What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-19 05:24:44 | (Déjà vu) Liquid cryptocurency exchange loses over $90 million following hack (lien direct) | Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. [...] | Hack | ||
|
2021-08-19 05:24:44 | Liquid cryptocurrency exchange loses $94 million following hack (lien direct) | Japan-based cryptocurrency exchange Liquid has suspended deposits and withdrawals after attackers have compromised its warm wallets. [...] | Hack | ||
|
2021-08-19 03:08:19 | Cisco won\'t fix zero-day RCE vulnerability in end-of-life VPN routers (lien direct) | In a security advisory published on Wednesday, Cisco said that a critical vulnerability in Universal Plug-and-Play (UPnP) service of multiple small business VPN routers will not be patched because the devices have reached end-of-life. [...] | Vulnerability | ||
|
2021-08-18 17:07:55 | US Census Bureau hacked in January 2020 using Citrix exploit (lien direct) | US Census Bureau servers were breached on January 11, 2020, by hackers after exploiting an unpatched Citrix ADC zero-day vulnerability as the US Office of Inspector General (OIG) disclosed in a recent report. [...] | |||
|
2021-08-18 15:34:00 | Bitcoin mixer owner pleads guilty to laundering over $300 million (lien direct) | Larry Dean Harmon, the owner of a dark web cryptocurrency laundering service known as Helix, pleaded guilty today of laundering over $300 million worth of bitcoins between 2014 and 2017. [...] | Guideline | ★★★★ | |
|
2021-08-18 15:23:58 | New Windows 10 21H2 build comes with improved WiFi security (lien direct) | Microsoft has released Windows 10 21H2 19044.1200 with the awaited new Windows Hello security feature, WPA3 HPE support, and GPU computing in the Windows Subsystem for Linux. [...] | |||
|
2021-08-18 14:00:00 | GitHub urges users to enable 2FA after going passwordless (lien direct) | GitHub is urging its user base to toggle on two-factor authentication (2FA) after deprecating password-based authentication for Git operations. [...] | |||
|
2021-08-18 13:45:15 | Microsoft begins final phase of Internet Explorer\'s demise (lien direct) | Microsoft's Internet Explorer browser is barely usable after Microsoft officially ends support for the browser in Microsoft 365. [...] | |||
|
2021-08-18 09:55:32 | Japanese insurer Tokio Marine discloses ransomware attack (lien direct) | Tokio Marine Holdings, a multinational insurance holding company in Japan, announced this week that its Singapore branch, Tokio Marine Insurance Singapore (TMiS), suffered a ransomware attack. [...] | Ransomware | ||
|
2021-08-18 07:52:00 | Diavol ransomware sample shows stronger connection to TrickBot gang (lien direct) | A new analysis of a Diavol ransomware sample shows a more clear connection with the gang behind the TrickBot botnet and the evolution of the malware. [...] | Ransomware | ||
|
2021-08-18 07:35:12 | (Déjà vu) T-Mobile says hackers stole records belonging to 48.6 million individuals (lien direct) | T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of tens of millions of individuals. [...] | |||
|
2021-08-18 07:35:12 | T-Mobile says hackers stole personal info of 8.6 million customers (lien direct) | T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of over 8.6 million current customers. [...] | |||
|
2021-08-17 17:31:59 | Govt hackers impersonate HR employees to hit Israeli targets (lien direct) | Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets. [...] | |||
|
2021-08-17 15:27:54 | Conti ransomware prioritizes revenue and cyberinsurance data theft (lien direct) | Training material used by Conti ransomware affiliates was leaked online this month, allowing an inside look at how attackers abuse legitimate software seek out cyber insurance policies. [...] | Ransomware | ||
|
2021-08-17 14:16:23 | CISA: BadAlloc impacts critical infrastructure using BlackBerry QNX (lien direct) | CISA today warned that IoT and OT security flaws known as BadAlloc impact BlackBerry's QNX Real Time Operating System (RTOS) used by critical infrastructure organizations. [...] | |||
|
2021-08-17 12:05:40 | Pharmacist faces 120 years in prison for selling vaccination cards on eBay (lien direct) | An Illionois pharmacist arrested today faces 120 years in prison for allegedly selling dozens of authentic COVID-19 vaccination record cards issued by the Center for Disease Control and Prevention (CDC). [...] | |||
|
2021-08-17 11:00:22 | Malware campaign uses clever \'captcha\' to bypass browser warning (lien direct) | A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif (aka Gozi) banking trojan. [...] | Malware | ||
|
2021-08-17 09:36:53 | Brazilian government discloses National Treasury ransomware attack (lien direct) | The Brazilian Ministry of Economy has disclosed a ransomware attack that hit some of its computing systems on Friday night, right before the start of the weekend. [...] | Ransomware | ||
|
2021-08-17 09:23:13 | Critical bug impacting millions of IoT devices lets hackers spy on you (lien direct) | Security researchers are sounding the alarm on a critical vulnerability affecting tens of millions of devices worldwide connected via ThroughTek's Kalay IoT cloud platform. [...] | Vulnerability | ||
|
2021-08-17 09:00:00 | Fortinet delays patching zero-day allowing remote server takeover (lien direct) | Fortinet has delayed patching a zero-day command injection vulnerability found in the FortiWeb web application firewall (WAF) until the end of August. [...] | Vulnerability Patching | ||
|
2021-08-17 09:00:00 | Fortinet patches bug letting attackers takeover servers remotely (lien direct) | Fortinet has released security updates to address a command injection vulnerability that can let attackers take complete control of servers running vulnerable FortiWeb web application firewall (WAF) installations. [...] | Vulnerability | ||
|
2021-08-17 01:37:05 | Chase bank accidentally leaked customer info to other customers (lien direct) | Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers. [...] | |||
|
2021-08-16 19:06:36 | Hive ransomware attacks Memorial Health System, steals patient data (lien direct) | In what appears to be an attack from the Hive ransomware gang, computers of the non-profit Memorial Health System have been encrypted, forcing staff to work with paper charts. [...] | Ransomware | ||
|
2021-08-16 15:52:44 | T-Mobile confirms servers were hacked, investigates data breach (lien direct) | T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen. [...] | Data Breach Threat | ||
|
2021-08-16 15:38:27 | Malware dev infects own PC and data ends up on intel platform (lien direct) | A malware developer unleashed their creation on their system to try out new features and the data ended up on a cybercrime intelligence platform, exposing a glimpse of the cybercriminal endeavor. [...] | Malware | ||
|
2021-08-16 15:23:21 | Education giant Pearson fined $1M for downplaying data breach (lien direct) | The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019. [...] | Data Breach | ||
|
2021-08-16 12:55:11 | Secret terrorist watchlist with 2 million records exposed online (lien direct) | A secret terrorist watchlist with 1.9 million records, including "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. [...] | |||
|
2021-08-16 11:27:17 | SIM swap scammer pleads guilty to Instagram account hijacks, crypto theft (lien direct) | Declan Harrington, a Massachusetts man charged two years ago for his alleged involvement in a series of SIM swapping attacks, pleaded guilty to stealing cryptocurrency from multiple victims and hijacking the Instagram account of others. [...] | Guideline | ||
|
2021-08-16 09:06:46 | Hackers behind Iranian wiper attacks linked to Syrian breaches (lien direct) | Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [...] | Malware Threat | ||
|
2021-08-16 07:23:27 | Colonial Pipeline reports data breach after May ransomware attack (lien direct) | Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [...] | Ransomware Data Breach | ||
|
2021-08-15 18:27:28 | Hacker claims to steal data of 100 million T-mobile customers (lien direct) | A threat actor claims to have hacked T-Mobile's servers and stolen databases containing the personal data of approximately 100 million customers. [...] | Threat | ★★★ | |
|
2021-08-15 10:21:42 | EasyWSL turns Linux docker images into a Windows 10 WSL distro (lien direct) | If you can't find your favorite Windows Subsystem for Linux distribution available in the Microsoft Store, a new program called EasyWSL can convert almost any Linux Docker image into a WSL distro. [...] | |||
|
2021-08-15 09:15:00 | Ford bug exposed customer and employee records from internal systems (lien direct) | A bug on Ford's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega customer engagement system running on Ford's servers. [...] | |||
|
2021-08-14 10:00:00 | US brokers warned of ongoing phishing attacks impersonating FINRA (lien direct) | The US Financial Industry Regulatory Authority (FINRA) warns US brokerage firms and brokers of an ongoing phishing campaign impersonating FINRA officials and asking them to hand over sensitive information under the threat of penalties. [...] | Threat | ★★★ | |
|
2021-08-13 16:20:00 | Facebook rolls out end-to-end encryption for Messenger calls (lien direct) | Facebook has announced the roll-out of end-to-end encrypted Messenger voice and video calls five years after making it available in one-on-one text chats. [...] | |||
|
2021-08-13 16:00:51 | The Week in Ransomware - August 13th 2021 - The rise of LockBit (lien direct) | This week we saw an existing operation rise in attacks while existing ransomware operations turn to Windows vulnerabilities to elevate their privileges. [...] | Ransomware | ||
|
2021-08-13 15:04:03 | Emails from Lithuanian Ministry of Foreign Affairs for sale on data-trading forum (lien direct) | The Lithuanian Ministry of Foreign Affairs has declined to comment about the authenticity of email files allegedly stolen from its network and offered for sale on a data-trading forum.Lith [...] | |||
|
2021-08-13 14:24:07 | Windows 365 exposes Microsoft Azure credentials in plaintext (lien direct) | A security researcher has figured out a way to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new Windows 365 Cloud PC service using Mimikatz. [...] | |||
|
2021-08-13 14:02:01 | Microsoft Teams will alert users of incoming spam calls (lien direct) | Microsoft is working on adding a spam call notification feature to the Microsoft 365 Teams collaboration platform. [...] | Spam | ★★★ | |
|
2021-08-13 11:20:23 | SynAck ransomware releases decryption keys after El_Cometa rebrand (lien direct) | The SynAck ransomware gang released the master decryption keys for their operation after rebranding as the new El_Cometa group. [...] | Ransomware | ||
|
2021-08-13 10:18:51 | Bugs in gym management software let hackers wipe fitness history (lien direct) | Security researchers found vulnerabilities in the Wodify fitness platform that allows an attacker to view and modify user workouts from any of the more than 5,000 gyms that use the solution worldwide. [...] | |||
|
2021-08-13 05:42:22 | Vice Society ransomware joins ongoing PrintNightmare attacks (lien direct) | The Vice Society ransomware gang is now also actively exploiting Windows print spooler PrintNightmare vulnerability for lateral movement through their victims' networks. [...] | Ransomware Vulnerability | ||
|
2021-08-12 18:10:33 | GitHub deprecates account passwords for authenticating Git operations (lien direct) | GitHub has announced today that account passwords will no longer be accepted for authenticating Git operations starting tomorrow. [...] | |||
|
2021-08-12 17:24:22 | (Déjà vu) Microsoft Exchange servers are getting hacked via ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-12 17:24:22 | Hackers now backdoor Microsoft Exchange using ProxyShell exploits (lien direct) | Threat actors are actively exploiting Microsoft Exchange servers using the ProxyShell vulnerability to install backdoors for later access. [...] | Vulnerability Threat | ||
|
2021-08-12 14:14:26 | Microsoft: Evasive Office 365 phishing campaign active since July 2020 (lien direct) | Microsoft says that a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020. [...] | |||
|
2021-08-12 13:51:56 | Windows 11 gets new versions of Snipping Tool, Mail, and Calculator (lien direct) | Microsoft is rolling out its first Windows 11 app updates with new versions of the Calculator, Mail and Calendar, and the Snipping Tool apps. [...] | Tool | ||
|
2021-08-12 13:07:54 | Notorious AlphaBay darknet market comes back to life (lien direct) | The AlphaBay darkweb market has come back to life after an administrator of the original project relaunched it over the weekend. [...] | |||
|
2021-08-12 12:16:47 | Ukraine shuts down money laundering cryptocurrency exchanges (lien direct) | The Security Service of Ukraine (SBU) took down a network of cryptocurrency exchanges used to anonymize transactions since the beginning of 2021. [...] | |||
|
2021-08-12 05:03:11 | Ransomware gang uses PrintNightmare to breach Windows servers (lien direct) | Ransomware operators have added PrintNightmare exploits to their arsenal and are targeting Windows servers to deploy Magniber ransomware payloads. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
