Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-09-03 11:22:01 |
Babuk ransomware\'s full source code leaked on hacker forum (lien direct) |
A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. [...] |
Ransomware
Threat
|
|
|
|
2021-09-03 09:21:32 |
Conti ransomware now hacking Exchange servers with ProxyShell exploits (lien direct) |
The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-09-03 09:03:39 |
Microsoft releases Windows 11 feature update for enterprise testing (lien direct) |
Microsoft has released Windows 11 and Windows 10, version 21H2 feature updates for enterprise testing before they will be released later this year. [...] |
|
|
|
|
2021-09-03 07:36:07 |
(Déjà vu) FBI: Spike in sextortion attacks cost victims $8 million this year (lien direct) |
The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. [...] |
|
|
|
|
2021-09-03 07:36:07 |
FBI: Sextortion complaints spike leads to $8 million in losses (lien direct) |
The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. [...] |
|
|
|
|
2021-09-03 03:00:00 |
(Déjà vu) Over 60,000 parked domains were vulnerable to AWS hijacking (lien direct) |
Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness. [...] |
|
|
|
|
2021-09-03 03:00:00 |
(Déjà vu) Over 60,000 parked domains were left up for hijacking (lien direct) |
Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness. [...] |
|
|
|
|
2021-09-03 03:00:00 |
Over 60,000 domains parked at MarkMonitor could be taken over (lien direct) |
Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness. [...] |
|
|
|
|
2021-09-02 19:22:51 |
Bluetooth BrakTooth bugs could affect billions of devices (lien direct) |
Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors. [...] |
|
|
|
|
2021-09-02 17:10:45 |
Translated Conti ransomware playbook gives insight into attacks (lien direct) |
Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation. [...] |
Ransomware
|
|
★★
|
|
2021-09-02 16:54:43 |
Atlassian Confluence flaw actively exploited to install cryptominers (lien direct) |
Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released. [...] |
Vulnerability
|
|
|
|
2021-09-02 13:52:55 |
FBI warns of ransomware gangs targeting food, agriculture orgs (lien direct) |
The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. [...] |
Ransomware
|
|
|
|
2021-09-02 13:31:10 |
Microsoft releases first Windows 11 "Nickel" build to Insiders (lien direct) |
Microsoft has released the first Windows 11 "Nickel" preview build 22449 to Windows Insiders in the 'Dev' channel, allowing them to test out new unstable features that are still being developed. [...] |
|
APT 15
|
|
|
2021-09-02 09:29:06 |
WhatsApp to appeal $266 million fine for violating EU privacy laws (lien direct) |
Ireland's Data Privacy Commissioner (DPC) has hit Facebook-owned messaging platform WhatsApp with a €225 million ($266 million) administrative fine for violating the EU's GDPR privacy regulation after failing to inform users and non-users on what it does with their data. [...] |
|
|
|
|
2021-09-02 08:14:49 |
Cisco fixes critical authentication bypass bug with public exploit (lien direct) |
Cisco has addressed an almost maximum severity authentication bypass Enterprise NFV Infrastructure Software (NFVIS) vulnerability with public proof-of-concept (PoC) exploit code. [...] |
|
|
|
|
2021-09-02 07:30:30 |
Autodesk reveals it was targeted by Russian SolarWinds hackers (lien direct) |
Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack, almost nine months after discovering that one of its servers was backdoored with Sunburst malware. [...] |
|
Solardwinds
|
|
|
2021-09-01 19:51:43 |
Windows Terminal now lets you drag and drop folders to open tabs (lien direct) |
Microsoft released Windows Terminal Preview v1.11 yesterday, and comes numerous improvements and features, including the ability to open a Terminal window by dropping a folder on the new tab button. [...] |
|
|
|
|
2021-09-01 18:07:19 |
(Déjà vu) Windows 10 KB5005101 Cumulative Update released with 34 fixes (lien direct) |
Microsoft has released the optional KB5005101 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1 with fixes for thirty-four issues. [...] |
|
|
|
|
2021-09-01 16:28:55 |
Microsoft: Windows Server 2022 is now generally available (lien direct) |
Microsoft has announced that Window Server 2022, a Long Term Servicing Channel (LTSC) release with ten years of support, is generally available starting today. [...] |
|
|
|
|
2021-09-01 15:29:11 |
How to block Windows Plug-and-Play auto-installing insecure apps (lien direct) |
A trick has been discovered that prevents your device from being taken over by vulnerable Windows applications when devices are plugged into your computer. [...] |
|
|
|
|
2021-09-01 14:49:43 |
FTC bans stalkerware maker Spyfone from surveillance business (lien direct) |
FTC has banned stalkerware maker Spyfone and CEO Scott Zuckerman from the surveillance business after failing to protect customers' devices from hackers and sharing info on their location and activity. [...] |
|
|
|
|
2021-09-01 12:40:26 |
Twitter adds Safety Mode to automatically block online harassment (lien direct) |
Twitter has introduced today Safety Mode, a new feature that aims to block online harassment attempts and reduce disruptive interactions on the platform. [...] |
|
|
|
|
2021-09-01 11:23:51 |
Fired NY credit union employee nukes 21GB of data in revenge (lien direct) |
Juliana Barile, the former employee of a New York credit union, pleaded guilty to accessing the financial institution's computer systems without authorization and destroying over 21 gigabytes of data in revenge. [...] |
Guideline
|
|
|
|
2021-09-01 10:28:40 |
Microsoft kicks unsupported PCs out of Windows 11 preview program (lien direct) |
Microsoft is kicking unsupported Windows 11 devices out of the Windows 11 preview program without warning, even though it said that wouldn't happen until the new Windows version was released. [...] |
|
|
|
|
2021-09-01 03:36:46 |
LockBit gang leaks Bangkok Airways data, hits Accenture customers (lien direct) |
Bangkok Airways, a major airline company in Thailand, confirmed it was the victim of a cyberattack earlier this month that compromised personal data of passengers. [...] |
|
|
|
|
2021-08-31 17:42:12 |
Microsoft 365 Usage Analytics now anonymizes user info by default (lien direct) |
Microsoft has announced that it will start anonymizing user-level info by default Microsoft 365 Usage Analytics beginning with September 1, 2021. [...] |
|
|
|
|
2021-08-31 14:38:51 |
Microsoft announces Visual Studio Code for the Web public preview (lien direct) |
Microsoft has announced the public preview launch of Visual Studio Code for the Web, a browser-based version of its free and cross-platform VS Code integrated development environment (IDE). [...] |
|
|
|
|
2021-08-31 13:52:41 |
FBI, CISA: Ransomware attack risk increases on holidays, weekends (lien direct) |
The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays to released a joint cybersecurity advisory issued earlier today. [...] |
Ransomware
|
|
|
|
2021-08-31 12:02:52 |
Coinbase seeds panic among users with erroneous 2FA change alerts (lien direct) |
Coinbase, the world's second largest cryptocurrency exchange with approximately 68 million users from over 100 countries, has scared a significant amount of its users with erroneous 2FA warnings. [...] |
|
|
|
|
2021-08-31 11:12:09 |
Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs (lien direct) |
Cybercriminals are making strides towards attacks with malware that executes code from the graphics processing unit (GPU) of a compromised system. [...] |
Malware
Tool
|
|
|
|
2021-08-31 09:00:00 |
Windows 11 will be released on October 5th to newer devices (lien direct) |
Microsoft has announced that Windows 11 will be released on October 5th, 2021, to Windows 10 users with support devices. [...] |
|
|
|
|
2021-08-31 00:02:05 |
Canada accepted 7,300 more immigration applications due to technical bug (lien direct) |
A bug in the Canadian immigration system led to the government accepting an additional 7,307 immigration applications, surpassing the imposed limit. This comprised files from international graduate stream applicants aspiring to change their temporary visa status to permanent residency. [...] |
|
|
|
|
2021-08-30 16:02:19 |
Windows Update will tell if you can upgrade to Windows 11 (lien direct) |
Microsoft will make it easier for Windows 10 users to check if their computer is compatible with Windows 11 by alerting people via Windows Update. [...] |
|
|
|
|
2021-08-30 15:45:45 |
Google App bug blocks Android users from receiving, making calls (lien direct) |
Google says that users of some Android phone models are affected by a Google App bug preventing them from making and receiving calls. [...] |
|
|
|
|
2021-08-30 14:21:12 |
QNAP works on patches for OpenSSL bugs impacting its NAS devices (lien direct) |
Network-attached storage (NAS) maker QNAP is investigating and working on security updates to address remote code execution (RCE) and denial-of-service (DoS) vulnerabilities patched by OpenSSL last week. [...] |
|
|
|
|
2021-08-30 13:10:00 |
CISA: Don\'t use single-factor auth on Internet-exposed systems (lien direct) |
Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against. [...] |
|
|
|
|
2021-08-30 12:28:32 |
Microsoft Exchange ProxyToken bug can let hackers steal user email (lien direct) |
Technical details have emerged on a serious vulnerability in Microsoft Exchange Server dubbed ProxyToken that does not require authentication to access emails from a target account. [...] |
Vulnerability
|
|
|
|
2021-08-30 08:09:02 |
Microsoft shares guidance on securing Azure Cosmos DB accounts (lien direct) |
Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, giving attackers full admin rights to users' data without authorization. [...] |
|
|
|
|
2021-08-29 10:00:00 |
Apple launches service program for iPhone 12 no sound issues (lien direct) |
Apple has announced a new free-of-charge service program for iPhone 12 and iPhone 12 Pro devices experiencing sound issues caused by a receiver module component. [...] |
|
|
|
|
2021-08-28 17:51:30 |
Customize your Windows 10 experience with these free tools (lien direct) |
Windows 10 comes with built-in personalization settings to help you customize the desktop and it provides plenty of options by default. However, if you want to get the most out of your desktop, we recommend these third-party open-source programs. [...] |
|
|
|
|
2021-08-28 10:00:00 |
New Windows 11 Dev build released with Microsoft 365 Widget (lien direct) |
Microsoft announced a new Microsoft 365 Widget in the latest Windows 11 Dev build released for Windows Insiders in the Dev and Beta Channels. [...] |
|
|
|
|
2021-08-27 13:00:00 |
(Déjà vu) Windows 11 to only support one Intel 7th gen CPU, no AMD Zen 1 CPUs (lien direct) |
Microsoft announced today that after investigating other potentially compatible processors for Windows 11, they only found one 7th generation Intel CPU to be compatible, and no first generation AMD Zen CPUs. [...] |
|
|
|
|
2021-08-27 13:00:00 |
Windows 11 to only support one Intel 7th gen CPU, no AMD Zen CPUs (lien direct) |
Microsoft announced today that after investigating other potentially compatible processors for Windows 11, they only found one 7th generation Intel CPU to be compatible, and no AMD Zen CPUs. [...] |
|
|
|
|
2021-08-27 12:51:07 |
(Déjà vu) T-Mobile CEO: Hacker brute-forced his way through our network (lien direct) |
Today, T-Mobile's CEO Mike Sievert said that the hacker behind the carrier's latest massive data breach brute forced his way through T-Mobile's network after gaining access to testing environments. [...] |
|
|
|
|
2021-08-27 12:51:07 |
T-Mobile CEO: Hackers brute-forced their way through our network (lien direct) |
Today, T-Mobile's CEO Mike Sievert said that the hackers behind the carrier's latest massive data breach were able to brute force their way through T-Mobile's network after gaining access to testing environments. [...] |
Data Breach
|
|
|
|
2021-08-27 11:18:27 |
Boston Public Library discloses cyberattack, system-wide technical outage (lien direct) |
The Boston Public Library (BPL) has disclosed today that its network was hit by a cyberattack on Wednesday, leading to a system-wide technical outage. [...] |
Guideline
|
|
|
|
2021-08-27 10:22:36 |
(Déjà vu) Windows 10 upgrades blocked by old CryptoPro CSP versions (lien direct) |
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. [...] |
|
|
|
|
2021-08-27 10:22:36 |
Windows 10 upgrades blocked by old CryptoPro SCP versions (lien direct) |
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. [...] |
|
|
|
|
2021-08-27 09:30:54 |
(Déjà vu) Fake DMCA and DDoS complaints lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2021-08-27 09:30:54 |
Fake DMCA complaints, DDoS threats lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|