What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-01-24 14:00:00 | Microsoft Adds OneDrive Cloud File Sharing to Skype (lien direct) | Microsoft's Skype communication software now comes with support for seamless file sharing of files stored on the OneDrive cloud platform via a dedicated extension which provides faster and simpler file distribution and team collaboration. [...] | |||
|
2019-01-24 13:13:01 | Check Point Fixes Privilege Escalation Bug in ZoneAlarm Free (lien direct) | A security issue in Check Point's free edition of ZoneAlarm antivirus and firewall solution allowed a user with limited rights on the machine to inject and execute code with the highest privileges. [...] | |||
|
2019-01-24 08:51:00 | NumPy Is Awaiting Fix for Critical Remote Code Execution Bug (lien direct) | The current version of the popular NumPy library relies on unsafe default usage of a Python module that could lead to remote code execution in the context of the affected application. [...] | Guideline | ||
|
2019-01-24 08:00:00 | GDPR Compliance Lowers Data Breach Frequency and Impact Says Report (lien direct) | Companies that follow the requirements of the General Data Protection Regulation (GDPR) experience extra benefits such as lower frequency and effect of data breaches, as well as fewer records being impacted in the attacks, shorter downtimes and lower overall costs [...] | Data Breach | ||
|
2019-01-24 03:30:00 | Beware of Exit Map Spam Pushing GandCrab v5.1 Ransomware (lien direct) | A new malspam campaign pretending to be the current emergency exit map for the recipient's building is being used to install the GandCrab Ransomware. These spam emails contain malicious Word documents that download and install the infection from a remote computer. [...] | Ransomware Spam | ||
|
2019-01-23 18:13:04 | Running Sysmon 8.0.0? Update to 8.0.4 to Avoid a Memory Leak (lien direct) | A memory leak exists in recent version of the Sysmon utility that could cause a computer to run out of memory and crash if they routinely update its configuration file through a scheduled task or some other manner. [...] | |||
|
2019-01-23 15:13:00 | Facebook Will Preemptively Close Pages of Owners Who Previously Broke Rules (lien direct) | Facebook announced improvements to their Page content quality features to make sure that content shared on its platform found to break its Community Standards does not escape the counter-measures put in place to prevent distribution. [...] | |||
|
2019-01-23 13:40:03 | Researchers Create Algorithm to Protect Kids from Disturbing YouTube Videos (lien direct) | A team of researchers has developed a high accuracy deep learning-based classifier designed to detect YouTube videos with disturbing content for kids. This was done after finding that the current recommendation algorithm used by the platform to suggest related content is quite lacking. [...] | |||
|
2019-01-23 12:13:02 | Voicemail Phishing Campaign Tricks You Into Verifying Password (lien direct) | A new phishing campaign is underway that utilizes EML attachments that pretend to be a received voicemail and prompts you to login to retrieve it. This campaign also uses a clever tactic of tricking you into entering your password twice in order to confirm that you are providing the correct account credentials. [...] | |||
|
2019-01-23 10:53:03 | Wine 4.0 Available with Vulkan, Direct3D 12, Game Controller Support (lien direct) | The Wine 4.0 release adds a number of major new features such as support for the cross-platform Vulkan and the Windows Direct3D 12 3D graphics APIs, as well as for Android High-DPI and game controllers. [...] | |||
|
2019-01-23 06:02:05 | (Déjà vu) New Anatova Ransomware Supports Modules for Extra Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-23 06:02:05 | (Déjà vu) New Ransomware Anatova Has Potential for Extended Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-23 03:31:00 | 265 Researchers Take Down 100,000 Malware Distribution Websites (lien direct) | Security researchers across the globe united in a project dedicated to sharing URLs used in malicious campaigns managed to take down close to 100,000 websites actively engaged in malware distribution. [...] | Malware | ||
|
2019-01-23 02:21:00 | DHS Issues Emergency Directive to Prevent DNS Hijacking Attacks (lien direct) | The Department of Homeland Security has issued an emergency directive that requires all U.S. agencies that operate a .gov domain or agency-managed domain to audit their DNS records and servers to verify that they are resolving to the right IP addresses. They further require them harden the security related to DNS accounts. [...] | |||
|
2019-01-22 23:32:02 | (Déjà vu) Apple Fixes Numerous Security Vulnerabilities in iOS, macOS, and More (lien direct) | Today Apple released updates for their core products that includes iCloud, Safari, macOS Mojave, High Sierra, & Sierra, tvOS 12.1.2, and of course iOS 12.1.3. [...] | |||
|
2019-01-22 21:57:05 | Chrome Extension Manifest V3 May Break uBlock Origin Content Blocker (lien direct) | The Google Chrome development team is working on making some changes to the Chrome Extensions platform that would end the functionality of ad-blockers like uBlock Origin and uMatrix, if implemented as defined in the current draft document. [...] | |||
|
2019-01-22 17:54:03 | Microsoft Releases KB4476976 Cumulative Update With Quality Improvements (lien direct) | Microsoft rolled out the KB4476976 cumulative update for Windows 10 Version 1809 and Windows Server 2019 which comes with multiple quality improvements designed to address a number of issues affecting the previous OS build. [...] | |||
|
2019-01-22 16:28:03 | Arizona Lawmaker Wants to Tax Porn to Fund Border Security (lien direct) | Arizona Representative Gail Griffin proposed the House Bill 2444 which requires a $20 porn tax to access adult content using an Internet-connected device, with the collected money to be used for funding border security and dream centers. [...] | |||
|
2019-01-22 16:01:03 | Online Casino Database Leaks Details of Over 100 Million Bets (lien direct) | An unsecured ElasticSearch database was discovered exposing the details for over 108 million bets at various online casinos. The leaked information contained numerous details including the bettor's name, address, partial credit card numbers, email addresses, and the bet amount. [...] | |||
|
2019-01-22 14:24:04 | Outdated Software Exposes PC Users to Security Risks Says Report (lien direct) | Based on a sample size of 163 million computers, 55% of all programs installed on personal computers running Windows are outdated according to an Avast report, exposing their users to security risks because of unpatched vulnerabilities. [...] | |||
|
2019-01-22 12:00:00 | Microsoft Announces New Windows 10 Devices, Personalized Learning Tools (lien direct) | Ahead of BETT UK 2019, Microsoft announced seven new education-focused Windows 10 devices, multiple updates to Teams that make it easier to personalize to better match each student's learning experience, as well as the addition of mixed reality curriculum via a partnership with VictoryVR [...] | |||
|
2019-01-22 11:48:03 | Remote Code Execution Bug Patched in APT Linux Package Manager (lien direct) | A remote code execution bug was discovered by security contractor Max Justicz in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. The bug has been fixed today in the latest versions of APT. [...] | |||
|
2019-01-22 09:54:01 | Windows Contacts Remote Code Execution Zero-Day Gets Micropatch (lien direct) | Another zero-day vulnerability in Windows receives a temporary fix today, as the 0patch platform added code for a bug in Windows Contacts app that allows remote execution of arbitrary code. [...] | Vulnerability | ||
|
2019-01-22 09:35:03 | Apple Pay Rolls Out to Target, Taco Bell and Other Top US Retailers (lien direct) | Apple announced the rollout of its Apple Pay mobile contactless payment system to the Target, Taco Bell, Hy-Vee, and Jack in the Box US retailers, now covering 74 of the top 100 US merchants and approximately 65 percent of all retail locations across the country [...] | |||
|
2019-01-21 19:56:05 | Malwarebytes Fixes Windows 7 Freeze Problem in New Update (lien direct) | Malwarebytes released an update today for the component package that fixes the problem with Windows 7 stations freezing. The problem manifests on systems with the Web Protection feature enabled in the security solution. [...] | |||
|
2019-01-21 19:14:03 | New Rumba STOP Ransomware Being Installed by Software Cracks (lien direct) | The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files. [...] | Ransomware | ||
|
2019-01-21 17:24:01 | Ransomware Attacks May Soon Require Disclosure in North Carolina (lien direct) | Attorney General Josh Stein and Rep. Jason Saine proposed legislation designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches. [...] | Ransomware | ||
|
2019-01-21 13:40:00 | Malware, User Privacy Failures Found in Top Free VPN Android Apps (lien direct) | One in five apps from the top 150 free VPN Android apps in Google's Play Store was flagged as a potential source of malware, while a quarter of them come with user privacy breaking bugs such as DNS leaks which expose user DNS queries to their ISPs [...] | |||
|
2019-01-21 13:01:01 | Windows Zero-Day Bug That Lets Attackers Read Any File Gets Micropatch (lien direct) | A micropatch is now available for a zero-day vulnerability in Windows that allows unauthorized read access with the highest privileges to any file on the operating system. [...] | Vulnerability | ||
|
2019-01-21 12:02:02 | Data Collected from Old Breaches Is Not a New Data Breach (lien direct) | Knowing what I typically write about, my phone has been dinging and ringing lately as people were concerned about the new MONSTER MEGA DATA BREACH that they read about online. Of course they were referring to the numerous stories published this week about a giant data breach with 773 million unique email addresses in it. [...] | Data Breach | ||
|
2019-01-21 10:58:01 | Google Fined €50 Million by French Watchdog for Lack of Transparency (lien direct) | Google was hit with a €50 (56,8) million financial penalty in accordance with the General Data Protection Regulation (GDPR) by the French Commission Nationale de l'informatique et des Libertés (CNIL) for violating transparency and information obligations and for not obtaining user consent for processing data for ads personalization [...] | |||
|
2019-01-21 09:33:01 | MySQL Design Flaw Allows Malicious Servers to Steal Files from Clients (lien direct) | A design flaw in the file transfer interaction between a client host and a MySQL server allows the latter to request from the former any data the client user has read access to. [...] | |||
|
2019-01-20 12:03:00 | Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users (lien direct) | Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with vulnerabilities. According to WPML, this was caused by a ex-employee who left a backdoor in their site. [...] | |||
|
2019-01-19 17:00:02 | DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan (lien direct) | New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel. [...] | |||
|
2019-01-19 12:35:05 | Mozilla is Adding an Ad Blocker to Firefox Focus 9.0 (lien direct) | Mozilla is adding an ad blocker to Firefox Focus 9.0, which is scheduled to be released next month. While some Focus users may currently see ads blocked, this is not being done intentionally, but is more of a byproduct of their tracker blocking. [...] | |||
|
2019-01-18 18:00:00 | Phishing Attack Allegedly Targeted US DNC After 2018 Midterms (lien direct) | According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms. [...] | |||
|
2019-01-18 16:57:02 | The Week in Ransomware - January 18th 2019 - Devs Back from Vacation (lien direct) | The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...] | Ransomware | ||
|
2019-01-18 14:39:04 | Fallout Exploit Kit is Back with New Vulnerabilities and Payloads (lien direct) | The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...] | |||
|
2019-01-18 12:50:00 | Amazon, Apple, Others Hit with GDPR Complaints, €18.8B Maximum Penalties (lien direct) | Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of €18.8 billion [...] | |||
|
2019-01-18 12:07:01 | Vulnerabilities Found in Highly Popular Firmware for WiFi Chips (lien direct) | WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...] | |||
|
2019-01-18 10:09:05 | Facebook Caught Red Handed While Swiping Money From Children (lien direct) | According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting's Reveal, social network giant Facebook has made a habit of charging kids without their parents' knowledge while playing games on its platform . [...] | |||
|
2019-01-18 02:47:03 | Windows Zero-Day Bug that Overwrites Files Gets Interim Fix (lien direct) | A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...] | Vulnerability | ||
|
2019-01-17 17:48:04 | BlackRouter Ransomware Promoted as a RaaS by Iranian Developer (lien direct) | A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...] | Ransomware | ★★★ | |
|
2019-01-17 17:15:03 | Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets (lien direct) | Twitter announced today that an issue in its app for Android exposed some users' protected tweets for over four years, if they made certain changes to their account settings. [...] | |||
|
2019-01-17 16:06:00 | Data Breach Collection with 773 Million Email Entries Leaked Online (lien direct) | A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easily be used in credential stuffing attacks. [...] | Data Breach | ||
|
2019-01-17 15:20:05 | ES File Explorer Flaws Put 100 Million Users\' Data at Risk, Fix Promised (lien direct) | ES File Explorer users now have to wait to see what issue will be fixed in the next update: the always-on web server giving access to all their files to anyone on the same Wi-Fi network or the MitM attack vulnerability [...] | Vulnerability | ||
|
2019-01-17 13:22:02 | Microsoft Launches Azure DevOps Bounty Program (lien direct) | Microsoft Security Response Center (MSRC) announced the launch of a bug bounty program starting January 17 and targeting the Azure DevOps services and the latest release of Azure DevOps server [...] | |||
|
2019-01-17 12:00:00 | Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection (lien direct) | Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...] | Malware | ||
|
2019-01-17 11:26:05 | Fake GPS Apps with 50M Installs Just Show Ads and Run Google Maps (lien direct) | 19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps. [...] | |||
|
2019-01-17 11:00:00 | Rocke\'s Cryptominers Kills Competition, Uninstall Cloud Security Products (lien direct) | Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...] | Malware |
To see everything:
Our RSS (filtrered)
