Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-23 13:31:33 |
Apple sues spyware-maker NSO Group, notifies iOS exploit targets (lien direct) |
Apple has filed a lawsuit against Pegasus spyware-maker NSO Group and its parent company for the targeting and spying of Apple users with surveillance tech. [...] |
|
|
|
|
2021-11-23 13:05:13 |
Researchers warn of severe risks from \'Printjack\' printer attacks (lien direct) |
A team of Italian researchers has compiled a set of three attacks called 'Printjack,' warning users of the significant consequences of over-trusting their printer. [...] |
|
|
|
|
2021-11-23 12:09:55 |
Microsoft Edge adds Super Duper Secure Mode to Stable channel (lien direct) |
Microsoft has quietly added a 'Super Duper Secure Mode' to the Microsoft Edge web browser, a new feature that brings security improvements without significant performance losses. [...] |
|
|
|
|
2021-11-23 11:00:29 |
Over nine million Android devices infected by info-stealing trojan (lien direct) |
A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps [...] |
Malware
|
|
|
|
2021-11-23 10:38:06 |
Hackers target biomanufacturing with stealthy Tardigrade malware (lien direct) |
An advanced hacking group is actively targeting biomanufacturing facilities with a new custom malware called 'Tardigrade.' [...] |
Malware
|
|
|
|
2021-11-23 10:38:06 |
Tardigrade hackers target big pharma vaccine makers with stealthy malware (lien direct) |
An advanced hacking group known as 'Tardigrade' is targeting biomanufacturing facilities and research centers working on vaccines and critical medicines. [...] |
Malware
|
|
|
|
2021-11-22 18:49:37 |
(Déjà vu) Windows 11 KB5007262 Cumulative Update Preview Released (lien direct) |
Microsoft has released the optional KB5007262 Preview cumulative update for Windows 11 with 70 fixes or improvements. [...] |
|
|
|
|
2021-11-22 17:40:37 |
New Windows zero-day with public exploit lets you become an admin (lien direct) |
A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server. [...] |
Vulnerability
|
|
|
|
2021-11-22 17:04:40 |
Exploit released for Microsoft Exchange RCE bug, patch now (lien direct) |
Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers. [...] |
Vulnerability
|
|
|
|
2021-11-22 15:05:16 |
UK govt warns thousands of SMBs their online stores were hacked (lien direct) |
The UK's National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal the payment info of customers. [...] |
|
|
|
|
2021-11-22 13:45:00 |
US govt warns of increased ransomware risks during holidays (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season. [...] |
Ransomware
|
|
|
|
2021-11-22 13:30:13 |
Hackers hit Iran\'s Mahan airline, claim confidential data theft (lien direct) |
One of Iran's largest privately-owned airlines, Mahan Air, has announced a cybersecurity incident that has resulted in its website going offline and potentially data loss. [...] |
|
|
|
|
2021-11-22 12:34:18 |
Black Friday 2021 Deal: 60% off Malwarebytes Premium (lien direct) |
Malwarebytes's Black Friday deals are live with 60% off Malwarebytes Premium and 50% off the Malwarebytes Premium + Privacy. [...] |
|
|
|
|
2021-11-22 12:10:11 |
Biometric auth bypassed using fingerprint photo, printer, and glue (lien direct) |
Researchers demonstrated that fingerprints could be cloned for biometric authentication for as little as $5 without using any sophisticated or uncommon tools. [...] |
|
|
|
|
2021-11-22 11:43:08 |
GoDaddy hack causes data breach affecting 1.2 million customers (lien direct) |
GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment. [...] |
Data Breach
Hack
|
|
|
|
2021-11-22 09:56:39 |
Wind turbine giant Vestas data compromised in cyberattack (lien direct) |
Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack. [...] |
Guideline
|
|
|
|
2021-11-21 14:07:44 |
How to download a Windows 10 21H2 ISO from Microsoft (lien direct) |
Microsoft released Windows 10 21H2, the November 2021 Update, last week and you can now download an ISO image for the new version to put aside for emergencies or clean installs. [...] |
|
|
|
|
2021-11-21 10:00:00 |
US SEC warns investors of ongoing govt impersonation attacks (lien direct) |
The Securities and Exchange Commission (SEC) has warned US investors of scammers impersonating SEC officials in government impersonator schemes via phone calls, voicemails, emails, and letters. [...] |
|
|
|
|
2021-11-20 12:55:47 |
Microsoft Exchange servers hacked in internal reply-chain attacks (lien direct) |
Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...] |
Malware
Threat
|
|
|
|
2021-11-20 10:00:00 |
Microsoft: Office 365 will boost default protection for all users (lien direct) |
Microsoft is rolling out Built-In Protection to Defender for Office 365, a new feature that would automatically enable recommended settings and policies to make sure all new and existing users get at least a basic level of protection. [...] |
|
|
|
|
2021-11-19 19:19:16 |
The Week in Ransomware - November 19th 2021 - Targeting Conti (lien direct) |
While last week was full of arrests and law enforcement actions, this week has been much quieter, with mostly new research released. [...] |
Ransomware
|
|
|
|
2021-11-19 17:30:03 |
Some Tesla owners unable to unlock cars due to server errors (lien direct) |
Some Tesla owners worldwide are unable to unlock their cars or communicate with it using the app due to problems with the company's servers. [...] |
|
|
|
|
2021-11-19 14:05:11 |
(Déjà vu) Emotet botnet comeback orchestrated by Conti ransomware gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator, who was convinced by members of the Conti ransomware gang. [...] |
Ransomware
|
|
|
|
2021-11-19 14:05:11 |
Emotet botnet comeback hatched by ex-Ryuk member now part of Conti gang (lien direct) |
The Emotet botnet is back by popular demand, resurrected by its former operator convinced by ex-members of the Ryuk ransomware gang. [...] |
Ransomware
|
|
|
|
2021-11-19 13:54:57 |
New Windows 11 build fixes Microsoft Installer issue breaking apps (lien direct) |
Microsoft has fixed a recently confirmed Windows 11 issue in a newly released build for Windows Insiders in the Beta and Release Preview channels. [...] |
|
|
|
|
2021-11-19 11:32:16 |
Fake TSA PreCheck sites scam US travelers with fake renewals (lien direct) |
There has been a surge in reports of people getting scammed after visiting TSA PreCheck, Global Entry, and NEXUS application service sites, being charged $140 only to get nothing in return. [...] |
|
|
|
|
2021-11-19 10:49:19 |
Microsoft Authenticator gets new enterprise security features (lien direct) |
Microsoft has added new security features for Microsoft Authenticator users that further secure the app and make it easier to roll out in enterprise environments. [...] |
|
|
|
|
2021-11-19 10:35:08 |
Utah medical center hit by data breach affecting 582k patients (lien direct) |
Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed. [...] |
Data Breach
|
|
|
|
2021-11-19 09:57:57 |
Six million Sky routers exposed to takeover attacks for 17 months (lien direct) |
Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. [...] |
Vulnerability
|
|
|
|
2021-11-19 08:05:29 |
(Déjà vu) US regulators order banks to report cyberattacks within 36 hours (lien direct) |
US federal bank regulatory agencies have approved a new rule requiring banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. [...] |
|
|
|
|
2021-11-19 08:05:29 |
US regulators order banks to report cyberattacks within 3 days (lien direct) |
US federal bank regulatory agencies have approved a new rule requiring banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. [...] |
|
|
|
|
2021-11-19 06:36:10 |
Microsoft: Windows Installer breaks apps after updates, repairs (lien direct) |
Microsoft has confirmed a new known issue impacting client and server Windows versions that breaks apps after updating or repairing them using the Windows Installer (previously known as Microsoft Installer). [...] |
|
|
|
|
2021-11-18 16:19:09 |
Android malware BrazKing returns as a stealthier banking trojan (lien direct) |
The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. [...] |
Malware
|
|
|
|
2021-11-18 15:19:37 |
US indicts Iranian hackers for Proud Boys voter intimidation emails (lien direct) |
The U.S. Department of State is offering a $10 million reward for information about the activities of two Iranian nationals charged for cyber activity intended to "intimidate and influence" American voters during the 2020 U.S. presidential campaign. [...] |
|
|
|
|
2021-11-18 14:51:27 |
Winamp prepares a relaunch, new beta version almost ready (lien direct) |
Winamp is getting closer to release with a redesigned website, logo, and a new beta signup allowing users to soon test the upcoming version of the media player. [...] |
|
|
|
|
2021-11-18 13:28:32 |
(Déjà vu) Hackers deploy Linux malware, web skimmer on e-commerce servers (lien direct) |
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. [...] |
|
|
|
|
2021-11-18 13:28:32 |
Hackers deploy Linux malware, web skimmer on eCommerce servers (lien direct) |
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. [...] |
|
|
|
|
2021-11-18 11:57:31 |
Microsoft: Iranian state hackers increasingly target IT sector (lien direct) |
Microsoft says Iranian-backed hacking groups have increasingly attempted to compromise IT services companies this year to steal credentials they could use to breach the systems of downstream clients. [...] |
|
|
|
|
2021-11-18 11:42:58 |
New Memento ransomware switches to WinRar after failing at encryption (lien direct) |
A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software. [...] |
Ransomware
|
|
|
|
2021-11-18 11:07:32 |
Microsoft increases Windows 11 rollout pace to Windows 10 devices (lien direct) |
Microsoft has started rolling out the Windows 11 upgrade to more eligible Windows 10 devices faster after not detecting update experience issues during the first rollout phases. [...] |
|
|
|
|
2021-11-18 10:38:55 |
Glitch service abused to host short-lived phishing sites (lien direct) |
Phishing actors are now actively abusing the Glitch platform to host short-lived credential-stealing URLs for free while evading detection and takedowns. [...] |
|
|
|
|
2021-11-18 09:47:45 |
North Korean cyberspies target govt officials with custom malware (lien direct) |
A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. [...] |
Malware
Threat
|
|
|
|
2021-11-18 08:46:51 |
FBI warns of APT group exploiting FatPipe VPN zero-day since May (lien direct) |
The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets' networks. [...] |
Threat
|
|
|
|
2021-11-18 06:32:33 |
RedCurl corporate espionage hackers resume attacks with updated tools (lien direct) |
A crew of highly-skilled hackers specialized in corporate espionage has resumed activity, one of their victims this year being a large wholesale company in Russia. [...] |
|
|
|
|
2021-11-17 14:34:39 |
Most SS7 exploit service providers on dark web are scammers (lien direct) |
The existence of Signaling System 7 (SS7) mobile telephony protocol vulnerabilities is something security researchers warned about in 2016, and it only took a year before the first attacks exploiting them were observed. [...] |
|
|
|
|
2021-11-17 13:31:23 |
Russian ransomware gangs start collaborating with Chinese hackers (lien direct) |
There's some unusual activity brewing on Russian-speaking cybercrime forums, where hackers appear to be reaching out to Chinese counterparts for collaboration. [...] |
Ransomware
|
|
|
|
2021-11-17 12:07:24 |
TikTok phishing threatens to delete influencers\' accounts (lien direct) |
Researchers have observed a new phishing campaign primarily targeting high-profile TikTok accounts belonging to influencers, brand consultants, production studios, and influencers' managers. [...] |
|
|
|
|
2021-11-17 11:02:43 |
Victims of $2 billion BitConnect fraud to get back $57 million (lien direct) |
U.S. law enforcement authorities will start liquidating roughly $57 million worth of cryptocurrency seized from the now-defunct BitConnect crypto exchange to provide some restitution to defrauded investors. [...] |
|
|
|
|
2021-11-17 09:44:24 |
US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet (lien direct) |
US, UK, and Australian cybersecurity agencies warned today of ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities linked to an Iranian-backed hacking group. [...] |
|
|
|
|
2021-11-17 08:00:00 |
CISA releases cybersecurity response plans for federal agencies (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) has released new cybersecurity response plans (known as playbooks) for federal civilian executive branch (FCEB) agencies. [...] |
|
|
|