What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-16 17:23:47 | (Déjà vu) Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug (lien direct) | Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors, including ransomware operators, that are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444) in attacks against organizations. The IT giant says that threat actors started targeting […] | Ransomware Threat | ||
|
2021-09-16 14:57:43 | Bitdefender released free REvil ransomware decryptor that works for past victims (lien direct) | Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. Good news for the victims of REvil ransomware gangs that were infected before the operations were temporarily halted on July 13th, Bitdefender released a free master decryptor that allows them to recover […] | Ransomware | ||
|
2021-09-15 22:41:53 | Anonymous hacked the controversial, far-right web host Epik (lien direct) | Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content. Anonymous hacktivist collective claims has claimed to have hacked the controversial web hosting provided Epik and stolen its data, including information of the clients of the company, as part of an operation codenamed EPIKFAIL. The hosting […] | |||
|
2021-09-15 18:17:09 | OMIGOD vulnerabilities expose thousands of Azure users to hack (lien direct) | OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to attacks. Recently released September 2021 Patch Tuesday security updates have addressed four severe vulnerabilities, collectively tracked as OMIGOD, in the Open Management Infrastructure (OMI) software agent that exposes Azure users to attack. Below is the list of the […] | Hack | ||
|
2021-09-15 17:08:55 | Microsoft announces passwordless authentication for consumer accounts (lien direct) | Microsoft announced that users can access their consumer accounts without providing passwords and using more secure authentication methods. Microsoft will allow its users to log into their consumer accounts without using passwords, they will be able to use Microsoft's Authenticator app, Windows Hello, physical security keys, or phone/email verification codes. “Which is why I'm so […] | |||
|
2021-09-15 11:02:17 | Three formers NSA employees fined for providing hacker-for-hire services to UAE firm (lien direct) | Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment. The trio has worked as hackers-for-hire […] | |||
|
2021-09-15 06:21:39 | (Déjà vu) US CISA appointed Kiersten Todt as new chief of staff (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced to have appointed Kiersten Todt as its new chief of staff, she will replace Acting Chief of Staff Kate Nichols. “The Cybersecurity and Infrastructure Security Agency (CISA) announced today Kiersten […] | ★★★ | ||
|
2021-09-15 05:03:28 | (Déjà vu) Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day (lien direct) | Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day RCE actively exploited in targeted attacks aimed at Microsoft Office and Office 365 on Windows 10 computers. The flaw, tracked as CVE-2021-40444, resides in the MSHTML, […] | |||
|
2021-09-14 20:10:54 | Mēris Bot infects MikroTik routers compromised in 2018 (lien direct) | Latvian vendor MikroTik revealed that recently discovered Mēris botnet is targeting devices that were compromised three years ago. Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an […] | |||
|
2021-09-14 16:22:38 | Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw (lien direct) | A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities […] | Vulnerability | ||
|
2021-09-14 06:24:15 | Google addresses a new Chrome zero-day flaw actively exploited in the wild (lien direct) | Google Chrome 93.0.4577.82 for Windows, Mac, and Linux that addressed eleven security issues, including two zero-days actively exploited. Google released Chrome 93.0.4577.82 for Windows, Mac, and Linux that fixed eleven security issues, including two zero-days vulnerabilities actively exploited in the wild. This is the tenth zero-day vulnerability in Chrome fixed by Google that was exploited […] | Vulnerability | ||
|
2021-09-14 06:00:39 | Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks (lien direct) | Researchers discovered Linux and Windows implementations of the Cobalt Strike Beacon developed by attackers that were actively used in attacks in the wild. Threat actors re-implemented from scratch unofficial Linux and Windows versions of the Cobalt Strike Beacon and are actively using them in attacks aimed at organizations worldwide.Cobalt Strike is a legitimate penetration testing tool designed as an attack […] | Tool Threat | ||
|
2021-09-14 04:33:13 | Popular NPM package Pac-Resolver affected by a critical flaw (lien direct) | Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week. The development team behind a popular NPM package called ‘Pac-Resolver‘ for the JavaScript programming language fixed a high-severity remote code execution vulnerability tracked as CVE-2021-23406. The vulnerability can be exploited by remote attackers to run […] | Vulnerability | ||
|
2021-09-13 20:27:19 | Apple fixes actively exploited FORCEDENTRY zero-day flaws (lien direct) | Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a couple of zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858), the IT giant also warns its customers that these issues are actively exploited in attacks […] | |||
|
2021-09-13 16:48:42 | Facebook announces WhatsApp end-to-end encrypted (E2EE) backups (lien direct) | Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. While WhatsApp has already implemented end-to-end encrypion since 2016, the company […] | |||
|
2021-09-13 15:26:55 | New Spook.Js attack allows to bypass Google Chrome Site Isolation protections (lien direct) | Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins devised a transient side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protections implemented in Google Chrome and Chromium browsers. The technique allows in some cases to steal sensitive […] | Threat | ||
|
2021-09-13 09:03:02 | BlackMatter ransomware gang hit Technology giant Olympus (lien direct) | Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including […] | Ransomware | ||
|
2021-09-13 06:01:21 | The new maxtrilha trojan is being disseminated and targeting several banks (lien direct) | A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but […] | |||
|
2021-09-13 05:19:46 | Department of Justice and Constitutional Development of South Africa hit by a ransomware attack (lien direct) | The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services. A ransomware attack hit the Department of Justice and Constitutional Development of South Africa, multiple services, including email and bail services have been impacted. The incident did not affect child maintenance payments for the month […] | Ransomware | ||
|
2021-09-12 18:34:04 | Google implements new Private Compute Services for Android (lien direct) | Google introduces Private Compute Services, a collection of services aimed at designing to improve privacy in the Android operating system. Good news for Android users, Google has implemented the Private Compute Services, a set of features aimed at improving their privacy. “We introduced Android's Private Compute Core in Android 12 Beta. Today, we’re excited to announce a […] | ★★★★ | ||
|
2021-09-12 05:29:57 | Revil ransomware operators are targeting new victims (lien direct) | Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […] | Ransomware | ||
|
2021-09-12 05:26:49 | Security Affairs newsletter Round 331 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Cisco released security patches for High-Severity flaws in IOS XR software New SOVA Android Banking trojan is […] | |||
|
2021-09-11 18:56:11 | Cisco released security patches for High-Severity flaws in IOS XR software (lien direct) | Cisco fixed multiple high-severity flaws in the IOS XR software that can allow attackers to trigger a DoS condition, elevate privileges, overwrite/read arbitrary files. Cisco released security updates to address multiple high-severity vulnerabilities in the IOS XR software that can be exploited to conduct multiple malicious activities, such as rebooting devices and elevate privileges. The […] | |||
|
2021-09-11 13:33:37 | New SOVA Android Banking trojan is rapidly growing (lien direct) | SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. Researchers from cybersecurity firm ThreatFabric have spotted in the beginning of August a new Android banking trojan, dubbed SOVA, that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. The […] | |||
|
2021-09-10 21:47:16 | (Déjà vu) Microsoft fixes Azurescape flaw in Azure Container Instances (lien direct) | Microsoft has fixed the Azurescape issue, a flaw in Azure Container Instances that allows to take over containers of other platform users. Microsoft has addressed a vulnerability in Azure Container Instances (ACI) called Azurescape that could have allowed a malicious container to take over containers belonging to other users. An attacker could exploit the vulnerability […] | Vulnerability | ||
|
2021-09-10 15:11:45 | Grayfly APT uses recently discovered Sidewalk backdoor (lien direct) | Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. In late August, ESET researchers uncovered the SideWalk backdoor that was employed by the Chine cyberespionage group in an attack aimed at a computer retail company […] | Guideline | APT 41 | |
|
2021-09-10 09:53:27 | Experts confirmed that the networks of the United Nations were hacked earlier this year (lien direct) | The United Nations this week confirmed that its computer networks were hit by a cyberattack earlier this year, as first reported by Bloomberg. The United Nations on Thursday confirmed that its computer networks were hit by a cyberattack earlier this year. “We can confirm that unknown attackers were able to breach parts of the United […] | |||
|
2021-09-10 05:49:03 | International money launderer sentenced to more than 11 years (lien direct) | A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions of dollars stolen in bank fraud schemes. A Canadian man who conspired to launder tens of millions of dollars stolen bank fraud schemes has been sentenced to 140 months in prison. The man is Ghaleb […] | Threat Guideline | ||
|
2021-09-09 21:28:50 | A new botnet named Mēris is behind massive DDoS attack that hit Yandex (lien direct) | The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked as Mēris. The Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the […] | ★★★ | ||
|
2021-09-09 14:31:46 | Millions of Microsoft web servers powered by vulnerable legacy software (lien direct) | CyberNews researchers identified more than 2 million web servers worldwide still running on outdated and vulnerable versions of Microsoft Internet Information Services software. These legacy versions are no longer supported by Microsoft, which makes millions of web servers easy targets for threat actors and cybercriminals. Original post @ https://cybernews.com/security/millions-of-microsoft-web-servers-powered-by-vulnerable-legacy-software/ Boasting a market share of 12.4%, Microsoft […] | Threat | ||
|
2021-09-09 14:14:03 | TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide (lien direct) | The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers from AT&T Alien Labs uncovered a new campaign, tracked as Chimaera, conducted by the TeamTNT group, aimed at organizations worldwide. Evidence collected by the experts suggests that the campaign began on July 25, 2021, threat actors […] | Threat | ||
|
2021-09-09 10:39:36 | (Déjà vu) Yandex is under the largest DDoS attack in the history of Runet (lien direct) | The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country […] | |||
|
2021-09-09 06:47:40 | Zoho warns of zero-day authentication bypass flaw actively exploited (lien direct) | Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. The company also warns the vulnerability is already exploited in attacks in the wild. […] | Vulnerability | ||
|
2021-09-08 22:48:18 | Personal information of 7 million Israelis available for sale (lien direct) | A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million Israelis. A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million Israelis from the CITY4U website. The hacker is offering the data for sale, but […] | Threat | ||
|
2021-09-08 19:48:21 | Groove gang leaks list of 500k credentials of compromised Fortinet appliances (lien direct) | Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially motivated threat actor Groove has leaked online compromised credentials belonging to many organizations. The ransomware group has been active since August 2021 and implement a double extortion model like other gangs. The threat actor leaked a […] | Ransomware Threat | ||
|
2021-09-08 15:14:12 | Russian communications watchdog Roskomnadzor blocks access to 6 VPNs (lien direct) | Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN and ExpressVPN. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six virtual private networks (VPNs), Hola!VPN, ExpressVPN, KeepSolid VPN Unlimited, Nord VPN, Speedify VPN, and IPVanish VPN. Russian communications […] | |||
|
2021-09-08 12:07:04 | Microsoft warns of a zero-day in Internet Explorer that is actively exploited (lien direct) | Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Microsoft did not share info about the attacks either the nature of the […] | Vulnerability Threat | ||
|
2021-09-08 06:56:28 | Germany protests to Russia over attacks ahead of the upcoming election (lien direct) | Germany has protested to Russia over attempts to steal data from lawmakers and use them to spread disinformation ahead of the upcoming election. Germany has formally protested to Russia over a series of cyber attacks aimed at stealing data from lawmakers that could be used to arrange disinformation campaigns before the upcoming German election. The […] | |||
|
2021-09-07 21:55:57 | REvil ransomware gang\'s servers are mysteriously online again (lien direct) | The leak site of the popular REvil ransomware gang is it is not clear if the group resumed operations or the FBI turned on its servers. Today the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […] | Ransomware | ||
|
2021-09-07 18:01:36 | Researcher published PoC exploit for Ghostscript zero-day (lien direct) | A researcher published the PoC exploit code for a Ghostscript zero-day vulnerability that could allow completely compromise a server. Security researcher Nguyen The Duc published on GitHub the proof-of-concept exploit code for a Ghostscript zero-day vulnerability. The vulnerability is a remote code execution (RCE) issue that could allow an attacker to completely compromise a server. Ghostscript […] | Vulnerability | ||
|
2021-09-07 13:04:45 | A server of the Jenkins project hacked by exploiting a Confluence flaw (lien direct) | The development team behind the Jenkins server disclose a security breach, threat actors deployed a cryptocurrency miner on one of its servers. The development team behind the Jenkins Project disclosed a security breach after threat actors compromised one of their internal servers and installed a cryptocurrency miner. Jenkins is the most popular open-source automation server, it is […] | Threat | ||
|
2021-09-07 09:13:41 | Ragnar Locker gang threatens to leak data if victim contacts law enforcement (lien direct) | The Ragnar Locker ransomware operators threaten to leak stolen data if the victims attempt to contact law enforcement agencies. The Ragnar Locker ransomware gang is adopting a new technique to force victims to pay the ransom, the operators threaten to leak stolen data if the victims contact law enforcement agencies. The group announced its new […] | Ransomware | ||
|
2021-09-07 07:06:10 | ProtonMail logged IP address of French activist after foreign request approved by Swiss authorities (lien direct) | A police report revealed that the popular encrypted email service provider ProtonMail shared the IP address of a French activist with the authorities. The privacy friendly end-to-end encrypted email service provider ProtonMail has shared the IP address of anti-gentrification activists with law enforcement authorities, a police report revealed. The police used this information to identify and arrest a […] | |||
|
2021-09-06 20:22:00 | TrickBot gang developer arrested at the Seoul international airport (lien direct) | A Russian man accused of being a member of the infamous TrickBot gang was arrested while trying to leave South Korea A Russian man accused of being a member of the TrickBot gang was arrested last week at the Seoul international airport. The man has remained stuck in the Asian country since February 2020 due […] | |||
|
2021-09-06 14:35:55 | (Déjà vu) Netgear addresses severe security flaws in 20 of its products (lien direct) | Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The company fixed three security flaws that affect 20 Netgear products, mostly smart switches. Technical details […] | |||
|
2021-09-06 07:03:57 | FBI IC3 warns of a spike in sextortion attacks (lien direct) | The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of 2021 that caused $8M losses. The FBI Internet Crime Complaint Center (IC3) is warning of a significant increase in sextortion complaints since the beginning of 2021. In a sextortion attack, threat actors threaten to distribute the victims […] | Threat | ||
|
2021-09-05 20:13:29 | Pacific City Bank hit by AVOS Locker Ransomware (lien direct) | Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services The bank was hit by AVOS Locker […] | Ransomware | ||
|
2021-09-05 12:39:17 | WhatsApp fined €225M over GDPR issues (lien direct) | The Irish Data Protection Commission has fined WhatsApp €225 million over data sharing transparency for European Union users’ data with Facebook. The Irish Data Protection Commission has fined WhatsApp €225 million for the lack of transparency on how it shares European Union users’ data with Facebook companies. The instant messaging company violated the actual General Data Protection Regulation (GDPR). […] | |||
|
2021-09-05 11:04:32 | Security Affairs newsletter Round 330 (lien direct) | A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. SEC warns of investment scams related to Hurricane Ida Apple will delay the rollout of new child […] | |||
|
2021-09-05 07:59:49 | Major IPS in New Zealand hit by massive DDoS, Internet outages reported (lien direct) | A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand ‘s third-largest internet operator, isolating parts of the country from the Internet. Vocus provides retail, wholesale and corporate telecommunications services across Australia and New Zealand. Vocus offers data network services […] |
To see everything:
Our RSS (filtrered)
