Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-20 10:50:09 |
Unsecured Amazon S3 Bucket Exposes Details on 123 Million American Households (lien direct) |
US data analytics provider Alteryx has left an Amazon S3 storage bucket exposed online, leaking the sensitive details of over 123 million US households in the process. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-20 08:10:28 |
Five Romanians Arrested for Spreading CTB-Locker and Cerber Ransomware (lien direct) |
Romanian authorities have arrested five people on accusations of spreading email spam that infected users with the CTB-Locker and Cerber ransomware families. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-20 06:38:49 |
Firefox Will Now Delay the Loading of Tracking Scripts (lien direct) |
Firefox 57, released last month, includes a secret feature that will delay the loading of tracking scripts —JavaScript code loaded from known tracking domains such as advertising, analytics, and social networks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-20 04:41:07 |
Windows 10 Facial Recognition Feature Can Be Bypassed with a Photo (lien direct) |
Microsoft has released updates earlier this month to patch a vulnerability in the Windows 10 Hello facial recognition system that allows an attacker to bypass the facial scan with a printed photo. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-20 01:00:00 |
Malware Trio Has Been Targeting MSSQL and MySQL Servers All Year (lien direct) |
A Chinese threat actor has been targeting MSSQL and MySQL databases on Windows and Linux systems all year, deploying one of three malware strains, each with its own design and purpose. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 18:23:46 |
Windows Insider Build 17063 Brings Timeline, Sets, Unix Sockets, & Much More (lien direct) |
Microsoft released Windows 10 Preview BuildÂÂ 17063ÂÂ for PC today & it is filled to the brim with new features and improvements. Not only do we have theTimeline and Sets features, but also Windows Defender Application Guard (WDAG) being added to Professional, Windows Subsystem for Linux (WSL) improvements, new developer tools, & more. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 18:05:13 |
Chrome\'s Built-In Ad Blocker Will Start Blocking Ads on February 15, 2018 (lien direct) |
Google is set to activate Chrome's built-in ad blocker on February 15, according to an announcement the browser maker made today. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 16:45:07 |
Backdoor Found in WordPress Plugin With More Than 300,000 Installations (lien direct) |
A WordPress plugin installed on over 300,000 sites was recently modified to download and install a hidden backdoor. The WordPress team has intervened and removed this plugin from the official WordPress Plugins repository, also providing clean versions for affected customers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 09:03:22 |
Get the Layers of Fear Horror Game for Free Via Humble Bundle (lien direct) |
Humble Bundle has a giveaway that expires today for a free copy of the Layers of FearÂÂ first-person horror game. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 09:00:23 |
Bitcoin Exchange Shuts Down After Getting Hacked a Second Time This Year (lien direct) |
YouBit, a South Korea-based cryptocurrency exchange, has filed for bankruptcy and will shut down later today after getting hacked for the second time this year. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 06:41:41 |
XBL IP Blacklist Grows 50% Because of Andromeda and Satori Botnets (lien direct) |
The rise of the Satori botnet and the fall of the Andromeda (Gamarue) botnet are the main two factors that have led to a 50% growth of the Spamhaus Exploits Block List (XBL) during the past month. [...] |
|
Satori
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 03:47:19 |
White House Officially Blames North Korea for WannaCry Ransomware Outbreak (lien direct) |
In an op-ed in the Wall Street Journal, President Trump's Homeland Security Adviser Thomas Bossert has officially blamed North Korea for the WannaCry ransomware incident that devasted hundreds of thousands of computers worldwide in May this year. [...] |
|
Wannacry
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-19 01:00:00 |
Three Malware Campaigns Come Alive for the Holiday Shopping Season (lien direct) |
Three malware strains —GratefulPOS, Emotet, and Zeus Panda— have sprung to life with new active campaigns just in time for the holiday shopping season. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 17:38:44 |
Get Assassin\'s Creed Black Flag, Watch Dogs, and World in Conflict for Free on PC (lien direct) |
Ubisoft is having a holiday promotion where you can get three free games for the PC. Starting today and running through DecemberÂÂ 23rd, Ubisoft is giving away Assassin's Creed Black Flag, Watch Dogs, and World in Conflict for free. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 16:34:13 |
Kaspersky Files Lawsuit Against Department of Homeland Security for Software Ban (lien direct) |
In the ongoing battle between KasperskyÂÂ Labs and the U.S. government, the antivirus provider has sued the U.S. Department of Homeland Security for failing to provide them basic due process.ÂÂ In a lawsuit filed today, Kaspersky has stated that the DHS has harmed their reputation n the U.S. without any evidence of wrongdoing. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 15:10:28 |
Chinese Backdoor Still Active on Many Android Devices (lien direct) |
Many Android users may still have a backdoor on their device, according to new revelations made today by the Malwarebytes' mobile security research team. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 12:13:12 |
Twitter Purge Begins as Accounts that Promote Hateful or Violent Speech Are Banned (lien direct) |
Starting today, Twitter has begun to enforce portions of their updated rules that deal with hate groups and those who promote violent speech against certain groups of people. This enforcement has come to be known as the "Twitter Purge" as many far-right Twitter users and organizations expect to have their account banned. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 10:47:06 |
Firefox Prepares to Mark All HTTP Sites "Not Secure" After HTTPS Adoption Rises (lien direct) |
The increased adoption of HTTPS among website operators will soon lead to browsers marking HTTP pages as "Not Secure" by default. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 09:46:43 |
Facebook Will Demote Spammy Posts That Use Engagement Baiting (lien direct) |
Facebook announced today that they are going to beginÂÂ fighting back against spammy posts that use "engagement baiting" to increase reach by encouragingÂÂ people to like, share,ÂÂ or comment. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 07:44:05 |
Android Malware Will Destroy Your Phone. No Ifs and Buts About It (lien direct) |
A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-18 00:30:00 |
Hacker "Courvoisier" Pleads Guilty to Attacks on Uber, Groupon, T Mobile, Others (lien direct) |
A UK man living in a caravan park has pleaded guilty last week to cyber-attacks on 17 websites and selling stolen user information on the Dark Web. [...] |
Guideline
|
Uber
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-16 19:47:29 |
"Zealot" Campaign Uses NSA Exploits to Mine Monero on Windows and Linux Servers (lien direct) |
An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-16 09:15:05 |
Mozilla Angers Firefox Users After Force-Installing Mr. Robot Promo Add-On (lien direct) |
Mozilla took a bit of heat this week after the organization force-installed a Mr. Robot promotional add-on in some Firefox browsers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-16 03:00:00 |
Bank Employee Gets Prison Time for Helping Dridex Malware Gang (lien direct) |
A UK court has sentenced a Barclays bank employee to six years and four months in prison for helping members of the Dridex cyber-criminal network launder over £2.5 million, which is approximately $3.33 million at today's exchange rate. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 17:23:26 |
Synaptics Denies HP Driver Contains a Keylogger and Says It\'s a Debug Tool (lien direct) |
SynapticsÂÂ issued a security brief regarding the reports of aÂÂ HP Synaptics Keyboard Driver that contained keyloggingÂÂ functionality. In their security brief, Synaptic states that their driver is being mischaracterized as a keylogger and it's simply a debug tool that was purposely added to the driver to help OEMs manufacturers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 16:10:10 |
Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw (lien direct) |
A Google security researcher has found and helped patch a severe vulnerability in Keeper, a password manager application that Microsoft has been bundling with some Windows 10 distributions this year. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 12:10:00 |
The Week in Ransomware - December 15th 2017 - File Spider, California Voters Database, and More (lien direct) |
This week was mostly about in-dev ransomwareÂÂ or new variants of older ransomware being released. The biggest news was the File Spider RansomwareÂÂ campaign that was targeting countries in the Balkans. The other big news is the entire California voters database being leaked on the Internet and held for ransom. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 10:55:41 |
California Voter Database Compromised in MongoDB Incident (lien direct) |
The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 09:10:11 |
Vigilante Removes Malware from Netgear Site After Company Fails to Do So for 2 Years (lien direct) |
An anonymous vigilante has taken matters into his own hands and removed malware from a Netgear site after the company failed to clean up a two-year-old malware infection. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 05:15:11 |
Microsoft Considers Adding Python as an Official Scripting Language to Excel (lien direct) |
Microsoft is considering adding Python as one of the official Excel scripting languages, according to a topic on Excel's feedback hub opened last month. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-15 01:00:00 |
Microsoft Disables DDE Feature in Word to Prevent Further Malware Attacks (lien direct) |
As part of the December 2017 Patch Tuesday, Microsoft has shipped an Office update that disables the DDE feature in Word applications, after several malware campaigns have abused this feature to install malware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 22:42:53 |
GlassWire 2.0 Released With VirusTotal Scanning, Evil Twin Detection, and More (lien direct) |
GlassWireÂÂ 2.0 has been released that comes with some new features such as VirusTotalÂÂ scanning, Windows Firewall rules synchronization, WiFi evil twin discovery, multi-monitor support, and hi-res monitor support. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 18:23:11 |
FCC Kills Net Neutrality. What Does That Mean for You? (lien direct) |
In a 3-2 vote along party lines, FCC chairman Ajit Pai and his two fellow Republican commissionersÂÂ have voted to repeal Obama's Net Neutrality regulations. According to Pai, the repeal of Net Neutrality will only help consumers and promote competitionÂÂ among businesses that are currently being stifled by these regulations. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 17:15:24 |
Top Security Firm Admits to MitM Security Incident (lien direct) |
Netherlands-based Fox-IT, one of the world's leading IT security providers, disclosed today a security breach during which an unknown attacker carried out a Man-in-the-Middle (MitM) attack and spied on a small number of Fox-IT customers. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 15:54:50 |
How to Install the Built-In Windows 10 OpenSSH Server (lien direct) |
For those who would like remote console access to their Windows 10 computers, the built-in Windows 10 OpenSSHÂÂ Server may be what you are looking for. Even better, for those who are familiar with OpenSSHÂÂ from using it in Linux, the Windows 10 version operates pretty much the same. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 10:40:08 |
TRITON Malware Used in Attacks Against Industrial Safety Equipment (lien direct) |
Security researchers from FireEye's Mandiant investigative division have spotted a new form of malware that's capable of targeting industrial equipment. FireEye named this malware TRITON and said they've spotted a threat actor deploying it in live attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 08:50:04 |
Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks (lien direct) |
It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of their most popular products, with some bugs being quite intrusive and dangerous. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 07:05:14 |
Data Breach at Website with 45 Million Users Discovered During Academic Research (lien direct) |
A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-14 01:00:00 |
Most Android-Based TV Set-Top Boxes Run Old and Insecure OS Versions (lien direct) |
Android-based TV set-top boxes sold online are most likely running outdated operating systems that have not received security updates for at least a year, according to research published today by US cyber-security firm Tripwire. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 18:38:14 |
Adware Maker Tries to Intimidate Security Firm with Cease and Desist Letters (lien direct) |
Cyber-security firm Cybereason says it received multiple cease and desist letters from an Israeli company they suspect of being behind the OSX/Pirrit adware strain. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 14:00:07 |
US Charges Three Men with Creating and Running First-Ever Mirai Botnet (lien direct) |
Three men have pleaded guilty for their role in the creation of the Mirai malware and the use of the subsequent Mirai botnet to launch DDoS attacks on multiple targets across the Internet, according to documents unsealed today by the US Department of Justice (DOJ). [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 11:58:42 |
WORK Cryptomix Ransomware Variant Released (lien direct) |
Today, BleepingComputerÂÂ discovered a new variant of the CryptoMixÂÂ ransomware that appends the .WORKÂÂ extension to encrypted files and changes the contact emails used by the ransomware.ÂÂ [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 10:55:38 |
Trump Signs Bill Banning Kaspersky Products on Government Computers (lien direct) |
President Donald Trump has signed a bill into law on Tuesday that also includes a clause that officially bans the use of Kaspersky products on US federal government computers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 10:05:21 |
Google Releases an Updated SEO Starter Guide (lien direct) |
After many years, Google has finally released an updated version of their SEO Starter Guide. This guide is a resource for webmasters that contains Google's recommendations on how to make sure web sites are search-engine-friendly. [...] |
|
APT 19
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 09:25:21 |
Cryptojackers Found on Starbucks WiFi Network, GitHub, Pirate Streaming Sites (lien direct) |
The cryptojacking trend is not showing any signs of stopping anytime soon, and recent reports highlight some peculiar new ways that miscreants have found for pushing in-browser miners down their users' throats. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-13 06:47:18 |
Quant Loader Is Now Bundled with Other Crappy Malware (lien direct) |
Despite not being the most advanced or stealthy malware downloader on the market right now, the Quant Loader malware dropper is seeing increased activity in recent months. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-12 18:02:09 |
Variation of 19-Year-Old Cryptographic Attack Affects Facebook, PayPal, Others (lien direct) |
Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-12 16:05:09 |
Here\'s How to Enable the Built-In Windows 10 OpenSSH Client (lien direct) |
With each new release of Windows 10, we see more and more useful tools being ported from Linux. First, we had the Windows Subsystem for Linux, which is awesome, and now we have a built-in OpenSSH client and server, which uses version 7.5p1 of OpenSSH. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-12 14:06:59 |
(Déjà vu) Microsoft December Patch Tuesday Fixes 34 Security Issues (lien direct) |
Microsoft has released security updates as part of its monthly Patch Tuesday release train, and this month, the company has patched 34 issues affecting eight products. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2017-12-12 12:42:00 |
Extended Validation (EV) Certificates Abused to Create Insanely Believable Phishing Sites (lien direct) |
New research published yesterday reveals that putting your trust in Extended Validation ("EV") SSL certificates will not safeguard you from phishing sites and online fraud. [...] |
|
|
|