What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-03 10:30:40 | State hackers rush to exploit unpatched Microsoft Exchange servers (lien direct) | Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. [...] | |||
|
2021-03-03 08:50:45 | Microsoft starts force installing Windows 10 20H2 on more devices (lien direct) | Microsoft is ramping up the forced rollout of Windows 10, version 2004 to more devices approaching end of service (EOS), as part of a new rollout phase. [...] | |||
|
2021-03-03 03:29:00 | Cash App phishing kit deployed in the wild, courtesy of 16Shop (lien direct) | The developer of the 16Shop phishing kit has added a new component that targets users of the popular Cash App mobile payment service. [...] | |||
|
2021-03-02 17:18:51 | Microsoft fixes actively exploited Exchange zero-day bugs, patch now (lien direct) | Microsoft has released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day vulnerabilities actively exploited in targeted attacks. [...] | |||
|
2021-03-02 16:47:08 | Google fixes second actively exploited Chrome zero-day bug this year (lien direct) | Google has fixed an actively exploited zero-day vulnerability in the Chrome 89.0.4389.72 version released today, March 2nd, 2021, to the Stable desktop channel for Windows, Mac, and Linux users. [...] | Vulnerability | ||
|
2021-03-02 16:14:26 | Payroll giant PrismHR outage likely caused by ransomware attack (lien direct) | Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. [...] | Ransomware Guideline | ||
|
2021-03-02 13:13:36 | Malaysia Airlines discloses a nine-year-long data breach (lien direct) | Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program. [...] | Data Breach | ||
|
2021-03-02 12:42:32 | SolarWinds reports $3.5 million in expenses from supply-chain attack (lien direct) | SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. [...] | |||
|
2021-03-02 10:47:45 | Oxfam Australia confirms data breach after stolen info sold online (lien direct) | Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. [...] | Data Breach | ||
|
2021-03-02 09:00:00 | Microsoft 365 Defender Threat Analytics enters public preview (lien direct) | Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. [...] | Threat | ||
|
2021-03-02 09:00:00 | Microsoft Teams adds end-to-end encryption (E2EE) to one-on-one calls (lien direct) | Microsoft adds new security, privacy, and compliance features to the Microsoft Teams chat and collaboration solution, including end-to-end encryption support for one-on-one calls. [...] | |||
|
2021-03-02 09:00:00 | Microsoft announces Windows Server 2022 with new security features (lien direct) | Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform for added protection against a wide range of threats. [...] | |||
|
2021-03-02 00:14:00 | Malicious NPM packages target Amazon, Slack with new dependency attacks (lien direct) | Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...] | Vulnerability Threat | ||
|
2021-03-01 18:05:05 | Working Windows and Linux Spectre exploits found on VirusTotal (lien direct) | Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. [...] | Vulnerability | ||
|
2021-03-01 17:35:35 | European e-ticketing platform Ticketcounter extorted in data breach (lien direct) | A Dutch e-Ticketing platform has suffered a data breach after a database was stolen from an unsecured staging server. [...] | Data Breach | ||
|
2021-03-01 14:29:35 | World\'s leading dairy group Lactalis hit by cyberattack (lien direct) | Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...] | Threat Guideline | ||
|
2021-03-01 13:10:49 | Hackers use black hat SEO to push ransomware, trojans via Google (lien direct) | The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...] | Malware | ||
|
2021-03-01 12:34:17 | Universal Health Services lost $67 million due to Ryuk ransomware attack (lien direct) | Universal Health Services (UHS) said that the Ryuk ransomware attack it suffered during September 2020 had an estimated impact of $67 million. [...] | Ransomware | ||
|
2021-03-01 11:43:07 | NSW Transport agency extorted by ransomware gang after Accellion attack (lien direct) | The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files. [...] | Ransomware Data Breach Vulnerability | ||
|
2021-03-01 10:14:20 | Tether cryptocurrency firm says docs in $24 million ransom are \'forged\' (lien direct) | USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...] | Threat | ||
|
2021-02-28 17:52:00 | (Déjà vu) Windows 10 Cloud PC: The latest info about Microsoft\'s new service (lien direct) | With Cloud PC, Microsoft would handle your device configuration in your organization with regular updates, security improvements, and managed support. Cloud PC appears to be a part of the company's "Windows as a Service" tagline, which has become more apparent this year. [...] | ★★★ | ||
|
2021-02-28 12:45:12 | Beware: AOL phishing email states your account will be closed (lien direct) | An AOL mail phishing campaign is underway to steal users' login name and password by warning recipients that their account is about to be closed. [...] | |||
|
2021-02-28 11:52:40 | (Déjà vu) What are these suspicious Google GVT1.com URLs? (lien direct) | These Google-owned domains have confused even the most skilled researchers and security products time and time again if these are malicious. The domains in question are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many threads on the internet. BleepingComputer has dug deeper into the origin of these domains. [...] | |||
|
2021-02-28 11:52:40 | Don\'t Worry: Google\'s suspicious GVT1.com URLs aren\'t dangerous (lien direct) | These Google-owned domains have confused even the most skilled researchers and security products time and time again if these are malicious. The domains in question are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many threads on the internet. BleepingComputer has dug deeper into the origin of these domains. [...] | |||
|
2021-02-28 09:25:00 | (Déjà vu) Recent Google Voice outage caused by expired certificates (lien direct) | In an incident report published on Friday, Google said that a Google Voice outage affecting a majority of the telephone service's users earlier this month was caused by expired TLS certificates. [...] | |||
|
2021-02-28 09:25:00 | Google Voice silenced by expired TLS certificate in February outage (lien direct) | In an incident report published on Friday, Google said that a Google Voice outage affecting a majority of the telephone service's users earlier this month was caused by expired TLS certificates. [...] | |||
|
2021-02-27 15:46:00 | (Déjà vu) The Windows 10 Sun Valley design refresh - Here\'s what\'s coming (lien direct) | Windows 10 'Sun Valley' UI refresh, otherwise known as 'version 21H2', is reportedly arriving in the second half of this year and it will also include several new features. [...] | |||
|
2021-02-27 15:46:00 | Windows 10 Sun Valley design refresh - here\'s what you need to know (lien direct) | Windows 10 'Sun Valley' UI refresh, otherwise known as 'version 21H2', is reportedly arriving in the second half of this year and it will also include several new features. [...] | |||
|
2021-02-27 12:03:44 | NSA, Microsoft promote a Zero Trust approach to cybersecurity (lien direct) | The National Security Agency (NSA) and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats. [...] | ★★★ | ||
|
2021-02-27 10:34:11 | (Déjà vu) Microsoft fixes Windows 10 drive corruption bug - what you need to know (lien direct) | Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. [...] | ★★★ | ||
|
2021-02-27 10:34:11 | Microsoft fixes serious Windows 10 bug that may corrupt drives (lien direct) | Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. [...] | ★★★★★ | ||
|
2021-02-27 09:12:11 | Google shares PoC exploit for critical Windows 10 Graphics RCE bug (lien direct) | Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component. [...] | |||
|
2021-02-26 18:44:49 | The Week in Ransomware - February 26th 2021 - Back from the Holidays (lien direct) | The number of attacks had slowed down after the winter holidays, but after the past two weeks, it's evident that the ransomware attacks are back at full speed. [...] | Ransomware | ||
|
2021-02-26 17:00:28 | Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge (lien direct) | Cryptocurrency scammers have made at least $145,000 this week by promoting fake giveaways through hacked verified Twitter accounts. [...] | |||
|
2021-02-26 15:18:57 | T-Mobile discloses data breach after SIM swapping attacks (lien direct) | American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. [...] | Data Breach | ||
|
2021-02-26 14:25:56 | Ransomware gang hacks Ecuador\'s largest private bank, Ministry of Finance (lien direct) | A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data. [...] | |||
|
2021-02-26 12:37:12 | Ryuk ransomware now self-spreads to other Windows LAN devices (lien direct) | A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021. [...] | Ransomware | ||
|
2021-02-26 10:09:45 | Malicious Firefox extension allowed hackers to hijack Gmail accounts (lien direct) | Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. [...] | |||
|
2021-02-25 18:07:05 | (Déjà vu) Intel wireless driver updates fix Windows 10 blue screen issues (lien direct) | Intel has addressed Wi-Fi and Wireless Bluetooth drivers issues causing Windows 10 blue screen of death (BSOD) errors and Bluetooth devices to lose connection or stop working. [...] | |||
|
2021-02-25 17:17:56 | XBOX Live outage prevents players from logging in (lien direct) | Xbox Live outage is suffering a worldwide outage that prevents users from logging into the service and accessing games. [...] | |||
|
2021-02-25 14:56:00 | Microsoft removes 3D Objects, Windows 10\'s most useless folder, from File Explorer (lien direct) | Microsoft is no longer treating possibly the most unused folder, 3D Objects, as a special folder in File Explorer. [...] | |||
|
2021-02-25 13:30:39 | Dutch Research Council (NWO) confirms ransomware attack, data leak (lien direct) | The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. [...] | Ransomware | ||
|
2021-02-25 13:11:14 | Microsoft shares CodeQL queries to scan code for SolarWinds-like implants (lien direct) | Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack. [...] | |||
|
2021-02-25 11:14:00 | North Korean hackers target defense industry with custom malware (lien direct) | A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [...] | Malware | ||
|
2021-02-25 10:23:35 | (Déjà vu) TD Bank suffered systemwide banking outage, services now recovered (lien direct) | TD Bank has recovered from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. [...] | |||
|
2021-02-25 10:23:35 | TD Bank suffers systemwide outage, services still recovering (lien direct) | TD Bank is recovering from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. [...] | |||
|
2021-02-25 09:36:37 | (Déjà vu) VC giant Sequoia Capital discloses data breach after failed BEC attack (lien direct) | American VC firm Sequoia Capital has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January. [...] | Data Breach | ||
|
2021-02-25 09:36:37 | VC giant Sequoia discloses data breach after failed BEC attack (lien direct) | American venture capital firm Sequoia has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January. [...] | Data Breach | ||
|
2021-02-25 07:56:49 | Attackers scan for vulnerable VMware servers after PoC exploit release (lien direct) | After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. [...] | |||
|
2021-02-24 21:00:00 | Over 8 million COVID-19 test results leaked online (lien direct) | Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. [...] |
To see everything:
Our RSS (filtrered)
