What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-14 16:43:14 | Microsoft fixes remaining Windows PrintNightmare vulnerabilities (lien direct) | Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly. [...] | |||
|
2021-09-14 16:20:05 | Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug (lien direct) | Microsoft today fixed a high severity zero-day vulnerability actively exploited in targeted attacks against Microsoft Office and Office 365 on Windows 10 computers. [...] | Vulnerability | ||
|
2021-09-14 14:50:50 | Google Chromebook bug causes black screens after login (lien direct) | Google is investigating reports of black screens showing up on users' Chromebooks when trying to log into their Chrome OS accounts. [...] | |||
|
2021-09-14 13:56:06 | (Déjà vu) Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws (lien direct) | Today is Microsoft's September 2021 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 61 flaws. [...] | |||
|
2021-09-14 13:33:16 | Windows 10 KB5005565 & KB5005566 cumulative updates released (lien direct) | Microsoft released the Windows 10 KB5005565 and KB5005566 cumulative updates as part of the September 2021 Patch Tuesday. These updates fix bugs and vulnerabilities in the Windows 10 May 2021 Update (version 21H1), October 2020 Update (version 20H2), and May 2020 Update (version 2004). [...] | |||
|
2021-09-14 12:59:26 | Microsoft: Windows 10 2004 reaches end of service in December (lien direct) | Microsoft has reminded customers today that Windows 10 2004 (all editions) and Windows Server 2004 (Datacenter, Standard editions) will reach the end of servicing on December 14, 2021. [...] | |||
|
2021-09-14 11:02:43 | New Zloader attacks disable Windows Defender to evade detection (lien direct) | An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus (formerly Windows Defender) on victims' computers to evade detection. [...] | |||
|
2021-09-14 07:00:00 | Millions of HP OMEN gaming PCs impacted by driver vulnerability (lien direct) | Millions of HP OMEN laptop and desktop gaming computers are exposed to attacks by a high severity vulnerability that can let threat actors trigger denial of service states or escalate privileges and disable security solutions. [...] | Vulnerability Threat | ||
|
2021-09-13 18:12:23 | Google patches 10th Chrome zero-day exploited in the wild this year (lien direct) | Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild. [...] | |||
|
2021-09-13 17:00:07 | Firefox now bypasses Windows 11\'s messy default browser settings (lien direct) | Fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. [...] | |||
|
2021-09-13 15:10:06 | Apple fixes iOS zero-day used to deploy NSO iPhone spyware (lien direct) | Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones. [...] | |||
|
2021-09-13 12:08:20 | FTC warns of extortionists targeting LGBTQ+ community on dating apps (lien direct) | The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld. [...] | |||
|
2021-09-13 11:35:03 | Walmart press release hoax causes Litecoin to spike 34% (lien direct) | A fake Walmart press release stating that the retail chain would begin accepting Litecoin caused the cryptocurrency to jump by almost 35% this morning. [...] | |||
|
2021-09-13 10:00:00 | Hacker-made Linux Cobalt Strike beacon used in ongoing attacks (lien direct) | An unofficial Cobalt Strike Beacon Linux version made by unknown threat actors from scratch has been spotted by security researchers while actively used in attacks targeting organizations worldwide. [...] | Threat | ||
|
2021-09-13 07:49:27 | BlackMatter ransomware hits medical technology giant Olympus (lien direct) | Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. [...] | Ransomware Guideline | ||
|
2021-09-12 18:20:54 | Windows 11 Android support spotted online ahead of launch (lien direct) | Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store. According to the Microsoft Store listing, Windows 11's Android support will require at least 8GB of RAM. For the best experience, 16GB is RAM is recommended. [...] | |||
|
2021-09-12 13:07:46 | Windows MSHTML zero-day exploits shared on hacking forums (lien direct) | Threat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...] | Vulnerability Threat | ||
|
2021-09-11 13:15:28 | REvil ransomware is back in full attack mode and leaking data (lien direct) | The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site. [...] | Ransomware | ||
|
2021-09-10 16:34:32 | The Week in Ransomware - September 10th 2021 - REvil returns (lien direct) | This week marked the return of the notorious REvil ransomware group, who disappeared in July after conducting a massive attack using a Kaseya zero-day vulnerability. [...] | Ransomware | ||
|
2021-09-10 14:47:38 | MyRepublic discloses data breach exposing government ID cards (lien direct) | MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...] | Data Breach | ||
|
2021-09-09 16:37:28 | Windows MSHTML zero-day defenses bypassed as new info emerges (lien direct) | New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...] | Threat | ||
|
2021-09-09 11:08:22 | Microsoft fixes bug letting hackers take over Azure containers (lien direct) | Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape that allowed a malicious container to take over containers belonging to other customers on the platform. [...] | Vulnerability | ★★★★ | |
|
2021-09-09 09:25:10 | New Mēris botnet breaks DDoS record with 21.8 million RPS attack (lien direct) | A new distributed denial-of-service (DDoS) botnet that kept growing over the summer has been hammering Russian internet giant Yandex for the past month, the attack peaking at the unprecedented rate of 21.8 million requests per second. [...] | |||
|
2021-09-09 02:26:11 | Yandex is battling the largest DDoS in Russian Internet history (lien direct) | Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week. [...] | |||
|
2021-09-08 23:37:14 | GitHub finds 7 code execution vulnerabilities in \'tar\' and npm CLI (lien direct) | GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. [...] | |||
|
2021-09-08 18:10:59 | Ukrainian extradited for selling 2,000 stolen logins per week (lien direct) | The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...] | Malware | ||
|
2021-09-08 15:36:00 | Zoho patches actively exploited critical ADSelfService Plus bug (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in Zoho's ManageEngine ADSelfService Plus password management solution that allows them to take control of the system. [...] | Vulnerability | ||
|
2021-09-08 15:03:32 | Hackers leak passwords for 500,000 Fortinet VPN accounts (lien direct) | A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. [...] | Threat | ||
|
2021-09-08 10:26:56 | Howard University shuts down network after ransomware attack (lien direct) | The private Howard University in Washington disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems. [...] | Ransomware | ||
|
2021-09-08 09:00:00 | Going beyond backup: Acronis True Image is now Acronis Cyber Protect Home Office (lien direct) | After nearly two decades, one of the most recognizable software brands is getting a new name. Acronis True Image, the leading personal cyber protection solution, is changing its name to Acronis Cyber Protect Home Office. [...] | Guideline | ||
|
2021-09-07 15:36:51 | Microsoft shares temp fix for ongoing Office 365 zero-day attacks (lien direct) | Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. [...] | Vulnerability | ||
|
2021-09-07 14:19:11 | REvil ransomware\'s servers mysteriously come back online (lien direct) | The dark web servers for the REvil ransomware operation have suddenly turned back on after an almost two-month absence. It is unclear if this marks their ransomware gang's return or the servers being turned on by law enforcement. [...] | Ransomware | ||
|
2021-09-07 11:46:41 | Jenkins project\'s Confluence server hacked to mine Monero (lien direct) | Hackers exploiting the recently disclosed Atlassian Confluence remote code execution vulnerability breached an internal server from the Jenkins project. [...] | Vulnerability | ||
|
2021-09-07 10:56:12 | McDonald\'s leaks password for Monopoly VIP database to winners (lien direct) | ug in the McDonald's Monopoly VIP game in the United Kingdom caused the login names and passwords for the game's database to be sent to all winners. [...] | |||
|
2021-09-07 02:28:34 | Ransomware gang threatens to leak data if victim contacts FBI, police (lien direct) | The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments. [...] | Ransomware | ||
|
2021-09-06 13:42:08 | New Chainsaw tool helps IR teams analyze Windows event logs (lien direct) | Incident responders and blue teams have a new tool called Chainsaw that speeds up searching through Windows event log records to identify threats. [...] | Tool | ||
|
2021-09-06 11:24:22 | TrickBot gang developer arrested when trying to leave Korea (lien direct) | An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country. [...] | Malware | ||
|
2021-09-06 09:07:14 | Netgear fixes severe security bugs in over a dozen smart switches (lien direct) | Netgear has released firmware updates for more than a dozen of its smart switches used on corporate networks to address high-severity vulnerabilities. [...] | |||
|
2021-09-06 06:00:00 | Ransomware gangs target companies using these criteria (lien direct) | Ransomware gangs increasingly purchase access to a victim's network on dark web marketplaces and from other threat actors. Analyzing their want ads makes it possible to get an inside look at the types of companies ransomware operations are targeting for attacks. [...] | Ransomware Threat | ||
|
2021-09-05 11:14:28 | Windows 11 dark mode has quieter, more soothing sounds - Listen now (lien direct) | Windows 11 brings a redesigned user interface and an overhaul to the system sounds, including different sounds for Light Mode and Dark Mode. [...] | |||
|
2021-09-05 10:00:00 | Office 365 to let admins block Active Content on Trusted Docs (lien direct) | Microsoft plans to allow Office 365 admins ensure that end-users can't ignore organization-wide policies set up to block active content on Trusted Documents. [...] | |||
|
2021-09-05 03:23:48 | Google\'s TensorFlow drops YAML support due to code execution flaw (lien direct) | TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability. YAML is a convenient choice among developers looking for a human-readable data serialization language. [...] | |||
|
2021-09-04 12:35:55 | Watch out for new malware campaign\'s \'Windows 11 Alpha\' attachment (lien direct) | Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. [...] | Malware Threat | ||
|
2021-09-04 11:12:24 | US SEC: Watch out for Hurricane Ida-related investment scams (lien direct) | The US Securities and Exchange Commission has warned investors to be "extremely wary" of potential investment scams related to Hurricane Ida's aftermath. [...] | |||
|
2021-09-04 10:11:22 | Windows 11 may not get security updates on unsupported devices (lien direct) | Microsoft is turning a blind eye to a loophole that allows you to install Windows 11 on incompatible hardware but warns that your device may no longer receive security updates. [...] | |||
|
2021-09-03 16:17:10 | The Week in Ransomware - September 3rd 2021 - Targeting Exchange (lien direct) | Over the past two weeks, it has been busy with ransomware news ranging from a gang shutting down and releasing a master decryption key to threat actors turning to Microsoft Exchange exploits to breach networks. [...] | Ransomware Threat | ||
|
2021-09-03 14:20:56 | Microsoft breaks Windows 11 Start Menu, Taskbar with Teams promo (lien direct) | Microsoft accidentally broke the Start menu and taskbar on systems of Windows Insiders after pushing a Teams promo to the desktops of users running Windows 11 preview builds. [...] | |||
|
2021-09-03 11:23:17 | US govt warns orgs to patch massively exploited Confluence bug (lien direct) | US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately. [...] | Vulnerability | ||
|
2021-09-03 11:22:01 | Babuk ransomware\'s full source code leaked on hacker forum (lien direct) | A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum. [...] | Ransomware Threat | ||
|
2021-09-03 09:21:32 | Conti ransomware now hacking Exchange servers with ProxyShell exploits (lien direct) | The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. [...] | Ransomware Vulnerability |
To see everything:
Our RSS (filtrered)
