FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
☐ ☆ ✇ The Hacker News

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

Par : [email protected] (Ravie Lakshmanan)
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in
☐ ☆ ✇ The Hacker News

Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

Par : [email protected] (Ravie Lakshmanan)
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what's the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber experts working with the
☐ ☆ ✇ The Hacker News

Popular NPM Package Hijacked to Publish Crypto-mining Malware

Par : [email protected] (Ravie Lakshmanan)
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source library saw three
☐ ☆ ✇ The Hacker News

'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs

Par : [email protected] (Ravie Lakshmanan)
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a "lone wolf" threat actor operating a Lahore-based fake IT company called Bunse
☐ ☆ ✇ The Hacker News

Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks

Par : [email protected] (Ravie Lakshmanan)
The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity
☐ ☆ ✇ The Hacker News

Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild

Par : [email protected] (Ravie Lakshmanan)
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking
☐ ☆ ✇ BleepingComputer

CISA: GPS software bug may cause unexpected behavior this Sunday

Par : Bill Toulas
The Cybersecurity and Infrastructure Security Agency (CISA) warned that GPS deices might experience issues over the weekend because of a timing bug impacting Network Time Protocol  (NTP) servers running the GPS Daemon (GPSD) software. [...]
☐ ☆ ✇ BleepingComputer

Microsoft: Windows 11 printing issues fixed in the KB5006746 update

Par : Sergiu Gatlan
Microsoft has fixed multiple known issues impacting printing on Windows 11 with the release of the optional KB5006746 cumulative update preview on Thursday. [...]
☐ ☆ ✇ WeLiveSecurity

What’s lurking in the shadows? How to manage the security risks of shadow IT

Par : Phil Muncaster

Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era

The post What’s lurking in the shadows? How to manage the security risks of shadow IT appeared first on WeLiveSecurity

☐ ☆ ✇ BleepingComputer

Massive campaign uses YouTube to push password-stealing malware

Par : Lawrence Abrams
Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. [...]
☐ ☆ ✇ BleepingComputer

Hacking gang creates fake firm to hire pentesters for ransomware attacks

Par : Bill Toulas
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...]
☐ ☆ ✇ BleepingComputer

Evil Corp demands $40 million in new Macaw ransomware attacks

Par : Lawrence Abrams
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. [...]
☐ ☆ ✇ BleepingComputer

Windows 11 KB5006746 update fixes gaming performance issues

Par : Lawrence Abrams
Microsoft has released the optional KB5006746 cumulative update preview for Windows 11, fixing sixty-four issues, including AMD CPU performance and gaming issues. [...]
☐ ☆ ✇ BleepingComputer

Microsoft is releasing Windows 10 21H2 in November

Par : Sergiu Gatlan
Microsoft is preparing Windows 10 21H2, the next Windows 10 version, for a November 2021 release and is now rolling it out to all Windows Insiders in the Release Preview Channel. [...]
☐ ☆ ✇ BleepingComputer

Microsoft now defends nonprofits against nation-state attacks

Par : Sergiu Gatlan
Microsoft announced today a new security program for nonprofits to provide them with protection against nation-state attacks that have increasingly targeting them in recent years. [...]
☐ ☆ ✇ BleepingComputer

FIN7 tries to trick pentesters into launching ransomware attacks

Par : Bill Toulas
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting. [...]
☐ ☆ ✇ BleepingComputer

Google launches Android Enterprise bug bounty program

Par : Sergiu Gatlan
Google has announced the launch of its first vulnerability rewards program for Android Enterprise with bounties of up to $250,000. [...]
☐ ☆ ✇ BleepingComputer

Cybercrime matures as hackers are forced to work smarter

Par : Bill Toulas
An analysis of 500 hacking incidents across a wide range of industries has revealed trends that characterize a maturity in the way hacking groups operate today. [...]
☐ ☆ ✇ UnderNews

Journée mondiale du chiffrement : remettre en cause le chiffrement fort menace l’économie et les populations

Par : UnderNews

À l’occasion de la première Journée mondiale du chiffrement, plusieurs organismes de la société civile et entreprises de haute technologie du monde entier se sont regroupés dans le but de promouvoir l’utilisation du chiffrement fort, ainsi que de contrer les dangereuses tentatives des gouvernements et autorités en charge du maintien de l’ordre qui cherchent à en empêcher l’utilisation.

The post Journée mondiale du chiffrement : remettre en cause le chiffrement fort menace l’économie et les populations first appeared on UnderNews.
❌