What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-01 18:06:52 | New Windows Search zero-day added to Microsoft protocol nightmare (lien direct) | A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document. [...] | Vulnerability | ||
|
2022-06-01 16:21:56 | Former OpenSea head of product charged with NFT insider trading (lien direct) | Nathaniel Chastain, a former product manager at OpenSea, the largest online non-fungible token (NFT) marketplace, has been arrested and charged by the U.S. Department of Justice (DOJ) with NFT insider trading. [...] | |||
|
2022-06-01 15:13:40 | Hundreds of Elasticsearch databases targeted in ransom attacks (lien direct) | A campaign targeting poorly secured Elasticsearch databases has deleted their contents and dropped ransom notes on 450 instances, demanding a payment of $620 to give them back their indexes, totaling a demand of $279,000. [...] | |||
|
2022-06-01 14:46:57 | FBI seizes domains used to sell stolen data, DDoS services (lien direct) | The Federal Bureau of Investigation (FBI) and the U.S. Department of Justice announced today the seizure of three domains used by cybercriminals to sell personal info stolen in data breaches and to provide DDoS attack services. [...] | |||
|
2022-06-01 13:09:51 | US govt: Paying Karakurt extortion ransoms won\'t stop data leaks (lien direct) | Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others. [...] | |||
|
2022-06-01 12:39:52 | RuneScape phishing steals accounts and in-game item bank PINs (lien direct) | Cybersecurity researchers have discovered a new RuneScape-themed phishing campaign, and it stands out among the various operations for being exceptionally well-crafted. [...] | |||
|
2022-06-01 11:31:38 | Windows MSDT zero-day vulnerability gets free unofficial patch (lien direct) | A free unofficial patch is now available to block ongoing attacks against Windows systems that target a critical zero-day vulnerability known as 'Follina.' [...] | Vulnerability | ||
|
2022-06-01 09:31:39 | FluBot Android malware operation shutdown by law enforcement (lien direct) | Europol has announced the takedown of the FluBot operation, one of the largest and fastest-growing Android malware operations in existence. [...] | Malware | ||
|
2022-06-01 09:10:12 | SideWinder hackers plant fake Android VPN app in Google Play Store (lien direct) | Phishing campaigns attributed to an advanced threat actor called SideWinder involved a fake VPN app for Android devices published on Google Play Store along with a custom tool that filters victims for better targeting. [...] | Tool Threat | APT-C-17 | |
|
2022-06-01 07:32:43 | Ransomware attacks need less than four days to encrypt systems (lien direct) | The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019. [...] | Ransomware | ||
|
2022-06-01 06:00:00 | Telegram\'s blogging platform abused in phishing attacks (lien direct) | Telegram's anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform's lax policies to set up interim landing pages that lead to the theft of account credentials. [...] | Guideline | ||
|
2022-05-31 19:10:09 | Hackers steal WhatsApp accounts using call forwarding trick (lien direct) | There's a trick that allows attackers to hijack a victim's WhatsApp account and gain access to personal messages and contact list. [...] | |||
|
2022-05-31 18:00:17 | Windows MSDT zero-day now exploited by Chinese APT hackers (lien direct) | Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely on Windows systems. [...] | Vulnerability Threat | ||
|
2022-05-31 16:02:01 | Over 3.6 million MySQL servers found exposed on the Internet (lien direct) | Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. [...] | |||
|
2022-05-31 15:43:51 | FBI warns of Ukrainian charities impersonated to steal donations (lien direct) | Scammers are claiming to be collecting donations to help Ukrainian refugees and war victims while impersonating legitimate Ukrainian humanitarian aid organizations, according to the Federal Bureau of Investigation (FBI). [...] | |||
|
2022-05-31 13:34:25 | Costa Rica\'s public health agency hit by Hive ransomware (lien direct) | All computer systems on the network of Costa Rica's public health service (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. [...] | Ransomware | ||
|
2022-05-31 11:45:04 | New XLoader botnet uses probability theory to hide its servers (lien direct) | Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware's operation. [...] | Malware Threat | ||
|
2022-05-31 10:06:48 | Aligning Your Password Policy enforcement with NIST Guidelines (lien direct) | Although most organizations are not required by law to comply with NIST standards, it is usually in an organization's best interest to follow NIST's cybersecurity standards. This is especially true for NIST's password guidelines. [...] | |||
|
2022-05-31 05:18:39 | Microsoft shares mitigation for Office zero-day exploited in attacks (lien direct) | Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. [...] | |||
|
2022-05-30 16:00:01 | Vodafone plans carrier-level user tracking for targeted ads (lien direct) | Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. [...] | |||
|
2022-05-30 14:10:44 | Italy warns organizations to brace for incoming DDoS attacks (lien direct) | The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday. [...] | |||
|
2022-05-30 12:13:12 | Google quietly bans deepfake training projects on Colab (lien direct) | Google has quietly banned deepfake projects on its Colaboratory (Colab) service, putting an end to the large-scale utilization of the platform's resources for this purpose. [...] | |||
|
2022-05-30 11:07:15 | Three Nigerians arrested for malware-assisted financial crimes (lien direct) | Interpol has announced the arrest of three Nigerian men in Lagos, who are suspected of using remote access trojans (RATs) to reroute financial transactions and steal account credentials. [...] | |||
|
2022-05-30 10:23:43 | New Microsoft Office zero-day used in attacks to execute PowerShell (lien direct) | Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. [...] | Vulnerability | ||
|
2022-05-29 12:39:55 | (Déjà vu) EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 12:39:55 | EnemyBot malware adds exploits for critical bugs in VMware, F5 BIG-IP (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 11:15:22 | Mobile trojan detections rise as malware distribution level declines (lien direct) | Kaspersky's quarterly report on mobile malware distribution records a downward trend that started at the end of 2020, detecting one-third of the malicious installations reported in Q1 2021, and about 85% of those counted in Q4 2021. [...] | Malware | ||
|
2022-05-29 10:00:00 | New Yorker imprisoned for role in carding group behind $568M damages (lien direct) | John Telusma, a 37-year-old man from New York, was sentenced to four years in prison for selling and using stolen and compromised credit cards on the Infraud carding portal operated by the transnational cybercrime organization with the same name. [...] | |||
|
2022-05-28 15:53:15 | Microsoft: The new Windows 11 features from Build 2022 (lien direct) | During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...] | |||
|
2022-05-28 11:10:00 | Clop ransomware gang is back, hits 21 victims in a single month (lien direct) | After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...] | Ransomware | ||
|
2022-05-28 10:01:33 | New Windows Subsystem for Linux malware steals browser auth cookies (lien direct) | Hackers are showing an increased interest in the Windows Subsystem for Linux (WSL) as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. [...] | Malware | ||
|
2022-05-27 16:26:39 | FBI warns of hackers selling credentials for U.S. college networks (lien direct) | Cybercriminals are offering to sell for thousands of U.S. dollars network access credentials for higher education institutions based in the United States. [...] | |||
|
2022-05-27 14:40:49 | GitHub: Attackers stole login details of 100K npm user accounts (lien direct) | GitHub revealed today that an attacker stole the login details of roughly 100,000 npm accounts during a mid-April security breach with the help of stolen OAuth app tokens issued to Heroku and Travis-CI. [...] | |||
|
2022-05-27 13:06:56 | Microsoft finds severe bugs in Android apps from large mobile providers (lien direct) | Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. [...] | |||
|
2022-05-27 11:59:34 | Microsoft to force better security defaults for all Azure AD tenants (lien direct) | Microsoft has announced that it will force enable stricter secure default settings known as 'security defaults' on all existing Azure Active Directory (Azure AD) tenants starting in late June 2022. [...] | |||
|
2022-05-27 09:23:18 | BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (lien direct) | Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. [...] | Ransomware | ||
|
2022-05-26 17:21:44 | Intuit warns of QuickBooks phishing threatening to suspend accounts (lien direct) | Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. [...] | |||
|
2022-05-26 16:14:52 | Microsoft: Windows 11 22H2 has reached RTM with build 22621 (lien direct) | Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing (RTM) build, meaning that the development of Window's 11 next feature update is ready for release. [...] | |||
|
2022-05-26 15:44:58 | Windows 11 KB5014019 breaks Trend Micro ransomware protection (lien direct) | This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...] | Ransomware | ★★★ | |
|
2022-05-26 15:11:03 | OAS platform vulnerable to critical RCE and API access flaws (lien direct) | Threat analysts have disclosed vulnerabilities affecting the Open Automation Software (OAS) platform, leading to device access, denial of service, and remote code execution. [...] | Threat Guideline | ★★★ | |
|
2022-05-26 14:21:33 | Exploit released for critical VMware auth bypass bug, patch now (lien direct) | Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...] | Vulnerability | ||
|
2022-05-26 11:46:14 | Microsoft shares mitigation for Windows KrbRelayUp LPE attacks (lien direct) | Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...] | |||
|
2022-05-26 10:06:03 | Zyxel warns of flaws impacting firewalls, APs, and controllers (lien direct) | Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...] | |||
|
2022-05-26 09:26:59 | Google shut down caching servers at two Russian ISPs (lien direct) | Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...] | |||
|
2022-05-26 08:02:01 | Industrial Spy data extortion market gets into the ransomware game (lien direct) | The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...] | Ransomware | ||
|
2022-05-26 03:16:08 | New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps (lien direct) | The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. [...] | Malware | ||
|
2022-05-25 17:51:27 | FTC fines Twitter $150M for using 2FA info for targeted advertising (lien direct) | The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [...] | |||
|
2022-05-25 16:54:59 | Microsoft adds support for WSL2 distros on Windows Server 2022 (lien direct) | Microsoft has announced that Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...] | |||
|
2022-05-25 15:25:48 | New \'Cheers\' Linux ransomware targets VMware ESXi servers (lien direct) | A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...] | Ransomware | ||
|
2022-05-25 14:31:53 | Microsoft adds Office subscriptions to Windows 11 account settings (lien direct) | Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...] |
To see everything:
