What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-30 08:19:10 | Google blocked dozens of domains used by hack-for-hire groups (lien direct) | Google's Threat Analysis Group (TAG) has blocked dozens of malicious domains and websites used by hack-for-hire groups in attacks targeting high-risk targets worldwide. [...] | Threat | ||
|
2022-06-30 08:12:24 | AstraLocker 2.0 infects users directly from Word attachments (lien direct) | A lesser-known ransomware strain called AstraLocker has recently released its second major version, and according to threat analysts, its operators engage in rapid attacks that drop its payload directly from email attachments. [...] | Ransomware Threat | ||
|
2022-06-30 06:05:16 | OpenSea discloses data breach, warns users of phishing attacks (lien direct) | OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a data breach on Wednesday and warned users of potential phishing attacks targeting them in the coming days. [...] | Data Breach | ||
|
2022-06-29 17:23:36 | Walmart denies being hit by Yanluowang ransomware attack (lien direct) | American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. [...] | Ransomware | ||
|
2022-06-29 14:44:56 | Avaya sysadmin indicted for illegally generating, selling VoIP licenses (lien direct) | Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering. [...] | |||
|
2022-06-29 13:53:15 | New YTStealer malware steals accounts from YouTube Creators (lien direct) | A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack their channels. [...] | Malware | ||
|
2022-06-29 12:30:00 | CISA warns of hackers exploiting PwnKit Linux vulnerability (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild. [...] | Vulnerability | ||
|
2022-06-29 12:00:19 | Thunderbird 102 released with highly anticipated features, bug fixes (lien direct) | Mozilla has announced the release of Thunderbird 102, one of the world's most popular open-source email clients with an estimated userbase of over 25 million. [...] | |||
|
2022-06-29 11:27:21 | Ukraine arrests cybercrime gang operating over 400 phishing sites (lien direct) | The Ukrainian cyberpolice force arrested nine members of a criminal group that operated over 400 phishing websites crafted to appear like legitimate EU portals offering financial assistance to Ukrainians. [...] | |||
|
2022-06-29 09:06:36 | CISA warns orgs to switch to Exchange Online Modern Auth until October (lien direct) | CISA has urged government agencies and private sector organizations using Microsoft's Exchange cloud email platform to expedite the switch from Basic Authentication legacy authentication methods without multifactor authentication (MFA) support to Modern Authentication alternatives. [...] | ★★★★★ | ||
|
2022-06-29 08:30:00 | Google Workspace now alerts of critical changes to admin accounts (lien direct) | Google Workspace (formerly G Suite) has been updated to notify admins of highly sensitive changes to configurations, including those made to single sign-on (SSO) profiles and admin accounts. [...] | |||
|
2022-06-29 07:00:00 | Amazon fixes high-severity vulnerability in Android Photos app (lien direct) | Amazon has confirmed and fixed a vulnerability in its Photos app for Android, which has been downloaded over 50 million times on the Google Play Store. [...] | Vulnerability | ||
|
2022-06-29 06:48:22 | (Déjà vu) Microsoft Azure FabricScape bug let hackers hijack Linux clusters (lien direct) | Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Threat | ||
|
2022-06-29 06:48:22 | Microsoft fixes bug that let hackers hijack Azure Linux clusters (lien direct) | Microsoft has fixed a container escape vulnerability in the Service Fabric (SF) application hosting platform that would allow threat actors to escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster. [...] | Vulnerability Threat | ||
|
2022-06-28 18:37:49 | Windows 10 KB5014666 update brings new printing features, bug fixes (lien direct) | Microsoft has released the optional KB5014666 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. [...] | |||
|
2022-06-28 17:49:21 | Evilnum hackers return in new operation targeting migration orgs (lien direct) | The Evilnum hacking group is showing renewed signs of malicious activity, targeting European organizations that are involved in international migration. [...] | |||
|
2022-06-28 17:11:01 | New Firefox privacy feature strips URLs of tracking parameters (lien direct) | Mozilla Firefox 102 was released today with a new privacy feature that strips parameters from URLs that are used to track you around the web. [...] | |||
|
2022-06-28 16:10:41 | Microsoft 365 now prevents data leaks with new session timeouts (lien direct) | Microsoft announced today the general availability of tenant-wide idle session timeout for Microsoft 365 web apps to protect confidential data on shared or non-company devices left unattended. [...] | |||
|
2022-06-28 13:18:14 | AMD investigates RansomHouse hack claims, theft of 450GB data (lien direct) | Chip manufacturer AMD says they are investigating a cyberattack after threat actors claimed to have stolen 450 GB of data from the company last year. [...] | Hack Threat | ||
|
2022-06-28 12:29:07 | MITRE shares this year\'s list of most dangerous software bugs (lien direct) | MITRE shared this year's list of the top 25 most common and dangerous weaknesses impacting software throughout the previous two calendar years. [...] | |||
|
2022-06-28 11:33:09 | New ZuoRAT malware targets SOHO routers in North America, Europe (lien direct) | A newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT has been used to target remote workers via small office/home office (SOHO) routers across North America and Europe undetected since 2020. [...] | Malware | ||
|
2022-06-28 10:41:53 | FBI: Stolen PII and deepfakes used to apply for remote tech jobs (lien direct) | The Federal Bureau of Investigation (FBI) warns of an increase in complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions. [...] | |||
|
2022-06-28 10:02:01 | Breaking Down the Zola Hack and Why Password Reuse is so Dangerous (lien direct) | In May of 2022, the wedding planning and registry site Zola suffered a major security breach due to a credential stuffing attack. due to password reuse. Here's what happened and what could have been done to prevent the attack. [...] | Hack | ||
|
2022-06-28 09:39:28 | Raccoon Stealer is back with a new version to steal your passwords (lien direct) | The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. [...] | Malware | ||
|
2022-06-28 09:00:00 | (Déjà vu) Malicious Messenger chatbots used to steal Facebook accounts (lien direct) | A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. [...] | |||
|
2022-06-28 09:00:00 | Messenger chatbots now used to steal Facebook accounts (lien direct) | A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. [...] | |||
|
2022-06-28 06:39:23 | Over 900,000 Kubernetes instances found exposed online (lien direct) | Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. [...] | Uber | ||
|
2022-06-27 15:44:22 | Bank of the West found debit card-stealing skimmers on ATMs (lien direct) | The Bank of the West is warning customers that their debit card numbers and PINs have been stolen by skimmers installed on several of the bank's ATMs. [...] | |||
|
2022-06-27 14:30:15 | Android malware \'Revive\' impersonates BBVA bank\'s 2FA app (lien direct) | A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. [...] | Malware | ||
|
2022-06-27 14:00:18 | (Déjà vu) US, Brazil seize 272 websites used to illegally download music (lien direct) | The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] | |||
|
2022-06-27 14:00:18 | US seizes websites used to illegally download and stream music (lien direct) | The domains of six websites that streamed and provided illegal downloads of copyrighted music were seized by U.S. Homeland Security Investigations (HSI) and the Department of Justice. [...] | |||
|
2022-06-27 12:40:00 | Microsoft will fix Windows RRAS, VPN issues for all users in July (lien direct) | Microsoft has finally confirmed Internet connectivity issues affecting servers with Routing and Remote Access Service (RRAS) enabled after installing Windows updates released as part of this month's Patch Tuesday. [...] | |||
|
2022-06-27 12:31:49 | Vice Society claims ransomware attack on Med. University of Innsbruck (lien direct) | The Vice Society ransomware gang has claimed responsibility for last week's cyberattack against the Medical University of Innsbruck, which caused severe IT service disruption and the alleged theft of data. [...] | Ransomware | ||
|
2022-06-27 11:39:17 | Microsoft Exchange bug abused to hack building automation systems (lien direct) | A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. [...] | Hack Threat | ||
|
2022-06-27 11:09:44 | LockBit 3.0 introduces the first ransomware bug bounty program (lien direct) | The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. [...] | Ransomware | ||
|
2022-06-27 10:08:37 | Microsoft: Recent Windows updates caused Edge freeze issues (lien direct) | Microsoft says it addressed a known issue that was causing all Microsoft Edge tabs running IE mode to stop responding if one of the opened sites displayed a modal dialog box after issuing a window.focus call. [...] | |||
|
2022-06-26 12:04:08 | LGBTQ+ community warned of extortionists abusing dating apps (lien direct) | The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld. [...] | |||
|
2022-06-26 11:05:10 | Fake copyright infringement emails install LockBit ransomware (lien direct) | LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. [...] | Ransomware Malware | ||
|
2022-06-26 10:12:06 | Clever phishing method bypasses MFA using Microsoft WebView2 apps (lien direct) | A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...] | Threat | ||
|
2022-06-26 09:14:28 | NetSec Goggle shows search results only from cybersecurity sites (lien direct) | A new Brave Search Goggle modifies Brave Search results to only show reputable cybersecurity sites, making it easier to search for and find security information. [...] | |||
|
2022-06-25 11:32:26 | (Déjà vu) PyPi python packages caught sending stolen AWS keys to unsecured sites (lien direct) | Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...] | |||
|
2022-06-25 11:32:26 | PyPi packages caught sending stolen AWS keys to unsecured sites (lien direct) | Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...] | |||
|
2022-06-25 10:06:00 | Microsoft: Exchange Server 2013 reaches end of support in 9 months (lien direct) | Microsoft has reminded customers that the Exchange Server 2013 mail and calendaring platform will reach its extended end-of-support date roughly nine months from now, on April 11, 2021. [...] | |||
|
2022-06-25 09:12:06 | Automotive fabric supplier TB Kawashima announces cyberattack (lien direct) | TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack. [...] | |||
|
2022-06-24 18:20:35 | The Week in Ransomware - June 24th 2022 - Splinter Cells (lien direct) | The Conti ransomware gang has finally ended their charade and turned off their Tor data leak and negotiation sites, effectively shutting down the operation. [...] | Ransomware | ★★★★★ | |
|
2022-06-24 16:28:35 | Russia fines Google for spreading \'unreliable\' info defaming its army (lien direct) | Roskomnadzor, Russia's telecommunications watchdog, has fined Google 68 million rubles (roughly $1.2 million) for helping spread what it called "unreliable" information on the war in Ukraine and the failure to remove it from its platforms. [...] | |||
|
2022-06-24 16:13:13 | Windows 10 22H2 accidentally confirmed by latest preview update (lien direct) | Microsoft has accidentally leaked that Windows 10 22H2 is on its way by including an enablement package in the latest Windows 10 KB5014666 preview update available to Insiders on the Release channel. [...] | |||
|
2022-06-24 13:13:16 | Mitel zero-day used by hackers in suspected ransomware attack (lien direct) | Hackers used a zero-day exploit on Linux-based Mitel MiVoice VOIP appliances for initial access in what is believed to be the beginning of a ransomware attack. [...] | Ransomware | ||
|
2022-06-24 12:48:42 | (Déjà vu) CafePress fined $500,000 for breach affecting 23 million users (lien direct) | The U.S. Federal Trade Commission (FTC) today ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for attempting to cover up a major data breach impacting more than 23 million customers and failing to protect their data. [...] | Data Breach | ||
|
2022-06-24 12:48:42 | FTC fines CafePress $500K for breach affecting 23 million users (lien direct) | The U.S. Federal Trade Commission (FTC) today ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for attempting to cover up a major data breach impacting more than 23 million customers and failing to protect their data. [...] | Data Breach |
To see everything:
Our RSS (filtrered)
