What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-18 11:50:44 | Tutor LMS for WordPress Open to Info-Stealing Security Holes (lien direct) | The popular learning-management system for teacher-student communication is rife with SQL-injection vulnerabilities. | |||
|
2021-03-17 20:26:52 | Cisco Plugs Security Hole in Small Business Routers (lien direct) | The Cisco security vulnerability exists in the RV132W ADSL2+ Wireless-N VPN Routers and RV134W VDSL2 Wireless-AC VPN Routers. | Vulnerability | ||
|
2021-03-17 20:26:30 | Teen Behind Twitter Bit-Con Breach Cuts Plea Deal (lien direct) | The 'young mastermind' of the Twitter hack will serve three years in juvenile detention. | Hack | ||
|
2021-03-17 17:04:27 | $4,000 COVID-19 \'Relief Checks\' Cloak Dridex Malware (lien direct) | The American Rescue Act is the latest zeitgeisty lure being circulated in an email campaign. | Malware | ||
|
2021-03-17 16:18:15 | Mimecast: SolarWinds Attackers Stole Source Code (lien direct) | A new Mimecast update reveals the SolarWinds hackers accessed several "limited" source code repositories. | |||
|
2021-03-17 15:08:43 | State-sponsored Threat Groups Target Telcos, Steal 5G Secrets (lien direct) | Researchers say China-linked APTs lure victims with bogus Huawei career pages in what they dub 'Operation Diànxùn'. | Threat | ||
|
2021-03-17 13:00:28 | A New Paradigm in Data Security: Insider Risk Management (lien direct) | Insider Risk Management builds a framework around the new paradigm of "risk tolerance," aiming to give security teams the visibility and context around data activity to protect that data, without putting rigid constraints on users. | |||
|
2021-03-16 21:15:18 | PYSA Ransomware Pillages Education Sector, Feds Warn (lien direct) | A major spike of attacks against higher ed, K-12 and seminaries in March has prompted the FBI to issue a special alert. | Ransomware | ||
|
2021-03-16 20:27:31 | Mom & Daughter Duo Hack Homecoming Crown (lien direct) | A Florida high-school student faces jail time for rigging her school's Homecoming Queen election. | Hack | ||
|
2021-03-16 16:57:46 | Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices (lien direct) | A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices. | |||
|
2021-03-16 16:56:26 | Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix (lien direct) | Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress. | Patching | ||
|
2021-03-16 16:40:44 | Magecart Attackers Save Stolen Credit-Card Data in .JPG File (lien direct) | Researchers from Sucuri discovered the tactic, which creatively hides malicious activity until the info can be retrieved, during an investigation into a compromised Magento 2 e-commerce site. | |||
|
2021-03-16 14:01:06 | Google Releases Spectre PoC Exploit For Chrome (lien direct) | Google has released the side-channel exploit in hopes of motivating web-application developers to protect their sites. | |||
|
2021-03-16 13:00:15 | Top MSP Challenges in 2021 (lien direct) | At SafeDNS, we see three entangled hurdles for MSPs in 2021 and the coming years- tied with the current economic uncertainty and somewhat linked to the pandemic. | |||
|
2021-03-15 20:11:20 | Cybersecurity Bug-Hunting Sparks Enterprise Confidence (lien direct) | A survey from Intel shows that most organizations prefer tech providers to have proactive security, but few meet security expectations. | |||
|
2021-03-15 18:17:15 | Cyberattacks See Fundamental Changes, A Year into COVID-19 (lien direct) | A year after COVID-19 was officially determined to be a pandemic, the methods and tactics used by cybercriminals have drastically changed. | |||
|
2021-03-15 15:40:21 | Google Warns Mac, Windows Users of Chrome Zero-Day Flaw (lien direct) | The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months. | Vulnerability | ||
|
2021-03-12 21:42:59 | Critical Security Hole Can Knock Smart Meters Offline (lien direct) | Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks. | |||
|
2021-03-12 21:05:14 | REvil Group Claims Slew of Ransomware Attacks (lien direct) | The threat group behind the Sodinokibi ransomware claimed to have recently compromised nine organizations. | Ransomware Threat | ||
|
2021-03-12 20:41:36 | Europol Credits Sweeping Arrests to Cracked Sky ECC Comms (lien direct) | Sky ECC claims that cops cracked a fake version of the app being passed off by disgruntled reseller. | |||
|
2021-03-12 17:21:22 | Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection (lien direct) | A legitimate binary for creating shortcut keys in Windows is being used to help the malware sneak past defenses, in a rash of new campaigns. | Malware | ||
|
2021-03-12 16:26:07 | (Déjà vu) Microsoft Exchange Exploits Pave a Ransomware Path (lien direct) | As attacks double every hour, hackers are exploiting vulnerable Microsoft Exchange servers and installing a new family of ransomware called DearCry. | Ransomware | ||
|
2021-03-12 15:39:57 | Molson Coors Cracks Open a Cyberattack Investigation (lien direct) | The multinational brewing company did not say what type of incident caused a 'systems outage,' but it's investigating and working to get networks back online. | |||
|
2021-03-11 21:52:15 | Ransomware Attack Strikes Spain\'s Employment Agency (lien direct) | Reports say that the agency in charge of managing Spain's unemployment benefits has been hit by the Ryuk ransomware. | |||
|
2021-03-11 21:47:23 | TrickBot Takes Over, After Cops Kneecap Emotet (lien direct) | TrickBot rises to top threat in February, overtaking Emotet in Check Point's new index. | Threat | ||
|
2021-03-11 18:58:10 | NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic (lien direct) | A spam campaign hides a malicious executable behind file archive extensions. | Spam | ||
|
2021-03-11 18:01:16 | Microsoft Exchange Servers Face APT Attack Tsunami (lien direct) | At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount. | |||
|
2021-03-11 16:54:12 | Linux Systems Under Attack By New RedXOR Malware (lien direct) | Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities. | Malware | ||
|
2021-03-11 16:05:27 | FIN8 Resurfaces with Revamped Backdoor Malware (lien direct) | The financial cyber-gang is running limited attacks ahead of broader offensives on point-of-sale systems. | Malware | ||
|
2021-03-11 14:21:50 | F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs (lien direct) | The F5 flaws could affect the networking infrastructure for some of the largest tech and Fortune 500 companies - including Microsoft, Oracle and Facebook. | |||
|
2021-03-10 22:00:24 | SAP Stomps Out Critical RCE Flaw in Manufacturing Software (lien direct) | The remote code execution flaw could allow attackers to deploy malware, modify network configurations and view databases. | |||
|
2021-03-10 21:44:55 | Fake Ad Blocker Delivers Hybrid Cryptominer/Ransomware Infection (lien direct) | A hybrid Monero cryptominer and ransomware bug has hit 20,000 machines in 60 days. | Ransomware | ||
|
2021-03-10 20:25:47 | Cyberattackers Exploiting Critical WordPress Plugin Bug (lien direct) | The security hole in the Plus Addons for Elementor plugin was used in active zero-day attacks prior to a patch being issued. | |||
|
2021-03-10 16:40:12 | Nim-Based Malware Loader Spreads Via Spear-Phishing Emails (lien direct) | Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike. | Malware | ||
|
2021-03-10 14:44:05 | Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare (lien direct) | Surveillance footage from companies such as Tesla as well as hospitals, prisons, police departments and schools was accessed in the hack. | |||
|
2021-03-09 23:31:44 | Apple\'s Device Location-Tracking System Could Expose User Identities (lien direct) | Researchers have identified two vulnerabilities in the company's crowd-sourced Offline Finding technology that could jeopardize its promise of privacy. | |||
|
2021-03-09 22:12:56 | Microsoft Patch Tuesday Updates Fix 14 Critical Bugs (lien direct) | Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall. | |||
|
2021-03-09 21:59:30 | Dark Web Markets for Stolen Data See Banner Sales (lien direct) | Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament - they need to lock down their growing businesses for […] | |||
|
2021-03-09 20:44:18 | Adobe Critical Code-Execution Flaws Plague Windows Users (lien direct) | The critical flaws exist in Adobe Framemaker, Connect and the Creative Cloud desktop application for Windows. | |||
|
2021-03-09 16:44:11 | Google Play Harbors Malware-Laced Apps Delivering Spy Trojans (lien direct) | A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users. | Malware | ||
|
2021-03-09 15:58:15 | Apple Plugs Severe WebKit Remote Code-Execution Hole (lien direct) | Apple pushed out security updates for a memory-corruption bug to devices running on iOS, macOS, watchOS and for Safari. | |||
|
2021-03-08 21:20:15 | Newest Intel Side-Channel Attack Sniffs Out Sensitive Data (lien direct) | A new side-channel attack takes aim at Intel's CPU ring interconnect in order to glean sensitive data. | |||
|
2021-03-08 21:16:20 | Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices (lien direct) | Researchers warn two critical bugs impacting multiple QNAP firmware versions are under active attack. | |||
|
2021-03-08 17:04:59 | Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords (lien direct) | A phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. | |||
|
2021-03-05 20:45:01 | U.S. DoD Weapons Programs Lack \'Key\' Cybersecurity Measures (lien direct) | The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks. | |||
|
2021-03-05 20:35:57 | WordPress Injection Anchors Widespread Malware Campaign (lien direct) | Website admins should patch all plugins, WordPress itself and back-end servers as soon as possible. | Malware | ||
|
2021-03-05 19:52:39 | Massive Supply-Chain Cyberattack Breaches Several Airlines (lien direct) | The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers. | |||
|
2021-03-05 17:24:05 | Critics Blast Google\'s Aim to Replace Browser Cookie with \'FLoC\' (lien direct) | EFF worries that the Google's 'privacy-first” vision for the future may pose new privacy risks. | |||
|
2021-03-05 15:55:41 | D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant (lien direct) | A new variant of the Gafgyt botnet - that's actively targeting vulnerable D-Link and Internet of Things devices - is the first variant of the malware to rely on Tor communications, researchers say. | Malware | ||
|
2021-03-04 22:19:15 | Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers (lien direct) | Researchers with Microsoft and FireEye found three new malware families, which they said are used by the threat group behind the SolarWinds attack. | Malware Threat |
To see everything:
Our RSS (filtrered)
