What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-07 06:00:00 | SilverTerrier BEC scammers target US govt healthcare agencies (lien direct) | Government healthcare agencies, COVID-19 response organizations, and medical research facilities from across the globe were the targets of Business Email Compromise (BEC) phishing campaigns coordinated by multiple Nigerian BEC actors during the last three months. [...] | |||
|
2020-05-06 20:04:29 | (Déjà vu) Microsoft\'s GitHub account allegedly hacked, 500GB stolen (lien direct) | A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned. [...] | |||
|
2020-05-06 20:04:29 | Hacker claims to have breached Microsoft\'s GitHub private repos (lien direct) | A hacker has claimed to have hacked into Microsoft's GitHub account and downloaded over 500GB of 'Private' repositories, BleepingComputer has learned. [...] | |||
|
2020-05-06 17:48:01 | Cisco Webex phishing uses fake cert errors to steal credentials (lien direct) | A highly convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials. [...] | |||
|
2020-05-06 15:20:14 | Large scale Snake Ransomware campaign targets healthcare, more (lien direct) | The operators of the Snake Ransomware have launched a worldwide campaign of cyberattacks that have infected numerous businesses and at least one health care organization over the last few days. [...] | Ransomware | ||
|
2020-05-06 15:06:04 | Windows 10 Build 19624 released with Windows Update fixes (lien direct) | Microsoft has released Windows 10 Build 19624 to the Fast ring with fixes for issues affecting the Windows Update service that can lead to errors and prevent updates from properly being installed. [...] | Guideline | ||
|
2020-05-06 13:49:19 | Hackers use website favicon to camouflage credit card skimmer (lien direct) | Hackers have created and used a fake icon portal to host and load a JavaScript web skimmer camouflaged as a favicon onto compromised e-commerce portals to steal their customers' credit card and personal information. [...] | |||
|
2020-05-06 12:53:56 | (Déjà vu) Hacker sells 22 million Unacademy user records after data breach (lien direct) | Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. [...] | Data Breach | ||
|
2020-05-06 12:53:56 | Hacker sells 22 million Unacademy accounts after data breach (lien direct) | Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. [...] | Data Breach | ||
|
2020-05-06 12:34:17 | Critical Citrix ShareFile bugs could give access to private files (lien direct) | Citrix has fixed three vulnerabilities in multiple versions of ShareFile storage zone controllers that could be exploited without authentication for access to private data areas. [...] | |||
|
2020-05-06 02:28:00 | SAP announces security issues in cloud-based products (lien direct) | German software maker SAP announced on Monday that it started to fix security issues identified in several of its cloud-based products. [...] | |||
|
2020-05-05 17:02:32 | Massive campaign targets 900,000 WordPress sites in a week (lien direct) | Hackers have launched a massive attack against more than 900,000 WordPress sites seeking to redirect visitors to malvertising sites or plant a backdoor if an administrator is logged in. [...] | |||
|
2020-05-05 16:38:07 | Cyber volunteers release blocklists for 26,000 COVID-19 threats (lien direct) | The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...] | Malware Threat | ||
|
2020-05-05 16:09:02 | Microsoft releases May Office updates with fixes for auth issues (lien direct) | Microsoft released the May 2020 non-security Microsoft Office updates with fixes for several issues and performance improvements to Windows Installer (MSI) editions of Office 2016 and Office 2013. [...] | |||
|
2020-05-05 14:35:44 | Toll Group hit by ransomware a second time, deliveries affected (lien direct) | The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware. [...] | Ransomware | ||
|
2020-05-05 14:12:54 | Microsoft launches IoT-focused bounty program with $100K awards (lien direct) | Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution. [...] | |||
|
2020-05-05 12:21:41 | Game patch gives hackers access to development content on Amazon S3 (lien direct) | A security flaw in patches from game developer Naughty Dog allowed hackers access to unreleased content from the upcoming The Last of Us Part II that was stored in an Amazon S3 bucket. [...] | |||
|
2020-05-05 11:35:00 | Nation-state hackers are targeting COVID-19 response orgs (lien direct) | Organizations involved in international COVID-19 responses, healthcare, and essential services are actively targeted by government-backed hacking groups according to a joint advisory issued today by cyber-security agencies from the US and the UK. [...] | |||
|
2020-05-05 11:17:41 | (Déjà vu) Firefox 76 released with integrated data breach alerts (lien direct) | Mozilla has released Firefox 76 today, May 5th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with bug fixes, new features, and security fixes. [...] | Data Breach | ||
|
2020-05-05 10:26:00 | GitHub shuts down Popcorn Time repositories due to MPA DMCA notice (lien direct) | GitHub has shut down two repositories belonging to the video streaming BitTorrent client Popcorn Time after receiving a Digital Millennium Copyright Act (DMCA) infringement notice from the Motion Picture Association. [...] | ★★★★ | ||
|
2020-05-04 18:35:54 | GoDaddy notifies users of breached hosting accounts (lien direct) | GoDaddy notified some of its customers that it had to reset their passwords after an unauthorized party used their web hosting account credentials to connect to their hosting account via SSH. [...] | |||
|
2020-05-04 17:09:11 | LockBit ransomware self-spreads to quickly encrypt 225 systems (lien direct) | A feature of the LockBit ransomware allows threat actors to breach a corporate network and deploy their ransomware to encrypt hundreds of devices in just a few hours. [...] | Ransomware Threat | ||
|
2020-05-04 16:19:59 | Office 365 to stop data theft by disabling external forwarding (lien direct) | Microsoft is planning to put a stop to enterprise data theft via email forwarding by disabling Office 365's email forwarding to external recipients by default. [...] | |||
|
2020-05-04 15:18:12 | New VCrypt Ransomware locks files in password-protected 7ZIPs (lien direct) | A new ransomware called VCrypt is targeting French victims by utilizing the legitimate 7zip command-line program to create password-protected archives of data folders. [...] | Ransomware | ||
|
2020-05-04 13:19:11 | Hackers exploit Salt RCE bugs in widespread attacks, PoCs public (lien direct) | Hackers kept busy this weekend exploiting vulnerable Salt instances used in various infrastructures for server management and automation. [...] | |||
|
2020-05-04 12:34:59 | CAM4 adult cam site exposes 11 million emails, private chats (lien direct) | Adult live streaming website CAM4 exposed over 7TB of personally identifiable information (PII) of members and users, stored within more than 10.88 billion database records. [...] | |||
|
2020-05-04 02:32:00 | LineageOS outage caused by hackers breaching main infrastructure (lien direct) | Administrators of LineageOS Android custom operating system were on high alert on Saturday after hackers breached their main infrastructure, causing a full outage. [...] | |||
|
2020-05-03 13:59:14 | Hacker sells 91 million Tokopedia accounts, cracked passwords shared (lien direct) | A hacker is selling a database containing the information of 91 million Tokopedia accounts on a dark web market for as little as $5,000. Other threat actors have already started to crack passwords and share them online. [...] | Threat | ||
|
2020-05-03 09:46:10 | Debloating Windows 10 and increasing privacy with SharpApp (lien direct) | A new utility called SharpApp has been released that helps you debloat and increase privacy in Windows 10 by uninstalling preinstalled apps and disabling various telemetry settings. [...] | |||
|
2020-05-02 14:04:14 | Xiaomi tracks private browser and phone usage, defends behavior (lien direct) | New research claims that China-based Xiaomi is tracking sensitive information and sending it to their servers if you use the Mi browser, which is bundled with all Redmi and Mi phones. [...] | |||
|
2020-05-02 11:30:00 | Sodinokibi, Ryuk ransomware drive up average ransom to $111,000 (lien direct) | The first quarter of the year recorded an increase of the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware operators. [...] | Ransomware | ||
|
2020-05-02 10:15:00 | Opening 100 tabs in Google Chrome Mobile gets you a smiley face (lien direct) | Today I learned something new; Google Chrome Mobile has an Easter egg that turns the tab count into a smiley face when you have over 100 tabs. [...] | |||
|
2020-05-02 09:05:11 | Microsoft Edge getting improved security, work at home features (lien direct) | Microsoft is testing a new version of Edge with Insiders and it comes with multiple new features including improved SmartScreen support. [...] | |||
|
2020-05-01 18:19:52 | The Week in Ransomware - May 1st 2020 - Banishing the Shade (lien direct) | For the victims of the Shade Ransomware, otherwise known as Troldesh, this was an excellent week as the threat actors released over 750,000 decryption keys for their victims. [...] | Ransomware Threat | ||
|
2020-05-01 17:20:49 | FCC: No more warnings for robocallers before fines (lien direct) | The US Federal Communications Commission (FCC) today issued an order saying that it will no longer warn robocallers before fining them for harassing consumers and violating the law. [...] | |||
|
2020-05-01 15:50:00 | Hackers breach company\'s MDM server to spread Android malware (lien direct) | Attackers infected more than 75% of a multinational conglomerate's managed Android devices with the Cerberus banking trojan using the company's compromised Mobile Device Manager (MDM) server. [...] | Malware | ||
|
2020-05-01 13:00:25 | New phishing campaign packs an info-stealer, ransomware punch (lien direct) | A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware. [...] | Ransomware Malware | ||
|
2020-05-01 12:37:38 | Convincing Office 365 phishing uses fake Microsoft Teams alerts (lien direct) | A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials. [...] | |||
|
2020-05-01 11:08:38 | French daily Le Figaro database exposes users\' personal info (lien direct) | French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of reporters and employees, as well as of at least 42,000 users. [...] | |||
|
2020-05-01 01:54:11 | Hackers say they stole millions of credit cards from Banco BCR (lien direct) | Hackers claim to have gained access to the network of Banco BCR, the state-owned Bank of Costa Rica, and stolen 11 million credit card credentials along with other data. [...] | |||
|
2020-04-30 17:12:44 | US govt agencies to disable DoH until federal service is ready (lien direct) | US government agencies' chief information officers were recommended to disable third-party encrypted DNS services until an official DNS resolution service with DNS over HTTPS (DoH) and DNS over TLS (DoT) support is ready. [...] | |||
|
2020-04-30 15:53:46 | Ninja Forms WordPress plugin patch prevents takeover of 1M sites (lien direct) | The developers of Ninja Forms, a WordPress plugin with more than 1 million installations, have fixed a high severity security vulnerability that can let attackers inject malicious code and take over websites using an unpatched version of the plugin. [...] | Vulnerability | ||
|
2020-04-30 15:21:25 | Shade Ransomware Decryptor can now decrypt over 750K victims (lien direct) | Kaspersky has released an updated decryptor for the Shade Ransomware (Troldesh) that allows all victims who have their files encrypted to recover them for free. [...] | Ransomware | ||
|
2020-04-30 14:21:09 | New Android malware steals financial information, bypasses 2FA (lien direct) | A new banking Trojan can steal financial information from Android users across the United States and several European countries, including the UK, Germany, Italy, Spain, Switzerland, and France. [...] | Malware | ||
|
2020-04-30 11:26:08 | Microsoft Sway abused in PerSwaysion spear-phishing operation (lien direct) | Multiple threat actors running phishing attacks on corporate targets have been counting on Microsoft Sway service to trick victims into giving their Office 365 login credentials. [...] | Threat | ||
|
2020-04-30 11:00:12 | Clop ransomware leaks ExecuPharm\'s files after failed ransom (lien direct) | Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. [...] | Ransomware | ||
|
2020-04-30 06:33:27 | Bugs in WordPress plugins for online courses let students cheat (lien direct) | Popular WordPress plugins for creating learning management systems (LMS) are rife with vulnerabilities that can be exploited to take control of the platform, get test answers, and modify grades. [...] | |||
|
2020-04-29 18:06:05 | US govt updates Microsoft Office 365 security best practices (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) today issued an update to its Microsoft Office 365 security best practices as part of an alert distributed via the US National Cyber Awareness System. [...] | |||
|
2020-04-29 16:10:24 | Google updates Chrome Web Store policy to block extension spam (lien direct) | Google today updated the Chrome Web Store's spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store. [...] | Spam | ||
|
2020-04-29 15:09:31 | Windows 10 Search now gives easy access to COVID-19 info (lien direct) | Windows 10 is now making it easier to access the latest Coronavirus information via new buttons show in Windows Search. [...] |
To see everything:
