Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-03 10:30:40 |
State hackers rush to exploit unpatched Microsoft Exchange servers (lien direct) |
Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-03 08:50:45 |
Microsoft starts force installing Windows 10 20H2 on more devices (lien direct) |
Microsoft is ramping up the forced rollout of Windows 10, version 2004 to more devices approaching end of service (EOS), as part of a new rollout phase. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-03 03:29:00 |
Cash App phishing kit deployed in the wild, courtesy of 16Shop (lien direct) |
The developer of the 16Shop phishing kit has added a new component that targets users of the popular Cash App mobile payment service. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 17:18:51 |
Microsoft fixes actively exploited Exchange zero-day bugs, patch now (lien direct) |
Microsoft has released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day vulnerabilities actively exploited in targeted attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 16:47:08 |
Google fixes second actively exploited Chrome zero-day bug this year (lien direct) |
Google has fixed an actively exploited zero-day vulnerability in the Chrome 89.0.4389.72 version released today, March 2nd, 2021, to the Stable desktop channel for Windows, Mac, and Linux users. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 16:14:26 |
Payroll giant PrismHR outage likely caused by ransomware attack (lien direct) |
Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. [...] |
Ransomware
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 13:13:36 |
Malaysia Airlines discloses a nine-year-long data breach (lien direct) |
Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 12:42:32 |
SolarWinds reports $3.5 million in expenses from supply-chain attack (lien direct) |
SolarWinds has reported expenses of $3.5 million from last year's supply-chain attack, including costs related to incident investigation and remediation. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 10:47:45 |
Oxfam Australia confirms data breach after stolen info sold online (lien direct) |
Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 09:00:00 |
Microsoft 365 Defender Threat Analytics enters public preview (lien direct) |
Microsoft announced the addition of Threat Analytics for Microsoft 365 Defender customers and the roll-out of Microsoft 365 Insider Risk Management Analytics, both in public preview. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 09:00:00 |
Microsoft Teams adds end-to-end encryption (E2EE) to one-on-one calls (lien direct) |
Microsoft adds new security, privacy, and compliance features to the Microsoft Teams chat and collaboration solution, including end-to-end encryption support for one-on-one calls. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 09:00:00 |
Microsoft announces Windows Server 2022 with new security features (lien direct) |
Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform for added protection against a wide range of threats. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-02 00:14:00 |
Malicious NPM packages target Amazon, Slack with new dependency attacks (lien direct) |
Threat actors are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using the new 'Dependency Confusion' vulnerability to steal Linux/Unix password files and open reverse shells back to the attackers. [...] |
Vulnerability
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 18:05:05 |
Working Windows and Linux Spectre exploits found on VirusTotal (lien direct) |
Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 17:35:35 |
European e-ticketing platform Ticketcounter extorted in data breach (lien direct) |
A Dutch e-Ticketing platform has suffered a data breach after a database was stolen from an unsecured staging server. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 14:29:35 |
World\'s leading dairy group Lactalis hit by cyberattack (lien direct) |
Lactalis, the world's leading dairy group, has disclosed a cyberattack after unknown threat actors have breached some of the company's systems. [...] |
Threat
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 13:10:49 |
Hackers use black hat SEO to push ransomware, trojans via Google (lien direct) |
The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 12:34:17 |
Universal Health Services lost $67 million due to Ryuk ransomware attack (lien direct) |
Universal Health Services (UHS) said that the Ryuk ransomware attack it suffered during September 2020 had an estimated impact of $67 million. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 11:43:07 |
NSW Transport agency extorted by ransomware gang after Accellion attack (lien direct) |
The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files. [...] |
Ransomware
Data Breach
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-03-01 10:14:20 |
Tether cryptocurrency firm says docs in $24 million ransom are \'forged\' (lien direct) |
USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 17:52:00 |
(Déjà vu) Windows 10 Cloud PC: The latest info about Microsoft\'s new service (lien direct) |
With Cloud PC, Microsoft would handle your device configuration in your organization with regular updates, security improvements, and managed support. Cloud PC appears to be a part of the company's "Windows as a Service" tagline, which has become more apparent this year. [...] |
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 12:45:12 |
Beware: AOL phishing email states your account will be closed (lien direct) |
An AOL mail phishing campaign is underway to steal users' login name and password by warning recipients that their account is about to be closed. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 11:52:40 |
(Déjà vu) What are these suspicious Google GVT1.com URLs? (lien direct) |
These Google-owned domains have confused even the most skilled researchers and security products time and time again if these are malicious. The domains in question are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many threads on the internet. BleepingComputer has dug deeper into the origin of these domains. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 11:52:40 |
Don\'t Worry: Google\'s suspicious GVT1.com URLs aren\'t dangerous (lien direct) |
These Google-owned domains have confused even the most skilled researchers and security products time and time again if these are malicious. The domains in question are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many threads on the internet. BleepingComputer has dug deeper into the origin of these domains. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 09:25:00 |
(Déjà vu) Recent Google Voice outage caused by expired certificates (lien direct) |
In an incident report published on Friday, Google said that a Google Voice outage affecting a majority of the telephone service's users earlier this month was caused by expired TLS certificates. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-28 09:25:00 |
Google Voice silenced by expired TLS certificate in February outage (lien direct) |
In an incident report published on Friday, Google said that a Google Voice outage affecting a majority of the telephone service's users earlier this month was caused by expired TLS certificates. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 15:46:00 |
(Déjà vu) The Windows 10 Sun Valley design refresh - Here\'s what\'s coming (lien direct) |
Windows 10 'Sun Valley' UI refresh, otherwise known as 'version 21H2', is reportedly arriving in the second half of this year and it will also include several new features. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 15:46:00 |
Windows 10 Sun Valley design refresh - here\'s what you need to know (lien direct) |
Windows 10 'Sun Valley' UI refresh, otherwise known as 'version 21H2', is reportedly arriving in the second half of this year and it will also include several new features. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 12:03:44 |
NSA, Microsoft promote a Zero Trust approach to cybersecurity (lien direct) |
The National Security Agency (NSA) and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats. [...] |
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 10:34:11 |
(Déjà vu) Microsoft fixes Windows 10 drive corruption bug - what you need to know (lien direct) |
Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. [...] |
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 10:34:11 |
Microsoft fixes serious Windows 10 bug that may corrupt drives (lien direct) |
Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-27 09:12:11 |
Google shares PoC exploit for critical Windows 10 Graphics RCE bug (lien direct) |
Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 18:44:49 |
The Week in Ransomware - February 26th 2021 - Back from the Holidays (lien direct) |
The number of attacks had slowed down after the winter holidays, but after the past two weeks, it's evident that the ransomware attacks are back at full speed. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 17:00:28 |
Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge (lien direct) |
Cryptocurrency scammers have made at least $145,000 this week by promoting fake giveaways through hacked verified Twitter accounts. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 15:18:57 |
T-Mobile discloses data breach after SIM swapping attacks (lien direct) |
American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 14:25:56 |
Ransomware gang hacks Ecuador\'s largest private bank, Ministry of Finance (lien direct) |
A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 12:37:12 |
Ryuk ransomware now self-spreads to other Windows LAN devices (lien direct) |
A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-26 10:09:45 |
Malicious Firefox extension allowed hackers to hijack Gmail accounts (lien direct) |
Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 18:07:05 |
(Déjà vu) Intel wireless driver updates fix Windows 10 blue screen issues (lien direct) |
Intel has addressed Wi-Fi and Wireless Bluetooth drivers issues causing Windows 10 blue screen of death (BSOD) errors and Bluetooth devices to lose connection or stop working. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 17:17:56 |
XBOX Live outage prevents players from logging in (lien direct) |
Xbox Live outage is suffering a worldwide outage that prevents users from logging into the service and accessing games. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 14:56:00 |
Microsoft removes 3D Objects, Windows 10\'s most useless folder, from File Explorer (lien direct) |
Microsoft is no longer treating possibly the most unused folder, 3D Objects, as a special folder in File Explorer. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 13:30:39 |
Dutch Research Council (NWO) confirms ransomware attack, data leak (lien direct) |
The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 13:11:14 |
Microsoft shares CodeQL queries to scan code for SolarWinds-like implants (lien direct) |
Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 11:14:00 |
North Korean hackers target defense industry with custom malware (lien direct) |
A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 10:23:35 |
(Déjà vu) TD Bank suffered systemwide banking outage, services now recovered (lien direct) |
TD Bank has recovered from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 10:23:35 |
TD Bank suffers systemwide outage, services still recovering (lien direct) |
TD Bank is recovering from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 09:36:37 |
(Déjà vu) VC giant Sequoia Capital discloses data breach after failed BEC attack (lien direct) |
American VC firm Sequoia Capital has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 09:36:37 |
VC giant Sequoia discloses data breach after failed BEC attack (lien direct) |
American venture capital firm Sequoia has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January. [...] |
Data Breach
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-25 07:56:49 |
Attackers scan for vulnerable VMware servers after PoC exploit release (lien direct) |
After security researchers have developed and published proof-of-concept (PoC) exploit code targeting a critical vCenter remote code execution (RCE) vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-02-24 21:00:00 |
Over 8 million COVID-19 test results leaked online (lien direct) |
Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. [...] |
|
|
|