Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 16:05:25 |
Celsius email system breach leads to phishing attack on customers (lien direct) |
Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack. [...] |
|
|
★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 15:34:52 |
(Déjà vu) Mozilla drops Firefox support on Amazon Fire TV (lien direct) |
This month, Amazon has announced that Mozilla will phase out support for the Firefox web browser app on Amazon's Fire TV product line. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 15:34:52 |
Amazon drops Firefox support on Fire TV in favor of Silk browser (lien direct) |
This month, Amazon has announced plans to phase out support for the Mozilla Firefox web browser app on its Fire TV product line. The company has decided to no longer support the Mozilla Firefox browser in a bid to promote its Amazon Silk web browser app to customers, effective at the end of this month. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 14:19:20 |
Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) |
Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 12:00:00 |
Microsoft Edge\'s new Kids Mode is now rolling out to everyone (lien direct) |
Microsoft Edge's new child-friendly 'Kids Mode' is now generally available and has begun rolling out to users in the USA. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 10:54:57 |
US government confirms Russian SVR behind the SolarWinds hack (lien direct) |
The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. [...] |
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-15 09:29:08 |
NSA: Top 5 vulnerabilities actively abused by Russian govt hackers (lien direct) |
A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S. organizations and interests. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-14 18:10:53 |
Google Chrome 90 released with HTTPS as the default protocol (lien direct) |
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-14 15:47:19 |
Microsoft moves Windows 10 21H1 to the Release preview channel (lien direct) |
Microsoft is now installing the Windows 10 21H1 build in the Release preview channel, indicating that it will likely be released later this month or in May. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-14 14:39:17 |
SAP fixes critical bugs in Business Client, Commerce, and NetWeaver (lien direct) |
SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-14 14:12:54 |
Second Google Chrome zero-day exploit dropped on twitter this week (lien direct) |
A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-14 11:59:54 |
Vivaldi, Brave, DuckDuckGo reject Google\'s FLoC ad tracking tech (lien direct) |
Makers of Vivaldi and Brave web browsers have rejected Google's new privacy-preserving proposal called FLoC, which is meant to replace third-party tracking cookies across websites on browsers, including Chrome. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 20:57:38 |
FBI nuked web shells from hacked Exchange Servers without telling owners (lien direct) |
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 18:40:48 |
Capcom: Ransomware gang used old VPN device to breach the network (lien direct) |
Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 17:59:24 |
CISA gives federal agencies until Friday to patch Exchange servers (lien direct) |
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 15:15:50 |
NSA discovers critical Exchange Server vulnerabilities, patch now (lien direct) |
Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 14:21:20 |
(Déjà vu) Windows 10 Cumulative Updates KB5001330 & KB5001337 released (lien direct) |
s part of the April Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows, including KB5001330 for Windows 10 20H2/2004 and KB5001337 for Windows 10 1909. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 14:17:12 |
New Linux, macOS malware hidden in fake Browserify NPM package (lien direct) |
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 13:39:49 |
Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days (lien direct) |
Today is Microsoft's April 2021 Patch Tuesday, and with it comes five zero-day vulnerabilities and more Critical Microsoft Exchange vulnerabilities. It has been a tough couple of months for Windows and Microsoft Exchange admins, and it looks like April won't be any easier, so please be nice to your IT staff today. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 12:54:28 |
RIP: Microsoft Edge Legacy nuked by April Windows Updates (lien direct) |
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 11:38:23 |
QBot malware is back replacing IcedID in malspam campaigns (lien direct) |
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 11:20:11 |
Adobe fixes critical vulnerabilities in Photoshop and Digital Editions (lien direct) |
Adobe has released security updates that address security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 09:04:11 |
Watch out for this W-2 phishing scam targeting the 2021 tax season (lien direct) |
With the United State tax season in high gear, threat actors have sprung into action with a recent tax document phishing scam that abuses TypeForm forms to steal your login credentials. [...] |
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-13 00:01:00 |
NAME:WRECK DNS vulnerabilities affect over 100 million devices (lien direct) |
Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-12 21:20:56 |
Google Chrome, Microsoft Edge zero-day vulnerability shared on Twitter (lien direct) |
A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge. [...] |
Vulnerability
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-12 17:07:12 |
Windows 10 is getting a \'Windows Tools\' control panel for power users (lien direct) |
In future versions of Windows 10, Microsoft has removed the venerable 'Administrative Tools' and added a new 'Windows Tools' control panel with almost double the number of tools promoted within it. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-12 16:44:06 |
CS:GO, Valve Source games vulnerable to hacking using Steam invites (lien direct) |
A group of security researchers known as the Secret Club took it to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. [...] |
|
|
★★★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-12 12:54:28 |
Dutch supermarkets run out of cheese after ransomware attack (lien direct) |
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-12 11:05:57 |
Pulse Secure VPN users can\'t login due to expired certificate (lien direct) |
Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-11 13:19:13 |
Browse the web like it\'s the 90s with this free service (lien direct) |
Did you miss the chance to browse the web when sites looked more like they belonged to hobbyists rather than billion-dollar companies? Now you experience web browsing in the 90s with this free service. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-11 11:34:32 |
Mozilla flooded with requests after Apple privacy changes hit Facebook (lien direct) |
Mozilla volunteers have recently been flooded with requests by online merchants and marketers for their domains to be added to what's called a Public Suffix List (PSL) due to recent privacy changes brought forth by Apple's iOS 14.5. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-11 10:00:00 |
(Déjà vu) Microsoft: Windows 10 1909 reaches end of service next month (lien direct) |
Microsoft has reminded users that Windows 10, version 1909 (also known as the November 2019 Update), will reach the end of service next month, in May 2021. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-10 15:20:21 |
Joker malware infects over 500,000 Huawei Android devices (lien direct) |
More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-10 12:14:12 |
Hands-on with Windows 10\'s new Google Discover-like news feature (lien direct) |
Later this year, Windows 10 is getting a new feature that will enable a Google Discover-like newsfeed on the taskbar. This feature is officially called "News and Interests" and it will give news stories, sports scores, finance and weather information. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-10 10:40:00 |
Android malware found embedded in APKPure store application (lien direct) |
Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-10 09:25:02 |
(Déjà vu) Windows 10 will soon let you tell Microsoft how you use your PC (lien direct) |
Windows 10 will soon let you select pre-configured categories, such as Gaming and Business, that tell the operating system how you plan on using the device. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-10 09:25:02 |
Windows 10 will soon let you configure different usage modes (lien direct) |
Windows 10 will soon let you select pre-configured categories, such as Gaming and Business, that tell the operating system how you plan on using the device. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 16:47:02 |
The Week in Ransomware - April 9th 2021 - Massive ransom demands (lien direct) |
Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently. [...] |
Ransomware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 16:29:59 |
FBI arrests man for plan to kill 70% of Internet in AWS bomb attack (lien direct) |
The FBI arrested a Texas man on Thursday for allegedly planning to "kill of about 70% of the internet" in a bomb attack targeting an Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 14:52:36 |
Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack (lien direct) |
Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today. [...] |
Ransomware
Threat
Guideline
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 13:55:00 |
Attackers deliver legal threats, IcedID malware via contact forms (lien direct) |
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 12:31:34 |
World\'s largest pathologists association discloses credit card incident (lien direct) |
The American Society for Clinical Pathology (ASCP) disclosed a payment card incident that impacted customers who entered payment info on its e-commerce website. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 10:42:26 |
Zerodium triples WordPress remote code execution exploit payout (lien direct) |
Zerodium has announced today an increased interest in exploits Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 10:04:07 |
Watch: Monkey uses Elon Musk\'s Neuralink to play Pong with its mind (lien direct) |
A new video released by Elon Musk's Neuralink shows a monkey playing Pong using its mind and embedded brain-human interface. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-09 09:55:16 |
Researchers earn $1,2 million for exploits demoed at Pwn2Own 2021 (lien direct) |
Pwn2Own 2021 ended with contestants earning a record $1,210,000 for exploits and exploits chains demoed over the course of three days. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-08 17:39:27 |
CISA releases tool to review Microsoft 365 post-compromise activity (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. [...] |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-08 16:50:37 |
(Déjà vu) Google Chrome blocks port 10080 to stop NAT Slipstreaming attacks (lien direct) |
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-08 16:50:37 |
Google Chrome blocks a new port to stop NAT Slipstreaming attacks (lien direct) |
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks. [...] |
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-08 15:58:44 |
Over 600,000 stolen credit cards leaked after Swarmshop hack (lien direct) |
The hacking spree targeting underground marketplaces has claimed another victim as a database from card shop Swarmshop emerged on another forum. [...] |
Hack
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-04-08 13:25:05 |
Belden says health benefits data stolen in 2020 cyberattack (lien direct) |
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan. [...] |
|
|
|