❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Hier — 27 septembre 2021Flux principal

New malware steals Steam, Epic Games Store, and EA Origin accounts

27 septembre 2021 à 17:22
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin. [...]

Malicious 'Safepal Wallet' Firefox add-on stole cryptocurrency

27 septembre 2021 à 13:21
Par : Ax Sharma
A malicious Firefox add-on named "Safepal Wallet" lived on the Mozilla add-ons site for seven months and scammed users by emptying out their wallets. Safepal is a cryptocurrency wallet application capable of securely storing a variety of crypto assets, including Bitcoin, Ethereum, and Litecoin. [...]

Microsoft will disable Basic Auth in Exchange Online in October 2022

26 septembre 2021 à 16:00
Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users. [...]
À partir d’avant-hierFlux principal

Microsoft WPBT flaw lets hackers install rootkits on Windows devices

25 septembre 2021 à 17:16
Security researchers have found a flaw in the Microsoft Windows Platform Binary Table (WPBT) that could be exploited in easy attacks to install rootkits on all Windows computers shipped since 2012. [...] hackers steal $17,000 in 'double your cash' scam

25 septembre 2021 à 16:00
Par : Ax Sharma
This week, threat actors hijacked, the authentic website of the Bitcoin project, and altered parts of the website to push a cryptocurrency giveaway scam that unfortunately some users fell for. Although the hack lasted for less than a day, hackers seem to have walked away with a little over $17,000. [...]

The Week in Ransomware - September 24th 2021 - Targeting crypto

25 septembre 2021 à 01:27
This week's biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware's payment system. [...]

United Health Centers ransomware attack claimed by Vice Society

24 septembre 2021 à 23:10
​California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. [...]

Hackers exploiting critical VMware vCenter CVE-2021-22005 bug

24 septembre 2021 à 20:04
Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it. [...]

Emergency Google Chrome update fixes zero-day exploited in the wild

24 septembre 2021 à 19:33
Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux, an emergency update addressing a high-severity zero-day vulnerability exploited in the wild. [...]

Microsoft rushes to register Autodiscover domains leaking credentials

24 septembre 2021 à 19:03
Microsoft is rushing to register Internet domains used to steal Windows credentials sent from faulty implementations of the Microsoft Exchange Autodiscover protocol. [...]

EU officially blames Russia for 'Ghostwriter' hacking activities

24 septembre 2021 à 18:11
The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public. [...]

Researcher drops three iOS zero-days that Apple refused to fix

24 septembre 2021 à 13:13
Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the researcher. [...]

Cisco fixes highly critical vulnerabilities in IOS XE Software

24 septembre 2021 à 09:23
Cisco has patched three critical vulnerabilities affecting components in its IOS XE internetworking operating system powering routers and wireless controllers, or products running with a specific configuration. [...]

SonicWall fixes critical bug allowing SMA 100 device takeover

24 septembre 2021 à 08:19
SonicWall has patched a critical security flaw impacting several Secure Mobile Access (SMA) 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices. [...]

Hacking group used ProxyLogon exploits to breach hotels worldwide

23 septembre 2021 à 21:50
A newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies. [...]

Apple patches new zero-day bug used to hack iPhones and Macs

23 septembre 2021 à 20:23
Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions. [...]

Malware devs trick Windows validation with malformed certs

23 septembre 2021 à 18:24
Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software. [...]

REvil ransomware devs added a backdoor to cheat affiliates

23 septembre 2021 à 08:26
Cybercriminals are slowly realizing that the REvil ransomware operators have been hijacking ransom negotiations, to cut affiliates out of payments. [...]

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

22 septembre 2021 à 23:44
Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution. [...]