What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-12 19:04:32 | Microsoft fixes CVE-2020-0796, the SMBv3 wormable bug recently leaked (lien direct) | Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. Microsoft has released security updates to address the CVE-2020-0796 vulnerability in SMBv3 protocol that could be exploited by vxers to implement “wormable” malware. On March 10, 2019, Microsoft accidentally leaked info on a security update for […] | Vulnerability | ||
|
2020-03-12 17:18:13 | Card data stole from the Volusion security breach surfaces on the dark web (lien direct) | Security experts have discovered that card data stolen last year from Volusion-hosted online stores is now available for sale on the dark web. Experts from the threat intel firm Gemini Advisory have discovered that card data stolen last year from Volusion-hosted online stores have surfaced on the dark web. Volusion is a privately-held technology company that […] | Threat | ||
|
2020-03-12 14:59:24 | Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors (lien direct) | Flaws Riddle Zyxel's Network Management Software Experts have found tens of security vulnerabilities in Zyxel Network Management Software, including backdoors and hardcoded SSH keys. Security researchers Pierre Kim and Alexandre Torres have discovered several vulnerabilities Zyxel Cloud CNM SecuManager software that could expose users to cyber attacks. The Zyxel Cloud CNM SecuManager is a comprehensive […] | |||
|
2020-03-12 12:54:15 | Hacking a network, using an \'invisibility cloak\' – Is it that simple? (lien direct) | Security experts describe a real attack case that sees the attackers using a small, unidentified hardware device to hack into the target network. Is it possible to hack into a network using a sort of invisibility cloak? The short answer is, YES it is. We came to this conclusion after analyzing an incident after an […] | Hack | ||
|
2020-03-12 09:24:49 | Talos found tens of dangerous flaws in WAGO Controllers (lien direct) | Cisco Talos experts discovered tens of flaws in WAGO products that expose controllers and human-machine interface (HMI) panels to remote attacks. Talos and Germany's VDE CERT this week published advisories describing roughly 30 vulnerabilities identified in devices made by WAGO, a German company specializing in electrical connection and automation solutions. The vulnerabilities affect PFC100 and PFC200 programmable […] | |||
|
2020-03-11 23:26:39 | Avast disables the JavaScript engine component due to a severe issue (lien direct) | Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. The Antivirus maker Avast has disabled a major component of its antivirus engine to address a severe vulnerability that would have allowed attackers to hack into users’ PCs. The issue […] | Hack Vulnerability | ||
|
2020-03-11 21:27:02 | RCE in popular ThemeREX WordPress Plugin has been actively exploited (lien direct) | The WordPress plugin ‘ThemeREX Addons’ is affected by a critical vulnerability that could allow remote attackers to execute arbitrary code. A critical vulnerability in the WordPress plugin known as ThemeREX Addons could be exploited for remote code execution. The plugin is currently installed on tens of thousands of websites and according to the security firm […] | Vulnerability | ||
|
2020-03-11 15:58:17 | Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached (lien direct) | The European Network of Transmission System Operators for Electricity (ENTSO-E) disclose a security breach this week. The European Network of Transmission System Operators for Electricity (ENTSO-E) revealed this week that threat actors penetrated its network. ENTSO-E, the European Network of Transmission System Operators, represents 43 electricity transmission system operators (TSOs) from 36 countries across Europe, […] | Threat | ||
|
2020-03-11 13:06:30 | Bugs in Avast AntiTrack expose users to cyber attacks (lien direct) | A flaw in the impacting Avast and AVG AntiTrack privacy software could expose users to browser hijacking and Man-in-The-Middle (MiTM) attacks. Security expert David Eade has discovered a vulnerability (CVE-2020-8987) in Avast and AVG AntiTrack privacy software that could expose end-users to Man-in-The-Middle (MiTM) attacks, browser session hijack, with consequent exposure of sensitive data. “A […] | Vulnerability | ||
|
2020-03-11 09:56:29 | Microsoft\'s Patch Tuesday updates for March 2020 fix 115 issues (lien direct) | Microsoft's Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues have been rated as critical severity. Microsoft's Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues affecting Windows, Word, Dynamics Business Central, Edge, and Internet Explorer have been rated as critical severity. Microsoft's Patch Tuesday updates for March 2020 also address […] | |||
|
2020-03-10 22:53:40 | Microsoft accidentally reveals Wormable Win SMBv3 CVE-2020-0796 Flaw (lien direct) | Today Microsoft accidentally leaked info about a new wormable vulnerability (CVE-2020-0796) in the Microsoft Server Message Block (SMB) protocol. Today Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server […] | Vulnerability | ||
|
2020-03-10 21:10:28 | Microsoft disrupted US-Based Infrastructure of the Necurs botnet (lien direct) | Microsoft announced that it took over the US-based infrastructure used by the infamous Necurs spam botnet that infected millions of computers. Microsoft announced to have taken over the US-based infrastructure used by the Necurs botnet. The IT giant explained that success is the result of a coordinated legal and technical joint effort to disrupt the Necurs […] | Spam | ||
|
2020-03-10 15:40:19 | Hackers use hackers spreading tainted hacking tools in long-running campaign (lien direct) | Who is hacking the hackers? Experts from Cybereason a mysterious hackers group is targeting other hackers by spreading tainted hacking tools. Experts from security firm Cybereason warn of a mysterious group of hackers that are distributing trojanized hacking tools on an almost daily basis for the past years. These hacking tools are used by fellow […] | |||
|
2020-03-10 12:18:34 | FBI arrested a Russian citizen suspected to be the mastermind of Deer.io (lien direct) | The FBI announced the arrest of a Russian national that is suspected to be the mastermind behind Deer.io, a Shopify-like platform. The FBI arrested Kirill Victorovich Firsov, the alleged main operator behind Deer.io which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen […] | |||
|
2020-03-10 10:13:14 | Microsoft warns of Human-Operated Ransomware as a growing threat to businesses (lien direct) | Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. In human-operated ransomware attack scenario, attackers use stolen credentials, exploit misconfiguration and vulnerabilities to access target networks, […] | Ransomware Threat | ||
|
2020-03-09 22:14:09 | Former CIA employee Joshua Schulte was convicted of only minor charges (lien direct) | Joshua Schulte, the former CIA employee accused of leaking secret agency's hacking tools to WikiLeaks was convicted of only minor charges Joshua Schulte, the former CIA software engineer that was accused of stealing the agency's hacking tools and leaking them to WikiLeaks, was convicted of only minor charges. On November 2018, Joshua Adam Schulte was charged with 13 […] | |||
|
2020-03-09 16:44:10 | Revista Factum suffered week-long cyber attacks for denouncing corruption by the president of El Salvador (lien direct) | Revista Factum was under prolonged cyber attacks for denouncing corruption, the government of El Salvador had banned it. The government of El Salvador had banned Factum Magazine from attending its press conferences and was subjecting them to a smear campaign The alleged perpetrator of the attacks has been identified as a computer engineer acting, from […] | |||
|
2020-03-09 14:52:04 | Australia\'s privacy watchdog sues Facebook over Cambridge Analytica scandal (lien direct) | Aussie privacy watchdog sues Facebook over alleged “systematic failures” exposing Australians to Cambridge Analytica privacy scandal. Australia’s privacy watchdog, the Office of the Australian Information Commissioner, sues Facebook for alleged “systematic failures” exposing more than 300,000 Australians to the Cambridge Analytica privacy scandal. Australia is the last country in order of time to announce a […] | |||
|
2020-03-09 11:43:52 | (Déjà vu) Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw (lien direct) | Multiple state-sponsored hacking groups are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers. Cybersecurity firm Volexity is warning that nation-state actors are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers tracked as CVE-2020-0688. The experts did not provide details on the threat actors that are exploiting the […] | Vulnerability Threat | ||
|
2020-03-09 08:00:18 | (Déjà vu) Sodinokibi Ransomware operators threaten to leak \'dirty\' financial data of a company (lien direct) | Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous Sodinokibi Ransomware are threatening to publicly release the “dirty” financial secrets of a company that refused to pay the ransom. In December, for the first time, the crime gang behind the Maze […] | Ransomware | ||
|
2020-03-08 20:38:02 | The City of Durham shut down its network after Ryuk Ransomware attack (lien direct) | The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend. According to the local media, the City […] | Ransomware | ||
|
2020-03-08 17:28:04 | Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers (lien direct) | Netgear is warning users of a critical remote code execution flaw that could allow an unauthenticated attacker to take control of its wireless routers. Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. […] | Vulnerability | ||
|
2020-03-08 14:31:11 | New Coronavirus-themed malspam campaign delivers FormBook Malware (lien direct) | Experts uncovered a new Coronavirus (COVID-19)-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. The campaign uses emails that pretend being sent by members of the World Health Organization (WHO), the messages […] | Malware | ||
|
2020-03-08 10:23:46 | Security Affairs newsletter Round 254 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs 49 million unique email addresses of Straffic Marketing firm exposed online Russian spies are attempting to tap transatlantic undersea cables $1B to help telecom carriers to rip and replace Huawei and ZTE equipment Karkoff 2020: a new APT34 […] | APT 34 | ||
|
2020-03-08 09:43:04 | Facebook sues Namecheap to protect people from domain name fraud (lien direct) | Facebook has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service over fraudulent domains Facebook announced this week that it has filed a lawsuit against domain registrar Namecheap and its Whoisguard privacy protection service because it has refused to provide information on a series of fraudulent domains. Fraudulent domains are often […] | |||
|
2020-03-07 15:47:13 | EVRAZ operations in North America disrupted by Ryuk ransomware (lien direct) | Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, […] | Ransomware | ||
|
2020-03-07 13:25:11 | CVE-2019-0090 flaw affects Intel Chips released in the last 5 years (lien direct) | A new vulnerability, tracked as CVE-2019-0090, affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years. The flaw is currently defined as unpatchable and could […] | |||
|
2020-03-07 07:50:20 | Travel leisure company Carnival Corporation discloses data breach (lien direct) | The world’s largest travel leisure company Carnival Corporation discloses a data breach that took place last year and which exposed the personal information of its customers. Carnival Corporation, the world’s largest travel leisure company, discloses a data breach that took place in 2019. The company is informing customers of the incident, a third-party gained unauthorized access […] | Data Breach | ||
|
2020-03-06 18:56:10 | Expert publicly discloses Zoho ManageEngine zero-day on Twitter (lien direct) | A security researcher has disclosed details and PoC code for a zero-day vulnerability in the Zoho ManageEngine product via Twitter. A security expert has disclosed details about a zero-day vulnerability in a Zoho enterprise product via Twitter, a circumstance that could cause serious problems to customers of the company. The flaw affects Zoho ManageEngine Desktop Central […] | Vulnerability | ||
|
2020-03-06 13:23:37 | (Déjà vu) TrickBot targets Italy using fake WHO Coronavirus emails as bait (lien direct) | Crooks continue to exploit the attention on the Coronavirus (COVID-19) outbreak, TrickBot operators target Italian users. A new spam campaign is targeting users in Italy by exploiting the interest on Coronavirus (COVID-19) in the attempt of delivering the TrickBot information-stealing malware. Crooks are attempting to exploit the fear of users of becoming infected with the Coronavirus, […] | Spam | ||
|
2020-03-06 10:58:05 | Virgin Media disclose data breach, over 900,000 Customers impacted (lien direct) | Virgin Media discloses a data breach that exposed the personal information of roughly 900,000 of its customers. Virgin Media discloses a data breach that exposed the personal information of approximately 900,000 customers (names, home, and email addresses and phone numbers). The company reported unauthorized access, on at least one occasion, to a misconfigured and unsecured marketing […] | Data Breach | ||
|
2020-03-06 09:08:39 | Most of Linux distros affected by a critical RCE in PPP Daemon flaw (lien direct) | A critical remote code execution vulnerability affecting the PPP Daemon exposes most Linux systems to cyber attacks. A 17-year-old critical remote code execution vulnerability affecting the PPP Daemon software exposes most Linux systems to hack. The US-CERT issued a security advisory warning users of the RCE in the PPP daemon (pppd) software that is part of almost […] | Vulnerability | ||
|
2020-03-05 20:01:41 | Malware campaign employs fake security certificate updates (lien direct) | Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. Security experts from Kaspersky Lab discovered spotted a new attack technique used by crooks to distribute malware by tricking victims into installing a malicious “security certificate update” when they visit compromised websites. We […] | Malware | ||
|
2020-03-05 13:52:18 | Hackers gained access to T-Mobile customers and employee personal info (lien direct) | New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees […] | Data Breach | ||
|
2020-03-05 12:04:20 | Hundreds of Microsoft sub-domains open to hijacking (lien direct) | Security researchers demonstrated that hundreds of sub-domains belonging to Microsoft could potentially be hijacked and abused to deliver malware and for phishing attacks. Researchers have devised another way to carry out an attack, for example, inviting victims to download a fake update from an apparently trusted URL such as mybrowser.microsoft.com. Security researchers Numan Ozdemir and […] | Malware | ||
|
2020-03-05 08:56:25 | Cisco addresses high severity RCE flaws in Webex Player (lien direct) | Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player. The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […] | |||
|
2020-03-05 08:23:32 | Most of the attacks on Telecom Sector in 2019 were carried out by China-linked hackers (lien direct) | China-linked cyber espionage groups increasingly targeted organizations in the telecommunications industry in 2019. According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Experts monitored operations carried out by nation-state actors and financially-motivated attackers. Most of the attacks against organizations in the telecom sector […] | Threat | ||
|
2020-03-04 15:12:44 | Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware (lien direct) | Data-stealing ransomware infected systems at Visser Precision, a parts maker for many enterprises, including Tesla, Boeing, and Lockheed Martin. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. The company disclosed a ransomware attack that might have exposed data related to multiple business partners, including Tesla, […] | Ransomware | ||
|
2020-03-04 13:04:30 | Iranian government blocked Wikipedia Farsi due Coronavirus outbreak (lien direct) | The Coronavirus outbreak is a global emergency, in the last hours Iran is one of the countries with the highest number of infections and Wikipedia Farsi was blocked as fears spread. The NetBlocks internet observatory, which tracks disruptions and shutdowns, revealed that Iran has blocked access to the Farsi (Persian) language edition of the Wikipedia online […] | |||
|
2020-03-04 11:14:54 | Let\'s Encrypt CA is revoking over 3 Million TLS certificates due to a bug (lien direct) | Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. Let’s Encrypt certificate authority (CA) is going to revoke over 3 million certificates today due to a vulnerability in software used to verify users and their […] | Vulnerability | ||
|
2020-03-04 09:50:09 | Google addresses over 70 flaws in Android, including a remotely exploitable issue (lien direct) | Google's March 2020 security updates for Android address over 70 flaws, including a critical vulnerability that affects the media framework. Google's March 2020 security updates for Android include the fix for a critical vulnerability, tracked as CVE-2020-0032, that affects the media framework as part of the 2020-03-01 security patch level. The 2020-03-01 security patch level fixed 11 vulnerabilities […] | Vulnerability | ★★★★★ | |
|
2020-03-04 08:20:19 | CIA Hacking unit APT-C-39 hit China since 2008 (lien direct) | Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. According to the firm, the US cyber spies are targeting various industry sectors […] | |||
|
2020-03-03 18:48:42 | The North Korean Kimsuky APT threatens South Korea evolving its TTPs (lien direct) | Cybaze-Yoroi ZLab analyzed a new implant employed by a North Korea-linked APT group, tracked as Kimsuky, in attacks on South Korea. Introduction Recently we have observed a significant increase in state-sponsored operations carried out by threat actors worldwide. APT34, Gamaredon, and Transparent Tribe are a few samples of the recently uncovered campaigns, the latter was spotted after four […] | Threat | APT 34 APT 36 | |
|
2020-03-03 15:38:10 | Nemty ransomware operators launch their data leak site (lien direct) | The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files […] | Ransomware Malware Threat | ||
|
2020-03-03 13:18:24 | US officials charge two Chinese men for laundering cryptocurrency for North Korea (lien direct) | The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. The US Treasury Department and the Department of Justice have imposed sanctions and charged two Chinese nationals, Tian Yinyin ( 田寅寅) and Li Jiadong (李家东), for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been […] | |||
|
2020-03-03 09:07:42 | Cisco offers free 90-day Webex Licenses due to coronavirus outbreak (lien direct) | Cisco has decided to extend its business licenses for the free Webex account that will be available for 90-day due to Coronavirus/COVID-19 outbreak. Cisco has announced an enhancement of its free Webex account offerings and is offering free 90-day business licenses to limit the spread of Coronavirus. WebEx is a popular web conferencing and videoconferencing […] | |||
|
2020-03-03 08:29:05 | A bug in the Walgreens mobile app leaked customers\' messages (lien direct) | Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. Pharmacy store chain Walgreens has disclosed a data breach that impacted some customers of its mobile application. The mobile app allows users to refill prescriptions by scanning barcode, manage medications with Pill Reminder, set Rx alerts for refills […] | Data Breach | ||
|
2020-03-03 07:58:57 | Experts warn of mass scans for Apache Tomcat Ghostcat flaw (lien direct) | Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […] | Vulnerability | ||
|
2020-03-02 19:19:39 | Karkoff 2020: a new APT34 espionage operation involves Lebanon Government (lien direct) | Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group.Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group. Introduction In November 2018, researchers from Cisco Talos […] | APT 34 | ||
|
2020-03-02 14:57:23 | SurfingAttack – hacking phones via ultrasonic waves (lien direct) | SurfingAttack is an attacking technique that allows to wake up mobile device and control them using voice commands encoded in ultrasonic waves. SurfingAttack is a hacking technique that sees voice commands encoded in ultrasonic waves silently activate a mobile phone’s digital assistant. The technique could be used to do several actions such as making phone […] |
To see everything:
Our RSS (filtrered)
