What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-11-27 12:31:03 | Windows Defender Can Detect Accessibility Tool Backdoors (lien direct) | Windows Defender will now detect when accessibility programs such as sethc.exe or utilman.exe have been hijacked by an Image File Execution Options debugger so that they can be used as a backdoor. [...] | Tool | ||
|
2018-11-27 08:21:04 | Uber Fined for Covering Up 2016 Data Breach (lien direct) | The time has come for Uber to pay the piper for the data breach two years ago that leaked personal details of 57 million users and drivers as two data protection offices in Europe set fines that collectively amount to over 1 million euros. [...] | Data Breach | Uber | ★★ |
|
2018-11-27 04:46:01 | New BEC Scams Take Advantage of the California Wildfires (lien direct) | Whenever there is a tragedy, some lowlife will try to take advantage of it. Such is the case with a new round of BEC scams that try to take leverage the California wildfires to defraud their victims. [...] | |||
|
2018-11-27 03:31:03 | Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency (lien direct) | A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. [...] | |||
|
2018-11-26 14:58:03 | Chrome and Firefox Developers Aim to Remove Support for FTP (lien direct) | Google developers have wanted to remove FTP support from Chrome for years and an upcoming change in how files stored on FTP servers are rendered in the browser may be the first step in its ultimate removal. [...] | |||
|
2018-11-26 11:46:00 | ECC Memory Vulnerable to Rowhammer Attack (lien direct) | Memory modules with error-correcting code (ECC) protection are vulnerable to Rowhammer, an attack that can help corrupt data the computer stores in its volatile memory chips. [...] | |||
|
2018-11-23 19:42:01 | The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More (lien direct) | This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files. [...] | Ransomware | ||
|
2018-11-23 16:27:02 | Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool (lien direct) | Google is adding the ability to remove force-installed extensions, or ones installed by Windows group policies, to the Chrome Cleanup Tool. [...] | Tool | ||
|
2018-11-23 06:56:01 | First GDPR Sanction in Germany Fines Flirty Chat Platform EUR 20,000 (lien direct) | Following a hack that resulted in leaking online about 808,000 email addresses and over 1.8 million usernames and passwords, a social network website in Germany received a fine of EUR 20,000 from the Baden-Württemberg Data Protection Office. [...] | Hack | ||
|
2018-11-22 14:41:01 | Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months (lien direct) | A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months. [...] | Ransomware | ||
|
2018-11-22 12:35:03 | Aurora / Zorro Ransomware Actively Being Distributed (lien direct) | A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past. [...] | Ransomware | ||
|
2018-11-22 09:46:05 | US Postal Service Exposes Data of 60 Million Users for Over a Year (lien direct) | The US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service. [...] | |||
|
2018-11-22 06:49:05 | PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday (lien direct) | With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts. [...] | |||
|
2018-11-21 16:21:01 | Split View Mode Is Now Available for Skype on Windows 10 (lien direct) | This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time. [...] | |||
|
2018-11-21 15:12:05 | How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities (lien direct) | When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox. [...] | |||
|
2018-11-21 14:36:00 | Microsoft Launcher Beta Gets a Big Update With New Features (lien direct) | Today, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements. [...] | |||
|
2018-11-21 14:26:01 | German eID Authentication Flaw Lets You Change Identity (lien direct) | The authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth. [...] | |||
|
2018-11-21 09:47:01 | Mozilla Overhauls Content Blocking Settings in Firefox 65 (lien direct) | In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization. [...] | |||
|
2018-11-21 08:38:05 | Amazon Data Leak Exposes Email Addresses Right Before Black Friday (lien direct) | f you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved. [...] | |||
|
2018-11-21 06:32:04 | (Déjà vu) Adobe Flash Player Update Released for Remote Code Execution Vulnerability (lien direct) | [...] | Vulnerability | ||
|
2018-11-21 03:09:00 | MageCart Group Sabotages Rival to Ruin Data and Reputation (lien direct) | Cybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums. [...] | |||
|
2018-11-20 18:51:00 | Emotet Returns with Thanksgiving Theme and Better Phishing Tricks (lien direct) | After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. [...] | Malware | ||
|
2018-11-20 17:05:02 | Active XSS Attacks Targeting Amp for WP WordPress Plugin (lien direct) | Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an active XSS attack is underway that targets these same vulnerabilities to install backdoors and create rogue admin accounts. [...] | |||
|
2018-11-20 12:00:00 | Edge Browser Can Now Sign Into Microsoft Accounts With FIDO2 Security Keys (lien direct) | In April, Microsoft announced their support for the WebAuthn standard that would bring password-less online authentication to Microsoft Edge. Today Microsoft has enabled this feature & Windows 10 users can now use Edge to perform password-less logins to their Microsoft account with a FIDO2 compatible security key. [...] | |||
|
2018-11-20 10:06:05 | Hackers, Rocky, and 97 Other Movies are Free on YouTube (lien direct) | Just in time for the holidays, if your looking to fill your time watching movies such as Hackers, the Rocky series, and Terminator, you can do so for free on YouTube. [...] | |||
|
2018-11-20 09:26:01 | New Cannon Trojan Is the Latest Asset of Sofacy APT Group (lien direct) | Advanced threat group Sofacy delivers a new malware sample dubbed Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former Soviet state. [...] | Malware Threat | ||
|
2018-11-19 21:15:05 | Holding Down Any iOS Keyboard Button Turns It Into a Mouse (lien direct) | A new tip was spreading around Twitter today that blew my mind and a lot of others; simply pressing and holding any key on the keyboard allows you to easily move the text cursor around like a mouse. [...] | |||
|
2018-11-19 18:17:01 | Fake Apps in Google Play Get over Half a Million Installs (lien direct) | At least a dozen mobile apps with no legitimate functionality made it into Google Play and have been installed over half a million times. They would silently install another app and trick the user into approving its installation. [...] | |||
|
2018-11-19 13:59:00 | VisionDirect Data Breach Caused by MageCart Attack (lien direct) | VisionDirect, a popular contact lens online merchant in Europe, has posted an advisory stating that their web site had a data breach that led to the theft of credit card and account information. [...] | Data Breach | ||
|
2018-11-19 13:12:01 | Hands-Free Skype Calling Now Available using Amazon Alexa (lien direct) | Microsoft today confirmed that Skype calling is coming to Amazon Echo devices but the feature doesn't appear to be available just yet. You will need to install the Skype integration to access Microsoft's calling functionality. [...] | |||
|
2018-11-19 11:14:02 | Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPress (lien direct) | A vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations was discovered that allows any registered users to escalate their privileges to gain administrative access to the site. [...] | Vulnerability | ||
|
2018-11-19 09:47:02 | New Gmail Bug Allows Sending Messages Anonymously (lien direct) | A new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse. [...] | |||
|
2018-11-15 15:01:01 | Firefox Now Shows Warnings On Sites with Data Breaches (lien direct) | Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach. [...] | |||
|
2018-11-15 09:45:00 | Misconfigured Docker Services Actively Exploited in Cryptojacking Operation (lien direct) | Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them. [...] | |||
|
2018-11-14 15:04:00 | Windows 10 Build 18282 Released To Insiders With New Light Theme (lien direct) | Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements. [...] | |||
|
2018-11-14 13:03:00 | iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo (lien direct) | iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device. [...] | |||
|
2018-11-14 12:03:00 | Infowars Store Affected by Magecart Credit Card Stealing Hack (lien direct) | A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania. [...] | Hack | ||
|
2018-11-14 09:15:00 | State-Sponsored Actors Focus Attacks on Asia (lien direct) | Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe." [...] | |||
|
2018-11-14 07:50:03 | Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks (lien direct) | A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates. [...] | Vulnerability Threat | ||
|
2018-11-14 03:05:00 | The US Office of Personnel Management Systems Are Still Insecure (lien direct) | The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019. [...] | |||
|
2018-11-13 18:12:00 | Adobe Releases Security Update for Acrobat Vulnerability with Public PoC (lien direct) | Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC. [...] | Vulnerability | ||
|
2018-11-13 15:24:03 | Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697 (lien direct) | After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes. [...] | |||
|
2018-11-13 14:48:05 | Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities (lien direct) | Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible. [...] | |||
|
2018-11-13 14:39:02 | Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released (lien direct) | Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues. [...] | |||
|
2018-11-13 12:37:01 | Microsoft Resumes Rollout of Windows 10 October 2018 Update (lien direct) | Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates. [...] | |||
|
2018-11-13 11:28:04 | Google Services Unreachable After Traffic Hijacking (lien direct) | Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China. [...] | |||
|
2018-11-13 03:30:00 | HookAds Malvertising Installing Malware via the Fallout Exploit Kit (lien direct) | The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware. [...] | Malware | ||
|
2018-11-12 18:34:03 | The Intel Microcode Boot Loader Protects Older CPUs From Spectre (lien direct) | The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre. [...] | |||
|
2018-11-12 15:24:01 | (Déjà vu) iSH - An iOS Linux Shell for Your iPhone or iPad (lien direct) | Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices. [...] | |||
|
2018-11-12 15:24:01 | (Déjà vu) iSH - A iOS Linux Shell for Your iPhone or iPad (lien direct) | Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices. [...] |
To see everything:
Our RSS (filtrered)
