What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-12 14:13:52 | Zyxel fixes firewall flaws that could lead to hacked networks (lien direct) | Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...] | Vulnerability Threat | ||
|
2022-05-12 13:07:33 | BPFdoor: Stealthy Linux malware bypasses firewalls for remote access (lien direct) | A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years. [...] | Malware | ||
|
2022-05-12 10:31:20 | NVIDIA has open-sourced its Linux GPU kernel drivers (lien direct) | NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable. [...] | |||
|
2022-02-14 18:34:11 | Google Chrome emergency update fixes zero-day exploited in attacks (lien direct) | Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. [...] | Vulnerability Threat | ||
|
2022-02-14 16:21:26 | Ukraine says it\'s targeted by \'massive wave of hybrid warfare\' (lien direct) | The Security Service of Ukraine (SSU) today said the country is the target of an ongoing "wave of hybrid warfare," aiming to instill anxiety and undermine Ukrainian society's confidence in the state's ability to defend its citizens. [...] | |||
|
2022-02-14 14:31:00 | Sports brand Mizuno hit with ransomware attack delaying orders (lien direct) | Sports equipment and sportswear brand Mizuno is affected by phone outages and order delays after being hit by ransomware, BleepingComputer has learned from sources familiar with the attack. [...] | Ransomware | ||
|
2022-02-14 14:05:18 | FTC warns VoIP providers: Share your robocall info or get sued (lien direct) | The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations. [...] | |||
|
2022-02-14 13:03:24 | QNAP extends critical updates for some unsupported NAS devices (lien direct) | QNAP has extended support and will keep issuing security updates for some end-of-life (EOL) network-attached storage (NAS) devices until October 2022. [...] | |||
|
2022-02-14 10:41:14 | (Déjà vu) FBI: BlackByte ransomware breached US critical infrastructure (lien direct) | The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. [...] | Ransomware | ||
|
2022-02-14 09:45:44 | Emergency Magento update fixes zero-day bug exploited in attacks (lien direct) | Adobe rolled out emergency updates for Adobe Commerce and Magento Open Source to fix a critical vulnerability tracked as CVE-2022-24086 that's being exploited in the wild. [...] | Vulnerability | ||
|
2022-02-13 15:00:50 | (Déjà vu) Microsoft Defender will soon block Windows password theft (lien direct) | Microsoft is enabling an 'Attack Surface Reduction' security feature rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. [...] | |||
|
2022-02-13 15:00:50 | Microsoft is making it harder to steal Windows passwords from memory (lien direct) | Microsoft is enabling an 'Attack Surface Reduction' security feature rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. [...] | ★★★★ | ||
|
2022-02-13 08:22:11 | NFL\'s San Francisco 49ers hit by Blackbyte ransomware attack (lien direct) | The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. [...] | Ransomware | ||
|
2022-02-11 16:57:54 | The Week in Ransomware - February 11th 2022 - Maze, Egregor decryptors (lien direct) | We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations. [...] | Ransomware | ★★★ | |
|
2022-02-11 14:29:48 | Croatian phone carrier data breach impacts 200,000 clients (lien direct) | Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people. [...] | Data Breach | ||
|
2022-02-11 13:12:57 | Twitter is down with "Something went wrong" errors (lien direct) | Twitter is currently experiencing a worldwide service disruption that makes it impossible for users to read tweets on the web and load threads using the mobile app. [...] | |||
|
2022-02-11 12:45:00 | (Déjà vu) CISA orders federal agencies to update iPhones, Macs until Feb 25th (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs. [...] | |||
|
2022-02-11 12:45:00 | CISA orders federal agencies to update iPhones until Feb 25th (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs. [...] | |||
|
2022-02-11 12:40:01 | Google Project Zero: Vendors are now quicker at fixing zero-days (lien direct) | Google's Project Zero has published a report showing that organizations took less time to address the zero-day vulnerabilities that the team reported last year. [...] | |||
|
2022-02-11 08:01:01 | CISA urges orgs to patch actively exploited Windows SeriousSAM bug (lien direct) | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks. [...] | |||
|
2022-02-10 19:20:20 | Microsoft fixes Defender flaw letting hackers bypass antivirus scans (lien direct) | Microsoft has recently addressed a weakness in the Microsoft Defender Antivirus on Windows that allowed attackers to plant and execute malicious payloads without triggering Defender's malware detection engine. [...] | Malware | ||
|
2022-02-10 16:44:21 | Microsoft: Support for Windows 10 20H2 ending in May 2022 (lien direct) | Microsoft reminded customers today that multiple editions of Windows 10, version 20H2 and Windows 10, version 1909 are quickly approaching end of servicing (EOS). [...] | |||
|
2022-02-10 15:44:01 | Microsoft starts killing off WMIC in Windows, will thwart attacks (lien direct) | Microsoft is moving forward with removing the Windows Management Instrumentation Command-line (WMIC) tool, wmic.exe, starting with the latest Windows 11 preview builds in the Dev channel. [...] | |||
|
2022-02-10 15:02:17 | Hacking group \'ModifiedElephant\' evaded discovery for a decade (lien direct) | Threat analysts have linked a decade of activity to an APT (advanced persistent threat) actor called 'ModifiedElephant', who has managed to remain elusive to all threat intelligence firms since 2012. [...] | Threat | ||
|
2022-02-10 14:11:02 | (Déjà vu) Apple patches new zero-day exploited to hack iPhones, iPads, Macs (lien direct) | Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. [...] | Hack | ||
|
2022-02-10 11:25:10 | Qbot, Lokibot malware switch back to Windows Regsvr32 delivery (lien direct) | Malware distributors have turned to an older trick known as Squiblydoo to spread Qbot and Lokibot via Microsoft Office document using regsvr32.exe. [...] | Malware | ||
|
2022-02-10 11:13:44 | FTC says Americans lost $547 million to romance scams in 2021 (lien direct) | The US Federal Trade Commission (FTC) said that Americans reported record high losses of $547 million to romance scams in 2021, up almost 80% compared to 2020 and over six times compared to losses reported in 2017. [...] | |||
|
2022-02-10 09:08:24 | FritzFrog botnet grows 10x, hits healthcare, edu, and govt systems (lien direct) | The FritzFrog botnet that's been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server. [...] | |||
|
2022-02-10 06:57:33 | Spain dismantles SIM swapping group who emptied bank accounts (lien direct) | Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. [...] | |||
|
2022-02-09 16:33:18 | PHP Everywhere RCE flaws threaten thousands of WordPress sites (lien direct) | Researchers found three critical remote code execution (RCE) vulnerabilities in the PHP Everywhere plugin for WordPress, used by over 30,000 websites worldwide. [...] | |||
|
2022-02-09 15:05:10 | Microsoft Teams now needs 50% less power during meetings (lien direct) | Microsoft has drastically reduced Microsoft Teams' power requirements in calls and meetings since June 2020, improving experience consistency and making it more friendly with low-end devices. [...] | |||
|
2022-02-09 13:24:08 | Wave of MageCart attacks target hundreds of outdated Magento sites (lien direct) | Analysts have found the source of a mass breach of over 500 e-commerce stores running the Magento 1 platform and involves a single domain loading a credit card skimmer on all of them. [...] | |||
|
2022-02-09 11:55:32 | CISA warns admins to patch maximum severity SAP vulnerability (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to patch a set of severe security flaws dubbed ICMAD (Internet Communication Manager Advanced Desync) and impacting SAP business apps using Internet Communication Manager (ICM). [...] | Vulnerability | ||
|
2022-02-09 10:26:31 | Ransomware dev releases Egregor, Maze master decryption keys (lien direct) | The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. [...] | Ransomware Malware | ||
|
2022-02-09 10:10:59 | Meta and Chime sue Nigerians behind Facebook, Instagram phishing (lien direct) | Meta (formerly known as Facebook) has filed a joint lawsuit with Chime, a financial technology and digital banking company, against two Nigerian individuals who allegedly used Instagram and Facebook accounts to impersonate Chime and target its users in phishing attacks. [...] | |||
|
2022-02-09 07:58:50 | Fake Windows 11 upgrade installers infect you with RedLine malware (lien direct) | Threat actors have started distributing fake Windows 11 upgrade installers to users of Windows 10, tricking them into downloading and executing RedLine stealer malware. [...] | Malware Threat | ||
|
2022-02-09 07:30:09 | FBI warns of criminals escalating SIM swap attacks to steal millions (lien direct) | The Federal Bureau of Investigation (FBI) says criminals have escalated SIM swap attacks to steal millions by hijacking victims' phone numbers. [...] | |||
|
2022-02-09 03:17:34 | Molerats hackers deploy new malware in highly evasive campaign (lien direct) | The Palestinian-aligned APT group tracked as TA402 (aka Molerats) was spotted using a new implant named 'NimbleMamba' in a cyber-espionage campaign that leverages geofencing and URL redirects to legitimate websites. [...] | Malware | ||
|
2022-02-08 16:25:48 | Google fixes remote escalation of privileges bug on Android (lien direct) | Google has released the February 2022 Android security updates, addressing two critical vulnerabilities, one being a remote escalation of privilege that requires no user interaction. [...] | |||
|
2022-02-08 15:35:47 | Kimsuki hackers use commodity RATs with custom Gold Dragon malware (lien direct) | South Korean researchers have spotted a new wave of activity from the Kimsuky hacking group, involving commodity open-source remote access tools dropped with their custom backdoor, Gold Dragon. [...] | Malware | APT 43 | |
|
2022-02-08 13:57:39 | (Déjà vu) Windows 10 KB5010342 & KB5010345 updates released (lien direct) | The new update is now available for Windows 10 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5010342 and KB5010345. [...] | |||
|
2022-02-08 13:57:27 | (Déjà vu) Windows 11 KB5010386 update released with performance fixes (lien direct) | Microsoft has released the Windows 11 KB5010386 cumulative update with security updates, performance improvements, and fixes for an LDAP bug. [...] | |||
|
2022-02-08 13:27:31 | Microsoft February 2022 Patch Tuesday fixes 48 flaws, 1 zero-day (lien direct) | Today is Microsoft's February 2022 Patch Tuesday, and with it comes fixes for one zero-day vulnerability and a total of 48 flaws. [...] | Vulnerability | ||
|
2022-02-08 12:51:37 | US seizes $3.6 billion stolen in 2016 Bitfinex cryptoexchange hack (lien direct) | The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. [...] | Hack | ||
|
2022-02-08 11:56:33 | Mozilla fixes Firefox bug letting you get Windows admin privileges (lien direct) | Mozilla released a security update to address a high severity privilege escalation vulnerability found in the Mozilla Maintenance Service. [...] | |||
|
2022-02-08 11:18:53 | ExpressVPN offering $100,000 to first person who hacks its servers (lien direct) | ExpressVPN has updated its bug bounty program to make it more inviting to ethical hackers, now offering a one-time $100,000 bug bounty to whoever can compromise its systems. [...] | |||
|
2022-02-08 10:49:10 | Vodafone Portugal 4G and 5G services down after cyberattack (lien direct) | Vodafone Portugal suffered a cyberattack causing country-wide service outages, including the disruption of 4G/5G data networks, SMS texts, and television services. [...] | ★★ | ||
|
2022-02-08 07:45:04 | NetWalker ransomware affiliate sentenced to 80 months in prison (lien direct) | Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. [...] | Ransomware Guideline | ||
|
2022-02-08 06:00:00 | Google sees 50% security boost for 150M users after 2FA enroll (lien direct) | After accelerating its efforts to auto-enroll as many accounts as possible in two-factor authentication (2FA), Google announced that an additional 150 million users now have 2FA enabled. [...] | |||
|
2022-02-08 03:12:24 | Qbot needs only 30 minutes to steal your credentials, emails (lien direct) | The widespread malware known as Qbot (aka Qakbot or QuakBot) has recently returned to light-speed attacks, and according to analysts, it only takes around 30 minutes to steal sensitive data after the initial infection. [...] | Malware |
To see everything:
