What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-10 07:57:06 | Emotet malware gang re-emerges with Chrome-based credit card heistware (lien direct) | Crimeware groups are re-inventing themselves The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.… | Malware | ||
|
2022-06-10 04:58:05 | Chinese \'Aoqin Dragon\' gang runs undetected ten-year espionage spree (lien direct) | Researcher spots it targeting Asian government and telco targets, probably with Beijing's approval Threat researcher Joey Chen of Sentinel Labs says he's spotted a decade worth of cyber attacks he's happy to attribute to a single Chinese gang.… | |||
|
2022-06-09 11:45:09 | Symantec: More malware operators moving in to exploit Follina (lien direct) | Meanwhile Microsoft still hasn't patched the fatal flaw While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.… | Malware Vulnerability | ||
|
2022-06-09 02:30:12 | Supply chain attacks will get worse: Microsoft Security Response Center boss (lien direct) | Do you know all of your software dependencies? Spoiler alert: hardly anybody is on top of it RSA Conference Major supply-chain attacks of recent years – we're talking about SolarWinds, Kaseya and Log4j to name a few – are "just the tip of the iceberg at this point," according to Aanchal Gupta, who leads Microsoft's Security Response Center.… | Guideline | ★★★★★ | |
|
2022-06-09 00:29:36 | Now Windows Follina zero-day exploited to infect PCs with Qbot (lien direct) | Data-stealing malware also paired with Black Basta ransomware gang Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach.… | Ransomware Malware | ||
|
2022-06-08 07:56:06 | Beijing-backed baddies target unpatched networking kit to attack telcos (lien direct) | NSA, FBI and CISA issue joint advisory that suggests China hardly has to work for this – flaws revealed in 2017 are among their entry points State-sponsored Chinese attackers are actively exploiting old vulnerabilities to "establish a broad network of compromised infrastructure" then using it to attack telcos and network services providers.… | |||
|
2022-06-08 05:15:07 | Ukraine\'s secret cyber-defense that blunts Russian attacks: excellent backups (lien direct) | This is why the Viasat attack – rated one of the biggest ever – had little impact RSA Conference The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was "one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare," according to Dmitri Alperovitch, a co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator.… | |||
|
2022-06-07 01:30:09 | IBM buys Randori to address multicloud security messes (lien direct) | Big Blue joins the hot market for infosec investment RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.… | |||
|
2022-06-04 07:49:05 | Feeling highly stressed about your job? You must be a CISO (lien direct) | 'The attack surface has expanded exponentially' during the work-from-home pandemic, says one Almost all cybersecurity professionals are stressed, and nearly half (46 percent) have considered leaving the industry altogether, according to a DeepInstinct survey.… | |||
|
2022-06-03 22:55:42 | Even Russia\'s Evil Corp now favors software-as-a-service (lien direct) | Albeit to avoid US sanctions hitting it in the wallet The Russian-based Evil Corp is jumping from one malware strain to another in hopes of evading sanctions placed on it by the US government in 2019.… | Malware | ||
|
2022-06-03 12:30:11 | Clipminer rakes in $1.7m in crypto hijacking scam (lien direct) | Crooks divert transactions to own wallets while running mining on the side A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.… | Malware | ||
|
2022-06-03 11:03:13 | Healthcare organizations face rising ransomware attacks – and are paying up (lien direct) | Via their insurance companies, natch Healthcare organizations, already an attractive target for ransomware given the highly sensitive data they hold, saw such attacks almost double between 2020 and 2021, according to a survey released this week by Sophos.… | Ransomware | ||
|
2022-06-03 00:28:07 | Atlassian: Unpatched critical flaw under attack right now to hijack Confluence (lien direct) | One suggested option: Turn the thing off until it can be fixed Atlassian has warned users of its Confluence collaboration tool that they should either restrict internet access to the software, or disable it, in light of a critical-rated unauthenticated remote-code-execution flaw in the product that is actively under attack.… | Tool | ||
|
2022-06-02 08:03:13 | Super-spreader FluBot squashed by Europol (lien direct) | Your package is delayed. Click this innocent-looking link to reschedule FluBot, the super-spreader Android malware that infected tens of thousands of phones globally, has been reportedly squashed by an international law enforcement operation.… | Malware | ||
|
2022-06-02 07:01:05 | Murena and /e/ Foundation launch privacy-centric smartphones (lien direct) | De-Googled Android phone does the job, has a few rough edges First Look The /e/ Foundation's de-Googled version of Android 10 has reached the market in a range of smartphones aimed at the privacy-conscious.… | |||
|
2022-06-01 10:02:09 | Watch out for phishing emails that inject spyware trio (lien direct) | You wait for one infection and then three come along at once An emailed report seemingly about a payment will, when opened in Excel on a Windows system, attempt to inject three pieces of file-less malware that steal sensitive information.… | Malware | ||
|
2022-06-01 06:59:07 | Reg hack attends holographic WebEx meeting, blows away Zoom fatigue (lien direct) | Far from the finished product and not obviously a game-changer, but intriguing nonetheless In October 2021, Cisco announced WebEx Hologram – an augmented reality meeting experience that promised "photorealistic, real-time holograms of actual people" and the chance to "share physical and digital content".… | Hack | ||
|
2022-06-01 03:47:40 | EnemyBot malware adds enterprise flaws to exploit arsenal (lien direct) | Fast-evolving botnet targets critical VMware, F5 BIG-IP bugs, we're told The botnet malware EnemyBot has added exploits to its arsenal, allowing it to infect and spread from enterprise-grade gear.… | Malware | ||
|
2022-05-30 23:31:06 | Australian digital driving licenses can be defaced in minutes (lien direct) | Brute force attack leaves the license wide open for undetectable alteration, but back end data remains unchanged An Australian digital driver's license (DDL) implementation that officials claimed is more secure than a physical license has been shown to easily defaced, but authorities insist the credential remains secure.… | |||
|
2022-05-29 23:36:13 | Ransomware attack sends US county back to 1977 (lien direct) | Also: Uni details its malware-catching AI, signs of China poking the Russian cyber-bear, and more In brief Somerset County, New Jersey, was hit by a ransomware attack this week that hobbled its ability to conduct business, and also cut off access to essential data.… | Ransomware | ||
|
2022-05-27 11:26:09 | This Windows malware uses PowerShell to inject malicious extension into Chrome (lien direct) | And that's a bit odd, says Red Canary A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.… | Malware | ||
|
2022-05-27 07:33:14 | Let\'s play everyone\'s favorite game: REvil? Or Not REvil? (lien direct) | Another day, another DDoS attack that tries to scare the victim into paying up with mention of dreaded gang Akamai has spoken of a distributed denial of service (DDoS) assault against one of its customers during which the attackers astonishingly claimed to be associated with REvil, the notorious ransomware-as-a-service gang.… | |||
|
2022-05-25 15:41:06 | Vehicle owner data exposed in GM credential stuffing attack (lien direct) | Car manufacturer says bad actors used stolen credentials to break into GM owner accounts Car manufacturer General Motors has confirmed the credential stuffing attack it suffered last month exposed customers' names, personal email addresses, and destination data, as well as usernames and phone numbers for family members tied to customer accounts.… | |||
|
2022-05-24 21:33:21 | Patch now: Zoom chat messages can infect PCs, Macs, phones with malware (lien direct) | Google Project Zero blows lid off bug involving that old chestnut: XML parsing Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.… | Malware | ||
|
2022-05-24 10:04:08 | It\'s 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017 (lien direct) | Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.… | Malware Vulnerability | ||
|
2022-05-23 21:31:37 | Zuckerberg sued for alleged role in Cambridge Analytica data-slurp scandal (lien direct) | I can prove CEO was 'personally involved in Facebook's failure to protect privacy', DC AG insists Cambridge Analytica is back to haunt Mark Zuckerberg: Washington DC's Attorney General filed a lawsuit today directly accusing the Meta CEO of personal involvement in the abuses that led to the data-slurping scandal. … | ★★★ | ||
|
2022-05-23 12:41:06 | Upgrading to Android 12.1 ... in Windows 11: Telemetry disabled by default (lien direct) | Dev Channel Insiders get Windows Subsystem for Android updates Microsoft is continuing to lavish love on Android for Windows with an update to Android 12.1 that disables telemetry by default, although, as Microsoft notes, "this update may cause some apps to fail to launch."… | |||
|
2022-05-23 06:57:13 | Microsoft sounds the alarm on - wait for it - a Linux botnet (lien direct) | Redmond claims the numbers are scary, but won't release them Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers.… | Malware | ||
|
2022-05-22 11:01:13 | Deepfake attacks can easily trick live facial recognition systems online (lien direct) | Plus: Next PyTorch release will support Apple GPUs so devs can train neural networks on their own laptops In brief Miscreants can easily steal someone else's identity by tricking live facial recognition software using deepfakes, according to a new report.… | |||
|
2022-05-21 11:01:09 | Conti: Russian-backed rulers of Costa Rican hacktocracy? (lien direct) | Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. … | Ransomware | ||
|
2022-05-18 21:01:02 | Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware (lien direct) | Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D Analysis Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.… | Malware | ||
|
2022-05-18 18:47:53 | How these crooks backdoor online shops and siphon victims\' credit card info (lien direct) | FBI and co blow lid off latest PHP tampering scam The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.… | |||
|
2022-05-18 09:45:06 | Microsoft warns partners to revoke unused authorizations that drive your software (lien direct) | June debut of zero trust GDAP tool should make it harder for crims to attack through MSPs and resellers Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at making it harder for attackers to worm their way into your systems through partners.… | Tool | ||
|
2022-05-18 09:00:07 | State of internet crime in Q1 2022: Bot traffic on the rise, and more (lien direct) | According to this cybersecurity outfit that wants your business, anyway The fraud industry, in some respects, grew in the first quarter of the year, with crooks putting more human resources into some attacks while increasingly relying on bots to carry out things like credential stuffing and fake account creation.… | |||
|
2022-05-18 08:17:50 | Surf the web from your parked Renault: Vivaldi comes to OpenR (lien direct) | French frolics for Chromium browser on Android Automotive Browser-maker Vivaldi has added Renault to the list of users for the Android Automotive OS version of its eponymous web renderer.… | |||
|
2022-05-18 07:27:05 | Monero-mining botnet targets Windows, Linux web servers (lien direct) | Sysrv-K malware infects unpatched tin, Microsoft warns The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.… | Malware | ||
|
2022-05-16 10:36:07 | San Francisco police use driverless cars for surveillance (lien direct) | Plus: Tech giants commit $30m to open-source security, miscreants breach DEA portal, and US signs cybercrime treaty In brief San Francisco police have been using driverless cars for surveillance to assist in law enforcement investigations.… | |||
|
2022-05-13 22:16:23 | Ukrainian crook jailed in US for selling thousands of stolen login credentials (lien direct) | Touting info on 6,700 compromised systems will get you four years behind bars A Ukrainian man has been sentenced to four years in a US federal prison for selling on a dark-web marketplace stolen login credentials for more than 6,700 compromised servers.… | |||
|
2022-05-13 14:11:10 | Most organizations hit by ransomware would pay up if hit again (lien direct) | Nine out of ten organizations would do it all over again, keeping attackers in business Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack.… | Ransomware | ||
|
2016-08-12 03:25:16 | Business users force Microsoft to back off Windows 10 PC kill plan (lien direct) | No description | |||
|
2016-08-11 06:27:08 | McAfee outs malware dev firm with scores of Download.com installs (lien direct) | No description | |||
|
2016-08-11 01:02:43 | Cisco gives cable industry tech for 10Gbps <i>uploads</i> on DOC (lien direct) | No description | |||
|
2016-08-10 06:56:05 | Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea (lien direct) | No description | |||
|
2016-08-05 08:57:06 | Quip away, but Microsoft Excel 365\'s REST APIs win the day (lien direct) | No description | |||
|
2016-08-05 01:01:44 | Microsoft extends bug bounty to cover Edge remote code exec (lien direct) | No description | |||
|
2016-08-04 09:54:06 | Microsoft has stopped cutting sales fees for resellers? Yep (lien direct) | No description | |||
|
2016-08-04 04:58:06 | Microsoft adds new \'Enterprise Products\' section to privacy policy (lien direct) | No description | |||
|
2016-08-04 01:19:48 | Microsoft boosts PKI, ISO certs to harden Azure cloud (lien direct) | No description | |||
|
2016-08-03 03:46:11 | Microsoft adds PSTN business Skyping in Australia (lien direct) | No description | |||
|
2016-08-03 00:49:13 | Microsoft takes five months to replace broken patch (lien direct) | No description |
To see everything:
Our RSS (filtrered)
