What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-28 18:11:42 | (Déjà vu) Emergency Google Chrome update fixes zero-days used in attacks (lien direct) | Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited. [...] | |||
|
2021-10-28 17:34:38 | All Windows versions impacted by new LPE zero-day vulnerability (lien direct) | A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...] | Vulnerability | ||
|
2021-10-28 13:06:00 | NSA and CISA share guidance on securing 5G cloud infrastructure (lien direct) | CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure. [...] | |||
|
2021-10-28 12:44:27 | Microsoft: Shrootless bug lets hackers install macOS rootkits (lien direct) | Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...] | Vulnerability | ||
|
2021-10-28 12:31:26 | Android spyware spreading as antivirus software in Japan (lien direct) | A new variant of the Android info-stealer called FakeCop has been spotted by Japanese security researchers, who warn that the distribution of the malicious APK is picking up pace. [...] | |||
|
2021-10-28 10:50:09 | WordPress plugin bug impacts 1M sites, allows malicious redirects (lien direct) | The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. [...] | |||
|
2021-10-28 09:15:44 | New AbstractEmu malware roots Android devices, evades detection (lien direct) | New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...] | Malware | ||
|
2021-10-28 09:02:21 | Ransomware gangs use SEO poisoning to infect visitors (lien direct) | Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets. [...] | Ransomware | ||
|
2021-10-28 08:06:39 | Microsoft now rolling out Windows 11 to more eligible devices (lien direct) | Microsoft is now rolling out the Windows 11 upgrade to more eligible Windows devices as part of a phased rollout designed to deliver a smooth upgrade experience. [...] | |||
|
2021-10-28 07:26:09 | German investigators identify REvil ransomware gang core member (lien direct) | German investigators have reportedly identified a Russian man named Nikolay K. whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years. [...] | Ransomware | ||
|
2021-10-28 05:53:55 | EU investigating leak of private key used to forge Covid passes (lien direct) | The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob-all of which are being recognized as valid by the official government apps. [...] | |||
|
2021-10-28 03:03:03 | Sensitive data of 400,000 German students exposed by API flaw (lien direct) | Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform. [...] | |||
|
2021-10-27 16:37:26 | NRA: No comment on Russian ransomware gang attack claims (lien direct) | The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released allegedly stolen data as proof of the attack. [...] | Ransomware | ||
|
2021-10-27 14:52:26 | Android spyware apps target Israel in three-year-long campaign (lien direct) | A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. [...] | |||
|
2021-10-27 14:35:13 | Free decryptor released for Atom Silo and LockFile ransomware (lien direct) | Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free, without having to pay a ransom. [...] | Ransomware Tool | ||
|
2021-10-27 13:26:12 | Twitter employees required to use security keys after 2020 hack (lien direct) | Twitter rolled out security keys to its entire workforce and made two-factor authentication (2FA) mandatory for accessing internal systems following last year's hack. [...] | Hack | ||
|
2021-10-27 12:15:00 | Hackers arrested for \'infiltrating\' Ukraine\'s health database (lien direct) | The Security Service of Ukraine (SSU) has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine (NHSU) and entered false vaccination entries for other people. [...] | |||
|
2021-10-27 11:52:12 | Babuk ransomware decryptor released to recover files for free (lien direct) | Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free. [...] | Ransomware Tool | ★★★★ | |
|
2021-10-27 11:15:00 | US bans China Telecom Americas over national security risks (lien direct) | The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States. [...] | |||
|
2021-10-27 11:00:00 | (Déjà vu) Malicious NPM libraries install ransomware, password stealer (lien direct) | Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] | Ransomware | ||
|
2021-10-27 11:00:00 | Malicious Roblox NPMs drop ransomware and password stealers (lien direct) | Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. [...] | Ransomware | ||
|
2021-10-27 09:56:23 | Telegram launches advertising program for public channels (lien direct) | Telegram has launched a new advertising program dubbed Ad Platform and offering the opportunity to display sponsored messages on the instant-messaging platform. [...] | |||
|
2021-10-26 16:24:41 | Iranian gas stations out of service after distribution network hacked (lien direct) | Gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) have stopped working today due to what appears to be a cyberattack that affected the entire distribution network. [...] | |||
|
2021-10-26 15:45:30 | Spammers use Squirrelwaffle malware to drop Cobalt Strike (lien direct) | A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...] | Malware Threat | ||
|
2021-10-26 15:19:47 | Brutal WordPress plugin bug allows subscribers to wipe sites (lien direct) | A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites. [...] | |||
|
2021-10-26 15:02:04 | Prepare for 5 cybersecurity certifications with this bundle (lien direct) | With The Ultimate 2021 Cyber Security Survival Training Bundle, you get full prep for five top certifications. The included content is worth a total of $495, but you can get it today for only $29.99. [...] | |||
|
2021-10-26 14:19:01 | (Déjà vu) Windows 10 KB5006738 released with fixes for printing issues (lien direct) | Microsoft has released the optional KB5006738 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. Microsoft says this update and a separate Windows Server preview update will fix all outstanding printing issues affecting users since they mitigated the PrintNightmare vulnerabilities. [...] | |||
|
2021-10-26 13:23:54 | North Korean state hackers start targeting the IT supply chain (lien direct) | North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply chain attack capabilities. [...] | APT 38 APT 28 | ||
|
2021-10-26 12:42:26 | Researcher cracked 70% of WiFi networks sampled in Tel Aviv (lien direct) | A researcher has managed to crack 70% of a 5,000 WiFi network sample in his hometown, Tel Aviv, to prove that home networks are severely unsecured and easy to hijack. [...] | |||
|
2021-10-26 11:40:11 | Microsoft is force installing PC Health Check in Windows 10 (lien direct) | Microsoft has begun force installing the PC Health Check application on Windows 10 devices using a new KB5005463 update. [...] | |||
|
2021-10-26 10:41:44 | Police arrest 150 dark web vendors of illegal drugs and guns (lien direct) | Law enforcement authorities arrested 150 suspects allegedly involved in selling and buying illicit goods on DarkMarket, the largest illegal marketplace on the dark web when it was taken down in January 2021. [...] | |||
|
2021-10-26 10:02:49 | Money launderers for Russian hacking groups arrested in Ukraine (lien direct) | The Ukrainian cybercrime police force has arrested members of a group of money launderers and hackers at the request of U.S. intelligence services. [...] | |||
|
2021-10-26 09:59:00 | FBI: Ranzy Locker ransomware hit at least 30 US companies this year (lien direct) | The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. [...] | Ransomware | ||
|
2021-10-26 08:14:35 | Australia drafts Online Privacy Bill to bolster data security (lien direct) | Australia's Attorney-General has submitted the first draft of a new Online Privacy Bill that contains striking reforms over existing privacy laws. [...] | |||
|
2021-10-25 16:08:35 | Mozilla blocks malicious add-ons installed by 455K Firefox users (lien direct) | Mozilla blocked malicious Firefox add-ons installed by roughly 455,000 users after discovering in early June that they were abusing the proxy API to block Firefox updates. [...] | |||
|
2021-10-25 14:00:44 | Millions of Android users targeted in subscription fraud campaign (lien direct) | A new SMS scam campaign relying upon 151 apps has been uncovered, with many of these apps managing to find their way into the Play Store where they amassed 10.5 million downloads. [...] | |||
|
2021-10-25 12:20:06 | South Korean telco KT suffers nationwide outage after routing error (lien direct) | The second-largest telecommunications provider in South Korea, KT Corporation, has suffered a nationwide outage today, leaving all its 16.5 million customers without internet connectivity and telephony services for about 40 minutes. [...] | |||
|
2021-10-25 11:50:00 | Microsoft Defender ATP adds live response for Linux and macOS (lien direct) | Microsoft has announced the addition of new live macOS and Linux response capabilities to Defender for Endpoint, , the enterprise version of Redmond's Windows 10 Defender antivirus. [...] | |||
|
2021-10-25 11:27:49 | It\'s Windows XP\'s 20th birthday and way too many still use it (lien direct) | Today is the 20th anniversary of Windows XP, and although the operating system reached the end of support in 2014, way too many people continue to use the insecure version of Windows. [...] | |||
|
2021-10-25 10:31:42 | Hackers used billing software zero-day to deploy ransomware (lien direct) | An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks. [...] | Ransomware | ||
|
2021-10-25 05:20:37 | CISA urges admins to patch critical Discourse code execution bug (lien direct) | A critical Discourse remote code execution (RCE) vulnerability tracked as CVE-2021-41163 was fixed via an urgent update by the developer on Friday [...] | Vulnerability | ||
|
2021-10-25 04:37:22 | Microsoft: Russian SVR hacked at least 14 IT supply chain firms since May (lien direct) | Microsoft says the Russian-backed Nobelium threat group behind last year's SolarWinds hack is still targeting the global IT supply chain, with 140 resellers and technology service providers attacked and at least 14 breached since May 2021. [...] | Hack | ||
|
2021-10-24 11:27:06 | BlackMatter ransomware victims quietly helped using secret decryptor (lien direct) | Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars. [...] | Ransomware | ||
|
2021-10-24 10:00:00 | Microsoft 365 will get support for custom ARC configurations (lien direct) | Microsoft is working on adding custom Authenticated Received Chain (ARC) configuration support to Microsoft Defender for Office 365. [...] | |||
|
2021-10-23 12:51:38 | Popular NPM library hijacked to install password-stealers, miners (lien direct) | Hackers hijacked the popular UA-Parser-JS NPM library, with millions of downloads a week, to infect Linux and Windows devices with cryptominers and password-stealing trojans in a supply-chain attack. [...] | |||
|
2021-10-23 11:12:34 | Hacker sells the data for millions of Moscow drivers for $800 (lien direct) | Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800. [...] | |||
|
2021-10-23 10:00:00 | FTC: ISPs collect and monetize far more user data than you\'d think (lien direct) | The Federal Trade Commission (FTC) found that six largest internet service providers (ISPs) in the U.S. collect and share customers' personal data without providing them with info on how it's used or meaningful ways to control this process. [...] | |||
|
2021-10-22 17:47:32 | The Week in Ransomware - October 22nd 2021 - Striking back (lien direct) | Between law enforcement operations, REvil's second shut down, and ransomware gangs' response to the hacking of their servers, it has been quite the week. [...] | Ransomware | ||
|
2021-10-22 14:26:28 | SCUF Gaming store hacked to steal credit card info of 32,000 customers (lien direct) | SCUF Gaming International, a leading manufacturer of custom PC and console controllers, is notifying customers that its website was hacked in February to plant a malicious script used to steal their credit card information. [...] | Guideline | ||
|
2021-10-22 14:02:21 | DarkSide ransomware rushes to cash out $7 million in Bitcoin (lien direct) | Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
