What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-01-02 19:44:05 | Cloud Hosting Provider DataResolution.net hit by the Ryuk ransomware (lien direct) | The Cloud hosting provider Dataresolution.net was hit by a ransomware-based attack on Christmas Eve that took down its systems. Data Resolution LLC provides software hosting, business continuity systems, cloud computing, and data center services to more serves than 30,000 businesses worldwide, The news was first reported by the popular investigator Brian Krebs on KrebsOnSecurity, the company believe […] | Ransomware | ||
|
2019-01-02 13:51:00 | wget utility potential leaked password via extended filesystem attributes (lien direct) | Developers that include the GNU’s wget utility in their applications have to use the new version that was released on Boxing Day. GNU Wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from […] | |||
|
2019-01-02 11:20:02 | Hackers stole $750,000 worth Bitcoin from Electrum wallets (lien direct) | The latest attack of 2018 against cryptocurrency wallets and organizations in the cryptocurrency industry hit the popular Electrum wallets. Hackers hit Electrum Bitcoin wallet and stole over 200 bitcoin, more than $750,000. The attack started on December 21th, 2018, and hackers leveraged a critical vulnerability that was addressed in early 2018. The vulnerability could be […] | Vulnerability | ||
|
2019-01-02 09:12:05 | Experts analyzed the distribution technique used in a recent Emotet campaign (lien direct) | ESET analyzed the distribution technique used by cyber criminals in new Emotet campaign that has recently affected various countries in Latin America. In November, experts from ESET uncovered a massive spam campaign that was distributing the Emotet malware. The campaign targeted several users in some Latin American countries and ESET shared details on the propagation used […] | Spam | ||
|
2019-01-01 14:21:01 | Experts show that is easy to hack Hardware-based Cryptocurrency Wallets (lien direct) | A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov, Thomas Roth, ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. The group of researchers presented called “wattet.fail” firmware, […] | Hack | ||
|
2018-12-31 19:53:05 | EU launches bug bounty programs for 15 software (lien direct) | The European Commission decided to launch its bug bounty initiative, the Free and Open Source Software Audit (FOSSA) project. Bug bounty programs are very important for the security of software and hardware, major tech firms launched their own programs to discover flaws before hackers. The European Commission recognized the importance of bug bounty programs and […] | |||
|
2018-12-31 15:16:04 | SandboxEscaper released PoC code for a new Windows zero-day (lien direct) | Security expert SandboxEscaper published a proof-of-concept (PoC) code for a new Windows zero-day, it is the fourth she released this year. The proof-of-concept (PoC) code published by SandboxEscaper overwrites ‘pci.sys’ with information about software and hardware problems, collected through the Windows Error Reporting (WER) event-based feedback infrastructure. SandboxEscaper initially announced the release of the PoC code […] | |||
|
2018-12-31 10:47:00 | Malware-based attack hit delivery chain of the major US newspapers (lien direct) | The LA Times revealed that a malware-based attack hits the delivery chain of the major US newspapers delaying the hardcopy distribution. A malware-based attack originated outside the US hit US major US newspapers delaying their hardcopy distribution. According to the LA Times, the attack was carried out on Saturday, it hita computer network at Tribune […] | |||
|
2018-12-31 08:56:03 | \'Roma225\' campaign targets companies in the Italian automotive sector (lien direct) | ‘Roma225’ campaign -The Cybaze-Yoroi ZLab researchers investigated a recent espionage malware implant weaponized to target companies in the Italian automotive sector. The malware was spread through well-written phishing email trying to impersonate a senior partner of one of the major Brazilian business law firms: “Veirano Advogados”. The malicious email intercepted during the CSDC operations contains […] | Malware | ||
|
2018-12-30 15:35:03 | Facebook tracks non-users via Android Apps (lien direct) | New thunderclouds on Facebook, the social network giant is accused of tracking non-users via Android apps. According to a report presented by Privacy International yesterday at 35C3 hacking conference held in Germany, the list of Android apps that send tracking and personal information back to Facebook includes dozens of apps including Kayak, Yelp, and Shazam, “Facebook routinely tracks users, non-users […] | |||
|
2018-12-30 12:42:04 | (Déjà vu) Security Affairs newsletter Round 194 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Cisco ASA is affacted by a privilege escalation […] | |||
|
2018-12-30 08:54:05 | Hackers bypassed vein based authentication with a fake hand (lien direct) | A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape, […] | |||
|
2018-12-29 14:32:00 | Guardzilla Security Video System Footage exposed online (lien direct) | A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. The flaw was discovered by the researchers Nick McClendon, Andrew Mirghassemi, Charles Dardaman, INIT_6 and Chris, from 0DayAllDay, the issue was reported […] | Vulnerability | ||
|
2018-12-28 19:18:03 | (Déjà vu) Personal details of roughly 1000 North Korean defectors leaked in hacking case. (lien direct) | Personal details of roughly 1,000 North Korean defectors living in South Korea have been leaked in a hacking case. Personal details of nearly 1,000 North Korean defectors were leaked as a result of a cyber attack exposing them to severe threats from Pyongyang. A similar incident has never happened before, the Unification Ministry said that […] | |||
|
2018-12-28 11:53:01 | Expert published a PoC exploit code for RCE flaw in Microsoft Edge (lien direct) | The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629). The vulnerability affects the JavaScript engine Chakra implemented in the Edge web browser, an attacker could exploit it to execute arbitrary code on the target machine with the same privileges as […] | Vulnerability | ||
|
2018-12-27 21:27:05 | A new Shamoon 3 sample uploaded to VirusTotal from France (lien direct) | A new sample of Shamoon 3 was uploaded on December 23 to the VirusTotal platform from France, it is signed with a Baidu certificate. A new sample of the dreaded Shamoon wiper was uploaded on December 23 to the VirusTotal platform from France. This sample attempt to disguise itself as a system optimization tool developed […] | Tool | ||
|
2018-12-27 13:46:02 | Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia (lien direct) | Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 million USD (+23%) more than in 2017. Group-IB Brand Protection team discovered a total of around 4,000 websites illegally selling alcohol. Criminals create entire networks from the “mirror–websites” of their online alcohol stores; if one […] | |||
|
2018-12-27 12:44:03 | Thousands of BevMo customers impacted in payment card breach (lien direct) | BevMo, the wine and liquor store, is warning customers of payment card breach and reported the incident to the authorities. The wine and liquor store BevMo suffered a payment card breach, a hacker stole credit card numbers and other information from more than 14,000 customers who purchased goods on the website. The company has notified […] | |||
|
2018-12-27 10:14:02 | Android Pie introduces important security and privacy enhancements (lien direct) | The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication. Google experts worked on OS hardening and the implementation of anti-exploitation mechanisms with a great attention to the user privacy. The tech giant updated the File-Based Encryption implementing the support for external storage media, it also […] | |||
|
2018-12-27 08:45:01 | (Déjà vu) Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console (lien direct) | Since November, a new ransomware called JungleSec has been infecting servers through unsecured IPMI (Intelligent Platform Management Interface) cards. Security experts at BleepingComputer wrote about a new ransomware called JungleSec that is infecting victims through unsecured IPMI (Intelligent Platform Management Interface) cards. The ransomware was first observed early November. The IPMI is a set of computer interface […] | Ransomware | ||
|
2018-12-26 14:40:04 | Experts discovered a critical bug in Schneider Electric Vehicle Charging Stations (lien direct) | A critical vulnerability affects Schneider Electric electric vehicle charging stations, the EVLink Parking systems. EVlink Parking charging solutions are usually in parking environments, including offices, hotels, supermarkets, fleets, and municipals. According to the company, the issue is tied to a hard-coded credential bug that could be exploited by attackers to gain access to the system. […] | Vulnerability | ||
|
2018-12-26 09:10:01 | Hackers target financial firms hosting malicious payloads on Google Cloud Storage (lien direct) | Researchers at Menlo Labs uncovered a malicious email campaign targeting employees of banks and financial services companies abusing Google Cloud Storage. The campaign targeted organizations in the US and the UK, the attackers have been abusing Google Cloud Storage to deliver payload. The spam campaign uses messages including links that point to archivefiles such as .zip or .gz. Attackers […] | Spam | ||
|
2018-12-25 20:14:03 | Hackers launched phishing attacks aimed at bypassing Gmail, Yahoo 2FA at scale (lien direct) | Amnesty International warns of threat actors that are launching phishing attacks aimed at bypassing Gmail, Yahoo 2FA at scale Amnesty International published a report that details how threat actors are able to bypass 2FA authentication that leverages text message as a second factor. Attackers are using this tactic to break into Gmail and Yahoo accounts […] | Threat | Yahoo | |
|
2018-12-25 15:37:05 | Over 19,000 Orange Livebox ADSL modems leak WiFi credentials (lien direct) | Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. Threat actors in the wild are attempting to exploit a vulnerability in LiveBox ADSL modems from Orange, the issue could be triggered to retrieve their SSID and WiFi password in plaintext by simply […] | Vulnerability Threat | ||
|
2018-12-24 21:24:04 | Experts disclosed an unpatched Kernel buffer overflow in Trusteer Rapport for MacOS (lien direct) | Researchers from Trustwave SpiderLabs discovered an unpatched kernel-level vulnerability in driver used by IBM Trusteer Rapport endpoint security tool. The issue affects endpoint security tool for MacOS, IBM released a patch but failed to address the vulnerability within the 120-day disclosure deadline. The IBM Trusteer Rapport endpoint security tool is a lightweight software component that […] | Tool Vulnerability | ||
|
2018-12-24 16:19:03 | Hacking the Twinkly IoT Christmas lights (lien direct) | Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. Security researchers from MWR InfoSecurity have discovered some flaws in the Twinkly IoT lights that could be exploited to display custom lighting effects and to remotely turn off their Christmas brilliance. […] | |||
|
2018-12-24 06:57:00 | Information Disclosure flaw allows attackers to find Huawei routers with default credentials (lien direct) | Some models of Huawei routers are affected by a flaw that could be exploited by attackers to determine whether the devices have default credentials or not. Ankit Anubhav, a principal researcher at NewSky Security, discovered a vulnerability in some models of Huawei routers that could be exploited by attackers to determine whether the devices have […] | Vulnerability | ||
|
2018-12-23 11:58:01 | (Déjà vu) Security Affairs newsletter Round 193 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Twitter fixed bug could have exposed Direct Messages […] | |||
|
2018-12-23 10:02:03 | France data protection agency fines Uber 400k Euros Over 2016 Data Breach (lien direct) | France’s data protection agency had fined the ride-sharing company Uber with 400,000 euros ($455,000) over a 2016 data breach. The data breach suffered by Uber in 2016 exposed the personal data of some 57 million clients and drivers worldwide. In November 2017, the Uber CEO Dara Khosrowshahi announced that hackers broke into the company database and […] | Data Breach | Uber | |
|
2018-12-23 08:33:04 | (Déjà vu) Cisco ASA is affacted by a privilege escalation flaw. Patch it now! (lien direct) | Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform […] | Vulnerability | ||
|
2018-12-22 18:12:04 | San Diego School District (SDUSD) security breach exposed data of 500,000 students and staff (lien direct) | Personal information belonging to over 500,000 students and 50 district employees were exposed in the San Diego School District (SDUSD) security breach. An attacker sent spear-phishing to SDUSD personnel with the intent of trick them into revealing credentials to access the district’s network services. The attacker accessed personal information of student and staff, including names, […] | |||
|
2018-12-22 15:41:03 | Law enforcement take down 15 DDoS-for-Hire services (lien direct) | The Department of Justice (DoJ) announced that the FBI seized 15 domains associated with DDoS-for-hire services. The FBI has seized 15 domains associated with DDoS-for-hire services (aka booters or stressers) that were used by their customers to launch powerful DDoS attacks. U.S. Authorities Take Down 15 DDoS-for-Hire Websites The Department of Justice (DoJ) announced that […] | |||
|
2018-12-21 21:41:01 | Caribou Coffee Payment Card Breach, over 260 stores impacted (lien direct) | Caribou Coffee notified customers a payment card breach that hit more than 260 of its stores in the United States. A payment card breach hit over 260 Caribou Coffee stores, the companyowned by German JAB Holding Company detected the intrusion on November 28. Caribou Coffee also informed the FBI of the security breach. The company […] | |||
|
2018-12-21 13:37:02 | US DoJ indicts Chinese hackers over state-sponsored cyber espionage (lien direct) | The US Department of Justice charged two Chinese hackers for hacking numerous companies and government agencies in a dozen countries, US Indicts Two Chinese Government Hackers Over Global Hacking Campaign. including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States. The two Chinese hackers, […] | |||
|
2018-12-21 08:30:01 | 5 IoT Security Predictions for 2019 (lien direct) | 2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019 Insights from VDOO's leadership 2018 was the year of the Internet of Things (IoT) – massive attacks and various botnets, a leap in regulation and standards, and increased adoption […] | Guideline | ||
|
2018-12-21 07:21:03 | (Déjà vu) Hack the Air Force 3 – White hat hackers earn $130,000 (lien direct) | Hack the Air Force 3.0 – The US DoD announced that more than 30 white hat hackers earned $130,000 for more than 120 vulnerabilities. The U.S. Defense Department, along with bug bounty platform HackerOne, presented the results of the third bug bounty program Hack the Air Force. The program started on October 19 and lasted […] | Hack | ||
|
2018-12-20 20:41:03 | Researcher disclosed a Windows zero-day for the third time in a few months (lien direct) | Security researcher SandboxEscaper released a working proof-of-concept (PoC) exploit for a new Windows zero-day vulnerability. Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter The security researcher SandboxEscaper is back and for the third time in a few months, released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows OS. Since August, SandboxEscaper has […] | Vulnerability | ||
|
2018-12-20 17:00:02 | Analyzing a Danabot Paylaod that is targeting Italy (lien direct) | A new variant of the infamous Danabot botnet hit Italy, experts at Cybaze-Yoroi ZLab dissected one of these sample that targeted entities in Italy. In the last weeks, a new variant of the infamous Danabot botnet hit Italy. Security firms such as Proofpoint and Eset analyzed other samples of the same threat targeting the Australian landscape back in […] | Threat | ||
|
2018-12-20 14:55:02 | Alleged Chinese-hackers accessed thousands of EU diplomatic cables (lien direct) | According to a report published by the New York Times, alleged China-linked hackers accessed thousands of sensitive EU diplomatic cables. The New York Times revealed that alleged Chinese state-sponsored hackers accessed thousands of sensitive EU diplomatic cables from the EU’s diplomatic missions around the world. The hackers carried out spear-phishing attacks aimed at EU officials […] | |||
|
2018-12-20 09:34:01 | Microsoft issues emergency patch for IE Zero Day exploited in the wild (lien direct) | Microsoft has issued an out-of-band security update to fix a critical zero-day flaw in the Internet Explorer (IE) browser. Microsoft has rolled out an out-of-band security update to address a critical zero-day vulnerability affecting the Internet Explorer (IE) browser. According to the tech giant, attackers already exploited in the wild the vulnerability tracked as CVE-2018-8653. The zero-day […] | Vulnerability | ||
|
2018-12-19 22:57:02 | Russia-linked Sofacy APT developed a new \'Go\' variant of Zebrocy tool (lien direct) | Researchers at Palo Alto Networks discovered that the Russian-linked Sofacy APT has written a new version of their Zebrocy backdoor using the Go programming language. The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of […] | Tool | ||
|
2018-12-19 08:44:03 | NASA data breach – The agency notifies employees of a security intrusion (lien direct) | U.S. National Aeronautics and Space Administration (NASA) notifies employees of a data breach that exposed social security numbers and other personal information. According to the data breach notification, hackers have breached at least one of the agency's servers, the security breach impacted both past and present employees. Website SpaceRef published a data breach notification note sent by the NASA […] | Data Breach | ||
|
2018-12-18 21:34:05 | Critical unfixed flaws affect ABB Safety PLC Gateways (lien direct) | Researchers at Applied Risk discovered serious flaws in some PLC gateways manufactured by industrial tech company ABB. Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. The security firm published a security advisory that […] | |||
|
2018-12-18 16:21:00 | Malware controlled through commands hidden in memes posted on Twitter (lien direct) | New Malware Takes Commands From Memes Posted On Twitter Security researchers at Trend Micro have spotted a new strain of malware that retrieved commands from memes posted on a Twitter account controlled by the attackers. In this way, attackers make it hard to detect traffic associated with the malware that is this case appears as legitimate […] | Malware | ||
|
2018-12-18 10:08:04 | Twitter uncovered a possible nation-state attack (lien direct) | Twitter discovered a possible nation-state attack while it was investigating an information disclosure flaw affecting its platform. Experts at Twitter discovered a possible state-sponsored attack while they were investigating an information disclosure vulnerability affecting its support forms. The experts discovered that the attack was launched from IP addresses that may be linked to nation-state actors. The flaw affected […] | Vulnerability | ||
|
2018-12-18 08:40:01 | Czech cyber-security agency warns over Huawei, ZTE security threat (lien direct) | A Czech cyber-security agency is warning against using Huawei and ZTE technologies because they pose a threat to state security. The Chinese nightmare is rapidly spreading among European countries, now a Czech cyber-security agency is warning against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. […] | Threat | ||
|
2018-12-17 20:59:03 | A second sample of the Shamoon V3 wiper analyzed by the experts (lien direct) | A second sample of the Shamoon wiper was uploaded to Virus total on December 13, from the Netherlands, experts analyzed it. Last week security experts at Chronicle announced the discovery of a new variant of the infamous Shamoon malware, the sample was uploaded to Virus Total from Italy at around the time Italian oil services company […] | |||
|
2018-12-17 18:17:05 | Decrypting HiddenTear Ransomware for free with HT Brute Forcer (lien direct) | Good news for the victims of the dreaded HiddenTear Ransomware, the popular cybersecurity expert Michael Gillespie has devised a tool dubbed HT Brute Forcer that could allow decrypting files for free. In 2015, the Turkish security researchers Utku Sen published the HiddenTear ransomware, the first open source ransomware, for educational purposes. The original code was decryptable, for this reason, […] | Ransomware Tool | ||
|
2018-12-17 09:17:03 | Germany\' BSI chief says \'No Evidence\' of Huawei spying (lien direct) | The head of Germany’s BSI admitted that since now there is no proof espionage activity conducted through Huawei technology. US first, and many other countries after, have decided to ban network equipment manufactured by the Chinese telecom giant Huawei. In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, […] | |||
|
2018-12-17 07:14:04 | Siemens addresses multiple critical flaws in SINUMERIK Controllers (lien direct) | Siemens addressed several vulnerabilities in SINUMERIK controllers, including denial-of-service (DoS), privilege escalation and code execution issues. Siemens has fixed several flaws in SINUMERIK controllers, some of them have been classified as “critical.” The list of vulnerabilities includes DoS, privilege escalation and code execution flaws. Security experts at Kaspersky Lab discovered that SINUMERIK 808D, 828D and 840D controllers are […] |
To see everything:
