What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-03-01 16:13:02 | Microsoft Partners with Intel to Deliver CPU Microcode Fixes via Windows Updates (lien direct) | Microsoft said today that it would take Intel CPU microcode updates meant to fix the Spectre v2 vulnerability and ship these updates to users via a Windows update package. [...] | |||
|
2018-03-01 13:00:02 | New DDoS Record Set at 1.3 Tbps Thanks to Memcached Servers (lien direct) | We have a new record for the largest DDoS attack ever detected. The new high mark is 1.3 Tbps (Terabits-per-second). [...] | |||
|
2018-03-01 11:45:05 | AdBlock Adds Feature to Cache Popular JavaScript Libraries (lien direct) | Popular ad-blocking browser extension AdBlock has added a new feature that will cache popular JavaScript libraries locally on the users' computers. [...] | |||
|
2018-03-01 08:10:05 | Infamous Russian Cyber-Espionage Group Hacks German Government (lien direct) | APT28, an infamous cyber-espionage unit that many security firms believe is acting at the behest of the Russian government, has hacked various German government agencies for more than a year. [...] | APT 28 | ||
|
2018-03-01 05:52:02 | Trustico States They Stored Private Keys for Customers\' SSL Certificates (lien direct) | Trustico, a reseller of SSL certificates, has admitted to storing the private keys of some of the SSL certificates it issued to its customers over the past years. [...] | |||
|
2018-02-28 18:30:04 | 23,000 Users Lose SSL Certificates in Trustico-DigiCert Spat (lien direct) | Over 23,000 users will have their SSL certificates revoked by tomorrow morning, March 1, in an incident between two companies âTrustico and DigiCertâ that is likely to have a huge impact on the CA (Certificate Authority) industry as a whole in the coming months. [...] | |||
|
2018-02-28 15:31:01 | EITest HoeflerText Scam Distributing GandCrab & Netsupport Manager (lien direct) | Even though Bitdefender released a GandCrab decryptor today, it is not stopping the GandCrab developers from continuing to use new methods to distribute their ransomware. Today malware traffic analysis nao_sec discovered that EITest was being used to distribute the GandCrab ransomware as part of the HoeflerText Font Update scam. [...] | |||
|
2018-02-28 14:55:05 | Facebook Launches a Jobs Section —Because of Course It Would! (lien direct) | Facebook rolled out today a new section on its mammoth site, a section where users can find jobs and businesses can advertise job openings. [...] | |||
|
2018-02-28 12:03:05 | Google Chrome: Flash Usage Declines from 80% in 2014 to Under 8% Today (lien direct) | The percentage of daily Chrome users who've loaded at least one page containing Flash content per day has gone down from around 80% in 2014 to under 8% in early 2018. [...] | |||
|
2018-02-28 07:22:04 | Mozilla Will Let Users Disable Firefox Sync Starting with Firefox 60 (lien direct) | Mozilla will add an option in Firefox 60 that will let users disable and hide the Firefox Sync option in the Firefox settings panel. [...] | |||
|
2018-02-28 06:06:05 | 2% of Amazon S3 Public Buckets Aren\'t Write-Protected, Exposed to Ransom Attacks (lien direct) | New research published on Monday reveals that 5.8% of all Amazon S3 buckets are publicly readable, while 2% are publicly writeable âwith the latter allowing anyone to add, edit, or delete data, and even hold a victim's data for ransom. [...] | ★★★ | ||
|
2018-02-28 05:12:04 | Free Decrypter Available for GandCrab Ransomware Victims (lien direct) | Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom. [...] | |||
|
2018-02-27 17:16:01 | New RedDrop Android Spyware Records Nearby Audio (lien direct) | A new Android malware strain named RedDrop can perform a vast array of malicious actions, including recording nearby audio and uploading the data to cloud-storage accounts on Dropbox and Google Drive. [...] | |||
|
2018-02-27 13:31:03 | (Déjà vu) Memcache Servers Can Be Abused for Insanely Massive DDoS Attacks (lien direct) | Crooks can abuse Memcache servers to launch insanely massive DDoS attacks using very few computational resources on their end. [...] | |||
|
2018-02-27 13:31:03 | (Déjà vu) Memcached Servers Can Be Abused for Insanely Massive DDoS Attacks (lien direct) | Crooks can abuse Memcached servers to launch insanely massive DDoS attacks using very few computational resources on their end. [...] | ★★ | ||
|
2018-02-27 11:22:05 | Apple\'s iBoot Source Code ReReleased on TOR Using a MediaFire Link. Doh! (lien direct) | A group called the "Dark-Liberty Team" have rereleased the iOS iBoot source code on a TOR site titled "iBoot Source Code Leak - Reloaded". This source code was previously released on GitHub, but Apple's legal team quickly had it removed via a DMCA takedown request. [...] | |||
|
2018-02-27 10:22:05 | Microsoft Updates Guideline on Windows Driver Security (lien direct) | Microsoft has released an updated guide on driver security. This new guide offers advice that developers could use to ensure Windows drivers are secured against basic attacks and preventable flaws. [...] | |||
|
2018-02-27 09:00:00 | SAML Vulnerability Lets Attackers Log in as Other Users (lien direct) | Security researchers from Duo Labs and the US Computer Emergency Response Team (US-CERT) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim's password. [...] | |||
|
2018-02-26 19:09:03 | Apple Dropping iTunes Support for Apple TV 1st Gen, Windows XP, & Vista (lien direct) | Apple has announced that starting on May 25th 2018, iTunes will no longer be supported on Windows XP, Vista, and on Apple TV 1st generation. According to Apple this is because of security changes that will prevent Windows XP, Vista, and Apple TV 1st from using certain features of the iTunes store. [...] | |||
|
2018-02-26 17:21:01 | New UpdateChecker Coinminer Package Also Displays Ads to Further Piss You Off (lien direct) | A new malware package masquerading as an Flash Player update installs a miner and displays advertisements every 60 minutes. [...] | |||
|
2018-02-26 15:50:03 | Project Crostini: Chrome OS to Support Containerized Linux Apps (lien direct) | Google is in the process of adding support to Chrome OS for running containerized Linux applications, according to a commit spotted in the operating system's source code last week by Reddit users. [...] | |||
|
2018-02-26 14:27:00 | The Rig Exploit Kit Has Forsaken Ransomware for Coinminers (lien direct) | The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player âthe RIG exploit kitâ has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers). [...] | Guideline | ||
|
2018-02-26 12:56:03 | Thanatos Ransomware Is First to Use Bitcoin Cash. Messes Up Encryption (lien direct) | Ransomware developers continue to release infections that are clearly not tested well and contain bugs that may make it difficult, if not impossible, for victims to recover their files. Such is the case with the new in the wild ransomware called Thanatos that has been discovered by security research MalwareHunterTeam. [...] | |||
|
2018-02-26 11:23:02 | Hacker Returns $26 Million Worth of Ethereum Back to Hacked Company (lien direct) | A hacker has returned over $26,2 million worth of Ethereum to Coindash, the company it obtained the funds from in July 2017. [...] | |||
|
2018-02-26 08:07:01 | Visa: EMV Cards Cut Down Counterfeit Card Fraud in the US by 70% (lien direct) | Visa said last week that two years after US retailers started deploying terminals that could read chip-based credit and debit cards, reports of counterfeit card fraud have dropped by 70%. [...] | |||
|
2018-02-26 06:07:03 | Nanocore RAT Author Gets 33 Months in Prison (lien direct) | US authorities have sentenced an Arkansas man to 33 months in prison and two years of supervised release for aiding and abetting hackers by creating and selling malware. [...] | |||
|
2018-02-24 06:37:03 | Data Keeper Ransomware Makes First Victims Two Days After Release on Dark Web RaaS (lien direct) | Two days after crooks started advertising the Data Keeper Ransomware-as-a-Service (RaaS) on the Dark Web, ransomware strains generated on this portal have already been spotted in the wild, infecting the computers of real-world users. [...] | |||
|
2018-02-23 16:45:03 | US Border Agents Didn\'t Verify Any e-Passports Since 2007 Because They Didn\'t Have the Software (lien direct) | The United States of America, the country with one of the most draconian border crossing procedures in the world, hadn't verified the validity of chip-implanted e-passports since 2007, the time when foreigners were first required to have one. [...] | |||
|
2018-02-23 10:50:02 | Bitcoin Exchange Admin Charged for Lying About Hack (lien direct) | US authorities have arrested a Texas man who founded two Bitcoin-related platforms that got hacked. Officials charged the on accusations of lying to Securities Exchange Commission (SEC) officials in the subsequent investigation. [...] | |||
|
2018-02-23 07:32:04 | PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor (lien direct) | Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. [...] | |||
|
2018-02-23 02:00:00 | Android P Will Block Background Apps from Accessing Phone\'s Camera & Microphone (lien direct) | Android P, the next major version of the Android operating system, will block idle (background) applications from accessing a smartphone's camera or microphone. [...] | |||
|
2018-02-22 15:23:05 | Botched npm Update Crashes Linux Systems, Forces Users to Reinstall (lien direct) | A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot. [...] | |||
|
2018-02-22 11:40:04 | The Market of Stolen Code-Signing Certificates Is Too Expensive for Most Hackers (lien direct) | There's a thriving underground market for buying and selling code-signing certificates meant to help malware pass unnoticed by security scanners, but according to new research, the prices for such certificates are too high, and only a few hackers can afford one. [...] | |||
|
2018-02-22 06:41:02 | After Intel & Equifax Incidents, SEC Warns Execs Not to Trade Stock While Investigating Security Incidents (lien direct) | The US Securities and Exchange Commission (SEC) released a statement yesterday, warning high-ranking executives not to trade stocks before the disclosing breaches, major vulnerabilities, and other cybersecurity related incidents. [...] | Equifax | ||
|
2018-02-22 05:40:00 | PHP Community Takes Steps to Stop Installation of Libraries with Unpatched Bugs (lien direct) | Some of the most influential voices in the PHP community have united on a project to improve the security of the PHP ecosystem. [...] | |||
|
2018-02-21 15:31:01 | The Many Hats Club: An InfoSec Group For All Skill Levels (lien direct) | The Many Hats Club is a group where members of the InfoSec community can share information, build connections, and get to know each other. This group caters to all experience levels and if you are interested in getting into InfoSec or want to have discussions with your peers, this group may be something you want to take a look at. [...] | |||
|
2018-02-21 14:05:00 | Microsoft Fixes Windows 10 Vulnerability But Doesn\'t (lien direct) | A Google security engineer says Microsoft has failed to properly patch a security flaw affecting Windows 10 and Windows Server 2016 distributions. [...] | |||
|
2018-02-21 10:40:03 | Hackers Can Hijack over 52,000 Baby Monitor Video Feeds (lien direct) | Vulnerabilities in the Mi-Cam smart baby monitor allow hackers to hijack video feeds from all devices, located anywhere in the world. [...] | |||
|
2018-02-21 10:31:02 | The Annabelle Ransomware Is a Horrific Mess (lien direct) | While most ransomware is created to actually generate revenue, some developers create them to show off their "skills". Such is the case with a new ransomware based off of the horror movie franchise Annabelle. [...] | |||
|
2018-02-21 07:17:03 | uTorrent Client Affected by Some Pretty Severe Security Flaws (lien direct) | A Google security researcher has found multiple security flaws affecting the uTorrent web and desktop client that allow an attacker to infect a victim with malware or collect data on the users' past downloads. [...] | |||
|
2018-02-21 05:23:02 | A New North Korean Hacker Group Is Making a Name for Itself (lien direct) | A lesser-known North Korean cyber-espionage outfit has become more active on the international scene in 2017, after spending the previous five years targeting only South Korean government agencies and North Korean defectors. [...] | |||
|
2018-02-21 00:46:03 | Amazon AWS Servers Might Soon Be Held for Ransom, Similar to MongoDB (lien direct) | Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017. [...] | |||
|
2018-02-20 11:58:04 | Tesla Internal Servers Infected with Cryptocurrency Miner (lien direct) | Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the cryptocurrency. [...] | Tesla | ||
|
2018-02-20 10:42:01 | LockCrypt .1BTC Variant Installed Over Hacked Remote Desktop Services (lien direct) | Today a reader sent me info regarding the LockCrypt Ransomware still being actively distributed over hacked remote desktop services. This variant, when installed, will encrypt a victim's files and then append the .1btc extension to encrypted file names. [...] | |||
|
2018-02-20 09:05:05 | Cryptojacking Scripts Could Soon Invade Your Word Documents (lien direct) | Cryptojacking scripts that mine Monero via JavaScript code can also run inside Word files, security researchers have discovered. [...] | |||
|
2018-02-20 07:17:00 | Coldroot RAT Still Undetectable Despite Being Uploaded on GitHub Two Years Ago (lien direct) | Coldroot, a remote access trojan (RAT), is still undetectable by most antivirus engines, despite being uploaded and freely available on GitHub for almost two years. [...] | |||
|
2018-02-20 00:20:00 | (Déjà vu) Nearly 8,000 Security Flaws Did Not Receive a CVE ID in 2018 (lien direct) | A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals. [...] | |||
|
2018-02-20 00:20:00 | (Déjà vu) Nearly 8,000 Security Flaws Did Not Receive a CVE ID in 2017 (lien direct) | A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals. [...] | |||
|
2018-02-19 17:13:02 | (Déjà vu) Apple Releases Fix for Indian Telegu Character Crash Bug (lien direct) | Apple delivered on a promise made last week to publish updates for a bug that crashed Mac and iOS applications that included the " à°à±à°âà°¾ " Indian Telugu character. [...] | |||
|
2018-02-19 17:13:02 | (Déjà vu) Apple Releases Fix for Indian Telugu Character Crash Bug (lien direct) | Apple delivered on a promise made last week to publish updates for a bug that crashed Mac and iOS applications that included the " à°à±à°âà°¾ " Indian Telugu character. [...] |
To see everything:
Our RSS (filtrered)
