What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-26 13:58:23 | Apple fixes iOS zero-day vulnerability exploited in the wild (lien direct) | Apple has released security updates today to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices. [...] | Vulnerability | ||
|
2021-03-26 12:03:34 | (Déjà vu) Microsoft: Black Kingdom ransomware group hacked 1.5K Exchange servers (lien direct) | Microsoft has discovered web shells deployed by Black Kingdom operators on approximately 1,500 Exchange servers vulnerable to ProxyLogon attacks. [...] | Ransomware | ||
|
2021-03-26 12:03:34 | Microsoft: Black Kingdom ransomware hacked 1.5K Exchange servers (lien direct) | Microsoft has discovered web shells deployed by Black Kingdom operators on approximately 1,500 Exchange servers vulnerable to ProxyLogon attacks. [...] | Ransomware | ||
|
2021-03-26 10:52:30 | Microsoft releases Windows 10 SSU to fix security update issue (lien direct) | Microsoft has released the Windows 10 1909 KB5000850 cumulative update preview and a new KB5001205 Servicing Stack Update that resolves a Secure Boot vulnerability. [...] | |||
|
2021-03-26 09:19:28 | (Déjà vu) SolarWinds patches critical code execution bug in Orion Platform (lien direct) | SolarWinds has released security updates to address four vulnerabilities impacting the company's Orion IT monitoring platform, two o them allowing remote attackers to execute arbitrary code following exploitation. [...] | |||
|
2021-03-26 03:30:00 | FBI exposes weakness in Mamba ransomware, DiskCryptor (lien direct) | An alert from the U.S. Federal Bureau of Investigation about Mamba ransomware reveals a weak spot in the encryption process that could help targeted organizations recover from the attack without paying the ransom. [...] | Ransomware | ||
|
2021-03-25 18:26:28 | Cloudflare Page Shield: Early warning system for malicious scripts (lien direct) | Cloudflare has released a new feature that aims to protect websites from Magecart and other malicious JavaScript-based attacks. [...] | |||
|
2021-03-25 17:23:27 | Windows 10 ISO installs may fail to replace Microsoft Edge Legacy (lien direct) | Microsoft has addressed a known issue causing the new Microsoft Edge web browser not to install from custom Windows 10 installation media including updates released on Thursday, March 25. [...] | |||
|
2021-03-25 14:26:17 | Insurance giant CNA hit by new Phoenix CryptoLocker ransomware (lien direct) | Insurance giant CNA has suffered a ransomware attack using a new variant called Phoenix CryptoLocker that is possibly linked to the Evil Corp hacking group. [...] | Ransomware | ||
|
2021-03-25 13:34:35 | Evil Corp switches to Hades ransomware to evade sanctions (lien direct) | Hades ransomware has been linked to the Evil Corp cybercrime gang who uses it to evade sanctions imposed by the Treasury Department's Office of Foreign Assets Control (OFAC). [...] | Ransomware | ||
|
2021-03-25 12:44:46 | OpenSSL fixes severe DoS, certificate validation vulnerabilities (lien direct) | OpenSSL has patched two high severity vulnerabilities. These include a Denial of Service (DoS) vulnerability (CVE-2021-3449) and an improper CA certificate validation issue (CVE-2021-3450). [...] | Vulnerability | ||
|
2021-03-25 10:58:51 | QNAP warns of ongoing brute-force attacks against NAS devices (lien direct) | QNAP warns customers of ongoing attacks targeting QNAP NAS (network-attached storage) devices and urges them to immediately take action to mitigate them. [...] | |||
|
2021-03-25 09:36:40 | BackBlaze mistakenly shared backup metadata with Facebook (lien direct) | Backblaze has removed Facebook tracking code (also known as an advertising pixel) accidentally added to web UI pages only accessible to logged-in customers. [...] | |||
|
2021-03-25 04:35:09 | (Déjà vu) Engineer reports data leak to nonprofit, hears from the police (lien direct) | A security engineer and ex-contributor to the open systems non-profit organization, Apperta Foundation, recently reported a data leak to them. In return, he gets contacted by their lawyers and eventually the police. [...] | |||
|
2021-03-25 04:35:09 | Engineer reports data leak to Apperta, hears from the police (lien direct) | A security engineer and ex-contributor to the open systems non-profit organization, Apperta Foundation, recently reported a data leak to them. In return, he gets contacted by their lawyers and eventually the police. [...] | |||
|
2021-03-24 17:14:29 | Microsoft improves Windows Sandbox in latest Windows 10 build (lien direct) | The Windows Sandbox and the Microsoft Defender Application Guard (WDAG) now launch faster in Windows 10 after installing the Insider Preview Build 21343 for Windows Insiders in the Dev Channel. [...] | ★★★★ | ||
|
2021-03-24 16:17:42 | Facebook blocks Chinese state hackers targeting Uyghur activists (lien direct) | Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [...] | Malware | ||
|
2021-03-24 15:52:48 | Microsoft fixes Windows PSExec privilege elevation vulnerability (lien direct) | Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices. [...] | Vulnerability | ||
|
2021-03-24 15:27:59 | Google Chrome will use HTTPS as default navigation protocol (lien direct) | Google Chrome will switch to choosing HTTPS as the default protocol for all URLs typed in the address bar, starting with the web browser's next stable version. [...] | |||
|
2021-03-24 14:08:49 | Cisco addresses critical bug in Windows, macOS Jabber clients (lien direct) | Cisco has addressed a critical arbitrary program execution vulnerability impacting several Cisco Jabber client software for Windows, macOS, Android, and iOS. [...] | Vulnerability | ||
|
2021-03-24 12:03:04 | Slack now lets you DM people outside your company (lien direct) | Slack has enabled a new 'Slack Connect' feature that allows users to send messages or create shared channels with people outside of their organization. [...] | |||
|
2021-03-24 07:37:58 | Google removes privacy-focused ClearURLs Chrome extension (lien direct) | Google has mysteriously removed the popular browser extension ClearURLs from the Chrome Web Store. ClearURLs is a privacy-preserving browser add-on which automatically removes tracking elements from URLs. This, according to its developer, can help protect your privacy when browsing the Internet. [...] | |||
|
2021-03-24 03:23:32 | Resentful employee deletes 1,200 Microsoft Office 365 accounts, gets prison (lien direct) | A former IT consultant hacked a company in Carlsbad, California, and deleted almost all its Microsoft Office 365 accounts in an act of revenge that has brought him two years of prison time. [...] | |||
|
2021-03-23 19:33:33 | CNA insurance firm hit by a cyberattack, operations impacted (lien direct) | CNA Financial, a leading US-based insurance company, has suffered a cyberattack impacting its business operations and shutting down its website. [...] | Guideline | ★★★ | |
|
2021-03-23 16:54:30 | Purple Fox malware worms its way into exposed Windows systems (lien direct) | Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. [...] | Malware | ★★★★★ | |
|
2021-03-23 16:20:38 | Ransomware gang leaks data stolen from Colorado, Miami universities (lien direct) | Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. [...] | Ransomware | ||
|
2021-03-23 13:40:56 | Microsoft warns of phishing attacks bypassing email gateways (lien direct) | An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways (SEGs). [...] | |||
|
2021-03-23 12:46:10 | High-availability server maker Stratus hit by ransomware (lien direct) | Stratus Technologies has suffered a ransomware attack that required systems to be taken offline to prevent the attack's spread. [...] | Ransomware | ★★★ | |
|
2021-03-23 11:39:53 | Ransomware attack shuts down Sierra Wireless IoT maker (lien direct) | Sierra Wireless, a world-leading IoT solutions provider, today disclosed a ransomware attack that forced it to halt production at all manufacturing sites. [...] | Ransomware Guideline | ||
|
2021-03-23 10:33:48 | Microsoft: 92% of Exchange servers safe from ProxyLogon attacks (lien direct) | Roughly 92% of all Internet-connected on-premises Microsoft Exchange servers affected by the ProxyLogon vulnerabilities are now patched and safe from attacks, Microsoft said on Monday. [...] | |||
|
2021-03-22 21:16:03 | Microsoft releases printer fix for older Windows Versions (lien direct) | Microsoft has released out-of-band emergency updates for Windows 7, 8.1, Windows Server 2008, and Windows Server 2012 to fix printer issues arising from the March 2021 Patch Tuesday updates. [...] | |||
|
2021-03-22 17:29:44 | MangaDex manga site temporarily shut down after cyberattack (lien direct) | Manga scanlation giant MangaDex has been temporarily shut down after suffering a cyberattack and having its source code stolen. [...] | ★★★★ | ||
|
2021-03-22 15:09:57 | Microsoft shares workaround for 0xc004c003 Windows 10 activation errors (lien direct) | Microsoft has shared a workaround for customers experiencing 0xc004c003 activation failures on Windows 10, version 2004 and 20H2 devices after installing the January 2021 monthly "C" release KB4598291 preview update. [...] | |||
|
2021-03-22 14:00:49 | Mozilla Firefox adopts new privacy-enhancing Referrer Policy (lien direct) | Mozilla has announced that it will introduce a more privacy-focused Referrer Policy to protect the privacy of Firefox users starting with the web browser's next version. [...] | |||
|
2021-03-22 12:05:13 | Critical code execution vulnerability fixed in Adobe ColdFusion (lien direct) | Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. [...] | Vulnerability | ||
|
2021-03-22 10:58:16 | Energy giant Shell discloses data breach after Accellion hack (lien direct) | Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance (FTA). [...] | Data Breach Hack | ||
|
2021-03-22 09:07:01 | (Déjà vu) Microsoft Exchange servers now targeted by Black Kingdom ransomware (lien direct) | Another ransomware operation known as 'Black Kingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. [...] | Ransomware | ||
|
2021-03-22 09:07:01 | Microsoft Exchange servers now targeted by BlackKingdom ransomware (lien direct) | Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. [...] | Ransomware | ||
|
2021-03-21 19:26:27 | Windows 10 KB5001649 update is rolling out again to fix printing (lien direct) | The printer fixing roller coaster continues as Microsoft is once again rolling out the KB5001649 out-of-band update to users via Windows Update. [...] | |||
|
2021-03-21 13:28:07 | A look at upcoming Windows 10 features you will love, or maybe hate (lien direct) | With the release of the latest Windows 10 preview 'Dev' build, Microsoft is offering a glimpse at some of the new features and changes they are developing. Some of these features we love, while others not so much. Below we have outlined the new changes so that you can decide on your own. [...] | |||
|
2021-03-21 10:00:00 | DDoS booters now abuse DTLS servers to amplify attacks (lien direct) | DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security (D/TLS) servers to amplify Distributed Denial of Service (DDoS) attacks. [...] | |||
|
2021-03-20 20:46:43 | Microsoft halts rollout of Windows 10 KB5001649 emergency update (lien direct) | Microsoft has paused the Windows 10 KB5001649 cumulative update rollout, likely due to installation issues and reported crashes. Microsoft is now offering the previously released KB5001567 emergency update instead. [...] | |||
|
2021-03-20 14:03:44 | Hands on with Google Chrome\'s new Tab Search feature - Rolling out now (lien direct) | Google is rolling out a new 'Tab Search' feature that allows you to search through your list of open tabs among all open browser windows to find a specific page. [...] | |||
|
2021-03-20 12:44:51 | Microsoft Edge tests fix for DNS-over-HTTPS performance issues (lien direct) | Microsoft is testing a fix for performance issues in Microsoft Edge's DNS-over-HTTPS feature and has once again enabled a list of suggested DoH servers. [...] | |||
|
2021-03-20 10:41:55 | Hacking group used 11 zero-days to attack Windows, iOS, Android users (lien direct) | Project Zero, Google's zero-day bug-hunting team, discovered a group of hackers that used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year. [...] | |||
|
2021-03-20 09:45:11 | Windows Terminal now comes with Windows 10 - That\'s a good thing (lien direct) | Microsoft is now classifying Windows Terminal as an inbox app, which means that it will now ship by default in upcoming versions of Windows 10. [...] | |||
|
2021-03-19 17:40:01 | The Week in Ransomware - March 19th 2021 - Highest ransom ever! (lien direct) | While the beginning of this week was fairly quiet, it definitely ended with a bang as news came out of the largest ransom demand yet. [...] | Ransomware | ||
|
2021-03-19 13:46:07 | Facebook outage affecting WhatsApp, Messenger and Instagram (lien direct) | Facebook services are currently experiencing issues around the world, with users unable to access Facebook, Messenger, WhatsApp, and Instagram. [...] | |||
|
2021-03-19 13:09:52 | Critical F5 BIG-IP vulnerability now targeted in ongoing attacks (lien direct) | Cybersecurity firm NCC Group said on Thursday that it detected successful in the wild exploitation of a recently patched critical vulnerability in F5 BIG-IP and BIG-IQ networking devices. [...] | Vulnerability | ||
|
2021-03-19 11:11:09 | Computer giant Acer hit by $50 million ransomware attack (lien direct) | Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. [...] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
