What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-12 08:45:02 | DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More (lien direct) | Our team of security researchers was researching dating apps client-side security, and one of the main focus targets was the social search mobile app Tinder. After initial reconnaissance steps were done, a Tinder domain with multiple client-side security issues was found – meaning hackers could have access to users' profiles and details. Immediately after finding these vulnerabilities, we […] | |||
|
2018-10-11 21:53:00 | Exaramel Malware Links Industroyer ICS malware and NotPetya wiper (lien direct) | ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper. In June 2017, researchers at antivirus firm ESET […] | Malware | NotPetya | |
|
2018-10-11 15:06:00 | Juniper Networks provides dozens of fix for vulnerabilities in Junos OS (lien direct) | Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the CVE-2018-0049, which could be exploited by an attacker to […] | |||
|
2018-10-11 06:25:02 | New Gallmaker APT group eschews malware in cyber espionage campaigns (lien direct) | A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. According to researchers from Symantec, who first spotted the threat actor, the group has launched attacks on several overseas embassies […] | Malware Threat | ||
|
2018-10-11 05:36:00 | SAP October 2018 set of patches fixes first Hot News security note for SAP BusinessObjects in 5 years (lien direct) | SAP released its October 2018 set of patches, it includes the first Hot News security note for SAP BusinessObjects in over five years. SAP released its October 2018 set of patches that included 11 security notes, the company also released 4 updates to previously released notes. The patches include 15 notes, 2 rated Hot News and one of […] | |||
|
2018-10-10 20:44:05 | GAO report reveals new Pentagon weapon systems vulnerable to hack (lien direct) | According to a new report published by the Government Accountability Office (GAO) almost any new weapon systems in the arsenal of the Pentagon is vulnerable to hack. The new generation of weapon systems developed by the Pentagon is heavily computerized and for this reason more exposed to cyber attacks. According to a new 50-page report […] | Hack | ||
|
2018-10-10 13:45:02 | CVE-2018-8453 Zero-Day flaw exploited by FruityArmor APT in attacks aimed at Middle East (lien direct) | A Windows zero-day flaw addressed by Microsoft with its latest Patch Tuesday updates is exploited by an APT group in attacks aimed at entities in the Middle East. The Windows zero-day vulnerability tracked as CVE-2018-8453 is a privilege escalation flaw that was exploited by an APT group in attacks against entities in the Middle East. The flaw, tracked as […] | Vulnerability | ||
|
2018-10-10 11:39:01 | Hackers can compromise your WhatsApp account by tricking you into answering a video call (lien direct) | Hackers can compromise your WhatsApp account by tricking you into answering a video call, the company fixed the flaw in September. WhatsApp has addressed a vulnerability in the mobile applications that could have been exploited by attackers to crash victims instant messaging app simply by placing a call. The vulnerability is a memory heap overflow […] | Vulnerability | ||
|
2018-10-10 09:24:01 | Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature (lien direct) | Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates Security experts from security firm SEC Consult have identified over 100 companies that buy and re-brand video surveillance equipment (surveillance cameras, digital video recorders (DVRs), and network video recorders (NVRs)) manufactured by the Chinese […] | |||
|
2018-10-10 07:26:03 | Group-IB: $49.4 million of damage caused to Russia\'s financial sector from cyber attacks (lien direct) | Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia's financial sector Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia's financial sector. […] | |||
|
2018-10-09 19:55:05 | Researchers presented an improved version of the WPA KRACK attack (lien direct) | Security researchers who devised last year the Key Reinstallation Attack, aka KRACK attack, have disclosed new variants of the attack. Security researchers Mathy Vanhoef and Frank Piessens who devised last year the Key Reinstallation Attack against WPA, aka KRACK attack, have disclosed new variants of the attack. Last year, boffins discovered several key management flaws in the […] | |||
|
2018-10-09 14:10:00 | Project Strobe, what will change after the Google security breach? (lien direct) | Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network, these are the measures in response to the incident. Yesterday Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network. Security experts and privacy advocated criticized the […] | |||
|
2018-10-09 09:06:04 | BEC scams, hacked accounts available from $150 up to $5,000 (lien direct) | Security experts from Digital Shadows have conducted an interesting study about the technique adopted by crooks to infiltrate company emails, so-called BEC scam. According to the FBI, the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. Business email compromise (BEC) and email account […] | |||
|
2018-10-09 06:20:01 | How Secure Are Bitcoin Wallets, Really? (lien direct) | Purchasers of Bitcoin wallets usually have one priority topping their lists: security. What’s the truth about the security of these wallets? When buying conventional wallet coins and paper money, people often prioritize characteristics like the size, color, shape, and number of compartments. However, purchasers of Bitcoin wallets - the software programs that facilitate storing someone’s […] | |||
|
2018-10-08 21:41:04 | Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it (lien direct) | This is a very bad news for Google that suffered a massive data breach that exposed the private data of over 500,000 of Google Plus users to third-party developers. As a consequence of the data exposure, the company is going to shut down the social media network Google+. The root cause of the data breach is a security […] | Data Breach | ||
|
2018-10-08 19:42:02 | WECON PI Studio HMI software affected by code execution flaws (lien direct) | Security experts discovered several vulnerabilities in WECON’s PI Studio HMI software, the company has verified the issues but has not yet released patches. Researchers Mat Powell and Natnael Samson discovered several vulnerabilities in WECON’s PI Studio HMI software, a software widely used in critical manufacturing, energy, metallurgy, chemical, and water and wastewater sectors. Both experts […] | |||
|
2018-10-08 12:28:00 | Expert presented a new attack technique to compromise MikroTik Routers (lien direct) | Experts from Tenable Research have devised a new attack technique to fully compromise MikroTik Routers. MikroTik routers continue to be under attack, and the situation is getting worse because of the availability of a new PoC code. The new attack technique discovered by experts at Tenable Research could be exploited by remote attackers to execute […] | |||
|
2018-10-08 08:20:02 | Kaspersky shed lights on the overlap of operations conducted by Turla and Sofacy (lien direct) | Researchers from Kaspersky Lab collected evidence that demonstrates overlaps between the activity of Russian APT groups Turla and Sofacy. In March, during the Kaspersky Security Analyst Summit held in Cancun, Kurt Baumgartner, Kaspersky principal security researcher, revealed the activity associated with Sofacy APT group appears to overlap with campaigns conducted by other cyber espionage groups. Baumgartner […] | |||
|
2018-10-08 06:32:05 | The Git Project addresses a critical arbitrary code execution vulnerability in Git (lien direct) | The Git Project released a new version of the Git client, Github Desktop, or Atom. that addressed a critical remote code execution vulnerability in the Git. The Git Project addressed a critical remote code execution vulnerability in the Git command line client, Git Desktop, and Atom. The flaw tracked as CVE-2018-17456 could be exploited by malicious repositories to remotely […] | Vulnerability | ||
|
2018-10-07 14:08:00 | APT28 group return to covert intelligence gathering ops in Europe and South America. (lien direct) | Experts from Symantec collected evidence that APT28 group returns to covert intelligence gathering operations in Europe and South America. APT28 state-sponsored group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) seems to have shifted the focus for its operations away from election interference to cyber espionage activities. The APT28 group has been active since at least 2007 and it has targeted governments, […] | APT 28 | ||
|
2018-10-07 13:03:03 | (Déjà vu) Security Affairs newsletter Round 183 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · Estonia sues Gemalto for 152M euros over […] | |||
|
2018-10-07 08:52:02 | (Déjà vu) D-Link fixed several flaws in Central WiFiManager access point management tool (lien direct) | D-Link addresses several remote code execution and XSS vulnerabilities affecting the Central WiFiManager access point management tool. D-Link issued security patches to address several remote code execution and cross-site scripting (XSS) vulnerabilities affecting the Central WiFiManager access point management tool. The vulnerabilities have been reported by researchers at SecureAuth/CoreSecurity D-Link Central WiFiManager software controller helps network […] | Tool | ||
|
2018-10-06 18:25:04 | Sony Bravia Smart TVs affected by a critical vulnerability (lien direct) | Experts at FortiGuard Labs team discovered three vulnerabilities in eight Sony Bravia smart TVs, one of them rated as critical. Patch management is a crucial aspect for IoT devices, smart objects are surrounding us and represent a privileged target for hackers. Experts at FortiGuard Labs team discovered three vulnerabilities (a stack buffer overflow, a directory traversal, […] | Vulnerability | ||
|
2018-10-06 12:17:04 | Windows 10 October 2018 Update could cause CCleaner stop working (lien direct) | Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update Many Windows users are reporting problems after the installation of Windows 10 October 2018 Update, a few days ago a Reddit user discovered the Task Manager tool was showing inaccurate CPU usage after the upgrade. Other users […] | CCleaner | ||
|
2018-10-06 09:20:05 | Silk Road admin pleaded guilty to drug trafficking charges and faces up to 20 years in prison (lien direct) | Gary Davis, one of the admins and moderators of the notorious Silk Road black marketplace, pleaded guilty to drug trafficking charges. Gary Davis is an Irish national (20) who was one of the admins and moderators of the notorious Silk Road black marketplace, on Friday he pleaded guilty to drug trafficking charges. “Geoffrey S. Berman, the United States Attorney for […] | Guideline | ||
|
2018-10-05 23:15:03 | Sales intel firm Apollo data breach exposed more than 200 million contact records (lien direct) | The sales intelligence firm Apollo is the last victim of a massive data breach that exposed more than 200 million contact records. Apollo collects a lot of its information from public sources, including names, email addresses, and company contact information, it also gathers data by scraping Twitter and LinkedIn. The company already notified the security breach to […] | Data Breach | ||
|
2018-10-05 12:42:01 | US DoJ indicted 7 Russian Intelligence officers for attacking Anti-Doping Organizations (lien direct) | US DoJ indicted seven defendants working for the Russian Main Intelligence Directorate (GRU), for hacking, wire fraud, identity theft, and money laundering. The news of the day is that a US DoJ indicted seven defendants working for the Russian Main Intelligence Directorate (GRU), for hacking, wire fraud, identity theft, and money laundering. The defendants are […] | |||
|
2018-10-05 09:57:00 | Experts warns of a new extortion campaign based on the Breach Compilation archive (lien direct) | Cybaze ZLab spotted a new scam campaign that is targeting some of its Italian customers, crooks leverage credentials in Breach Compilation archive. Security experts from Cybaze ZLab have spotted a new scam campaign that is targeting some of its Italian customers. Crooks attempted to monetize the availability of a huge quantity of credentials available in […] | |||
|
2018-10-05 08:22:03 | (Déjà vu) DHS issued an alert on attacks aimed at Managed Service Providers (lien direct) | The United States Department of Homeland Security (DHS) is warning of ongoing activity from an advanced persistent threat (APT) actor targeting global managed service providers (MSPs). The DHS issued an alert on ongoing attacks aimed at global managed service providers (MSPs) that are carried out by an advanced APT group. Managed services is the practice of outsourcing on a […] | Threat | ||
|
2018-10-05 05:55:00 | Canada blames Russia for cyber attacks against its structures (lien direct) | The Government of Canada blamed the GRU, the Russian military’s intelligence agency, for cyber attacks at the Montreal-based World Anti-Doping Agency. “The government of Canada assesses with high confidence that the Russian military’s intelligence arm, the GRU, was responsible” for these cyber attacks, the foreign ministry said in a statement. [cyber attacks are] “part of a broader […] | |||
|
2018-10-04 19:25:01 | China planted tiny chips on US computers for cyber espionage (lien direct) | China used tiny chips implanted on computer equipment manufactured for US companies and government agencies to steal secret information. According to a report published by Bloomberg News, China used tiny chips implanted on computer equipment manufactured for US companies and government agencies, including Amazon and Apple, to steal secret information. The tiny chips have a size […] | |||
|
2018-10-04 14:20:01 | CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops (lien direct) | Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops Experts from security firm Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple forgot did not lock it in laptops. The Intel Management Engine consists of a microcontroller that works with the Platform Controller Hub chip, […] | |||
|
2018-10-04 11:35:03 | Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack? (lien direct) | The Canadian restaurant chain Recipe Unlimited that operates over 20 restaurant brands has suffered a major IT outage over the weekend in a “malware outbreak.” The company operates nearly 1,400 restaurants under 19 different brands in Canada, Recipe Unlimited has suffered a major malware-based attack that impacted several of its brands. On Monday the company Monday […] | Ransomware | ||
|
2018-10-04 07:42:02 | US offers its cyber warfare defense capabilities to NATO (lien direct) | The United States will offer its offensive cyber capabilities to NATO to strengthen its defenses against threat actors like Russian ones. The United States is expected to announce to provide cyber warfare capabilities to NATO to strengthen its defenses against threat actors like Russian ones. The announcement is expected today at a meeting of defence ministers in Brussels, […] | Threat | ||
|
2018-10-04 06:55:00 | APT38 is behind financially motivated attacks carried out by North Korea (lien direct) | Security experts from FireEye published a report on the activity of financially motivated threat actors, tracked as APT38, linked to the North Korean government. The attacks aimed at financial institutions, FireEye estimates APT38 has stolen at least a hundred million dollars from banks worldwide. APT38 appears to be a North Korea-linked group separate from the […] | Threat Medical | APT 38 | |
|
2018-10-03 20:02:03 | Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide (lien direct) | A joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “FASTCash,” used by Hidden Cobra APT. The US-CERT has released a joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “FASTCash,” being used by the […] | Medical | APT 38 | |
|
2018-10-03 13:45:04 | Cyber Defense Magazine Annual Global Edition for 2018 has arrived. Enjoy it! (lien direct) | We hope you enjoy our Cyber Defense Magazine Annual Global Edition for 2018 including our Global Awards Winners for 2018…packed with over 75+ pages of excellent content. Cyber Defense Magazine Global Edition for 2018 has arrived. Global Awards Winners Announced! Sponsored By: TrendMicro InfoSec Knowledge is Power. We have 6 years of eMagazines online with timeless content. Visit our online library by clicking here. […] | |||
|
2018-10-03 13:10:01 | Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack (lien direct) | Experts discovered nine vulnerabilities affecting NAS devices that could be exploited by unauthenticated attackers to access protected content. Nine flaws affecting NAS devices could be exploited by unauthenticated attackers to access protected content. The vulnerabilities are traked as CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081 and CVE-2018-9082. According to Lenovo, the flaws affect 20 models of network attached storage (NAS) devices sold by the […] | Hack | ||
|
2018-10-03 09:46:01 | New Danabot Banking Malware campaign now targets banks in the U.S. (lien direct) | According to malware researchers from Proofpoint, DanaBot attackers launched a new campaign aimed at banks in the United States. A couple of weeks ago, security experts at ESET observed a surge in activity of DanaBot banking Trojan that was targeting Poland, Italy, Germany, Austria, and as of September 2018, Ukraine. DanaBot is a multi-stage modular banking Trojan written […] | Malware | ||
|
2018-10-03 07:17:03 | Researchers associated the recently discovered NOKKI Malware to North Korean APT (lien direct) | Security experts from Palo Alto Networks have collected evidence that links the recently discovered NOKKI malware to North Korea-Linked APT. Researchers from Palo Alto Networks have spotted a new variant of the KONNI malware, tracked as NOKKI. that was attributed to North Korea-linked attackers. NOKKI borrows the code from the KONNI malware, the latter is a remote access Trojan […] | Malware | ||
|
2018-10-03 04:57:00 | Z-LAB Report – Analyzing the GandCrab v5 ransomware (lien direct) | Experts at the Cybaze Z-Lab have analyzed the latest iteration of the infamous GandCrab ransomware, version 5.0. Malware researchers at Cybaze ZLab analyzed the latest version of the infamous GandCrab ransomware, version 5.0. Most of the infections have been observed in central Europe, but experts found evidence that the malicious code doesn't infect Russian users. […] | Ransomware Malware | ||
|
2018-10-02 20:44:00 | Foxit Reader 9.3 addresses 118 Vulnerabilities, 18 of them rated as critical (lien direct) | Foxit Software released a security update for its Foxit Reader product that addresses over 100 vulnerabilities, 18 of them rated as critical. Foxit Software released a security update for its Foxit Reader product that addresses over 100 vulnerabilities, some of them that could be exploited by a remote attacker to execute arbitrary code. Foxit Reader is a multilingual freemium PDF tool that can create, […] | |||
|
2018-10-02 13:49:01 | The \'Gazorp\' Azorult Builder emerged from the Dark Web (lien direct) | Checkpoint experts discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to create customized binaries for the Azorult malware. Security researchers from Checkpoint have discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to easily create customized binaries for the Azorult info-stealing malware. The Gazorp builder allows generating for free the malicious code […] | |||
|
2018-10-02 07:55:01 | Adobe security updates for Acrobat fix 86 Vulnerabilities, 46 rated as critical (lien direct) | Adobe has released security updates to fix 86 vulnerabilities in Mac and Windows version of Adobe Acrobat and Adobe Reader, 46 of them rated as critical. Adobe has released security updates to address 86 vulnerabilities affecting Mac and Windows version of Adobe Acrobat and Adobe Reader. The security updates fix 47 vulnerabilities classified as ‘critical’ […] | |||
|
2018-10-02 07:11:03 | FCA fines Tesco Bank £16.4m over 2016 cyber attack (lien direct) | Tesco Bank agreed to pay £16.4m as part of a settlement with the Financial Conduct Authority following the 2016 security breach. The Financial Conduct Authority (FCA) has assigned a £16.4m fine to Tesco Bank for the vulnerabilities in its systems that were exploited by hackers to steal millions of pounds from customers' online accounts in […] | |||
|
2018-10-01 19:36:04 | GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers (lien direct) | Security experts from Qihoo 360 NetLab spotted GhostDNS, a malware that already infected over 100K+ devices and targets 70+ different types of routers Security experts from Qihoo 360 NetLab have uncovered an ongoing hacking campaign that leverages the GhostDNS malware. Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic […] | Malware | ||
|
2018-10-01 14:20:04 | (Déjà vu) Cyber Defense Magazine – October 2018 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine October 2018 Edition has arrived. Sponsored by: Bosch We hope you enjoy this month’s edition…packed with 100+ pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eMagazines online with timeless content. Visit our online library by clicking here. Please tell your friends to We hope you enjoy this month’s edition…packed with […] | |||
|
2018-10-01 12:57:05 | Attackers chained three bugs to breach into the Facebook platform (lien direct) | Facebook has revealed additional details about the cyber attack that exposed personal information of 50 million accounts. Last week, Facebook announced that attackers exploited a vulnerability in the “View As” feature that allowed them to steal Facebook access tokens of 50 Million Users. The “View As” feature allows users to see how others see their profile, it was implemented […] | Vulnerability | ||
|
2018-10-01 07:45:04 | Expert demonstrated how to access contacts and photos from a locked iPhone XS (lien direct) | Expert discovered a passcode bypass vulnerability in Apple's new iOS version 12 that could be exploited to access photos, contacts on a locked iPhone XS . The Apple enthusiast and “office clerk” Jose Rodriguez has discovered a passcode bypass vulnerability in Apple's new iOS version 12 that could be exploited by an attacker (with physical access to the iPhone) […] | Vulnerability | ||
|
2018-10-01 05:23:05 | Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls (lien direct) | CVE-2018-17780 – Security researcher Dhiraj Mishra discovered that Telegram default configuration would expose a user’s IP address when making a call. Strangely tdesktop 1.3.14 and Telegram for windows (3.3.0.0 WP8.1) leaks end-user private and public IP address while making calls. .@telegram unsafe default behavior of P2P leaks IP address, and CVE-2018-17780 is assigned to this.https://t.co/V61JurNTgs#infosec #bugbounty — Dhiraj (@mishradhiraj_) September […] |
To see everything:
