What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-13 08:21:09 | Verizon digital carrier Visible customer accounts were hacked (lien direct) | Visible, a US digital wireless carrier owned by Verizon, admitted that some customer accounts were hacked after dealing with technical problems in the past couple of days. [...] | |||
|
2021-10-13 07:17:23 | (Déjà vu) OpenSea NFT platform bugs let hackers steal crypto wallets (lien direct) | Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. [...] | |||
|
2021-10-13 07:17:23 | OpenSea NFT platform bugs let hackers steal crypto wallets ? (lien direct) | Security researchers found that an attacker could leave OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art. [...] | |||
|
2021-10-13 06:56:43 | Russia and China left out of global anti-ransomware meetings (lien direct) | The White House National Security Council facilitates virtual meetings this week with senior officials and ministers from more than 30 countries in a virtual international counter-ransomware event to rally allies in the fight against the ransomware threat. [...] | Ransomware | ||
|
2021-10-13 04:32:29 | OVH hosting provider goes down during planned maintenance (lien direct) | OVH, the largest hosting provider in Europe and the third-largest in the world, went down earlier today following what looks like routing configuration issues during a planned maintenance. [...] | |||
|
2021-10-12 18:34:27 | Dutch police send warning letters to DDoS booter customers (lien direct) | Dutch authorities gave a final warning to more than a dozen customers of a distributed denial-of-service (DDoS) website, letting them know that continued cyber offenses lead to prosecution. [...] | Guideline | ||
|
2021-10-12 14:04:19 | Windows 11 KB5006674 update released with compatibility fixes (lien direct) | Microsoft has released the Windows 11 KB5006674 cumulative update, marking it as the first update for the new operating system since it has been released to the public channel. [...] | |||
|
2021-10-12 14:01:37 | Chinese hackers use Windows zero-day to attack defense, IT firms (lien direct) | A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT). [...] | Vulnerability | ||
|
2021-10-12 13:50:25 | PyPI removes \'mitmproxy2\' over code execution concerns (lien direct) | The PyPI repository has removed a Python package called 'mitmproxy2' that was an identical copy of the official "mitmproxy" library, but with an "artificially introduced" code execution vulnerability. The 'mitmproxy' Python package is a free and open-source interactive HTTPS proxy [...] | |||
|
2021-10-12 13:40:58 | Windows 10 updates KB5006670 & KB5006667 released (lien direct) | The October 2021 Patch update is now rolling out and Microsoft has published cumulative updates KB5006670 and KB5005566 for recent versions of Windows 10. [...] | |||
|
2021-10-12 13:31:12 | (Déjà vu) Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws (lien direct) | Today is Microsoft's October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. [...] | |||
|
2021-10-12 12:22:01 | Phishing campaign uses math symbols to evade detection (lien direct) | Phishing actors are now using mathematical symbols on impersonated company logos to evade detection from anti-phishing systems. [...] | |||
|
2021-10-12 11:58:42 | FreakOut botnet now attacks vulnerable video DVR devices (lien direct) | A new update to the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet has added a recently published PoC exploit for Visual Tools DVR in its arsenal to further aid in breaching systems. [...] | |||
|
2021-10-12 11:12:52 | Cyberattack shuts down Ecuador\'s largest bank, Banco Pichincha (lien direct) | Ecuador's largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline. [...] | |||
|
2021-10-12 09:34:41 | Study reveals Android phones constantly snoop on their users (lien direct) | A new study by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones. [...] | |||
|
2021-10-12 08:43:47 | SnapMC hackers skip file encryption and just steal your files (lien direct) | A new actor tracked as SnapMC has emerged in the cybercrime space, performing the typical data-stealing extortion that underpins ransomware operations, but without doing any file encryption. [...] | Ransomware | ||
|
2021-10-12 08:00:00 | Microsoft revokes insecure SSH keys for Azure DevOps customers (lien direct) | Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of its dependencies. [...] | |||
|
2021-10-12 07:46:19 | Olympus US systems hit by cyberattack over the weekend (lien direct) | Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada and Latin America) following a cyberattack that hit its network Sunday, on October 10, 2021. [...] | Guideline | ||
|
2021-10-12 04:30:00 | Microsoft: Azure customer hit by record DDoS attack in August (lien direct) | Microsoft has mitigated a record 2.4 Tbps (terabytes per second) Distributed Denial-of-Service (DDoS) attack targeting an European Azure customer during the last week of August. [...] | |||
|
2021-10-12 04:13:49 | Photo editor Android app STILL sitting on Google Play store is malware (lien direct) | An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information. The app has scored over 5K installs, with similar spyware apps having 500K+ installs. [...] | Malware | ||
|
2021-10-12 02:23:00 | NSA warns of wildcard certificate risks, provides mitigations (lien direct) | The U.S. National Security Agency (NSA) is warning of the dangers stemming from the use of broadly-scoped certificates to authenticate multiple servers in an organization. These include a recently disclosed ALPACA technique that could be used for various traffic redirect attacks. [...] | |||
|
2021-10-11 18:17:19 | Brother printers may not work in Windows 11 if connected via USB (lien direct) | Brother is warning that many of their printers may no longer work or display errors when using a USB connection in Windows 11. [...] | |||
|
2021-10-11 16:12:04 | GitHub revokes duplicate SSH auth keys linked to library bug (lien direct) | GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. [...] | |||
|
2021-10-11 14:48:18 | Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks (lien direct) | Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. [...] | Vulnerability | ||
|
2021-10-11 12:47:36 | LibreOffice, OpenOffice bug allows hackers to spoof signed docs (lien direct) | LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. [...] | Vulnerability | ||
|
2021-10-11 11:52:27 | Microsoft: Iran-linked hackers target US defense tech companies (lien direct) | Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. [...] | Threat | ||
|
2021-10-11 10:44:41 | Huawei Cloud targeted by updated cryptomining malware (lien direct) | A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...] | Malware | ||
|
2021-10-11 09:10:00 | Ukrainian police arrest DDoS operator controlling 100,000 bots (lien direct) | Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers. [...] | |||
|
2021-10-11 09:00:00 | Microsoft Defender for Identity to detect Windows Bronze Bit attacks (lien direct) | Microsoft is working on adding support for Bronze Bit attacks detection to Microsoft Defender for Identity to make it easier for Security Operations teams to detect attempts to abuse a Windows Kerberos bug tracked as CVE-2020-17049. [...] | |||
|
2021-10-11 08:00:00 | Nuclear engineer\'s espionage plans unraveled by undercover FBI agent (lien direct) | A Navy nuclear engineer and his wife were arrested under espionage-related charges alleging violations of the Atomic Energy Act after selling restricted nuclear-powered warship design data to a person they believed was a foreign power agent. [...] | |||
|
2021-10-11 05:18:44 | Pacific City Bank discloses ransomware attack claimed by AvosLocker (lien direct) | Pacific City Bank (PCB), one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. [...] | Ransomware | ||
|
2021-10-11 03:55:34 | Windows 11 incompatible with apps using non-ASCII registry keys (lien direct) | Microsoft is blocking Windows 11 upgrades if customers use applications that create registry keys using some non-ASCII characters. [...] | |||
|
2021-10-10 18:11:57 | Customize your Windows 11 experience with these free apps (lien direct) | Windows 11 is now available for devices with supported hardware features. If you've already upgraded to Windows 11 and you're looking for some great apps for your Windows 11 device, here's a list of the interesting open-source and free apps currently available in the marketplace. [...] | |||
|
2021-10-10 13:16:30 | FontOnLake malware infects Linux systems via trojanized utilities (lien direct) | A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] | Malware Threat | ||
|
2021-10-10 10:07:14 | Amnesty International links cybersecurity firm to spyware operation (lien direct) | A report by Amnesty International links an Indian cybersecurity company to an Android spyware program used to target prominent activists. [...] | |||
|
2021-10-09 12:08:16 | Bank of America insider charged with money laundering for BEC scams (lien direct) | The U.S. District Court for the Eastern District of Virginia has charged three men with money laundering and aggravated identity theft after allegedly conducting a business email compromise (BEC) scheme. [...] | |||
|
2021-10-09 11:05:10 | Microsoft adds tamper protection to Windows 11 security baseline (lien direct) | Microsoft has released the final version of its security configuration baseline settings for Windows 11, downloadable today using the Microsoft Security Compliance Toolkit. [...] | |||
|
2021-10-09 10:11:11 | Windows 11: Microsoft is investigating these eight problems (lien direct) | Windows 11 is officially released, and users are running into various issues and problems preventing them from upgrading or using the new operating system correctly. Below we have collected eight known issues affecting Windows 11 and when they are expected to be fixed. [...] | |||
|
2021-10-08 17:44:49 | The Week in Ransomware - October 8th 2021 - Making arrrests (lien direct) | This week's big news is the arrests of two ransomware operators in Ukraine responsible for hundreds of attacks targeting organizations worldwide. [...] | Ransomware | ||
|
2021-10-08 15:59:12 | Cox Media Group confirms ransomware attack that took down broadcasts (lien direct) | American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. [...] | Ransomware | ||
|
2021-10-08 13:16:44 | Intuit warns QuickBooks customers of ongoing phishing attacks (lien direct) | Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges. [...] | |||
|
2021-10-08 10:58:22 | Twitch game page backgrounds defaced with Jeff Bezos\' face (lien direct) | On Twitch's website's game pages today appeared a close up of Jeff Bezos' face, in what appears to be a mysterious defacement attack. [...] | |||
|
2021-10-08 10:40:49 | Russian orgs heavily targeted by smaller tier ransomware gangs (lien direct) | Even though American and European companies enjoy the lion's share in ransomware attacks launched from Russian ground, companies in the country aren't spared from having to deal with file encryption and double-extortion troubles. [...] | Ransomware | ||
|
2021-10-08 09:23:40 | Mozilla upgrades older Thunderbird clients to the latest version (lien direct) | Mozilla is rolling out a forced upgrade for Thunderbird 78.x users, getting everyone aboard version 91, the latest stable release that came out in August. [...] | |||
|
2021-10-08 08:20:41 | Engineering giant Weir Group hit by ransomware attack (lien direct) | Scottish multinational engineering firm Weir Group has disclosed by what it called an "attempted ransomware attack" that led to "significant temporary disruption" in the second half of September. [...] | Ransomware | ||
|
2021-10-08 07:04:51 | Microsoft: Russian state hackers behind 53% of attacks on US govt agencies (lien direct) | Microsoft says that Russian-sponsored hacking groups are increasingly targeting US government agencies, with roughly 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 coming from Russia. [...] | |||
|
2021-10-08 03:45:34 | BrewDog exposed data for over 200,000 shareholders and customers (lien direct) | BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers. [...] | |||
|
2021-10-07 19:38:57 | Google warns 14,000 Gmail users targeted by Russian hackers (lien direct) | Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. [...] | Threat | APT 28 | |
|
2021-10-07 18:32:00 | Microsoft is disabling Excel 4.0 macros by default to protect users (lien direct) | Microsoft will soon begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants to protect customers from malicious documents. [...] | |||
|
2021-10-07 16:35:35 | Apache emergency update fixes incomplete patch for exploited bug (lien direct) | Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. [...] |
To see everything:
