What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-05-12 13:27:02 | Security breach suffered by credit bureau Equifax has cost $1.4 Billion (lien direct) | Equifax revealed its earnings release related to the security breach suffered in 2017, the incident has cost about $1.4 billion plus legal fees. Equifax revealed this week its earnings release related to the security breach suffered by the credit bureau back in 2017, the incident has cost about $1.4 billion plus legal fees. In 2017 Equifax confirmed it has suffered […] | Equifax | ||
|
2019-05-12 08:34:00 | Security Affairs newsletter Round 213 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! A hacker has taken over at least 29 IoT botnets Hackers stole card data from 201 campus online stores in US and Canada, is it the Magecart group? NoScript […] | |||
|
2019-05-12 08:15:03 | (Déjà vu) Turkish Personal Data Protection Authority fined Facebook for Photo API bug (lien direct) | The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo API bug that exposed personal photos of 300,000 Turkish users. In December, Facebook announced that […] | |||
|
2019-05-11 21:27:02 | Experts found a remote-code execution flaw in SQLite (lien direct) | Researchers at Cisco Talos discovered an use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device. Cisco Talos experts discovered an use-after-free() flaw in SQLite that could be exploited by an attacker to remotely execute code on an affected device. An attacker can trigger the flaw by sending […] | Vulnerability | ||
|
2019-05-11 14:30:01 | Over 100 flaws in management and access control systems expose buildings to hack (lien direct) | Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities that expose buildings to cyber attacks. Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities in management and access control systems from four major vendors. An attacker can exploit the vulnerabilities to gain full control of the vulnerable products and access to […] | Hack | ||
|
2019-05-11 08:12:01 | U.S. DoJ charges 9 individuals that stole $2.5M through SIM swapping (lien direct) | The U.S. Department of Justice charged nine individuals connected to a hacking crew focused on identity theft and SIM swapping attacks. The U.S. DoJ announced charges against nine individuals, 6 members of a hacking group known as ‘The Community’ and 3 former employees of mobile phone providers. The latter group helped the hackers to steal roughly […] | |||
|
2019-05-11 07:30:03 | Microsoft SharePoint CVE-2019-0604 flaw exploited in the wild (lien direct) | According to researchers at AT&T Alien Labs, threat actors are attempting to exploit the CVE-2019-0604 Microsoft Sharepoint vulnerability in attacks in the wild. AlienLabs has seen a number of reports related to the active exploitation of the CVE-2019-0604 vulnerability in Microsoft Sharepoint. The CVE-2019-0604 vulnerability is a remote code execution flaw that is caused by […] | Vulnerability Threat | ||
|
2019-05-10 20:40:00 | Heap Buffer Overflow Vulnerability found in Kaspersky Antivirus Engine (lien direct) | Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. The flaw tracked as CVE-2019-8285 affects Kaspersky Lab Antivirus Engine version before 04.apr.2019 and potentially allows arbitrary code execution. […] | Vulnerability | ||
|
2019-05-10 13:53:03 | DHS and FBI published a Malware Analysis Report on North Korea-linked tool ELECTRICFISH (lien direct) | The U.S. Department of Homeland Security (DHS) and the FCI published a new joint report on ELECTRICFISH, a malware used by North Korea. US DHS and the Federal Bureau of Investigation (FBI) conducted a joint analysis of a traffic tunneling tool dubbed ELECTRICFISH used by North Korea-linked APT group tracked as Hidden Cobra (aka Lazarus). It […] | Malware Tool Medical | APT 38 | |
|
2019-05-10 08:24:05 | Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies (lien direct) | A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. The group is offering the accesses to the […] | Hack | ||
|
2019-05-10 06:48:03 | DoJ indicted a member of China-based hacking group behind Anthem hack (lien direct) | US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. The US Department of Justice indicted Fujie Wang (32), a member of sophisticated Chinese hacking group that breached at several US companies, including the health insurer Anthem […] | Hack | ||
|
2019-05-09 20:16:01 | Freedom Mobile data breach impacts at least 15,000 customers (lien direct) | Canadian Freedom Mobile mobile network operator exposed the details of many customers, including their payment card data. Security researchers at vpnMentor discovered an unprotected database containing information belonging to Freedom Mobile customers. Freedom Mobile is the fourth largest mobile network operator in Canada. The unprotected database stored at least 5 million records associated with 1.5 million […] | Data Breach | ||
|
2019-05-09 17:27:01 | Cisco Talos warns of hardcoded credentials in Alpine Linux Docker Images (lien direct) | Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. Security researchers from Cisco revealed that Alpine Linux Docker images distributed via the official Docker Hub portal since December 2015 have been using a NULL password for the root account, The NULL password for the root […] | |||
|
2019-05-09 17:03:00 | 5 Factors Growing the Cyberthreat Management Industry (lien direct) | Here are five things likely contributing to the cyberthreat management industry growth. Companies around the world increasingly realize that they cannot assume they’re safe from cyberattacks and must actively work to combat potential threats. It’s not surprising, then, that a report from Absolute Market Insights forecasts a 13.5% combined annual growth rate for the cybersecurity […] | |||
|
2019-05-09 13:37:00 | Information Services Giant Wolters Kluwer hit by ransomware attack (lien direct) | Global information services company Wolters Kluwer took offline has taken offline many of its applications and platforms in response to a ransomware attack. Another ransomware attack made hit a big company, this time the victim is the Global information services giant Wolters Kluwer that took offline some of the affected systems after the incident. Wolters […] | Ransomware | ||
|
2019-05-09 10:17:05 | Vulnerability in UC Browser Apps exposes to phishing attacks (lien direct) | Security researcher discovered a browser address bar spoofing flaw that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Security researcher and bug hunter Arif Khan has discovered a browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. The vulnerability affects latest version of the UC Browser 12.11.2.1184 and UC Browser Mini […] | Vulnerability | ||
|
2019-05-09 05:02:04 | Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware (lien direct) | Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. SANS expert Renato Marinho uncovered an ongoing malicious campaign that is targeting vulnerable Apache Jenkins installs to deliver a Monero cryptominer dubbed Kerberods. According to the SANS Institute's Internet Storm Center, attackers are exploiting the […] | Malware Vulnerability | ||
|
2019-05-08 19:36:02 | Google May 2019 Patches address 4 RCE flaws in Android (lien direct) | Android May 2019 Patches address critical vulnerabilities in the Google operating system, including 4 remote code execution flaws. Google released May 2019 patches address 8 critical flaws in Google operating system, including 4 remote code execution vulnerabilities. Google is not aware of attacks in the wild exploiting these flaws. According to the advisory released by […] | |||
|
2019-05-08 13:06:02 | Yomi Hunter Joined the VirusTotal Sandbox Program! (lien direct) | We are pleased to announce that Yomi the Malware Hunter has successfully completed the on-boarding in the VirusTotal MultiSandbox Program! Official VirusTotal Announce: https://blog.virustotal.com/2019/05/virustotal-multisandbox-yoroi-yomi.html Yoroi can now contribute to the fight against malware threats sharing its analysis with Chronicle Security, the Alphabet's subsidiary author of the notorious VirusTotal Threat Intelligence platform: one of the most widely used community platforms all around the […] | Malware | ||
|
2019-05-08 12:52:04 | International Police operation seized DeepDotWeb and arrested its administrators (lien direct) | Police seized the DeepDotWeb website and arrested its operators for their business in facilitating the access to darkweb marketplaces and vendors. DeepDotWeb was a website for facilitating access to dark web sites and marketplaces. The site was seized and the arrests were made as part of an international operation involving the FBI, Europol, and Federal […] | |||
|
2019-05-08 10:39:03 | Most of the servers at City of Baltimore shut down after ransomware attack (lien direct) | For the second time in a year, systems of the city of Baltimore has been hit by a ransomware attack, forcing officials to shut down a majority of them. The city of Baltimore shut down most of its servers in response to a ransomware attack that hit its network. Baltimore Mayor Bernard C. Jack Young […] | Ransomware | ||
|
2019-05-08 09:13:00 | Hackers Steal $41 Million worth of Bitcoin from Binance Exchange (lien direct) | Hackers steal $41 Million worth of Bitcoin from Binance, one of the world's largest cryptocurrency exchange The hack of another cryptocurrency exchange made the headlines, hackers steal $41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. Binance is one of the world's largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the […] | Hack | ||
|
2019-05-08 08:01:05 | LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers (lien direct) | A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita. The story is very simple, LulZSec, the collective of hackers recently hit the Italian Ministry of the Environment, has collected a huge amount of […] | |||
|
2019-05-08 06:54:03 | Cisco addresses a critical flaw in Elastic Services Controller (lien direct) | Cisco released security updates to address a critical vulnerability in its virtualized function automation tool Elastic Services Controller (ESC). Cisco has released security updates to address a critical vulnerability affecting its virtualized function automation tool, Cisco Elastic Services Controller (ESC). The flaw could be exploited by a remote attacker could be exploited by an unauthenticated, […] | Tool Vulnerability | ||
|
2019-05-07 21:18:04 | LightNeuron, a Turla\'s backdoor used to compromise exchange mail servers (lien direct) | Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Turla group (also known as Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting government […] | |||
|
2019-05-07 14:10:05 | ATMitch: New Evidence Spotted In The Wild (lien direct) | Early April, experts at Yoroi-Cybaze ZLab spotted a new interesting malware sample, likely active since 2017, that was linked to ATMitch attacks. In the first days of April, our threat monitoring operations spotted a new interesting malware sample possibly active in the wild since 2017. Its initial triage suggests it may be part of an […] | Malware Threat | ||
|
2019-05-07 11:15:00 | Buckeye APT group used Equation Group tools prior to ShadowBrokers leak (lien direct) | China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. China-linked APT group tracked as APT3 (aka Buckeye, APT3, UPS Team, Gothic Panda, and TG-0110) was using a tool attributed to the NSA-linked Equation Group more than one year prior […] | Tool | APT 3 | |
|
2019-05-07 08:44:05 | New MegaCortex Ransomware targets enterprise networks (lien direct) | Experts at security firm Sophos discovered a new strain of ransomware dubbed MegaCortex that is targeting corporate networks. Security experts at Sophos discovered a new piece of ransomware dubbed MegaCortex that is targeting corporate networks. MegaCortex attacks were already reported in the United States, Italy, Canada, France, the Netherlands, and Ireland. “A new ransomware that […] | Ransomware | ||
|
2019-05-07 06:23:03 | ICS-CERT warns of several flaws in the GE Communicator software (lien direct) | ICS-CERT is warning of several vulnerabilities in the GE Communicator software, including hardcoded credentials and privilege escalation bugs. ICS-CERT is warning of five flaws affecting the GE Communicator software, including privilege escalation issues and hardcoded credentials GE Communicator is a is a user-friendly software for programming and monitoring supported metering devices. The software allows users […] | |||
|
2019-05-06 18:45:04 | A bug in Mirai code allows crashing C2 servers (lien direct) | Ankit Anubhav, a principal researcher at NewSky Security, explained how to exploit a vulnerability in the Mirai bot to crash it. Ankit Anubhav, a principal researcher at NewSky, explained how to exploit a trivial bug in the code of the Mirai bot, which is present in many of its variants, to crash it. The expert […] | Vulnerability | ||
|
2019-05-06 12:44:04 | Other Sierra AirLink router models affected by critical flaws (lien direct) | Sierra Wireless is warning its customers that additional AiraLink router models are affected by critical vulnerabilities previously disclosed. At the end of April, experts at Cisco Talos group disclosed a dozen of vulnerabilities in Sierra Wireless AirLink gateways and routers, including several serious flaws. Sierra Wireless AirLink gateways and routers are widely used in enterprise […] | |||
|
2019-05-06 09:10:05 | IDF hit Hamas, it is the first time a state launched an immediate physical attack in response to a cyber attack (lien direct) | Israel Defense Forces (IDF) launched a physical attack on Hamas It could be the first time that a state responds with a conventional strike to a cyber attack. The Israel Defense Forces (IDF) has launched a physical attack on Hamas in response to an alleged cyber attack. A strike launched by Israeli forces targeted a […] | |||
|
2019-05-06 05:11:01 | Retefe Banking Trojan resurfaces in the threat landscape with innovations (lien direct) | Security experts at Proofpoint warn of the resurfacing of the Retefe banking Trojan that implements new techniques to avoid detection. The Retefe banking Trojan resurfaces in that threat landscape and implements new techniques to avoid detection. The new variant resurfaced in April, it uses the stunnel encrypted tunneling mechanism and abuses a legitimate shareware app. […] | Threat | ||
|
2019-05-05 20:47:03 | NoScript temporarily disabled in Tor Browser … how to fix it? (lien direct) | Tor users noticed that the NoScript and HTTPS-Everywhere add-ons were disabled in the Tor browser, what’s happened? A few days ago millions of users discovered that Mozilla Add-ons were disabled and they were not able to re-activate or re-install them. The issue was caused by an expired intermediary certificate used to digitally sign Mozilla add-ons. […] | |||
|
2019-05-05 15:48:03 | Ukrainian national Oleksii Petrovich Ivanov extradited to US facing hacking charges (lien direct) | International 'Malvertiser' Oleksii Petrovich Ivanov extradited from the Netherlands to face hacking charges in New Jersey The Ukrainian national Oleksii Petrovich Ivanov (31) was extradited to the U.S. from the Netherlands and is facing charges of conspiracy to commit wire fraud, wire fraud, and computer fraud. The man is suspected to have carried out malvertising […] | |||
|
2019-05-05 12:48:04 | (Déjà vu) A hacker has taken over at least 29 IoT botnets (lien direct) | Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few weeks with brute-force attacks. The hacker ‘Subby’ took over 29 IoT botnets in the past few weeks brute-forcing the back end […] | ★★★★ | ||
|
2019-05-05 09:42:05 | Security Affairs newsletter Round 212 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! AESDDoS bot exploits CVE-2019-3396 flaw to hit Atlassian Confluence Server Critical flaw in Qualcomm chips exposes sensitive data for Android Devices Signed Malspam campaigns hit Europeans with Multi-Stage JasperLoader […] | |||
|
2019-05-05 08:04:04 | Hackers stole card data from 201 campus online stores in US and Canada, is it the Magecart group? (lien direct) | Magecart group stole payment card details from the e-commerce system used by colleges and universities in Canada and the US. Security firms have monitored the activities of a dozen Magecart groups at least since 2015. The gangs use to implant skimming script into compromised online stores in order to steal payment card data, but they are quite […] | |||
|
2019-05-04 14:52:00 | Japan will develop its first-ever malware as a defense measure against cyber attacks (lien direct) | The news was reported by the Kyodo News and has caught my attention, Japan will develop its first-ever computer virus as defense against cyber attacks. The Kyodo News revealed that Japan will develop its first-ever computer virus as a defense measure against cyber attacks and that the development will be completed by next March. The […] | Malware | ||
|
2019-05-04 13:57:02 | Mysterious attacks wipe Git repositories and ask a ransom to rescue code (lien direct) | Extortion practice hit programmers’ Git repositories, experts observed a new piece of ransomware that wipes them and replaces the code with a ransom note. Hackers are using a new piece of ransomware to target GitHub, GitLab, and Bitbucket repositories, wiping code and commiting, and leaving a ransom note. The hackers wipe out all commit history […] | Ransomware | ||
|
2019-04-29 17:28:04 | United Airlines covers up seat cameras to respond to privacy concerns (lien direct) | United Airlines opted to cover every camera in entertainment systems embedded within the back of plane seats in response to privacy concerns. Flying on United Airlines planes it is possible to find cameras included in screen and entertainment products used by the airline and mounted in the back of the seats. “A viral photo showing a […] | |||
|
2019-04-29 13:38:05 | New Emotet variant uses connected devices as proxy C2 servers (lien direct) | Researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and uses them as Proxy C2 servers. Trend Micro discovered a new variant of the Emotet Trojan that is able to infect devices and use them as proxy command-and-control servers. The new variant also employs random URI […] | Malware | ||
|
2019-04-29 12:53:01 | Report: Unknown Data Breach Exposes 80 Million US Households (lien direct) | vpnMentor's research team discovered a hack affecting 80 million US households, and the incident is still actively leaking data. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 65% of US households. Hosted by a Microsoft cloud server, the 24 GB database includes the number of people living in each household […] | Data Breach Hack | ||
|
2019-04-29 09:06:04 | Over 23 million breached accounts were using \'123456\' as password (lien direct) | A cyber survey conducted by the United Kingdom's National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. Security experts at the United Kingdom's National Cyber Security Centre (NCSC) analyzed the 100,000 most-commonly re-occurring breached passwords using data from Have I Been Pwned (HIBP). Have I Been Pwned allows users to […] | |||
|
2019-04-29 07:48:02 | Amnesty International Hong Kong Office hit by state-sponsored attack (lien direct) | The Hong Kong office of Amnesty International has been hit by a long-running cyberattack carried out by China-linked hackers. Amnesty International’s Hong Kong office has been hit with a cyberattack launched by China-linked hackers. “This sophisticated cyber-attack underscores the dangers posed by state-sponsored hacking and the need to be ever vigilant to the risk of […] | ★★ | ||
|
2019-04-29 06:54:05 | Microsoft removes Password-Expiration Policy in security baseline for Windows 10 (lien direct) | Microsoft presented a series of security enhancements for its Windows 10, including the removal of the password-expiration policy. Microsoft announced the removal of the password-expiration policy from its operating system starting with the next Windows 10 feature update (Windows 10 version 1903, a.k.a., “19H1” ) and Windows Server version 1903. The idea behind this change […] | |||
|
2019-04-28 14:22:01 | (Déjà vu) Critical flaw in Qualcomm chips exposes sensitive data for Android Devices (lien direct) | Researchers devised a new side-channel attack in Qualcomm technology, widely used by most Android smartphones, that could expose private keys. Researchers have uncovered a new side-channel attack that could be exploited by attackers to extract sensitive data from Qualcomm secure keystore, including private keys, and passwords. The attack potentially impacts most of the modern Android […] | |||
|
2019-04-28 13:38:05 | Signed Malspam campaigns hit Europeans with Multi-Stage JasperLoader (lien direct) | Experts observed several malspam campaigns using signed emails to deliver the GootKit banking Trojan (aka talalpek or Xswkit). Threat actors leverage a multi-stage malware loader tracked as JasperLoader in the malspam campaigns over the past few months. The JasperLoader was observed while distributing malware to targets from Central Europe, most of them in Italy and […] | Malware Threat | ||
|
2019-04-28 09:12:04 | Security Affairs newsletter Round 211 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! 60 Million records of LinkedIn users exposed online INPIVX hidden service, a new way to organize ransomware attacks Ride-Hailing Company operating in Iran exposes data of Iranian Drivers A […] | Ransomware | ||
|
2019-04-28 07:50:03 | AESDDoS bot exploits CVE-2019-3396 flaw to hit Atlassian Confluence Server (lien direct) | A new variant of the AESDDoS bot is exploiting a recent vulnerability in the Atlassian collaborative software Confluence. Security experts at Trend Micro have spotted a new variant of AESDDoS botnet that is exploiting a recently discovered vulnerability in the Atlassian collaborative software Confluence. The flaw exploited in the attacks, tracked as CVE-2019-3396, is a […] | Vulnerability |
To see everything:
Our RSS (filtrered)
