Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-15 15:20:30 |
iOS Clock app crashes due to strange Beirut timezone bug (lien direct) |
A strange bug in iOS is causing the Clock app to crash when creating a new alarm if the device's timezone is set to Beirut, Lebanon. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-15 14:00:32 |
Twitter now supports multiple 2FA security keys on mobile and web (lien direct) |
Twitter has added support for multiple security keys to accounts with two-factor authentication (2FA) enabled for logging into the social network's web interface and mobile apps. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-15 13:20:50 |
Phishing sites now detect virtual machines to bypass detection (lien direct) |
Phishing sites are now using JavaScript to evade detection by checking whether a visitor is browsing the site from a virtual machine or headless device. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-15 09:16:05 |
Microsoft fixes Office issue causing memory, disk space errors (lien direct) |
Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-14 18:22:50 |
Best Microsoft tools created for Windows 10 power users (lien direct) |
Over the past year, Microsoft has quietly released new built-in Windows 10 command-line applications and free Microsoft Store apps that enhance the operating system's functionality. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-14 16:25:04 |
Twitter bug automatically suspends you when tweeting \'Memphis\' (lien direct) |
A bug on Twitter is causing users to become temporarily suspended if they tweet the word 'Memphis,' BleepingComputer has confirmed. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-14 15:42:50 |
New PoC for Microsoft Exchange bugs puts attacks in reach of anyone (lien direct) |
A security researcher has released a new proof-of-concept exploit this weekend that requires slight modification to install web shells on Microsoft Exchange servers vulnerable to the actively exploited ProxyLogon vulnerabilities. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-14 09:11:29 |
Windows 10 \'Spring Update\' - The new features and how to download (lien direct) |
Windows 10 21H1, aka the 'Spring Update,' is slated for release within the next two months, and while it does not contain too many new and interesting features, it does get us ready for a more exciting feature update coming this fall. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-13 14:12:21 |
Microsoft Edge to use a four-week release cycle to sync with Chrome (lien direct) |
Major 'Stable' versions of Microsoft Edge will now be released every four weeks to synchronize with the new four-week release cycle announced by Google Chrome. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-13 12:28:50 |
CEO of Sky Global encrypted chat platform indicted by US (lien direct) |
The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-13 10:15:00 |
15-year-old Linux kernel bugs let attackers gain root privileges (lien direct) |
Three security vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-13 09:15:00 |
Microsoft shares temporary fix for Windows 10 printing crashes (lien direct) |
Microsoft has provided a temporary fix for the Windows 10 blue screen crashes plaguing customers when printing after installing the March 2021 cumulative updates. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 18:51:27 |
The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers (lien direct) |
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 16:10:28 |
(Déjà vu) Google fixes second actively exploited Chrome zero-day this month (lien direct) |
Google has fixed a second actively exploited Chrome zero-day this month with the release of Chrome 89.0.4389.90 to the Stable desktop channel for Windows, Mac, and Linux users. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 14:57:57 |
Scammers promote fake cryptocurrency giveaways via Twitter ads (lien direct) |
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 14:30:09 |
Google shares Spectre PoC targeting browser JavaScript engines (lien direct) |
Google has published JavaScript proof-of-concept (PoC) code to demonstrate the practicality of using Spectre exploits targeting web browsers to gain access to information from a browser's memory. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 13:20:18 |
Microsoft Exchange exploits now used by cryptomining malware (lien direct) |
The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 11:46:39 |
Researchers hacked Indian govt sites via exposed git and env files (lien direct) |
Researchers have now disclosed more information on how they were able to breach multiple websites of the Indian government. The full findings disclosed today shed light on the routes leveraged by the researchers, including finding exposed .git directories and .env files on some of these systems. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 11:14:54 |
New ZHtrap botnet malware deploys honeypots to find more targets (lien direct) |
A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 09:50:26 |
Google Chrome now gobbles up 20% less memory on Windows (lien direct) |
Google says that the latest Google Chrome version comes with major memory savings on Windows systems and improves energy consumption and overall responsiveness. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-12 02:45:26 |
OVH data center fire likely caused by faulty UPS power supply (lien direct) |
OVH founder and chairman Octave Klaba has provided a plausible explanation for the fire that burned down OVH data centers in Strasbourg, France. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 19:39:25 |
(Déjà vu) Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits (lien direct) |
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 19:39:25 |
New DEARCRY Ransomware is targeting Microsoft Exchange Servers (lien direct) |
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 17:14:02 |
7-Zip developer releases the first official Linux version (lien direct) |
An official version of the popular 7-zip archiving program has been released for Linux for the first time. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 14:40:02 |
New Firefox version fixes Linux crashes, Apple Silicon hangs (lien direct) |
Mozilla today started rolling out Firefox 86.0.1 to address a known bug causing the web browser to crash frequently when launched on Linux systems. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 13:45:19 |
(Déjà vu) Smart sex toys come with Bluetooth and remote hijacking weaknesses (lien direct) |
Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, and COVID-19 situation has led to a rapid increase in sex toy sales, researchers believe a discussion around the security of these devices is vital. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 13:45:19 |
Smart sex toys come with Bluetooth and remote access weaknesses (lien direct) |
Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, and COVID-19 situation has led to a rapid increase in sex toy sales, researchers believe a discussion around the security of these devices is vital. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 13:12:54 |
Molson Coors brewing operations disrupted by cyberattack (lien direct) |
The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 11:14:53 |
CISA: No federal civilian agency hacked in Exchange attacks, so far (lien direct) |
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 08:46:18 |
Chinese state hackers target Linux systems with new malware (lien direct) |
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-11 05:18:30 |
Microsoft confirms Windows 10 crash issue due to March updates (lien direct) |
Microsoft has confirmed that Windows 10 devices might crash with a Blue Screen of Death (BSOD) when printing under certain conditions after applying the March KB5000802 cumulative update. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 15:49:33 |
Linux Foundation unveils Sigstore - a Let\'s Encrypt for code signing (lien direct) |
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 14:03:06 |
Europol \'unlocks\' encrypted Sky ECC chat service to make arrests (lien direct) |
European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels over the Sky ECC encrypted chat. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 12:50:24 |
Windows 10 crashes when printing due to Microsoft March updates (lien direct) |
Microsoft has pulled the Windows 10 10 KB5000802 and KB5000808 cumulative updates afters users began reporting Blue Screen of Death crashes when printing to network printers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 12:04:10 |
(Déjà vu) F5 urges customers to patch critical BIG-IP pre-auth RCE bug (lien direct) |
F5 Networks, a leading provider of enterprise networking gear, has announced four critical remote code execution (RCE) vulnerabilities affecting most versions of BIG-IP and BIG-IQ software. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 12:04:10 |
F5 urges customers to patch 4 critical BIG-IP pre-auth RCE bugs (lien direct) |
F5 Networks, a leading provider of enterprise networking gear, has announced four critical remote code execution (RCE) vulnerabilities affecting most versions of BIG-IP and BIG-IQ software. [...] |
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 10:57:36 |
Norway parliament data stolen in Microsoft Exchange attack (lien direct) |
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 09:42:20 |
More hacking groups join Microsoft Exchange attack frenzy (lien direct) |
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 08:35:58 |
Ryuk ransomware hits 700 Spanish government labor agency offices (lien direct) |
The systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-10 03:08:14 |
OVH data center burns down knocking major sites offline (lien direct) |
In a major unprecedented incident, data centers of OVH located in Strasbourg, France have been destroyed by fire. Customers are being advised by the company to enact their disaster recovery plans after the fire has rendered multiple data centers unserviceable, impacting websites around the world. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 19:25:59 |
Microsoft Edge Legacy will now prompt you to install Chromium Edge (lien direct) |
Microsoft Edge Legacy has officially reached the end of life today, and starting tomorrow, the web browser will begin displaying notifications telling users to switch to the new Chromium-based Microsoft Edge. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 19:05:30 |
iPhone Call Recorder bug gave acess to other people\'s conversations (lien direct) |
An iOS call recording app patched a security vulnerability that gave anyone access to the conversations of thousands of users by simply providing the correct phone numbers. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 17:25:19 |
Hackers access surveillance cameras at Tesla, Cloudflare, banks, more (lien direct) |
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 15:20:34 |
US seizes more domains used in COVID-19 vaccine phishing attacks (lien direct) |
The US Department of Justice has seized a fifth domain name used to impersonate the official site of a biotechnology company involved in COVID-19 vaccine development. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 13:30:08 |
Microsoft March 2021 Patch Tuesday fixes 82 flaws, 2 zero-days (lien direct) |
Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 13:27:25 |
(Déjà vu) Windows 10 Cumulative Updates KB5000808 & KB5000802 released (lien direct) |
As part of the March Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 13:05:44 |
Microsoft shares detection, mitigation advice for Azure LoLBins (lien direct) |
Azure LoLBins can be used by attackers to bypass network defenses, deploy cryptominers, elevate privileges, and disable real-time protection on a targeted device. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 12:14:37 |
Wordpress plans to drop support for Internet Explorer 11 (lien direct) |
The most well-known and popular blogging platform, WordPress, is considering dropping support for Internet Explorer 11 as the browser's usage dips below 1%. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 11:27:27 |
Adobe fixes critical Creative Cloud, Adobe Connect vulnerabilities (lien direct) |
Adobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-09 10:37:08 |
z0Miner botnet hunts for unpatched ElasticSearch, Jenkins servers (lien direct) |
A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero (XMR) cryptocurrency. [...] |
|
|
|