Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 14:55:03 |
CertUtil.exe Could Allow Attackers To Download Malware While Bypassing AV (lien direct) |
Windows has a built-in program called CertUtil, which can be used to manage certificates in Windows. Using this program you can install, backup, delete, manage, and perform various functions related to certificates and certificate stores in Windows. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 10:07:05 |
Latest macOS Update Breaks Support for Many External Monitors (lien direct) |
macOS High Sierra 10.13.4, the latest macOS version released on March 29, breaks support for many externally-connected displays, according to users of four popular app & driver providers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 09:05:01 |
6 Cortana Settings That Can Make Your Life Easier (lien direct) |
Cortana is the virtual assistant built into Windows 10. Even with minimal setup, it's still a useful tool. However, by tweaking settings, you can get even more benefits out of it and simplify your life. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 07:40:01 |
Intel Reveals Some CPU Models Will Never Receive Microcode Updates (lien direct) |
Intel released an update to the Meltdown and Spectre mitigation guide, revealing that it stopped working on mitigations for some processor series. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 05:49:00 |
Microsoft Out-Of-Band Security Update Patches Malware Protection Engine Flaw (lien direct) |
Yesterday, April 3, Microsoft released an emergency security update via Windows Update that fixes CVE-2018-0986, a vulnerability in the Microsoft Malware Protection Engine (MMPE). [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-04 00:30:00 |
Over 1,000 Magento Stores Hacked to Steal Card Data, Run Cryptojacking Scripts (lien direct) |
Security researchers say they've identified at last 1,000 Magento sites that have been hacked by cybercriminals and infected with malicious scripts that steal payment card details or are used as staging points in the delivery of other malware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 21:02:05 |
Live Chat Widgets Leak Employee Details From High-Profile Companies (lien direct) |
At least two live chat widgets used on hundreds of high-profile sites are leaking the personal details of company employees. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 17:54:05 |
Shooter at YouTube Headquarters Leads to Multiple Injuries (lien direct) |
Reports have been coming in via Twitter that at approximately 4PM there was an active shooter incident at the YouTube headquarters in San Bruno, California. Supposedly centered around the cafeteria, a shooter had injured multiple people who were at the location. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 12:11:05 |
New Michigan Law Makes Possession of Ransomware Illegal (lien direct) |
On Monday, Michigan Governor Rick Snyder signed two bills into law that criminalize the possession of ransomware "with the intent
to introduce it into a computer or computer network without authorization" and punish offenders with a three-year prison sentence, respectively. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 10:30:02 |
Some Chrome VPN Extensions Leak DNS Queries (lien direct) |
Browser VPN extensions for Google Chrome may be leaking DNS queries to external observers thanks to a Chrome feature called DNS prefetching. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 05:38:04 |
Decrypters for Some Versions of Magniber Ransomware Released (lien direct) |
Security researchers from AhnLab, a South Korea-based cyber-security firm, have created decrypters for some versions of the Magniber ransomware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-03 00:20:00 |
Android Trojan Steals Data From Facebook Messenger, Skype, Other IM Clients (lien direct) |
Security researchers have found a new Android malware strain that has been designed to steal data from mobile instant messaging clients. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 19:27:03 |
OpenBSD 6.3 Released Early and Available for Download Now (lien direct) |
Ahead of schedule, OpenBSDÂ 6.3 is now available for download. Originally planned to be released on April 15th, the OpenBSD team released it early as "all the components are ready". [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 18:35:02 |
Tor Project Discontinues Tor Messenger After Only 2.5 Years (lien direct) |
The Tor Project announced today plans to discontinue Tor Messenger, the organization's security-hardened instant messaging application. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 15:48:01 |
Apple May Ditch Intel And Start Using Their Own Chips (lien direct) |
Apple is reportedly planning on ditching Intel and instead use their own chips in Mac computers beginning in 2020. This new initiative is called "Kalamata" and its goal is to make all Apple devices, including mobile and PCs, use the same chips for greater compatibility according to a new report by Bloomberg. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 14:11:05 |
Google Bans Chrome Extensions That Mine Cryptocurrencies From the Web Store (lien direct) |
Google announced that effective today, the Chrome Web Store review staff would stop accepting new extensions on the Web Store that perform cryptocurrency mining operations. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 13:30:02 |
Students Mining Cryptocurrencies Are Clogging up University Networks (lien direct) |
Cryptocurrency mining operations, illegal or not, are becoming a real problem for the higher education sector, where hackers have found plenty of easy to hack systems, but also where students are using university resources to make an extra profit via deliberate cryptocurrency mining. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 10:47:02 |
Linux 4.16 Released. Kernel Release Was "Small and Calm" (lien direct) |
Yesterday Linus Torvalds officially released Linux 4.16.  In an announcement to the Linux Kernel Mailing List, Linus announced that this release of the Linux kernel was "small and calm", mostly related to networking, and that there was no need to continue testing it for another week. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-02 01:00:00 |
Subaru Deploys Facial Recognition to Detect Driver Fatigue (lien direct) |
Subaru has become the first car maker to deploy facial recognition inside a vehicle for the purpose of detecting driver fatigue. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-04-01 20:12:03 |
Cloudflare\'s 1.1.1.1 DNS Service Makes the Internet More Private & Faster (lien direct) |
Today, a free DNS resolution service called 1.1.1.1 was unveiled that makes looking up Internet address not only faster, but more private. This new service was created by APNIC, who owned the 1.1.1.1 address, and Cloudflare who will use their network to host the DNS service. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-31 16:48:03 |
Software Bug Behind Biggest Telephony Outage in US History (lien direct) |
A software bug in a telecom provider's phone number blacklisting system caused the largest telephony outage in US history, according to a report released by the US Federal Communications Commission (FCC) at the start of the month. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-31 13:38:03 |
Google Shuts Down Goo.gl URL Shortening Service (lien direct) |
Google announced on Friday plans to shut down goo.gl, its long-time URL shortening service. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 19:10:04 |
Misconfigured Django Apps Are Exposing Secret API Keys, Database Passwords (lien direct) |
Security researchers have begun stumbling upon misconfigured Django applications that are exposing sensitive information such as API keys, server passwords, or AWS access tokens. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 17:30:01 |
Georgia Senate Passes Bill That Criminalizes Unauthorized Pen-Tests (lien direct) |
A bill was passed yesterday by the state of Georgia that causes any unauthorized access to a computer to be considered "Unauthorized Computer Access" & "shall be punished for a misdemeanor of a high and aggravated nature".  This bill amends the Georgia code, which originally only considered unauthorized access with malicious intent. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 16:20:03 |
AutoHotKey Malware Is Now a Thing (lien direct) |
AutoHotKey has now become one of the most trendy technologies for building malware, according to several reports put out by cyber-security firms and insights Bleeping Computer received from malware experts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 14:50:00 |
The Week in Ransomware - March 30th 2018 - Mostly Small Variants (lien direct) |
It was mostly small variants released this week. We did have a new Cryptomix variant released, a wiper called UselessDisk disguised as a ransomware, and a strange report that Boeing had been infected with WannaCry. Overall, though, it has been a slow week. [...] |
|
Wannacry
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 08:01:03 |
US Wants to Make Social Media Data Collection Mandatory for All Visa Applicants (lien direct) |
The United States Department of State wants to make it mandatory for all foreigners to provide social media details when applying for a visa to enter the US. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-30 06:11:05 |
Brexit: European Commission Wants to Cancel 317,000 .eu Domains Owned by Brits (lien direct) |
The European Commission announced on Wednesday plans to cancel new registration and domain renewals for .eu domains owned by British citizens. EU citizens residing in the UK are also barred from registering or renewing domains. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 21:40:04 |
Microsoft Issues Out-Of-Band Security Update for Windows 7 & Windows Server 2008 (lien direct) |
Microsoft issued today an out-of-band security update for 64-bit versions of Windows 7 and Windows Server 2008 R2. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 21:00:03 |
Under Armour Announces Data Breach of 150 Million User Accounts (lien direct) |
Under Armour has started notifying users of the MyFitnessPal app of a security breach that took place in late February 2018, and during which hackers made off with the personal details of nearly 150 million user accounts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 19:16:03 |
Windows Insider Skip Ahead Build 17634 Adds Search to Calendar (lien direct) |
Today Microsoft released Windows 10 Insider Preview Build 17634 for PC to insiders on the Redstone 5 Skip Ahead ring. Now that Redstone 4 is in RTM to be released as Spring Creators Update, we will most likely only see new builds for Redstone 5 for the next few weeks. [...] |
|
|
★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 17:36:04 |
Mole66 Cryptomix Ransomware Variant Released (lien direct) |
Today MalwareHunterTeam discovered a new variant of the Cryptomix Ransomware that appends the .MOLE66 extension to encrypted files, changes the contact email, and slightly changes the ransom note's name. In the past, we used to see new variants a few times a month, but this time it has been almost 2 months since the previous variant. [...] |
|
|
★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 16:26:02 |
Apple Releases The "Battery Health" Beta Diagnostic Tool in iOS 11.3 (lien direct) |
As part of today's mega iOS 11.3 update, Apple has finally unveiled their promised Battery Health tool. Using the Battery Health tool, owners of iPhone 6 and later can check whether their battery is performing optimally, if the speed of the phone has been decreased due to the battery, and if it needs to be replaced. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 15:20:05 |
Apple Releases Security Updates for iOS, watchOS, tvOS, and Xcode (lien direct) |
Today Apple has released security updates for iOS, watchOS, tvOS, and Xcode. Many of the resolved vulnerabilities allow for privilege escalation, remote code execution, and information disclosure. Due to the nature of these vulnerabilities, it is strongly advised that all users update their devices as soon as possible. [...] |
|
|
★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 14:39:02 |
Power Company in India Hacked and Billing Data Ransomed for 10 Million Rupees (lien direct) |
Last week hackers gained access to the computer systems of the Uttar Haryana Bijli Vitran Nigam (UHBVN) power company in India and stole the billing data of their customers. In order to get the data back, the attackers are demanding 1 RS Core, or 10 million Rupess, for the stolen data. This is equivalent to approximately $150,000 USD [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 10:24:05 |
Facebook Pulling "Partner Categories" Ad Targeting Product to Increase Privacy (lien direct) |
Facebook has announced that they are shutting down access to the "Partner Categories" targeting feature for Facebook advertisers. Partner Categories is a product that allowed Facebook advertisers to directly target the social site's users based on data provided by third-party providers, rather than data compiled directly by Facebook. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 07:48:03 |
QR Code Bug in Apple iOS 11 Can Lead Users to Malicious Sites (lien direct) |
Scammers and malware authors can abuse the QR code reading function added the default camera app of iOS 11, and they can use this bug to redirect users to malicious URLs. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-29 00:30:00 |
Cisco Removes Backdoor Account from IOS XE Software (lien direct) |
Cisco removed today a backdoor account from its IOS XE operating system that would have allowed a remote attacker to log into Cisco routers and switches with a high-privileged account. [...] |
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 19:21:03 |
Boeing Is Dealing With a Suspected WannaCry Ransomware Outbreak (lien direct) |
In a baffling turn of events, computers at Boeing have allegedly been infected with the WannaCry Ransomware. According to the Seattle Times, a memo was sent out by a Boeing employee that states that systems have been affected and that their were concerns the ransomware would "spread to airplane software". [...] |
|
Wannacry
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 18:09:05 |
Microsoft\'s Cloud Clipboard Feature Spotted in Windows 10 Redstone 5 Build (lien direct) |
Windows sleuths found a string that references the Cloud Clipboard feature in the latest skip ahead build for Windows 10 Redstone 5. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 17:08:03 |
Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites (lien direct) |
The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 16:14:01 |
Angry Users Donate $120K to Cancer Research After Brian Krebs\' Coinhive Article (lien direct) |
The angry userbase of pr0gramm.com, a German image board similar to Imgur, has donated over â¬103,000 ($126,000) to local cancer research organizations as a way to protest against an article published by Brian Krebs, an IT security journalist. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 13:53:01 |
Facebook Reveals the "Access Your Information" Data Tool and New Privacy Shortcuts (lien direct) |
In its first step to try and restore confidence in its platform after the Cambridge Analytica fiasco, Facebook has unveiled more organized privacy settings and a new data management tool called "Access Your Information". [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 12:50:00 |
Android Monero-Mining Malware Can Cause Device Failure (lien direct) |
Trend Micro security experts have warned users today about a new type of Android malware that infects devices and untetheredly mines Monero in the phone's background until the battery is exhausted or the device gives out. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 09:53:03 |
Many VPN Providers Leak Customer\'s IP Address via WebRTC Bug (lien direct) |
Around 20% of today's top VPN solutions are leaking the customer's IP address via a WebRTC bug known since January 2015, and which apparently some VPN providers have never heard of. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 05:55:03 |
Microsoft Releases Tool for Running Any Linux OS on Windows 10 (lien direct) |
Microsoft has released a tool on Monday to help Linux aficionados in porting their favorite Linux distro to run on the Windows Subsystem for Linux (WSL), a Windows 10 component that sideloads Linux distros on modern Windows 10 PCs. [...] |
|
|
★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 05:02:03 |
Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers (lien direct) |
If you've been following the infosec Twitter community for the last few days, you couldn't ignore the constant talk about the massive scans currently taking place online, carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-28 01:00:00 |
Facebook Wants Security Researchers to Hunt Down Apps That Misuse User Data (lien direct) |
In the wake of the Cambridge Analytica data misuse scandal, Facebook has announced important changes to its app platform, along with improvements to its official bug bounty program that will incentivize and reward security researchers for hunting down third-party Facebook apps that misuse user data. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-27 19:00:00 |
Meltdown Patch Opened Bigger Security Hole on Windows 7 (lien direct) |
Microsoft's Meltdown patch has opened an even bigger security hole on Windows 7, allowing any user-level application to read content from the operating system's kernel, and even write data to kernel memory. [...] |
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2018-03-27 16:45:00 |
macOS High Sierra Logs Encryption Passwords in Plaintext for APFS External Drives (lien direct) |
macOS High Sierra users are once again impacted by a major APFS bug after two other major vulnerabilities affected Apple's new filesystem format in the last five months. [...] |
|
|
★★
|