Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 19:20:02 |
RansSIRIA Ransomware Takes Advantage of the Syrian Refugee Crisis (lien direct) |
A new ransomware called RansSIRIA has been discovered by MalwareHunterTeam that encrypts your files and then states it will donate your ransom payments to Syrian refugees. This ransomware is a variant of the WannaPeace ransomware and is targeting Brazilian victims. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 14:50:02 |
FDA Wants Medical Devices to Have Mandatory Built-In Update Mechanisms (lien direct) |
The US Food & Drug Administration plans to ask Congress for more funding and regulatory powers to improve its approach towards medical device safety, including on the cybersecurity front. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 11:42:03 |
Finding & Activating Hidden Features in Windows 10 Using Mach2 (lien direct) |
Windows 10 builds contain many hidden features that are used by Microsoft to debug code or test applications that have not been officially released yet. A new tool has been released that enables you to find and enable these hidden features in Windows 10. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 11:09:03 |
Flash Used on 5% of All Websites, Down From 28.5% Seven Years Ago (lien direct) |
Only 4.9 percent of today's websites utilize Flash code, a number that has plummeted from a 28.5 percent market share recorded at the start of 2011. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 09:45:05 |
Brainjacking: A Potentially Deadly Type of Hacking (lien direct) |
Hacking the brain of someone with an implanted medical device is not a far-fetched illusion. While at one time a concept relegated to hair-raising Hollywood movies, scientists in Belgium have found that a wireless brain implant, known as a neurostimulator, can be hacked using off-the-shelf materials. By utilizing remote exploitation, [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 08:25:02 |
Denial-of-Spending and Inflation Bugs Found in Several Cryptocurrencies (lien direct) |
A team of academics has identified an issue with the Zeroicoin protocol scheme, along with two security flaws in libzerocoin, the software library used for building actual cryptocurrencies around protocol. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 04:18:02 |
Data Firm Left Profiles of 48 Million Users on a Publicly Accessible AWS Server (lien direct) |
LocalBlox, a company that scrapes data from public web profiles, has left the details of over 48 million users on a publicly accessible Amazon Web Services (AWS) S3 bucket, according to an UpGuard security researcher who discovered the data on February 28, this year. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-19 00:25:00 |
JavaScript Trackers Caught Siphoning Data From "Login With Facebook" Feature (lien direct) |
JavaScript libraries from various advertising and analytics services are siphoning user data from web pages where the "Login with Facebook" feature is being used. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 16:05:03 |
iOS Trustjacking Attack Exposes iPhones to Remote Hacking (lien direct) |
Symantec researchers have found a loophole in how iPhone users pair devices with Mac workstations and laptops. They say attackers can exploit this flaw âwhich they named Trustjackingâ to take over devices without the phone owner's knowledge. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 15:10:03 |
Minecraft & CS:GO Ransomware Strive For Media Attention (lien direct) |
When ransomware developers achieve huge media buzz like we saw with the PUBG Ransomware, it is not surprising to see other developers creating copycats. This is the case with two new in-development ransomware programs, if we can even call them that, for both Minecraft and Counter-Strike: Global Offensive (CS: GO). [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 13:12:00 |
Microsoft Ports Anti-Phishing Technology to Google Chrome Extension (lien direct) |
Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's âand inherently Edge'sâ anti-phishing technology to Google Chrome. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 09:10:00 |
Stresspaint Malware Steals Facebook Credentials and Session Cookies (lien direct) |
Security researchers have spotted a new information stealer that collects Chrome login data from infected victims, along with session cookies, and appears to be looking for Facebook details in particular, according to a Radware threat alert. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 04:05:05 |
Google Chrome 66 Released Today Focuses on Security (lien direct) |
Google has moved Chrome 66 to the stable channel and starting earlier today has begun updating users to the browser's new major version â Chrome 66.0.3359.117. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-18 00:15:00 |
Drupalgeddon 2 Vulnerability Used to Infect Servers With Backdoors & Coinminers (lien direct) |
Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 19:21:02 |
Guild Wars 2 Monitored All Running Process in Order To Ban Users (lien direct) |
While nobody likes a cheater in online games, sometimes how a company monitors and bans cheaters can go wrong. Such is the case with a recent ban fest unleashed by ArenaNet for their Guild Wars 2 game, which used a program that monitored all processes running on a computer for blacklisted programs. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 16:56:03 |
Teenager Charged For Nova Scotia Freedom of Information Web Portal Breach (lien direct) |
A 19 year old teenager was charged with 'unauthorized use of a computer' after downloading over 7,000 records from the Nova Scotia Freedom-of-Information web portal. The teenager whose name has not been released, has been accused of stealing documents from the portal, with many of them being publicly accessible and redacted. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 13:46:05 |
XiaoBa Ransomware Retooled as Coinminer But Manages to Ruin Your Files Anyway (lien direct) |
