Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-06-30 14:13:47 |
Immigration organisations targeted by APT group Evilnum (lien direct) |
>Immigration organisations are being targeted by the APT group Evilnum, using spear phishing to send malicious Word documents.
|
|
|
|
|
2022-06-30 14:01:41 |
Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox (lien direct) |
>Mozilla has released Firefox updates to the Release Channel that fix several security vulnerabilities and introduce a new privacy feature called Query Parameter Stripping.
|
|
|
|
|
2022-06-30 13:33:23 |
Raccoon Stealer returns with a new bag of tricks (lien direct) |
Infamous malware Raccoon Stealer is reportedly back in business after a break.
|
Malware
|
|
|
|
2022-06-30 12:39:53 |
RansomHouse claims to have stolen at least 450GB of AMD\'s data (lien direct) |
Extortion group RansomHouse has revealed its latest victim: semiconductor giant AMD. The company was breached due to weak passwords.
|
|
|
|
|
2022-06-29 10:38:18 |
Forced Chrome extensions get removed, keep reappearing (lien direct) |
>Malwarebytes found a family of forced Chrome extensions that can't be removed because of a policy change that tells users "Your browser is managed".
|
|
|
|
|
2022-06-29 10:19:56 |
Internet Safety Month: Everything you need to know about Omegle (lien direct) |
>Chatting with strangers piqued millions of internet users' interest during the pandemic. Omegle made this possible. Is my child safe to use it though?
|
|
|
|
|
2022-06-29 10:03:54 |
Hermit spyware is deployed with the help of a victim\'s ISP (lien direct) |
A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions.
|
Cloud
|
APT 37
|
|
|
2022-06-28 12:26:21 |
City worker loses USB stick containing data on every resident after day of drinking (lien direct) |
>We take a look at reports of a USB drive containing data on all 460k residents of a city in Japan, and how encryption helped lessen the risk.
|
|
|
|
|
2022-06-28 11:15:24 |
LGBTQ+ community targeted by extortionists who threaten to publish nudes (lien direct) |
The FTC has issued a warning to the LGBTQ+ community about extortionists posing as potential romantic partners on Grindr and Feeld.
|
|
|
|
|
2022-06-27 19:51:07 |
You only have nine months to ditch Exchange Server 2013 (lien direct) |
Microsoft posted a reminder that Exchange Server 2013 is destined to reach end of support very, very soon.
|
|
|
|
|
2022-06-27 19:23:53 |
Brave Search wants to replace Google\'s biased search results with yours (lien direct) |
Brave Search, the privacy search engine you may not have heard of, is a year old and growing fast.
|
|
|
|
|
2022-06-27 09:54:58 |
CISA Log4Shell warning: Patch VMware Horizon installations immediately (lien direct) |
CISA warns of log4shell being actively exploited to compromise VMware Horizon systems. We take a look at their warning.
|
|
|
|
|
2022-06-27 09:47:00 |
Instagram introduces new ways for users to verify their age (lien direct) |
>Meta has announced it's going to test new age verification methods like social vouching and video selfies for INstagram users.
|
|
|
|
|
2022-06-27 09:30:06 |
(Déjà vu) A week in security (June 20 – June 26) (lien direct) |
The most important and interesting computer security stories from the last week.
|
|
|
|
|
2022-06-25 16:00:00 |
5 ways to avoid being catfished (lien direct) |
>Before dining over catfish this National Catfish Day, remember another catfish that's also captured the public's attention.
|
|
|
|
|
2022-06-24 11:34:04 |
Cybersecurity agencies: You don\'t have to delete PowerShell to secure it (lien direct) |
International cybersecurity authorities have published a Cybersecurity Information Sheet on making it harder to abuse PowerShell
|
|
|
|
|
2022-06-23 16:54:11 |
Conti ransomware disappears-did it fake its own death? (lien direct) |
>The leak site essential to the operation of Conti ransomware has disappeared, but everything may not be as it appears.
