What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-22 07:23:46 | Microsoft reveals cause behind this week\'s Microsoft 365 outage (lien direct) | Microsoft has revealed that this week's Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions. [...] | |||
|
2022-06-22 06:20:54 | Critical PHP flaw exposes QNAP NAS devices to RCE attacks (lien direct) | QNAP has warned customers today that many of its Network Attached Storage (NAS) devices are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution. [...] | |||
|
2022-06-21 18:43:00 | Yodel parcel company confirms cyberattack is disrupting delivery (lien direct) | Services for the U.K.-based Yodel delivery service company have been disrupted due to a cyberattack that caused delays in parcel distribution and tracking orders online. [...] | |||
|
2022-06-21 17:46:17 | 7-zip now supports Windows \'Mark-of-the-Web\' security feature (lien direct) | 7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. [...] | |||
|
2022-06-21 15:34:44 | Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware (lien direct) | The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. [...] | Malware Vulnerability | ||
|
2022-06-21 14:44:06 | Adobe Acrobat may block antivirus tools from monitoring PDF files (lien direct) | Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. [...] | Tool | ||
|
2022-06-21 12:50:13 | Phishing gang behind millions in losses dismantled by police (lien direct) | Members of a phishing gang behind millions of euros in losses were arrested today following a law enforcement operation coordinated by the Europol. [...] | |||
|
2022-06-21 09:19:33 | Massive Cloudflare outage caused by network configuration error (lien direct) | Cloudflare says a massive outage that affected more than a dozen of its data centers and hundreds of major online platforms and services today was caused by a change that should have increased network resilience. [...] | |||
|
2022-06-21 08:08:53 | Microsoft 365 outage affects Microsoft Teams and Exchange Online (lien direct) | An ongoing outage is affecting multiple Microsoft 365 services, with customers worldwide reporting delays, sign-in failures, and issues accessing their accounts. [...] | |||
|
2022-06-21 07:46:03 | (Déjà vu) Microsoft Exchange servers hacked by new ToddyCat APT gang (lien direct) | An advanced persistent threat (APT) group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. [...] | Threat | ||
|
2022-06-21 07:46:03 | (Déjà vu) New ToddyCat APT group targets Exchange servers in Asia, Europe (lien direct) | An advanced persistent threat (APT) group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. [...] | Threat | ||
|
2022-06-21 07:20:08 | Icefall: 56 flaws impact thousands of exposed industrial devices (lien direct) | A security report has been published on a set of 56 vulnerabilities that are collectively called Icefall and affect operational technology (OT) equipment used in various critical infrastructure environments. [...] | |||
|
2022-06-20 17:30:50 | Windows emergency update fixes Microsoft 365 issues on Arm devices (lien direct) | Microsoft has released an out-of-band (OOB) Windows update to address a known issue that would cause Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after installing the June 2022 Patch Tuesday updates. [...] | |||
|
2022-06-20 16:35:20 | New DFSCoerce NTLM Relay attack allows Windows domain takeover (lien direct) | A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely take over a Windows domain. [...] | |||
|
2022-06-20 14:20:34 | Recent Windows Server updates break VPN, RDP, RRAS connections (lien direct) | This month's Windows Server updates are causing a wide range of issues for administrators, including VPN and RDP connectivity problems on servers with Routing and Remote Access Service (RRAS) enabled. [...] | |||
|
2022-06-20 12:57:31 | Flagstar Bank discloses data breach impacting 1.5 million customers (lien direct) | Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. [...] | Data Breach | ||
|
2022-06-20 11:25:52 | Windows 10 and Windows 11 downloads blocked in Russia (lien direct) | People in Russia can no longer download Windows 10 and Windows 11 ISOs and installation tools from Microsoft, with no reason for the block provided by the company. [...] | Tool | ||
|
2022-06-20 11:02:45 | New \'BidenCash\' site sells your stolen credit card for just 15 cents (lien direct) | A recently launched carding site called 'BidenCash' is trying to get notoriety by leaking credit card details along with information about their owners. [...] | |||
|
2022-06-20 10:06:59 | Microsoft 365 credentials targeted in new fake voicemail campaign (lien direct) | A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. [...] | |||
|
2022-06-19 13:59:10 | Google Chrome extensions can be fingerprinted to track you online (lien direct) | A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. [...] | ★★★★★ | ||
|
2022-06-19 10:15:23 | Android-wiping BRATA malware is evolving into a persistent threat (lien direct) | The threat actors operating the BRATA banking trojan have evolved their tactics and incorporated new information-stealing features into their malware. [...] | Malware Threat | ★★★ | |
|
2022-06-18 13:06:03 | QNAP NAS devices targeted by surge of eCh0raix ransomware attacks (lien direct) | This week a new series of ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage (NAS) devices according to user reports and sample submissions on the ID-Ransomware platform. [...] | Ransomware | ★★★★ | |
|
2022-06-18 11:50:22 | (Déjà vu) Chrome browser extension lets you remove specific sites from search results (lien direct) | The uBlackList browser extension lets you clean up search results by removing specific sites when searching on Google, DuckDuckGo, Bing, and other search engines. [...] | |||
|
2022-06-18 11:50:22 | (Déjà vu) This browser extension lets you remove specific sites from search results (lien direct) | The uBlackList browser extension lets you clean up search results by removing specific sites when searching on Google, DuckDuckGo, Bing, and other search engines. [...] | ★★ | ||
|
2022-06-18 11:50:22 | Browser extension lets you remove specific sites from search results (lien direct) | The uBlackList browser extension lets you clean up search results by removing specific sites when searching on Google, DuckDuckGo, Bing, and other search engines. [...] | |||
|
2022-06-18 10:06:03 | (Déjà vu) New phishing attack infects devices with Cobalt Strike (lien direct) | Security researchers have noticed a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. [...] | Spam Malware | ★★★ | |
|
2022-06-18 10:06:03 | Wave of \'Matanbuchus\' spam is infecting devices with Cobalt Strike (lien direct) | Security researchers have noticed a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. [...] | Spam Malware | ||
|
2022-06-17 17:11:05 | The Week in Ransomware - June 17th 2022 - Have I Been Ransomed? (lien direct) | Ransomware operations are constantly evolving their tactics to pressure victims to pay. For example, this week, we saw a new extortion tactic come into play with the creation of dedicated websites to extort victims with searchable data. [...] | Ransomware | ||
|
2022-06-17 15:19:36 | June Windows updates break Microsoft 365 sign-ins on Arm devices (lien direct) | Microsoft is investigating a new known issue causing Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after deploying the June 2022 Windows updates. [...] | |||
|
2022-06-17 13:13:08 | Cisco says it won\'t fix zero-day RCE in end-of-life VPN routers (lien direct) | Cisco advises owners of end-of-life Small Business RV routers to upgrade to newer models after disclosing a remote code execution vulnerability that will not be patched. [...] | Vulnerability | ||
|
2022-06-17 12:22:37 | (Déjà vu) New Windows 11 privacy feature lists apps that used your microphone, camera (lien direct) | Microsoft has recently added a new privacy feature that allows Windows 11 users to get a list of all the apps that have recently accessed their sensitive info and devices, including their camera, microphone, and contacts. [...] | |||
|
2022-06-17 12:22:37 | Windows 11 now lists apps that accessed your microphone, camera (lien direct) | Microsoft has recently added a new privacy feature that allows Windows 11 users to get a list of all the apps that have recently accessed their sensitive info and devices, including their camera, microphone, and contacts. [...] | |||
|
2022-06-17 10:17:19 | Russian RSocks botnet disrupted after hacking millions of devices (lien direct) | The U.S. Department of Justice has announced the disruption of the Russian RSocks malware botnet used to hijack millions of computers, Android smartphones, and IoT (Internet of Things) devices worldwide for use as proxy servers. [...] | Malware | ||
|
2022-06-17 05:52:36 | QNAP \'thoroughly investigating\' new DeadBolt ransomware attacks (lien direct) | Network-attached storage (NAS) vendor QNAP once again warned customers on Friday to secure their devices against a new campaign of attacks pushing DeadBolt ransomware. [...] | Ransomware | ||
|
2022-06-17 05:10:28 | Microsoft: June Windows updates may break Wi-Fi hotspots (lien direct) | Microsoft is investigating a newly acknowledged issue causing connectivity issues when using Wi-Fi hotspots after deploying Windows updates released during the June 2022 Patch Tuesday. [...] | |||
|
2022-06-16 18:23:46 | Sophos Firewall zero-day bug exploited weeks before fix (lien direct) | Chinese hackers used a zero-day exploit for a critical-severity vulnerability in Sophos Firewall to compromise a company and breach cloud-hosted web servers operated by the victim. [...] | Vulnerability | ||
|
2022-06-16 17:51:33 | iCloud hacker gets 9 years in prison for stealing nude photos (lien direct) | A California man who hacked thousands of Apple iCloud accounts was sentenced to 8 years in prison after pleading guilty to conspiracy and computer fraud in October 2021. [...] | Guideline | ||
|
2022-06-16 15:43:57 | New MaliBot Android banking malware spreads as a crypto miner (lien direct) | Threat analysts have discovered a new Android malware strain named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain. [...] | Malware Threat | ||
|
2022-06-16 14:58:32 | 730K WordPress sites force-updated to patch critical plugin bug (lien direct) | WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated en masse this week to a new build that addresses a critical security vulnerability likely exploited in the wild. [...] | Vulnerability | ||
|
2022-06-16 13:38:22 | Anker Eufy smart home hubs exposed to RCE attacks by critical flaw (lien direct) | Anker's central smart home device hub, Eufy Homebase 2, was vulnerable to three vulnerabilities, one of which is a critical remote code execution (RCE) flaw. [...] | |||
|
2022-06-16 11:14:24 | New cloud-based Microsoft Defender for home now generally available (lien direct) | Microsoft has announced today the general availability of Microsoft Defender for individuals, the company's new security solution for personal phones and computers. [...] | |||
|
2022-06-16 10:19:12 | MetaMask, Phantom warn of flaw that could steal your crypto wallets (lien direct) | MetaMask and Phantom are warning of a new 'Demonic' vulnerability that could expose a crypto wallet's secret recovery phrase, allowing attackers to steal NFTs and cryptocurrency stored within it. [...] | Vulnerability | ★★★ | |
|
2022-06-16 10:02:01 | Revisit Your Password Policies to Retain PCI Compliance (lien direct) | Organizations that are subject to the PCI regulations must carefully consider how best to address these new requirements. Some of the requirements are relatively easy to address. Even so, some of the new requirements go beyond what Windows native security mechanisms are capable of. Here is what you need to know. [...] | |||
|
2022-06-16 06:07:20 | Microsoft Office 365 feature can help cloud ransomware attacks (lien direct) | Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage. [...] | Ransomware Threat | ||
|
2022-06-15 15:05:10 | Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike (lien direct) | The threat actor known as 'Blue Mockingbird' has been observed by analysts targeting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. [...] | Threat | ||
|
2022-06-15 14:24:33 | Cisco Secure Email bug can let attackers bypass authentication (lien direct) | Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. [...] | Vulnerability | ||
|
2022-06-15 14:01:42 | Zimbra bug allows stealing email logins with no user interaction (lien direct) | Zimbra and SonarSource proceeded to the coordinated disclosure of a high-severity vulnerability that allows unauthenticated attackers to steal cleartext credentials from Zimbra without any user interaction. [...] | Vulnerability | ||
|
2022-06-15 12:28:27 | Extortion gang ransoms Shoprite, largest supermarket chain in Africa (lien direct) | Shoprite Holdings, Africa's largest supermarket chain that operates almost three thousand stores across twelve countries in the continent, has been hit by a ransomware attack. [...] | Ransomware | ||
|
2022-06-15 11:56:04 | Microsoft: Windows update to permanently disable Internet Explorer (lien direct) | Microsoft confirmed today that a future Windows update will permanently disable the Internet Explorer web browser on users' systems. [...] | |||
|
2022-06-15 10:46:21 | Citrix warns critical bug can let attackers reset admin passwords (lien direct) | Citrix warned customers to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. [...] | Vulnerability |
To see everything:
Our RSS (filtrered)
