What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-20 13:01:01 | Emotet Malware Dabbles in Extortion With New Spam Template (lien direct) | The Emotet malware has started using a spam template that pretends to be an extortion demand from a "Hacker" who states that they hacked the recipient's computer and stole their data. [...] | Spam Malware | ||
|
2020-01-20 12:27:34 | Mitsubishi Electric Warns of Data Leak After Security Breach (lien direct) | Mitsubishi Electric, a leading global company in the manufacture and sales of electrical and electronic products, disclosed a security breach that might have caused the leak of personal and confidential corporate information. [...] | Guideline | ||
|
2020-01-19 16:43:55 | Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0 (lien direct) | Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and allowing unauthenticated attackers to perform arbitrary code execution. [...] | |||
|
2020-01-19 11:01:00 | New Nest Video Extortion Scam Plays Out Like a Spy Game (lien direct) | A new sextortion scam that breaks the typical mold has been detected at the beginning of the year. Fraudsters preying on the insecurity of connected devices used footage from Nest cameras, and led victims through a convoluted path of email accounts and web sites before making their ransom price known. [...] | |||
|
2020-01-18 11:54:14 | New Jersey Synagogue Suffers Sodinokibi Ransomware Attack (lien direct) | Temple Har Shalom in Warren, New Jersey had their network breached by the actors behind the Sodinokibi Ransomware who encrypted numerous computers on the network. [...] | Ransomware | ||
|
2020-01-17 18:31:17 | Microsoft Issues Mitigation for Actively Exploited IE Zero-Day (lien direct) | Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer. [...] | Vulnerability | ||
|
2020-01-17 17:49:34 | The Week in Ransomware - January 17th 2020 - Never Ends (lien direct) | Data exfiltration is still the big thing this week, with the Sodinokibi Ransomware publishing stolen files of one of their victims for the first time and Nemty planning on leaking stolen files as well. [...] | Ransomware | ||
|
2020-01-17 16:15:59 | New US Bill Wants to Assign State Cybersecurity Coordinators (lien direct) | Four U.S. Senators have introduced a bipartisan bill that will require the Department of Homeland Security (DHS) to appoint cybersecurity effort coordinators in every state to orchestrate cyberattack response and remediation efforts, and to improve coordination between federal, state, and local entities. [...] | |||
|
2020-01-17 15:14:39 | How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw (lien direct) | The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This creates trust in the program, which may cause a user to be more willing to execute them. [...] | Malware Vulnerability | ||
|
2020-01-17 13:26:01 | FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw (lien direct) | FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse Secure VPN servers. [...] | Vulnerability | ||
|
2020-01-17 11:40:37 | Hackers Are Securing Citrix Servers, Backdoor Them for Access (lien direct) | An unknown threat actor is currently scanning for and securing vulnerable Citrix ADC servers against CVE-2019-19781 exploitation attempts, while also backdooring them for future access. [...] | Threat | ||
|
2020-01-17 03:42:00 | Fraudsters Set Up Site Selling Temporary Social Security Numbers (lien direct) | Some fraudsters have set up a scam site claiming to be for a data protection fund created by the U.S. Federal Trading Commission (FTC) to offer financial compensation to users whose personal data appeared in information leaks. [...] | |||
|
2020-01-16 20:11:22 | (Déjà vu) WeLeakInfo.com Seized For Selling Info from Data Breaches, 2 Arrested (lien direct) | As a clear indication of how law enforcement views the commercial disclosure of stolen information, the FBI has seized the WeLeakInfo.com domain and arrested two individuals for selling subscriptions to data exposed in breaches. [...] | |||
|
2020-01-16 20:11:22 | FBI Seize WeLeakInfo.com For Selling Info From Data Breaches (lien direct) | As a clear indication of how law enforcement views the commercial disclosure of stolen information, the FBI has seized the WeLeakInfo.com domain for selling subscriptions to data exposed in breaches. [...] | |||
|
2020-01-16 18:40:00 | Dutch Govt Suggests Turning Off Citrix ADC Devices, Mitigations May Fail (lien direct) | Mitigation recommendations for CVE-2019-19781, a currently unpatched critical flaw affecting Citrix Application Delivery Controller (ADC) and Citrix Gateway, do not have the expected effect on all product versions. [...] | |||
|
2020-01-16 18:17:56 | Windows 10 Insider Build 19546 Adds Graphing Mode to Calculator (lien direct) | Microsoft has released Windows 10 Insider Preview Build 19546 to Insiders in the Fast ring, which has added a new Graphing Mode to the Windows Calculator and fixed bugs in Timeline, Outlook search, and more. [...] | |||
|
2020-01-16 18:01:52 | FBI to Warn State Officials of Election Infrastructure Cyber Threats (lien direct) | The Federal Bureau of Investigation (FBI) today announced a change in policy requiring the timely notification of state officials of potential cyber threats to election infrastructure. [...] | |||
|
2020-01-16 16:49:48 | Google Chrome Adds Protection for NSA\'s Windows CryptoAPI Flaw (lien direct) | Google just released Chrome 79.0.3945.130, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability. [...] | |||
|
2020-01-16 16:30:00 | WordPress Plugin Bugs Let Hackers Wipe or Takeover Your Site (lien direct) | Critical bugs found in the WordPress Database Reset plugin used by over 80,000 sites allow attackers to drop all users and get automatically elevated to an administrator role and to reset any table in the database. [...] | |||
|
2020-01-16 16:00:16 | TrickBot Now Uses a Windows 10 UAC Bypass to Evade Detection (lien direct) | The TrickBot Trojan has received an update that adds a UAC bypass targeting the Windows 10 operating system so that it infects users without displaying any visible prompts. [...] | |||
|
2020-01-16 12:59:37 | PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks (lien direct) | Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after Microsoft released a patch. [...] | Vulnerability | ||
|
2020-01-16 10:40:00 | Google to Kill Chrome Apps Across All Platforms (lien direct) | Google announced that it will slowly phase out support for Chrome apps on all operating systems until they will completely stop working in June 2022 for all users. [...] | |||
|
2020-01-16 03:24:22 | Customer-Owned Bank Informs 100k of Breach Exposing Account Balance, PII (lien direct) | P&N Bank in West Australia (WA) is informing its customers that hackers may have accessed personal information stored on its systems following a cyber attack. [...] | |||
|
2020-01-11 13:05:27 | The Week in Ransomware - January 10th 2020 - Now Data Breaches (lien direct) | This week we have seen new ransomware operators targeting businesses, stolen data published, and the Sodinokibi Ransomware being confirmed as behind the Travelex cyber attack. [...] | Ransomware | ||
|
2020-01-11 10:00:00 | Android Trojan Kills Google Play Protect, Spews Fake App Reviews (lien direct) | An Android malware strain camouflaged as a system app is used by threat actors to disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more. [...] | Malware Threat | ||
|
2020-01-11 03:01:00 | Citrix ADC CVE-2019-19781 Exploits Released, Fix Now! (lien direct) | Numerous working exploits for the Citrix ADC (NetScaler) CVE-2019-1978 vulnerability are finally here and have been publicly posted in numerous locations. There is no patch available for this vulnerability, but Citrix has provided mitigations, which should be applied now! [...] | Vulnerability | ||
|
2020-01-10 19:17:48 | Australia Bushfire Donors Affected by Credit Card Skimming Attack (lien direct) | Attackers have compromised a website collecting donations for the victims of the Australia bushfires and injected a malicious script that steals the payment information of the donors. [...] | |||
|
2020-01-10 17:13:07 | Maze Ransomware Publishes 14GB of Stolen Southwire Files (lien direct) | The Maze Ransomware operators have released an additional 14GB of files that they claim were stolen from one of their victims for not paying a ransomware demand. [...] | Ransomware | ||
|
2020-01-10 15:27:00 | Sodinikibi Ransomware Hits New York Airport Systems (lien direct) | Albany International Airport staff announced that the New York airport's administrative servers were hit by Sodinokibi Ransomware following a cyberattack that took place over Christmas. [...] | Ransomware | ||
|
2020-01-10 15:08:37 | Beware of Amazon Prime Support Scams in Google Search Ads (lien direct) | A malicious ad campaign is underway in Google Search results that lead users to fake Amazon support sites and tech support scams. [...] | Guideline | ||
|
2020-01-10 13:15:12 | US Govt Warns of Attacks on Unpatched Pulse VPN Servers (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability. [...] | ★★★★★ | ||
|
2020-01-10 12:52:25 | VVVVVV Source Code Released to Mark 10th Anniversary (lien direct) | Distractionware has released the source code for their VVVVVV platform game to mark its 10th anniversary. You can now download the game engine to make your own modifications or get a better understanding of how the game works. [...] | ★★★★ | ||
|
2020-01-10 11:49:08 | Microsoft Enables Security Defaults in Azure Active Directory (lien direct) | Microsoft introduced new secure default settings dubbed 'Security Defaults' to Azure Active Directory (Azure AD), now available for all license levels, including trial tenants. [...] | |||
|
2020-01-10 11:08:14 | Google Chrome Will Support Windows 7 After End of Life (lien direct) | Google has officially stated that they will continue to support the Chrome browser in Windows 7 to give businesses more time to migrate to Windows 10. [...] | |||
|
2020-01-10 06:00:01 | Ako Ransomware: Another Day, Another Infection Attacking Businesses (lien direct) | Like moths to a flame, new ransomware targeting businesses keep appearing every day as their enticed by the prospects of million-dollar ransom payments. An example of this is a new ransomware called Ako that is targeting the entire network rather than just individual workstations. [...] | Ransomware | ||
|
2020-01-10 03:33:33 | Card-Stealing Scripts Infect Perricone\'s European Skin Care Sites (lien direct) | Multiple European websites for the Perricone MD anti-aging skin-care brand have been compromised with scripts that steal customer payment card info when making a purchase. [...] | |||
|
2020-01-09 19:10:16 | Google Removed Over 1.7K Joker Malware Infected Apps from Play Store (lien direct) | Roughly 1,700 applications infected with the Joker Android malware (also known as Bread) have been detected and removed by Google's Play Protect from the Play Store since the company started tracking it in early 2017. [...] | Malware | ||
|
2020-01-09 17:21:54 | KDE Plasma Welcomes Windows 7 Refugees to the Linux Side (lien direct) | The KDE Community wants Windows 7 users to migrate to the Plasma desktop environment after Microsoft's 10-year-old OS will reach end of support next week and stops receiving security and bug fixes. [...] | |||
|
2020-01-09 13:41:05 | Windows 10 Feature Updates Stop Including Drivers Needing Approval (lien direct) | Microsoft says that drivers requiring approval will no longer be released during and around Windows 10 feature update rollouts and Patch Tuesdays (Monthly Quality and Security updates issued on the second Tuesday of each month). [...] | |||
|
2020-01-09 12:19:32 | Sodinokibi Ransomware Says Travelex Will Pay, One Way or Another (lien direct) | The attackers behind the Sodinokibi Ransomware are applying pressure on Travelex to pay a multi-million dollar ransom by stating they will release or sell stolen data that allegedly contains customer's personal information. [...] | Ransomware | ||
|
2020-01-09 06:00:00 | TrickBot Gang Created a Custom Post-Exploitation Framework (lien direct) | Instead of relying on premade and well-known toolkits, the threat actors behind the TrickBot trojan decided to develop a private post-exploitation toolkit called PowerTrick to spread malware laterally throughout a network. [...] | Malware Threat | ||
|
2020-01-08 15:50:14 | Cryptojacking Drops by 78% in Southeast Asia After INTERPOL Action (lien direct) | The number of routers infected with coin miners dropped by 78% in countries of the ASEAN (Association of Southeast Asian Nations) region following a five-month-long operation coordinated by the INTERPOL. [...] | |||
|
2020-01-08 14:03:33 | Windows 10 Insider Build 19541 Warns If Apps Are Using Your Location (lien direct) | Microsoft has released Windows 10 Insider Preview Build 19541 to Insiders in the Fast ring, which now allows you to list the architecture of processes listed in Task Manager and Windows will now notify you when an application is using location services. [...] | |||
|
2020-01-08 13:35:16 | Mozilla Firefox 72.0.1 Patches Actively Exploited Zero-Day (lien direct) | Mozilla released Firefox 72.0.1 and Firefox ESR 68.4.1 to patch a critical and actively exploited severity vulnerability that could potentially allow attackers to execute code or trigger crashes on machines running vulnerable Firefox versions. [...] | Vulnerability | ||
|
2020-01-08 12:59:41 | Attackers Are Scanning for Vulnerable Citrix Servers, Secure Now (lien direct) | Security researchers have observed ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers vulnerable to attacks exploiting CVE-2019-19781 during the last week. [...] | ★★ | ||
|
2020-01-08 05:00:00 | TikTok Flaws Allowed Hackers to Delete Videos, Steal User Info (lien direct) | Security researchers found several vulnerabilities within TikTok's infrastructure that made it possible for potential attackers to hijack accounts to manipulate users' videos and steal their personal information. [...] | ★★★★ | ||
|
2020-01-08 03:30:00 | SNAKE Ransomware Is the Next Threat Targeting Business Networks (lien direct) | Since network administrators didn't already have enough on their plate, they now have to worry about a new ransomware called SNAKE that is targeting their networks and aiming to encrypt all of the devices connected to it [...] | Ransomware Threat | ||
|
2020-01-07 16:58:58 | Tails 4.2 Fixes Numerous Security Flaws, Improves Direct Upgrades (lien direct) | The Tails Project released a new version of the security-focused Tails Linux distribution and advises users to upgrade as soon as possible to fix multiple security vulnerabilities impacting the previous Tails 4.1.1 version. [...] | |||
|
2020-01-07 15:18:00 | Microsoft Releases January 2020 Office Updates With Crash Fixes (lien direct) | Microsoft released the January 2020 non-security Microsoft Office updates that come with crash and memory leak fixes, as well as performance and stability improvements for Windows Installer (MSI) editions of Office 2016. [...] | |||
|
2020-01-07 14:00:00 | Medical Info of Roughly 50K Exposed in Minnesota Hospital Breach (lien direct) | The personal and medical information of 49,351 patients was exposed following a security incident involving two employees' email accounts as disclosed by Minnesota-based Alomere Health. [...] |
To see everything:
