What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-11-17 14:02:05 | Protonmail hacked …. a very strange scam attempt (lien direct) | A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company. The ransom demand (archive.is link) was […] | |||
|
2018-11-17 08:57:04 | New set of Pakistani banks\' card dumps goes on sale on the dark web (lien direct) | According to the head of the Federal Investigation Agency's (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Group-IB experts discovered another large set of compromised payment cards details that was put on sale on Joker's Stash, one of the most popular underground hubs of stolen card data, on Nov. 13. The […] | |||
|
2018-11-17 08:34:05 | Japanese government\'s cybersecurity strategy chief has never used a computer (lien direct) | The Japanese government’s cybersecurity strategy chief Yoshitaka Sakurada is in the middle of a heated debate due to his admission about his cyber capability. Yoshitaka Sakurada admitting he has never used a computer in his professional life, despite the Japanese Government, assigned to the politician the responsibility for cybersecurity of the 2020 Tokyo Olympics. Sakurada was only […] | |||
|
2018-11-16 18:55:05 | Using Microsoft Powerpoint as Malware Dropper (lien direct) | Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. Microsoft Excel embedding macros or Microsoft Word with user actions (like links or external OLE objects) are the main players in […] | Malware | ||
|
2018-11-16 14:50:00 | Group-IB presented latest cybercrime and nation-state hacking trends in Asia (lien direct) | According to Group-IB's report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited […] | |||
|
2018-11-16 13:35:01 | Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit (lien direct) | Malware researchers at the Cybaze ZLab- Yoroi team spotted a new variant of the dangerous APT28 Lojax rootkit. A new variant of the infamous APT28 Lojax (aka Double-Agent) has been discovered by the Cybaze ZLab – Yoroi team. It is the latest version of the well-known rootkit Double-Agent, previously analyzed by ESET researchers. The behavior of […] | APT 28 | ||
|
2018-11-16 12:37:03 | tRat is a new modular RAT used by the threat actor TA505 (lien direct) | The threat actor TA505 behind many Dridex and Locky campaigns have been using a new Remote Access Trojan (RAT) dubbed tRat. Researchers at Proofpoint warns that the threat actor TA505 have been using a new Remote Access Trojan (RAT) dubbed tRat that implements a modular structure that was written in Delphi. The TA505 operates on a large scale, it was […] | Threat | ||
|
2018-11-16 07:42:01 | Two hacker groups attacked Russian banks posing as the Central Bank of Russia (lien direct) | Group-IB has detected massive campaigns targeting Russian financial institutions posing as the Central Bank of Russia. The emails were disguised to look as if they come from the Central Bank of Russia and FinCERT, the Financial Sector Computer Emergency Response Team. Group-IB experts have discovered that the attack on 15 November could have been carried out by the hacker […] | |||
|
2018-11-15 21:52:04 | (Déjà vu) Congress passes bill that create new Cybersecurity and Infrastructure Security Agency at DHS (lien direct) | The U.S. House of Representatives passed the CISA bill that creates a new cybersecurity agency at the Department of Homeland Security (DHS). The U.S. House of Representatives passed the CISA bill that creates a new cybersecurity agency at the Department of Homeland Security (DHS). In October, the Senate passed the Cybersecurity and Infrastructure Security Agency (CISA) […] | |||
|
2018-11-15 20:06:03 | Kaspersky Lab opens first Transparency Center in Zurich (lien direct) | Kaspersky Lab starts data processing for European users in Zurich and also launched the first Transparency Cente under the announced Transparency Initiative From today, malicious and suspicious files shared by users of Kaspersky Lab products in Europe will start to be processed in data centers in Zurich, initiating the first part of a relocation commitment […] | |||
|
2018-11-15 11:04:02 | Chinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTs (lien direct) | Chinese TEMP.Periscope cyberespionage group targeted a UK-based engineering company using TTPs associated with Russia-linked APT groups. Attribution of cyber attacks is always a hard task, in many cases attackers use false flags to masquerade their identities. Chinese hackers have targeted a UK-based engineering company using techniques and artifacts attributed to the Russia-linked APT groups Dragonfly and […] | Industrial | APT 40 | |
|
2018-11-15 09:22:02 | Senior German officials wants exclude Chinese firms from building 5G infrastructure (lien direct) | Senior German officials are making pressure on the government to exclude Chinese firms from building the country's 5G infrastructure. Many countries are going to build 5G infrastructure, but the approach of the government is completely different. Italian politicians seem to completely ignore the importance of 5G infrastructure for the growth of the country and the potential effects […] | |||
|
2018-11-15 07:31:03 | Pwn2Own Tokyo 2018 – iPhone X exploits paid over $100,000 (lien direct) | The Zero Day Initiative's Pwn2Own Tokyo 2018 is a success, participants earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones. During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000. The novelty […] | |||
|
2018-11-14 22:58:03 | Boffins discovered seven new Meltdown and Spectre attacks (lien direct) | Researchers who devised the original Meltdown and Spectre attacks disclosed seven new variants that leverage on a technique known as transient execution. In January, white hackers from Google Project Zero disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel. The expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could […] | |||
|
2018-11-14 16:50:00 | Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks (lien direct) | Kaspersky revealed that the CVE-2018-8589 Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East. Kaspersky Lab experts revealed that the CVE-2018-8589 Windows zero-day vulnerability addressed by Microsoft November 2018 Patch Tuesday has been exploited by an APT group in targeted attacks against entities in the Middle East. Kaspersky […] | |||
|
2018-11-14 13:44:01 | Adobe Patch Tuesday updates for November 2018 fix known Acrobat flaw (lien direct) | Adobe Patch Tuesday updates for November 2018 addresses three flaws in Flash Player, Acrobat and Reader, and Photoshop CC. Adobe Patch Tuesday updates for November 2018 fixes three flaws in Flash Player, Acrobat and Reader, and Photoshop CC. The most severe issue is an information disclosure vulnerability, tracked as CVE-2018-15979, due to the availability of the proof-of-concept […] | |||
|
2018-11-14 09:37:01 | The \'MartyMcFly\' investigation: Italian naval industry under attack (lien direct) | Experts at Yoroi's Cyber Security Defence Center along with Fincantieri's security team investigated the recently discovered Martymcfly malware attacks. Background On October 17th we disclosed the ‘MartyMcFly’ Threat (Rif. Analysis) where unknown attackers were targeting Italian naval industries. The analysis was cited by Kaspersky's ICS CERT who exposed a wider threat extension across multiple countries such as: […] | Malware Threat | ||
|
2018-11-14 07:06:05 | Facebook flaw could have exposed private info of users and their friends (lien direct) | Security experts from Imperva reported a new Facebook flaw that could have exposed private info of users and their friends A new security vulnerability has been reported in Facebook, the flaw could have been exploited by attackers to obtain certain personal information about users and their network of contacts. The recently discovered issue raises once again […] | Vulnerability | ||
|
2018-11-13 23:01:03 | Microsoft\'s Patch Tuesday updates for November 2018 fix actively exploited Windows flaw (lien direct) | Microsoft's Patch Tuesday updates for November 2018 fixed more than 60 vulnerabilities, including an actively exploited Windows flaw. Microsoft's Patch Tuesday updates for November 2018 addressed 63 vulnerabilities, including an actively exploited Windows privilege escalation vulnerability. Twelve of the flaws were rated as “Critical”, 49 are rated Important, two vulnerabilities were publicly known at the time […] | |||
|
2018-11-13 14:27:04 | Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers (lien direct) | Security firm Cylance has uncovered a sophisticated state-sponsored campaign, tracked as Operation Shaheen, against the Pakistan Air Force. According to the experts the campaign was carried out by a nation-state actor tracked as the White Company with access to zero-day exploits and exploit developers. “The preliminary findings detail one of the group's recent campaigns, a year-long espionage effort […] | |||
|
2018-11-13 13:00:05 | (Déjà vu) Cathay Pacific waited six months before disclosing the security breach (lien direct) | Cathay Pacific has admitted that it was under attack for three months and it took six months to disclose the data breach. At the end of October, Cathay Pacific Airways Limited, the flag carrier of Hong Kong, announced that had suffered a major data breach affecting up to 9.4 million passengers. Exposed data includes passport numbers, identity […] | Data Breach | ||
|
2018-11-13 08:51:04 | Google Services down due to BGP leak, traffic hijacked through Russia, China, and Nigeria (lien direct) | Google services were partially inaccessible on Monday due to a BGP leak that caused traffic redirection through Russia, China, and Nigeria. A BGP leak caused unavailability of Google service on Monday, the traffic was redirected through Russia, China, and Nigeria. At the time it is not clear if the incident was the result of an […] | |||
|
2018-11-13 07:51:02 | (Déjà vu) Expert found a way to bypass Windows UAC by mocking trusted Directory (lien direct) | David Wells, a security expert from Tenable, devised a method to bypass Windows' User Account Control (UAC) by spoofing the execution path of a file in a trusted directory. A security researcher from Tenable has discovered that is possible to bypass Windows' User Account Control (UAC) by spoofing the execution path of a file in a trusted […] | |||
|
2018-11-12 21:37:05 | Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor (lien direct) | The author of an IoT botnet is distributing a backdoor script for ZTE routers that also includes his own backdoor to hack script kiddies A weaponized IoT exploit script is being used by script kiddies, making use of a vendor backdoor account to hack the ZTE routers. Ironically, this is not the only backdoor in […] | Hack | ||
|
2018-11-12 14:41:01 | Reading the Android Ecosystem Security Transparency Report (lien direct) | According to Android Ecosystem Security Transparency Report the number of potentially harmful applications has fallen from 0.66% in Lollipop to 0.06% in Pie Google published the first Android Ecosystem Security Transparency Report that revealed that the number of potentially harmful applications (PHAs) discovered on Android 9 Pie devices has been reduced by half compared to the previous versions. According […] | |||
|
2018-11-12 13:46:05 | France seeks Global Talks on Cyberspace security and a “code of good conduct” (lien direct) | The French government announced a “Paris Call” for global talks about cyberspace security aimed at laying out a shared framework of rules. The French government is promoting a series of Global Talks on cyberspace security, it urges for a “code of good conduct” for states in the cyberspace. Events such as the interference in the 2016 Presidential election or […] | |||
|
2018-11-12 10:08:01 | A critical flaw in GDPR compliance plugin for WordPress exploited in the wild (lien direct) | A critical security vulnerability affects a GDPR compliance plugin for WordPress has been already exploited in the wild to take control of vulnerable websites. Users warn of cyber attacks exploiting a critical security vulnerability in the WordPress GDPR Compliance plugin for WordPress to take over of websites using it. The WordPress GDPR Compliance plugin was used by more than […] | Vulnerability | ||
|
2018-11-12 08:27:02 | Elon Musk BITCOIN Twitter scam, a simple and profitable fraud for crooks (lien direct) | Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts to implement a new fraud scheme. Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts (i.e. UK retailer Matalan, US publisher Pantheon Books, and official government Twitter accounts such as the Ministry of Transportation of Colombia and the National […] | |||
|
2018-11-11 13:58:00 | CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild (lien direct) | Experts at Volexity discovered that a recently patched remote code execution flaw (CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the wild. Security experts from Volexity reported that attackers in the wild are exploiting a recently patched remote code execution vulnerability affecting the Adobe ColdFusion. The flaw, tracked as CVE-2018-15961, is an unrestricted file upload vulnerability, successful exploitation could lead to […] | Vulnerability Guideline | ||
|
2018-11-11 10:30:03 | (Déjà vu) Security Affairs newsletter Round 188 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Apple T2 security chip in new MacBooks disconnects Microphone […] | |||
|
2018-11-11 10:04:04 | Linux Cryptocurrency miner leverages rootkit to avoid detection (lien direct) | Researchers from Trend Micro spotted a new cryptocurrency miner that leverages a rootkit component to hide its presence on the infected systems. Cryptocurrency malware continues to be a privileged choice for crooks and the number of victims is rapidly growing. Cryptocurrency miners are easy to detect due to the saturation of resources on the affected […] | Malware | ||
|
2018-11-10 14:47:00 | (Déjà vu) Symantec shared details of North Korean Lazarus\'s FastCash Trojan used to hack banks (lien direct) | North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs. The ATP group has been using this malware […] | Malware Hack Medical | APT 38 | |
|
2018-11-10 09:38:01 | VPN vs. proxy: which is better to stay anonymous online? (lien direct) | Most people prefer using proxies over VPN services because they are easy to use and mostly available for free, but can it be relied on for anonymity? Now and then, we get to hear news about data breaches and cyber attacks. As such, it does not come as a surprise that people are becoming more […] | |||
|
2018-11-10 08:56:05 | Nginx server security flaws expose more than a million of servers to DoS attacks (lien direct) | Nginx developers released security updates to address several denial-of-service (DoS) vulnerabilities affecting the nginx web server. nginx is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, it is used by 25.28% busiest sites in October 2018. Nginx development team released versions 1.15.6 and 1.14.1 to address two HTTP/2 implementation vulnerabilities that can […] | |||
|
2018-11-09 20:48:01 | VMware releases security patches for a critical virtual machine escape flaw (lien direct) | VMware released security patches for a critical virtual machine (VM) escape vulnerability that was recently discovered at a Chinese hacking contest. VMware has released security patches for a critical virtual machine (VM) escape vulnerability (CVE-2018-6981 and CVE-2018-6982) that was recently discovered by the researcher Zhangyanyu at the Chinese GeekPwn2018 hacking contest. The cause for the […] | Vulnerability | ||
|
2018-11-09 15:07:02 | Data from \'almost all\' Pakistani banks stolen, Pakistani debit card details surface on the dark web (lien direct) | According to the head of the Federal Investigation Agency's (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Almost all Pakistani banks were affected by a recent security breach, the shocking news was confirmed by the head of the Federal Investigation Agency's (FIA) cybercrime wing. “According to a recent report we […] | |||
|
2018-11-09 09:56:02 | Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder (lien direct) | Snowden warns of abuse of surveillance software that also had a role in the murder of the Saudi Arabian journalist Jamal Khashoggi. The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking […] | |||
|
2018-11-09 08:24:03 | Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy (lien direct) | Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy. Included in the […] | |||
|
2018-11-09 07:56:03 | BCMPUPnP_Hunter Botnet infected 400k routers to turn them in email spammers (lien direct) | Security researchers at 360 Netlab have discovered a new spam botnet, dubbed BCMPUPnP_Hunter, that likely already infected around 400,000 machines to date. Security experts from 360 Netlab security firm have recently discovered a new spam botnet, dubbed BCMPUPnP_Hunter, that mainly targets routers that have the BroadCom UPnP feature enabled. The BCMPUPnP_Hunter was first spotted in September, but researchers […] | Spam | ||
|
2018-11-08 21:02:01 | Compliance to Cybersecurity Requirements and False Claims Act (lien direct) | There’s a growing risk of companies receiving substantial fines for not complying with cybersecurity standards under False Claims Act. However, an emerging concern for businesses that act as contract-based service providers for government entities is that those establishments could also be liable under the False Claims Act (FCA). What Is the False Claims Act? The False […] | |||
|
2018-11-08 19:15:00 | 689,272 plaintext records of Amex India customers exposed online (lien direct) | Records associated with 689,272 plaintext records Amex India customers were exposed online via unsecured MongoDB server. Personal details of nearly 700,000 American Express (Amex India) India customers were exposed online via an unsecured MongoDB server. The huge trove of data was discovered by Bob Diachenko from cybersecurity firm Hacken, most of the records were encrypted, but […] | |||
|
2018-11-08 15:20:00 | Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide (lien direct) | Security researchers revealed in a recent paper that over the past years, China Telecom used BGP hijacking to misdirect Internet traffic through China. Security researchers Chris C. Demchak and Yuval Shavitt revealed in a recent paper that over the past years, China Telecom has been misdirecting Internet traffic through China. China Telecom was a brand of the […] | |||
|
2018-11-08 10:53:01 | U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal (lien direct) | The U.S. Cyber Command (USCYBERCOM) CNMF is sharing malware samples with the cybersecurity industry via VirusTotal intelligence service. The U.S. Cyber Command (USCYBERCOM) is providing unclassified malware samples to VirusTotal intelligence service with the intent of sharing them with cybersecurity industry. The USCYBERCOM's Cyber National Mission Force (CNMF) is going to share the unclassified malware samples on […] | Malware | ||
|
2018-11-08 08:27:00 | XSS flaw in Evernote allows attackers to execute commands and steal files (lien direct) | Security expert discovered a stored XSS flaw in the Evernote app for Windows that could be exploited to steal files and execute arbitrary commands. A security expert that goes online with the moniker @sebao has discovered a stored cross-site scripting (XSS) vulnerability in the Evernote application for Windows that could be exploited by an attacker to steal files and execute […] | |||
|
2018-11-07 23:27:05 | U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program (lien direct) | The United States Air Force announced earlier this week that it has launched the third bug bounty program called Hack the Air Force 3.0. The United States Air Force launched earlier this week its third bug bounty program, called Hack the Air Force 3.0, in collaboration with HackerOne. “Thank you for your interest in participating in HackerOne's U.S. […] | |||
|
2018-11-07 19:25:01 | A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores (lien direct) | A critical Remote Code Execution vulnerability affects eCommerce website running on WordPress and using the WooCommerce plugin. A critical vulnerability affects eCommerce website running on WordPress and using the WooCommerce plugin. WooCommerce is one of the major eCommerce plugins for WordPress that allows operators to easily build e-stores based on the popular CMS, it accounts for more than 4 million installations with 35% […] | Vulnerability | ||
|
2018-11-07 12:47:00 | Researcher discloses VirtualBox Zero-Day without reporting it to Oracle (lien direct) | Security expert disclosed the details of a zero-day flaw affecting Oracle's VirtualBox virtualization software without waiting for a patch from Oracle The security expert Sergey Zelenyuk has disclosed the details of a zero-day vulnerability affecting Oracle's VirtualBox virtualization software that could be exploited by an attacker to make a guest-to-host escape. Zelenyuk publicly disclosed the vulnerability […] | Vulnerability | ||
|
2018-11-07 11:25:00 | HSBC Bank USA notified customers of a security breach (lien direct) | HSBC Bank USA notified customers of a data breach that has happened between Oct 4 and Oct 14, unknown attackers were able to access their online accounts. HSBC Bank USA notified customers of a data breach that has happened between October 4 and October 14, unknown attackers were able to access online accounts of the financial institution. Exposed info […] | |||
|
2018-11-07 07:28:02 | Apache Struts users have to update FileUpload library to fix years-old flaws (lien direct) | Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. “Apache today released an advisory, urging users who run Apache Struts 2.3.x to […] | |||
|
2018-11-06 20:08:00 | Group-IB and CryptoIns introduce the world\'s first insurance against cyber threats for cryptocurrency exchanges (lien direct) | Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world's first scoring model for assessing cryptocurrency exchanges Group-IB, an international company that specializes in preventing cyber attacks, and a Swiss insurance broker ASPIS SA that owns CryptoIns project, have developed the world's first scoring model for assessing cryptocurrency exchanges cybersecurity, allowing the exchanges' clients to ensure their assets. According to CryptoIns analysts, […] |
To see everything:
Our RSS (filtrered)
