What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-11 16:12:04 | GitHub revokes duplicate SSH auth keys linked to library bug (lien direct) | GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. [...] | |||
|
2021-10-11 14:48:18 | Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks (lien direct) | Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. [...] | Vulnerability | ||
|
2021-10-11 12:47:36 | LibreOffice, OpenOffice bug allows hackers to spoof signed docs (lien direct) | LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. [...] | Vulnerability | ||
|
2021-10-11 11:52:27 | Microsoft: Iran-linked hackers target US defense tech companies (lien direct) | Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. [...] | Threat | ||
|
2021-10-11 10:44:41 | Huawei Cloud targeted by updated cryptomining malware (lien direct) | A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...] | Malware | ||
|
2021-10-11 09:10:00 | Ukrainian police arrest DDoS operator controlling 100,000 bots (lien direct) | Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. [...] | |||
|
2021-10-11 09:00:00 | Microsoft Defender for Identity to detect Windows Bronze Bit attacks (lien direct) | Microsoft is working on adding support for Bronze Bit attacks detection to Microsoft Defender for Identity to make it easier for Security Operations teams to detect attempts to abuse a Windows Kerberos bug tracked as CVE-2020-17049. [...] | |||
|
2021-10-11 08:00:00 | Nuclear engineer\'s espionage plans unraveled by undercover FBI agent (lien direct) | A Navy nuclear engineer and his wife were arrested under espionage-related charges alleging violations of the Atomic Energy Act after selling restricted nuclear-powered warship design data to a person they believed was a foreign power agent. [...] | |||
|
2021-10-11 05:18:44 | Pacific City Bank discloses ransomware attack claimed by AvosLocker (lien direct) | Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. [...] | Ransomware | ||
|
2021-10-11 03:55:34 | Windows 11 incompatible with apps using non-ASCII registry keys (lien direct) | Microsoft is blocking Windows 11 upgrades if customers use applications that create registry keys using some non-ASCII characters. [...] | |||
|
2021-10-10 18:11:57 | Customize your Windows 11 experience with these free apps (lien direct) | Windows 11 is now available for devices with supported hardware features. If you've already upgraded to Windows 11 and you're looking for some great apps for your Windows 11 device, here's a list of the interesting open-source and free apps currently available in the marketplace. [...] | |||
|
2021-10-10 13:16:30 | FontOnLake malware infects Linux systems via trojanized utilities (lien direct) | A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] | Malware Threat | ||
|
2021-10-10 10:07:14 | Amnesty International links cybersecurity firm to spyware operation (lien direct) | A report by Amnesty International links an Indian cybersecurity company to an Android spyware program used to target prominent activists. [...] | |||
|
2021-10-09 12:08:16 | Bank of America insider charged with money laundering for BEC scams (lien direct) | The U.S. District Court for the Eastern District of Virginia has charged three men with money laundering and aggravated identity theft after allegedly conducting a business email compromise (BEC) scheme. [...] | |||
|
2021-10-09 11:05:10 | Microsoft adds tamper protection to Windows 11 security baseline (lien direct) | Microsoft has released the final version of its security configuration baseline settings for Windows 11, downloadable today using the Microsoft Security Compliance Toolkit. [...] | |||
|
2021-10-09 10:11:11 | Windows 11: Microsoft is investigating these eight problems (lien direct) | Windows 11 is officially released, and users are running into various issues and problems preventing them from upgrading or using the new operating system correctly. Below we have collected eight known issues affecting Windows 11 and when they are expected to be fixed. [...] | |||
|
2021-10-08 17:44:49 | The Week in Ransomware - October 8th 2021 - Making arrrests (lien direct) | This week's big news is the arrests of two ransomware operators in Ukraine responsible for hundreds of attacks targeting organizations worldwide. [...] | Ransomware | ||
|
2021-10-08 15:59:12 | Cox Media Group confirms ransomware attack that took down broadcasts (lien direct) | American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. [...] | Ransomware | ||
|
2021-10-08 13:16:44 | Intuit warns QuickBooks customers of ongoing phishing attacks (lien direct) | Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges. [...] | |||
|
2021-10-08 10:58:22 | Twitch game page backgrounds defaced with Jeff Bezos\' face (lien direct) | On Twitch's website's game pages today appeared a close up of Jeff Bezos' face, in what appears to be a mysterious defacement attack. [...] | |||
|
2021-10-08 10:40:49 | Russian orgs heavily targeted by smaller tier ransomware gangs (lien direct) | Even though American and European companies enjoy the lion's share in ransomware attacks launched from Russian ground, companies in the country aren't spared from having to deal with file encryption and double-extortion troubles. [...] | Ransomware | ||
|
2021-10-08 09:23:40 | Mozilla upgrades older Thunderbird clients to the latest version (lien direct) | Mozilla is rolling out a forced upgrade for Thunderbird 78.x users, getting everyone aboard version 91, the latest stable release that came out in August. [...] | |||
|
2021-10-08 08:20:41 | Engineering giant Weir Group hit by ransomware attack (lien direct) | Scottish multinational engineering firm Weir Group has disclosed by what it called an "attempted ransomware attack" that led to "significant temporary disruption" in the second half of September. [...] | Ransomware | ||
|
2021-10-08 07:04:51 | Microsoft: Russian state hackers behind 53% of attacks on US govt agencies (lien direct) | Microsoft says that Russian-sponsored hacking groups are increasingly targeting US government agencies, with roughly 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 coming from Russia. [...] | |||
|
2021-10-08 03:45:34 | BrewDog exposed data for over 200,000 shareholders and customers (lien direct) | BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers. [...] | |||
|
2021-10-07 19:38:57 | Google warns 14,000 Gmail users targeted by Russian hackers (lien direct) | Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. [...] | Threat | APT 28 | |
|
2021-10-07 18:32:00 | Microsoft is disabling Excel 4.0 macros by default to protect users (lien direct) | Microsoft will soon begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants to protect customers from malicious documents. [...] | |||
|
2021-10-07 16:35:35 | Apache emergency update fixes incomplete patch for exploited bug (lien direct) | Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. [...] | |||
|
2021-10-07 13:53:05 | FIN12 hits healthcare with quick and focused ransomware attacks (lien direct) | While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets. [...] | Ransomware Malware | ||
|
2021-10-07 12:17:24 | AMD warns of up to 15% Windows 11 performance decrease (lien direct) | AMD says it observed performance hits of up to 15% on Windows 11-compatible AMD processors when using some applications. [...] | |||
|
2021-10-07 11:59:52 | Vidar stealer abuses Mastodon to silently get C2 configuration (lien direct) | The Vidar stealer has returned in a new campaign that abuses the Mastodon social media network to get C2 configuration without raising alarms. [...] | |||
|
2021-10-07 10:15:27 | Firefox now shows ads as sponsored address bar suggestions (lien direct) | Mozilla is now showing ads in the form of sponsored Firefox contextual suggestions when U.S. users type in the URL address bar. [...] | |||
|
2021-10-07 09:16:12 | Netherlands orders Apple to offer more App Store payment methods (lien direct) | The Authority for Consumers and Markets (ACM) in the Netherlands is pressing Apple to lift App Store payment restrictions in the country. [...] | |||
|
2021-10-07 08:00:00 | Microsoft fixes bug blocking Azure Virtual Desktops security updates (lien direct) | Microsoft has fixed a bug blocking some Azure Virtual Desktop (AVD) devices from downloading and installing monthly security via Windows Server Update Services (WSUS) since early July. [...] | |||
|
2021-10-07 06:56:31 | Unpatched Dahua cams vulnerable to unauthenticated remote access (lien direct) | Unpatched Dahua cameras are prone to two authentication bypass vulnerabilities, and a proof of concept exploit that came out today makes the case of upgrading pressing. [...] | |||
|
2021-10-07 03:39:35 | Twitch: No credentials or card numbers exposed in data breach (lien direct) | Twitch says that no login credentials and credit card numbers belonging to users or streamers were exposed following yesterday's massive data leak. [...] | Data Breach | ||
|
2021-10-06 20:01:40 | U.S. govt to sue contractors who hide breach incidents (lien direct) | Under the new Civil Cyber-Fraud Initiative that the U.S. Department of Justice announced today, government contractors are accountable in a civil court if they don't report a breach or fail to meet required cybersecurity standards. [...] | |||
|
2021-10-06 16:43:57 | (Déjà vu) Windows 11 bug reverts users back to the Windows 10 taskbar (lien direct) | Windows 11 users report a strange upgrade experience where the operating system continues to show the Windows 10 taskbar, while everything else uses the new Windows 11 user interface. [...] | |||
|
2021-10-06 16:43:57 | Windows 11 upgrades show Windows 10 Start Menu for some users (lien direct) | Windows 11 users report a strange upgrade experience where the operating system continues to show the Windows 10 taskbar, while everything else uses the new Windows 11 user interface. [...] | |||
|
2021-10-06 15:42:54 | Hackers use stealthy ShellClient malware on aerospace, telco firms (lien direct) | Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018. [...] | Malware Threat | ||
|
2021-10-06 12:23:10 | European Parliament calls for ban on AI-powered mass surveillance (lien direct) | The EU Parliament has voted in favor of a resolution that bans the adoption of AI-powered biometric mass surveillance technologies such as facial recognition systems in the continent. [...] | |||
|
2021-10-06 11:29:05 | Actively exploited Apache 0-day also allows remote code execution (lien direct) | Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that the scope of the vulnerability transcends path traversal, allowing attackers remote code execution (RCE) abilities. [...] | Vulnerability | ||
|
2021-10-06 10:48:56 | Medtronic urgently recalls insulin pump controllers over hacking concerns (lien direct) | Medtronic is urgently recalling remote controllers for insulin pumps belonging to its 'MiniMed Paradigm' family of products, due to potential cybersecurity risks. [...] | |||
|
2021-10-06 09:13:00 | Massive Twitch hack: Source code and payment reports leaked (lien direct) | Twitch source code, as well as streamers' and users' sensitive information, was allegedly leaked online by an anonymous user on the 4chan imageboard. [...] | |||
|
2021-10-06 07:52:40 | Facebook outage leads to massive user exodus to Telegram, Signal (lien direct) | Signal and Telegram shared info on a massive exodus of Facebook users joining or switching to other platforms following the 6-hour-long downtime that impacted Facebook, Instagram, and WhatsApp. [...] | |||
|
2021-10-06 06:27:47 | Microsoft shares Windows 11 TPM check bypass for unsupported PCs (lien direct) | Microsoft has published a new support webpage where they provide an official method to bypass the TPM 2.0 check and have Windows 11 installed on unsupported systems. [...] | |||
|
2021-10-06 06:01:18 | Firefox improves advertising tracker blocking in private browsing (lien direct) | Mozilla says that Firefox users will be better protected from advertising trackers (like Google Analytics scripts) while browsing the Internet in Private Browsing mode and using Strict Tracking Protection. [...] | |||
|
2021-10-06 04:56:09 | Microsoft finds Windows 11 issues with SmartByte networking software (lien direct) | Microsoft says Windows 11 customers might experience networking speed issues if Dell's SmartByte software is running on their devices. [...] | |||
|
2021-10-06 04:22:07 | Ransom Disclosure Act would give victims 48 hours to report payments (lien direct) | Victims of ransomware attacks in the United States may soon have to report any payments to hackers within 48 hours, as required by a new legislation proposal titled the 'Ransom Disclosure Act'. [...] | Ransomware | ||
|
2021-10-06 03:34:35 | Fired IT admin revenge-hacks school by wiping data, changing passwords (lien direct) | A 29-year old wiped data on systems of a secondary school in the U.K. and changed the passwords at an IT company, in retaliatory cyber attacks for being fired. [...] |
To see everything:
Our RSS (filtrered)
