What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-04 14:22:02 | The German chemicals giant Bayer hit by a cyber attack (lien direct) | The German chemicals giant Bayer confirmed that of a cyber attack, it confirmed the incident but clarified that no data has been stolen. The chemicals giant Bayer is the last victims of a cyber attack, it confirmed the incident, but pointed out the hackers haven’t stolen any data. According to the company, at the beginning […] | |||
|
2019-04-04 10:46:02 | New XLoader variant leverage Twitter to hide C2 addresses (lien direct) | Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application, the malware also attempts to infect Apple devices (iPhones and […] | Malware | ||
|
2019-04-04 07:49:03 | Advantech addressed code execution and DoS flaws in WebAccess software (lien direct) | Industrial automation firm Advantech addressed several serious vulnerabilities in its WebAccess SCADA software. WebAccess is a browser-based software package for human-machine interfaces (HMI) and SCADA systems developed by Advantech. The vulnerabilities affect WebAccess/SCADA Versions 8.3.5 and prior. The software is widely adopted in many sectors worldwide, such as critical manufacturing, energy, and water and wastewater. […] | |||
|
2019-04-03 21:44:01 | Experts found 540 Million Facebook user records on unprotected Amazon S3 buckets (lien direct) | The huge trove of Facebook user data was amassed and stored online on unprotected cloud servers by third-party Facebook app developers. Definitively I can tell you that this is an awful period for Facebook and its users. We first read about an embarrassing incident involving the social network giant that asked some newly-registered users to […] | |||
|
2019-04-03 17:25:04 | OceanLotus APT group leverages a steganography-based loader to deliver backdoors (lien direct) | The OceanLotus APT group, also known as APT32 or Cobalt Kitty, leverages a steganography-based loader to deliver backdoors on compromised systems. Security researchers at Cylance discovered that the OceanLotus APT (also known as APT32 or Cobalt Kitty, group is using a loader leveragingsteganography to deliver a version of Denes backdoor and an updated version of […] | APT 32 | ||
|
2019-04-03 13:51:00 | Group-IB report: JS-sniffers infected 2440 websites around the world (lien direct) | Crime without punishment: Group-IB issues a new report on JS-sniffers that infected 2440 websites around the world Group-IB, an international company that specializes in preventing cyberattacks, has issued a new comprehensive report on the analysis of JavaScript-sniffers – a type of malware designed to steal customer payment data from online stores. 2440 infected ecommerce websites […] | Malware | ||
|
2019-04-03 08:16:00 | (Déjà vu) Georgia Tech security breach exposed up to 1.3 million individuals (lien direct) | The Georgia Institute of Technology (Georgia Tech) announced to have suffered a security breach, “an unknown outside entity” had access to data of up to 1.3 million people. The Georgia Institute of Technology (Georgia Tech) suffered a security breach, on Tuesday it revealed that “an unknown outside entity” had gained unauthorized access to a database […] | |||
|
2019-04-03 06:58:01 | Crooks use hidden directories of compromised HTTPS sites to deliver malware (lien direct) | Attackers Store Malware in Hidden Directories of Compromised HTTPS Sites Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS sites running WordPress and Joomla websites to store and serve malicious payloads. Hacked websites were […] | Malware Threat | ||
|
2019-04-02 20:26:03 | Cyber Defense Magazine – April 2019 has arrived. Enjoy it! (lien direct) | Cyber Defense eMagazine April 2019 Edition has arrived. We hope you enjoy this month’s edition…packed with over 140 pages of excellent content. InfoSec Knowledge is Power. We have 7 years of eMagazines online with timeless content. Visit our online library by clicking here. CLICK HERE TO DOWNLOAD A HIGH QUALITY PDF VERSION. CLICK HERE TO READ […] | |||
|
2019-04-02 19:43:00 | CVE-2019-0211 Apache flaw allows getting root access via script (lien direct) | The privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems An important privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain […] | Vulnerability | ||
|
2019-04-02 13:43:02 | 26k+ Kibana Instances exposed Elasticsearch databases online (lien direct) | Security expert discovered thousands of unsafe Kibana instances that are exposed online, the news was first reported by colleagues at THN. Kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch cluster. Users can create bar, line and scatter plots, or pie charts and […] | |||
|
2019-04-02 10:54:03 | Analyzing AZORult malware using NSA Ghidra suite (lien direct) | Cybaze-Yoroi ZLAB malware researchers decided to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware. Introduction One of the most expected moments in the infosec community during the last few months was, with no doubt, the Ghidra public release. On the 5th of March, at the RSA conference, […] | Malware | ||
|
2019-04-02 09:07:05 | Closure JavaScript Library introduced XSS issue in Google Search and potentially other services (lien direct) | A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The Japanese security researcher Masato Kinugawa discovered an XSS vulnerability in Google Search that was introduced with a change made months ago in an open-source JavaScript library. The library is named Closure and according to the […] | Vulnerability | ||
|
2019-04-02 08:00:00 | BREAKING: new update about DDoS\'er Linux/DDoSMan ELF malware based on Elknot (lien direct) | The popular expert unixfreaxjp analyzed a new China ELF DDoS’er malware tracked as “Linux/DDoSMan” that evolves from the Elknot malware to deliver new ELF bot. Non-Technical-Premise “This report is meant for incident response or Linux forensics purpose, TO HELP admin & IR folks”, with this the very beginning sentence starts the new analysis of one […] | Malware | ||
|
2019-03-29 14:36:00 | Victims of attacks in the Philippines are filing lawsuit against company enabling them (lien direct) | DISCLOSURE OF COMPANY FACILITATING MASSIVE CYBER ATTACKS AGAINST MORE THAN 20 REGIME CRITICAL PHILIPPINE WEBSITESDISCLOSURE OF COMPANY FACILITATING MASSIVE CYBER ATTACKS AGAINST MORE THAN 20 REGIME CRITICAL PHILIPPINE WEBSITES “We're in,” Dr. John Brule said on March 29, 1994, when the Philippine Internet had just been born. 25 years later, a coalition of Philippine media […] | |||
|
2019-03-29 13:55:01 | Magento fixed a critical Magento SQL Injection flaw (lien direct) | There is an important news for administrators of e-commerce websites running over the Magento platform, Magento fixed a critical SQL injection flaw. Administrators of Magento e-commerce websites have to update their installations due to the presence of a critical SQL injection vulnerability in the popular CMS. The flaw could have a significant impact considering that […] | Vulnerability | ||
|
2019-03-29 12:34:05 | Malware researchers decrypted the Qrypter Payload (lien direct) | Malware researchers at Cybaze-Yoroi ZLAB team dissected a new sample of Qrypter malware that revealed an interesting evolution of the threat. Introduction During the last weeks, Yoroi's monitoring operation intercepted some malicious emails required further attention: they were sent to a very few organizations and the content was specifically tailored for Italian speaking targets. This […] | Malware | ||
|
2019-03-29 07:15:05 | Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers (lien direct) | Google security developer Matthew Garrett disclosed a zero-day arbitrary code execution (ACE) vulnerability affecting the TP-Link SR20 routers. Google security developer Matthew Garrett discovered a zero-day arbitrary code execution (ACE) vulnerability in TP-Link SR20 routers. The vulnerability in TP-Link SR20 routers could be exploited by potential attackers on the same network to execute arbitrary commands. […] | Vulnerability | ||
|
2019-03-28 20:40:04 | (Déjà vu) New Shodan Monitor service allows tracking Internet-Exposed devices (lien direct) | Shodan IoT search engine announced the launch of a new service called Shodan Monitor designed to help organizations to maintain track of systems connected to the Internet. Shodan, the popular IoT search engine, announced this week the launch of a new service called Monitor designed to help organizations to maintain track of systems connected to […] | |||
|
2019-03-28 19:08:01 | WinRAR CVE-2018-20250 flaw exploited in multiple campaigns (lien direct) | The recently patched vulnerability affecting the popular archiver utility WinRAR has been exploited to deliver new malware to targeted users. A recently patched vulnerability affecting the popular archiver utility WinRAR it becoming a commodity in the cybercrime underground, experts reported it has been exploited to deliver new malware in targeted attacks. The vulnerability, tracked as […] | Malware Vulnerability | ||
|
2019-03-28 15:12:04 | Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps (lien direct) | Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported. Gustuff is a new generation of malware complete with fully automated features designed to steal both fiat […] | Malware Guideline | ||
|
2019-03-28 08:20:04 | Lazarus APT continues to target cryptocurrency businesses with Mac malware (lien direct) | North Korea-linked Lazarus group made the headlines again, it has been leveraging PowerShell to target both Windows and macOS machines. The North Korea-linked Lazarus APT group made has been leveraging PowerShell to target both Windows and macOS machines in a new wave of attacks. The discovery was made by experts at Kaspersky Lab, the campaign […] | Malware Medical | APT 38 | |
|
2019-03-28 07:32:00 | ASUS fixes supply chain of Live Update tool hit in Operation ShadowHammer (lien direct) | ASUS released security patches to fix the issues in the Live Update utility that were exploited by threat actors in Operation ShadowHammer. ASUS announced to have released a fix for the Live Update utility that was exploited by threat actors behind the Operation ShadowHammer to deliver malware to hundreds of users. The Operation ShadowHammer took […] | Malware Tool Threat | ||
|
2019-03-27 15:05:02 | Operation SaboTor – Police arrested 61 vendors and buyers in the dark web (lien direct) | Operation SaboTor – A coordinated operation conducted by law enforcement agencies from Europe, Canada, and the United States targeted vendors and buyers of illegal goods on dark web marketplaces. The international operations, dubbed operation SaboTor, involved 17 countries, notably Germany, the Netherlands, Austria, and Portugal. “During the course of this operation, international law enforcement agencies […] | |||
|
2019-03-27 13:18:01 | LUCKY ELEPHANT campaign targets South Asian governments (lien direct) | The NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign tracked as LUCKY ELEPHANT targeting mostly South Asian governments. Security experts at NETSCOUT Threat Intelligence team uncovered a credential harvesting campaign, tracked as LUCKY ELEPHANT, targeting mostly South Asian governments. The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign […] | Threat | ||
|
2019-03-27 10:11:05 | (Déjà vu) Norsk Hydro estimates losses between $35M – $41M in the first week after cyberattack (lien direct) | Norwegian aluminum giant Norsk Hydro estimates more than $40 million losses in the first week following the ransomware attack that disrupted its operations. Last week Norwegian Norsk Hydro, one of the biggest Aluminum producer, suffered an extensive cyber attack that impacted operations in several of the company's business areas across Europe and the U.S. The news […] | Ransomware | ||
|
2019-03-27 08:50:00 | A new AZORult C++ variant can establish RDP connections (lien direct) | Experts from Kaspersky observed a new C++ version of the AZORult data stealer that implements the ability to establish RDP connections. The AZORult Trojan is one of the most popular data stealers in the Russian cybercrime underground. The AZORult stealer was first spotted in 2016 by Proofpoint that discovered it was part of a secondary […] | |||
|
2019-03-27 07:39:04 | Experts found 36 vulnerabilities in the LTE protocol (lien direct) | A team of researchers from the Korea Advanced Institute of Science and Technology Constitution (KAIST) discovered 36 vulnerabilities in the LTE protocol. Security experts from the Korea Advanced Institute of Science and Technology Constitution (KAIST) have discovered 36 vulnerabilities in the LTE protocol used by most mobile carriers. The researchers used a fuzzing technique to […] | ★★★ | ||
|
2019-03-26 18:18:01 | (Déjà vu) Whitehat settings allow white hat hackers to Test Facebook mobile apps (lien direct) | Facebook introduced new settings designed to make it easier for cyber experts to test the security of its mobile applications. Facebook has announced the implementation of new settings to make it easier for white hat hackers to test the security of its mobile applications. To protect Facebook users, the mobile apps of the company implement […] | |||
|
2019-03-26 13:45:01 | The Ursnif Gangs keep Threatening Italy (lien direct) | Malware researchers at Cybaze-Yoroi ZLab team uncovered a new Ursnif malware campaign that reached several organizations across Italy. Introduction The Ursnif trojan confirms itself as one of the most active malware threats in cyberspace, even during the past days, when new attack attempts reached several organizations across Italy. Cybaze-Yoroi ZLab team dissected its infection chain […] | Malware | ||
|
2019-03-26 12:18:04 | iOS 12.2 update addresses some troubling vulnerabilities (lien direct) | This week Apple released iOS 12.2 to address 51 security vulnerabilities in the popular mobile operating system running on iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. Most of the flaws affect the web rendering engine WebKit, an attacker could trick victims into opening a maliciously crafted web content to […] | |||
|
2019-03-26 08:44:02 | How to get back files encrypted by the Hacked Ransomware for free (lien direct) | Good news for the victims of the Hacked Ransomware, the security firm Emsisoft has released a free decryptor to decrypt the data of infected computers. Security experts at Emsisoft released a free decryptor for the Hacked Ransomware. The Hacked Ransomware was first spotted in 2017, it appends .hacked extension to the encrypted files and includes […] | Ransomware | ||
|
2019-03-26 06:13:02 | Microsoft experts found high severity flaws in Huawei PCManager (lien direct) | Microsoft experts discovered privilege escalation and arbitrary code execution vulnerabilities in a tool from Huawei. Microsoft researchers discovered privilege escalation and arbitrary code execution vulnerabilities in a tool from Huawei, both flaws were classified as “high severity.” The experts discovered the flaws because the kernel sensors in Microsoft Defender Advanced Threat Protection (ATP) detected an […] | Tool Threat | ||
|
2019-03-25 21:08:03 | Operation ShadowHammer – Supply-Chain attack hit ASUS users (lien direct) | Operation ShadowHammer – ASUS is the last victim of a clamorous supply chain attack that delivered a backdoor to more than one million users, Kaspersky Lab reported. Over 1 million ASUS users may have been impacted by a supply chain attack that leveraged the ASUS Live Update utility to inject a backdoor in ASUS systems. […] | |||
|
2019-03-25 15:01:00 | Anubis II – malware and afterlife (lien direct) | Due to the growing demand for Android banking malware, threat actors continue using Anubis even is the creator has vanished. Introduction Besides being the Egyptian God associated with mummification and afterlife, Anubis is also an Android banking malware that has caused quite some trouble for over 300 financial institutions worldwide since 2017. Anubis II is […] | Malware Threat | ||
|
2019-03-25 13:26:05 | Free Tools: spotting APTs through Malware streams (lien direct) | Cyber security expert and founder of Yoroi has published a new tool that could be used to spot APTs (Advanced Persistent Threats) through Malware streams. There are many ways to spot Advanced Persistent Threats, for example during a forensic analysis on “high rate incident” or having sandbox systems on critical infrastructures or again working as […] | Malware Tool | ||
|
2019-03-25 12:11:05 | Hackers raised fake tornado alarms in two Texas towns (lien direct) | Hackers took control of the emergency tornado alarms in Texas causing the panic, it has happened on March 12th, at around 2:30 a.m., On March 12th, at around 2:30 a.m. in two towns in Texas (the DeSoto and Lancaster areas) hackers took control of the emergency tornado alarms causing the panic among residents. The alarms […] | |||
|
2019-03-25 09:49:05 | PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel (lien direct) | It is a battle with no holds barred between T-Series and PewDiePie, their fans are spreading the PewDiePie ransomware to force users to subscribe to PewDiePie Youtube channel. The story I’m going to tell you is another chapter of the battle between the most followed Youtuber T-Series and PewDiePie. T-Series is an Indian music company, […] | Ransomware | Uber | |
|
2019-03-25 07:42:03 | Telegram allows users to delete any sent/received message from both sides with no time limit (lien direct) | Telegram development team implemented a new feature that allows users to delete any received message from the sender’s device. Telegram announced a new feature to improve user privacy, the development team implemented a functionality that allows users to delete any received message from the sender’s device. Two years ago, Telegram introduced the “unsend” feature that […] | |||
|
2019-03-24 18:23:04 | Microsoft Defender APT now protects also macOS (lien direct) | Microsoft has announced the availability of Defender ATP Endpoint Security for Apple macOS Microsoft has announced the availability of Microsoft 365 advanced endpoint security solution across platforms, with the support of Apple Mac it added to Microsoft Defender Advanced Threat Protection (ATP). Microsoft Windows Defender ATP was first introduced in 2016 as a defensive solution […] | Threat | ||
|
2019-03-24 14:30:03 | Federal Emergency Management Agency\'s (FEMA) data leak exposes data of 2.3M survivors (lien direct) | The Federal Emergency Management Agency's (FEMA) has disclosed a data leak that exposed banking details and other personal information of 2.3 million survivors. In case of national disasters, the Federal Emergency Management Agency's (FEMA) offers a program called Transitional Sheltering Assistance (TSA) that provides shelter to survivors. News of the day is that FEMA has […] | |||
|
2019-03-24 11:55:05 | Security Affairs newsletter Round 206 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Experts uncovered a malspam campaign using Boeing 737 Max crashes gnosticplayers offers 26 Million new accounts for sale on the Dark Web Massive attacks bypass MFA on Office 365 […] | |||
|
2019-03-24 11:01:03 | (Déjà vu) WordPress Social Warfare plugin zero-day exploited in attacks (lien direct) | A Cross-Site Scripting (XSS) vulnerability in Social Warfare installations (v3.5.1 and v3.5.2) is actively exploited to add malicious redirects. The vulnerability in the WordPress plugin has been fixed with the release of the 3.5.3 version of the plugin. Vulnerable versions of the Social Warfare plugin are currently installed on more than 70,000 websites. The plugin […] | Vulnerability | ||
|
2019-03-24 09:56:01 | Malware Static Analysis (lien direct) | Malware researcher and founder of Yoroi Marco Ramilli shared a simple tool for malware static analysis he used to perform massive Malware analysis research. The following interface stands in front of a live engine which takes binary files and runs them against a plethora of hundreds of YARA rules. Some of them are publicly available […] | Malware Tool | ||
|
2019-03-23 12:28:03 | Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser (lien direct) | Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle's web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. The security experts Amat Cama and Richard Zhu of team […] | Tesla | ||
|
2019-03-22 20:53:05 | Medtronic\'s implantable heart defibrillators vulnerable to hack (lien direct) | The U.S. Department of Homeland Security Thursday issued a security advisory for multiple vulnerabilities affecting over a dozen heart defibrillators. Multiple vulnerabilities in the heart defibrillators could be exploited by attackers to remotely control the devices, potentially putting the lives of patients at risk. An implantable cardioverter-defibrillator (ICD) is a device implantable inside the human […] | Hack | ||
|
2019-03-22 14:58:02 | Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series (lien direct) | Cisco released security updates to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco released security patches to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco IP Phone 8800 series are business desk phones […] | |||
|
2019-03-22 09:46:05 | (Déjà vu) Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks (lien direct) | On the second day of the Pwn2Own 2019 hacking competition, white hat hackers earned a total of $270,000 for exploits against the Mozilla Firefox and Microsoft Edge web browsers. Day 2 at Pwn2Own 2019 hacking competition – White hat hackers earned $270,000 for exploits against the Mozilla Firefox and Microsoft Edge browsers. The security duo […] | |||
|
2019-03-22 08:34:05 | FIN7 is back with a previously unseen SQLRat malware (lien direct) | The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak) used new malware in a recent hacking campaign. The group that has been active since late 2015 targeted businesses worldwide to […] | Malware | ||
|
2019-03-21 21:54:03 | (Déjà vu) Facebook passwords stored in plain text, hundreds of millions users affected (lien direct) | News problems for Facebook that admitted to have stored the passwords of hundreds of millions of users in plain text. Facebook revealed to have stored the passwords of hundreds of millions of users in plain text, including passwords of Facebook Lite, Facebook, and Instagram users. “As part of a routine security review in January, we […] |
To see everything:
Our RSS (filtrered)
