What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-30 18:16:27 | Under-Detected ODT Files Deliver Common Remote Access Trojans (lien direct) | Security researchers noticed multiple cybercriminal operations using OpenDocument Text (ODT) files to distribute malware that is typically blocked by antivirus engines. The campaigns target English and Arabic-speaking users. [...] | Malware | ||
|
2019-09-30 17:25:23 | Free Ouroboros Ransomware (Zeropadypt NextGen) Decryption Available (lien direct) | Victims of the Ouroboros Ransomware, otherwise known as Zeropadypt NextGen, can get their files decrypted for free with the help of a security researcher and a decryptor that has been made for different variants. [...] | Ransomware | ||
|
2019-09-30 14:20:48 | Microsoft Adds \'Disable Legacy TLS\' Feature to Windows Server 2019 (lien direct) | Microsoft announced the addition of a new Windows Server 2019 feature that will enable admins to enforce Transport Layer Security (TLS) versions by blocking legacy ones via certificate binding. [...] | |||
|
2019-09-30 12:45:55 | New Exim Vulnerability Exposes Servers to DoS Attacks, RCE Risks (lien direct) | A new critical vulnerability in the Exim mail transfer agent (MTA) software was patched to prevent denial of service (DoS) or possibly remote code execution attacks. [...] | Vulnerability | ||
|
2019-09-30 10:21:34 | eGobbler Malvertiser Uses WebKit Exploit to Infect Over 1 Billion Ads (lien direct) | Roughly 1.16 billion ad impressions have been hijacked in a malvertising campaign operated by a threat group dubbed eGobbler to redirect potential victims to malicious payloads, between August 1 and September 23. [...] | Threat | ||
|
2019-09-30 03:23:14 | Bulletproof Hosting Service in Former NATO Bunker Goes Down (lien direct) | Authorities in Germany this week shut down the services of a bulletproof hosting provider set up in a former NATO bunker that went five floors underground. [...] | |||
|
2019-09-29 14:01:09 | Windows 10 1903 on ARM Gets a Virtualization-based Security Feature (lien direct) | Windows 10 version 1903 on ARM has gotten an additional virtualization-based security feature that creates secured regions of memory that are isolated from the operating system. These secured and isolated regions of memory can then be used by security solutions so that they are better protected from vulnerabilities in the operating s [...] | |||
|
2019-09-29 11:11:45 | Cloudflare Now Blocks the vBulletin RCE CVE-2019-16759 Exploit (lien direct) | This week a zero-day vBulletin remote code execution vulnerability and exploit was publicly disclosed and is being used by bad actors to attack vBulletin forums. Cloudflare has now created a special rule that will prevent this exploit from working on vBulletin sites behind Cloudflare's service. [...] | Vulnerability | ||
|
2019-09-28 17:10:17 | Windows 10 1909 Coming Soon, Here Are the New Features (lien direct) | The Windows 10 1909 Feature Update is around the corner and is expected to be released sometime next week. Unlike previous Feature Updates, Windows 10 1909, codenamed 19H2, is more like a larger-than-normal cumulative update or service pack, but does contain some new features that we describe below. [...] | |||
|
2019-09-27 19:08:00 | Cyber-Attacks Hit Defense Contractors in Europe and North America (lien direct) | Defense contractors Rheinmetall AG and Defence Construction Canada (DCC) were hit this month by cyber-attacks that impacted and disrupted their information technology systems. [...] | |||
|
2019-09-27 17:47:11 | The Week in Ransomware - September 27th 2019 - Quiet Before the Storm? (lien direct) | It is another week of small variants and minor ransomware being released, with no major ransomware attacks being publicized or new large scale ransomware attacks. [...] | Ransomware | ||
|
2019-09-27 17:23:11 | US Senate Passes Bill in Response to Rampant Ransomware, CyberAttacks (lien direct) | The U.S. Senate passed the 'DHS Cyber Hunt and Incident Response Teams Act' (S.315) to authorize the Department of Homeland Security (DHS) to maintain cyber hunt and incident response teams to help private and public entities defend against cyber-attacks. [...] | |||
|
2019-09-27 15:27:14 | New Masad Stealer Malware Exfiltrates Crypto Wallets via Telegram (lien direct) | A new and actively distributed malware strain dubbed Masad Stealer steals files, browser information, and cryptocurrency wallet data from infected computers that get sent back to its masters using Telegram as a communication channel. [...] | Malware | ||
|
2019-09-27 13:21:44 | Microsoft Wants Your Feedback on the Edge Browser for Linux (lien direct) | The Microsoft Edge Team is looking for Linux developers to provide feedback on how they use web browsers in their development environment. This feedback will then be used to flesh out the requirements for Microsoft Edge on Linux. [...] | |||
|
2019-09-27 12:50:42 | Office 365 to Get Automated Incident Response for Hacked Accounts (lien direct) | Microsoft is currently working on adding a new Automated Incident Response playbook to Office 365 Advanced Threat Protection (ATP) to allow Security Operations (SecOps) teams to automatically investigate and remediate hacked accounts. [...] | Threat | ||
|
2019-09-27 11:47:30 | Windows 10 Version 1903 Now in Broad Deployment, Available to Everyone (lien direct) | Microsoft has announced that Windows 10 version 1903 has now been added to the broad deployment channel and will be available to everyone via Windows Update. [...] | |||
|
2019-09-27 11:14:13 | Fake Apps Sneak Gambling Into iOS and Android App Stores (lien direct) | Gambling apps double-crossed the review systems in Google Play and the App Store by posing as a policy-abiding app. After bypassing the verification, the infringing functionality became available to users. [...] | |||
|
2019-09-27 06:05:31 | Adobe and Google Open Redirects Abused by Phishing Campaigns (lien direct) | Google and Adobe open redirects are being used by phishing campaigns in order to add legitimacy to the URLs used in the spam emails. [...] | Spam | ||
|
2019-09-27 03:30:11 | Microsoft Removes CCleaner Ban From Their Community Forums (lien direct) | Microsoft has decided to roll back their decision to add CCleaner to a blacklist that would prevent the software's official site, www.ccleaner.com, from be posted in the Microsoft Community Forums. [...] | CCleaner | ||
|
2019-09-26 18:15:00 | New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery (lien direct) | A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines. [...] | Malware | ||
|
2019-09-26 17:48:00 | Windows 10 1903 Cumulative Update KB4517211 Fixes Game Audio Issues (lien direct) | Microsoft has released the KB4517211 cumulative update for Windows 10 1903 (May 2019 Update) that introduces a variety of quality improvements and bug fixes. [...] | |||
|
2019-09-26 17:07:12 | DoorDash Data Breach Exposes Info of Roughly 5 Million Users (lien direct) | DoorDash has announced a data breach where an unauthorized user was able to gain access to the personal information of 4.9 million consumers, Dashers, and merchants. [...] | Data Breach | ||
|
2019-09-26 16:39:22 | Microsoft Explains Why Signed PowerShell Cmdlets May Run Slow (lien direct) | Microsoft issued an advisory that signed PowerShell cmdlets may run slower then unsigned cmdlets if Windows is having network connectivity problems. [...] | |||
|
2019-09-26 14:45:49 | Microsoft Spots Nodersok Malware Campaign That Zombifies PCs (lien direct) | A new fileless malicious campaign, dubbed Nodersok by Microsoft Defender ATP Research Team researchers who discovered it, drops its own LOLBins to infect Windows computers with a Node.js-based malware that will turn the devices into proxies. [...] | Malware | ||
|
2019-09-26 12:39:33 | REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam (lien direct) | A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware. [...] | Ransomware Spam | ||
|
2019-09-26 11:25:30 | Cisco Fixes Critical IOx Flaw Allowing Root Access to Guest OS (lien direct) | Cisco has released security updates to address a critical vulnerability in the IOx application environment for Cisco IOS Software that could enable authenticated remote attackers to access the Guest Operating System (Guest OS) as the root user. [...] | Vulnerability | ||
|
2019-09-26 10:32:26 | Microsoft Enables Tracking Prevention by Default in New Edge Beta (lien direct) | Microsoft released the first update to the Microsoft Edge Beta channel that brings the web browser to the 78.0.276.8 build, enables the tracking prevention feature by default, and adds new sign-in and sync features. [...] | |||
|
2019-09-26 07:29:04 | Outlook on the Web to Block File Extensions for PowerShell, Python, and More (lien direct) | Microsoft will soon be blocking an additional 38 file extension from being downloaded as attachments in Outlook on the Web in order to protect users from malicious files. These additional extensions includes files used by Java, PowerShell, Python, and various vulnerabilities. [...] | |||
|
2019-09-26 05:15:33 | Vodafone\'s Mobile App Briefly Exposed Customer Information (lien direct) | For a brief period on Wednesday morning, Vodafone customers in New Zealand using the mobile carrier's app could see details for other customers. [...] | |||
|
2019-09-26 03:00:00 | Botnet Uses Recent vBulletin Exploit to Block Other Hackers (lien direct) | A botnet has been detected utilizing the recently disclosed vBulletin exploit to secure vulnerable servers so that they cannot be used by other attackers. This allows the botnet to grow their army of compromised servers without fear that other attackers will utilize the same server. [...] | |||
|
2019-09-25 18:36:46 | Microsoft to Extend Office 365 ATP Safe Links to Office Online (lien direct) | Microsoft is currently working on extending the Office 365 Advanced Threat Protection (ATP) Safe Links protection to Office Online apps, with the new feature to be released in October. [...] | Threat | ||
|
2019-09-25 16:00:40 | Buggy Google Chrome Update Behind Recent Unbootable Macs (lien direct) | A wave of reported Macs being no longer able to boot was caused by a recent Google Chrome update that was corrupting a necessary operating system folder. Once the update was installed, affected users found they were no longer able to boot into macOS. [...] | |||
|
2019-09-25 15:05:01 | Ransomware Decryptors Released for Yatron, WannaCryFake, & FortuneCrypt (lien direct) | Security vendors released decryptors for three ransomware infections today that allow victims to recover their files for free. These decryptors are for the WannaCryFake, Yatron, and FortuneCrypt Ransomware infections. [...] | Ransomware | Wannacry | |
|
2019-09-25 14:22:34 | Microsoft Phishing Attack Uses Google Redirects to Evade Detection (lien direct) | A new phishing campaign uses Google search query redirects to send potential victims to a phishing landing page designed to collect Microsoft Office 365 credentials via encoded URLs. [...] | |||
|
2019-09-25 12:26:07 | Hackers Replace Windows Narrator to Get SYSTEM Level Access (lien direct) | Chinese hackers are replacing the legitimate Narrator app on targeted Windows systems with a trojanized version that gives them remote access with privileges of the most powerful account on the operating system. [...] | |||
|
2019-09-25 11:49:48 | CloudFlare\'s WARP Secures iOS and Android Web Traffic for Free (lien direct) | Cloudflare's WARP mobile app for iOS or Android designed to secure all the Internet traffic on one's mobile devices is now available for everyone. [...] | |||
|
2019-09-25 10:37:32 | vBulletin Zero-Day Exploited for Years, Gets Unofficial Patch (lien direct) | A zero-day exploit for the vBulletin forum platform was publicly disclosed and quickly used to attack affected versions of the forum software. It turns out, though, that this exploit has been known, utilized, and sold by researchers and attackers for years. [...] | |||
|
2019-09-25 06:01:00 | Adobe Fixes Critical Security Vulnerabilities in Coldfusion (lien direct) | Adobe released security updates for three vulnerabilities in ColdFusion. Two of these vulnerabilities are rated as Critical as they allow code execution and can bypass access controls. The other is an labeled critical as it allows information disclosure. [...] | |||
|
2019-09-25 03:34:35 | Hackers Exploit Unpatched Bug in Rich Reviews WordPress Plugin (lien direct) | Site administrators still using the Rich Reviews plugin for WordPress are easy targets as hackers are currently exploiting an unpatched vulnerability for malvertising campaigns. [...] | Vulnerability | ||
|
2019-09-24 22:51:44 | (Déjà vu) Windows 10 Insider Build 18990 Released With UWP App Autostart (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18990 (20H1) to Insiders in the Fast ring, which allows you to enable UWP apps to restart on sign-in and WSL improvements. [...] | |||
|
2019-09-24 22:51:44 | Windows 10 Build 18990 Insider Released With UWP App Autostart (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18990 (20H1) to Insiders in the Fast ring, which allows you to enable UWP apps to restart on sign-in and WSL improvements. [...] | |||
|
2019-09-24 17:17:21 | Apple to Fix iOS Bug Granting Full Access to 3rd Party Keyboards (lien direct) | After releasing iOS 13.1 to fix a long list of bugs left unpatched in iOS 13, Apple says in a support document published today that an issue is impacting third-party iOS 13 and iPadOS keyboard extensions. [...] | |||
|
2019-09-24 16:25:18 | Windows 10 to Boost Performance via Favored CPU Core Optimization (lien direct) | Windows 10 19H2 will include optimizations to how instructions are processed by the CPU in order to increase the performance and reliability of the operating system and its applications. [...] | |||
|
2019-09-24 15:52:21 | Microsoft Rolls Out Windows Terminal 1909 With Long List of Fixes (lien direct) | Microsoft is rolling out the September 2019 release (1909) of its multi-tabbed Windows Terminal console app with a new settings schema, a new font, stylus support, and Windows 20H1 Console Windows Host (conhost) bug fixes. [...] | |||
|
2019-09-24 14:55:15 | Shared Code Links Sodinokibi to GandCrab, Minus the Fun & Games (lien direct) | Hints of a connection between the defunct GandCrab and the Sodinokibi ransomware get stronger as researchers find code-level similarities and artifacts suggesting continued operations. [...] | Ransomware | ||
|
2019-09-24 13:52:10 | Windows 10 1809 Cumulative Update KB4516077 Released With Fixes (lien direct) | Microsoft has released a new cumulative update for Windows 10 version 1809 that fixes a huge amount of bugs and issues. Some of the highlighted issues that are fixes with this release are high CPU when switching apps, Calculator shutting down, incorrect file and folder properties in File Explorer, and Narrator not opening properly. [...] | |||
|
2019-09-24 13:30:00 | Instagram Phishing Attack Baits With Copyright Infringement Note (lien direct) | Instagram users are being targeted by a new phishing campaign that baits them into giving away their credentials using fake copyright infringement notices which implants a feeling of urgency designed to lower the users' guard. [...] | |||
|
2019-09-24 12:58:50 | Fake Employment Site Created to Target Veterans With Malware (lien direct) | A fake web site pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that let's the attackers gain full control over a victim's computer. [...] | Malware | ||
|
2019-09-24 11:23:41 | State-Backed Attackers Target US Entities with LookBack Malware (lien direct) | A spear-phishing campaign spanning more than five months has been targeting roughly 17 U.S. utility providers between April 5 and August 29 according to research from Proofpoint's Threat Insight Team. [...] | Malware Threat | ||
|
2019-09-24 10:34:38 | Gmail for Android and iOS Gets a Dark Theme (lien direct) | Google announced today that they are rolling out a Dark theme to Gmail for Android and iOS users. This feature is currently rolling out to users of both the Android and iOS versions of Gmail. [...] |
To see everything:
Our RSS (filtrered)
