Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-15 18:15:20 |
What\'s new and improved in Windows 11 22H2, coming soon (lien direct) |
Windows 11 version 22H2 aka Sun Valley 2 is set to launch later this year. Unlike the original Windows 11 release, it won't be a massive update with radical design changes. Instead, Sun Valley 2 will be similar to Windows 10 Anniversary Update, so you can expect minor improvements and a few new features. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-15 14:47:10 |
Hackers are exploiting critical bug in Zyxel firewalls and VPNs (lien direct) |
Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-15 12:34:09 |
Fake Pixelmon NFT site infects you with password-stealing malware (lien direct) |
A fake Pixelmon NFT site entices fans with free tokens and collectibles while infecting them with malware that steals their cryptocurrency wallets. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-15 10:00:00 |
Windows admins frustrated by Quick Assist moving to Microsoft Store (lien direct) |
Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store. [...] |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-14 15:39:02 |
(Déjà vu) Microsoft fixes new PetitPotam Windows NTLM Relay attack vector (lien direct) |
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-14 15:39:02 |
New Windows PetitPotam NTLM Relay attack vector fixed in May updates (lien direct) |
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-14 11:18:09 |
Angry IT admin wipes employer\'s databases, gets 7 years in prison (lien direct) |
Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-14 10:02:27 |
(Déjà vu) Crypto robber who lured victims via Snapchat and stole £34,000 jailed (lien direct) |
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-14 10:02:27 |
Crypto thief threatened to cut man\'s fingers \'one by one,\' stole £34K (lien direct) |
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 16:58:23 |
The Week in Ransomware - May 13th 2022 - A National Emergency (lien direct) |
While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...] |
Ransomware
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 14:16:08 |
Italian CERT: Hacktivists hit govt sites in \'Slow HTTP\' DDoS attacks (lien direct) |
Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 13:48:24 |
Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits (lien direct) |
Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 12:24:40 |
Fake Binance NFT Mystery Box bots steal victim\'s crypto wallets (lien direct) |
A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 11:38:42 |
SonicWall \'strongly urges\' admins to patch SSLVPN SMA1000 bugs (lien direct) |
SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-13 09:52:18 |
Google Chrome updates failing on Android devices in Russia (lien direct) |
A growing number of Russian Chrome users on Android report getting errors when attempting to install the latest available update of the popular web browser. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 17:30:15 |
Iranian hackers exposed in a highly targeted espionage campaign (lien direct) |
Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. [...] |
Threat
|
APT 34
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 17:10:53 |
Ukrainian imprisoned for selling access to thousands of PCs (lien direct) |
Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 15:18:45 |
Eternity malware kit offers stealer, miner, worm, ransomware tools (lien direct) |
Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...] |
Ransomware
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 14:13:52 |
Zyxel fixes firewall flaws that could lead to hacked networks (lien direct) |
Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...] |
Vulnerability
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 13:07:33 |
BPFdoor: Stealthy Linux malware bypasses firewalls for remote access (lien direct) |
A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-05-12 10:31:20 |
NVIDIA has open-sourced its Linux GPU kernel drivers (lien direct) |
NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 18:34:11 |
Google Chrome emergency update fixes zero-day exploited in attacks (lien direct) |
Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. [...] |
Vulnerability
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 16:21:26 |
Ukraine says it\'s targeted by \'massive wave of hybrid warfare\' (lien direct) |
The Security Service of Ukraine (SSU) today said the country is the target of an ongoing "wave of hybrid warfare," aiming to instill anxiety and undermine Ukrainian society's confidence in the state's ability to defend its citizens. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 14:31:00 |
Sports brand Mizuno hit with ransomware attack delaying orders (lien direct) |
Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 14:05:18 |
FTC warns VoIP providers: Share your robocall info or get sued (lien direct) |
The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 13:03:24 |
QNAP extends critical updates for some unsupported NAS devices (lien direct) |
QNAP has extended support and will keep issuing security updates for some end-of-life (EOL) network-attached storage (NAS) devices until October 2022. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 10:41:14 |
(Déjà vu) FBI: BlackByte ransomware breached US critical infrastructure (lien direct) |
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-14 09:45:44 |
Emergency Magento update fixes zero-day bug exploited in attacks (lien direct) |
