What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-27 13:06:03 | (Déjà vu) Microsoft-Owned GitHub Blocks Devs in US Sanctioned Countries (lien direct) | A developer in the Eastern European region of Crimea has found himself at the receiving end of limitations to his GitHub account due to trade control regulations imposed by the US. [...] | |||
|
2019-07-27 13:06:03 | (Déjà vu) Microsoft-Owned GitHub Limits Devs in US-Sanctioned Countries (lien direct) | A developer in the Eastern European region of Crimea has found himself at the receiving end of limitations to his GitHub account due to trade control regulations imposed by the US. [...] | |||
|
2019-07-27 10:30:00 | New York Passes Law to Update Data Breach Notification Requirements (lien direct) | New York Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (SHIELD) Act into law, with the new consumer privacy policy being designed to protect New Yorkers' private data and strengthen the state's data breach policies. [...] | Data Breach | ||
|
2019-07-27 07:20:02 | Windows 10 Version 1903 Cumulative Update KB4505903 Released (lien direct) | Windows 10 cumulative update KB4505903 advances PCs to Build 18362.267 and fixes issues with Windows Hello, Microsoft Edge, and other features. [...] | |||
|
2019-07-26 16:23:02 | The Week in Ransomware - July 26th 2019 - State of Emergency (lien direct) | Now that ransomware developers know that they can earn monstrous payouts from local cities and insurance policies, we see a new government agency, school district, or large company getting hit with a ransomware attack every day. [...] | Ransomware | ||
|
2019-07-26 15:05:00 | Hackers Inject Multi-Gateway Card Skimmer via Fake Google Domains (lien direct) | Attackers are using fake Google domains spoofed with the help of internationalized domain names (IDNs) to host and load a Magecart credit card skimmer script with support for multiple payment gateways [...] | |||
|
2019-07-26 14:14:03 | Windows 10 Insider Build 18945 Brings a New Cortana Experience (lien direct) | Microsoft is rolling out Windows 10 20H1 Build 18945 to Windows Insiders in the Fast ring to include lots of new features such as WSL2 goodies, a new Cortana Beta experience, accessibility improvements, and File Explorer search. [...] | |||
|
2019-07-26 12:59:03 | Notorious MyDoom Worm Still on AutoPilot After 15 Years (lien direct) | The notorious Mydoom email worm, considered to be one of the most damaging malware strains ever developed, is still doing rounds on the Internet, working on autopilot and actively targeting email users all over the world. [...] | Malware | ||
|
2019-07-26 11:39:05 | No More Ransom Success Story: Saves $108+ Million in Ransomware Payments (lien direct) | Today marks the third anniversary of No More Ransom and through its partners from the public and private sectors, law enforcement, academia, and researchers, the project has been able to help hundreds of thousands, if not millions, of victims get their encrypted files back for free. [...] | Ransomware | ||
|
2019-07-26 09:45:01 | Windows 10 Devices Using Kerberos Realms May Fail to Start Up (lien direct) | Microsoft is currently investigating a bug which may prevent Windows 10 devices using MIT Kerberos realms to start-up or enter a restart loop after installing a recent cumulative update. [...] | |||
|
2019-07-26 08:01:03 | DHS Says Foreign Meddling Is Divisive As Pineapple on Pizza (lien direct) | The effects of successful misinformation or disinformation campaigns from foreign state actors can be as divisive as disagreements on pineapple making a good pizza topping or not. [...] | |||
|
2019-07-26 06:10:00 | Leak of Internal Windows 10 Build Gives a Peek at New Features (lien direct) | An accidental push of an internal Windows 10 Insider build may have given us a glimpse of what Microsoft is planning for the future of the Start Menu, the Emoji Panel, and other features. [...] | |||
|
2019-07-26 03:21:00 | Windows 10 1903 Update Blocked by Old Intel Rapid Storage Drivers (lien direct) | Microsoft has placed a compatibility hold on Windows 10 devices that prevents them from upgrading to Windows 10 1903 if they are using older Intel Rapid Storage Technology drivers. This is because certain versions of the software could cause Windows 10 to crash or not operate properly in version 1903. [...] | |||
|
2019-07-25 20:44:01 | Microsoft Wants You to Call Windows 10 Devs About Edge and Outlook (lien direct) | Microsoft is asking Windows Insiders to schedule an anonymous call with Microsoft developers to discuss their experiences using OneNote, Outlook, or the Edge browser. These requests are being shown in notifications displayed on the desktop from the Feedback Hub. [...] | |||
|
2019-07-25 18:40:02 | Porn Bots on Instagram Switch to More Guileful Tactics (lien direct) | Spam operators using bots to promote adult-themed services change their tactics to avoid Instagram's detection mechanism. Redirects remain the main stratagem but they come with other tricks meant to push the user towards a particular website. [...] | Spam | ||
|
2019-07-25 17:17:03 | BlueKeep RCE Exploit Module Added to Penetration Testing Tool (lien direct) | Security outfit Immunity has included a fully working BlueKeep exploit in their CANVAS automated pentesting utility with the release of version 7.23, on July 23. [...] | Tool | ||
|
2019-07-25 16:52:04 | Ransomware Attacks Prompt Louisiana to Declare State of Emergency (lien direct) | Louisiana Governor John Edwards has declared a state of emergency after a wave of ransomware attacks targeted school districts this month. This Emergency Declaration will allow Louisiana state resources and cybersecurity experts to assist local governments in securing their networks. [...] | Ransomware | ||
|
2019-07-25 15:16:05 | Microsoft Office 365 Webmail Exposes User\'s IP Address in Emails (lien direct) | If you use Office 365's webmail interface to prevent email recipients from seeing your local IP address, you are out of luck. When sending email through Office 365, your local IP address will be injected into the message as an extra mail header. [...] | |||
|
2019-07-25 14:45:03 | Phishing Campaign Bypasses Email Gateways via WeTransfer Alerts (lien direct) | A phishing campaign using WeTransfer notifications as surrogates for the run-of-the-mill malicious URLs usually employed in these type of attacks was recently detected while successfully bypassing email gateways developed by Microsoft, ProofPoint, and Symantec. [...] | |||
|
2019-07-25 12:00:05 | Ransomware Attack Cripples Power Company\'s Entire Network (lien direct) | A ransomware attack that hit the South African electric utility City Power from Johannesburg this morning encrypted all its systems, including databases and applications. [...] | Ransomware | ||
|
2019-07-25 10:24:03 | Microsoft\'s Office Online Becomes Office After Rebranding (lien direct) | Microsoft is rebranding Office Online to Microsoft Office as part of a larger strategy to stop using platform-specific sub-brands for products availabel on more than one platform. [...] | ★★ | ||
|
2019-07-25 03:32:00 | Streaming Service Suffers 13-Day DDoS Siege by IoT Botnet (lien direct) | A botnet of over 400,000 IoT devices held a 13-day distributed denial-of-service (DDoS) siege against the streaming app of a company in the entertainment business. [...] | ★★ | ||
|
2019-07-24 20:13:03 | Keep Calm, Carry On. VLC Not Affected by Critical Vulnerability (lien direct) | A recent security alert caused a panic where people thought the VLC Media Player was affected by a critical vulnerability that had no patch. The problem is that the vulnerability was not in VLC, but rather a module that was replaced over 16 months ago. [...] | Vulnerability | ||
|
2019-07-24 17:57:00 | Robinhood Brokerage Firm Alerts of Passwords Stored in Clear Text (lien direct) | The Robinhood stock trading site is alerting users that passwords were stored in their system in human readable format, otherwise known as clear text. While no foul play was detected, this could have allowed employees or unauthorized users to view an account's password. [...] | |||
|
2019-07-24 16:25:02 | Malwarebytes AdwCleaner 7.4 Can Now Remove Bloatware From Windows (lien direct) | Malwarebytes has released AdwCleaner 7.4 and with it comes a new feature that will detect and remove preinstalled software that is typically added to generate revenue for the hardware developer and thus reduce the device's cost. [...] | |||
|
2019-07-24 15:51:03 | BlueKeep Scanner Discovered in Watchbog Cryptomining Malware (lien direct) | A new Watchbog malware variant can scan for Windows computers vulnerable to BlueKeep exploits, with previous variants only being utilized to infect Linux servers compromised using Jira, Exim, Nexus Repository Manager 3, ThinkPHP, and Solr Linux exploits. [...] | Malware | ||
|
2019-07-24 13:55:00 | Sodinokibi Ransomware Distributed by Hackers Posing as German BSI (lien direct) | BSI, the German national cybersecurity authority, has issued a warning about a malspam campaign that distributes the Sodinokibi ransomware via emails designed to look like official BSI messages. [...] | Ransomware | ||
|
2019-07-24 11:40:00 | Facebook to Pay Over $5 Billion Following FTC, SEC Settlements (lien direct) | An agreement with the FTC requires Facebook to pay a $5 billion penalty, to implement a new privacy and information protection framework, and to provide the FTC with new monitoring tools after an investigation launched following the Cambridge Analytica events. [...] | |||
|
2019-07-24 11:20:00 | Internal Windows 10 Build 18947 Pushed to All Insiders by Mistake (lien direct) | According to numerous reports, Microsoft has accidentally released internal Windows 10 Build 18947 to all channels of the Windows Insider program, including Skip Ahead, Fast Ring and Slow Ring. [...] | |||
|
2019-07-24 10:43:05 | Ransomware: Most Popular Malware in Underground Forums (lien direct) | Through the analysis of over 3.9 million posts on underground hacker and malware forums, a new report illustrates the most common malware and threats being discussed. [...] | Malware | ||
|
2019-07-24 09:37:05 | Tax Professionals Warned by IRS to Create Data Security Plans (lien direct) | The IRS has issued a news release to remind professional tax preparers that they are required by law to have a data security plan to protect taxpayers' sensitive information from potential security threats. [...] | |||
|
2019-07-23 15:34:00 | BEC Scammers Trick Employees Into Giving Away Customer Info (lien direct) | BEC scammers are now targeting a company's customers using a new indirect attack method designed to collect information on future scam targets by asking for aging reports from collections personnel. [...] | |||
|
2019-07-23 12:30:02 | Microsoft to Improve Office 365 Malicious Email Analysis (lien direct) | Microsoft is currently in the process of developing significantly better manual threat hunting features for the Office 365 Threat Explorer, to be rolled out to all environments during August. [...] | Threat | ||
|
2019-07-22 18:31:05 | Hackers Exploit Recent WordPress Plugin Bugs for Malvertising (lien direct) | An ongoing malvertising campaign is targeting an unauthenticated stored cross-site scripting (XSS) vulnerability in the Coming Soon Page & Maintenance Mode WordPress plugin according to Wordfence's Defiant Threat Intelligence team. [...] | Vulnerability Threat | ||
|
2019-07-22 17:50:02 | (Déjà vu) LooCipher Ransomware Decryptor Gets Your Files Back for Free (lien direct) | A decryptor for the LooCipher Ransomware has been released by Emsisoft that allows victims to decrypt their files for free. If you were infected with LooCipher, do not pay the ransom and instead follow the instructions below. [...] | Ransomware | ★★★★ | |
|
2019-07-22 17:28:03 | Microsoft to Roll Out Office 365 Client Licensing Changes in August (lien direct) | Microsoft says that several changes designed to make Office 365 client licensing technology more reliable for subscription-based Office clients like Office 365 ProPlus will be rolled out during August. [...] | ★★ | ||
|
2019-07-22 16:01:04 | Windows 10 SmartScreen Sends URLs and App Names to Microsoft (lien direct) | Over the weekend, privacy concern were raised regarding how Microsoft Edge is uploading the URLs to SmartScreen. After further testing by BleepingComputer, we learned that Windows 10 also transmits a great deal of potentially sensitive information about your applications to SmartScreen when you attempt to run them. [...] | |||
|
2019-07-22 15:45:03 | ProFTPD Vulnerability Lets Users Copy Files Without Permission (lien direct) | Under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks after successful exploitation of an arbitrary file copy vulnerability in the mod_copy module. [...] | Vulnerability | ||
|
2019-07-22 15:45:03 | ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers (lien direct) | More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability. [...] | |||
|
2019-07-22 12:08:01 | Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe\' (lien direct) | Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the resulting botnet as part of a Monero cryptomining operation. [...] | |||
|
2019-07-21 15:04:04 | How to Get a List of Installed Windows 10 Updates (lien direct) | Windows 10 cumulative updates are released at least twice every month, and the updates include both security and non-security fixes. In this Windows 10 guide, we will explain steps to find out if a Windows 10 Update is installed correctly. [...] | |||
|
2019-07-21 10:30:00 | IRS Improved Security But Taxpayer Data Is Still At Risk (lien direct) | The U.S. Internal Revenue Service (IRS) failed to implement a good deal of security controls recommended over the years, leaving financial reporting and taxpayer data vulnerable to "inappropriate and undetected use, modification, or disclosure." [...] | |||
|
2019-07-20 14:52:05 | Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed (lien direct) | A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media. These projects detail Russia's attempt to de-anonymize users on the Tor network, collect data from social networks, and how to isolate the Russian internet [...] | |||
|
2019-07-20 12:22:01 | Microsoft Edge Uses Controlled Feature Rollout to Test New Features (lien direct) | The Chromium-based Microsoft Edge is using Controlled Featured Rollout to test new features with randomly selected small groups of users. Over time, Microsoft gradually increases the size of the control group to garner further feedback and usage statistics. [...] | |||
|
2019-07-20 10:30:03 | Windows Defender Gets a New Name: Microsoft Defender (lien direct) | Windows Defender is being rebranded to Microsoft Defender to indicate that it now part of a cross platform family of products. This includes enterprise products, which offer solutions for multiple OS platforms. [...] | |||
|
2019-07-19 18:59:02 | The Week in Ransomware - July 19th 2019 - Targeted Attacks (lien direct) | What a week. Every day we see a new city, police station, college, government agency, or company being affected by a ransomware attack. To make matters worse, they are getting hit with targeted ransomware that asks for a hefty price to get a decryptor. [...] | Ransomware | ||
|
2019-07-19 16:46:01 | iNSYNQ Cloud Hosting Provider Hit by Ransomware Attack (lien direct) | Cloud computing provider iNSYNQ experienced a ransomware attack which forced the company to shut down some of its servers to contain the malware infection from spreading and affecting more customer data. [...] | Ransomware Malware | ||
|
2019-07-19 15:32:04 | New \'US State Police\' Extortion Scam Includes Contact Numbers (lien direct) | A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if you send them $2,000 in bitcoins. Pretending to be from a state police detective is a new twist, but what really stands out is that they also include a contact phone number that can be used to call the [...] | |||
|
2019-07-19 14:05:04 | (Déjà vu) Mozilla Firefox Tor Mode Likely to Start as a Browser Addon (lien direct) | Mozilla and the Tor Project are in the early stages of exploring the inclusion of Tor's private browsing features within the Firefox web browser in the form of a privileged extension. [...] | |||
|
2019-07-19 14:05:04 | (Déjà vu) Mozilla Firefox Tor Mode to Likely Start as a Browser Addon (lien direct) | Mozilla and the Tor Project are in the early stages of exploring the inclusion of Tor's private browsing features within the Firefox web browser in the form of a privileged extension. [...] |
To see everything:
