What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-14 21:10:00 | Experts spotted a new strain of Shlayer macOS Malware (lien direct) | Security experts at Carbon Black have recently discovered a new strain of the Shlayer malware that targets macOS versions. Security experts at Carbon Black have recently spotted a new strain of the Shlayer malware that targets MacOS versions from 10.10.5 up to 10.14.3. The malware poses as an Adobe Flash update it was distributed through […] | Malware | ||
|
2019-02-14 15:26:03 | SAP security fixes address Critical flaw in SAP HANA XSA (lien direct) | SAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. This week SAP addressed 13 vulnerabilities in its products with the released of the February 2019 set of security fixes, including a Hot News flaw in SAP HANA Extended […] | |||
|
2019-02-14 08:31:02 | Bank of Valletta shut down its operations after a cyber attack (lien direct) | Bank of Valletta, the largest bank of Malta was hit by a cyber attack, attackers attempted to steal 13 million euros ($14.7 million). Bank of Valletta the largest bank in Malta that accounts for almost half of banking transactions in the country, had to shut down its operations on Wednesday after hackers attempted to withdraw 13 […] | |||
|
2019-02-14 07:55:01 | 0patch released micropatch for code execution flaw in OpenOffice (lien direct) | Experts at ACROS Security's 0patch released an unofficial patch for a recently disclosed remote code execution vulnerability in the Apache OpenOffice suite. ACROS Security's 0patch released an unofficial patch for a path traversal flaw recently disclosed in the Apache OpenOffice suite. The security researcher Alex Inführ discovered a severe remote code execution vulnerability in LibreOffice […] | Vulnerability | ||
|
2019-02-13 21:41:01 | Ubuntu snapd flaw allows getting root access to the system. (lien direct) | Expert discovered a privilege escalation vulnerability in default installations of Ubuntu Linux that resides in the snapd API. Security researcher Chris Moberly discovered a vulnerability in the REST API for Canonical’s snapd daemon that could allow attackers to gain root access on Linux machines. Canonical, the makers of Ubuntu Linux, promotes their “Snap” packages to roll all […] | Vulnerability | ||
|
2019-02-13 13:17:04 | Experts found a way to create a super-malware implanted in SGX-enclaves (lien direct) | Researchers devised a new technique to hide malware in the security Intel SGX enclaves, making it impossible to detect by several security technologies. Security researchers devised a new technique to hide malware in the security Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a technology for application developers that allows protecting select code and data […] | Malware | ||
|
2019-02-13 11:23:00 | Malicious PDF Analysis (lien direct) | In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the […] | |||
|
2019-02-13 10:24:05 | Hacker deleted all data from VFEmail Servers, including backups (lien direct) | A destructive cyberattack hit the email provider VFEmail, a hacker wiped its servers in the United States, including the backup systems. An unknown attacker has launched a destructive cyber attack against the email provider VFEmail, he erased information on its server including backups, 18 years’ worth of customer emails were lost. “We have suffered catastrophic […] | |||
|
2019-02-13 06:21:04 | (Déjà vu) Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-Day (lien direct) | Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, including an Internet Explorer issue that has been exploited in attacks. Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, 20 critical vulnerabilities, 54 important and 3 moderate in severity. One of the issue fixed by the tech giant is […] | |||
|
2019-02-12 18:09:03 | Gootkit: Unveiling the Hidden Link with AZORult (lien direct) | Cybaze-Yoroi ZLAB revealed interesting a hidden connection between the AZORult toolkit and specific Gootkit payload. Introduction In the last days, a huge attack campaign hit several organizations across the Italian cyberspace, as stated on bulletin N020219 the attack waves tried to impersonate legit communication from a known Express Courier. However, a deeper analysis by Cybaze-Yoroi ZLAB revealed interesting hidden aspects, […] | |||
|
2019-02-12 14:12:00 | Micropatch prevents malicious PDFs from Calling Home (lien direct) | The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF docs to call home and send over the victim’s NTLM hash.The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF documents to call home and send over the victim’s NTLM hash. The 0patch experts […] | |||
|
2019-02-12 07:58:03 | 620 million accounts stolen from 16 hacked websites available for sale on the dark web (lien direct) | 620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. The advertising for the sale of the huge trove […] | |||
|
2019-02-12 06:53:03 | Docker runc flaw opens the door to a \'Doomsday scenario\' (lien direct) | Security experts found a serious flaw tracked CVE-2019-5736 affecting runc, the default container runtime for Docker, containerd, Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc, the default container runtime for Docker, containerd, Podman, and CRI-O. The vulnerability was discovered by the security researchers […] | Vulnerability | ||
|
2019-02-11 20:41:05 | MetaMask app on Google Play was a Clipboard Hijacker (lien direct) | Security researcher Lukas Stefanko from ESET discovered the first Android cryptocurrency clipboard hijacker impersonating MetaMask on the official Google Play store. The rogue MetaMask app is a Clipboard Hikacker that monitors a device’s clipboard for Bitcoin and Ethereum addresses and replaces them with addresses of wallets under the control of the attacker. Using this trick the attackers can transfers funds […] | |||
|
2019-02-11 14:50:05 | A mysterious code prevents QNAP NAS devices to be updated (lien direct) | Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the users, the […] | Malware | ||
|
2019-02-11 09:22:03 | Password Checkup Chrome extension warns users about compromised logins (lien direct) | Google has released a new extension for Chrome dubbed Password Checkup that will alert users if their username/password combinations were leaked online as part of a dump after a data breach. Last week Google released Password Checkup a Chrome extension that warns users about compromised logins every time they will enter login credentials on a […] | |||
|
2019-02-11 07:42:05 | Thousands of RDM refrigeration systems exposed online are at risk (lien direct) | Experts from Safety Detective discovered thousands of refrigeration systems made by Resource Data Management (RDM) exposed to remote attacks. Thousands of instances of a temperature control system made by Resource Data Management (RDM) are exposed to remote attacks because they were using default passwords and failed in implementing other security measures. The vulnerable instances are used […] | ★★★★ | ||
|
2019-02-10 20:42:00 | Adiantum will bring encryption on Android devices without cryptographic acceleration (lien direct) | Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. “Adiantum is an innovation in cryptography designed to make storage encryption more efficient for devices without cryptographic acceleration, to ensure that all devices can be encrypted.” reads the […] | |||
|
2019-02-10 17:16:04 | Google open sourced the ClusterFuzz fuzzing platform (lien direct) | Google has open sourced ClusterFuzz, its fuzzing infrastructure it has developed to find memory corruption vulnerabilities in Chrome. Google has open sourced its fuzzing infrastructure ClusterFuzz that the tech giant developed to find memory corruption bugs in the Chrome browser. ClusterFuzz is a scalable fuzzing tool that can run on clusters with more than 25,000 cores. […] | Tool | ||
|
2019-02-10 14:18:00 | New Linux coin miner kills competing malware to maximize profits (lien direct) | Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner. Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner, researchers observed it killing other Linux malware […] | Malware | ||
|
2019-02-10 12:32:00 | (Déjà vu) Security Affairs newsletter Round 200 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Can Enterprises execute a GRC Movement? Experts observed […] | ★★★ | ||
|
2019-02-09 14:29:03 | GandCrab ransomware campaign targets Italy using steganography (lien direct) | A newly discovered malware campaign leverages steganography to hide GandCrab ransomware in an apparently innocent Mario image. Security experts at Bromium have discovered a malware campaign using steganography to hide the GandCrab ransomware in a Mario graphic package. According to Matthew Rowan, a researcher at Bromium, threat actors use steganography to hide the malicious code and […] | Ransomware Malware Threat | ||
|
2019-02-09 08:50:05 | Exclusive – MalwareMustDie Team analyzed the Cayosin Botnet and its criminal ecosystem (lien direct) | Cayosin Botnet: a deeper look at this threat supported by the psychological profile of the “youngsters-wannabe-hackers” Rolex boasters Money, botnet as service business and coding on the dark side of the life: “At this point of my life… if it doesn't make me money, I don't make time for it”, is stated in the picture […] | Threat | ||
|
2019-02-08 15:11:04 | NITEC19 – NATO Opens Defense Innovation Challenge calls for C4ISR solutions (lien direct) | The NATO Communications and Information Agency (NCI) announced the opening of the fourth annual Defense Innovation Challenge (NITEC19) to start-ups, SMEs and academia. The Agency calls for proposals on solutions that could support NATO’s command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and of course to improve cyber capabilities. According to the official website, […] | |||
|
2019-02-08 13:33:02 | Phishing campaign leverages Google Translate as camouflage (lien direct) | Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. The security expert Larry Cashdollar, a member of Akamai’s Security Intelligence Response Team (SIRT), discovered that cybercriminals are carrying out a new Phishing attack that leverages Google Translate as camouflage. The phishing campaign […] | |||
|
2019-02-08 11:34:05 | Three out of the four flaws fixed with iOS 12.1.4 were exploited in the wild (lien direct) | Security experts at Google discovered that two of the zero-day vulnerabilities patched by Apple with the release of iOS 12.1.4 were exploited in the wild. Security researchers at Google revealed that two of the zero-day flaws addressed by Apple with the release of iOS 12.1.4 were exploited in the wild. Apple iOS 12.1.4 version addresses […] | |||
|
2019-02-08 10:36:04 | Hackers broke into Australia\'s Parliament Computer Network (lien direct) | Australia’s parliament confirmed that is investigating a suspicious security incident that affected its computer network. Australia announced an ongoing investigation on unspecified ‘security incident’ in the federal parliament’s computer network. “Following a security incident on the parliamentary computing network, a number of measures have been implemented to protect the network and its users,” parliamentary authorities […] | |||
|
2019-02-08 08:08:03 | Vulnerabilities in Kunbus Industrial Gateway allows to control the devices (lien direct) | Security of Industrial system is a top priority, experts found multiple serious flaws in a gateway made by Kunbus that could allow to completely control a device Nicolas Merle from industrial cybersecurity firm Applied Risk discovered several flaws in a gateway produced by the Germany-based firm Kunbus, some of them could allow an attacker to […] | |||
|
2019-02-07 13:55:00 | Expert publicly disclosed the existence of 0day flaw in macOS Mojave (lien direct) | A zero-day vulnerability in macOS Mojave can be exploited by malware to steal plaintext passwords from the Keychain. The security expert Linus Henze has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the Keychain. According to Henze, the flaw affects macOS Mojave […] | Malware Vulnerability | ||
|
2019-02-07 11:00:04 | Ursnif: Long Live the Steganography and AtomBombing! (lien direct) | Yoroi ZLab – Cybaze uncovered a new wave of Ursnif attacks using a variant that implements an exotic process injection technique called AtomBombing Another wave of Ursnif attacks hits Italy. Ursnif is one of the most active banking trojans. It is also known as GOZI, in fact, it is a fork of the original Gozi-ISFB banking Trojan that […] | |||
|
2019-02-07 06:28:05 | Android devices could be hacked by viewing a malicious PNG Image (lien direct) | Google patched a critical flaw in its Android OS that allows an attacker to send a specially crafted PNG image file to hack a target device, Opening an image file on your smartphone could allow attackers to hack into your Android device due to three critical vulnerabilities, CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988. The flaws affect millions […] | Hack | ||
|
2019-02-06 15:16:02 | Security expert Marco Ramilli released for free the Malware Hunter tool (lien direct) | Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.. I'v been working on cybersecurity for most than 10 years. During my […] | Malware Tool | ||
|
2019-02-01 18:28:03 | US authorities aim to dismantle North Korea\'s Joanap Botnet (lien direct) | FBI and Air Force experts are sinkholing the Joanap botnet to collect information about it and dismantle the malicious infrastrcuture. The U.S. Justice Department declares war to the Joanap Botnet that is associated with North Korea. The U.S. DoJ announced this week that it is working to dismantle the infamous Joanap botnet, a malicious infrastructure […] | |||
|
2019-02-01 16:46:00 | The return of the AdvisorsBot malware (lien direct) | Security experts at Cybaze– Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Today, weaponized Microsoft office documents with macros, are one of the most common and more effective methods to […] | Malware | ||
|
2019-02-01 09:04:02 | State Bank of India left archive with millions of Customer messages exposed (lien direct) | Another data breach made the headlines, this time the victim is the State Bank of India that left a database containing personal information exposed online. The State Bank of India that left a database containing personal information exposed online. The discovery was made by an anonymous security researcher that has found a server used for […] | Data Breach | ||
|
2019-02-01 06:49:01 | Facebook dismantled a vast manipulation campaign tied to Iran (lien direct) | Facebook took down hundreds of fake accounts from Iran that were involved in a vast manipulation campaign active in more than 20 countries. Facebook took down 783 inauthentic accounts, pages and groups from Iran that were involved in a vast manipulation campaign active in more than 20 countries. “The world’s biggest social network said it […] | |||
|
2019-01-31 20:55:03 | CookieMiner Mac Malware steals browser cookies and sensitive Data (lien direct) | Palo Alto Networks discovered a piece of Mac malware dubbed CookieMiner that is targeting browser cookies associated with cryptocurrency exchanges and wallet service websites.. Researchers from Palo Alto Networks discovered a new piece of Mac malware dubbed CookieMiner that steals browser cookies associated with cryptocurrency exchanges and wallet service websites along with other sensitive data. […] | Malware | ||
|
2019-01-31 15:13:00 | Airbus data breach exposes some employees\'data (lien direct) | The European airplane manufacturer Airbus announced to have suffered a data breach that exposed some employees’ data. The European airplane manufacturer Airbus announced to have suffered a data breach, hackers broke into the company “Commercial Aircraft business” information systems and gained access to some of its employees’ personal information. “Airbus SE (stock exchange symbol: AIR) […] | Data Breach | ||
|
2019-01-31 13:55:01 | Researchers published the PoC exploit code for Linux SystemD bugs (lien direct) | Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January.Security researchers at the security firm Capsule8 have published exploit code for the vulnerabilities in Linux systemD disclosed in January. Early this month, security firm Qualys disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a […] | |||
|
2019-01-31 11:23:00 | Exclusive: spreading CSV Malware via Google Sheets (lien direct) | Cyber security expert Marco Ramilli, founder of Yoroi,discovered a way to spread CSV malware via Google Sheets … but Big G says it is anIntended behavior A .CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in […] | Malware | ||
|
2019-01-31 07:28:05 | Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever (lien direct) | Imperva mitigated a SYN flood DDoS attack against one of its clients that exceeded 500 million packets per second, this is the largest ever. Earlier this month, the cyber security software and services company Imperva mitigated an attack against one of its clients that exceeded 500 million packets per second. This attack was a SYN […] | |||
|
2019-01-30 22:11:01 | Skyscanner launches a public bug bounty program (lien direct) | The popular travel search website Skyscanner is going to launch a bug bounty program, the company will pay up to $2,000 per vulnerability. The travel search website Skyscanner announced a public bug bounty program that will pay up to $2,000 per vulnerability. Skyscanner has been running a private bug bounty program that according to the […] | |||
|
2019-01-30 15:32:01 | Facebook paid teens $20 to install a Research App that spies on them (lien direct) | Facebook is paying teens $20 a month to use its VPN app, called Facebook Research, that monitors their activity via their mobile devices.Facebook is paying teens $20 a month to use its VPN app, called Facebook Research, that monitors their activity via the mobile devices. 2018 was a terrible year for Facebook that was in […] | |||
|
2019-01-30 11:28:00 | Reading the ENISA Threat Landscape Report 2018 (lien direct) | According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. I’m proud to present you the ENISA Threat Landscape Report 2018, the annual report published by the ENISA ETL group that provides insights on the evolution of the cyber […] | Threat | ||
|
2019-01-30 08:58:00 | Iran-Linked APT39 group use off-the-shelf tools to steal data (lien direct) | An Iran-linked cyber-espionage group tracked as APT39 is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools. The APT39 cyberespionage group is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools. The group has been active at least since November 2014, its operations are aligned […] | Prediction | APT 39 | |
|
2019-01-30 07:28:05 | Sofacy\'s Zepakab Downloader Spotted In-The-Wild (lien direct) | In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign leveraging the Zepakab Downloader. In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign discovered in January 2019. The sample has been initially identified by an Italian independent security researcher, who warned the InfoSec community and shared the binary for further […] | APT 28 | ||
|
2019-01-29 21:39:00 | Netanyahu accuses Iran of cyber attacks carried out daily (lien direct) | Israeli Prime Minister Benjamin Netanyahu accuses Iran of launching cyber-attacks on its country with a daily basis. Prime Minister Benjamin Netanyahu revealed that Iran launched cyber-attacks on Israel on a daily basis, but its experts are able to block them. “Iran attacks Israel on a daily basis,” Netanyahu declared during a cyber conference in Tel Aviv. […] | |||
|
2019-01-29 18:14:04 | Law enforcement worldwide hunting users of DDoS-for-Hire services (lien direct) | Europol and law enforcement agencies worldwide are investigating DDoS-for-hire services and hunting users that paid them to carry out cyber attacks. In April 2018, an international operation conducted by the European law enforcement agencies led by the UK's National Crime Agency (NCA) and the Dutch Police, with the help of Europol, took down the world's […] | |||
|
2019-01-29 14:00:00 | US DoJ charges Huawei sanctions violations and in technology espionage (lien direct) | The US Justice Department charges the Chinese telecommunications giant Huawei in technology theft and violation of sanctions. The US Justice Department charges the Chinese telecommunications giant Huawei in two cases, including the one that led the arrest of a top executive in Canada on a US warrant. According to the US DoJ, the charges are […] | |||
|
2019-01-29 09:47:02 | Disable FaceTime, a bug lets you hear a person\'s audio before he answers (lien direct) | A major vulnerability in the Apple FaceTime lets you hear the audio of the person you are calling … before they pick up the call. iPhone, iPad, or Mac users might disable FaceTime to avoid being spied through their devices. Experts warn that it is possible to call someone via FaceTime and listen via the […] | Vulnerability |
To see everything:
Our RSS (filtrered)
