What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-16 13:58:23 | Windows 10 21H2 is released, here are the new features (lien direct) | Microsoft has released Windows 10 21H2, also known as the November 2021 Update, and it is available to users running Windows 10 2004 or later as an optional update in Windows Update. [...] | |||
|
2021-11-16 13:25:50 | Google Chrome 96 breaks Twitter, Discord, video rendering and more (lien direct) | Google Chrome 96 was released yesterday, and users are reporting problems with Twitter, Discord, and Instagram caused by the new version. [...] | |||
|
2021-11-16 13:11:31 | Microsoft warns of the evolution of six Iranian hacking groups (lien direct) | The Microsoft Threat Intelligence Center (MSTIC) has presented an analysis of the evolution of several Iranian threat actors at the CyberWarCon 2021, and their findings show increasingly sophisticated attacks. [...] | Threat | ||
|
2021-11-16 12:35:50 | WordPress sites are being hacked in fake ransomware attacks (lien direct) | A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. [...] | Ransomware | ||
|
2021-11-16 12:01:36 | These are the cryptomixers hackers use to clean their ransoms (lien direct) | Cryptomixers have always been at the epicenter of cybercrime activity, allowing hackers to "clean" cryptocurrency stolen from victims and making it hard for law enforcement to track them. [...] | |||
|
2021-11-16 10:31:03 | Microsoft adds AI-driven ransomware protection to Defender (lien direct) | Microsoft has introduced an AI-driven ransomware attack detection system for Microsoft Defender for Endpoint customers that complements existing cloud protection by evaluating risks and blocking actors at the perimeter. [...] | Ransomware | ||
|
2021-11-16 07:43:30 | NPM fixes private package names leak, serious authorization bug (lien direct) | The largest software registry of Node.js packages, npm, has disclosed fixing multiple security flaws. The first flaw concerns leak of names of private npm packages on the npmjs.com's "replica" server. Whereas, the second flaw allows attackers to publish new versions of any existing npm package that they do not own or have rights to. [...] | |||
|
2021-11-15 17:27:28 | New Rowhammer technique bypasses existing DDR4 memory defenses (lien direct) | Researchers have developed a new fuzzing-based technique called 'Blacksmith' that revives Rowhammer vulnerability attacks against modern DRAM devices that bypasses existing mitigations. [...] | Vulnerability | ||
|
2021-11-15 15:04:23 | (Déjà vu) Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 15:04:23 | The Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 14:15:27 | Alibaba ECS instances actively hijacked by cryptomining malware (lien direct) | Threat actors are hijacking Alibaba Elastic Computing Service (ECS) instances to install cryptominer malware and harness the available server resources for their own profit. [...] | Malware | ||
|
2021-11-15 12:15:37 | High severity BIOS flaws affect numerous Intel processors (lien direct) | Intel has released an advisory to confirm the existence of two high-severity vulnerabilities that affect a wide range of Intel processor families. [...] | |||
|
2021-11-15 10:52:48 | 7 million Robinhood user email addresses for sale on hacker forum (lien direct) | The data for approximately 7 million Robinhood customers stolen in a recent data breach are being sold on a popular hacking forum and marketplace. [...] | Data Breach | ||
|
2021-11-15 10:01:15 | Moses Staff hackers wreak havoc on Israeli orgs with ransomless encryptions (lien direct) | A new hacker group named Moses Staff has recently claimed responsibility for numerous attacks against Israeli entities, which appear politically motivated as they do not make any ransom payment demands. [...] | |||
|
2021-11-15 04:35:02 | New Microsoft emergency updates fix Windows Server auth issues (lien direct) | Microsoft has released out-of-band updates to address authentication failures related to Kerberos delegation scenarios impacting Domain Controllers (DC) running supported versions of Windows Server. [...] | |||
|
2021-11-14 10:00:00 | US Education Dept urged to boost K-12 schools\' ransomware defenses (lien direct) | The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks. [...] | Ransomware | ||
