❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Hier — 24 septembre 2021Flux principal

EU officially blames Russia for 'Ghostwriter' hacking activities

24 septembre 2021 à 18:11
The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public. [...]

Researcher drops three iOS zero-days that Apple refused to fix

24 septembre 2021 à 13:13
Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher. [...]

SonicWall fixes critical bug allowing SMA 100 device takeover

24 septembre 2021 à 08:19
SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices. [...]

Google: Manifest V2 Chrome extensions to stop working in 2023

24 septembre 2021 à 00:08
Google has shared the phase-out timeline for Manifest V2 Chrome extensions and its plans to bring Manifest V3 to full feature parity. [...]

Hacking group used ProxyLogon exploits to breach hotels worldwide

23 septembre 2021 à 21:50
A newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies. [...]

Apple patches new zero-day bug used to hack iPhones and Macs

23 septembre 2021 à 20:23
Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions. [...]
À partir d’avant-hierFlux principal

Malware devs trick Windows validation with malformed certs

23 septembre 2021 à 18:24
Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software. [...]

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

22 septembre 2021 à 23:44
Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution. [...]

FBI, CISA, and NSA warn of escalating Conti ransomware attacks

22 septembre 2021 à 19:24
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations. [...]

Apple will disable insecure TLS in future iOS, macOS releases

22 septembre 2021 à 18:59
Apple has deprecated the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in recently launched iOS and macOS versions and plans to remove support in future releases altogether. [...]

Phishing-as-a-service operation uses double theft to boost profits

22 septembre 2021 à 15:43
Microsoft says BulletProofLink, a large-scale phishing-as-a-service operation it spotted while investigating recent phishing attacks, is the driving force behind many phishing campaigns that have targeted many corporate organizations lately. [...]

New macOS zero-day bug lets attackers run commands remotely

21 septembre 2021 à 22:01
Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run commands on Macs running any macOS version up to the latest release, Big Sur. [...]

VMware warns of critical bug in default vCenter Server installs

21 septembre 2021 à 19:40
VMware warns customers to immediately patch a critical arbitrary file upload vulnerability in the Analytics service, impacting all appliances running default vCenter Server 6.7 and 7.0 deployments. [...]

US sanctions cryptocurrency exchange used by ransomware gangs

21 septembre 2021 à 18:35
The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions. [...]

Netgear fixes dangerous code execution bug in multiple routers

21 septembre 2021 à 17:24
Netgear has fixed a high severity remote code execution (RCE) vulnerability found in the Circle parental control service, which runs with root permissions on almost a dozen modern Small Offices/Home Offices (SOHO) Netgear routers. [...]

Hacked sites push TeamViewer using fake expired certificate alert

20 septembre 2021 à 22:15
Threat actors are compromising Windows IIS servers to add expired certificate notification pages that prompt visitors to download a malicious fake installer. [...]

Microsoft investigates Outlook issues with security keys, search

20 septembre 2021 à 19:34
Microsoft is investigating several issues impacting Outlook customers and leading to problems related to security keys, search results, and more. [...]

Republican Governors Association email server breached by state hackers

20 septembre 2021 à 15:43
The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021. [...]

Europol links Italian Mafia to million-dollar phishing scheme

20 septembre 2021 à 14:41
In collaboration with Europol and Eurojust, European law enforcement dismantled an extensive network of cybercriminals linked to the Italian Mafia that was able to defraud their victims of roughly €10 million ($11.7 million) last year alone. [...]