What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-29 14:25:12 | Vovalex is likely the first ransomware written in D (lien direct) | A new ransomware called Vovalex is being distributed through fake pirated software that impersonates popular Windows utilities, such as CCleaner. [...] | Ransomware | CCleaner | |
|
2021-01-29 14:06:49 | New Pro-Ocean malware worms through Apache, Oracle, Redis servers (lien direct) | The financially-motivated Rocke hackers are using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis. [...] | Malware | APT 32 | |
|
2021-01-29 11:20:38 | Perl.com domain stolen, now using IP address tied to malware (lien direct) | The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns. [...] | Malware | ||
|
2021-01-29 03:33:33 | Windows Installer zero-day vulnerability gets free micropatch (lien direct) | A vulnerability in the Windows Installer component, which Microsoft attempted to fix several times to no avail, today received a micropatch to deny hackers the option of gaining the highest privileges on a compromised system. [...] | Vulnerability | ||
|
2021-01-28 18:41:34 | USCellular hit by a data breach after hackers access CRM software (lien direct) | Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers' accounts. [...] | Data Breach | ||
|
2021-01-28 16:37:36 | Microsoft: 8 trillion daily signals power our cybersecurity services (lien direct) | Microsoft's security services grew by $10 billion in 2020, as more companies began utilizing their cloud-based security services. [...] | ★★★★★ | ||
|
2021-01-28 14:47:45 | Microsoft: DPRK hackers \'likely\' hit researchers with Chrome exploit (lien direct) | Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.' [...] | Vulnerability Medical | APT 38 | |
|
2021-01-28 13:42:16 | Hezbollah hackers attack unpatched Atlassian servers at telcos, ISPs (lien direct) | Volatile Cedar, an advanced hacker group believed to be connected to the Lebanese Hezbollah Cyber Unit, has been silently attacking companies around the world in espionage operations. [...] | |||
|
2021-01-28 11:11:19 | Google Chrome blocks 7 more ports to stop NAT Slipstreaming attacks (lien direct) | Google Chrome now blocks access to websites on an additional seven TCP ports to protect against the NAT Slipstreaming 2.0 vulnerability. [...] | |||
|
2021-01-27 15:40:00 | Microsoft rolls out Application Guard for Office to all customers (lien direct) | Microsoft has announced that Application Guard for Office is now generally available for all Microsoft 365 users with supported licenses. [...] | |||
|
2021-01-27 15:32:56 | US charges NetWalker ransomware affiliate, seizes ransom payments (lien direct) | The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks. [...] | Ransomware | ||
|
2021-01-27 14:56:08 | (Déjà vu) Europol: Emotet malware will uninstall itself on April 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 14:56:08 | Europol: Emotet malware will uninstall itself on March 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 11:15:36 | Netwalker ransomware dark web sites seized by law enforcement (lien direct) | The dark web websites associated with the Netwalker ransomware operation have been seized by law enforcement from the USA and Bulgaria. [...] | Ransomware | ||
|
2021-01-27 10:16:09 | Linux malware uses open-source tool to evade detection (lien direct) | AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities. [...] | Malware Tool | ★★★ | |
|
2021-01-27 07:57:50 | Emotet botnet disrupted after global takedown operation (lien direct) | The infrastructure of today's most dangerous botnet built by cybercriminals using the Emotet malware was taken down following an international coordinated action coordinated by Europol and Eurojust. [...] | |||
|
2021-01-27 05:05:05 | Here\'s how a researcher broke into Microsoft VS Code\'s GitHub (lien direct) | This month a researcher was awarded a bug bounty award of an undisclosed amount after he broke into the official GitHub repository of Microsoft Visual Studio Code. A vulnerability in VS Code's issue management function and a lack of authentication checks enabled the researcher to obtain push access, and write to the repository. [...] | Vulnerability | ||
|
2021-01-26 15:26:19 | Microsoft releases new Windows 10 Intel CPU microcode updates (lien direct) | Microsoft has released a new set of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix bugs impacting multiple Intel CPU families. [...] | |||
|
2021-01-26 14:39:16 | New Linux SUDO flaw lets local users gain root privileges (lien direct) | A now-fixed Sudo vulnerability allowed any local user to gain root privileges on Unix-like operating systems without requiring authentication. [...] | |||
|
2021-01-26 13:36:11 | Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack (lien direct) | Massive pan-Asian retail chain operator Dairy Farm Group was attacked this month by the REvil ransomware operation, demanding a $30 million ransom. [...] | Ransomware | ||
|
2021-01-26 12:11:26 | Verizon Fios fiber cut causes Internet outage in Northeastern US (lien direct) | Verizon Fios is experiencing an Internet outage making it impossible to access many websites after a fiber connection was cut in Brooklyn. [...] | |||
|
2021-01-26 11:02:43 | Firefox 85 adds supercookie protection, removes Flash support (lien direct) | Mozilla Firefox 85 was released today with supercookie protection to block hidden trackers from tracking Firefox users' activity while browsing the Internet. [...] | |||
|
2021-01-26 10:01:27 | Mimecast links security breach to SolarWinds hackers (lien direct) | Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. [...] | Threat | ||
|
2021-01-26 06:00:00 | TikTok fixes flaws allowing theft of private user information (lien direct) | ByteDance, the tech firm behind TikTok, has fixed a security vulnerability in the video-sharing social networking service which could have allowed attackers to steal users' private information. [...] | |||
|
2021-01-25 22:01:20 | North Korean hackers are targeting security researchers with malware, 0-days (lien direct) | A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight. [...] | Vulnerability | ||
|
2021-01-25 18:27:59 | (Déjà vu) Beware of this active UK NHS COVID-19 vaccination phishing attack (lien direct) | A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine. [...] | |||
|
2021-01-25 18:27:59 | Beware of active UK NHS COVID-19 vaccination phishing campaign (lien direct) | A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine. [...] | |||
|
2021-01-25 15:14:12 | Windows 10 NTFS corruption bug gets unofficial temporary fix (lien direct) | Developers have released an unofficial fix for a Windows bug that could lead to the corruption of an NTFS volume by merely viewing a specially crafted file. [...] | Guideline | ||
|
2021-01-25 13:37:18 | Leading crane maker Palfinger hit in global cyberattack (lien direct) | Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations. [...] | Guideline | ||
|
2021-01-25 13:13:36 | ProtonVPN causes Windows BSOD crashes due to antivirus conflicts (lien direct) | ProtonVPN is working on fixing a bug causing Windows blue screen crashes affecting customers using the latest versions of the company's Windows client software. [...] | |||
|
2021-01-25 11:54:03 | Australian securities regulator discloses security breach (lien direct) | The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach. [...] | Threat | ||
|
2021-01-25 11:37:44 | Ransomware gang taunts IObit with repeated forum hacks (lien direct) | A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand. [...] | Ransomware | ||
|
2021-01-25 09:04:18 | Microsoft shares workaround for Windows 10 Conexant driver issues (lien direct) | Microsoft has shared a workaround for a known issue impacting Windows 10 devices with Conexant ISST audio drivers and causing update errors and issues. [...] | |||
|
2021-01-24 13:16:39 | Data breach at Buyucoin crypto exchange leaks user info, trades (lien direct) | A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. [...] | Threat | ||
|
2021-01-24 10:01:00 | Another ransomware now uses DDoS attacks to force victims to pay (lien direct) | Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom. [...] | Ransomware | ||
|
2021-01-24 08:30:30 | Windows 10X feature will prevent unauthorized factory resets (lien direct) | In addition to a new user interface, Windows 10X also comes with a new feature called "Anti-theft protection", which is a measure designed to prevent thieves from wiping and re-using stolen devices. [...] | |||
|
2021-01-23 12:14:25 | SonicWall firewall maker hacked using zero-day in its VPN device (lien direct) | Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems. [...] | Vulnerability Threat | ||
|
2021-01-23 09:41:41 | Russian government warns of US retaliatory cyberattacks (lien direct) | The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach. [...] | |||
|
2021-01-23 03:05:47 | Facebook users were mass-logged out Friday by configuration change (lien direct) | If you were logged out of Facebook tonight, you are not alone. Facebook states that users were logged out of the social site due to a "configuration change." [...] | |||
|
2021-01-22 19:28:39 | The Week in Ransomware - January 22nd 2021 - Calm before the storm (lien direct) | Ransomware news is slow this week, with mostly small ransomware variants being released and a small number of attacks reported. [...] | Ransomware | ||
|
2021-01-22 15:24:21 | SAP SolMan exploit released for max severity pre-auth flaw (lien direct) | Fully-functional exploit code is now publicly available for a maximum severity pre-auth vulnerability impacting default configurations of an SAP Solution Manager (SolMan) component. [...] | ★★★ | ||
|
2021-01-22 14:11:38 | (Déjà vu) Bonobos clothing store suffers a data breach, hacker leaks 70GB database (lien direct) | Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker. [...] | Data Breach Threat | ||
|
2021-01-22 14:11:38 | Bonobos clothing store confirms breach after hacker leaks 70GB database (lien direct) | Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information. [...] | Data Breach | ||
|
2021-01-22 12:47:33 | Intel: Hackers stole unpublished earnings info from corporate site (lien direct) | Intel disclosed on Thursday that unknown threat actors stole an infographic containing info on the company's fourth-quarter and full-year 2020 financial results. [...] | Threat | ||
|
2021-01-22 09:07:12 | Drupal releases fix for critical vulnerability with known exploits (lien direct) | Drupal has released a security update to address a critical vulnerability in a third-party library with documented or deployed exploits available in the wild. [...] | Vulnerability | ||
|
2021-01-22 07:54:39 | Windows 10 KB4598298 update fixes crashes and restart issues (lien direct) | Microsoft has released the KB4598298 update for all editions of Windows 10 and Windows Server versions 1809 and 1909, with fixes for unexpected system restart issues, system crashes due to BitLocker, and multiple LSASS issues. [...] | |||
|
2021-01-22 05:05:05 | New Windows 10 update leaks info on upcoming 21H1 feature update (lien direct) | A Windows 10 20H2 cumulative update released to Insiders on the 'Release' channel leaked that the next feature updated will be 21H1. [...] | |||
|
2021-01-22 03:33:00 | MyFreeCams site hacked to steal info of 2 million paying users (lien direct) | A hacker is selling a database with login details for two million high-paying users of the MyFreeCams adult video streaming and chat service. [...] | |||
|
2021-01-21 14:18:26 | (Déjà vu) Windows Remote Desktop servers now used to amplify DDoS attacks (lien direct) | Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks. [...] | |||
|
2021-01-21 14:18:26 | DDoS booters use Windows Remote Desktop servers to amplify attacks (lien direct) | Windows Remote Desktop Protocol (RDP) servers are being abused as an amplification vector by DDoS-for-hire services (aka booters or stressers) to launch Distributed Denial of Service (DDoS) attacks. [...] |
To see everything:
Our RSS (filtrered)
