What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-27 17:30:05 | KCW Ransomware Encrypting Web Sites in Pakistan (lien direct) | Team Kerala Cyber Warriors, a hacking group based out of India, have begun to install ransomware on web sites based out of Pakistan. This ransomware, called KCW Ransomware, encrypts the files on a web site and then demands a ransom payment in order to get the files back. [...] | |||
|
2018-04-27 17:11:05 | Enterprises Still Impacted by SAP Configuration Issue 13 Years Later (lien direct) | Companies using SAP systems for their business software infrastructure might want to review some of their servers' settings for a configuration that if left in its default state will let an attacker gain access to a company's business data. [...] | |||
|
2018-04-27 15:31:02 | Beware of "Rules of Conduct" Office 365 Phishing Emails (lien direct) | A new phishing email scam is under way that pretends to be from a company's human resources (HR) department and requests that the recipient read and acknowledge an attached "Rules of Conduct" document. This document, though, prompts you to login at a fake Office 365 login prompt, which is used to steal your credentials. [...] | |||
|
2018-04-27 13:14:02 | Microsoft\'s Windows 10 "April 2018 Update" Being Released on Monday (lien direct) | Microsoft announced today that the next Windows 10 feature update will be called "April 2018 Update" and will be released this Monday. With this update Microsoft is focusing on helping people making the most of their time by introducing new features that make it easier and faster to finish tasks. [...] | |||
|
2018-04-27 12:21:03 | PDF Files Can Be Abused to Steal Windows Credentials (lien direct) | PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction, and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security Check Point. [...] | |||
|
2018-04-27 06:05:02 | North Korean Hackers Are up to No Good Again (lien direct) | For a month leading up to today's historic meet between North and South Korea's presidents, a North Korean hacking group has amplified operations and has targeted a wide variety of business sectors in at least 17 countries. The purpose of this campaign was to infect organizations, perform reconnaissance, and steal sensitive data. [...] | Guideline | ||
|
2018-04-27 01:00:00 | World\'s Largest Spam Botnet Finds a New Way to Avoid Detection... For Now (lien direct) | Necurs, the world's largest spam botnet, with millions of infected computers under its control, has updated its arsenal and is currently utilizing a new technique to infect victims. [...] | |||
|
2018-04-26 17:55:03 | North Korea\'s Elites Are Ditching Facebook for Chinese Social Networks (lien direct) | Following the publication of a report in July 2017, North Korea's elites, some of the country's few citizens allowed on the Internet, have greatly altered their online behavior, and are now obfuscating their browsing activity, and have ditched US websites like Facebook or Instagram for alternative Chinese social networks. [...] | |||
|
2018-04-26 13:40:01 | Exposed MongoDB Server Exposes Details of Cryptocurrency Users (lien direct) | Security researchers have stumbled across a MongoDB database containing the personal details of over 25,000 users who invested in or received Bezop (BEZ) cryptocurrency. [...] | |||
|
2018-04-26 12:41:00 | New C# Ransomware Compiles itself at Runtime (lien direct) | A new in-development ransomware was discovered that has an interesting characteristic. Instead of the distributed executable performing the ransomware functionality, the executables compiles an embedded encrypted C# program at runtime and launches it directly into memory. [...] | |||
|
2018-04-26 10:11:01 | Police Shut Down Anon-IB, an Infamous Revenge Porn Forum (lien direct) | Dutch police announced today that they had seized the servers of Anon-IB, a notorious online portal where users would share pictures of revenge porn and child pornography. [...] | |||
|
2018-04-26 05:45:03 | Ski Lift in Austria Left Control Panel Open on the Internet (lien direct) | Officials from the city of Innsbruck in Austria have shut down a local ski lift after two security researchers found its control panel open wide on the Internet, and allowing anyone to take control of the ski lift's operational settings. [...] | |||
|
2018-04-25 20:17:01 | Hackers Don\'t Give Site Owners Time to Patch, Start Exploiting New Drupal Flaw Within Hours (lien direct) | Five hours after the Drupal team published a security update for the Drupal CMS, hackers have found a way to weaponize the patched vulnerability, and are actively exploiting it in the wild. [...] | |||
|
2018-04-25 19:45:01 | Windows Insider RS5 Build 17655 Starts Transition to the Net Adapter Framework (lien direct) | Today Microsoft released Windows 10 Insider Build 17655 to insiders on the Redstone 5 Skip Ahead ring. In this build, Microsoft begins its first step of transitioning the Windows network stack to use the Net Adapter framework. The first network component to take advantage of this framework is a new driver for mobile broadband. [...] | |||
|
2018-04-25 17:41:04 | Researchers Turn Amazon Echo Into an Eavesdropping Device (lien direct) | Researchers at cybersecurity firm Checkmarx have found a way to turn an Amazon Echo (Alexa-powered) smart speaker into an eavesdropping device. [...] | |||
|
2018-04-25 17:13:04 | Ransomware Hits HPE iLO Remote Management Interfaces (lien direct) | Attackers are targeting Internet accessible HPE iLO 4 remote management interfaces, supposedly encrypting the drives, and then demanding Bitcoins to get access to the data again. While it has not been 100% confirmed if the hard drives are actually being encrypted, we do know that multiple victims have been affected by this attack. [...] | |||
|
2018-04-25 13:30:02 | Device Can Generate Master Keys From Valid or Expired Hotel Keys (lien direct) | Two security researchers from F-Secure have created a device that can read any valid or expired hotel key card and generate a master key that can open any room door or grant attackers access to secure hotel areas. [...] | |||
|
2018-04-25 12:51:01 | 6 Alternative Browsers That Aren\'t Chrome or Firefox (lien direct) | Although Chrome and Firefox are very popular, it doesn't mean you have to use them. Depending on your needs and browsing habits, there may very well be another browser that's a better fit. In this article we take a look at six alternative browsers that have different strengths & features. [...] | |||
|
2018-04-25 11:07:05 | Microsoft Releases Two New Windows Updates Containing New Spectre 2 Mitigations (lien direct) | Microsoft released yesterday two new Windows Update packages meant to fix the Spectre v2 vulnerability. [...] | |||
|
2018-04-25 08:25:01 | Europol Shuts Down World\'s Largest DDoS-for-Hire Service (lien direct) | Europol officials have shut down WebStresser, a website where users could register and launch DDoS attacks after paying for a monthly plan, with prices starting as low as â¬15 ($18.25). [...] | |||
|
2018-04-25 05:15:02 | macOS App Can Detect Evil Maid Attacks (lien direct) | Former NSA hacker and current macOS security expert Patrick Wardle has released this week an app named Do Not Disturb that can be used to detect "evil maid" attacks âa term used to describe unknown persons that leverage physical access to hack and steal data from a device. [...] | |||
|
2018-04-24 18:00:01 | Apple Releases Security Updates for MacOS, iOS, and Safari (lien direct) | Apple has released earlier today a quick batch of updates meant to fix security-related bugs in macOS, iOS, and the Safari browser. [...] | |||
|
2018-04-24 17:09:00 | SEC Fines Yahoo $35 Million for Data Breach That Affected 500 Million Users (lien direct) | The United States Securities and Exchange Commission has fined Yahoo (or what's left of the company) $35 million for failing to disclose a massive security breach that took place in 2014. [...] | Yahoo | ||
|
2018-04-24 15:45:03 | MikroTik Patches Zero-Day Flaw Under Attack in Record Time (lien direct) | MikroTik has released firmware patches for RouterOS, the operating system that ships with some of its routers. The patches fix a zero-day vulnerability exploited in the wild. [...] | |||
|
2018-04-24 14:14:05 | Microsoft Authenticator Getting Account Backup and Recovery (lien direct) | Microsoft announced today that they are adding account backup and recovery to the iOS version of their Microsoft Authenticator app. This allows you to recover your two step verification data in the event that you lose your device, your data is deleted, or you wish to access it from another device. [...] | |||
|
2018-04-24 12:33:02 | Hacker Hijacks DNS Server of MyEtherWallet to Steal $160,000 (lien direct) | A hacker (or group of hackers) has hijacked the DNS servers of MyEthereWallet.com, a web-based Ether wallet service. [...] | |||
|
2018-04-24 12:27:00 | A New Algorithm Can Detect Online Sexual Predators (lien direct) | Child sexual exploitation impacts everyone around the world. As predators are increasingly using the internet to find victims, law enforcement have also been employing technology in order to apprehend suspects. Thankfully, a new algorithm may allow law enforcement to find these predators before they can cause harm. [...] | |||
|
2018-04-24 11:39:03 | Edge Reveals That "April Update" Is The Name of Windows 10\'s Next Update (lien direct) | A welcome page shown by Microsoft Edge in the latest Windows 10 Redstone 4 Insider build may have leaked the name of the upcoming Windows 10 feature update. While everyone has been calling the next update the "Spring Creators Update", Microsoft Edges's welcome page in build 17134.1 is calling it the "April Update". [...] | |||
|
2018-04-24 10:53:05 | TrickBot\'s Screenlocker Module Isn\'t Meant for Ransomware Ops (lien direct) | The screen-locking feature added to a popular banking trojan was never intended to be used for ransomware-like operations, researchers from Fortinet revealed on Monday. [...] | |||
|
2018-04-24 07:08:04 | Firefox Improves CSRF Protection With Support For Same-Site Cookies (lien direct) | Mozilla engineers are planning to add a new security feature to Firefox with the addition of same-site cookie support in Firefox 60, scheduled for release next month, on May 9. [...] | |||
|
2018-04-24 04:43:03 | Researcher Discloses "Unpatchable" Nintendo Switch Exploit (lien direct) | A security researcher has released a proof-of-concept exploit affecting the Nvidia Tegra chips that come with Nintendo Switch devices. [...] | ★★★★ | ||
|
2018-04-24 01:00:00 | Microsoft Sees 24% Rise in Tech Support Scam Complaints (lien direct) | Tech support scams are bigger than ever, according to Microsoft, the company revealing last week that it received over 153,000 reports from customers who were the victims of a tech support scam in 2017, a number that went up 24 percent compared to complaints the OS maker received in 2016. [...] | |||
|
2018-04-23 21:38:01 | Windows 10 Lean: Microsoft Developing a Minimalist Version of Windows (lien direct) | With the release of Windows 10 Insider build 17650, Microsoft added a new stripped down version called "Windows Lean" that uses approximately 2GB less space on x64 systems. It achieves this by not installing many of the standard apps and features that are usually installed in Windows 10. [...] | |||
|
2018-04-23 19:03:01 | Eventbrite Removes Clause That Allowed It to Attend and Film Events (lien direct) | Eventbrite has recanted on a recent change made to its Merchant Agreement that allowed the company to attend and film events, and then keep the copyright for that recording. [...] | |||
|
2018-04-23 17:01:01 | Microsoft Is Adding a Dark Theme to Windows 10\'s File Explorer (lien direct) | In the latest Redstone 5 skip ahead build for Windows 10 Insiders, Microsoft has added a hidden feature that enables a dark theme in File Explorer. While the new theme is in the very beginning development stages (hopefully!!), it's currently not a sight to behold. [...] | |||
|
2018-04-23 16:38:04 | Orangeworm Hackers Infect X-Ray and MRI Machines In Their Quest for Patient Data (lien direct) | Security researchers can't explain how and why malware has infected computers that control MRI and X-ray machines at countless of healthcare organizations across the world. [...] | |||
|
2018-04-23 14:11:05 | Google Accused of Showing ‘Total Contempt’ for Android Users’ Privacy (lien direct) | Joe Westby is Amnesty International's Technology and Human Rights researcher. Recently, in response to Google's launch of a new messaging service, Westby argued that Google, "shows total contempt for Android users' privacy." [...] | ★★★★★ | ||
|
2018-04-23 13:36:01 | Nvidia Develops AI That Reconstructs Corrupted Images (lien direct) | Nvidia researchers have developed a new AI technology that can reconstruct holes or intentionally removed content from images. [...] | |||
|
2018-04-23 11:51:02 | Author Behind ‘Hidden Figures’ Book & Movie Inspires at RSA Conference (lien direct) | Margot Lee Shetterly delivered a keynote address at the RSA Conference last week. The topic of her speech was "Hidden Figures: The Untold Story of the Black Women Who Helped Win the Space Race," a reference to her bestselling book by the same name. [...] | |||
|
2018-04-23 08:47:03 | Google Is Testing a New Chrome UI (lien direct) | Google engineers have rolled out a new Chrome user interface (UI). Work on the new Refresh UI has been underway since last year, Bleeping Computer has learned. [...] | |||
|
2018-04-23 04:51:03 | Google Develops AI That Can Separate Voices in a Crowd (lien direct) | Google Research engineers have developed a deep learning system that can separate voices from audio-visual data recorded in crowded environments. [...] | |||
|
2018-04-23 01:00:00 | Survey Reveals Users Have No Clue About Router Security (lien direct) | A recent survey of 2,205 regular users has proven once again that most people don't update router firmware, don't change default credentials, and don't generally know how to secure their devices. [...] | |||
|
2018-04-21 20:10:02 | Are WiFi Network Names Protected by the First Amendment? (lien direct) | Michigan police were called at a Planet Fitness gym earlier this month to investigate a bomb threat that ended up being only a prank after a naughty user named his WiFi network "Remote Detonator." [...] | |||
|
2018-04-21 12:55:00 | SunTrust Bank Says Former Employee Stole Details on 1.5 Million Customers (lien direct) | US-based SunTrust Bank said it is working with law enforcement after it discovered that a former employee had stolen private information belonging to nearly 1.5 million customers. [...] | ★★★★★ | ||
|
2018-04-20 17:42:01 | The Week in Ransomware - April 20th 2018 - Reveton Charges, GandCrab, and More (lien direct) | This week was mostly small variants released, but we did have some interesting news. First we had a Microsoft engineer facing federal charges for involvement in the Reveton Ransomware, a decryptor released for Vortex, the Magnitude exploit kit is now pushing GandCrab, and a ransomware is trying to make money off of Syrian refugees. [...] | |||
|
2018-04-20 17:10:04 | Twitter Bans Kaspersky From Advertising on the Platform Citing DHS Ban (lien direct) | Twitter has banned Kaspersky Lab from advertising on its platform citing the company's alleged ties with Russian intelligence agencies. [...] | |||
|
2018-04-20 15:42:01 | Internet Explorer Zero-Day Exploited in the Wild by APT Group (lien direct) | An advanced persistent threat (APT), a term sometimes used to describe nation-state-backed cyber-espionage units, is using a zero-day vulnerability in the Internet Explorer kernel code to infect victims with malware. [...] | |||
|
2018-04-20 11:27:02 | Big IoT Botnet Starts Large-Scale Exploitation of Drupalgeddon 2 Vulnerability (lien direct) | A botnet made up of servers and smart devices has begun the mass exploitation of a severe Drupal CMS vulnerability and is using already compromised systems to infect new machines, in a worm-like behavior. [...] | |||
|
2018-04-20 08:19:01 | Loud Sound From Fire Alarm System Shuts Down Nasdaq\'s Scandinavian Data Center (lien direct) | A loud sound emitted by a fire alarm system has destroyed the hard drives of a Swedish data center, downing Nasdaq operations across Northern Europe. [...] | |||
|
2018-04-20 01:00:00 | Google Enables Safe Browsing Support in Android\'s WebView Browser (lien direct) | Google announced earlier this week plans to enable Safe Browsing support for the Android WebView component, a stripped-down browser that comes with all Android versions. [...] |
To see everything:
