What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-05-22 06:36:02 | The Satan Ransomware adds new exploits to its arsenal (lien direct) | A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared […] | Ransomware | ||
|
2019-05-21 21:10:02 | Emsisoft released a free Decrypter for JSWorm 2.0 (lien direct) | Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the […] | Ransomware Malware | ||
|
2019-05-21 19:39:00 | Group-IB blocked more than 180,000 links to pirated copies of Game of Thrones (lien direct) | Since April 2019, Group-IB has successfully blocked more than 43,000 links to pirated copies of the Game of Thrones Season 8 on pirate websites, forums, and social media As the Game of Thrones saga came to a close (no spoilers here), Group-IB has summed up the results of its anti-piracy campaign during Season 8 of […] | |||
|
2019-05-21 14:46:01 | After latest Microsoft Windows updates some PCs running Sophos AV not boot (lien direct) | Sophos is warning users of potential problems with the recent Microsoft’s Patch Tuesday updates and is saying to roll back it if they want the PC to boot. The security firm has informed its customers of potential problems with the latest Microsoft’s Patch Tuesday updates and is asking them to uninstall the patch if they […] | |||
|
2019-05-21 05:31:05 | MuddyWater BlackWater campaign used new anti-detection techniques (lien direct) | A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros). The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques, […] | |||
|
2019-05-21 05:18:01 | US Commerce Department delays Huawei ban for 90 Days (lien direct) | US Commerce Department will delay 90 days before to apply the announced Huawei ban to avoid huge disruption of the operations. During the weekend, the Reuters agency revealed in exclusive that Alphabet Inc's Google has suspended some business with Huawei after Trump's ban on the telco giant. On Thursday, President Trump added Huawei Technologies to […] | |||
|
2019-05-20 22:36:05 | Data belonging to Instagram influencers and celebrities exposed online (lien direct) | A new data leak made the headlines, a database containing the contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The news was first reported by the TechCrunch website, a database was left unprotected on an AWS bucket, anyone was able to access it without authentication. The unprotected database was discovered […] | |||
|
2019-05-20 18:23:05 | Linux kernel privilege escalation flaw CVE-2019-11815 affects RDS (lien direct) | Experts discovered a privilege escalation vulnerability in the Linux Kernel, tracked as CVE-2019-11815, that affects the implementation of RDS over TCP. Experts discovered a memory corruption vulnerability in Linux Kernel that resides in the implementation of the Reliable Datagram Sockets (RDS) over TCP. The vulnerability tracked as CVE-2019-11815 could lead to privilege escalation, it received a […] | Vulnerability Guideline | ||
|
2019-05-20 13:40:01 | Defiant Tech firm who operated LeakedSource pleads guilty (lien direct) | The Royal Canadian Mounted Police (RCMP), announced that the company behind LeakedSource, Defiant Tech Inc., pleads guilty in Canada. Defiant Tech Inc., the company behind the LeakedSource.com website, pleaded guilty in Canada. The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. It reported some of […] | Data Breach Guideline | ||
|
2019-05-20 11:17:05 | Chronicle experts spotted a Linux variant of the Winnti backdoor (lien direct) | Security researchers from Chronicle, Alphabet’s cyber-security division, have spotted a Linux variant of the Winnti backdoor. Security experts from Chronicle, the Alphabet’s cyber-security division, have discovered a Linux variant of the Winnti backdoor. It is the first time that researchers found a Linux version of the backdoor user by China-linked APT groups tacked as Winnti. […] | |||
|
2019-05-20 09:25:01 | Google will block Huawei from using Android and its services (lien direct) | The Reuters agency revealed in exclusive that Alphabet Inc's Google has suspended some business with Huawei after Trump’s ban on the telco giant. The news a bomb, Google has suspended some business with Huawei after Trump’s ban on the Chinese telco giant. In November, The Wall Street Journal reported that the US Government is urging its allies […] | |||
|
2019-05-20 08:07:04 | Amnesty International filed a lawsuit against Israeli surveillance firm NSO (lien direct) | Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now […] | |||
|
2019-05-19 17:10:03 | Unpatched Ethereum Clients expose the ecosystem to 51% Attack risk (lien direct) | Security researchers from SRLabs have published a report that analyzed the risks for Ethereum network caused by unpatched Ethereum clients. Researchers at SRLabs published a report based on ethernodes.org data, that revealed that a large number of nodes using the popular clients Parity and Geth is still unpatched. The expert discovered that the Ethereum clients and […] | ★★★★ | ||
|
2019-05-19 10:20:02 | Security Affairs newsletter Round 214 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Hacking the 'Unhackable eyeDisk USB stick Security […] | |||
|
2019-05-19 09:56:03 | Salesforce faced one of its biggest service disruption of ever (lien direct) | Salesforce is facing a huge outage, it shut down a good portion of its infrastructure due to change to the production environment. A change in the production environment is the root cause of the broad outage suffered by Salesforce. The service disruption affected its Pardot B2B marketing automation system, the cloud CRM company’s change broke […] | |||
|
2019-05-19 08:38:02 | Dutch intelligence investigate alleged Huawei \'backdoor\' (lien direct) | Dutch intelligence services are probing Huawei for possibly spying for the Chinese government by using a “back door” in equipment of major telecoms firms. Dutch intelligence probes Huawei for possibly spying for the Chinese government by using a “back door” in the equipment used by major telecoms firms. Dutch intelligence shares the concerns raised by […] | |||
|
2019-05-18 20:16:01 | (Déjà vu) Number of hacktivist attacks declined by 95 percent since 2015 (lien direct) | According to a study conducted by IBM, the number of hacktivist attacks that caused quantifiable damage has declined by 95 percent since 2015. Even if in Italy the cells of the popular Anonymous collective are very active, the overall number of hacktivist attacks that caused in quantifiable damage to the victim has declined by 95 […] | |||
|
2019-05-18 14:43:00 | Dozens of Linksys router models leak data useful for hackers (lien direct) | Dozens of Linksys router models are affected by a flaw that causes the leak of data that can be used by attackers …. and the company won’t fix it. Security researcher Troy Mursch, Chief Research Officer of Bad Packets, discovered that over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. […] | |||
|
2019-05-18 11:54:03 | Unistellar attackers already wiped over 12,000 MongoDB databases (lien direct) | Unistellar attackers have already wiped roughly 12,000 unsecured MongoDB databases exposed online over the past three. Every time hackers deleted a MongoDB database they left a message asking the administrators to contact them to restore the data. Unfortunately, the criminal practice of deleting MongoDB databases and request a ransom to restore data is common, experts […] | |||
|
2019-05-18 09:13:01 | Facebook banned Archimedes Group, misinformation made in Israel (lien direct) | A new political misinformation campaign was uncovered and blocked by Facebook, this time it was not operated by Russia but Israel’s Archimedes Group Facebook uncovered and blocked a misinformation campaign powered by Israel’ Archimedes Group, the corporation used fake accounts to manipulated political campaigns. According to Facebook, the Archimedes Group used hundreds of pages, accounts, […] | |||
|
2019-05-17 22:40:00 | Chinese state-sponsored hackers breached TeamViewer in 2016 (lien direct) | The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems […] | Malware | ||
|
2019-05-17 20:20:01 | A flaw in Slack could allow hackers to steal, manipulate downloaded files (lien direct) | A recently patched flaw in the Slack desktop application for Windows can be exploited by attackers to steal and manipulate a targeted user's downloaded files. Slack is a cloud-based set of proprietary team collaboration tools and services, Security researcher David Wells from Tenable discovered a critical flaw in version 3.3.7 of the Slack desktop app […] | |||
|
2019-05-17 14:18:04 | Cisco addressed a critical flaw in networks management tool Prime Infrastructure (lien direct) | Cisco had issued security updates to address 57 security flaw, including three flaws in networks management tool Prime Infrastructure. One of the flaws addressed by Cisco in the Prime Infrastructure management tool could be exploited by an unauthenticated attacker to execute arbitrary code with root privileges on PI devices. “Multiple vulnerabilities in the web-based management […] | Tool | ||
|
2019-05-17 07:19:00 | Stack Overflow Q&A platform announced a data breach (lien direct) | The popular question-and-answer platform for programmers Stack Overflow announced on Thursday that is has suffered a data breach. The news of a data breach makes the headlines, this time the victim is the popular question-and-answer platform for programmers Stack Overflow. The company announced on Thursday that it has discovered unauthorized access to its production systems […] | Data Breach | ||
|
2019-05-17 06:51:00 | XSS flaw in WordPress Live Chat Plugin lets attackers compromise WP sites (lien direct) | A vulnerability in the Live Chat Support plugin for WordPress could be exploited by attackers to inject malicious scripts in websites using it Researchers at Sucuri have discovered a stored/persistent cross-site scripting (XSS) vulnerability in the WP Live Chat Support plugin for WordPress. The flaw could be exploited by remote, unauthenticated attackers to inject malicious […] | Vulnerability | ||
|
2019-05-16 21:49:01 | Past, present, and future of the Dark Web (lien direct) | Which is the difference between the Deep Web and Dark Web? Considerations about past, present, and future of the Dark Web. These are intense days for the Dark Web. Operations conducted by law enforcement agencies lad to the arrests of many individuals and the closure of the most popular Black Marketplaces, many of which remained […] | |||
|
2019-05-16 19:00:02 | Google \'0Day In the Wild\' project tracks zero-days exploited in the Wild (lien direct) | White hat hackers at Google Project Zero are tracking cyber attacks exploiting zero-days before the vendor released security fixes. Experts at Google Project Zero are tracking cyber attacks exploiting zero-days as part of a project named 0Day 'In the Wild.' “Today, we’re sharing our tracking spreadsheet for publicly known cases of detected zero-day exploits, in the […] | |||
|
2019-05-16 14:21:04 | A joint operation by international police dismantled GozNym gang (lien direct) | A joint effort by international law enforcement agencies from 6 different countries has dismantled the crime gang behind the GozNym banking malware. GozNym banking malware is considered one of the most dangerous threats to the banking industry, experts estimated it allowed to steal nearly $100 million from over 41,000 victims across the globe for years. “An […] | Malware | ||
|
2019-05-16 13:08:02 | Microsoft renewed its Attack Surface Analyzer, version 2.0 is online (lien direct) | Microsoft has renewed its Attack Surface Analyzer tool to take advantage of modern, cross-platform technologies. The first version of the Attack Surface Analyzer 1.0 was released back in 2012, it aims at detecting and changes that occur in the Windows operating systems during the installation of third-party applications. The Analyzer has been released on GitHub, it […] | Tool | ||
|
2019-05-16 12:15:00 | A flaw in Google Titan Security Keys expose users to Bluetooth Attacks (lien direct) | Titan Security Keys are affected by a severe vulnerability, for this reason, Google announced it is offering a free replacement for vulnerable devices. Google announced it is offering a free replacement for Titan Security keys affected by a serious vulnerability that could be exploited by to carry out Bluetooth attacks. The Titan Security Keys were introduced by […] | Vulnerability | ||
|
2019-05-16 11:38:00 | The stealthy email stealer in the TA505 hacker group\'s arsenal (lien direct) | Experts at Yoroi-Cybaze Z-Lab observed a spike in attacks against the banking sector and spotted a new email stealer used by the TA505 hacker group Introduction During the last month, our Threat Intelligence surveillance team spotted increasing evidence of an operation intensification against the Banking sector. In fact, many independent researchers pointed to a particular […] | Threat | ||
|
2019-05-16 09:50:03 | Magecart hackers inject card Skimmer in Forbes Subscription Site (lien direct) | The Magecart gang made the headlines again, the hackers this time compromised the Forbes magazine subscription website. The Magecart group is back, the hackers this time compromised injected a skimmers script into the Forbes magazine subscription website. The malicious traffic was spotted by the security expert Troy Mursch, Chief Research Officer of Bad Packets, on Wednesday. Magecart hackers […] | |||
|
2019-05-16 07:59:00 | BlackTech espionage group exploited ASUS update process to deliver Plead Backdoor (lien direct) | The BlackTech cyber-espionage group exploited the ASUS update process for WebStorage application to deliver the Plead backdoor. The cyber espionage group tracked as BlackTech compromised the ASUS update process for WebStorage application to deliver the Plead backdoor. The BlackTech group was first observed by ESET on July 2018, when it was abusing code-signing certificates stolen from D-Link for the […] | Guideline | ||
|
2019-05-15 21:08:00 | SAP Security Patch Day for May 2019 fixes many missing authorization checks (lien direct) | SAP released SAP Security Patch Day for May 2019 that includes 8 Security Notes, 5 of which are updates to previously released Notes. Five Security Notes included in SAP Security Patch Day for May 2019 addressed missing authorization checks in SAP products, including Treasury and Risk Management, Solution Manager and ABAP managed systems, dbpool administration, […] | |||
|
2019-05-15 14:15:04 | Twitter inadvertently collected and shared iOS location data (lien direct) | Twitter confirmed revealed that a bug in its iOS app it the root cause for an inadvertent collection of location data and sharing it with a third-party. A new story of a violation of the user’s privacy made the lines, Twitter revealed that due to a bug is collected and shared iOS location data with […] | |||
|
2019-05-15 12:57:05 | Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks (lien direct) | Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS flaw allowing WannaCry-Like attacks. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including a Windows zero-day flaw and an RDS vulnerability that can be exploited to carry out WannaCry-like attack. The zero-day vulnerability addressed by Microsoft Patch Tuesday […] | Vulnerability | Wannacry | |
|
2019-05-15 06:13:05 | (Déjà vu) Adobe patches over 80 flaws in Flash, Acrobat Reader, and Media Encoder (lien direct) | Adobe Patch Tuesday updates for May 2019 address a critical flaw in Flash Player and more than 80 vulnerabilities in Acrobat products. Adobe Patch Tuesday updates for May 2019 address a total of 84 vulnerabilities in Acrobat and Acrobat Reader products for Windows and macOS. The tech company addressed many critical vulnerabilities in its products, […] | |||
|
2019-05-14 23:29:05 | Millions of computers powered by Intel chips are affected by MDS flaws (lien direct) | Millions of computers powered by Intel processors are affected by a new class of vulnerabilities (MDS) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could be exploited with new side-channel attack methods dubbed Fallout, RIDL (Rogue In-Flight Data Load), and ZombieLoad. “On May […] | |||
|
2019-05-14 14:17:04 | Thrangrycat flaw could allow compromising millions of Cisco devices (lien direct) | Security firm Red Balloon discovered a severe vulnerability dubbed Thrangrycat, in Cisco products that could be exploited to an implant persistent backdoor in many devices. Experts at Red Balloon Security disclosed two vulnerabilities in Cisco products. The first issue dubbed Thrangrycat, and tracked as CVE-2019-1649, affects multiple Cisco products that support Trust Anchor module (TAm). could be […] | Vulnerability | ||
|
2019-05-14 12:48:00 | North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal (lien direct) | The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. ScarCruft has been active since at least 2012, it made the headlines in early February […] | Cloud | APT 37 | |
|
2019-05-14 10:06:00 | Malware Training Sets: FollowUP (lien direct) | The popular expert Marco Ramilli provided a follow up to its Malware classification activity by adding a scripting section which would be useful for several purposes. On 2016 I was working hard to find a way to classify Malware families through artificial intelligence (machine learning). One of the first difficulties I met was on finding […] | Malware | ||
|
2019-05-14 08:02:01 | WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware (lien direct) | Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568, that has been exploited to remotely install spyware on phones by calling the targeted device. WhatsApp did not name the threat […] | Vulnerability Threat | ||
|
2019-05-14 06:57:03 | (Déjà vu) Unprotected DB exposed PII belonging to nearly 90% of Panama citizens (lien direct) | Personally identifiable information belonging to roughly 90% of Panama citizens were exposed on a poorly configured Elasticsearch server. Security researcher Bob Diachenko discovered an unprotected Elasticsearch server exposing personally identifiable information belonging to nearly 90% of Panama citizens. Exposed data includes full names, birth dates, national ID numbers, medical insurance numbers, and other personal data. […] | |||
|
2019-05-13 19:57:04 | CVE-2019-11815 Remote Code Execution affects Linux Kernel prior to 5.0.8 (lien direct) | Security experts have found a race condition vulnerability (CVE-2019-11815) in Linux Kernel Prior to 5.0.8 that expose systems to remote code execution. Linux systems based on kernel versions prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free that could be exploited by hackers to get remote code execution. […] | Vulnerability Guideline | ||
|
2019-05-13 14:07:05 | Facebook sues data analytics firm Rankwave over alleged data misuse (lien direct) | Facebook sues South Korean data analytics firm Rankwave over alleged data misuse and violation of social network’s rules. Facebook filed a lawsuit against Rankwave in a California State court in Silicon Valley to verify if the analytics firm is violating the rules of the social network giant. Facebook is asking the court to audit the […] | |||
|
2019-05-13 12:18:00 | Reading the Yoroi Cyber Security Annual Report 2018 (lien direct) | Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. For this reason, analyzing the last year occurred events would help cyber-security professionals to prevent further attacks during the next few months. In many cases the attacks […] | Malware | ||
|
2019-05-13 10:24:01 | Over 10k+ GPS trackers could be abused to spy on individuals in the UK (lien direct) | A vulnerability in a GPS tracker used by elderly people and kids could be exploited by an attacker to spy on individuals using it. Researchers at Fidus Information Security discovered a vulnerability in GPS trackers used by elderly people and kids could be exploited to spy on them. Experts discovered that the safety device can […] | Vulnerability | ||
|
2019-05-13 07:59:00 | Expert discovered how to brick all Samsung mobile phones (lien direct) | The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones. French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to brick all Samsung mobile phones. Baptiste bought a Samsung mobile phone a few months ago and decided to analyze it. After a few hours of tests, he discovered an unprotected receiver in […] | |||
|
2019-05-13 06:52:04 | Pacha Group declares war to rival crypto mining hacking groups (lien direct) | Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group, wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner. The Pacha Group’s attack chain starts […] | |||
|
2019-05-12 15:22:05 | Hacking the \'Unhackable\' eyeDisk USB stick (lien direct) | The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device's password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the device's password […] |
To see everything:
Our RSS (filtrered)
