What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
bleepingcomputer.png 2019-01-18 16:57:02 The Week in Ransomware - January 18th 2019 - Devs Back from Vacation (lien direct)

The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...]

bleepingcomputer.png 2019-01-18 14:39:04 Fallout Exploit Kit is Back with New Vulnerabilities and Payloads (lien direct)

The Fallout exploit kit is back in business after a short downtime, with new tools under its belt: a new Flash exploit for CVE-2018-15982, HTTPS support, a new landing page format, and the capability to deliver payloads using Powershell [...]

bleepingcomputer.png 2019-01-18 12:50:00 Amazon, Apple, Others Hit with GDPR Complaints, €18.8B Maximum Penalties (lien direct)

Ten GDPR complaints were filed by noyb against Amazon, Apple, DAZN, Spotify, SoundCloud, YouTube, Flimmit, Netflix with the Austrian Data Protection Authority for violations of Article 15, with a maximum penalty across all complaints of €18.8 billion [...]

bleepingcomputer.png 2019-01-18 12:07:01 Vulnerabilities Found in Highly Popular Firmware for WiFi Chips (lien direct)

WiFi chip firmware in a variety of devices used mainly for gaming, but also for personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction. [...]

bleepingcomputer.png 2019-01-18 10:09:05 Facebook Caught Red Handed While Swiping Money From Children (lien direct)

According to court documents part of a 2012 class-action lawsuit made public by a federal judge at the request of The Center for Investigative Reporting\'s Reveal, social network giant Facebook has made a habit of charging kids without their parents\' knowledge while playing games on its platform . [...]

bleepingcomputer.png 2019-01-18 02:47:03 Windows Zero-Day Bug that Overwrites Files Gets Interim Fix (lien direct)

A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...]

bleepingcomputer.png 2019-01-17 17:48:04 BlackRouter Ransomware Promoted as a RaaS by Iranian Developer (lien direct)

A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...]

bleepingcomputer.png 2019-01-17 17:15:03 Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets (lien direct)

Twitter announced today that an issue in its app for Android exposed some users\' protected tweets for over four years, if they made certain changes to their account settings. [...]

bleepingcomputer.png 2019-01-17 16:06:00 Data Breach Collection with 773 Million Email Entries Leaked Online (lien direct)

A giant 87 gigabyte archive consisting of 773 million unique email addresses and their associated cracked, or dehashed, passwords has been spotted being promoted on an online hacking forum. This file is being called "Collection #1" and was designed to easily be used in credential stuffing attacks. [...]

bleepingcomputer.png 2019-01-17 15:20:05 ES File Explorer Flaws Put 100 Million Users\' Data at Risk, Fix Promised (lien direct)

ES File Explorer users now have to wait to see what issue will be fixed in the next update: the always-on web server giving access to all their files to anyone on the same Wi-Fi network or the MitM attack vulnerability [...]

bleepingcomputer.png 2019-01-17 13:22:02 Microsoft Launches Azure DevOps Bounty Program (lien direct)

Microsoft Security Response Center (MSRC) announced the launch of a bug bounty program starting January 17 and targeting the Azure DevOps services and the latest release of Azure DevOps server [...]

bleepingcomputer.png 2019-01-17 12:00:00 Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection (lien direct)

Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...]

bleepingcomputer.png 2019-01-17 11:26:05 Fake GPS Apps with 50M Installs Just Show Ads and Run Google Maps (lien direct)

19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps. [...]

bleepingcomputer.png 2019-01-17 11:00:00 Rocke\'s Cryptominers Kills Competition, Uninstall Cloud Security Products (lien direct)

Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...]

bleepingcomputer.png 2019-01-17 08:37:00 Flaw in Telegram Reveals Awful OpSec from Malware Author (lien direct)

A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator. [...]

bleepingcomputer.png 2019-01-17 06:00:05 Banks in West Africa Hit with Off-The-Shelf Malware, Free Tools (lien direct)

Attacks hitting financial organizations in West Africa since at least mid-2017 rely on off-the-shelf malware, free hacking tools, and utilities already available on the target systems to steal credentials, install backdoors, and run commands. [...]

bleepingcomputer.png 2019-01-17 03:31:03 Emsisoft Browser Security Protects You from Malicious Sites (lien direct)

For those looking for extra protection while browsing the web, Emsisoft has a released a browser extension that will block you from interacting with known phishing, malware, or scam sites. [...]

bleepingcomputer.png 2019-01-16 16:30:00 Bipartisan Bill Introduced to Ban Sale of US Tech to Chinese Companies (lien direct)

Bipartisan Telecommunications Denial Order Enforcement Act (H.R. 7255) was introduced today to impose a ban on selling US technology to Huawei and ZTE, as well as other Chinese companies in violation of sanctions laws and export control. [...]

bleepingcomputer.png 2019-01-16 16:09:04 Windows 10 19H1 Update Splits Up Windows Search and Cortana (lien direct)

Windows 10 19H1 which is supposed to launch in April 2019 will finally split up Windows Search and Cortana to offer the best search and voice-first digital assistant experience. [...]

bleepingcomputer.png 2019-01-16 15:39:03 Microsoft and VirusTotal Team Up to Detect Malicious Signed MSI Files (lien direct)

Microsoft and Chronicle\'s VirusTotal have teamed up to better detect signed MSI files that have been modified to include malicious Java archives.  [...]

bleepingcomputer.png 2019-01-16 14:40:04 Windows 10 Insider Build 18317 Released and Breaks WSL Again (lien direct)

The latest update to Windows 10 19H1 separates Cortana from search, improves the Windows Insider page and also focuses on Start Menu reliability. [...]

bleepingcomputer.png 2019-01-16 14:03:03 EU Copyright Directive to Turn Google into Ghost Town (lien direct)

Google\'s search results will look like a deserted town according to the search giant, with no article titles, no images, and no news summaries if the SERP templates following the EU Copyright Directive provisions will go live [...]

bleepingcomputer.png 2019-01-16 12:02:05 Over 140 International Airlines Affected by Major Security Breach (lien direct)

Potential attackers could view and change private information in flight bookings made by millions of customers of major international airlines because of a security issue in the Amadeus online booking system [...]

bleepingcomputer.png 2019-01-16 11:07:00 LoJax Command and Control Domains Still Active (lien direct)

Security researchers have uncovered new details about the infrastructure used by LoJax UEFI rootkit used in attacks from APT28. The analysis revealed two command and control (C2) servers were still active in early 2019. [...]

bleepingcomputer.png 2019-01-16 10:31:05 MageCart Skimmer Hits Hundreds of Sites In Ad Supply Chain Attack (lien direct)

Most attackers who utilize malicious scripts known as MageCart to steal payment information usually try to keep a low profile to stay undetected on the sites they compromise. New research shows how one MageCart criminal group recently compromised an advertising script to inject MageCart into hundreds of sites at the same time. [...]

bleepingcomputer.png 2019-01-16 09:59:03 NVIDIA Tesla T4 GPUs in Beta on the Google Cloud Platform (lien direct)

The Google Cloud Platform is the first cloud vendor to provide its customers with access to NVIDIA\'s professional Tesla T4 GPU, via a beta program with instances available for customers from Brazil, India, Netherlands, Singapore, Tokyo, and the United States. [...]

bleepingcomputer.png 2019-01-16 06:33:04 Bug in Fortnite Authentication Left Accounts Open to Take Over (lien direct)

Weaknesses in Epic Games\' authentication process for the highly popular Fortnite left gamers\' accounts exposed to take over risks. An attacker could have stolen login tokens by just tricking the victim into clicking a link. [...]

bleepingcomputer.png 2019-01-16 05:30:00 Firefox 66 Lets You Reconfigure Keyboard Shortcuts for Extensions (lien direct)

Firefox lets developers create keyboard shortcuts for their extension\'s functions, which are hard coded or possibly configurable depending on the extension. In Firefox 66, Mozila is making extension keyboard shortcuts configurable by a user directly from the about:addons page.  [...]

bleepingcomputer.png 2019-01-16 05:30:00 Firefox 66 Lets You Configure Keyboard Shortcuts for Extensions (lien direct)

Firefox lets developers create keyboard shortcuts for their extension\'s functions, which are hard coded or possibly configurable depending on the extension. In Firefox 66, Mozila is making extension keyboard shortcuts configurable by a user directly from the about:addons page.  [...]

bleepingcomputer.png 2019-01-16 03:05:00 Emotet Returns from the Holidays With New Tricks (lien direct)

Following a short period of low activity, Emotet operators are back at distributing through malicious email campaigns a new strain of their payload that carries new tricks. [...]

bleepingcomputer.png 2019-01-15 19:12:01 Djvu Ransomware Spreading New .TRO Variant Through Cracks & Adware Bundles (lien direct)

In December 2018, a new ransomware called Djvu, which could be a variant of STOP,  was released that has been heavily promoted through crack downloads & adware bundles. Originally, this ransomware would append a variation of the .djvu string as an extension to encrypted files, but a recent variant has switched to the .tro extension. [...]

bleepingcomputer.png 2019-01-15 18:00:00 Google Docs, Sheets, Slides, and Sites Get Material Design (lien direct)

Google announced the adoption of Material Design in its Docs, Sheets, Slides, and Sites G Suite applications on the web, a new product look and feel which will be turned on by default for all end users [...]

bleepingcomputer.png 2019-01-15 16:56:02 Zero-Day Vulnerabilities Leave Smart Buildings Open to Cyber Attacks (lien direct)

A team of researchers discovered six zero-day vulnerabilities in protocols and individual components used in smart buildings. The flaws could be used to steal sensitive information, access or delete critical files, or perform malicious actions. [...]

bleepingcomputer.png 2019-01-15 15:41:05 Windows 10 Version 1803 Cumulative Update Build 17134.556 Released (lien direct)

Microsoft says that 17134.556 for Windows 10 April 2018 Update includes quality improvements and no new features are being introduced in this update. [...]

bleepingcomputer.png 2019-01-15 15:16:03 Microsoft Says Outlook Mobile Now Ready For Pentagon Use (lien direct)

Outlook for iOS and Android can now be used by Department of Defense and Office 365 US Government Community Cloud High customers after their architecture was updated to use native Microsoft sync technology with direct connections to the already compliant Exchange Online backend services [...]

bleepingcomputer.png 2019-01-15 13:35:05 New York Privacy Bill Forces Businesses to Disclose Consumer Data Use (lien direct)

A bill known as the "Right to know act of 2019" was proposed by New York State Senator Brad Madison Hoylman on January 9 to amend the general business law so that consumers have the right to request personal information that has been collected by a company and is being disclosed to third-parties. [...]

bleepingcomputer.png 2019-01-15 11:15:02 BEC Scammers Go After Employee Paychecks (lien direct)

A change has been noticed in the evolution of business email compromise (BEC) scams, with fraudsters tricking human resource departments into changing an employee\'s direct deposit information to divert paychecks into an account they control. [...]

bleepingcomputer.png 2019-01-15 09:54:01 Microsoft and Walgreens Boots Alliance Establish Health Care Partnership (lien direct)

Microsoft announced a new joint partnership with health care giant Walgreens Boots Alliance aiming to combine the latter\'s customer reach and experience in health care services with the former\'s cloud and AI platform. [...]

bleepingcomputer.png 2019-01-15 08:13:00 Windows Security Patch Breaks PowerShell Remoting (lien direct)

Windows PowerShell and PowerShell Core 6 (PSCore6) WinRM based remoting have been broken for a specific PowerShell remoting scenario by Microsoft\'s CVE-2019-0543 security patch released on January 8 [...]

bleepingcomputer.png 2019-01-15 05:28:00 Flaws in a Card Access Control System May Allow Hackers to Bypass Security (lien direct)

Vulnerabilities discovered in the PremiSys IDentity access system could render the building entrance security it provides useless. The vendor was warned about the flaws but still hasn\'t released the necessary patches. [...]

bleepingcomputer.png 2019-01-15 03:25:03 New Ransomware Bundles PayPal Phishing Into Its Ransom Note (lien direct)

A new in-development ransomware has been discovered that not only encrypts your files, but also tries to steal your PayPal credentials with an included phishing page. [...]

bleepingcomputer.png 2019-01-14 18:51:03 Hope You\'re Using Protection as Love Letter MalSpam has Nasty Surprises (lien direct)

It is almost February and love is in the air, but that doesn\'t mean you should open every love letter you receive. A large malspam campaign has been discovered that uses romantic and endearing email subjects to trick recipients into getting infected with ransomware, miners, and more. [...]

bleepingcomputer.png 2019-01-14 16:50:01 First Windows 10 Build for Microsoft\'s Foldable Devices Appears Online (lien direct)

BuildFeed, a site that keeps track of the latest Windows 10 and Window Insider builds, has found a new build that may indicate that Microsoft is internally testing builds for foldable Windows 10 devices. This new build has a version of 18313.1004 on Microsoft\'s servers and comes from the Windows 10 19H1 development. [...]

bleepingcomputer.png 2019-01-14 16:20:03 Massachusetts Amends Law Protecting Consumers From Security Breaches (lien direct)

Massachusetts Governor Charlie Baker signed a new law on January 10 that amends the state\'s data breach law removing the fees imposed by credit reporting agencies for security disclosures and freezes of consumer credit reports [...]

bleepingcomputer.png 2019-01-14 14:00:00 Microsoft Awarded Five-Year $1.76 Billion IDIQ Contract by DoD (lien direct)


bleepingcomputer.png 2019-01-14 13:30:00 Hundreds of Cybersecurity Risks Still Affecting the Pentagon (lien direct)

Although the vast majority of open cybersecurity issues are from 2018, there are a handful of cybersecurity gaps left open for about a decade, with two recommendations unaddressed since 2008 [...]

bleepingcomputer.png 2019-01-14 12:56:05 Escaping Containers to Execute Commands on Play with Docker Servers (lien direct)

Improperly secured privileged containers on the Play with Docker testing platform offered security researchers a way to escape Linux containers and run arbitrary code on the host system. [...]

bleepingcomputer.png 2019-01-14 08:24:04 Godaddy Injecting JavaScript That May Break Customer Sites (lien direct)

Domain registrar GoDaddy is injecting JavaScript into US customer websites that could impact the overall performance of the website or even render it inoperable. [...]

bleepingcomputer.png 2019-01-14 03:00:04 Windows 7 KMS Activation Issues Caused by Microsoft Mistake, Not an Update (lien direct)

On January 8th, 2019, Windows 7 machines that were activated through Key Management Service started receiving a "Windows is not genuine" error indicating that the license is not valid. It turns out this this problem was not related to a January Patch Tuesday update, but rather caused by a problem on Microsoft\'s activation server. [...]

bleepingcomputer.png 2019-01-13 14:02:00 Mozilla to Disable Flash Plugin by Default in Firefox 69 (lien direct)

Starting in Firefox 69, Mozilla will be disabling support for the Adobe Flash plugin by default. This is being done as part of the roadmap set forth by Mozilla on how they will be ultimately disable all support for Flash in Firefox. [...]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-01-19 06:03:28
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter