What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-01-02 13:30:05 | Microsoft Adds New Microsoft 365 Security and Compliance Bundles (lien direct) | The Identity & Threat Protection and Information Protection & Compliance packages will be available for purchase from February 1, 2019, under a subscription model. [...] | Threat | ||
|
2019-01-02 10:11:00 | Court Dismisses Lawsuit Against Google\'s Facial Recognition Tech (lien direct) | A federal judge dismissed the Class Action Complaint saying that the automated generation of biometric data when uploading images to Google's cloud photo storage service is not in violation of the Illinois Biometric Information Privacy Act [...] | |||
|
2019-01-02 09:19:01 | How to Decrypt the FilesLocker Ransomware with FilesLockerDecrypter (lien direct) | On December 29th, an unknown user released the master RSA decryption key for FilesLocker v1 and v2. This allowed Michael Gillespie to release a decryptor for files encrypted by the FilesLocker Ransomware that have the .[fileslocker@pm.me] extension appended to file names. [...] | Ransomware | ||
|
2019-01-02 03:45:01 | Google Chrome to Support Windows 10\'s Dark Mode Setting (lien direct) | Google has stated that they will be adding support for Windows 10 Dark Mode in an upcoming version of the Chrome browser. [...] | |||
|
2018-12-31 09:11:03 | Ryuk Ransomware Involved in Cyberattack Stopping Newspaper Distribution (lien direct) | A cyberattack reportedly bearing the signature of Ryuk ransomware caused disruption over the weekend in printing and delivery of major newspapers in the US from Tribune Publishing and Los Angeles Times. [...] | Ransomware | ||
|
2018-12-31 07:00:03 | The EU Opens Bug Hunting Season in 2019 for 15 Open-Source Projects It Uses (lien direct) | The European Commission has decided to take its Free and Open Source Software Audit (FOSSA) project a step further by offering €851,000 in bounties for bugs uncovered in 15 products it uses. [...] | |||
|
2018-12-30 11:58:00 | Windows Zero-Day Bug Allows Overwriting Files with Arbitrary Data (lien direct) | A security researcher has disclosed exploit code for a fourth zero-day vulnerability in Windows operating system in just as many months. The bug enables overwriting a target file with arbitrary data. [...] | Vulnerability | ||
|
2018-12-29 12:21:02 | AdDuplex: The October 2018 Update Is Now on 6.6% of Windows 10 PCs (lien direct) | The cross-promotion network AdDuplex says that Windows 10 October 2018 Update (version 1809) holds just 6.6% of market share. The company report suggests that that Windows 10 October 2018 update has more than doubled its share since last month but its propagation is still very slow as it still in single digits. [...] | |||
|
2018-12-29 12:13:00 | Beware of American Express Emails With Attached Phishing Form (lien direct) | A phishing campaign is underway that pretends to be from American Express and states that there is a security issue with your credit card. It then prompts you to open an attached HTML phishing form that will send the inputted information back to the scammers. [...] | |||
|
2018-12-29 00:37:00 | Breaking Protections in Hardware Cryptocurrency Wallets (lien direct) | A team of security researchers showed how fragile is the security of some hardware cryptocurrency wallets. The experts tested the Trezor One, Ledger Nano S, and Ledger Blue against supply-chain and side-channel attacks, and found chip and firmware-level vulnerabilities. [...] | |||
|
2018-12-28 16:25:01 | Windows 10 19H1 Update to Introduce Windows Security App Improvements (lien direct) | In latest 19H1 preview builds, Microsoft has introduced new Windows Security app improvements including the ability to set up Tamper Protection and view Protection History. [...] | |||
|
2018-12-28 13:32:02 | Shared Tweeting Privileges Easy to Get by Spoofing Phone Numbers (lien direct) | Twitter accounts of several celebrities and journalists in the UK shared control of the tweet feed to an unauthorized user for a brief period. [...] | |||
|
2018-12-28 10:57:02 | Microsoft is Adding AVIF Image Support to Windows 10 (lien direct) | Starting with Windows 10 Insider build 18305, Microsoft has started to add support for the AVIF image format. This support is first being added to Microsoft Paint and File Explorer, but can be expanded to other applications through an API. [...] | |||
|
2018-12-27 18:38:02 | Demo Exploit Code Published for Remote Code Execution via Microsoft Edge (lien direct) | Exploit code demonstrating a memory corruption bug in Microsoft's Edge web browser has been published today by the researcher that discovered and reported the vulnerability in the first place. The code can lead to remote code execution on unpatched machines. [...] | Vulnerability Guideline | ||
|
2018-12-27 12:15:02 | Mozilla is Making it Easier to Search Open Tabs in Firefox (lien direct) | If you always have a lot of tabs open and its difficult to find a particular tab, Mozilla is introducing a feature that will make this easier. Starting in Firefox 66, Mozilla will be adding the ability to search the open tabs in Firefox in order to find a particular tab. [...] | |||
|
2018-12-27 09:47:03 | New Shamoon Sample from France Signed with Baidu Certificate (lien direct) | A new sample of Shamoon disk-wiping malware was uploaded from France recently to the VirusTotal scanning platform. It tries to pass as a system optimization tool from Chinese technology company Baidu. [...] | Malware Tool | ||
|
2018-12-26 11:08:04 | JungleSec Ransomware Infects Victims Through IPMI Remote Consoles (lien direct) | A ransomware called JungleSec is infecting victims through insecure IPMI (Intelligent Platform Management Interface) cards since early November. [...] | Ransomware | ||
|
2018-12-25 15:27:03 | 18 Months Later, WannaCry Still Lurks on Infected Computers (lien direct) | Eighteen months after the initial outbreak of the WannaCry Ransomware infection, the malware continues to rear its head on thousands, if not hundreds of thousands, of infected computers. [...] | Malware | Wannacry | |
|
2018-12-25 12:48:02 | Beware of BMW Lottery Email Scam Stating You Won a BMW M240i (lien direct) | Emails are going around that may make you think you won a free 2018 BMW 2 Series M240i for the holidays, but the reality is that you just received a scam email that is trying to gather your personal information. [...] | |||
|
2018-12-24 16:30:03 | Windows 10\'s Disk Cleanup Getting a New Warning About Downloads Folder (lien direct) | Windows 10's 19H1 update will add a new warning message in the Disk Cleanup app for the Downloads folder. Starting with Windows 10 Build 18305, the Disk Cleanup finally displays a warning when the user selects the Downloads folder. [...] | |||
|
2018-12-24 11:37:03 | Orange LiveBox Modems Targeted for SSID and WiFi Info (lien direct) | A vulnerability in LiveBox ADSL modems from Orange allows an attacker to retrieve their SSID and WiFi password in plaintext by simply sending a request over the internet. [...] | Vulnerability | ||
|
2018-12-24 09:30:04 | Hacking Christmas Lights For Fun and Mischief (lien direct) | Researchers playing with Twinkly IoT lights found security weaknesses that allowed them to display custom lighting effects and to remotely turn off their Christmas brilliance. They estimate that about 20,000 devices are reachable over the internet. [...] | |||
|
2018-12-22 14:11:05 | New Tech Support Scam Causes Chrome Browser to Use 100% of the CPU (lien direct) | A new tech support scam has been discovered that uses JavaScript to create a loop that ultimately causes Google Chrome to use up all of the CPU resources on the computer and freeze the browser. [...] | |||
|
2018-12-22 11:06:03 | Info on Over 500,000 Students and Staff Exposed in San Diego School District Hack (lien direct) | Personal information belonging to over half a million students going back the 2008-2009 school year, parents, and staff members of San Diego Unified School District (SDUSD) may have been compromised in a data breach incident. [...] | Data Breach Hack | ||
|
2018-12-21 19:22:01 | The Clickjacking Bug that Facebook Won\'t Fix (lien direct) | A security professional exposed to a spam campaign on Facebook discovered the method used by the perpetrator and submitted a report through the company's bug bounty program. The issue still exists because Faceboook dismissed it on on the grounds that it does not change the state of the account. [...] | Spam | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransom (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransomware (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline | ||
|
2018-12-21 10:17:03 | How to Decrypt the Stupid Ransomware Family with StupidDecrypter (lien direct) | Stupid Ransomware is a family of ransomware infections that are typically utilized by less skilled developers and many utilize themes based on movies, pop-culture, or pretend to be law enforcement. This family of ransomware infections are created using an open source project that was posted to GitHub. [...] | Ransomware | ★★ | |
|
2018-12-21 09:55:03 | Historic APT10 Cyber Espionage Group Breached Systems in Over 12 Countries (lien direct) | A well-known hacking group linked with China's intelligence and security agency has been pilfering secrets for over a decade from organizations in at least 12 countries, from a diverse range of industries. [...] | APT 10 | ||
|
2018-12-20 17:10:00 | Fake Amazon Order Confirmations Push Banking Trojans on Holiday Shoppers (lien direct) | Phishing and malspam campaigns are in high gear for the holidays and a new campaign pretending to be an Amazon order confirmation is particularly dangerous as people shop for holiday gifts. [...] | |||
|
2018-12-20 11:46:03 | Windows Zero-Day PoC Lets You Read Any File with System Level Access (lien direct) | For a third time in four months, a security researcher announces a zero-day vulnerability in Microsoft Windows and provides exploit code that allows reading into unauthorized locations. [...] | Vulnerability | ||
|
2018-12-20 02:56:00 | Keybase Pays $5,000 Bounties for Privilege Escalation Bugs in Linux and macOS Apps (lien direct) | Keybase received two separate reports for security issues in its app for Linux and macOS that led to privilege escalation on the system. For each of them, the developer paid a bounty of $5,000. [...] | |||
|
2018-12-19 15:37:01 | Windows 10 Insider Build 18305 Released with Tons of New Features (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18305 (19H1) to insiders in the Fast ring. This is going to be the last Windows Insider build released in 2018 and it comes with a ton of new features such as the Windows Sandbox, new Windows Defender settings, streamlined menus and interfaces, Friendly Dates, and more. [...] | |||
|
2018-12-19 14:06:02 | Microsoft Releases Out-of-Band Security Update for Internet Explorer RCE Zero-Day (lien direct) | Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer. This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google's Threat Analysis Group when they saw the vulnerability being used in targeted attacks. [...] | Vulnerability Threat | ||
|
2018-12-19 12:09:02 | Microsoft\'s Windows Sandbox Runs Programs in an Isolated Desktop (lien direct) | Microsoft is introducing a new feature called Windows Sandbox that will allow you to safely run executables in a throw-away virtualized sandbox without fear of your regular Windows install becoming infected. [...] | |||
|
2018-12-19 12:08:04 | Social Security Numbers of NASA Employees May Be in Hackers\' Hands (lien direct) | A possible compromise of servers where NASA stored data on current and former employees may have given hackers access to social security numbers (SSN) and personally identifiable information (PII). [...] | |||
|
2018-12-19 08:15:00 | Remote Firmware Attack Renders Servers Unbootable (lien direct) | Security researchers have found a way to corrupt the firmware of a critical component usually found in servers to turn the systems into an unbootable hardware assembly. The recovery procedure requires physical intervention to replace the malicious firmware. [...] | |||
|
2018-12-18 16:03:00 | ASUS, GIGABYTE Drivers Contain Code Execution Vulnerabilities - PoCs Galore (lien direct) | Four drivers from ASUS and GIGABYTE come with several vulnerabilities that can be leveraged by an attacker to gain higher permissions on the system and to execute arbitrary code. [...] | |||
|
2018-12-18 14:25:01 | Widespread Apple ID Phishing Attack Pretends to be App Store Receipts (lien direct) | A widespread and sneaky phishing campaign is underway that pretends to be a purchase confirmation from the Apple App store. Once a user clicks the link, down the rabbit hole they go. [...] | |||
|
2018-12-18 13:28:02 | A Look at 3 Illicit Mining Groups Who Target Enterprise Services (lien direct) | New research explores the similarities of three illicit mining cybercrime groups that are known to compromise enterprise services in order to install miners. Combined, these three groups have generated approximately 1,200 Monero coins, [...] | |||
|
2018-12-18 10:59:03 | File Inclusion Bug in Kibana Console for Elasticsearch Gets Exploit Code (lien direct) | Exploit code has been published for a local file inclusion (LFI) type of vulnerability affecting the Console plugin in Kibana data visualization tool for Elasticsearch; an attacker could use this to upload a malicious script and potentially get remote code execution. [...] | Tool Vulnerability | ||
|
2018-12-18 09:06:02 | New Extortion Email Threatens to Send a Hitman Unless You Pay 4K (lien direct) | These extortion emails are getting wilder and wilder. First we had the sextortion scams that threatened to reveal victims doing dirty deeds, then bomb threats, which brought the attention of law enforcement worldwide, and now we have threats that a hitman is targeting you unless you pay $4,000 in bitcoin. [...] | |||
|
2018-12-18 08:15:01 | Windows 10 to Get New Task Manager, Action Center and File Explorer Features (lien direct) | Windows 10's next update codenamed '19H1' will reportedly come with Microsoft Flow-powered custom actions for the Action Center, independent dark theme toggle for File Explorer, new Task Manager feature and more. [...] | |||
|
2018-12-17 16:02:03 | How to Decrypt the InsaneCrypt or Everbe 1 Family of Ransomware (lien direct) | If you are infected with the InsaneCrypt or Everbe 1.0 family of ransomware infections, a decryptor has been created that recover your files for free. [...] | Ransomware | ||
|
2018-12-17 09:30:01 | Shamoon Disk Wiper Returns with Second Sample Uncovered this Month (lien direct) | Shamoon's comeback early last week was not marked by one, but two occurrences of the data-wiping malware. The second sighting observed a different sample that could indicate a follow-up to the initial attack. [...] | |||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware Variants (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a program called HiddenTearDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...] | Ransomware | ||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware with HT Brute Forcer (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a decryptor called HT Brute Forcer has been created by Michael Gillespie that allows you decrypt your files without having to pay the ransom. [...] | Ransomware | ★★★★★ | |
|
2018-12-16 11:14:03 | Phishing Attack Pretends to be a Office 365 Non-Delivery Email (lien direct) | A phishing campaign has been discovered that pretends to be a non-delivery notifications from Office 365 that leads you to a page attempting to steal your login credentails. [...] | Guideline | ||
|
2018-12-15 13:16:02 | U.S. Ballistic Missile Defense Systems Fail Cybersecurity Audit (lien direct) | A U.S. Department of Defense Inspector General report released this week outlines the inadequate cybersecurity practices being used to protect the United States' ballistic missile defense systems (BMDS ). [...] | |||
|
2018-12-15 09:58:01 | Twitter Fixes Bug That Gives Unauthorized Access to Direct Messages (lien direct) | A bug affecting the permissions dialog when authorizing certain apps to Twitter leaves direct messages exposed to the third-party without the user ever knowing about it. [...] |
To see everything:
Our RSS (filtrered)
