Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 18:28:59 |
Fake Fedex and UPS delivery issues used in COVID-19 phishing (lien direct) |
As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...] |
|
FedEx
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 17:48:43 |
WordPress plugin bug lets hackers create rogue admin accounts (lien direct) |
WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites by exploiting a Cross-Site Request Forgery flaw. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 15:34:34 |
Twitter kills SMS-based tweeting in most countries (lien direct) |
Twitter announced today that it has turned off the Twitter via SMS service because of security concerns, a service which allowed the social network's users to tweet using text messages since its early beginnings. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 13:09:40 |
Microsoft investigating Windows 10 KB4549951 BSOD reports (lien direct) |
Microsoft is investigating Bluetooth issues, failures to install, blue screen reports received from users who have installed or attempted to install the KB4549951 cumulative update released during this month's Patch Tuesday. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 11:47:31 |
Shade Ransomware shuts down, releases 750K decryption keys (lien direct) |
The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 11:07:06 |
Asnarök malware exploits firewall zero-day to steal credentials (lien direct) |
Some Sophos firewall products were attacked with a new Trojan malware, dubbed Asnarök by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-27 00:01:00 |
Microsoft Teams patched against image-based account takeover (lien direct) |
After looking at how Microsoft Teams handles image resources, security researchers found a way to take over accounts by sending recipients a regular GIF. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-26 16:27:36 |
How to prevent new Windows 10 updates from ruining your day (lien direct) |
Microsoft allows Windows 10 Home, Pro and Enterprise customers to control when and how Windows 10 installs monthly and half-yearly updates. If a driver or update causes problems, you can delay updates, you can uninstall it and block Windows from downloading it again. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-26 15:43:44 |
Hackers exploit zero-day in Sophos XG Firewall, fix released (lien direct) |
Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-26 13:48:30 |
WSLFetch creates colorful Windows 10 WSL Linux information (lien direct) |
If you want to show off what Windows Subsystem for Linux distribution you are using in Windows 10, you can do so in style using the WSLFetch utility. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-25 15:08:13 |
(Déjà vu) Ubuntu 20.04 LTS for Windows 10 Released on Microsoft Store (lien direct) |
In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-25 15:08:13 |
Ubuntu 20.04 LTS for Windows 10 Released on the Microsoft Store (lien direct) |
In their first Windows LTS release in two years, Canonical has released Ubuntu 20.04 for the Windows 10 Subsystem for Linux on the Microsoft Store. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-25 12:08:55 |
Microsoft Edge: New feature and improvements coming soon (lien direct) |
Microsoft's Chromium-based Edge browser was released in January to consumers and enterprises and new features, and Microsoft has been busy adding new features to the browser to make it stand out from Google Chrome. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 19:09:31 |
The Week in Ransomware - April 24th 2020 - High Profile Attacks (lien direct) |
There was not a lot of new variants released this week, but we did have some news such as the ransomware attack on Cognizant, the leaking of data for a California city, and the continued attacks on hospitals. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 17:44:39 |
Phishing uses lay-off Zoom meeting alerts to steal credentials (lien direct) |
Zoom users are targeted by a new phishing campaign that threatens those who work in corporate environments that they're contracts will either be suspended or terminated during a Zoom meeting. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 15:56:41 |
Phishing attacks target US Payroll Protection Program Loans (lien direct) |
With hundreds of thousands of small businesses in the USA anxiously awaiting news about their submitted Payroll Protection Program SBA loans, threat actors are sending phishing emails that prey on their anxiety to steal email accounts. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 15:18:37 |
Researchers: 30,000% increase in pandemic-related threats (lien direct) |
An increase of 30,000% in pandemic-related malicious attacks and malware was seen in March by security researchers at cloud security firm Zscaler when compared to the beginning of 2020 when the first threats started using COVID-19-related lures and themes. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 13:14:33 |
BazarBackdoor: TrickBot gang\'s new stealthy network-hacking malware (lien direct) |
A new phishing campaign is delivering a new stealthy backdoor from the developers of TrickBot that is used to compromise and gain full access to corporate networks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 12:48:04 |
US universities targeted with malware used by state-backed actors (lien direct) |
Faculty and students at several U.S. colleges and universities were targeted in phishing attacks with a remote access Trojan (RAT) previously used by Chinese state-sponsored threat actors. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 10:48:01 |
400.000 US, South Korean card records put up for sale online (lien direct) |
Details on roughly 400,000 payment cards related to US and South Korean financial organizations and banks are currently up for sale on Joker's Stash, the largest and most popular carding shop on the Internet. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-24 09:48:05 |
Phishing spoofs US Federal Reserve to steal online bank accounts (lien direct) |
Scammers have been sending out emails that impersonate the U.S. Federal reserve and lure recipients with financial relief options through the Payment Protection Program. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 19:11:05 |
Windows 10 KB4549951 update fails to install, causes BSODs (lien direct) |
The Windows 10 KB4549951 cumulative update is reportedly failing to install and is causing blue screens of death (BSOD) after installation reboots, among other issues, according to user reports. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 17:32:22 |
SeaChange video platform allegedly hit by Sodinokibi ransomware (lien direct) |
A video delivery platform company is the latest victim of the Sodinokibi Ransomware, who has posted images of data they claim to have stolen from the company during a cyberattack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 15:27:50 |
New GreyNoise free service alerts you when your devices get hacked (lien direct) |
Cyber-security firm GreyNoise Intelligence today announced the launch of GreyNoise Alerts, a new free service that will automatically notify you via email when any devices on your organization's IP address range get hacked and start exhibiting potentially malicious behavior. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 14:10:33 |
NSA: Hackers exploit these vulnerabilities to deploy backdoors (lien direct) |
The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly issued an advisory warning of threat actors increasingly exploiting vulnerable web servers to deploy web shells. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 10:03:59 |
Creative Skype phishing campaign uses Google\'s .app gTLD (lien direct) |
Attackers have deployed a phishing campaign against remote workers using Skype, luring them with emails that fake notifications from the service. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-23 08:00:00 |
Malwarebytes releases new VPN service for Windows (lien direct) |
Malwarebytes is expanding into privacy with the release of a new Windows VPN service called Malwarebytes Privacy. Malwarebytes plans on offering Mac, iOS, Android, and ChromeOS versions in the future. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 18:00:01 |
Customer complaint phishing pushes network hacking malware (lien direct) |
A new phishing campaign is underway that targets a company's employees with fake customer complaints that install a new backdoor used to compromise a network. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 17:29:15 |
Valve reassures gamers after CS:GO and Team Fortress 2 leaks (lien direct) |
The source code of Valve's Team Fortress 2 and Counter-Strike: Global Offensive games was leaked today and published on the Internet for anyone to download. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 15:03:57 |
State-backed phishing targets govt employees with fast food lures (lien direct) |
More than a dozen state-backed hacking groups are actively targeting U.S. Government employees and healthcare organizations in phishing campaigns that use lures designed to take advantage of the fears surrounding the COVID-19 pandemic. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 13:00:30 |
New iOS zero-days actively used against high-profile targets (lien direct) |
Two zero-day vulnerabilities affecting iPhone and iPad devices were found by cybersecurity startup ZecOps after the discovery of a series of ongoing remote attacks that have targeted iOS users since at least January 2018. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 11:01:44 |
Window 10 update weakened Google Chrome\'s security (lien direct) |
A Windows 10 kernel bug made it possible to escape Google Chrome's sandbox, a security researcher with Google Project Zero found. The vulnerability was introduced with version 1903 of the operating system on May 21, 2019. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-22 09:00:00 |
Revive ad servers being hacked to distribute malicious ads (lien direct) |
The Tag Barnakle malvertising group is hacking into Revive ad servers to inject and deliver malicious advertisements on unwary visitors. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 18:24:22 |
Microsoft releases OOB security updates for Microsoft Office (lien direct) |
Microsoft has released an out-of-band security update that fixes remote code execution vulnerabilities in an Autodesk FBX library integrated into Microsoft Office and Paint 3D applications. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 16:34:25 |
DoppelPaymer Ransomware hits Los Angeles County city, leaks files (lien direct) |
The City of Torrance of the Los Angeles metropolitan area, California, has allegedly been attacked by the DoppelPaymer Ransomware, having unencrypted data stolen and devices encrypted. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 14:59:45 |
FBI warns of COVID-19 phishing targeting US health providers (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) today warned of ongoing phishing campaigns targeting US healthcare providers using COVID-19 themed lures to distribute malicious attachments. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 14:09:29 |
Windows 10 KB4550945 update released with Windows Update fixes (lien direct) |
Microsoft has released a Windows 10 update that fixes multiple bugs in Windows 10, version 1909 and Windows 10, version 1903, including issue causing Windows Update to stop responding and the lock screen to stop appearing. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 13:31:20 |
Researcher discloses four IBM zero-days after refusal to fix (lien direct) |
Four zero-day vulnerabilities found in an IBM enterprise security software were disclosed today by a security researcher after IBM refused to fix them and to accept the vulnerability report sent via CERT/CC. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 12:11:19 |
New Microsoft 365 Personal and Family released with AI editor (lien direct) |
Microsoft 365 Personal and Family consumer subscriptions are now generally available to replace some Office 365 plans and to add more features for both free and premium accounts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 08:30:00 |
New Coronavirus screenlocker malware is extremely annoying (lien direct) |
A fake WiFi hacking program is being used to distribute a new Coronavirus-themed malware that tries to lock you out of Windows while making some very annoying sounds. [...] |
Malware
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-21 04:00:00 |
Spearphishing campaigns target oil, gas companies with spyware (lien direct) |
Cybercriminals are targeting the oil and gas industry sector with highly targeted spearphishing campaigns impersonating shipment companies and engineering contractors while attempting to infect their targets with Agent Tesla info-stealer malware payloads. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-20 16:45:37 |
FBI says that sharing personal info online only helps scammers (lien direct) |
The FBI's Charlotte office today warned against the sharing of sensitive personal information on social media as threat actors can take advantage of it to reset passwords and gain full control of accounts and the data stored within. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-20 16:06:27 |
How to download the Windows 10 2004 ISO from Microsoft now (lien direct) |
Microsoft announced last week that the Windows 10 2004 build 19041.207 is the final RTM version and will be released next month as the Windows 10 May 2020 Update. For those who want to download an ISO and perform a clean install of Windows 10 2004 before it's released, you use the following instructions. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-20 14:04:42 |
Windows 10 SMBGhost RCE exploit demoed by researchers (lien direct) |
A proof-of-concept remote code execution (RCE) exploit for the Windows 10 CVE-2020-0796 'wormable' pre-auth remote code execution vulnerability was developed and demoed today by researchers at Ricerca Security. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-20 13:18:02 |
267 million Facebook profiles sold for $600 on the dark web (lien direct) |
Threat actors are selling over 267 million Facebook profiles for £500 ($623) on dark web sites and hacker forums. While none of these records include passwords, they do contain information that could allow attackers to perform spear phishing or SMS attacks to steal credentials. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-20 12:47:35 |
FBI: extortion scammers more active due to stay-at-home orders (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) warned today of an increasing number of online extortion scam reports because a lot more people are being targeted due to the "stay-at-home" orders issued during the COVID-19 pandemic. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-19 14:38:24 |
Windows 10: Manage Reserved Storage from the command line (lien direct) |
In a couple of weeks, Windows May 2020 Update will begin rolling out to consumers and enterprises and it will arrive with the ability to manage Reserved Storage from the command line. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-19 10:15:01 |
Coronavirus Dark Web Scams: From infected blood to ventilators (lien direct) |
The dark web has always been a cesspool of black markets and conspiracy theories, but now with the Coronavirus outbreak, scammers have a new and more desperate audience to target their scams. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-18 13:45:29 |
IT services giant Cognizant suffers Maze Ransomware cyber attack (lien direct) |
Information technologies services giant Cognizant suffered a cyber attack Friday night allegedly by the operators of the Maze Ransomware, BleepingComputer has learned. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2020-04-18 12:10:10 |
Windows 10 making it easier to manage default file associations (lien direct) |
Microsoft is making it easier to change your default file associations by adding a new search feature that lets you quickly find the extension you wish to modify. [...] |
|
|
|