|
2021-11-13 13:36:16 | FBI system hacked to email \'urgent\' warning about fake cyberattacks (lien direct) | The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. [...] | Spam | ||
|
2021-11-13 11:12:06 | Fake end-to-end encrypted chat app distributes Android spyware (lien direct) | The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. [...] | |||
|
2021-11-13 10:01:02 | Surveillance firm pays $1 million fine after \'spy van\' scandal (lien direct) | The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca. [...] | |||
|
2021-11-13 08:00:00 | New Windows 11 build fixes widespread printer issues, system freezes (lien direct) | Microsoft has fixed a long list of issues impacting Windows 11 in a newly released build for Windows Insiders in the Beta and Release Preview Channels. [...] | |||
|
2021-11-12 16:07:06 | The Week in Ransomware - November 12th 2021 - Targeting REvil (lien direct) | This week, law enforcement struck a massive blow against the REvil ransomware operation, with multiple arrests announced and the seizure of cryptocurrency. [...] | Ransomware | ||
|
2021-11-12 13:56:10 | Microsoft Intune bug forces Samsung devices into non-compliant state (lien direct) | Microsoft says some Samsung Galaxy devices will be marked as non-compliant with the organization's security requirements in Microsoft Intune's management interface after automatic restarts or after installing managed updates. [...] | |||
|
2021-11-12 12:45:11 | QBot returns for a new wave of infections using Squirrelwaffle (lien direct) | The activity of the QBot (also known as Quakbot) banking trojan is spiking again, and analysts from multiple security research firms attribute this to the rise of Squirrelwaffle. [...] | ★★ | ||
|
2021-11-12 12:14:17 | FTC shares ransomware defense tips for small US businesses (lien direct) | The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology. [...] | Ransomware Threat | ||
|
2021-11-12 11:04:02 | These are the top-level domains threat actors like the most (lien direct) | Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites. [...] | Threat | ||
|
2021-11-12 10:27:11 | Microsoft warns of surge in HTML smuggling phishing attacks (lien direct) | Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT). [...] | Malware | ||
|
2021-11-12 10:11:45 | Costco discloses data breach after finding credit card skimmer (lien direct) | Costco Wholesale Corporation has warned customers in notification letters sent this month that their payment card information might have been stolen while recently shopping at one of its stores. [...] | Data Breach | ||
|
2021-11-12 07:28:40 | Zero-day bug in all Windows versions gets free unofficial patch (lien direct) | A free and unofficial patch is now available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions. [...] | Vulnerability | ||
|
2021-11-11 18:18:21 | The new Microsoft Store is now rolling out to Windows 10 PCs (lien direct) | Microsoft has started rolling out Windows 11's new Microsoft Store to Windows 10, allowing users a greater option of apps for users to install. [...] | |||
|
2021-11-11 16:34:07 | Windows 10 App Installer abused in BazarLoader malware attacks (lien direct) | The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. [...] | Spam Malware | ||
|
2021-11-11 15:41:09 | BotenaGo botnet targets millions of IoT devices with 33 exploits (lien direct) | A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...] | Malware | ||
|
2021-11-11 13:54:31 | How to fix the Windows 0x0000007c network printing error (lien direct) | A Windows security update released in October caused widespread Windows 10 and Windows 11 issues where users experience 0x0000007c errors when adding or printing to network printers. This article describes a fix you can use for the 0x0000007c printing errors. [...] | |||
|
2021-11-11 13:13:41 | AMD fixes dozens of Windows 10 graphics driver security bugs (lien direct) | AMD has fixed a long list of security vulnerabilities found in its graphics driver for Windows 10 devices, allowing attackers to execute arbitrary code and elevate privileges on vulnerable systems. [...] | |||
|
2021-11-11 11:44:50 | Hackers undetected on Queensland water supplier server for 9 months (lien direct) | Hackers stayed hidden for nine months on a server holding customer information for a Queensland water supplier, illustrating the need of better cyberdefenses for critical infrastructure. [...] | |||
|
2021-11-11 11:04:00 | Magniber ransomware gang now exploits Internet Explorer flaws in attacks (lien direct) | The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. [...] | Ransomware | ||
|
2021-11-11 09:24:53 | (Déjà vu) Russian \'King of Fraud\' sentenced to 10 years for Methbot scheme (lien direct) | The U.S. Department of Justice (DOJ) sentenced a Russian man for operating a large-scale digital advertising fraud scheme called 'Methbot' ('3ve') that stole at least $7 million from American companies. [...] | |||
|
2021-11-11 09:24:53 | Russian \'King of Fraud\' sentenced to 10 years for Methbot botnet (lien direct) | The U.S. Department of Justice (DOJ) sentenced a Russian man for operating a large-scale digital advertising fraud scheme called 'Methbot' ('3ve') that stole at least $7 million from American companies. [...] | |||
|
2021-11-11 08:54:03 | New bill sets ransomware attack response rules for US financial orgs (lien direct) | New legislation introduced this week by US lawmakers aims to set ransomware attack response "rules of road" for US financial institutions. [...] | Ransomware | ||
|
2021-11-11 06:35:15 | Microsoft: New security updates trigger Windows Server auth issues (lien direct) | Microsoft says users might experience authentication issues on Domain Controllers (DC) running Windows Server. after installing security updates released during the November Patch Tuesday. [...] | |||
|
2021-11-11 03:32:16 | Gmail accounts are used in 91% of all baiting email attacks (lien direct) | Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer to use Gmail accounts to conduct their attacks. [...] | |||
|
2021-11-11 02:45:34 | Careful: \'Smart TV remote\' Android app on Google Play is malware (lien direct) | Two Android apps sitting on the Google Play store have been found to contain malware this week. These apps are called 'Smart TV remote' and 'Halloween Coloring'. [...] | Malware | ||
|
2021-11-10 19:31:12 | Void Balaur hackers-for-hire sell stolen mailboxes and private data (lien direct) | A hacker-for-hire group called Void Balaur has been stealing emails and highly-sensitive information for more than five years, selling it to customers with both financial and espionage goals [...] | |||
|
2021-11-10 17:19:06 | HPE says hackers breached Aruba Central using stolen access key (lien direct) | HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations. [...] | Threat | ||
|
2021-11-10 16:30:44 | FBI warns of Iranian hackers looking to buy US orgs\' stolen data (lien direct) | The Federal Bureau of Investigation (FBI) warned private industry partners of attempts by an Iranian threat actor to buy stolen information regarding US and worldwide organizations. [...] | Threat | ||
|
2021-11-10 16:18:12 | Telnyx is the latest VoIP provider hit with DDoS attacks (lien direct) | Telnyx is the latest VoIP telephony provider targeted with distributed denial-of-service (DDoS) attacks, causing worldwide outages since yesterday. [...] | |||
|
2021-11-10 14:44:31 | Researchers show that Apple\'s CSAM scanning can be fooled easily (lien direct) | A team of researchers at the Imperial College in London have presented a simple method to evade detection by image content scanning mechanisms, such as Apple's CSAM. [...] | |||
|
2021-11-10 12:08:04 | Lazarus hackers target researchers with trojanized IDA Pro (lien direct) | A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application. [...] | Hack | APT 38 APT 28 | |
|
2021-11-10 12:00:07 | (Déjà vu) Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites (lien direct) | A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. [...] | |||
|
2021-11-10 12:00:07 | Ironic twist: WP Reset PRO bug lets hackers wipe WordPress site (lien direct) | A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. [...] | |||
|
2021-11-10 10:52:26 | TrickBot teams up with Shatak phishers for Conti ransomware attacks (lien direct) | A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. [...] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
