What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-12 10:40:38 | New Windows KB5009543, KB5009566 updates break L2TP VPN connections (lien direct) | Windows 10 users and administrators report problems making L2TP VPN connections after installing the recent Windows 10 KB5009543 and Windows 11 KB5009566 cumulative updates. [...] | |||
|
2022-01-12 10:20:43 | OceanLotus hackers turn to web archive files to deploy backdoors (lien direct) | Vietnamese hackers of the APT32 group (Ocean Lotus) are now using Web Archive files (.mht and .mhtml) to deploy backdoors on their targets. [...] | APT 32 | ||
|
2022-01-12 04:43:13 | EA: 50 high-profile FIFA 22 accounts taken over by phishing actors (lien direct) | Electronic Arts (EA) has published an official response to numerous reports about hacked player accounts, confirming the problem and attributing it to phishing actors. [...] | |||
|
2022-01-12 03:35:06 | Hackers take over diplomat\'s email, target Russian deputy minister (lien direct) | Hackers believed to work for the North Korean government have compromised the email account of a staff member of Russia's Ministry of Foreign Affairs (MID) and deployed spear-phishing attacks against the country's diplomats in other regions. [...] | |||
|
2022-01-11 18:17:45 | State hackers use new PowerShell backdoor in Log4j attacks (lien direct) | Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. [...] | Conference | APT 35 | |
|
2022-01-11 17:02:44 | (Déjà vu) Microsoft: New critical Windows HTTP vulnerability is wormable (lien direct) | Microsoft has patched a critical flaw tagged as wormable and found to impact the latest desktop and server Windows versions, including Windows 11 and Windows Server 2022. [...] | Vulnerability | ||
|
2022-01-11 17:02:44 | Microsoft: Critical Windows HTTP vulnerability is wormable (lien direct) | Microsoft has patched a critical flaw tagged as wormable and found to impact the latest desktop and server Windows versions, including Windows 11 and Windows Server 2022. [...] | Vulnerability | ||
|
2022-01-11 15:42:37 | Firefox Focus now blocks cross-site tracking on Android devices (lien direct) | Mozilla's Firefox Focus web browser can now protect Android users against cross-site tracking while browsing the Internet by preventing cookies from being used for advertising and monitoring your activity. [...] | |||
|
2022-01-11 15:05:22 | CISA alerts federal agencies of ancient bugs still being exploited (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of known exploited vulnerabilities with 15 new security issues that serve as a frequent attack vector against federal enterprises. [...] | |||
|
2022-01-11 14:41:01 | (Déjà vu) Windows 10 KB5009543 & KB5009545 updates released (lien direct) | The new update is now available for Windows 10 version 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5009543 and KB5009545. [...] | |||
|
2022-01-11 14:33:19 | Microsoft fixes critical Office bug, delays macOS security updates (lien direct) | During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems. [...] | Vulnerability | ||
|
2022-01-11 14:28:14 | Windows 11 KB5009566 update released with security fixes (lien direct) | Microsoft has released the Windows 11 KB5009566 cumulative update with security updates, performance improvements, and fixes for known bugs. [...] | |||
|
2022-01-11 13:31:10 | (Déjà vu) Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws (lien direct) | Today is Microsoft's January 2022 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 97 flaws. [...] | |||
|
2022-01-11 12:39:53 | New RedLine malware version spread as fake Omicron stat counter (lien direct) | A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure. [...] | Malware | ||
|
2022-01-11 11:03:38 | US govt warns of Russian hackers targeting critical infrastructure (lien direct) | The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors, orchestrated by Russian-backed hacking groups. [...] | |||
|
2022-01-11 10:04:33 | (Déjà vu) New SysJoker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-11 10:04:33 | New SysJocker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-11 07:00:00 | KCodes NetUSB bug exposes millions of routers to RCE attacks (lien direct) | A high-severity remote code execution flaw tracked as CVE-2021-45388 has been discovered in the KCodes NetUSB kernel module, used by millions of router devices from various vendors. [...] | |||
|
2022-01-11 06:24:43 | Night Sky ransomware uses Log4j bug to hack VMware Horizon servers (lien direct) | The Night Sky ransomware gang has started to exploit the critical CVE-2021-4422 vulnerability in the Log4j logging library, also known as Log4Shell, to gain access to VMware Horizon systems. [...] | Ransomware Hack Vulnerability | ||
|
2022-01-10 18:32:32 | FinalSite: No school data stolen in ransomware attack behind site outages (lien direct) | FinalSite announced today the findings of a six-day investigation into last week's ransomware attack, stating it found no evidence schools' data accessed or stolen by hackers. [...] | Ransomware | ||
|
2022-01-10 16:53:29 | Extortion DDoS attacks grow stronger and more common (lien direct) | The end of 2021 saw a rise in the number of distributed denial-of-service incidents that came with a ransom demand from the attackers to stop the assault. [...] | |||
|
2022-01-10 16:09:01 | Linux version of AvosLocker ransomware targets VMware ESXi servers (lien direct) | AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...] | Ransomware Malware | ||
|
2022-01-10 13:43:47 | Oops: Cyberspies infect themselves with their own malware (lien direct) | After infecting themselves with their own custom remote access trojan (RAT), an Indian-linked cyber-espionage group has accidentally exposed its operations to security researchers. [...] | Malware | ||
|
2022-01-10 12:39:58 | Microsoft: powerdir bug gives access to protected macOS user data (lien direct) | Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology to access users' protected data. [...] | Vulnerability Threat | ||
|
2022-01-10 11:43:41 | Linux Mint 20.3 released promising security updates until 2025 (lien direct) | Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. [...] | |||
|
2022-01-10 11:13:59 | Europol ordered to erase data on those not linked to crime (lien direct) | The European Data Protection Supervisor (EDPS), an EU privacy and data protection independent supervisory authority, has ordered Europol to erase personal data on individuals that haven't been linked to criminal activity. [...] | |||
|
2022-01-10 10:28:43 | WordPress 5.8.3 security update fixes SQL injection, XSS flaws (lien direct) | The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. [...] | |||
|
2022-01-09 09:17:39 | Dev corrupts NPM libs \'colors\' and \'faker\' breaking thousands of apps (lien direct) | Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM libraries had been compromised, but it turns out there's more to the story. [...] | |||
|
2022-01-08 14:35:42 | Trojanized dnSpy app drops malware cocktail on researchers, devs (lien direct) | Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners. [...] | Malware | ||
|
2022-01-08 10:16:32 | Rapid window title changes cause \'white screen of death\' (lien direct) | Experimentation with ANSI escape characters on terminal emulators has led to the discovery of multiple high-severity DoS (denial of service) vulnerabilities on Windows terminals and Chrome-based web browsers. [...] | |||
|
2022-01-07 17:50:34 | The Week in Ransomware - January 7th 2022 - Watch out for USB drives (lien direct) | With the holidays these past two weeks, there have been only a few known ransomware attacks and little research released. Here is what we know. [...] | Ransomware | ||
|
2022-01-07 16:56:32 | SonicWall: Y2K22 bug hits Email Security, firewall products (lien direct) | SonicWall has confirmed today that some of its Email Security and firewall products have been hit by the Y2K22 bug, causing message log updates and junk box failures starting with January 1, 2022. [...] | ★★★ | ||
|
2022-01-07 13:14:19 | (Déjà vu) FBI: Hackers use BadUSB to target defense firms with ransomware (lien direct) | The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware. [...] | Ransomware | ||
|
2022-01-07 13:14:19 | FBI: Hackers target US defense firms with malicious USB packages (lien direct) | The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminals group is targeting the US defense industry with packages containing malicious USB devices. [...] | ★★★★★ | ||
|
2022-01-07 12:37:12 | FluBot malware now targets Europe posing as Flash Player app (lien direct) | The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. [...] | Malware | ||
|
2022-01-07 11:52:11 | Diversity job board Canvas.com ordered to stop using domain name (lien direct) | Diversity recruiting site Canvas.com has been ordered by a U.S. District judge to drop the use of the domain name over a trademark dispute. [...] | |||
|
2022-01-07 11:22:48 | US counterintelligence shares tips to block spyware attacks (lien direct) | The US National Counterintelligence and Security Center (NCSC) and the Department of State have jointly published guidance on defending against attacks using commercial surveillance tools. [...] | |||
|
2022-01-07 09:29:26 | NHS warns of hackers exploiting Log4Shell in VMware Horizon (lien direct) | UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. [...] | Threat | ||
|
2022-01-07 08:20:29 | QNAP warns of ransomware targeting Internet-exposed NAS devices (lien direct) | QNAP has warned customers today to secure Internet-exposed network-attached storage (NAS) devices immediately from ongoing ransomware and brute-force attacks. [...] | Ransomware | ||
|
2022-01-06 19:34:06 | FinalSite ransomware attack shuts down thousands of school websites (lien direct) | FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. [...] | Ransomware Guideline | ||
|
2022-01-06 17:09:12 | Night Sky is the latest ransomware targeting corporate networks (lien direct) | It's a new year, and with it comes a new ransomware to keep an eye on called 'Night Sky' that targets corporate networks and steals data in double-extortion attacks. [...] | Ransomware | ||
|
2022-01-06 15:53:02 | FlexBooker discloses data breach, over 3.7 million accounts impacted (lien direct) | Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. [...] | |||
|
2022-01-06 13:51:59 | Microsoft: KB5008212 Windows security update breaks Outlook search (lien direct) | Microsoft has acknowledged an issue triggered by a Windows 10, version 21H2 security update released during the December 2021 Patch Tuesday that causes search issues in Outlook for Microsoft 365. [...] | |||
|
2022-01-06 12:55:51 | US arrests suspect who stole unpublished books in phishing attacks (lien direct) | An Italian man allegedly involved in a multi-year scheme to fraudulently obtain hundreds of prepublication manuscripts was arrested on Wednesday at the John F. Kennedy International Airport, in New York. [...] | |||
|
2022-01-06 11:48:11 | US online pharmacy Ravkoo links data breach to AWS portal incident (lien direct) | Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. [...] | Data Breach | ||
|
2022-01-06 11:02:00 | Swiss army bans all chat apps but locally-developed Threema (lien direct) | The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. [...] | |||
|
2022-01-06 09:00:00 | Google Docs commenting feature exploited for spear-phishing (lien direct) | A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [...] | Threat | ||
|
2022-01-06 08:37:08 | France hits Facebook and Google with $210 million in fines (lien direct) | France's National Commission on Informatics and Liberty (CNIL), the country's data privacy and protection body, has announced a 60 million euro ($68 million) sanction against Facebook and a 150 million euro ($170 million) penalty against Google. [...] | |||
|
2022-01-06 08:29:27 | FBI warns about ongoing Google Voice authentication scams (lien direct) | The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. [...] | |||
|
2022-01-05 18:32:16 | Privacy-focused Brave browser records massive growth in 2021 (lien direct) | The privacy-focused web browser Brave continues to grow rapidly as the company reached 50 million monthly active users for the first time in 2021. [...] |
To see everything:
Our RSS (filtrered)
