What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-23 06:18:01 | Euro Cup and Olympics Ticket Reseller Hit by MageCart (lien direct) | Site belonging to a reseller of tickets for Euro Cup and the Tokyo Summer Olympics, two major sports events happening later this year, have been infected with JavaScript that steals payment card details. [...] | |||
|
2020-01-23 02:00:00 | Sodinokibi Ransomware Threatens to Publish Data of Automotive Group (lien direct) | The attackers behind the Sodinokibi Ransomware are now threatening to publish data stolen from another victim after they failed to get in touch and pay the ransom to have the data decrypted. [...] | Ransomware | ||
|
2020-01-23 00:01:00 | Maze Ransomware Not Getting Paid, Leaks Data Left and Right (lien direct) | Maze ransomware operators have infected computers from Medical Diagnostic Laboratories (MDLab) and are releasing close to 9.5GB of data stolen from infected machines. [...] | Ransomware | ||
|
2020-01-22 16:42:47 | Thousands of WordPress Sites Hacked to Fuel Scam Campaign (lien direct) | Over 2,000 Wordpress sites have been hacked to fuel a campaign to redirect visitors to scam sites containing unwanted browser notification subscriptions, fake surveys, giveaways, and fake Adobe Flash downloads. [...] | |||
|
2020-01-22 13:53:32 | Citrix Releases Scanner to Detect Hacked Citrix ADC Appliances (lien direct) | Citrix released a free scanner for detecting compromised Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances by digging for indicators of compromise (IoC) collected in incident response engagements related to CVE-2019-19781 exploitation. [...] | |||
|
2020-01-22 12:48:03 | The Half-Life Series is Free to Play Until March 2020 (lien direct) | To promote the upcoming release of Valve's Half-Life: Alyx VR game for PC, you can play all of the previous games in the Half-Life series for free for a limited time. [...] | |||
|
2020-01-22 11:45:01 | Twitter Releases Updated Android App to Fix Crashes (lien direct) | Twitter has released today an update to its Android app to fix a bug that caused the app to crash immediately when you opened it. [...] | |||
|
2020-01-22 11:32:33 | Microsoft to Force Bing Search in Chrome for Office 365 ProPlus Users (lien direct) | Microsoft is planning to start installing a new Chrome extension for some Office 365 ProPlus customers that will make Bing the default search engine in Google Chrome "to access relevant workplace information directly from the browser address bar." [...] | |||
|
2020-01-22 10:26:11 | Microsoft Exposes 250M Customer Support Records on Leaky Servers (lien direct) | Microsoft disclosed a security breach caused by a misconfigured internal customer support database that led to the accidental exposure of roughly 250 million customer support and service records, some of them containing personally identifiable information. [...] | |||
|
2020-01-21 19:28:21 | Microsoft Starts Pushing Windows 10 1909 to More Devices (lien direct) | Microsoft has increased the forced rollout of Windows 1909 to devices running Windows 1809 or earlier so they are unaffected by the approaching end of service for these versions. [...] | |||
|
2020-01-21 18:03:49 | Final Windows 7 Update Breaks Desktop Wallpaper Functionality (lien direct) | The final update for the Windows 7 operating system has broken some of the desktop wallpaper functionality and caused user's backgrounds to become a blank black screen. [...] | |||
|
2020-01-21 17:33:00 | Windows 10 PowerToy Quick Launcher to Simplify Launching Apps (lien direct) | Microsoft is working on a quick launcher dubbed PowerLauncher for the Windows 10 open-source PowerToys toolset, to allow users to launch apps faster than using the Start menu. [...] | |||
|
2020-01-21 16:34:06 | ProtonVPN Apps Open Sourced for Added Transparency and Security (lien direct) | The code for ProtonVPN apps on all supported platforms - Android, iOS, macOS, and Windows - is now open source, the maker announces today, a move that follows a security audit from an independent party. [...] | |||
|
2020-01-21 15:59:00 | FBI Warns Job Applicants of Scams Using Spoofed Company Sites (lien direct) | FBI's Internet Crime Complaint Center (IC3) today issued a public service announcement to warn about scammers using spoofed company websites and fake job listings to target applicants. [...] | |||
|
2020-01-21 15:36:56 | This Citibank Phishing Scam Could Trick Many People (lien direct) | A new Citibank phishing scam is underway that utilizes a convincing domain name, TLS certs, and even requests OTP codes that could easily cause people to believe they are submitting their personal information on a legitimate page. [...] | |||
|
2020-01-21 14:30:43 | Wine 5.0 Released With Numerous Gaming Improvements for Linux (lien direct) | Wine 5.0 has been released today and contains over 7,400 bug fixes and numerous audio and graphics improvements that will increase performance in gaming on Linux. [...] | |||
|
2020-01-21 14:09:15 | (Déjà vu) Phishing Incident at UPS Store Chain Exposes Customer Info (lien direct) | Sensitive personal and financial information of UPS Store customers was exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020. [...] | |||
|
2020-01-21 14:09:15 | UPS Store Phishing Incident Exposes Customer Personal Info (lien direct) | Sensitive personal and financial information of UPS Store customers was exposed in a phishing incident affecting roughly 100 local store locations between September 29, 2019, and January 13, 2020. [...] | |||
|
2020-01-21 12:12:23 | Actively Exploited IE 11 Zero-Day Bug Gets Temporary Patch (lien direct) | A micropatch implementing Microsoft's workaround for the actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer is now available via the 0patch platform until an official fix will be released. [...] | Vulnerability | ||
|
2020-01-21 10:29:37 | Microsoft Tests Office \'Ads\' in Windows 10 Wordpad (lien direct) | Microsoft is testing promotions for the free Office web apps being displayed directly in the menu bar for the Windows 10 Wordpad application. As you can imagine, the reaction to this news has been mixed, with some not thinking it's a big deal and others not happy with this approach. [...] | |||
|
2020-01-21 06:45:41 | Windows EFS Feature May Help Ransomware Attackers (lien direct) | Security researchers have created concept ransomware that takes advantage of a feature in Windows that encrypts files and folders to protect them from unauthorized physical access to the computer. [...] | Ransomware | ||
|
2020-01-21 04:04:04 | BitPyLock Ransomware Now Threatens to Publish Stolen Data (lien direct) | A new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. [...] | Ransomware | ||
|
2020-01-21 02:02:02 | 600 Computers Taken Down After Florida Library Cyberattack (lien direct) | 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches from Daytona Beach, Florida, following a cyberattack that started around 7 AM on January 9. [...] | |||
|
2020-01-20 18:43:44 | Infiltrating Networks: Easier Than Ever Due to Evil Markets (lien direct) | Attackers don't always need to breach the networks of their victims themselves to plant malware as there are plenty of professional intruders offering their services on underground markets. [...] | Malware | ||
|
2020-01-20 17:55:23 | US Retailer Hanna Andersson Hacked to Steal Credit Cards (lien direct) | US children's apparel maker and online retailer Hanna Andersson disclosed that its online purchasing platform was hacked and malicious code was deployed to steal customers' payment info for almost two months. [...] | |||
|
2020-01-20 16:36:23 | FTCode Ransomware Now Steals Saved Login Credentials (lien direct) | FTCode ransomware victims now have one more thing to worry about with the malware having been upgraded to also steal saved user credentials from email clients and web browsers. [...] | Ransomware Malware | ||
|
2020-01-20 13:01:01 | Emotet Malware Dabbles in Extortion With New Spam Template (lien direct) | The Emotet malware has started using a spam template that pretends to be an extortion demand from a "Hacker" who states that they hacked the recipient's computer and stole their data. [...] | Spam Malware | ||
|
2020-01-20 12:27:34 | Mitsubishi Electric Warns of Data Leak After Security Breach (lien direct) | Mitsubishi Electric, a leading global company in the manufacture and sales of electrical and electronic products, disclosed a security breach that might have caused the leak of personal and confidential corporate information. [...] | Guideline | ||
|
2020-01-19 16:43:55 | Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 (lien direct) | Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution. [...] | |||
|
2020-01-19 11:01:00 | New Nest Video Extortion Scam Plays Out Like a Spy Game (lien direct) | A new sextortion scam that breaks the typical mold has been detected at the beginning of the year. Fraudsters preying on the insecurity of connected devices used footage from Nest cameras, and led victims through a convoluted path of email accounts and web sites before making their ransom price known. [...] | |||
|
2020-01-18 11:54:14 | New Jersey Synagogue Suffers Sodinokibi Ransomware Attack (lien direct) | Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network. [...] | Ransomware | ||
|
2020-01-17 18:31:17 | Microsoft Issues Mitigation for Actively Exploited IE Zero-Day (lien direct) | Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer. [...] | Vulnerability | ||
|
2020-01-17 17:49:34 | The Week in Ransomware - January 17th 2020 - Never Ends (lien direct) | Data exfiltration is still the big thing this week, with the Sodinokibi Ransomware publishing stolen files of one of their victims for the first time and Nemty planning on leaking stolen files as well. [...] | Ransomware | ||
|
2020-01-17 16:15:59 | New US Bill Wants to Assign State Cybersecurity Coordinators (lien direct) | Four U.S. Senators have introduced a bipartisan bill that will require the Department of Homeland Security (DHS) to appoint cybersecurity effort coordinators in every state to orchestrate cyberattack response and remediation efforts, and to improve coordination between federal, state, and local entities. [...] | |||
|
2020-01-17 15:14:39 | How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw (lien direct) | The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This creates trust in the program, which may cause a user to be more willing to execute them. [...] | Malware Vulnerability | ||
|
2020-01-17 13:26:01 | FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw (lien direct) | FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers. [...] | Vulnerability | ||
|
2020-01-17 11:40:37 | Hackers Are Securing Citrix Servers, Backdoor Them for Access (lien direct) | An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access. [...] | Threat | ||
|
2020-01-17 03:42:00 | Fraudsters Set Up Site Selling Temporary Social Security Numbers (lien direct) | Some fraudsters have set up a scam site claiming to be for a data protection fund created by the U.S. Federal Trading Commission (FTC) to offer financial compensation to users whose personal data appeared in information leaks. [...] | |||
|
2020-01-16 20:11:22 | (Déjà vu) WeLeakInfo.com Seized For Selling Info from Data Breaches, 2 Arrested (lien direct) | As a clear indication of how law enforcement views the commercial disclosure of stolen information, the FBI has seized the WeLeakInfo.com domain and arrested two individuals for selling subscriptions to data exposed in breaches. [...] | |||
|
2020-01-16 20:11:22 | FBI Seize WeLeakInfo.com For Selling Info From Data Breaches (lien direct) | As a clear indication of how law enforcement views the commercial disclosure of stolen information, the FBI has seized the WeLeakInfo.com domain for selling subscriptions to data exposed in breaches. [...] | |||
|
2020-01-16 18:40:00 | Dutch Govt Suggests Turning Off Citrix ADC Devices, Mitigations May Fail (lien direct) | Mitigation recommendations for CVE-2019-19781, a currently unpatched critical flaw affecting Citrix Application Delivery Controller (ADC) and Citrix Gateway, do not have the expected effect on all product versions. [...] | |||
|
2020-01-16 18:17:56 | Windows 10 Insider Build 19546 Adds Graphing Mode to Calculator (lien direct) | Microsoft has released Windows 10 Insider Preview Build 19546 to Insiders in the Fast ring, which has added a new Graphing Mode to the Windows Calculator and fixed bugs in Timeline, Outlook search, and more. [...] | |||
|
2020-01-16 18:01:52 | FBI to Warn State Officials of Election Infrastructure Cyber Threats (lien direct) | The Federal Bureau of Investigation (FBI) today announced a change in policy requiring the timely notification of state officials of potential cyber threats to election infrastructure. [...] | |||
|
2020-01-16 16:49:48 | Google Chrome Adds Protection for NSA\'s Windows CryptoAPI Flaw (lien direct) | Google just released Chrome 79.0.3945.130, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability. [...] | |||
|
2020-01-16 16:30:00 | WordPress Plugin Bugs Let Hackers Wipe or Takeover Your Site (lien direct) | Critical bugs found in the WordPress Database Reset plugin used by over 80,000 sites allow attackers to drop all users and get automatically elevated to an administrator role and to reset any table in the database. [...] | |||
|
2020-01-16 16:00:16 | TrickBot Now Uses a Windows 10 UAC Bypass to Evade Detection (lien direct) | The TrickBot Trojan has received an update that adds a UAC bypass targeting the Windows 10 operating system so that it infects users without displaying any visible prompts. [...] | |||
|
2020-01-16 12:59:37 | PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks (lien direct) | Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after Microsoft released a patch. [...] | Vulnerability | ||
|
2020-01-16 10:40:00 | Google to Kill Chrome Apps Across All Platforms (lien direct) | Google announced that it will slowly phase out support for Chrome apps on all operating systems until they will completely stop working in June 2022 for all users. [...] | |||
|
2020-01-16 03:24:22 | Customer-Owned Bank Informs 100k of Breach Exposing Account Balance, PII (lien direct) | P&N Bank in West Australia (WA) is informing its customers that hackers may have accessed personal information stored on its systems following a cyber attack. [...] | |||
|
2020-01-11 13:05:27 | The Week in Ransomware - January 10th 2020 - Now Data Breaches (lien direct) | This week we have seen new ransomware operators targeting businesses, stolen data published, and the Sodinokibi Ransomware being confirmed as behind the Travelex cyber attack. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
