Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 16:08:10 |
Facebook deletes 1 billion faceprints in Face Recognition shutdown (lien direct) |
Facebook announced today that they will no longer use the Face Recognition system on their platform and will be deleting over 1 billion people's facial recognition profiles. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 13:46:57 |
Over 30,000 GitLab servers still unpatched against critical bug (lien direct) |
A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 12:08:04 |
Microsoft 365 outage blocks access to OneDrive, SharePoint files (lien direct) |
A Microsoft 365 outage prevents access to files, such as Excel documents, stored on the SharePoint Online, OneDrive, Office, and Microsoft Teams cloud storage services. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 11:37:57 |
Microsoft announces new endpoint security solution for SMBs (lien direct) |
Microsoft today announced a new endpoint security solution dubbed Microsoft Defender for Business, specially built for small and medium-sized businesses. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 11:00:00 |
Microsoft Edge for Linux out of beta, now generally available (lien direct) |
Microsoft announced today that the Chromium-based Edge web browser is now generally available on the Linux platform via the stable channel. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 10:50:05 |
macOS Monterey update causes some Macs to become unbootable (lien direct) |
A growing number of Mac and Macbook owners report that their devices become unbootable after attempting to update to the latest version of macOS, codenamed 'Monterey.' [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 08:27:06 |
MITRE shares list of most dangerous hardware weaknesses (lien direct) |
MITRE shared a list of the topmost dangerous programming, design, and architecture security flaws plaguing hardware this year. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 07:59:18 |
FBI: Ransomware targets companies during mergers and acquisitions (lien direct) |
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-02 07:01:27 |
Android November patch fixes actively exploited kernel bug (lien direct) |
Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and 18 more flaws in the kernel and vendor components. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 20:07:48 |
\'Trojan Source\' attack method can hide bugs into open-source code (lien direct) |
Academic researchers have released details about a new attack method they call "Trojan Source" that allows injecting vulnerabilities into the source code of a software project in a way that human reviewers can't detect. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 17:55:04 |
Signal now lets you report and block spam messages (lien direct) |
Signal has added an easy way for users to report and block spam straight from message request screens with a single mouse click. [...] |
Spam
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 17:35:54 |
Microsoft Defender for Windows is getting a massive overhaul (lien direct) |
Microsoft Defender for Windows is getting a massive overhaul allowing home network admins to deploy Android, iOS, and Mac clients to monitor antivirus, phishing, compromised passwords, and identity theft alerts from a single security dashboard. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 13:51:05 |
Canadian province health care system disrupted by cyberattack (lien direct) |
The Canadian provinces of Newfoundland and Labrador have suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 13:25:00 |
Kaspersky\'s stolen Amazon SES token used in Office 365 phishing (lien direct) |
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 10:37:18 |
BlackShadow hackers breach Israeli hosting firm and extort customers (lien direct) |
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-01 10:13:59 |
FBI: HelloKitty ransomware adds DDoS attacks to extortion tactics (lien direct) |
The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added distributed denial-of-service (DDoS) attacks to their arsenal of extortion tactics. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-31 10:00:00 |
Microsoft warns of rise in password sprays targeting cloud accounts (lien direct) |
The Microsoft Detection and Response Team (DART) says it detected an increase in password spray attacks targeting privileged cloud accounts and high-profile identities such as C-level executives. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-30 11:02:01 |
Chaos ransomware targets gamers via fake Minecraft alt lists (lien direct) |
The Chaos Ransomware gang encrypts gamers' Windows devices through fake Minecraft alt lists promoted on gaming forums. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-30 08:01:02 |
Microsoft: Windows KB5006674, KB5006670 updates break printing (lien direct) |
Microsoft says Windows customers are experiencing issues with network printing after installing the Windows 11 KB5006674 and Windows 10 KB5006670 updates issued with this month's Patch Tuesday, on October 12. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 17:43:14 |
The Week in Ransomware - October 29th 2021 - Making arrests (lien direct) |
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 12:20:10 |
Snake malware biting hard on 50 apps for only $25 (lien direct) |
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 10:57:54 |
Microsoft PowerToys adds Windows 11 theme, new mouse utility (lien direct) |
Microsoft has added new utilities to the PowerToys toolset and updated the user interface with a new Windows 11 theme for PowerRename. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 09:56:08 |
DOJ: Pirated sports streamer hacked accounts, extorted MLB (lien direct) |
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 06:52:12 |
Microsoft: Windows web content filtering now generally available (lien direct) |
Microsoft has announced that web content filtering has reached general availability and is now available for all Windows enterprise customers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 05:53:23 |
Google Chromebooks failing to enroll due to network issue (lien direct) |
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 05:07:49 |
(Déjà vu) Police arrest hackers behind over 1,800 ransomware attacks (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 05:07:49 |
Police arrest criminals behind Norsk Hydro ransomware attack (lien direct) |
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800 victims in 71 countries. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 21:17:36 |
TrickBot malware dev extradited to U.S. faces 60 years in prison (lien direct) |
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 18:11:42 |
(Déjà vu) Emergency Google Chrome update fixes zero-days used in attacks (lien direct) |
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 17:34:38 |
All Windows versions impacted by new LPE zero-day vulnerability (lien direct) |
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 13:06:00 |
NSA and CISA share guidance on securing 5G cloud infrastructure (lien direct) |
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 12:44:27 |
Microsoft: Shrootless bug lets hackers install macOS rootkits (lien direct) |
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 12:31:26 |
Android spyware spreading as antivirus software in Japan (lien direct) |
A new variant of the Android info-stealer called FakeCop has been spotted by Japanese security researchers, who warn that the distribution of the malicious APK is picking up pace. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 10:50:09 |
WordPress plugin bug impacts 1M sites, allows malicious redirects (lien direct) |
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 09:15:44 |
New AbstractEmu malware roots Android devices, evades detection (lien direct) |
New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 09:02:21 |
Ransomware gangs use SEO poisoning to infect visitors (lien direct) |
Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 08:06:39 |
Microsoft now rolling out Windows 11 to more eligible devices (lien direct) |
Microsoft is now rolling out the Windows 11 upgrade to more eligible Windows devices as part of a phased rollout designed to deliver a smooth upgrade experience. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 07:26:09 |
German investigators identify REvil ransomware gang core member (lien direct) |
German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 05:53:55 |
EU investigating leak of private key used to forge Covid passes (lien direct) |
The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob-all of which are being recognized as valid by the official government apps. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 03:03:03 |
Sensitive data of 400,000 German students exposed by API flaw (lien direct) |
Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 16:37:26 |
NRA: No comment on Russian ransomware gang attack claims (lien direct) |
The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 14:52:26 |
Android spyware apps target Israel in three-year-long campaign (lien direct) |
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 14:35:13 |
Free decryptor released for Atom Silo and LockFile ransomware (lien direct) |
Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] |
Ransomware
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 13:26:12 |
Twitter employees required to use security keys after 2020 hack (lien direct) |
Twitter rolled out security keys to its entire workforce and made two-factor authentication (2FA) mandatory for accessing internal systems following last year's hack. [...] |
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 12:15:00 |
Hackers arrested for \'infiltrating\' Ukraine\'s health database (lien direct) |
The Security Service of Ukraine (SSU) has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine (NHSU) and entered false vaccination entries for other people. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:52:12 |
Babuk ransomware decryptor released to recover files for free (lien direct) |
Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...] |
Ransomware
Tool
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:15:00 |
US bans China Telecom Americas over national security risks (lien direct) |
The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:00:00 |
(Déjà vu) Malicious NPM libraries install ransomware, password stealer (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-27 11:00:00 |
Malicious Roblox NPMs drop ransomware and password stealers (lien direct) |
Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] |
Ransomware
|
|
|