What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-06-14 19:26:00 | (Déjà vu) Decryption Utility Unlocks Files Encrypted by Jaff Ransomware (lien direct) | Researchers have neutralized the latest strain of the Jaff ransomware, releasing a decryption tool for unlocking files. | |||
|
2017-06-14 17:17:21 | DHS, FBI Warn of North Korea \'Hidden Cobra\' Strikes Against US Assets (lien direct) | DHS and the FBI warned that North Korean attackers are targeting U.S. businesses with malware- and botnet-related attacks that are part of concerted effort dubbed "Hidden Cobra." | Medical | APT 38 | |
|
2017-06-14 17:13:59 | Abuse of Apple Search Ads Feature Leading to Fraud (lien direct) | Apple has removed one of its top 10 grossing productivity apps after an independent developer's story about fraudsters' abuse of the App Store's Search Ads functionality went viral. | |||
|
2017-06-14 13:05:23 | Post-WannaCry, 5.5 Million Devices Still Expose SMB Port (lien direct) | In its annual National Exposure Index report, Rapid7 found 160 million computers, IoT devices and servers with open ports that should not be exposed to the public network. | Wannacry | ||
|
2017-06-14 12:50:23 | Rare XP Patches Fix Three Remaining Leaked NSA Exploits (lien direct) | Microsoft released patches on Tuesday for unsupported versions of Windows, a decision prompted by three NSA exploits that remained unaddressed from April's ShadowBrokers leak. | |||
|
2017-06-13 20:23:28 | Microsoft Patches Two Critical Vulnerabilities Under Attack (lien direct) | Microsoft patched 95 vulnerabilities today, including two under attack. | |||
|
2017-06-13 19:34:53 | Risk of \'Destructive Cyber Attacks\' Prompts Microsoft to Update XP Again (lien direct) | Citing an elevated risk for destructive attacks, Microsoft today included patches for vulnerabilities in Windows XP among its Patch Tuesday updates. | |||
|
2017-06-13 18:33:56 | Adobe Fixes 21 Critical Vulnerabilities with June Patch Tuesday Update (lien direct) | Adobe fixed 21 vulnerabilities across four products - Flash, Shockwave Player, Captivate, and Adobe Digital Editions - on Tuesday. | |||
|
2017-06-13 15:30:48 | Patrick Wardle on MacRansom Ransomware-as-a-Service (lien direct) | Patrick Wardle of Synack and the Objective-See blog talks to Mike Mimoso about the emergence of a ransomware service targeting MacOS machines. Wardle explains why he characterizes MacRansom as “lame†and whether this could kick off a wave of copycats vying for the Apple platform. | ★★★★ | ||
|
2017-06-13 11:15:50 | FIN7 Hitting Restaurants with Fileless Malware (lien direct) | A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks. | |||
|
2017-06-12 20:19:00 | Free Mac-Based Ransomware-as-a-Service MacRansom Surfaces (lien direct) | A new, free macOS-based ransomware as a service has surfaced on the darkweb. Researchers say once the malware encrypts users' files, they're "pretty much gone for good." | ★★★★★ | ||
|
2017-06-12 18:41:25 | Blinking Router LEDs Leak Data From Air-Gapped Networks (lien direct) | Researchers say sensitive data can be extracted from air-gapped networks via a wireless router's blinking LEDs. | |||
|
2017-06-12 13:34:17 | Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability (lien direct) | Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency. | |||
|
2017-06-09 20:11:27 | GameStop Online Shoppers Officially Warned of Breach (lien direct) | Some customers are irked it took GameStop months to inform them that their personal and financial information could have been compromised in a breach of GameStop.com that began in August 2016. | |||
|
2017-06-09 19:38:20 | Google Releases reCAPTCHA API for Android (lien direct) | Google has released a reCAPTCHA API for Android, a first for the mobile applications. | |||
|
2017-06-09 16:46:20 | Platinum APT First to Abuse Intel Chip Management Feature (lien direct) | Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers. | |||
|
2017-06-09 13:00:11 | Threatpost News Wrap, June 9, 2017 (lien direct) | How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week's Apple security announcements are all discussed. | |||
|
2017-06-08 18:53:58 | Motorola Moto G4, G5 Vulnerable to Local Root Shell Attacks (lien direct) | Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities. | |||
|
2017-06-08 16:12:59 | VMware Patches Critical Vulnerabilities in vSphere Data Protection (lien direct) | VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes. | ★★★★ | ||
|
2017-06-08 14:53:55 | Cisco Patches Critical Flaws in Prime Data Center Network Manager (lien direct) | Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access. | |||
|
2017-06-08 13:00:17 | Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers (lien direct) | WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors. | ★★★★★ | ||
|
2017-06-08 09:00:53 | Google Removes Rooting Trojan Dvmap From Play Store (lien direct) | Google removed a rooting an Android Trojan called Dvmap from Google Play that injects malicious code into an infected device's system library. | |||
|
2017-06-07 21:18:13 | EFF Sues DOJ Over National Security Letter Disclosure Rules (lien direct) | The Electronic Frontier Foundation sued the United States Department of Justice demanding to know whether the agency is complying with rules that mandate a periodic review of National Security Letter gag orders. | |||
|
2017-06-07 19:25:19 | Windows 10 Mitigations Make Future EternalBlue Attacks Difficult (lien direct) | Now that researchers have built a port of EternalBlue to Windows 10, they've probably only now caught up to what the NSA has had for a long while. | |||
|
2017-06-07 18:36:01 | Zusy Malware Installs Via Mouseover – No Clicking Required (lien direct) | Zusy malware installs when victims hover over an opened PowerPoint file – no clicking needed. | |||
|
2017-06-06 19:20:25 | Curiosity Kills Security When it Comes to Phishing (lien direct) | The results of an academic experiment reveal that recipients of Facebook messages are much more likely to click on suspicious links. | |||
|
2017-06-06 19:16:38 | IBM Backup Bug Gets Workaround Fix After Nine Months of Exposure (lien direct) | IBM quietly released a workaround fix for a vulnerability in its Spectrum Protect enterprise backup software it has known about since September 2016. | |||
|
2017-06-06 17:36:40 | Google Fixes 30 Vulnerabilities, Five High Severity, in Chrome 59 (lien direct) | Google fixed 30 vulnerabilities, including five high severity issues, in the latest version of Chrome, Chrome 59, on Monday. | |||
|
2017-06-06 14:55:42 | NSA\'s EternalBlue Exploit Ported to Windows 10 (lien direct) | Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack. | |||
|
2017-06-05 20:28:28 | QakBot Returns, Locking Out Active Directory Accounts (lien direct) | QakBot, a worm-like, information-stealing strain of malware is back and locking users out of their Active Directory accounts. | |||
|
2017-06-05 19:16:22 | 40,000 Subdomains Tied to RIG Exploit Kit Shut Down (lien direct) | GoDaddy, along with researchers from RSA Security and other companies, shut down tens of thousands of illegal established subdomains tied to the RIG Exploit Kit. | ★★★ | ||
|
2017-06-05 19:10:51 | 53 Percent of Enterprise Flash Installs are Outdated (lien direct) | More than half of enterprises are exposing themselves to unnecessary risk by running out-of-date versions of Flash. | |||
|
2017-06-03 12:00:50 | Jaff Malware Probe Uncovers Link to Cybercrime Marketplace (lien direct) | Researchers have discovered a shared backend infrastructure between the Jaff ransomware and a black market carder shop. | |||
|
2017-06-02 18:32:11 | EternalBlue Exploit Spreading Gh0st RAT, Nitol (lien direct) | FireEye said threat actors are using the NSA's EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT. | Wannacry | ||
|
2017-06-02 16:46:43 | SSH Configuration on Nexpose Servers Allowed Weak Encryption Algorithms (lien direct) | Rapid7 warned this week that its Nexpose appliances were shipped with a SSH configuration that could have let obsolete algorithms be used for key exchange. | |||
|
2017-06-02 14:30:15 | Threatpost News Wrap, June 2, 2017 (lien direct) | Mike Mimoso and Chris Brook discuss the news of the week, including the ShadowBrokers crowdfunding attempt, errors in WannaCry, a new Wikileaks dump, last week's Samba vulnerability, and the OneLogin breach. | Wannacry | ||
|
2017-06-02 13:00:28 | WikiLeaks Dumps CIA Patient Zero Windows Implant (lien direct) | Pandemic is a Windows implant built by the CIA that turns file servers into Patient Zero on a local network, infecting machines requesting files with Trojanized replacements. | |||
|
2017-06-02 12:00:30 | (Déjà vu) Fireball Malware Infects 250 Million Computers Worldwide (lien direct) | A massive malware campaign has already infected 250 million Windows and Mac OS computers worldwide. | |||
|
2017-06-01 18:53:10 | Insecure Backend Databases Blamed for Leaking 43TB of App Data (lien direct) | More than 1,000 mobile apps are leaking personal information via unsecured backend platforms such as MongoDB, MySQL and others. | |||
|
2017-06-01 16:38:54 | Crowdfunding Effort to Buy ShadowBrokers Exploits Shuts Down (lien direct) | A crowdfunding effort to buy a subscription to the ShadowBrokers' Monthly Dump Service of stolen exploits and data was shut down citing legal and ethical concerns. | |||
|
2017-06-01 16:29:17 | OneLogin Breach Compromised Customer Data, Ability to Decrypt Encrypted Data (lien direct) | A breach at OneLogin appears to have compromised customer data, including the ability to decrypt encrypted data. | |||
|
2017-06-01 14:09:04 | WannaCry Development Errors Enable File Recovery (lien direct) | Researchers at Kaspersky Lab have found a number of programming errors in the WannaCry ransomware code that put file recovery within reach of sysadmins. | Wannacry | ||
|
2017-05-31 20:25:35 | Hack Department of Homeland Security Act Would Bring Bug Bounty Program to DHS (lien direct) | Senators introduced a bill last week to establish a bug bounty pilot program within the Department of Homeland Security. | |||
|
2017-05-31 17:55:30 | Patches Available for Linux Sudo Vulnerability (lien direct) | A high-severity vulnerability in sudo has been patched in a number of Linux distributions; the flaw allows local attackers to elevate privileges to root. | |||
|
2017-05-31 17:51:56 | Cisco, Netgear Readying Patches for Samba Vulnerability (lien direct) | Cisco is prepping fixes for two of its products affected by last week's Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected. | |||
|
2017-05-31 17:00:30 | New Machine Learning Behind Early Phishing Detection in Gmail (lien direct) | Google announced today new security features in Gmail, including the news that it will enhance early phishing detection in Gmail through dedicated machine learning. | |||
|
2017-05-31 13:05:26 | Privacy Issue Fixed in Yopify Ecommerce Notification Plugin (lien direct) | Ecommerce sites using the Yopify plugin were leaking customers' names, locations and purchases. | |||
|
2017-05-30 18:39:55 | FreeRADIUS Update Resolves Authentication Bypass (lien direct) | Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server. | |||
|
2017-05-30 15:47:34 | ShadowBrokers Put Price on Monthly Zero Day Leaks (lien direct) | The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash. | |||
|
2017-05-28 10:00:15 | Microsoft Quietly Patches Another Critical Malware Protection Engine Flaw (lien direct) | Microsoft quietly patched a critical vulnerability found by Google's Project Zero team in the Malware Protection Engine. |
To see everything:
Our RSS (filtrered)
