FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
☐ ☆ ✇ BleepingComputer

New malware steals Steam, Epic Games Store, and EA Origin accounts

Par : Sergiu Gatlan
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin. [...]
☐ ☆ ✇ The Hacker News

Russian Turla APT Group Deploying New Backdoor on Targeted Systems

Par : [email protected] (Ravie Lakshmanan)
State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems in the U.S., Germany, and Afghanistan. Cisco Talos attributed the attacks to the Turla advanced persistent threat (APT) group, coining the malware "TinyTurla" for its limited functionality and efficient coding style that allows it to go undetected.
☐ ☆ ✇ BleepingComputer

Malicious 'Safepal Wallet' Firefox add-on stole cryptocurrency

Par : Ax Sharma
A malicious Firefox add-on named "Safepal Wallet" lived on the Mozilla add-ons site for seven months and scammed users by emptying out their wallets. Safepal is a cryptocurrency wallet application capable of securely storing a variety of crypto assets, including Bitcoin, Ethereum, and Litecoin. [...]
☐ ☆ ✇ The Hacker News

New Android Malware Steals Financial Data from 378 Banking and Wallet Apps

Par : [email protected] (Ravie Lakshmanan)
The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research. "The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays," ThreatFabric's CEO Cengiz Han Sahin said in an emailed
☐ ☆ ✇ The Hacker News

How Does DMARC Prevent Phishing?

Par : [email protected] (The Hacker News)
DMARC is a global standard for email authentication. It allows senders to verify that the email really comes from whom it claims to come from. This helps curb spam and phishing attacks, which are among the most prevalent cybercrimes of today. Gmail, Yahoo, and many other large email providers have implemented DMARC and praised its benefits in recent years. If your company's domain name is
☐ ☆ ✇ BleepingComputer

Hands on with Windows 11's new Settings and File Explorer

Par : Mayank Parmar
In addition to the new Start Menu and taskbar design overhauls, Windows 11 also comes with a new File Explorer and Settings app. [...]
☐ ☆ ✇ BleepingComputer

Microsoft will disable Basic Auth in Exchange Online in October 2022

Par : Sergiu Gatlan
Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users. [...]
☐ ☆ ✇ The Hacker News

A New Jupyter Malware Version is Being Distributed via MSI Installers

Par : [email protected] (Ravie Lakshmanan)
Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions. The new delivery chain, spotted by Morphisec on September 8, underscores that the malware has not just continued to remain active but also showcases "how threat actors
☐ ☆ ✇ BleepingComputer

Windows 10 emergency update resolves KB5005565 app freezes, crashes

Par : Lawrence Abrams
Microsoft has released an emergency fix for freezing and crashing app issues caused by September's KB5005565  and KB5005101 cumulative updates. [...]
☐ ☆ ✇ BleepingComputer

Microsoft WPBT flaw lets hackers install rootkits on Windows devices

Par : Sergiu Gatlan
Security researchers have found a flaw in the Microsoft Windows Platform Binary Table (WPBT) that could be exploited in easy attacks to install rootkits on all Windows computers shipped since 2012. [...]
☐ ☆ ✇ BleepingComputer

Bitcoin.org hackers steal $17,000 in 'double your cash' scam

Par : Ax Sharma
This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered parts of the website to push a cryptocurrency giveaway scam that unfortunately some users fell for. Although the hack lasted for less than a day, hackers seem to have walked away with a little over $17,000. [...]
☐ ☆ ✇ BleepingComputer

The Week in Ransomware - September 24th 2021 - Targeting crypto

Par : Lawrence Abrams
This week's biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware's payment system. [...]
☐ ☆ ✇ BleepingComputer

United Health Centers ransomware attack claimed by Vice Society

Par : Lawrence Abrams
​California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. [...]
☐ ☆ ✇ BleepingComputer

Google apologizes for scaring Cloud users with 'past due' emails

Par : Lawrence Abrams
Google has apologized for a wave of emails warning Google Cloud Platform, Firebase, or API customers that their accounts may be suspended for a past due balance. [...]
☐ ☆ ✇ BleepingComputer

Hackers exploiting critical VMware vCenter CVE-2021-22005 bug

Par : Ionut Ilascu
Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it. [...]
☐ ☆ ✇ BleepingComputer

Emergency Google Chrome update fixes zero-day exploited in the wild

Par : Sergiu Gatlan
Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux, an emergency update addressing a high-severity zero-day vulnerability exploited in the wild. [...]
☐ ☆ ✇ WeLiveSecurity

Week in security with Tony Anscombe

Par : Editor

ESET unmasks FamousSparrow APT group – Stopping cloud data leaks – European cybercrime ring busted

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

☐ ☆ ✇ The Hacker News

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

Par : [email protected] (Ravie Lakshmanan)
Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a page to show another page as an inset and "perform a seamless transition to a new state, where the
☐ ☆ ✇ The Hacker News

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

Par : [email protected] (Ravie Lakshmanan)
Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary file deletion flaw is rated 9.1 out of a maximum of 10 on the CVSS scoring system, and could allow an
❌