What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-12 03:21:00 | Sextortion Scammers Change Tactics to Bypass Spam Protection (lien direct) | Low paydays in the first trimester of the year have prompted scammers in the sextortion email business to switch to new tricks to restore the revenue stream of the not too distant past. [...] | Spam | ||
|
2019-04-11 19:45:02 | Hacked Uniden Commercial Site Serves Emotet Trojan (lien direct) | Uniden's website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo. [...] | |||
|
2019-04-11 16:30:05 | Mozilla Firefox For ARM64 Beta Now Available (lien direct) | Today, Mozilla has promoted the ARM64-native build of Firefox to its beta channel and anyone with an ARM-powered Windows 10 device can test it. [...] | |||
|
2019-04-11 14:51:04 | Home Office Leaks the Emails of Hundreds of EU Citizens (lien direct) | The UK Home Office has sent an e-mail apology to 240 EU citizens who requested to be considered for settled status in the UK as part of the EU Settlement Scheme program after accidentally leaking their e-mail addresses because of a so-called "administrative error." [...] | |||
|
2019-04-11 12:30:05 | Tax Fraud and ID Theft Services Getting Cheaper on the Dark Web (lien direct) | Financial and social security identity theft services are becoming more and more affordable every year on the dark web, leading to a drop in the skill level required for tax fraud schemes. [...] | Guideline | ||
|
2019-04-11 12:00:00 | Hyperlink Auditing Pings Being Used to Perform DDoS Attacks (lien direct) | Researchers have found that the HTML feature called hyperlink auditing, or pings, is being used to perform DDoS attacks against various sites. This feature is normally used by sites to track link clicks, but is now found to be abused by attackers to send a massive amount of web requests to sites in order to take them offline. [...] | |||
|
2019-04-11 10:30:05 | Microsoft\'s April 2019 Updates are Causing Windows to Freeze (lien direct) | Conflicts between antivirus software and the recent Microsoft April 2019 Patch Tuesday updates are causing Windows 7, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 to freeze, be unable to boot, or hang on installing updates. [...] | |||
|
2019-04-11 08:55:04 | VSDC Site Hacked Again to Spread Password Stealing Malware (lien direct) | The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...] | Malware | ||
|
2019-04-11 03:16:00 | Office 365 Team Discovers Phishing Email Pushing WinRAR Exploit (lien direct) | A recent targeted attack against organizations in the satellite and communications industry echoes techniques seen in campaigns from cyberespionage group MuddyWater. [...] | |||
|
2019-04-10 17:31:03 | Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams (lien direct) | A vulnerability in the popular WordPress plugin called Yuzo Related Posts is being targeted by attackers to inject JavaScript into the pages of the site. This JavaScript will cause visitors to be redirected to sites displaying scams, including tech support scams, and sites promoting unwanted software such as browser extensions. [...] | Vulnerability | ||
|
2019-04-10 16:40:01 | WPA3 Wi-Fi Standard Affected by New Dragonblood Vulnerabilities (lien direct) | Security researchers discovered vulnerabilities in the WPA3-Personal protocol which allow potential attackers to crack Wi-Fi network passwords and get access to the encrypted network traffic exchanged between the connected devices. [...] | |||
|
2019-04-10 16:03:00 | Threat Group Uses Pastebin, GitHub In SneakyPastes Operation (lien direct) | A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain. [...] | Malware Threat | ||
|
2019-04-10 14:57:03 | Windows 10 Insider Build 18875 Released, Merges Fast and Skip Ahead Rings (lien direct) | Microsoft has released Windows 10 Insider Preview Build 18875 for Insiders in both the Fast and Skip Ahead rings. With build 1903 already released to Insiders and publicly being released in May, Microsoft has merged the Skip Ahead and Fast rings so that they are both now receiving the same 20H1 builds. [...] | |||
|
2019-04-10 14:06:04 | DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware (lien direct) | The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...] | Malware | APT 38 | |
|
2019-04-10 12:10:04 | Google Wants To Block Potentially Risky Non-Secure Downloads (lien direct) | Google proposed the addition of automatic blocking of high-risk downloads from non-secure websites in future versions of its Chrome web browsers as revealed by a proposal from Google Chrome security engineer Emily Clark in the World Wide Web Consortium (W3C) public mailing list. [...] | |||
|
2019-04-10 11:34:04 | New Extortion Email Threatens to Install WannaCry and DDoS Your Network (lien direct) | A new extortion email scam campaign is underway that states that your computer was hacked and that it was discovered you were hiding your taxes. The alleged hackers then demand 2 bitcoins or they will notify the "Tax Department", DDoS your network, and then install the WannaCry ransomware. [...] | Wannacry | ||
|
2019-04-10 09:39:03 | New TajMahal Cyberespionage Kit Includes 80 Malicious Modules (lien direct) | TajMahal, a previously unknown cyberespionage platform featuring roughly 80 different malicious modules and active since at least 2013, was discovered by Kaspersky Lab's research team during late 2018. [...] | |||
|
2019-04-10 07:01:01 | 25% of Phishing Emails Bypass Office 365 Default Security (lien direct) | Roughly 25% of all phishing emails found in a batch of 55 million analyzed e-mails were marked as clean by the Office 365 Exchange Online Protection (EOP) and reached the users' inboxes, while another 5.3% were whitelisted instead of getting blocked because of admin configurations. [...] | |||
|
2019-04-10 06:11:05 | Two Thirds of Hotel Sites Leak Guest Booking Info to Third-Parties (lien direct) | Third-party services running on most hotel websites have access to guest booking information, including personal data and payment card details. The data they're privy to also allows them to cancel reservations. [...] | |||
|
2019-04-10 05:01:00 | Chrome Saying It\'s Managed by Your Organization May Indicate Malware (lien direct) | Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will display this message whenever a group policy is configured for Chrome. [...] | Malware | ||
|
2019-04-10 03:35:00 | Demo Exploit Code Available for Privilege Escalation Bug in Windows (lien direct) | Proof-of-concept exploit code for a privilege escalation vulnerability affecting Windows operating system has been published today, soon after Microsoft rolled out its monthly batch of security patches. [...] | Vulnerability | ||
|
2019-04-09 16:22:03 | Windows Server 2008 Requires KB4493730 to Get Future Updates (lien direct) | Administrators of Windows Server 2008 SP2 will be offered a new servicing stack update today that adds support for future SHA-2 code signed updates. If SHA-2 support is not added to the operating system, it will not be able to install updates starting in July 2019. [...] | |||
|
2019-04-09 15:10:03 | Criminal Market Sells Over 60K Digital Identities For $5-$200 (lien direct) | More than 60,000 stolen digital profiles are currently up for sale on Genesis Store, a private and invitation-only online cybercriminal market discovered and exposed by Kaspersky Lab researchers. [...] | |||
|
2019-04-09 14:13:04 | Microsoft\'s April 2019 Patch Tuesday Fixes 74 Vulnerabilities (lien direct) | Today is Microsoft's April 2019 Patch Tuesday, which means Windows admins are getting ready to pull their hair out while testing the new patches and security updates released by Microsoft. Included in this month's updates are fixes for two vulnerabilities that have been spotted being actively exploited in the wild. [...] | |||
|
2019-04-09 13:47:02 | Windows 10 April 2019 Cumulative Updates Released With Fixes (lien direct) | Today is second Tuesday of the month and the new cumulative updates are rolling out for supported versions of Windows 10, including the October 2018 Update, [...] | |||
|
2019-04-09 13:15:01 | Adobe Releases April 2019 Security Updates for Flash, Shockwave, and More (lien direct) | Adobe has published their monthly Patch Tuesday updates for the month of April 2019. These updates fix various security vulnerabilities in Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC. [...] | |||
|
2019-04-09 12:45:00 | Cryptominers Still Top Threat In March Despite Coinhive Demise (lien direct) | Although Coinhive shut down and its cryptominer dropped down on the sixth place in Check Point's latest Global Threat Index, coinminers continue to lead the pack with Cryptoloot, XMRig, and Jsecoin taking the first, third, and fifth place. [...] | Threat Guideline | ||
|
2019-04-05 16:51:04 | Google Adding Chrome Admin Policy to Uninstall Blacklisted Extensions (lien direct) | Google is adding a new admin policy to Chrome that will automatically uninstall browser extensions that are blacklisted by administrators. [...] | |||
|
2019-04-05 14:58:02 | Qt5-Based GUI Apps Susceptible to Remote Code Execution (lien direct) | Through a little known command line argument, applications that configure custom protocol handlers and are are developed using the Qt5 graphical user interface framework can be exposed to a remote code execution vulnerability. [...] | ★★★ | ||
|
2019-04-05 14:23:05 | Year-Old DoS Vulnerability Allows Attacks on Some MikroTik Routers (lien direct) | MikroTik on Thursday published details about an issue that is easy to exploit remotely to cause a denial-of-service (DoS) condition on devices running RouterOS, which is most products from the maker. [...] | Vulnerability | ★★★★★ | |
|
2019-04-05 13:34:04 | EU States Test and Strengthen Readiness for Election Cyber Threats (lien direct) | EU member states tested their crisis plans and response to potential EU elections cybersecurity incidents during an exercise organized today in collaboration with the European Parliament, the European Commission, and the EU Agency for cybersecurity (ENISA). [...] | |||
|
2019-04-05 11:29:01 | Cybercrime Market with Roughly 385,000 Members Found on Facebook (lien direct) | An online black market offering cybercrime goods and services was found on Facebook, spreading over 74 groups and totaling around 385,000 members, according to a report by Cisco Talos security researchers. [...] | |||
|
2019-04-05 10:20:00 | ICO Fines London Council for Gangs Matrix Data Leak Exposing 203 People (lien direct) | The London Borough of Newham received a £145,000 monetary penalty from the Information Commissioner's Office after leaking the personal information of more than 200 individuals allegedly associated with gangs. [...] | |||
|
2019-04-05 09:48:00 | Study Shows Screen Time Before Bed Is Not Bad For Teenagers (lien direct) | All over the world and in many different languages, parents yell for their kids to get off their phones or stop playing Fortnite before their brains becomes mush. A new study, though, now indicates that there is no correlation between screen time, even before bed, and a teenager's well-being. [...] | |||
|
2019-04-05 04:39:00 | Beware of Calls Saying Your Social Security Number is Suspended (lien direct) | A common phone call scam that people have been receiving states that your Social Security number is suspended for suspicious activity. It then prompts you to speak to a government agent in order to receive help resolving the issue. [...] | |||
|
2019-04-04 22:12:01 | Windows 10 Insider Build 18362.30 Released to Fix Boot Breaking Bug (lien direct) | As Microsoft gets ready to release the Windows 10 May 2019 Update feature update to Windows Insiders next week, they snuck in a surprise update that upgrades Windows to build 18362.30. This updates fixes a few bugs that are necessary to resolve before offering the test release of the next feature update. [...] | |||
|
2019-04-04 17:32:04 | Researchers Hack Google Maps Snake Game to Add God Mode, AI Auto-Play (lien direct) | Check Point's research team tried the April Fools snake game added by Google inside the Android and iOS Google Maps apps and, after failing to play it for as long as they wanted, they reverse engineered it, stuck an auto-play AI inside, and removed the "loss" factor altogether. [...] | Hack | ||
|
2019-04-04 16:07:00 | Microsoft Is Redesigning the Windows 10 Update Experience (lien direct) | The Windows 10 May 2019 Update will be available in the Release Preview Ring of the Windows Insider Program starting next week and will add a number of new features designed to put its users in control of how monthly and features updates are installed. [...] | |||
|
2019-04-04 16:04:03 | Windows 10 May 2019 Update Announced, Insiders Get it First (lien direct) | Microsoft has officially announced that the Windows 10 build 1903 feature update will be called the May 2019 Update. This update will be released to Windows Insiders first, who will test it for a month before it is made publicly available in May. [...] | |||
|
2019-04-04 13:28:05 | Xiaomi Pre-Installed Security App Vulnerable to MiTM Attacks (lien direct) | A vulnerability exposing users to Man-in-the-Middle (MiTM) attacks was patched by Xiaomi in the pre-installed security app Guard Provider after a disclosure report from Check Point Research. [...] | Vulnerability | ||
|
2019-04-04 11:11:03 | Samsung Galaxy S10 Fingerprint Scanner Tricked with 3D Print (lien direct) | The ultrasonic fingerprint scanner feature in the Samsung Galaxy S10 can be tricked to unlock the device with the help of a 3D printed fingerprint stolen from its owner as shown by Reddit user darkshark9. [...] | |||
|
2019-04-04 10:10:03 | Windows 10 1809 Changed the Default Removal Policy for External Drives (lien direct) | The default removal policy for external storage media was changed by Microsoft in Windows 10 version 1809 from "Better performance" to "Quick removal" which, for some users, may translate into faster removal times with degraded performance. [...] | |||
|
2019-04-04 09:01:00 | London Blue Scammers Extend Operation, Attack Targets in Asia (lien direct) | Over the past five months, the London Blue cybercriminal group has been running business email compromise (BEC) scams against employees in Asia working for companies based mostly in the United States, Australia or Europe. [...] | |||
|
2019-04-04 08:00:00 | CIA Exortion Scams Using SatoshiBox to Sell Alleged Proof for $500 (lien direct) | The CIA extortion scams continue to evolve in order to squeeze as much money out of a victim as they can. In a new variant discovered by researchers, the extortion emails are now selling alleged proof on Satoshi Box for $500 that show you are part of the CIA investigation. [...] | |||
|
2019-04-04 03:34:00 | New Xwo Web Scanner Helps MongoLock Ransomware Find Victims (lien direct) | Code and infrastructure from two known malware families have been observed with a new threat named Xwo, which helps operators of the MongoLock ransomware discover unprotected web services reachable over the internet. [...] | Ransomware Malware Threat | ||
|
2019-04-03 20:21:05 | Windows 10 News App Blunder Made Users Think They\'re Infected (lien direct) | A configuration mistake in the Microsoft News app caused Window 10 users to receive strange test notifications, which caused them to think they were infected. [...] | |||
|
2019-04-03 17:59:03 | Financial Mobile Apps Fail to Follow Proper Security Standards (lien direct) | Financial mobile apps come with large numbers of vulnerabilities stemming from a dangerous lack of security controls and insecure coding practices, according to a report prepared by advisory firm Aite Group for Arxan. [...] | |||
|
2019-04-03 15:19:00 | Windows 10 1809 Cumulative Update Released with Huge List of Fixes (lien direct) | Microsoft has finally released the latest cumulative update for Windows 10 build 1809 and with it comes a huge amount of fixes for open issues. [...] | |||
|
2019-04-03 14:59:01 | (Déjà vu) 540 Mllion Facebook Records Leaked by Public Amazon S3 Buckets (lien direct) | More than 540 million records of Facebook users were exposed by publicly accessible Amazon S3 buckets used by two third-party apps to store user data such as plain text app passwords, account names, user IDs, interests, relationship status, and more. [...] | |||
|
2019-04-03 14:59:01 | (Déjà vu) 540 Mllion Facebook User Records Leaked by Public Amazon S3 Buckets (lien direct) | More than 540 million records of Facebook users were exposed by publicly accessible Amazon S3 buckets used by two third-party apps to store user data such as plain text app passwords, account names, user IDs, interests, relationship status, and more. [...] |
To see everything:
Our RSS (filtrered)