Adobe rolled out emergency updates for Adobe Commerce and Magento Open Source to fix a critical vulnerability tracked as CVE-2022-24086 that's being exploited in the wild. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-13 15:00:50 |
(Déjà vu) Microsoft Defender will soon block Windows password theft (lien direct) |
Microsoft is enabling an 'Attack Surface Reduction' security feature rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-13 15:00:50 |
Microsoft is making it harder to steal Windows passwords from memory (lien direct) |
Microsoft is enabling an 'Attack Surface Reduction' security feature rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. [...] |
|
|
★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-13 08:22:11 |
NFL\'s San Francisco 49ers hit by Blackbyte ransomware attack (lien direct) |
The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 16:57:54 |
The Week in Ransomware - February 11th 2022 - Maze, Egregor decryptors (lien direct) |
We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations. [...] |
Ransomware
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 14:29:48 |
Croatian phone carrier data breach impacts 200,000 clients (lien direct) |
Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 13:12:57 |
Twitter is down with "Something went wrong" errors (lien direct) |
Twitter is currently experiencing a worldwide service disruption that makes it impossible for users to read tweets on the web and load threads using the mobile app. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 12:45:00 |
(Déjà vu) CISA orders federal agencies to update iPhones, Macs until Feb 25th (lien direct) |
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 12:45:00 |
CISA orders federal agencies to update iPhones until Feb 25th (lien direct) |
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 12:40:01 |
Google Project Zero: Vendors are now quicker at fixing zero-days (lien direct) |
Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-11 08:01:01 |
CISA urges orgs to patch actively exploited Windows SeriousSAM bug (lien direct) |
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 19:20:20 |
Microsoft fixes Defender flaw letting hackers bypass antivirus scans (lien direct) |
Microsoft has recently addressed a weakness in the Microsoft Defender Antivirus on Windows that allowed attackers to plant and execute malicious payloads without triggering Defender's malware detection engine. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 16:44:21 |
Microsoft: Support for Windows 10 20H2 ending in May 2022 (lien direct) |
Microsoft reminded customers today that multiple editions of Windows 10, version 20H2 and Windows 10, version 1909 are quickly approaching end of servicing (EOS). [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 15:44:01 |
Microsoft starts killing off WMIC in Windows, will thwart attacks (lien direct) |
Microsoft is moving forward with removing the Windows Management Instrumentation Command-line (WMIC) tool, wmic.exe, starting with the latest Windows 11 preview builds in the Dev channel. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 15:02:17 |
Hacking group \'ModifiedElephant\' evaded discovery for a decade (lien direct) |
Threat analysts have linked a decade of activity to an APT (advanced persistent threat) actor called 'ModifiedElephant', who has managed to remain elusive to all threat intelligence firms since 2012. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 14:11:02 |
(Déjà vu) Apple patches new zero-day exploited to hack iPhones, iPads, Macs (lien direct) |
Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. [...] |
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 11:25:10 |
Qbot, Lokibot malware switch back to Windows Regsvr32 delivery (lien direct) |
Malware distributors have turned to an older trick known as Squiblydoo to spread Qbot and Lokibot via Microsoft Office document using regsvr32.exe. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 11:13:44 |
FTC says Americans lost $547 million to romance scams in 2021 (lien direct) |
The US Federal Trade Commission (FTC) said that Americans reported record high losses of $547 million to romance scams in 2021, up almost 80% compared to 2020 and over six times compared to losses reported in 2017. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 09:08:24 |
FritzFrog botnet grows 10x, hits healthcare, edu, and govt systems (lien direct) |
The FritzFrog botnet that's been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-10 06:57:33 |
Spain dismantles SIM swapping group who emptied bank accounts (lien direct) |
Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-09 16:33:18 |
PHP Everywhere RCE flaws threaten thousands of WordPress sites (lien direct) |
Researchers found three critical remote code execution (RCE) vulnerabilities in the PHP Everywhere plugin for WordPress, used by over 30,000 websites worldwide. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-09 15:05:10 |
Microsoft Teams now needs 50% less power during meetings (lien direct) |
Microsoft has drastically reduced Microsoft Teams' power requirements in calls and meetings since June 2020, improving experience consistency and making it more friendly with low-end devices. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2022-02-09 13:24:08 |
Wave of MageCart attacks target hundreds of outdated Magento sites (lien direct) |
Analysts have found the source of a mass breach of over 500 e-commerce stores running the Magento 1 platform and involves a single domain loading a credit card skimmer on all of them. [...] |
|
|
|