What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-30 11:07:15 | Three Nigerians arrested for malware-assisted financial crimes (lien direct) | Interpol has announced the arrest of three Nigerian men in Lagos, who are suspected of using remote access trojans (RATs) to reroute financial transactions and steal account credentials. [...] | |||
|
2022-05-30 10:23:43 | New Microsoft Office zero-day used in attacks to execute PowerShell (lien direct) | Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. [...] | Vulnerability | ||
|
2022-05-29 12:39:55 | (Déjà vu) EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 12:39:55 | EnemyBot malware adds exploits for critical bugs in VMware, F5 BIG-IP (lien direct) | EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...] | Malware | ||
|
2022-05-29 11:15:22 | Mobile trojan detections rise as malware distribution level declines (lien direct) | Kaspersky's quarterly report on mobile malware distribution records a downward trend that started at the end of 2020, detecting one-third of the malicious installations reported in Q1 2021, and about 85% of those counted in Q4 2021. [...] | Malware | ||
|
2022-05-29 10:00:00 | New Yorker imprisoned for role in carding group behind $568M damages (lien direct) | John Telusma, a 37-year-old man from New York, was sentenced to four years in prison for selling and using stolen and compromised credit cards on the Infraud carding portal operated by the transnational cybercrime organization with the same name. [...] | |||
|
2022-05-28 15:53:15 | Microsoft: The new Windows 11 features from Build 2022 (lien direct) | During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...] | |||
|
2022-05-28 11:10:00 | Clop ransomware gang is back, hits 21 victims in a single month (lien direct) | After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...] | Ransomware | ||
|
2022-05-28 10:01:33 | New Windows Subsystem for Linux malware steals browser auth cookies (lien direct) | Hackers are showing an increased interest in the Windows Subsystem for Linux (WSL) as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. [...] | Malware | ||
|
2022-05-27 16:26:39 | FBI warns of hackers selling credentials for U.S. college networks (lien direct) | Cybercriminals are offering to sell for thousands of U.S. dollars network access credentials for higher education institutions based in the United States. [...] | |||
|
2022-05-27 14:40:49 | GitHub: Attackers stole login details of 100K npm user accounts (lien direct) | GitHub revealed today that an attacker stole the login details of roughly 100,000 npm accounts during a mid-April security breach with the help of stolen OAuth app tokens issued to Heroku and Travis-CI. [...] | |||
|
2022-05-27 13:06:56 | Microsoft finds severe bugs in Android apps from large mobile providers (lien direct) | Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. [...] | |||
|
2022-05-27 11:59:34 | Microsoft to force better security defaults for all Azure AD tenants (lien direct) | Microsoft has announced that it will force enable stricter secure default settings known as 'security defaults' on all existing Azure Active Directory (Azure AD) tenants starting in late June 2022. [...] | |||
|
2022-05-27 09:23:18 | BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (lien direct) | Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems. [...] | Ransomware | ||
|
2022-05-26 17:21:44 | Intuit warns of QuickBooks phishing threatening to suspend accounts (lien direct) | Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. [...] | |||
|
2022-05-26 16:14:52 | Microsoft: Windows 11 22H2 has reached RTM with build 22621 (lien direct) | Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing (RTM) build, meaning that the development of Window's 11 next feature update is ready for release. [...] | |||
|
2022-05-26 15:44:58 | Windows 11 KB5014019 breaks Trend Micro ransomware protection (lien direct) | This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [...] | Ransomware | ★★★ | |
|
2022-05-26 15:11:03 | OAS platform vulnerable to critical RCE and API access flaws (lien direct) | Threat analysts have disclosed vulnerabilities affecting the Open Automation Software (OAS) platform, leading to device access, denial of service, and remote code execution. [...] | Threat Guideline | ★★★ | |
|
2022-05-26 14:21:33 | Exploit released for critical VMware auth bypass bug, patch now (lien direct) | Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...] | Vulnerability | ||
|
2022-05-26 11:46:14 | Microsoft shares mitigation for Windows KrbRelayUp LPE attacks (lien direct) | Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...] | |||
|
2022-05-26 10:06:03 | Zyxel warns of flaws impacting firewalls, APs, and controllers (lien direct) | Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...] | |||
|
2022-05-26 09:26:59 | Google shut down caching servers at two Russian ISPs (lien direct) | Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...] | |||
|
2022-05-26 08:02:01 | Industrial Spy data extortion market gets into the ransomware game (lien direct) | The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...] | Ransomware | ||
|
2022-05-26 03:16:08 | New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps (lien direct) | The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. [...] | Malware | ||
|
2022-05-25 17:51:27 | FTC fines Twitter $150M for using 2FA info for targeted advertising (lien direct) | The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [...] | |||
|
2022-05-25 16:54:59 | Microsoft adds support for WSL2 distros on Windows Server 2022 (lien direct) | Microsoft has announced that Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...] | |||
|
2022-05-25 15:25:48 | New \'Cheers\' Linux ransomware targets VMware ESXi servers (lien direct) | A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...] | Ransomware | ||
|
2022-05-25 14:31:53 | Microsoft adds Office subscriptions to Windows 11 account settings (lien direct) | Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...] | |||
|
2022-05-25 13:00:00 | New ChromeLoader malware surge threatens browsers worldwide (lien direct) | The ChromeLoader malware is seeing an uptick in detections this month, following a relatively stable operation volume since the start of the year, which means that the malvertiser is now becoming a widespread threat. [...] | Malware | ||
|
2022-05-25 12:41:50 | Tails 5.0 Linux users warned against using it "for sensitive information" (lien direct) | Tails developers have warned users to stop using the portable Debian-based Linux distro until the next release if they're entering or accessing sensitive information using the bundled Tor Browser application. [...] | |||
|
2022-05-25 11:54:46 | Darknet market Versus shuts down after hacker leaks security flaw (lien direct) | The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. [...] | |||
|
2022-05-25 10:00:01 | Is 100% Cybersecurity Readiness Possible? Medical Device Pros Weigh In (lien direct) | As medical devices become more connected and reliant on software, their codebase grows both in size and complexity, and they are increasingly reliant on third-party and open source software components. Learn more from 150 senior decision makers who oversee product security or cybersecurity compliance in the medical device industry, [...] | |||
|
2022-05-25 09:42:26 | (Déjà vu) Hacker says hijacking libraries, stealing AWS keys was ethical research (lien direct) | The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...] | |||
|
2022-05-25 09:42:26 | Hacker of Python, PHP libraries: no "malicious activity" was intended (lien direct) | The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...] | |||
|
2022-05-25 09:04:40 | Interpol arrests alleged leader of the SilverTerrier BEC gang (lien direct) | After a year-long investigation that involved Interpol and several cybersecurity companies, the Nigeria Police Force has arrested an individual believed to be in the top ranks of a prominent business email compromise (BEC) group known as SilverTerrier or TMT. [...] | |||
|
2022-05-25 07:43:34 | (Déjà vu) SpiceJet airline passengers stranded after ransomware attack (lien direct) | Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] | Ransomware | ||
|
2022-05-25 07:43:34 | Indian airline SpiceJet\'s flights impacted by ransomware attack (lien direct) | Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...] | Ransomware | ||
|
2022-05-25 07:21:30 | BPFDoor malware uses Solaris vulnerability to get root privileges (lien direct) | New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. [...] | Malware Vulnerability Threat | ||
|
2022-05-24 18:42:48 | Windows 11 KB5014019 update fixes app crashes, slow copying (lien direct) | Microsoft has released optional cumulative update previews for Windows 11, Windows 10 version 1809, and Windows Server 2022, with fixes for Direct3D issues impacting client and server systems. [...] | |||
|
2022-05-24 18:07:00 | DuckDuckGo browser allows Microsoft trackers due to search agreement (lien direct) | The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. [...] | |||
|
2022-05-24 17:31:59 | Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own (lien direct) | Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2022 hacking contest. [...] | |||
|
2022-05-24 15:27:50 | Hackers target Russian govt with fake Windows updates pushing RATs (lien direct) | Hackers are targeting Russian government agencies with phishing emails that pretend to be Windows security updates and other lures to install remote access malware. [...] | |||
|
2022-05-24 14:44:22 | Microsoft: Credit card stealers are getting much stealthier (lien direct) | Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. [...] | Threat | ||
|
2022-05-24 13:50:55 | (Déjà vu) CISA adds 41 vulnerabilities to list of bugs used in cyberattacks (lien direct) | The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR. [...] | |||
|
2022-05-24 13:34:32 | US Senate: Govt\'s ransomware fight hindered by limited reporting (lien direct) | A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. [...] | Ransomware | ||
|
2022-05-24 12:45:41 | Screencastify Chrome extension flaws allow webcam hijacks (lien direct) | The popular Screencastify Chrome extension has fixed a vulnerability that allowed malicious sites to hijack users' webcams and steal recorded videos. However, security flaws still exist that could be exploited by unscrupulous insiders. [...] | Vulnerability | ||
|
2022-05-24 12:09:07 | Trend Micro fixes bug Chinese hackers exploited for espionage (lien direct) | Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware. [...] | Threat | ||
|
2022-05-24 10:16:24 | Researchers to release exploit for new VMware auth bypass, patch now (lien direct) | Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products. [...] | Vulnerability | ||
|
2022-05-24 07:42:58 | (Déjà vu) Popular Python and PHP libraries hijacked to steal AWS keys (lien direct) | PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets. [...] | |||
|
2022-05-24 07:42:58 | Popular PyPI and PHP libraries hijacked to steal AWS keys (lien direct) | PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets. [...] |
To see everything:
Our RSS (filtrered)
