. [...] | Ransomware | ||
|
2020-12-07 11:30:00 | Microsoft announces Azure cloud for top secret government data (lien direct) | Microsoft today announced the launch of a new offering for its mission-critical Azure Government cloud targeted at government customers and partners that regularly work with top-secret classified data. [...] | |||
|
2020-12-07 11:19:43 | NortonLifeLock purchases Avira for $360 million (lien direct) | NortonLifeLock announced today that they have agreed to acquire Avira in an all-cash transaction for approximately $360 million. [...] | |||
|
2020-12-07 10:03:52 | NSA: Russian state hackers exploit new VMware vulnerability to steal data (lien direct) | The National Security Agency (NSA) warns that Russian state-sponsored threat actors are exploiting a recently patched VMware vulnerability to steal sensitive information after deploying web shells on vulnerable servers. [...] | Vulnerability Threat | ||
|
2020-12-07 09:10:25 | QNAP patches QTS vulnerabilities allowing NAS device takeover (lien direct) | Network-attached storage (NAS) maker QNAP today released security updates to address vulnerabilities that could enable attackers to take control of unpatched NAS devices following successful exploitation. [...] | |||
|
2020-12-06 16:13:18 | Hands on with Cortana\'s new file finder feature on Windows 10 (lien direct) | A new Windows 10 feature lets you use the digital assistant to open and find files and save time spent navigating File Explorer or OneDrive. [...] | |||
|
2020-12-06 15:10:45 | Microsoft tests new method to release Windows 10 features and fixes (lien direct) | Microsoft is testing a way to quickly bring new features and improvements to Windows 10 outside of the regularly scheduled Windows updates. [...] | |||
|
2020-12-05 15:33:14 | Police arrest two in data theft cyberattack on Leonardo defense corp (lien direct) | Italian police have arrested two people allegedly for using malware to steal 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. [...] | Malware | ||
|
2020-12-05 13:56:20 | How to hide unwanted driver updates in Windows 10 (lien direct) | Almost every month, the Windows Update catalogue is updated with unwanted drivers prepared by OEMs and driver vendors. Fortunately, Microsoft allows users to hide or pause specific driver updates using a tool called "Show or hide updates troubleshooter". [...] | Tool | ||
|
2020-12-05 12:41:07 | Google Chrome is getting a real-time webpage performance overlay (lien direct) | Google Chrome is getting a new browser heads-up display that displays performance metrics about the web pages you are visiting. [...] | |||
|
2020-12-05 10:02:00 | MetaMask phishing steals cryptocurrency wallets via Google ads (lien direct) | Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. [...] | |||
|
2020-12-04 17:55:00 | The Week in Ransomware - December 4th 2020 - Education under attack (lien direct) | It has been another rough week for the enterprise and education as ransomware continues to impact business operations and shut down schools. [...] | Ransomware | ||
|
2020-12-04 15:50:39 | FBI: You may be a money mule and not even know it (lien direct) | The FBI has warned of an increasing number of scammers preying on unemployed Americans by trying to recruit them into their money mule schemes and use them to launder funds obtained via fraud, online scams, and other types of criminal activities. [...] | |||
|
2020-12-04 15:24:29 | Monolith mystery solved: Artist claims he made \'alien\' structures (lien direct) | An artist has claimed responsibility for the mysterious monoliths that have been appearing across the world, including Utah, California, and Romania. The pseudonymous artist has these monumental structures for sale on their website for $45,000. [...] | |||
|
2020-12-04 12:28:37 | US and Australia to develop shared cyberattack training platform (lien direct) | The United States and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command (USCYBERCOM) and the Information Warfare Division (IWD) of the Australian Defense Force to jointly develop and share a virtual cyber training platform. [...] | |||
|
2020-12-04 10:25:16 | Largest global staffing agency Randstad hit by Egregor ransomware (lien direct) | Staffing agency Randstad NV announced today that their network was breached by the Egregor ransomware, who stole unencrypted files during the attack. [...] | Ransomware | ||
|
2020-12-04 07:45:13 | VMware fixes zero-day vulnerability reported by the NSA (lien direct) | VMware has released security updates to address a zero-day vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. [...] | Vulnerability | ||
|
2020-12-04 02:02:02 | BlackShadow hackers extort Israeli insurance company for $1 million (lien direct) | Threat actors are extorting an Israeli insurance company by demanding almost $1 million in bitcoin to stop leaking the company's stolen data. [...] | Threat | ||
|
2020-12-04 00:25:35 | Metro Vancouver\'s transit system hit by Egregor ransomware (lien direct) | The Egregor ransomware operation has breached Metro Vancouver's transportation agency TransLink with the cyberattack causing disruptions in services and payment systems. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
