Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-02-15 07:15:04 |
Cryptojacking Coinhive Miners Land on the Microsoft Store For the First Time (lien direct) |
A batch of eight potentially unwanted applications (PUAs) were found on the Microsoft Store dropping malicious Monero (XMR) Coinhive cryptomining scripts, delivered with the help of Google's legitimate Google Tag Manager (GTM) library. [...] |
|
|
|
|
2019-02-14 19:31:02 |
Collection of 127 Million Stolen Accounts Up for Sale on the Dark Web (lien direct) |
A batch of 127 million records stolen in data breaches affecting eight companies was put up for sale on the Dream Market marketplace by a seller who goes by the name of "gnosticplayers" and asking the equivalent of $14,500 in bitcoin for the entire collection. [...] |
|
|
|
|
2019-02-14 17:48:04 |
Google Rejected Roughly 55% More Android Apps in 2018, Still Not Enough (lien direct) |
As revealed by Google in its 2018 Google Play Store yearly review, the company has rejected 55% more Android applications than it did in 2017, and also increased the app suspension rate by approximately 66 percent year-over-year. [...] |
|
|
|
|
2019-02-14 15:15:01 |
Coffee Meets Bagel Dating App Discloses Data Breach on Valentine\'s Day (lien direct) |
As a Valentine's Day gift to all its users, online dating app Coffee Meets Bagel disclosed a data breach that contained user's email addresses and names. This data breach was discovered as part of a compilation of leaked credentials that was being sold on criminal marketplaces. [...] |
Data Breach
|
|
|
|
2019-02-14 14:59:00 |
Emotet Uses Camouflaged Malicious Macros to Avoid Antivirus Detection (lien direct) |
A new Emotet Trojan variant has been observed in the wild with the added ability to hide from anti-malware software by embedding malicious macros used to drop the main payload inside XML files disguised as Word documents. [...] |
|
|
|
|
2019-02-14 13:44:00 |
Microsoft Releases First Windows 10 20H1 Build 18836 To Skip Ahead Users (lien direct) |
Microsoft has released the Windows 10 Insider Preview Build 18836, which is the first insider build in the 20H1 development branch. This build is available to Insiders in the Skip Ahead ring and is just a general bug fix without any new features. [...] |
|
|
|
|
2019-02-14 11:53:01 |
Ransomware Attacks Target MSPs to Mass-Infect Customers (lien direct) |
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware. [...] |
Ransomware
|
|
|
|
2019-02-14 10:08:03 |
Mozilla Adds Persistent Private Browsing to Firefox for iOS (lien direct) |
Mozilla announced the addition of persistent private browsing in the Firefox web browser for iOS which will allow users to stay in Private Browsing mode at all times, even between browsing sessions. [...] |
|
|
★★★★
|
|
2019-02-13 18:19:01 |
South Korea is Censoring the Internet by Snooping on SNI Traffic (lien direct) |
South Korea has been blocking HTTP websites that are on their censor list for a while now and they have recently started using SNI filtering to block their counterparts served over HTTPS. [...] |
|
|
|
|
2019-02-13 14:26:05 |
Shlayer Malware Disables macOS Gatekeeper to Run Unsigned Payloads (lien direct) |
A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. [...] |
Malware
|
|
|
|
2019-02-13 11:07:01 |
OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch (lien direct) |
A micropatch is now available for a zero-day OpenOffice code execution vulnerability which can be triggered via automated macro execution following a mouseover event when viewing a maliciously crafted ODT document. [...] |
Vulnerability
|
|
|
|
2019-02-13 09:10:03 |
Cisco Network Assurance Engine Bug Allows Login with Old Passwords (lien direct) |
Cisco has issue a security advisory for Cisco Network Assurance Engine (NAE) Release 3.0(1) for a bug that causes password changes done via NAE to not be synchronized to the CLI of the associated device. This would allow a user to be able to gain access to a device via its CLI using the previous password. [...] |
|
|
|
|
2019-02-13 08:00:00 |
New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info (lien direct) |
A new Astaroth Trojan campaign targeting Brazil and European countries is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and load malicious modules. [...] |
|
|
|
|
2019-02-13 04:15:00 |
Canonical Snapd Vulnerability Gives Root Access in Linux (lien direct) |
A researcher has discovered a new vulnerability called "Dirty_Sock" in the REST API for Canonical's snapd daemon that can allow attackers to gain root access on Linux machines. To illustrate how these vulnerabilities can be exploited, the researcher has released to PoCs that use different methods to elevate privileges. [...] |
Vulnerability
|
|
|
|
2019-02-13 00:01:00 |
The Scarlet Widow Gang Entraps Victims Using Romance Scams (lien direct) |
We often hear about sextortion, business email compromise (BEC), and inheritance scams, but the often overlooked "Romance Scams" could be the most insidious of them all. Not only do victims lose money, but the emotional entanglement ultimately leads to heartbreak. [...] |
Guideline
|
|
|
|
2019-02-12 20:00:00 |
Microsoft Releases the February 2019 Updates for Office (lien direct) |
Microsoft released the February 2019 Office Update containing a list of 19 security updates and 28 non-security updates, while also updating the Click-To-Run Office 2013 version to 15.0.5111.1001 in the process. [...] |
|
|
|
|
2019-02-12 17:29:05 |
Weird Phishing Campaign Uses Links With Almost 1,000 Characters (lien direct) |
A targeted phishing campaign is underway that states your email has been blacklisted and then asks you to confirm it by entering your credentials. For some reason, this campaign is using phishing links that can contain almost 1,000 characters, which is enough to make anyone suspicious. [...] |
|
|
|
|
2019-02-12 15:44:05 |
Windows 7 KB4486563 and Windows 8.1 KB4487000 Released (lien direct) |
The February 2019 patches are also rolling out to PCs with Windows 7 and 8.1. The new monthly rollups for Windows 7 and Windows 8.1 comes with general security fixes and improvements. [...] |
|
|
|
|
2019-02-12 15:18:01 |
Microsoft February 2019 Patch Tuesday Includes Fixes for 70 Vulnerabilities (lien direct) |
Today is Microsoft's February 2019 Patch Tuesday, which means it is time to get those security updates installed. Included in this month's security updates is one for an actively exploited Internet Explorer vulnerability and another remote code execution vulnerability in DHCP. [...] |
Vulnerability
|
|
|
|
2019-02-12 14:48:03 |
Microsoft Patches PrivExchange Vulnerability in February Quarterly Updates (lien direct) |
Microsoft patched the PrivExchange privilege escalation vulnerability which affected Microsoft Exchange Server 2010 and newer installations where Exchange Web Services (EWS) and Push Notifications were enabled. [...] |
Vulnerability
|
|
|
|
2019-02-12 13:58:00 |
Windows 10 February 2019 Cumulative Updates Released With Fixes (lien direct) |
It's Patch Tuesday and new cumulative updates are rolling out! The focus of Windows 10's February 2019 cumulative update is on addressing the security issues and the general issues reported in the past few weeks. [...] |
|
|
|
|
2019-02-12 13:28:01 |
TrickBot Banking Trojan Now Steals RDP, VNC, and PuTTY Credentials (lien direct) |
The infamous Trickbot banking Trojan's password stealer module has been recently upgraded to grab credentials used to authenticate to remote servers using VNC, PuTTY, and Remote Desktop Protocol (RDP).. [...] |
|
|
|
|
2019-02-12 12:53:02 |
Dunkin\' Donuts Issues Alert for Credential Stuffing Attack, Passwords Reset (lien direct) |
Dunkin' Donuts has issued a security notification alerting users of their DD Perks reward program that their accounts may have been involved in a credential stuffing attack. This attack may have allowed third-parties to gain access to some of their account information. [...] |
|
|
|
|
2019-02-12 10:59:02 |
Windows Malware Runs on Macs, Bypasses Gatekeeper to Target Software Pirates (lien direct) |
If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Mono framework. [...] |
Malware
|
|
|
|
2019-02-12 09:26:01 |
Adobe Releases Security Fixes for Flash Player, ColdFusion, and More (lien direct) |
Adobe has published their monthly Patch Tuesday updates for the month of February 2019. These updates are for Flash Player, Creative Cloud Desktop Application, and ColdFusion. [...] |
|
|
|
|
2019-02-12 09:06:00 |
Hackers Wipe VFEmail Servers, May Shut Down After Catastrophic Data Loss (lien direct) |
The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems. According to VFEmail's owner, the hackers did not leave a ransom note and, given the extent of the destruction, the service will most likely go offline to never return. [...] |
|
|
|
|
2019-02-12 03:30:00 |
Coalition of State Attorney Generals Urge FTC to Update Identity Theft Rules (lien direct) |
A coalition of 31 state attorneys general responded to an FTC request for public comment on its Identity Theft Rules review with an appeal to update them to allow banks and creditors to keep up with new tech designed to block identity theft attempts. [...] |
|
|
|
|
2019-02-11 18:32:02 |
Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History (lien direct) |
A macOS privacy protection bypass flaw could allow potential attackers to access data stored in restricted folders on all macOS Mojave release up to the 10.14.3 Supplemental Update released on February 7.. [...] |
|
|
|
|
2019-02-11 16:48:00 |
Microsoft States Windows Update DNS Issues are Finally Fixed (lien direct) |
In an updated Windows 10 and Windows Server 2019 update history support article, Microsoft has stated that the Windows Update DNS issue should now be fully resolved as all local ISPs have refreshed their DNS servers and are now using the correct DNS records. [...] |
|
|
|
|
2019-02-11 14:10:01 |
RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts (lien direct) |
A container breakout security flaw found in the runc container runtime allows malicious containers to overwrite the host runc binary and gain root-level code execution on the host machine. [...] |
Vulnerability
|
Uber
|
|
|
2019-02-11 13:00:00 |
Adobe Reader Zero-Day Micropatch Stops Malicious PDFs from Calling Home (lien direct) |
A micropatch is now available for a zero-day vulnerability in Adobe Reader which would allow maliciously crafted PDF documents to call home and send over the victim's NTLM hash to remote attackers in the form of an SMB request. [...] |
Vulnerability
|
|
|
|
2019-02-11 12:27:02 |
New Offensive USB Cable Allows Remote Attacks over WiFi (lien direct) |
Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard. [...] |
|
|
|
|
2019-02-11 09:39:04 |
First CryptoCurrency Clipboard Hijacker Found on Google Play Store (lien direct) |
Researchers last week found the first Android app on the Google Play store that monitors a device's clipboard for Bitcoin and Ethereum addresses and swaps them for addresses under the attacker's control. This allows the attackers to steal any payments you make without your knowledge that you sent it to the wrong address. [...] |
|
|
|
|
2019-02-10 18:42:01 |
Facebook, Twitter Trackers Whitelisted by Brave Browser (lien direct) |
The Brave Browser promotes itself on being built from the ground up to provide enhanced privacy to its users. Yet, users voiced concern today after finding a section of the browser's source code that shows tracking scripts for Facebook and Twitter are whitelisted so that they are not blocked by the browser. [...] |
|
|
|
|
2019-02-10 11:50:05 |
Windows95 v2.0 Let\'s You Play DOOM, Wolfenstein 3D, and More (lien direct) |
Looking for a sense of nostalgia by running Windows 95 and using it to play DOOM, Wolfenstein 3D, and other games? Now you can with the release of a new version of a Windows 95 Electron application that gives you the full experience. [...] |
|
|
|
|
2019-02-09 14:06:00 |
Decompiled Undertale RPG Source Code Released on GitHub (lien direct) |
The decompiled source code for the popular video game Undertale has been posted to GitHub. This decompilation contains what appears to be all of the game's assets, including its images, scripts, and audio files. [...] |
|
|
|
|
2019-02-08 15:35:00 |
The Week in Ransomware - February 8th 2019 - Shady Data Recovery Companies (lien direct) |
This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companies partnering with GandCrab to make extra profits. [...] |
Ransomware
|
|
|
|
2019-02-08 13:28:00 |
Windows 10 Insider Preview Build 18334 Released With Gaming Improvements (lien direct) |
Microsoft has released Windows 10 Insider Preview Build 18334 (19H1) to insiders in the Fast ring. This build adds numerous fixes, changes, and improvements, as well as "technology tailor-made for gaming to Windows." [...] |
|
|
|
|
2019-02-08 13:14:01 |
Mail Attachment Builds Ransomware Downloader from Super Mario Image (lien direct) |
A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. [...] |
Ransomware
|
|
|
|
2019-02-08 12:16:02 |
Coinminer Targets Linux, Kills Competition to Maximize Profits (lien direct) |
A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...] |
Malware
|
|
|
|
2019-02-08 09:20:03 |
Apple Patched Two Actively Exploited Zero-Days in iOS 12.1.4 (lien direct) |
As revealed by Project Zero team lead Ben Hawkes on Twitter, Apple fixed two zero-day vulnerabilities which were being exploited in the wild before the release of the iOS 12.1.4 security update. [...] |
Guideline
|
|
|
|
2019-02-08 08:40:04 |
Like Microsoft Edge, Chrome is Getting Tab Hover Card Images (lien direct) |
Recently Google added a new experimental feature that displays a small info card when you hover over a tab in Chrome. Similar to Microsoft Edge's tab hover card implementation, Chrome 74 will show a preview image of the associated web site when you hover over its tab. [...] |
|
|
|
|
2019-02-08 03:00:00 |
TWOSENSE.AI Awarded $2.42M Behavioral Biometrics Security Contract by DoD (lien direct) |
New York AI startup TWOSENSE.AI was awarded a $2.42M contract by the U.S. Department of Defense (DoD) under which it will have to implement an uninterrupted multifactor authentication using deep neural networks which will eventually replace DoD's physical ID chip cards (CAC), with its continuous behavioral biometric authentication. [...] |
|
|
|
|
2019-02-07 19:15:01 |
New Phishing Attack Uses Google Translate as Camouflage (lien direct) |
A phishing campaign that attempts to steal Google account and Facebook credentials has been discovered that utilizes Google Translate as camouflage on mobile browsers. [...] |
|
|
|
|
2019-02-07 18:00:04 |
Wells Fargo Hit By Nationwide Outage, ATMs and Online Banking Down (lien direct) |
Wells Fargo customers from all over the U.S. have been reporting that multiple services offered by the multinational financial services company's banking branch, with credit cards, ATMs, and the online banking system reportedly being down. [...] |
|
|
|
|
2019-02-01 16:17:03 |
The Week in Ransomware - February 1st 2019 - LockerGoga, MalSpam, and More (lien direct) |
The biggest ransomware news this week is the cyber attack on Altran that was supposedly hit by the LockerGoga Ransomware. In addition, huge malspam campaigns were pushing Troldesh on Russia and GandCrab on Japanese victims. [...] |
Ransomware
|
|
|
|
2019-02-01 15:19:03 |
DHS Security Tech Innovation Program Means Big Money for SMBs (lien direct) |
U.S. small businesses have until February 12 to submit their homeland security technology solutions proposals as part of the DHS FY 19 SBIR Solicitation program according to a press release issued by the U.S. Department of Homeland Security. [...] |
|
|
|
|
2019-02-01 12:12:00 |
Mozilla Halts Firefox 65 Rollout Due to Insecure Certificate Errors (lien direct) |
Mozilla has halted the automatic updates to Firefox 65 as users are unable to browse web sites due to certificate errors. These errors are being caused by conflicts between various antivirus program's HTTPS scanning and Firefox 65. [...] |
|
|
|
|
2019-01-31 17:34:02 |
Google Outage Causing Google Charts and Other APIs to Not Work (lien direct) |
If you use Google Charts, or other Google API libraries, as part of your web site then you may have noticed that they stopped working. This is being caused by an outage at Google that is causing the older jsapi library and causing the URL to return a 502 error. [...] |
|
|
|
|
2019-01-31 16:30:00 |
Basecamp Successfully Defends Against Credential Stuffing Attack (lien direct) |
Basecamp successfully blocked an hour-long credential stuffing attack targeting its platform on January 29, with only around 100 out of the company's advertised user base of approximately 3 million accounts being affected. [...] |
|
|
|