What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-04-03 15:25:30 | Microsoft: Emotet Took Down a Network by Overheating All Computers (lien direct) | Microsoft says that an Emotet infection was able to take down an organization's entire network by maxing out CPUs on Windows devices and bringing its Internet connection down to a crawl after one employee was tricked to open a phishing email attachment. [...] | |||
|
2020-04-03 12:52:18 | Apple Paid $75K For Bugs Letting Sites Hijack iPhone Cameras (lien direct) | Apple has paid a $75,000 bug bounty to a security researcher who chained together three different exploits that could have allowed malicious web sites to use your iPhone camera and microphone without permission. [...] | |||
|
2020-04-03 11:20:18 | Zoom\'s Web Client is Down, Users Report 403 Forbidden Errors (lien direct) | Zoom users are currently reporting that they are unable to use the Zoom web client or start and attend webinars, with reports saying that the web client is throwing '403 Forbidden' errors. [...] | |||
|
2020-04-02 16:46:01 | New Coronavirus-Themed Malware Locks You Out of Windows (lien direct) | With school closed due to the Coronavirus pandemic, some kids are creating malware to keep themselves occupied. Such is the case with a variety of new MBRLocker variants being released, including one with a Coronavirus theme. [...] | Malware | ||
|
2020-04-02 16:15:28 | Twitter Reveals That Firefox Cached Private Data For Up to 7 Days (lien direct) | Twitter disclosed an issue in the way the Mozilla Firefox web browser cached data that may have lead to private media shared in DMs and data downloads being inadvertently stored in the browser's cache. [...] | Guideline | ||
|
2020-04-02 15:17:09 | WordPress Plugin Bug Can Be Exploited to Create Rogue Admins (lien direct) | Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after exploiting an authenticated stored cross-site scripting (XSS) vulnerability. [...] | |||
|
2020-04-02 13:19:47 | IRS Warns of Surge in Economic Stimulus Payment Scams (lien direct) | The Internal Revenue Service (IRS) today issued a warning to alert about a surge in coronavirus-related scams over email, phone calls, or social media requesting personal information while using economic impact payments as a lure. [...] | |||
|
2020-04-02 11:28:24 | FBI Warns of Attacks on Remote Work, Distance Learning Platforms (lien direct) | FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning. [...] | |||
|
2020-04-02 09:00:00 | Office 365 Phishing Uses CSS Tricks to Bypass Email Gateways (lien direct) | A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware. [...] | |||
|
2020-04-01 17:55:18 | How to Mitigate the Windows Font Parsing Zero-Day Bug via GPO (lien direct) | Active Directory (AD) admins can mitigate the recently disclosed and actively exploited remote code execution (RCE) zero-day found in the Windows Adobe Type Manager Library in large AD environments using group policies. [...] | |||
|
2020-04-01 16:07:00 | Introduce Kids to Cybersecurity With This Free Activity Book (lien direct) | Security company Balbix has released a 12-page printable activity book for children that introduces them to cybersecurity in a fun way. [...] | |||
|
2020-04-01 14:32:31 | Cloudflare Launches a DNS-Based Parental Control Service (lien direct) | Cloudflare introduced today '1.1.1.1 for Families,' a privacy-focused DNS resolver designed to help parents in their efforts to safeguard their children's online security and privacy by automatically filtering out bad sites. [...] | |||
|
2020-04-01 13:18:41 | Hacker Group Backdoors Thousands of Microsoft SQL Servers Daily (lien direct) | Hackers have been brute-forcing thousands of vulnerable Microsoft SQL (MSSQL) servers to install cryptominers and remote access Trojans (RATs) since May 2018 as researchers at Guardicore Labs discovered in December. [...] | |||
|
2020-04-01 12:03:52 | Microsoft is Alerting Hospitals Vulnerable to Ransomware Attacks (lien direct) | Microsoft has started to send targeted notifications to dozens of hospitals about vulnerable public-facing VPN devices and gateways located on their network. [...] | Ransomware | ||
|
2020-04-01 12:03:52 | Microsoft is Alerting Hospitals Vulnerable to VPN Attacks (lien direct) | Microsoft has started to send targeted notifications to dozens of hospitals that have been detected as being vulnerable to a known gateway and VPN appliance exploit. [...] | |||
|
2020-03-31 23:59:18 | (Déjà vu) Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links (lien direct) | The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link. [...] | |||
|
2020-03-31 23:59:18 | (Déjà vu) Zoom Lets Attackers Steal Windows Credentials via UNC Links (lien direct) | The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link. [...] | |||
|
2020-03-31 23:59:18 | Zoom Client Leaks Windows Login Credentials to Attackers (lien direct) | The Zoom Windows client is vulnerable to UNC path injection in the client's chat feature that could allow attackers to steal the Windows credentials of users who click on the link. [...] | |||
|
2020-03-31 17:42:25 | How to Secure Your Zoom Meetings from Zoom-Bombing Attacks (lien direct) | This guide will walk you through securing your Zoom meetings so that virtual get-togethers, meetings, exercise classes, and even hours are not Zoom-bombed by unauthorized users. [...] | |||
|
2020-03-31 16:24:50 | Microsoft Updates Windows 10 PowerToys With New Utilities (lien direct) | Microsoft updated the open-source Windows 10 PowerToys toolset with new utilities for quickly switching between windows, for previewing files in Windows Explorer, and for batch resizing images from the context menu. [...] | |||
|
2020-03-31 14:38:19 | Microsoft Delays Disabling Insecure TLS in Browsers Until July (lien direct) | Microsoft announced today that it will delay disabling support for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols from Microsoft web browsers because of the current global situation until the second half of 2020, with an estimated time of roll out during July. [...] | |||
|
2020-03-31 14:08:02 | WinRAR 5.90 Final Released For Windows, Mac, Linux, and Android (lien direct) | WinRAR 5.90 Final has been released with numerous performance improvements and bug fixes for Windows, Mac, Linux, and Android. [...] | |||
|
2020-03-31 12:27:24 | Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins (lien direct) | A critical privilege escalation vulnerability found in the Rank Math WordPress SEO plugin can allow attackers to give administrator privileges to any registered user on one of the 200,000 sites with active installations if left unpatched. [...] | Vulnerability | ||
|
2020-03-31 11:05:30 | Marriott Reports Data Breach Affecting Up to 5.2 Million Guests (lien direct) | Marriott International today revealed that the personal information of roughly 5.2 million hotel guests was impacted in a data breach incident detected at the end of February 2020. [...] | Data Breach | ||
|
2020-03-31 10:16:03 | Cloudflare\'s 1.1.1.1 DNS Passes Privacy Audit, Some Issues Found (lien direct) | Cloudflare has released the results of a privacy audit of their a 1.1.1.1 DNS service that backs up Cloudflare's statement regarding how DNS query data is being stored and collected on their servers. [...] | |||
|
2020-03-31 09:09:41 | Grammarly is Now Available for Microsoft Word on Mac (lien direct) | Grammarly has announced that its AI-driven writing assistant is now available for Mac users as an add-in for Microsoft Word. [...] | |||
|
2020-03-30 17:44:21 | Windows 10 KB4554364 Update Fixes Internet Connectivity Issues (lien direct) | Microsoft has released an out-of-band Windows 10 update to fix a bug that was causing internet connectivity issues on devices with proxies, including virtual private networks (VPNs). [...] | |||
|
2020-03-30 17:30:19 | FBI Warns of Ongoing Zoom-Bombing Attacks on Video Meetings (lien direct) | The US Federal Bureau of Investigation (FBI) warned today of hijackers who join Zoom video conferences used for online lessons and business meetings with the end goal of disrupting them or for pulling pranks that could be later shared on social media platforms. [...] | |||
|
2020-03-30 16:53:16 | Banking Malware Spreading via COVID-19 Relief Payment Phishing (lien direct) | The Zeus Sphinx banking Trojan has recently resurfaced after a three years hiatus as part of a coronavirus-themed phishing campaign, the most common theme behind most attacks by far during the current pandemic. [...] | Malware | ||
|
2020-03-30 13:49:36 | UK\'s ICO Says Mobile Tracking is Legal During COVID-19 Crisis (lien direct) | UK's Information Commissioner's Office (ICO) has announced over the weekend that the government can use anonymized mobile phone tracking data to help fight the current coronavirus pandemic. [...] | |||
|
2020-03-30 13:29:00 | Microsoft Edge to Warn Of Credentials Leaked in Data Breaches (lien direct) | Microsoft Edge is introducing a new feature called "Password Monitor" that will alert users if their login credentials have been leaked in data breaches. [...] | |||
|
2020-03-30 12:49:03 | Hackers Take Advantage of Zoom\'s Popularity to Push Malware (lien direct) | Attackers are attempting to take advantage of Zoom's increasing user base since the COVID-19 outbreak started by registering hundreds of new Zoom-themed domains for malicious purposes. [...] | Malware | ||
|
2020-03-30 12:08:49 | (Déjà vu) Office 365 Rebrands as Microsoft 365 With New Consumer Features (lien direct) | Microsoft has announced today a new Microsoft 365 Personal and Family subscription for consumers that gives users access to Office, OneDrive, and Outlook. a new Family Safety App, and Teams for Consumer. [...] | |||
|
2020-03-30 12:08:49 | Microsoft Announces New Microsoft 365 Features for Consumers (lien direct) | Microsoft has announced today a new Microsoft 365 Personal and Family subscription for consumers that gives users access to Office, OneDrive, and Outlook. a new Family Safety App, and Teams for Consumer. [...] | |||
|
2020-03-30 10:17:56 | Microsoft Cloud Services See 775% Growth As More Work Remotely (lien direct) | As an increasing amount of countries, U.S. states, and companies move towards a remote workforce and social distancing, Microsoft has seen an explosive 775% growth in its cloud services due to the increased demand in video conferencing, remote collaboration software, remote Azure active directory services, and game console use. [...] | |||
|
2020-03-29 15:18:40 | How to Replace Windows 10 System Programs With Non-Microsoft Apps (lien direct) | Windows 10 contains programs, such as Notepad and Task Manager, that we have come to love and use often as part of our daily use of a Windows computer. Sometimes, though, you may find that you want to replace these programs with more feature-rich third-party programs, but still be able to launch them like you have gotten used to. [...] | |||
|
2020-03-29 12:12:28 | Phishing Attack Says You\'re Exposed to Coronavirus, Spreads Malware (lien direct) | A new phishing campaign has been spotted that pretends to be from a local hospital telling the recipient that they have been exposed to the Coronavirus and that they need to be tested. [...] | Malware | ||
|
2020-03-28 14:03:07 | Microsoft\'s Windows 10 Dockable \'News Bar\' Now In Beta (lien direct) | Microsoft is releasing a new app for Windows 10 called the "Windows News Bar" that will display a docked bar containing news stories from Microsoft News and acts as a stock picker for monitored stocks. [...] | |||
|
2020-03-27 18:30:52 | FTC Warns VoIP Providers to Stop Facilitating Coronavirus Scams (lien direct) | The US Federal Trade Commission (FTC) warned nine VoIP service providers against assisting and facilitating illegal robocalls designed to capitalize on public anxiety surrounding the Coronavirus/COVID-19 pandemic. [...] | |||
|
2020-03-27 17:35:22 | The Week in Ransomware - March 27th 2020 - Don\'t Attack Hospitals! (lien direct) | This two-week edition covers a lot of new ransomware variants, including attackers utilizing Coronavirus-themes for their phishing scams and ransomware variants. [...] | Ransomware | ||
|
2020-03-27 16:28:36 | US Small Business Administration Grants Used as Phishing Bait (lien direct) | Attackers are attempting to deliver Remcos remote access tool (RAT) payloads on the systems of small businesses via phishing emails impersonating the U.S. Small Business Administration (U.S. SBA). [...] | Tool | ||
|
2020-03-27 15:31:27 | FBI: Hackers Sending Malicious USB Drives & Teddy Bears via USPS (lien direct) | Hackers from the FIN7 cybercriminal group have been targeting various businesses with malicious USB devices acting as a keyboard when plugged into a computer. Injected commands download and execute a JavaScript backdoor associated with this actor. [...] | |||
|
2020-03-27 14:34:21 | Google Advises Against Disabling Sites During the Pandemic (lien direct) | Google warns businesses against disabling their websites during the COVID-19 and, instead, recommends limiting their functionality to avoid being penalized in Google Search results. [...] | |||
|
2020-03-27 09:28:58 | Actively Exploited Windows Font Parsing Bugs Get Temporary Fix (lien direct) | Until Microsoft releases a patch for two critical vulnerabilities affecting the font parsing component in all supported versions of Windows, some users can apply temporary protection in the form of a micropatch that prevents exploitation. [...] | |||
|
2020-03-27 05:42:49 | Russian-Speaking Hackers Attack Pharma, Manufacturing Companies in Europe (lien direct) | Malware belonging to Russian-speaking threat actors was used in attacks in late January against at least two European companies in the pharmaceutical and manufacturing industries. [...] | Malware Threat | ||
|
2020-03-26 19:39:06 | Google Warned Users of 40,000 State-Sponsored Attacks in 2019 (lien direct) | Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. [...] | |||
|
2020-03-26 18:08:25 | Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic (lien direct) | The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. [...] | Ransomware | ||
|
2020-03-26 16:37:41 | Windows 10 Search Getting New Features for Business Customers (lien direct) | Microsoft developers are currently working on adding the Microsoft Search offering to the Windows 10 search boxes of Office 365 enterprise customers. [...] | |||
|
2020-03-26 14:42:17 | New Windows 10 Bug Causes Internet Connectivity Issues, Fix in April (lien direct) | All supported Windows 10 and Windows Server versions are affected by a new bug that could cause applications to be unable to connect to the Internet. [...] | |||
|
2020-03-26 13:54:53 | Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic (lien direct) | A currently unpatched security vulnerability affecting iOS 13.3.1 or later prevents virtual private network (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users' data or leak their IP addresses. [...] | Vulnerability Guideline |
To see everything:
Our RSS (filtrered)