The authors of the XiaoBa ransomware have retooled their malware's code into a cryptocurrency miner (coinminer). Unfortunately, despite not encrypting files anymore, the XiaoBa coinminer still destroys users' data thanks to a series of bugs that primarily corrupt a user's executable files. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 10:07:04 |
Intel to Allow Antivirus Engines to Use Integrated GPUs for Malware Scanning (lien direct) |
Intel announced yesterday at the RSA 2018 security conference several new security-focused technologies, among which is a feature that will let security products offload virus scanning operations to integrated graphics processors embedded with some Intel CPUs. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 08:35:01 |
Federal Agencies Hit With More Data Breaches Than Other Sectors - 330 Million at Risk (lien direct) |
According to Thales e-Security's 2018 Data Threat ReportâFederal Government Edition, US federal agencies are experiencing more data breaches than other sectors. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 07:43:03 |
Windows 10 Spring Creators Update Delayed Because of Higher Percentage of BSODs (lien direct) |
Microsoft admitted yesterday that the reason it did not launch the Spring Creators Update for Windows 10 last week was because of technical issues the company encountered with the supposed final release. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-17 06:33:04 |
Microsoft Announces Custom Chip and Linux Distro to Secure IoT Devices (lien direct) |
Yesterday, at the RSA 2018 security conference, Microsoft announced a new security-focused product named Azure Sphere. According to Microsoft chief financial officer Brad Smith, Microsoft created Azure Sphere for the sole purpose of securing Internet of Things (IoT) devices. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 20:15:03 |
Russia Bans 1.8 Million Amazon and Google IPs in Attempt to Block Telegram (lien direct) |
Roskomnadzor, Russia's telecommunications watchdog, banned today over 1.8 million IP addresses belonging to Amazon and Google's cloud infrastructure. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 18:50:01 |
TaskRabbit Takes Down App and Website After Getting Hacked (lien direct) |
TaskRabbit, a web-based service that connects freelance handymen with clients in various local US markets, has emailed customers admitting it suffered a security breach. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 18:27:03 |
(Déjà vu) Microsoft Releases Windows 10 Insider Build 17134 (RS4) To Include Security Updates (lien direct) |
Today, Microsoft released Windows 10 Insider Preview Build 17134 (Redstone 4) to insiders on the fast ring. This build does not contain any new features, but rather acts as a new build with security updates included that fix the vulnerabilities from KB4100375. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 18:27:03 |
Microsoft Releases Windows 10 Insider Build 17134 (RS4) To Include Security Vulnerabilities (lien direct) |
Today, Microsoft released Windows 10 Insider Preview Build 17134 (Redstone 4) to insiders on the fast ring. This build does not contain any new features, but rather acts as a new build with security updates included that fix the vulnerabilities from KB4100375. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 17:55:03 |
More Than Half of Android Apps for Kids Are Violating US Privacy Laws (lien direct) |
Privacy experts have analyzed 5,855 child-directed Android apps and have found that more than half â57%â are potentially violating the Children's Online Privacy Protection Act (COPPA), a US law protecting children's private data online. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 15:52:03 |
US, UK Accuse Russia of Hacking Home Routers and ISPs to Conduct MitM Attacks (lien direct) |
A joint alert issued by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC) warns that Russian state-sponsored cyber actors are actively targeting home and enterprise routers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 15:48:03 |
Chinese Mobile Device Maker ZTE Banned From Buying U.S. Goods (lien direct) |
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) announced yesterday that Chinese telecommunications company, ZTE, has been banned from purchasing goods from U.S. companies. This order was issued due to a breach of a settlement between ZTE and the US government after ZTE was found violating Iran and North Korea [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 13:35:01 |
Crooks Hijack Router DNS Settings to Redirect Users to Android Malware (lien direct) |
Malware authors have hijacked DNS settings on vulnerable routers to redirect users to sites hosting Android malware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 13:12:04 |
Eleven Drug Convictions After Extracting Fingerprint From WhatsApp Photo (lien direct) |
Police in South Wales employed a pioneering fingerprint technique which led to the conviction a drug ring. An image of a man holding ecstasy tablets in his palm was discovered on the cell phone of one of the detained suspects. It was then sent to the Scientific Support Unit of the South Wales Police. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 11:24:05 |
What To Expect at the RSA 2018 Conference This Week (lien direct) |
The RSA Conference, an annual security conference with over 40,000 attendees expected this year, runs from April 16th through the 20th. Additionally, there will be 500 vendors who will be on site to brandish the latest tech in the field. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-16 10:17:03 |
Retired Airline Manager Who Hacked Former Employer Caught Thanks to VPN Logs (lien direct) |
An Alaska judge sentenced a 59-year-old woman, a former director at Peninsula Airlines (PenAir), for hacking her former employer and wreaking havoc for two days inside the company's flight reservations system. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-15 11:00:03 |
Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware (lien direct) |
Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory âa mandatory component used during the boot-up process [1, 2, 3]. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-15 09:56:02 |
Old JavaScript Crypto Flaw Puts Bitcoin Funds at Risk (lien direct) |
Security researchers are warning that old Bitcoin addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic flaw that allows attackers to brute-force private keys, take control of users' wallets, and steal funds. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-14 15:15:01 |
FTC: "Warranty Void If Removed" Stickers Are Illegal (lien direct) |
The US Federal Trade Commission (FTC) sent letters this week to six major companies containing warnings that using "warranty void if removed" or similarly worded stickers on their products is illegal. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-14 05:00:00 |
Microsoft Engineer Charged in Reveton Ransomware Case (lien direct) |
A Microsoft network engineer is facing federal charges in Florida for helping launder money obtained from victims of the Reventon ransomware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-14 02:00:00 |
Researchers Take Down Network of 52,000 Infected Servers Distributing Malware (lien direct) |
Security researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the command and control infrastructure behind EITest, a network of hacked servers abused by cyber-criminals to redirect users to malware, exploits kits, and tech support scams. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 16:59:01 |
The Week in Ransomware - April 13th 2018 - PUBG Ransomware, Matrix, and More (lien direct) |
Not too much new ransomware released this week, but rather just general ransomware news. One item of interest was the joke ransomware called PUBG Ransomware that made you play Player's Unknown Battleground in order to decrypt your files. Other than that, it was just news about new variants that were released or about variants. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 14:19:02 |
Ransomware Protection Section Included in Windows 10\'s Spring Creators Update (lien direct) |
While ransomware has evolved into targeted attacks rather than mass spam campaigns, it is still a significant threat to businesses and consumers. Microsoft must agree, as in the upcoming Spring Creators Update, Microsoft has added a dedicated Ransomware Protection section in the Windows Defender Security Center settings. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 13:20:01 |
Researchers Catch Android OEMs Lying About Security Patches (lien direct) |
A large number of Android manufacturers (OEMs) are skipping security patches but are lying to users about it, according to the team at Security Research Lab (SRL), a Berlin-based cyber-security firm. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 10:08:00 |
"Early Bird" Code Injection Technique Helps Malware Stay Undetected (lien direct) |
Security researchers have discovered at least three malware strains using a new code injection technique that allowed them to avoid antivirus detection. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 09:17:01 |
Copy & Paste Keyboard Shortcuts Coming to Windows 10 Console Bash Prompt (lien direct) |
A highly requested feature is the ability to use copy and paste keyboard shortcuts when in a Windows 10 Bash prompt. As of Windows Insider build 17643, this feature is now available as a setting in the Windows Command Prompt. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 05:43:05 |
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code (lien direct) |
The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 03:00:00 |
Google Chrome to Boost User Privacy by Improving Cookies Handling Procedure (lien direct) |
Google engineers plan to improve user privacy and security by putting a short lifespan on cookies delivered via HTTP connections. Google hopes that the move will force website developers and advertisers to send cookies via HTTPS, which "provides significant confidentiality protections against [pervasive monitoring] attacks." [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-13 01:00:00 |
Compile Error Halts Some GandCrab Ransomware Infections (lien direct) |
A script compile error has temporarily stopped the infection chain of a malspam campaign trying to infect users with the GandCrab ransomware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-12 21:24:01 |
Windows Insider RS5 Build 17643 Adds Sets and Office 365 Integration (lien direct) |
Yesterday Microsoft released Windows 10 Insider Preview Build 17643 to insiders on the Redstone 5 Skip Ahead ring. In this build Microsoft adds Sets+Office 365 integration and  Microsoft Edge, Data Sense, and Magnifier improvements. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-12 19:16:04 |
Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox (lien direct) |
Mozilla has begun to roll out a system addon that enables TLS 1.3 in Firefox. Based on bug reports, this addon was launched on April 3rd, 2017 and is being delivered as a silent update to Firefox that will enable TLS 1.3 for 50% of the users who install it. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-12 17:08:01 |
$3.3 Million Stolen From Coinsecure Bitcoin Exchange, Inside Job Suspected (lien direct) |
The CEO of Coinsecure, an India-based cryptocurrency exchange, has accused his CSO of stealing 438 Bitcoin âaround $3.3 million at today's exchange rateâ from the exchange's main wallet. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-12 14:45:04 |
Cyber-Espionage Groups Are Increasingly Leveraging Routers in Their Attacks (lien direct) |
Cyber-espionage groups âalso referred to as advanced persistent threats (APTs)â are using hacked routers more and more during their attacks, according to researchers at Kaspersky Lab. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-12 11:23:00 |
Researchers Create Malware That Steals Data via Power Lines (lien direct) |
A team of academics has successfully developed and tested malware that can exfiltrate data from air-gapped computers via power lines. The team âfrom the Ben-Gurion University of the Negev in Israelâ named their data exfiltration technique PowerHammer. [...] |
|
|
|