What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-08 11:56:33 | Mozilla fixes Firefox bug letting you get Windows admin privileges (lien direct) | Mozilla released a security update to address a high severity privilege escalation vulnerability found in the Mozilla Maintenance Service. [...] | |||
|
2022-02-08 11:18:53 | ExpressVPN offering $100,000 to first person who hacks its servers (lien direct) | ExpressVPN has updated its bug bounty program to make it more inviting to ethical hackers, now offering a one-time $100,000 bug bounty to whoever can compromise its systems. [...] | |||
|
2022-02-08 10:49:10 | Vodafone Portugal 4G and 5G services down after cyberattack (lien direct) | Vodafone Portugal suffered a cyberattack causing country-wide service outages, including the disruption of 4G/5G data networks, SMS texts, and television services. [...] | ★★ | ||
|
2022-02-08 07:45:04 | NetWalker ransomware affiliate sentenced to 80 months in prison (lien direct) | Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. [...] | Ransomware Guideline | ||
|
2022-02-08 06:00:00 | Google sees 50% security boost for 150M users after 2FA enroll (lien direct) | After accelerating its efforts to auto-enroll as many accounts as possible in two-factor authentication (2FA), Google announced that an additional 150 million users now have 2FA enabled. [...] | |||
|
2022-02-08 03:12:24 | Qbot needs only 30 minutes to steal your credentials, emails (lien direct) | The widespread malware known as Qbot (aka Qakbot or QuakBot) has recently returned to light-speed attacks, and according to analysts, it only takes around 30 minutes to steal sensitive data after the initial infection. [...] | Malware | ||
|
2022-02-07 17:30:15 | DPD Group parcel tracking flaw may have exposed customer data (lien direct) | An unauthenticated API call vulnerability in DPD Group's package tracking system could have been exploited to access the personally identifiable details of its clients. [...] | Vulnerability | ||
|
2022-02-07 16:39:38 | (Déjà vu) Russia arrests third hacking group, reportedly seizes carding forums (lien direct) | Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. [...] | |||
|
2022-02-07 16:39:38 | Russia arrests third hacking group, seizes carding forums (lien direct) | Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. [...] | |||
|
2022-02-07 15:49:03 | Puma hit by data breach after Kronos ransomware attack (lien direct) | Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. [...] | Ransomware Data Breach | ||
|
2022-02-07 13:35:05 | (Déjà vu) Microsoft plans to kill malware delivery via Office macros (lien direct) | Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. [...] | Malware | ||
|
2022-02-07 13:35:05 | Microsoft to make it difficult to enable macros in downloaded docs (lien direct) | Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. [...] | |||
|
2022-02-07 12:08:23 | (Déjà vu) Free decryptor released for TargetCompany ransomware victims (lien direct) | Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. [...] | Ransomware | ||
|
2022-02-07 12:05:03 | Google Cloud hypervisor modified to detect cryptominers without agents (lien direct) | Google has announced the public preview of a new Virtual Machine Threat Detection (VMTD) system that can detect cryptocurrency miners and other malware without the need for software agents. [...] | Malware Threat | ||
|
2022-02-07 11:38:44 | Medusa malware ramps up Android SMS phishing attacks (lien direct) | The Medusa Android banking Trojan is seeing increased infection rates as it targets more geographic regions to steal online credentials and perform financial fraud. [...] | Malware | ||
|
2022-02-07 10:00:00 | Microsoft fixes Windows Active Directory bug caused by Jan updates (lien direct) | Microsoft says it has fixed a known issue triggered by last month's Windows updates that would cause apps using Microsoft .NET to experience problems, close, or throw errors when acquiring or setting Active Directory Forest Trust Information. [...] | |||
|
2022-02-07 09:47:54 | Roaming Mantis Android malware campaign sets sights on Europe (lien direct) | The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages. [...] | Malware | ||
|
2022-02-06 10:17:34 | Law enforcement action push ransomware gangs to surgical attacks (lien direct) | The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations. [...] | Ransomware Threat Guideline | ||
|
2022-02-05 17:29:54 | BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs (lien direct) | The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation. [...] | Ransomware | ||
|
2022-02-05 12:17:08 | What\'s new in Windows 11 Sun Valley 2 Update, arriving this year (lien direct) | In 2022, Microsoft is planning to launch the first big update for Windows 11. The update is reportedly codenamed "Sun Valley 2" and it is expected to ship with a new Task Manager, improvements to Start Menu and Taskbar, and more. [...] | |||
|
2022-02-05 10:00:00 | FBI shares Lockbit ransomware technical details, defense tips (lien direct) | The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday. [...] | Ransomware | ||
|
2022-02-04 19:15:26 | The Week in Ransomware - February 4th 2022 - Critical Infrastructure (lien direct) | Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks. [...] | Ransomware Threat | ||
|
2022-02-04 19:10:06 | Microsoft disables MSIX protocol handler abused in Emotet attacks (lien direct) | Microsoft has disabled the MSIX ms-appinstaller protocol handler exploited in malware attacks to install malicious apps directly from a website via a Windows AppX Installer spoofing vulnerability. [...] | Malware | ||
|
2022-02-04 15:17:11 | Microsoft: Russian FSB hackers hitting Ukraine since October (lien direct) | Microsoft said today that a Russian hacking group known as Gamaredon has been behind a streak of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since October 2021. [...] | ★★★ | ||
|
2022-02-04 13:16:06 | A look at the new Sugar ransomware demanding low ransoms (lien direct) | A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands. [...] | Ransomware | ||
|
2022-02-04 13:05:34 | CISA orders federal agencies to patch actively exploited Windows bug (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges. [...] | |||
|
2022-02-04 12:02:49 | US indicts multiple call centers for IRS, Social Security scams (lien direct) | The U.S. Department of Justice has announced the indictment of several India-based call centers and their directors for targeting Americans with Social Security, IRS, and loan phone call scams. [...] | |||
|
2022-02-04 11:01:14 | HHS: Conti ransomware encrypted 80% of Ireland\'s HSE IT systems (lien direct) | A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack. [...] | Ransomware Threat | ||
|
2022-02-04 10:43:31 | Argo CD vulnerability leaks sensitive info from Kubernetes apps (lien direct) | A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. [...] | Vulnerability | Uber | |
|
2022-02-04 09:29:04 | Swissport ransomware attack delays flights, disrupts operations (lien direct) | Aviation services company Swissport International has disclosed a ransomware attack that has impacted its IT infrastructure and services, causing flights to suffer delays. [...] | Ransomware | ||
|
2022-02-04 09:03:26 | News Corp discloses hack from "persistent" nation state cyber attacks (lien direct) | American media and publishing giant News Corp has disclosed today that it was the target of a "persistent" cyberattack. The attack discovered sometime this January, reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists. [...] | Hack | ||
|
2022-02-04 05:09:21 | Wormhole restores stolen $326 million after major crypto bailout (lien direct) | Cryptocurrency platform Wormhole has recovered upwards of $326 million stolen in this week's crypto hack, thanks to a major bailout. [...] | |||
|
2022-02-03 16:44:25 | Zimbra zero-day vulnerability actively exploited to steal emails (lien direct) | A cross-site scripting (XSS) vulnerability in the Zimbra email platform is currently actively exploited in attacks targeting European media and government organizations. [...] | Vulnerability | ||
|
2022-02-03 15:52:36 | Windows Terminal now can automatically launch profiles as Administrator (lien direct) | Microsoft released today a new Windows Terminal version that comes with a long-awaited feature making it possible to launch profiles that will automatically run as Administrator. [...] | |||
|
2022-02-03 14:22:59 | Intuit warns of phishing emails threatening to delete accounts (lien direct) | Accounting and tax software provider Intuit has notified customers of an ongoing phishing campaign impersonating the company and trying to lure victims with fake warnings that their accounts have been suspended. [...] | |||
|
2022-02-03 13:53:26 | (Déjà vu) Cisco fixes critical bugs in SMB routers, exploits available (lien direct) | Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. [...] | |||
|
2022-02-03 13:53:26 | Cisco fixes critical bugs in RV routers, exploit code available (lien direct) | Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. [...] | |||
|
2022-02-03 12:27:48 | Target open sources scanner for digital credit card skimmers (lien direct) | Target, one of the largest American department store chains and e-commerce retailers, has open sourced 'Merry Maker' - its years-old proprietary scanner for payment card skimming. [...] | |||
|
2022-02-03 11:35:34 | Microsoft blocked billions of brute-force and phishing attacks last year (lien direct) | Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks successfully blocked last year by Microsoft. [...] | |||
|
2022-02-03 10:38:37 | State hackers\' new malware helped them stay undetected for 250 days (lien direct) | A state-backed Chinese APT actor tracked as 'Antlion' has been using a new custom backdoor called 'xPack' against financial organizations and manufacturing companies. [...] | Malware | ||
|
2022-02-03 09:42:15 | MFA adoption pushes phishing actors to reverse-proxy solutions (lien direct) | The rising adoption of multi-factor authentication (MFA) for online accounts pushes phishing actors to use more sophisticated solutions to continue their malicious operations, most notably reverse-proxy tools. [...] | |||
|
2022-02-02 18:58:24 | (Déjà vu) Wormhole cryptocurrency platform hacked to steal $326 million (lien direct) | Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to steal approximately $326 million in cryptocurrency. [...] | Vulnerability | ||
|
2022-02-02 18:58:24 | Wormhole platform hacked to steal $326 million in crypto (lien direct) | Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to steal $320 million in cryptocurrency. [...] | Vulnerability | ||
|
2022-02-02 17:00:38 | ESET antivirus bug let attackers gain Windows SYSTEM privileges (lien direct) | Slovak internet security firm ESET released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and above. [...] | Vulnerability | ||
|
2022-02-02 14:27:40 | GitHub outage impacts Actions, Codespaces, Issues, Pull Requests (lien direct) | GitHub is currently down, affected by a worldwide outage preventing access to the website, issuing commits, cloning projects, or performing pull requests. [...] | |||
|
2022-02-02 14:24:43 | Office 365 boosts email security against MITM, downgrade attacks (lien direct) | Microsoft has added SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to ensure Office 365 customers' email communication integrity and security. [...] | |||
|
2022-02-02 13:45:31 | Windows 10 optional updates fix performance problems introduced last month (lien direct) | Optional updates for Windows 10 and Windows 11 released in January have fixed performance problems when playing games, using the operating system, or even opening folders in File Explorer. [...] | |||
|
2022-02-02 12:54:24 | Intel unveils Circuit Breaker bug bounty expansion for elite hackers (lien direct) | Intel says its engineers are partnering with security researchers to hunt for vulnerabilities in firmware, GPUs, hypervisors, chipsets, and other products in a new expansion to its bug bounty program. [...] | |||
|
2022-02-02 11:49:49 | KP Snacks giant hit by Conti ransomware, deliveries disrupted (lien direct) | KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets. [...] | Ransomware Guideline | ★★★★ | |
|
2022-02-02 11:29:36 | Microsoft Sentinel adds threat monitoring for GitHub repos (lien direct) | Microsoft says its cloud-native SIEM (Security Information and Event Management) platform now allows to detect potential ransomware activity using the Fusion machine learning model. [...] | Threat |
To see everything:
Our RSS (filtrered)