|
Ransomware
|
|
|
|
2022-06-23 15:51:59 |
Dial 311 for… cybersecurity emergencies? (lien direct) |
Cybersecurity experts want a hotline for SMBs to further encourage cyber incident reporting, especially those involving ransomware attacks.
|
Ransomware
|
|
|
|
2022-06-23 15:15:21 |
Rogue cryptocurrency billboards go phishing for wallets (lien direct) |
We take a look at reports of rogue cryptocurrency billboards out to phish wallet details from unwary victims.
|
|
|
|
|
2022-06-23 10:20:58 |
Police seize and dismantle massive phishing operation (lien direct) |
>Europol, the Belgian police, and the Dutch police, have apprehended members of a cybercriminal gang involved in phishing and other fraud.
|
|
|
|
|
2022-06-22 15:52:41 |
MEGA claims it can\'t decrypt your files. But someone\'s managed to… (lien direct) |
Swiss researchers debunked MEGA's claims that anyone that would be able to take over MEGA's infrastructure would still not have access to your information and files.
|
|
|
|
|
2022-06-22 13:28:30 |
7-Zip gets Mark of the Web feature, increases protection for users (lien direct) |
Popular zipfile program 7-Zip now supports Microsoft's Mark of the Web feature. What is it, and how does it work?
|
|
|
|
|
2022-06-22 09:24:27 |
Watch out for the email that says “You have a new voicemail!” (lien direct) |
An email campaign lures users with a voicemail notification to enter their Office 365 credentials on a fake login page.
|
|
|
|
|
2022-06-21 15:49:12 |
DFSCoerce, a new NTLM relay attack, can take control over a Windows domain (lien direct) |
A researcher has posted a PoC for yet another NTLM relay attack method dubbed DFSCoerce. It is high time to retire NTLM.
|
|
|
|
|
2022-06-21 15:25:09 |
Russia\'s APT28 uses fear of nuclear war to spread Follina docs in Ukraine (lien direct) |
Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.
|
Malware
|
APT 28
|
|
|
2022-06-21 10:45:38 |
You can be tracked online using your Chrome browser extensions (lien direct) |
>We look at a new project which uses several techniques to determine which Chrome extensions are being used on a device.
|
|
|
|
|
2022-06-21 10:04:02 |
Security vulnerabilities: 5 times that organizations got hacked (lien direct) |
In this post, we break down 5 times hackers used security vulnerabilities in 2021 to attack governments and businesses.
|
|
|
|
|
2022-06-20 21:21:04 |
Client-side Magecart attacks still around, but more covert (lien direct) |
While we have heard less about web skimming attacks, attacks are still going on, but more quietly than before.
|
|
|
|
|
2022-06-20 14:42:53 |
Internet Safety Month: 7 tips for staying safe online while on vacation (lien direct) |
>Vacationing has never been more welcome. But as you plan your itinerary, make sure your devices are secure and your data stays private.
|
|
|
|
|
2022-06-20 13:59:17 |
DDoS-for-hire service provider jailed (lien direct) |
>Matthew Gatrel has been found guilty of three counts of computer-related crime. His partner in crime, Juan "Severon" Martinez, pleaded guilty before the trial.
|
Guideline
|
|
|
|
2022-06-20 13:45:01 |
LinkedIn scams are a “significant threat”, warns FBI (lien direct) |
The FBI has issued a warning about cryptocurrency scams on LinkedIn. We see what the scammers are up to and how you can avoid them.
|
|
|
|
|
2022-06-20 09:49:33 |
(Déjà vu) A week in security (June 13 – June 19) (lien direct) |
The most important and interesting computer security stories from the last week.
|
|
|
|
|
2022-06-20 06:11:56 |
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13 (lien direct) |
This week on Lock and Code, we speak with Kim Lewandowski about what steps we can take to secure the software supply chain.
|
|
|
|
|
2022-06-17 18:01:31 |
ALPHV squeezes victim with dedicated leak site for employees and customers (lien direct) |
>ALPHV, also known as BlackCat, created a leak site on the regular web, betting it can squeeze money out of victims faster than a dark web site.
|
|
|
|
|
2022-06-16 16:28:42 |
Hertzbleed exposes computers\' secret whispers (lien direct) |
Hertzbleed is a new side-channel attack that can recover sensitive information from a targeted system by applying CPU timing.
|
|
|
|
|
2022-06-16 13:24:46 |
Interpol\'s First Light operation smashes crime on a global scale (lien direct) |
Interpol's annual First Light project has gone global for the second time. We take a look at the results, findings, and trends.
|
|
|
|
|
2022-06-16 09:31:16 |
Photos of kids taken from spyware-ridden phones found exposed on the internet (lien direct) |
TheTruthSpy is an app programmed to siphon out photos, locations and more from smartphones.
|
|
|
|
|
2022-06-15 15:48:24 |
Stealthy Symbiote Linux malware is after financial institutions (lien direct) |
>Symbiote, the latest malware to hit Linux users, is a parasite more than anything. Protect against this banking credential stealer now!
|
Malware
|
|
|
|
2022-06-15 15:25:28 |
Record breaking HTTPS DDoS attack (lien direct) |
>The number and power of DDoS attacks keep growing at an incredible rate year over year. Recently a new HTTPS DDoS attack record was broken.
|
|
|
|
|
2022-06-15 14:21:00 |
Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser” (lien direct) |
Mozilla has launched its Total Cookie Protection addition to Firefox for users worldwide. What does it do?
|
|
|
|
|
2022-06-15 13:17:05 |
Update now! Microsoft patches Follina, and many other security updates (lien direct) |
>Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized.
|
|
|
|
|
2022-06-15 11:21:16 |
It\'s official, today you can say goodbye to Internet Explorer. Or can you? (lien direct) |
>Microsoft is ready to phase out Internet Explorer and will start the procedure today. Are you ready as well? And will it solve a lot of security issues?
|
|
|
|
|
2022-06-15 10:30:13 |
Email compromise leads to healthcare data breach at Kaiser Permanente (lien direct) |
We take a look at the latest healthcare breach, an email compromise of a healthcare employee and explore the fallout.
|
Data Breach
|
|
|
|
2022-06-14 16:00:29 |
Karakurt extortion group: Threat profile (lien direct) |
>An obscure group called Karakurt has extorted organizations in the US and elsewhere. Know how to keep it away from your network.
|
Threat
|
|
|
|
2022-06-14 15:37:05 |
Instagram scam steals your selfies to trick your friends (lien direct) |
>Instagram users' IDs are being stolen in a scam aimed at luring their friends into signing up for expensive subscription services.
|
|
|
|
|
2022-06-14 12:43:08 |
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft (lien direct) |
Microsoft has warned of APT groups and ransomware authors exploiting the now patched Confluence vulnerability. We take a look at the dangers.
|
Ransomware
|
|
★★★★
|
|
2022-06-14 12:38:13 |
Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs) (lien direct) |
In this post, we'll give you a step-by-step on how to complete an Inventory and vulnerability scan in Malwarebytes Vulnerability Assessment for OneView.
|
Vulnerability
|
|
|
|
2022-06-14 09:53:27 |
Don\'t panic! “Unpatchable” Mac vulnerability discovered (lien direct) |
>Researchers at MIT have published details about an attack that uses a flaw in the M1 security feature pointer authentication codes.
|
Vulnerability
|
|
|
|
2022-06-13 17:41:16 |
Taking down the IP2Scam tech support campaign (lien direct) |
>Tech support scams follow a simple business model that has not changed much over the years. After all, why change a recipe that continues to yield large profits. We see countless such campaigns and block them indiscriminately to protect our customers from being defrauded by a fraudulent tech support agent over the phone. Every now...
|
|
|
|
|
2022-06-13 14:20:34 |
Update Chrome now: Four high risk vulnerabilities found (lien direct) |
We take a look at the latest batch of vulnerabilities in Chrome requiring an update.
|
|
|
|