What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-02 05:54:06 | Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software (lien direct) | In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia's major certificate authorities, to backdoor its installer software with Cobalt Strike binaries.
The trojanized client was available for download between February 8, 2021, and March 3, 2021, said Czech cybersecurity software company Avast in a report published Thursday. |
|||
|
2021-07-02 02:56:26 | New Google Scorecards Tool Scans Open-Source Software for More Security Risks (lien direct) | Google has launched an updated version of Scorecards, its automated security tool that produces a "risk score" for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis.
"With so much software today relying on open-source projects, consumers need an easy way to judge whether their dependencies are safe," Google's Open |
Tool | ||
|
2021-07-01 23:23:24 | NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers (lien direct) | An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S.
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.K.'s National |
|||
|
2021-07-01 23:01:04 | Microsoft Warns of Critical "PrintNightmare" Flaw Being Exploited in the Wild (lien direct) | Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution (RCE) vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected exploitation attempts targeting the flaw.
The company is tracking the security weakness under the |
Vulnerability | ||
|
2021-07-01 03:00:21 | IndigoZebra APT Hacking Campaign Targets the Afghan Government (lien direct) | Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance as far back as 2014.
Israeli cybersecurity firm Check Point Research attributed the intrusions to a hacking group tracked under the moniker "IndigoZebra," with past activity aimed |
Threat | ||
|
2021-07-01 02:58:54 | Rethinking Application Security in the API-First Era (lien direct) | Securing applications it the API-first era can be an uphill battle. As development accelerates, accountability becomes unclear, and getting controls to operate becomes a challenge in itself. It's time that we rethink our application security strategies to reflect new priorities, principles and processes in the API-first era. Securing tomorrow's applications begins with assessing the business |
|||
|
2021-07-01 02:34:36 | Facebook Sues 4 Vietnamese for Hacking Accounts and $36 Million Ad Fraud (lien direct) | Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies.
"In the first case, the defendants are a California marketing company and its agents responsible for a bait-and-switch advertising scheme on Facebook," the social media giant's Director of |
|||
|
2021-07-01 02:14:34 | 3 Steps to Strengthen Your Ransomware Defenses (lien direct) | The recent tsunami of ransomware has brought to life the fears of downtime and data loss cybersecurity pros have warned about, as attacks on the energy sector, food supply chain, healthcare industry, and other critical infrastructure have grabbed headlines.
For the industry experts who track the evolution of this threat, the increased frequency, sophistication, and destructiveness of ransomware |
Ransomware | ||
|
2021-06-30 23:05:39 | Microsoft Discloses Critical Bugs Allowing Takeover of NETGEAR Routers (lien direct) | Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers, which they say could be reliably abused as a jumping-off point to compromise a network's security and gain unfettered access.
The three HTTPd authentication security weaknesses (CVSS scores: 7.1 – 9.4) impact routers running firmware versions prior to v1.0.0.60, and have since |
|||
|
2021-06-30 22:36:49 | (Déjà vu) Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia (lien direct) | Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012.
Mihai Ionut Paunescu (aka "Virus"), the individual in question, was detained at the El Dorado airport in Bogotá, the Office of the Attorney General of Colombia said.
Paunescu was previously |
|||
|
2021-06-30 05:56:19 | Authorities Seize DoubleVPN Service Used by Cybercriminals (lien direct) | A coordinated international law enforcement operation resulted in the takedown of a VPN service called DoubleVPN for providing a safe haven for cybercriminals to cover their tracks.
"On 29th of June 2021, law enforcement took down DoubleVPN," the agencies said in a seizure notice splashed on the now-defunct site. "Law enforcement gained access to the servers of DoubleVPN and seized personal |
|||
|
2021-06-30 05:56:11 | [Webinar] How Cyber Attack Groups Are Spinning a Larger Ransomware Web (lien direct) | Organizations today already have an overwhelming number of dangers and threats to look out for, from spam to phishing attempts to new infiltration and ransomware tactics. There is no chance to rest, since attack groups are constantly looking for more effective means of infiltrating and infecting systems.
Today, there are hundreds of groups devoted to infiltrating almost every industry, |
Ransomware Spam | ||
|
2021-06-30 04:28:07 | Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability (lien direct) | A proof-of-concept (PoC) exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down.
Identified as CVE-2021-1675, the security issue could grant remote attackers full control of vulnerable systems. Print Spooler manages the printing process in Windows, including loading |
Vulnerability | ||
|
2021-06-30 00:10:13 | GitHub Launches \'Copilot\' - AI-Powered Code Completion Tool (lien direct) | GitHub on Tuesday launched a technical preview of a new AI-powered pair programming tool that aims to help software developers write better code across a variety of programming languages, including Python, JavaScript, TypeScript, Ruby, and Go.
Copilot, as the code synthesizer is called, has been developed in collaboration with OpenAI, and leverages Codex, a new AI system that's trained on |
Tool | ||
|
2021-06-29 06:06:56 | Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine (lien direct) | An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network.
"This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in an analysis published Friday. "By mounting this exploit, the attacker can grant access to themselves |
Vulnerability | ||
|
2021-06-29 02:51:18 | New API Lets App Developers Authenticate Users via SIM Cards (lien direct) | Online account creation poses a challenge for engineers and system architects: if you put up too many barriers, you risk turning away genuine users. Make it too easy, and you risk fraud or fake accounts.
The Problem with Identity Verification
The traditional model of online identity – username/email and password – has long outlived its usefulness. This is how multi-factor or two-factor |
|||
|
2021-06-29 02:39:55 | Google now requires app developers to verify their address and use 2FA (lien direct) | Google on Monday announced new measures for the Play Store, including requiring developer accounts to turn on 2-Step Verification (2SV), provide an address, and verify their contact details later this year.
The new identification and two-factor authentication requirements are a step towards strengthening account security and ensuring a safe and secure app marketplace, Google Play Trust and |
|||
|
2021-06-28 06:08:38 | Microsoft Edge Bug Could\'ve Let Hackers Steal Your Secrets for Any Site (lien direct) | Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website.
Tracked as CVE-2021-34506 (CVSS score: 5.4), the weakness stems from a universal cross-site scripting (UXSS) issue that's triggered when automatically |
Vulnerability | ||
|
2021-06-28 00:56:30 | Hackers Trick Microsoft Into Signing Netfilter Driver Loaded With Rootkit Malware (lien direct) | Microsoft on Friday said it's investigating an incident wherein a driver signed by the company turned out to be a malicious Windows rootkit that was observed communicating with command-and-control (C2) servers located in China.
The driver, called "Netfilter," is said to target gaming environments, specifically in the East Asian country, with the Redmond-based firm noting that "the actor's goal |
Malware | ||
|
2021-06-28 00:02:48 | DMARC: The First Line of Defense Against Ransomware (lien direct) | There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it's making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action.
The FBI IC3 report of 2020 classified Ransomware as the most financially damaging cybercrime of the year, with no major |
Ransomware | ||
|
2021-06-27 23:39:50 | Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online (lien direct) | A security vulnerability in Cisco Adaptive Security Appliance (ASA) that was addressed by the company last October and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept (PoC) exploit code.
The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged that attackers |
Vulnerability | ||
|
2021-06-27 20:32:04 | SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers (lien direct) | In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts.
"This recent activity was mostly unsuccessful, and |
Threat | ||
|
2021-06-25 06:32:08 | Google Extends Support for Tracking Party Cookies Until 2023 (lien direct) | Google's sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years.
"While there's considerable progress with this initiative, it's become clear that more time is needed across the ecosystem to get this right," Chrome's |
|||
|
2021-06-25 03:37:08 | Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack (lien direct) | Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers.
Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and VPN series running |
Threat | ||
|
2021-06-25 03:16:12 | Crackonosh virus mined $2 million of Monero from 222,000 hacked computers (lien direct) | A previously undocumented Windows malware has infected over 222,000 systems worldwide since at least June 2018, yielding its developer no less than 9,000 Moneros ($2 million) in illegal profits.
Dubbed "Crackonosh," the malware is distributed via illegal, cracked copies of popular software, only to disable antivirus programs installed in the machine and install a coin miner package called XMRig |
Malware | ||
|
2021-06-25 01:05:22 | FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards (lien direct) | A Ukrainian national and a mid-level supervisor of the hacking group known as FIN7 has been sentenced to seven years in prison for his role as a "pen tester" and perpetuating a criminal scheme that enabled the gang to compromise millions of customers debit and credit cards.
Andrii Kolpakov, 33, was arrested in Spain on June 28, 2018, and subsequently extradited to the U.S. the following year on |
|||
|
2021-06-24 23:58:15 | Clop Gang Partners Laundered $500 Million in Ransomware Payments (lien direct) | The cybercrime ring that was apprehended last week in connection with Clop (aka Cl0p) ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities.
"The group - also known as FANCYCAT - has been running multiple criminal activities: distributing cyber attacks; operating a |
Ransomware | ||
|
2021-06-24 03:29:57 | BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models (lien direct) | Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device.
"As the attacker has the ability to remotely execute code in the pre-boot environment, this can be used to subvert the operating |
|||
|
2021-06-24 03:13:23 | Reduce Business Risk By Fixing 3 Critical Endpoint-to-Cloud Security Requirements (lien direct) | Enterprise applications used to live securely in data centers and office employees connected to internal networks using company-managed laptops or desktops. And data was encircled by a walled perimeter to keep everything safe.
All that changed in the last 18 months. Businesses and employees had to adapt quickly to cloud technology and remote work. The cloud gave businesses the agility to respond |
|||
|
2021-06-24 03:05:51 | One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account (lien direct) | Cybersecurity researchers on Wednesday disclosed critical flaws in the Atlassian project and software development platform that could be exploited to take over an account and control some of the apps connected through its single sign-on (SSO) capability.
"With just one click, an attacker could have used the flaws to get access to Atlassian's publish Jira system and get sensitive information, |
|||
|
2021-06-23 23:44:14 | Antivirus Pioneer John McAfee Found Dead in Spanish Jail (lien direct) | Controversial mogul and antivirus pioneer John McAfee on Wednesday died by suicide in a jail cell in Barcelona, hours after reports that he would be extradited to face federal charges in the U.S.
McAfee was 75. He is said to have died by hanging "as his nine months in prison brought him to despair," according to McAfee's lawyer Javier Villalba, Reuters reported. Security personnel at the Brians |
|||
|
2021-06-23 07:36:52 | Pakistan-linked hackers targeted Indian power company with ReverseRat (lien direct) | A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research.
"Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan," Lumen's Black Lotus Labs said in a Tuesday |
Threat | ||
|
2021-06-23 02:33:00 | [Whitepaper] Automate Your Security with Cynet to Protect from Ransomware (lien direct) | It seems like every new day brings with it a new ransomware news item – new attacks, methods, horror stories, and data being leaked.
Ransomware attacks are on the rise, and they've become a major issue for organizations across industries. A recent report estimated that by 2031, ransomware attacks would cost the world over $260 billion.
A new whitepaper from XDR provider Cynet demonstrates how |
Ransomware | ||
|
2021-06-23 01:54:53 | Patch Tor Browser Bug to Prevent Tracking of Your Online Activities (lien direct) | Open-source Tor browser has been updated to version 10.0.18 with fixes for multiple issues, including a privacy-defeating bug that could be used to uniquely fingerprint users across different browsers based on the apps installed on a computer.
In addition to updating Tor to 0.4.5.9, the browser's Android version has been upgraded to Firefox to version 89.1.1, alongside incorporating patches |
|||
|
2021-06-22 22:35:59 | SonicWall Left a VPN Flaw Partially Unpatched Amidst 0-Day Attacks (lien direct) | A critical vulnerability in SonicWall VPN appliances that was believed to have been patched last year has been now found to be "botched," with the company leaving a memory leak flaw unaddressed, until now, that could permit a remote attacker to gain access to sensitive information.
The shortcoming was rectified in an update rolled out to SonicOS on June 22.
Tracked as CVE-2021-20019 (CVSS score |
Vulnerability | ★★★★★ | |
|
2021-06-22 12:28:09 | Unpatched Supply-Chain Flaw Affects \'Pling Store\' Platforms for Linux Users (lien direct) | Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software (FOSS) marketplaces for Linux platform that could be potentially abused to stage supply chain attacks and achieve remote code execution (RCE).
"Linux marketplaces that are based on the Pling platform are vulnerable to a wormable [cross-site scripting] with potential for |
Vulnerability | ||
|
2021-06-22 03:02:28 | Wormable DarkRadiation Ransomware Targets Linux and Docker Instances (lien direct) | Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications.
"The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions," researchers from Trend Micro said in |
Ransomware | ||
|
2021-06-22 00:24:34 | NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws (lien direct) | U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure.
Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series, |
Guideline | ||
|
2021-06-21 07:17:48 | 5 Critical Steps to Recovering From a Ransomware Attack (lien direct) | Hackers are increasingly using ransomware as an effective tool to disrupt businesses and fund malicious activities.
A recent analysis by cybersecurity company Group-IB revealed ransomware attacks doubled in 2020, while Cybersecurity Venture predicts that a ransomware attack will occur every 11 seconds in 2021.
Businesses must prepare for the possibility of a ransomware attack affecting their |
Ransomware Tool | ||
|
2021-06-21 03:05:00 | DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps (lien direct) | A new research published by a group of academics has found that anti-virus programs for Android continue to remain vulnerable against different permutations of malware, in what could pose a serious risk as malicious actors evolve their toolsets to better evade analysis.
"Malware writers use stealthy mutations (morphing/obfuscations) to continuously develop malware clones, thwarting detection by |
Malware | ||
|
2021-06-21 00:30:17 | Beware! Connecting to This Wireless Network Can Break Your iPhone\'s Wi-Fi Feature (lien direct) | A wireless network naming bug has been discovered in Apple's iOS operating system that effectively disables an iPhone's ability to connect to a Wi-Fi network.
The issue was spotted by security researcher Carl Schou, who found that the phone's Wi-Fi functionality gets permanently disabled after joining a Wi-Fi network with the unusual name "%p%s%s%s%s%n" even after rebooting the phone or changing |
|||
|
2021-06-18 23:34:04 | North Korea Exploited VPN Flaw to Hack South\'s Nuclear Research Institute (lien direct) | South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which - "27.102.114[.]89 |
Hack Vulnerability | ||
|
2021-06-18 23:13:20 | Cyber espionage by Chinese hackers in neighbouring nations is on the rise (lien direct) | A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus.
In a wide-ranging report published by Massachusetts-headquartered Recorded Future this week, the cybersecurity firm's Insikt Group said it identified ties between a group it tracks as " |
|||
|
2021-06-18 06:07:00 | Russia bans VyprVPN, Opera VPN services for not complying with blacklist request (lien direct) | Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country.
"In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and |
|||
|
2021-06-18 00:34:33 | Google Releases New Framework to Prevent Software Supply Chain Attacks (lien direct) | As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications.
Called "Supply chain Levels for Software Artifacts" (SLSA, and pronounced "salsa"), the end-to-end framework aims to secure the software development and |
|||
|
2021-06-17 23:33:55 | [eBook] 7 Signs You Might Need a New Detection and Response Tool (lien direct) | It's natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns.
In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes obsolete, often overnight.
This combination usually results in one of two things – organizations |
Tool | ||
|
2021-06-17 20:33:11 | Update Your Chrome Browser to Patch Yet Another 0-Day Exploited in-the-Wild (lien direct) | Google has rolled out yet another update to Chrome browser for Windows, Mac, and Linux to fix four security vulnerabilities, including one zero-day flaw that's being exploited in the wild.
Tracked as CVE-2021-30554, the high severity flaw concerns a use after free vulnerability in WebGL (aka Web Graphics Library), a JavaScript API for rendering interactive 2D and 3D graphics within the browser. |
|||
|
2021-06-17 05:09:16 | Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments (lien direct) | A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month.
Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated threat actor it |
Threat | ||
|
2021-06-17 03:25:33 | A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran (lien direct) | Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan (RAT) capable of stealing sensitive information from targets' devices since at least 2015.
Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an advanced persistent threat (APT) |
Threat | ||
|
2021-06-17 01:06:05 | Strengthen Your Password Policy With GDPR Compliance (lien direct) | A solid password policy is the first line of defense for your corporate network. Protecting your systems from unauthorized users may sound easy on the surface, but it can actually be quite complicated. You have to balance password security with usability, while also following various regulatory requirements.
Companies in the EU must have password policies that are compliant with the General Data |
To see everything:
Our RSS (filtrered)
