Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-10-22 14:26:28 |
SCUF Gaming store hacked to steal credit card info of 32,000 customers (lien direct) |
SCUF Gaming International, a leading manufacturer of custom PC and console controllers, is notifying customers that its website was hacked in February to plant a malicious script used to steal their credit card information. [...] |
Guideline
|
|
|
|
2021-10-22 14:02:21 |
DarkSide ransomware rushes to cash out $7 million in Bitcoin (lien direct) |
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. [...] |
Ransomware
|
|
|
|
2021-10-22 11:48:53 |
Groove ransomware calls on all extortion gangs to attack US interests (lien direct) |
The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil's infrastructure last week. [...] |
Ransomware
|
|
|
|
2021-10-22 11:14:08 |
Microsoft: WizardUpdate Mac malware adds new evasion tactics (lien direct) |
Microsoft says it found new variants of macOS malware known as WizardUpdate (also tracked as UpdateAgent or Vigram), updated to use new evasion and persistence tactics. [...] |
Malware
|
|
|
|
2021-10-22 10:36:32 |
Google cuts Play Store dev fees to 15% for all subscriptions (lien direct) |
Google announced that they are dropping the 30% flat service fee for in-app purchases or app sales to 15% starting January 1, 2022. [...] |
|
|
|
|
2021-10-22 10:06:38 |
Italian celebs\' data exposed in ransomware attack on SIAE (lien direct) |
The Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) has announced an investigation into a data breach of the country's copyright protection agency. [...] |
Ransomware
Data Breach
|
|
|
|
2021-10-22 09:29:23 |
Microsoft Teams adds end-to-end encryption for one-to-one calls (lien direct) |
Microsoft has announced the public preview roll-out of end-to-end encryption (E2EE) support for one-to-one Microsoft Teams calls. [...] |
|
|
|
|
2021-10-22 08:37:08 |
CISA: GPS software bug may cause unexpected behavior this Sunday (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) warned that GPS deices might experience issues over the weekend because of a timing bug impacting Network Time Protocol (NTP) servers running the GPS Daemon (GPSD) software. [...] |
|
|
|
|
2021-10-22 07:56:24 |
Microsoft: Windows 11 printing issues fixed in the KB5006746 update (lien direct) |
Microsoft has fixed multiple known issues impacting printing on Windows 11 with the release of the optional KB5006746 cumulative update preview on Thursday. [...] |
|
|
|
|
2021-10-21 17:10:53 |
Massive campaign uses YouTube to push password-stealing malware (lien direct) |
Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. [...] |
Malware
|
|
|
|
2021-10-21 15:07:54 |
Evil Corp demands $40 million in new Macaw ransomware attacks (lien direct) |
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. [...] |
Ransomware
|
|
|
|
2021-10-21 14:40:29 |
Windows 11 KB5006746 update fixes gaming performance issues (lien direct) |
Microsoft has released the optional KB5006746 cumulative update preview for Windows 11, fixing sixty-four issues, including AMD CPU performance and gaming issues. [...] |
|
|
|
|
2021-10-21 13:52:13 |
Microsoft is releasing Windows 10 21H2 in November (lien direct) |
Microsoft is preparing Windows 10 21H2, the next Windows 10 version, for a November 2021 release and is now rolling it out to all Windows Insiders in the Release Preview Channel. [...] |
|
|
|
|
2021-10-21 13:23:29 |
Microsoft now defends nonprofits against nation-state attacks (lien direct) |
Microsoft announced today a new security program for nonprofits to provide them with protection against nation-state attacks that have increasingly targeting them in recent years. [...] |
|
|
|
|
2021-10-21 12:24:13 |
(Déjà vu) Hacking gang creates fake firm to hire pentesters for ransomware attacks (lien direct) |
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...] |
Ransomware
|
|
|
|
2021-10-21 12:24:13 |
FIN7 tries to trick pentesters into launching ransomware attacks (lien direct) |
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...] |
Ransomware
|
|
|
|
2021-10-21 12:00:00 |
Google launches Android Enterprise bug bounty program (lien direct) |
Google has announced the launch of its first vulnerability rewards program for Android Enterprise with bounties of up to $250,000. [...] |
Vulnerability
|
|
|
|
2021-10-21 10:58:50 |
Cybercrime matures as hackers are forced to work smarter (lien direct) |
An analysis of 500 hacking incidents across a wide range of industries has revealed trends that characterize a maturity in the way hacking groups operate today. [...] |
|
|
|
|
2021-10-21 10:22:50 |
RAT malware spreading in Korea through webhards and torrents (lien direct) |
An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents. [...] |
Malware
|
|
|
|
2021-10-21 09:18:41 |
Nine arrested for impersonating bank clerks to steal from the elderly (lien direct) |
The Dutch Police have arrested nine people for targeting and stealing money from the elderly by impersonating bank employees. [...] |
|
|
|
|
2021-10-21 07:52:32 |
Bulletproof hosting admins sentenced for helping cybercrime gangs (lien direct) |
Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization (RICO) charges for bulletproof hosting services used by multiple cybercrime operations to target US organizations. [...] |
|
|
|
|
2021-10-20 17:46:36 |
Hands on with Microsoft\'s Android app support in Windows 11 (lien direct) |
Microsoft has released its first preview build of the Windows Subsystem for Android, allowing you to run Android apps directly on your desktop. [...] |
|
|
|
|
2021-10-20 15:32:32 |
US govt to ban export of hacking tools to authoritarian regimes (lien direct) |
The Commerce Department's Bureau of Industry and Security (BIS) today announced export controls for software and hardware tools that could be used for malicious hacking activities. [...] |
|
|
|
|
2021-10-20 13:47:02 |
DDoS attacks against Russian firms have almost tripled in 2021 (lien direct) |
A report analyzing data from the start of the year concludes that distributed denial-of-service (DDoS) attacks on Russian companies have increased 2.5 times compared to the same period last year. [...] |
|
|
|
|
2021-10-20 13:13:59 |
Microsoft: Old Windows updates now expire to improve speed, security (lien direct) |
Microsoft says it regularly evaluates Windows updates for expiration to make the entire update process faster and safer by removing older releases that have already been superseded by newer packages. [...] |
|
|
|
|
2021-10-20 12:59:16 |
Political-themed actor using old MS Office flaw to drop multiple RATs (lien direct) |
A novel threat actor with unclear motives has been discovered running a crimeware campaign which delivers multiple Windows and Android RATs (remote access tools) through the exploitation of CVE-2017-11882. [...] |
Threat
|
|
|
|
2021-10-20 11:49:39 |
Google: YouTubers\' accounts hijacked with cookie-stealing malware (lien direct) |
Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors since at least late 2019. [...] |
Malware
|
Uber
|
|
|
2021-10-20 09:49:34 |
(Déjà vu) New Gummy Browsers attack lets hackers spoof tracking profiles (lien direct) |
University researchers in the US have developed a new fingerprint capturing and browser spoofing attack called Gummy Browsers. They warn how easy the attack is to carry out and the severe implications it can have. [...] |
|
|
|
|
2021-10-20 09:49:34 |
New Gummy Browser attack lets hackers spoof tracking profiles (lien direct) |
University researchers in the US have developed a new fingerprint capturing and browser spoofing attack called Gummy Browsers. They warn how easy the attack is to carry out and the severe implications it can have. [...] |
|
|
|
|
2021-10-20 09:30:00 |
Microsoft 365 will get enhanced insider risk management tools (lien direct) |
Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility. [...] |
|
|
|
|
2021-10-20 08:39:27 |
(Déjà vu) New PurpleFox botnet variant uses WebSockets for C2 communication (lien direct) |
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. [...] |
Vulnerability
|
|
|
|
2021-10-20 08:39:27 |
Newer PurpleFox botnet variants leverage WebSockets for coms (lien direct) |
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. [...] |
Vulnerability
|
|
|
|
2021-10-19 18:40:58 |
Zerodium wants zero-day exploits for Windows VPN clients (lien direct) |
In a short tweet today, exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network (VPN) service providers on the market. [...] |
|
|
|
|
2021-10-19 17:28:06 |
Brave ditches Google for its own privacy-centric search engine (lien direct) |
Brave Browser has replaced Google with its own no-tracking privacy-centric Brave Search as the default search engine for new users in five regions. [...] |
|
|
|
|
2021-10-19 12:40:15 |
Acer hacked twice in a week by the same threat actor (lien direct) |
Acer has suffered a second cyberattack in just a week by the same hacking group that says other regions are vulnerable. [...] |
Threat
|
|
|
|
2021-10-19 12:03:34 |
About 26% of all malicious JavaScript threats are obfuscated (lien direct) |
A research that analyzed over 10,000 samples of diverse malicious software written in JavaScript concluded that roughly 26% of it is obfuscated to evade detection and analysis. [...] |
|
|
|
|
2021-10-19 10:51:19 |
(Déjà vu) BlackByte ransomware decryptor released to recover files for free (lien direct) |
A free decryptor for the BlackByte ransomware has been released, allowing past victims to recover their files for free. [...] |
Ransomware
|
|
|
|
2021-10-19 10:18:53 |
LightBasin hacking group breaches 13 global telecoms in two years (lien direct) |
A group of hackers that security researchers call LightBasin has been compromising mobile telecommunication systems across the world for the past five years. [...] |
|
|
|
|
2021-10-19 10:00:24 |
China\'s VPN market now open to foreign investment (lien direct) |
[...] |
|
|
|
|
2021-10-19 09:17:45 |
Man gets 7 years in prison for hacking 65K health care employees (lien direct) |
Justin Sean Johnson, also known as TheDearthStar and Dearthy Star, was sentenced this week to seen years in prison for the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center (UPMC). [...] |
Hack
|
|
|
|
2021-10-19 09:00:00 |
FBI warns of fake govt sites used to steal financial, personal data (lien direct) |
The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. [...] |
Threat
|
|
|
|
2021-10-19 08:00:00 |
New Karma ransomware group likely a Nemty rebrand (lien direct) |
Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang. [...] |
Ransomware
Threat
|
|
|
|
2021-10-19 05:12:07 |
(Déjà vu) Microsoft issues advisory for Surface Pro 3 TPM bypass vulnerability (lien direct) |
Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments. [...] |
Vulnerability
Threat
|
|
|
|
2021-10-19 05:12:07 |
Microsoft fixes Surface Pro 3 TPM bypass with public exploit code (lien direct) |
Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets that enables threat actors to introduce malicious devices within enterprise environments. [...] |
Vulnerability
Threat
|
|
|
|
2021-10-19 04:26:28 |
ACE takes down Electro TV Sat pirate streaming service (lien direct) |
ACE (Alliance for Creativity) has forced Electro TV Sat offline following a crackdown operation in Morocco, where the pirate streaming platform was based. [...] |
|
|
|
|
2021-10-18 18:03:04 |
(Déjà vu) FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates. [...] |
Ransomware
|
|
|
|
2021-10-18 18:03:04 |
FBI, CISA, NSA shares defense tips for BlackMatter ransomware attacks (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates. [...] |
Ransomware
|
|
|
|
2021-10-18 13:28:10 |
State-backed hackers breach telcos with custom malware (lien direct) |
A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia. [...] |
Malware
|
|
|
|
2021-10-18 10:55:01 |
Suspected Chinese hackers behind attacks on ten Israeli hospitals (lien direct) |
A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country. [...] |
Ransomware
|
|
|
|
2021-10-18 10:44:31 |
Microsoft: Windows 11 bug may only allow admins to print (lien direct) |
Microsoft is working on a fix for a known issue impacting Windows 11 customers and causing a prompt for admin credentials before every attempt to print. [...] |
|
|
|