Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-01-20 05:08:45 |
Microsoft fixes Windows 10 search issues in Outlook desktop app (lien direct) |
Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. [...] |
|
|
|
|
2022-01-20 04:10:00 |
(Déjà vu) Crypto.com confirms 483 accounts hacked, $34 million withdrawn (lien direct) |
Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform. [...] |
|
|
|
|
2022-01-20 04:10:00 |
483 Crypto.com accounts compromised in $34 million hack (lien direct) |
Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform. [...] |
Hack
|
|
|
|
2022-01-19 18:26:50 |
Red Cross cyberattack exposes data of 515,000 people seeking missing family (lien direct) |
A cyberattack on a Red Cross contactor has led to the theft of personal data for more than 515,000 people in 'Restoring Family Links,' a program that helps reunite families separated by war, disaster, and migration. [...] |
|
|
|
|
2022-01-19 17:32:23 |
Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks (lien direct) |
SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network. [...] |
Vulnerability
Threat
|
|
|
|
2022-01-19 16:25:11 |
Marketing giant RRD confirms data theft in Conti ransomware attack (lien direct) |
RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack. [...] |
Ransomware
Threat
|
|
|
|
2022-01-19 13:33:32 |
CISA urges US orgs to prepare for data-wiping cyberattacks (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks recently seen targeting Ukrainian government agencies and businesses. [...] |
|
|
|
|
2022-01-19 11:44:32 |
UK\'s Cyber Security Center publishes new guidance to fight smishing (lien direct) |
UK's National Cyber Security Center (NCSC) has published new guidance for organizations to follow when communicating with customers via SMS or phone calls. [...] |
|
|
|
|
2022-01-19 10:15:45 |
New BHUNT malware targets your crypto wallets and passwords (lien direct) |
A novel modular crypto-wallet stealing malware dubbed 'BHUNT' has been spotted targeting cryptocurrency wallet contents, passwords, and security phrases. [...] |
Malware
|
|
|
|
2022-01-19 07:16:35 |
Interpol arrests 11 BEC gang members linked to 50,000 targets (lien direct) |
Interpol, in coordination with the Nigerian Police Force, have arrested eleven individuals who are suspects of participating in an international BEC (business email compromise) ring. [...] |
|
|
|
|
2022-01-19 06:00:00 |
Office 365 phishing attack impersonates the US Department of Labor (lien direct) |
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials. [...] |
|
|
|
|
2022-01-18 18:14:38 |
Windows Server 2019 OOB update fixes reboots, Hyper-V, ReFS bugs (lien direct) |
Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes numerous critical bugs introduced during the January 2022 Patch Tuesday. [...] |
|
|
|
|
2022-01-18 16:39:50 |
Telegram is a hotspot for the sale of stolen financial accounts (lien direct) |
Telegram is increasingly abused by cybercriminals to set up underground channels to sell stolen financial details to pseudonymous users. [...] |
|
|
|
|
2022-01-18 15:50:41 |
Microsoft leak: Third-party widgets coming soon to Windows 11 (lien direct) |
A Microsoft developer document has leaked the company's plans for third-party widgets coming soon to the Windows 11 Widgets feature. [...] |
|
|
|
|
2022-01-18 14:51:50 |
Fashion giant Moncler confirms data breach after ransomware attack (lien direct) |
Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web. [...] |
Ransomware
Data Breach
|
|
|
|
2022-01-18 11:56:00 |
New White Rabbit ransomware linked to FIN8 hacking group (lien direct) |
A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group. [...] |
Ransomware
|
|
|
|
2022-01-18 09:50:46 |
Beijing 2022 Winter Olympics app bursting with privacy risks (lien direct) |
The official app for Beijing 2022 Winter Olympics, 'My 2022,' was found to be insecure when it comes to protecting the sensitive data of its users. [...] |
|
|
|
|
2022-01-18 06:55:34 |
Europol shuts down VPN service used by ransomware groups (lien direct) |
Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [...] |
Ransomware
Malware
|
|
|
|
2022-01-17 17:46:17 |
(Déjà vu) Microsoft releases emergency fixes for Windows Server, VPN bugs (lien direct) |
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. [...] |
|
|
|
|
2022-01-17 17:46:17 |
Microsoft releases OOB updates for January Windows update issues (lien direct) |
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. [...] |
|
|
|
|
2022-01-17 14:51:50 |
Microsoft: Edge will mitigate \'unforeseen active\' zero day bugs (lien direct) |
Microsoft Edge has added a new feature to the Beta channel that will be able to mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities. [...] |
|
|
|
|
2022-01-17 14:33:56 |
(Déjà vu) Firefox Relay gets added to disposable email blocklist, angers users (lien direct) |
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam. [...] |
|
|
|
|
2022-01-17 14:33:56 |
Firefox Relay\'s addition to disposable email blocklist upsets users (lien direct) |
The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset. Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam. [...] |
|
|
|
|
2022-01-17 13:04:18 |
(Déjà vu) Zoho plugs another critical security hole in Desktop Central (lien direct) |
Zoho has addressed a new critical severity vulnerability found to affect the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. [...] |
Vulnerability
|
|
|
|
2022-01-17 13:04:18 |
Zoho patches new critical authentication bypass in Desktop Central (lien direct) |
Zoho has addressed a new critical severity vulnerability found to affect the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. [...] |
Vulnerability
|
|
|
|
2022-01-17 12:45:25 |
DHL dethrones Microsoft as most imitated brand in phishing attacks (lien direct) |
DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth. [...] |
|
|
|
|
2022-01-17 12:00:00 |
Nintendo warns of spoofed sites pushing fake Switch discounts (lien direct) |
Nintendo has warned customers of multiple sites impersonating the Japanese video game company's official website and pretending to sell Nintendo Switch consoles at significant discounts. [...] |
|
|
|
|
2022-01-17 11:38:01 |
Cyber espionage campaign targets renewable energy companies (lien direct) |
A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. [...] |
|
|
|
|
2022-01-17 10:01:23 |
It\'s not just you: Telegram is down for many users (lien direct) |
Telegram users are currently experiencing issues around the world, with users unable to use the desktop and mobile apps. [...] |
|
|
|
|
2022-01-17 08:47:31 |
Safari bug leaks your Google account info, browsing history (lien direct) |
There's a problem with the implementation of the IndexedDB API in Safari's WebKit engine, which could result in leaking browsing histories and even user identities to anyone exploiting the flaw. [...] |
|
|
|
|
2022-01-16 14:42:46 |
eNom data center migration mistakenly knocks sites offline (lien direct) |
A data center migration from eNom web hosting provider caused unexpected domain resolution problems that are expected to last for a few hours. [...] |
|
|
|
|
2022-01-16 13:32:35 |
Microsoft: Fake ransomware targets Ukraine in data-wiping attacks (lien direct) |
Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine. [...] |
Ransomware
Malware
|
|
|
|
2022-01-15 12:35:00 |
(Déjà vu) npm dependency is breaking some React apps today - here\'s the fix (lien direct) |
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps. [...] |
|
|
|
|
2022-01-15 12:35:00 |
Facebook\'s Create React App builds are breaking today - how to fix (lien direct) |
Tons of users are reporting their Facebook Create React App builds are failing since yesterday. The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps. [...] |
|
|
|
|
2022-01-15 12:06:08 |
Russia charges 8 suspected REvil ransomware gang members (lien direct) |
Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity. [...] |
Ransomware
|
|
|
|
2022-01-15 11:20:00 |
Qlocker ransomware returns to target QNAP NAS devices worldwide (lien direct) |
Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide. [...] |
Ransomware
Threat
|
|
|
|
2022-01-15 10:12:24 |
Linux malware sees 35% growth during 2021 (lien direct) |
The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks. [...] |
Malware
|
|
|
|
2022-01-14 18:53:15 |
The Week in Ransomware - January 14th 2022 - Russia finally takes action (lien direct) |
Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities. [...] |
Ransomware
|
|
|
|
2022-01-14 16:28:14 |
(Déjà vu) Microsoft resumes rollout of January Windows Server updates (lien direct) |
The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. [...] |
|
|
|
|
2022-01-14 16:28:14 |
Microsoft brings back January 2022 Windows Server updates (lien direct) |
The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. [...] |
|
|
|
|
2022-01-14 16:13:42 |
Goodwill discloses data breach on its ShopGoodwill platform (lien direct) |
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. [...] |
Data Breach
|
|
|
|
2022-01-14 15:22:52 |
Former DHS official charged with stealing govt employees\' PII (lien direct) |
A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information. [...] |
Guideline
|
|
|
|
2022-01-14 14:04:10 |
(Déjà vu) White House reminds tech giants open source is a national security issue (lien direct) |
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks. [...] |
Threat
|
|
|
|
2022-01-14 13:35:13 |
Researchers develop CAPTCHA solver to aid dark web research (lien direct) |
A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. [...] |
|
|
|
|
2022-01-14 12:33:39 |
Defense contractor Hensoldt confirms Lorenz ransomware attack (lien direct) |
Hensoldt, a multinational defense contractor headquartered in Germany, has confirmed that some of its UK subsidiary's systems were compromised in a ransomware attack. [...] |
Ransomware
|
|
|
|
2022-01-14 11:46:42 |
New Intel chips won\'t play Blu-ray disks due to SGX deprecation (lien direct) |
Intel has removed support for SGX (software guard extension) in 12th Generation Intel Core 11000 and 12000 processors, rendering modern PCs unable to playback Blu-ray disks in 4K resolution. [...] |
|
|
★★★★★
|
|
2022-01-14 11:11:14 |
Multiple Ukrainian government websites hacked and defaced (lien direct) |
At least 15 websites belonging to various Ukrainian public institutions were compromised, defaced, and subsequently taken offline. [...] |
|
|
|
|
2022-01-14 08:51:17 |
(Déjà vu) Russia arrests REvil ransomware gang members, seize $6.6 million (lien direct) |
The Federal Security Service (FSB) of the Russian Federation has announced today that they shut down the REvil ransomware gang after U.S. authorities reported on the leader. [...] |
Ransomware
Guideline
|
|
|
|
2022-01-14 08:51:17 |
Russian government arrests REvil ransomware gang members (lien direct) |
The Federal Security Service (FSB) of the Russian Federation has announced today that they shut down the REvil ransomware gang after U.S. authorities reported on the leader. [...] |
Ransomware
Guideline
|
|
|
|
2022-01-13 16:56:28 |
Android users can now disable 2G to block Stingray attacks (lien direct) |
Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators. [...] |
|
|
|