What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-10 11:13:59 | Europol ordered to erase data on those not linked to crime (lien direct) | The European Data Protection Supervisor (EDPS), an EU privacy and data protection independent supervisory authority, has ordered Europol to erase personal data on individuals that haven't been linked to criminal activity. [...] | |||
|
2022-01-10 10:28:43 | WordPress 5.8.3 security update fixes SQL injection, XSS flaws (lien direct) | The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. [...] | |||
|
2022-01-09 09:17:39 | Dev corrupts NPM libs \'colors\' and \'faker\' breaking thousands of apps (lien direct) | Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM libraries had been compromised, but it turns out there's more to the story. [...] | |||
|
2022-01-08 14:35:42 | Trojanized dnSpy app drops malware cocktail on researchers, devs (lien direct) | Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners. [...] | Malware | ||
|
2022-01-08 10:16:32 | Rapid window title changes cause \'white screen of death\' (lien direct) | Experimentation with ANSI escape characters on terminal emulators has led to the discovery of multiple high-severity DoS (denial of service) vulnerabilities on Windows terminals and Chrome-based web browsers. [...] | |||
|
2022-01-07 17:50:34 | The Week in Ransomware - January 7th 2022 - Watch out for USB drives (lien direct) | With the holidays these past two weeks, there have been only a few known ransomware attacks and little research released. Here is what we know. [...] | Ransomware | ||
|
2022-01-07 16:56:32 | SonicWall: Y2K22 bug hits Email Security, firewall products (lien direct) | SonicWall has confirmed today that some of its Email Security and firewall products have been hit by the Y2K22 bug, causing message log updates and junk box failures starting with January 1, 2022. [...] | ★★★ | ||
|
2022-01-07 13:14:19 | (Déjà vu) FBI: Hackers use BadUSB to target defense firms with ransomware (lien direct) | The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware. [...] | Ransomware | ||
|
2022-01-07 13:14:19 | FBI: Hackers target US defense firms with malicious USB packages (lien direct) | The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminals group is targeting the US defense industry with packages containing malicious USB devices. [...] | ★★★★★ | ||
|
2022-01-07 12:37:12 | FluBot malware now targets Europe posing as Flash Player app (lien direct) | The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. [...] | Malware | ||
|
2022-01-07 11:52:11 | Diversity job board Canvas.com ordered to stop using domain name (lien direct) | Diversity recruiting site Canvas.com has been ordered by a U.S. District judge to drop the use of the domain name over a trademark dispute. [...] | |||
|
2022-01-07 11:22:48 | US counterintelligence shares tips to block spyware attacks (lien direct) | The US National Counterintelligence and Security Center (NCSC) and the Department of State have jointly published guidance on defending against attacks using commercial surveillance tools. [...] | |||
|
2022-01-07 09:29:26 | NHS warns of hackers exploiting Log4Shell in VMware Horizon (lien direct) | UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. [...] | Threat | ||
|
2022-01-07 08:20:29 | QNAP warns of ransomware targeting Internet-exposed NAS devices (lien direct) | QNAP has warned customers today to secure Internet-exposed network-attached storage (NAS) devices immediately from ongoing ransomware and brute-force attacks. [...] | Ransomware | ||
|
2022-01-06 19:34:06 | FinalSite ransomware attack shuts down thousands of school websites (lien direct) | FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. [...] | Ransomware Guideline | ||
|
2022-01-06 17:09:12 | Night Sky is the latest ransomware targeting corporate networks (lien direct) | It's a new year, and with it comes a new ransomware to keep an eye on called 'Night Sky' that targets corporate networks and steals data in double-extortion attacks. [...] | Ransomware | ||
|
2022-01-06 15:53:02 | FlexBooker discloses data breach, over 3.7 million accounts impacted (lien direct) | Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. [...] | |||
|
2022-01-06 13:51:59 | Microsoft: KB5008212 Windows security update breaks Outlook search (lien direct) | Microsoft has acknowledged an issue triggered by a Windows 10, version 21H2 security update released during the December 2021 Patch Tuesday that causes search issues in Outlook for Microsoft 365. [...] | |||
|
2022-01-06 12:55:51 | US arrests suspect who stole unpublished books in phishing attacks (lien direct) | An Italian man allegedly involved in a multi-year scheme to fraudulently obtain hundreds of prepublication manuscripts was arrested on Wednesday at the John F. Kennedy International Airport, in New York. [...] | |||
|
2022-01-06 11:48:11 | US online pharmacy Ravkoo links data breach to AWS portal incident (lien direct) | Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. [...] | Data Breach | ||
|
2022-01-06 11:02:00 | Swiss army bans all chat apps but locally-developed Threema (lien direct) | The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead. [...] | |||
|
2022-01-06 09:00:00 | Google Docs commenting feature exploited for spear-phishing (lien direct) | A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [...] | Threat | ||
|
2022-01-06 08:37:08 | France hits Facebook and Google with $210 million in fines (lien direct) | France's National Commission on Informatics and Liberty (CNIL), the country's data privacy and protection body, has announced a 60 million euro ($68 million) sanction against Facebook and a 150 million euro ($170 million) penalty against Google. [...] | |||
|
2022-01-06 08:29:27 | FBI warns about ongoing Google Voice authentication scams (lien direct) | The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. [...] | |||
|
2022-01-05 18:32:16 | Privacy-focused Brave browser records massive growth in 2021 (lien direct) | The privacy-focused web browser Brave continues to grow rapidly as the company reached 50 million monthly active users for the first time in 2021. [...] | |||
|
2022-01-05 18:01:02 | Honda, Acura cars hit by Y2K22 bug that rolls back clocks to 2002 (lien direct) | Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it. [...] | |||
|
2022-01-05 17:42:25 | (Déjà vu) Broker-dealers impersonators stole $50 million using spoofed sites (lien direct) | A California man confirmed his role in a large-scale and long-running Internet-based fraud scheme that allowed him and other fraudsters to siphon roughly $50 million from dozens of investors over eight years, between 2012 to October 2020. [...] | |||
|
2022-01-05 17:42:25 | 70 investors lose $50 million to fraudsters posing as broker-dealers (lien direct) | A California man confirmed his role in a large-scale and long-running Internet-based fraud scheme that allowed him and other fraudsters to siphon roughly $50 million from dozens of investors over eight years, between 2012 to October 2020. [...] | |||
|
2022-01-05 15:51:24 | Microsoft Defender for Endpoint adds zero-touch iOS onboarding (lien direct) | Microsoft says zero-touch onboarding for Microsoft Defender for Endpoint (MDE) on iOS is now available in public preview, allowing enterprise admins to silently install Defender for Endpoint automatically on enrolled devices. [...] | |||
|
2022-01-05 12:42:27 | NY OAG: Hackers stole 1.1 million customer accounts from 17 companies (lien direct) | The New York State Office of the Attorney General (NY OAG) has warned 17 well-known companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. [...] | |||
|
2022-01-05 11:55:16 | Crypto platform ARBIX flagged as a rugpull, transfers $10 million (lien direct) | Arbix Finance, an audited and supposedly trustworthy yield farming platform, has been flagged as a 'rugpull,' deleting its site, Twitter, and Telegram channel and transferring $10 million worth of deposited cryptocurrency. [...] | |||
|
2022-01-05 09:54:34 | iOS malware can fake iPhone shut downs to snoop on camera, microphone (lien direct) | Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. [...] | Malware | ||
|
2022-01-05 08:00:00 | \'Elephant Beetle\' spends months in victim networks to divert transactions (lien direct) | A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts. [...] | |||
|
2022-01-05 06:00:00 | Microsoft code-sign check bypassed to drop Zloader malware (lien direct) | A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries. [...] | Malware | ||
|
2022-01-04 18:51:25 | Emergency Windows Server update fixes Remote Desktop issues (lien direct) | Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. [...] | Guideline | ||
|
2022-01-04 15:59:31 | US govt provides new guidelines for authentication systems (lien direct) | The National Institute of Standards and Technology (NIST) released new authentication system recommendations, highlighting multiple erroneous approaches in currently established practices. [...] | |||
|
2022-01-04 15:20:25 | FTC warns companies to secure consumer data from Log4J attacks (lien direct) | The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. [...] | |||
|
2022-01-04 14:28:42 | First Microsoft Pluton-powered Windows 11 PCs unveiled at CES (lien direct) | Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors. [...] | |||
|
2022-01-04 12:52:01 | Hackers use video player to steal credit cards from over 100 sites (lien direct) | Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms. [...] | |||
|
2022-01-04 12:07:08 | UScellular discloses data breach after billing system hack (lien direct) | UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021. [...] | Data Breach Hack | ||
|
2022-01-04 11:22:55 | Have I Been Pwned warns of DatPiff data breach impacting millions (lien direct) | The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. [...] | Data Breach | ||
|
2022-01-03 15:45:11 | Purple Fox malware distributed via malicious Telegram installers (lien direct) | A laced Telegram for desktop installer was spotted distributing the Purple Fox malware while disabling the UAC on the infected systems. [...] | Malware | ||
|
2022-01-03 14:57:48 | (Déjà vu) Microsoft Skype challenge: Can you solve this puzzle 10 times? (lien direct) | New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. [...] | |||
|
2022-01-03 14:57:48 | Microsoft Skype makes you solve a complex captcha 10 times to sign up (lien direct) | New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. [...] | |||
|
2022-01-03 11:50:42 | Broward Health discloses data breach affecting 1.3 million people (lien direct) | Florida's Broward Health healthcare system has disclosed a large-scale data breach incident impacting 1,357,879 individuals. [...] | Data Breach | ||
|
2022-01-03 10:39:58 | Apple iOS vulnerable to HomeKit \'doorLock\' denial of service bug (lien direct) | A novel persistent denial of service vulnerability named 'doorLock' was discovered in Apple HomeKit, affecting iOS 14.7 through 15.2. [...] | Vulnerability | ||
|
2022-01-03 08:00:00 | Don\'t copy-paste commands from webpages - you can get hacked (lien direct) | Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal risk having their system compromised. Wizer's Gabriel Friedlander demonstrates an obvious, simple yet stunning trick that'll make you think twice before copying-pasting text from web pages. [...] | |||
|
2022-01-02 14:06:31 | Microsoft releases emergency fix for Exchange year 2022 bug (lien direct) | Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. [...] | |||
|
2022-01-02 12:50:01 | BleepingComputer\'s most popular cybersecurity and tech stories of 2021 (lien direct) | 2021 is over, and we can look forward to a hopefully healthier, safer, and more normal 2022. However, it was a big year for technology and cybersecurity with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns, and of course, zero-day vulnerabilities. [...] | |||
|
2022-01-02 09:48:35 | (Déjà vu) Uber ignores vulnerability that lets you send any email from Uber.com (lien direct) | A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. Uber is aware of the flaw but has decided not to fix it for now. [...] | Vulnerability | Uber Uber |
To see everything:
Our RSS (filtrered)
