What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-25 08:13:01 | Expert devised a exploit for a Code Execution vulnerability in NVIDIA Tegra Chipsets (lien direct) | Security researchers Kate Temkin discovered a vulnerability in the NVIDIA Tegra chipsets that could be exploited for the execution of custom code on locked-down devices. The expert devised an exploit, dubbed Fusée Gelée, that leverages a coldboot vulnerability to gain full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM). The exploitation of […] | |||
|
2018-04-24 21:23:05 | SAFERVPN CVE-2018-10308 VULNERABILITY, FROM DOS TO DEANONYMIZATION (lien direct) | Researchers Paulos Yibelo explored a vulnerability he found in SaferVPN Chrome Extension. The vulnerability tracked as CVE-2018-10308 should help malicious actors to retrieve vital information such as IP addresses when a user visits a website. After my last month’s finding in Hotspot Shield, I decided to look at and audit more VPNs to see how […] | |||
|
2018-04-24 19:18:00 | BeatCoin – Researchers demonstrate how to steal Cold Wallet Keys from Air-Gapped PCs (lien direct) | Israeli researchers presented their new research named BeatCoin, it is an experiment wherein they demonstrate how to steal private keys for a cryptocurrency wallet installed on cold storage. How to protect cryptocurrency wallets? Many experts will tell you to store them in air-gapped networks, but let me remind you to check if Ben Gurion experts are far from […] | |||
|
2018-04-24 09:24:03 | CSE Malware ZLab – Malware Analysis Report: The Bandios malware suite (lien direct) | The researchers at CSE ZLab have spotted a new family of malware, tracked as Bandios malware spreading in the wild. The peculiarity of Bandios malware is the fact that this malware is in a rapid and constant evolution and development. Experts observed several versions of the malware stored on the same websites, they represent the evolution of […] | |||
|
2018-04-24 06:01:04 | Kaspersky\'s analysis of servers compromised by Energetic Bear shows the APT operates on behalf of others (lien direct) | Kaspersky analyzed the served compromised by the Energetic Bear APT and assumed with some degree of certainty that the group operates in the interests of or takes orders from customers that are external to it. Security experts at Kaspersky Lab ICS CERT have published a detailed analysis of the server compromised by the notorious Energetic […] | |||
|
2018-04-23 19:45:04 | Orangeworm cyber espionage group target Healthcare organizations worldwide (lien direct) | Symantec researchers have monitored the activity of a cyber espionage group tracked as Orangeworm that targets organizations in the healthcare sector. Security experts at Symantec have published a report on the activity of a cyber espionage group tracked as Orangeworm that targets healthcare organizations. “Symantec has identified a previously unknown group called Orangeworm that has […] | |||
|
2018-04-23 12:50:02 | Google Project Zero hacker discloses a Zero-Day in Windows Lockdown Policy (lien direct) | Google researcher has publicly disclosed a Windows 10 zero-day that could be exploited by attackers to bypass Windows Lockdown Policy on systems with User Mode Code Integrity (UMCI). Google has publicly disclosed a Windows 10 zero-day vulnerability that could be exploited by attackers to bypass Windows Lockdown Policy on systems with User Mode Code Integrity (UMCI) enabled […] | |||
|
2018-04-23 10:51:03 | Take These Steps to Secure Your WordPress Website Before It\'s Too Late (lien direct) | You might have heard that WordPress security is often referred to as hardening, WordPress website security is all about putting locks on doors and windows and having lookouts on each of your “towers.” You might have heard that WordPress security is often referred to as “hardening.” While the name might cause a few eyebrows to […] | |||
|
2018-04-23 08:29:02 | CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products (lien direct) | Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language (SAML). The CVE-2018-0229 flaw could be exploited by an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. “A vulnerability in the implementation of Security […] | |||
|
2018-04-23 06:57:01 | Health Stream left exposed online a database containing contact data for roughly 10,000 medics (lien direct) | An IT professional has discovered that the US healthcare company Health Stream left exposed online contact information for roughly 10,000 medics. The IT expert Brian Wethern has discovered that the US healthcare company Health Stream left exposed online a database containing contact information for roughly 10,000 medics. Wethern reported his discovery to Health Stream ten days ago, he explained that […] | |||
|
2018-04-22 17:25:03 | SunTrust unfaithful employee may have stolen data on 1.5 Million customers (lien direct) | SunTrust Banks Inc announced it discovered that a former employee may have attempted to download information on nearly 1.5 million clients and share it a criminal organization. A former employee at the SunTrust Bank may have stolen data on 1.5 million clients, including names, addresses, phone numbers, and account balances. “The company became aware of potential […] | |||
|
2018-04-22 13:57:00 | Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind RAT (lien direct) | Security experts at Trend Micro have spotted spam campaigns delivering XTRAT and DUNIHI Backdoors and Loki malware bundled with the Adwind RAT. Malware researchers at Trend Micro have uncovered a spam campaign that delivers the infamous Adwind RAT (aka jRAT) alongside the XTRAT backdoor (aka XtremeRAT) and the Loki info stealer. In a separate Adwind RAT spam campaign, the researchers observed the use […] | |||
|
2018-04-22 08:30:00 | (Déjà vu) Security Affairs newsletter Round 159 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · Microsoft engineer charged with money laundering linked to Reveton ransomware · TrueMove H, […] | |||
|
2018-04-22 08:08:05 | Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis (lien direct) | Researchers at MalwareHunterTeam have discovered a new strain of ransomware called RansSIRIA that encrypts victim’s files and then states it will donate the ransom to Syrian refugees. Unscrupulous cybercriminals try to exploit every situation, even the most dramatic incidents. In the past, crooks attempted to exploits the media attention on dramatic events such as the Boston Marathon, the […] | |||
|
2018-04-21 16:07:05 | AlienVault presents OTX Endpoint Threat Hunter, its innovative free endpoint scanning service (lien direct) | Threat intelligence firm AlienVault announced the launch of a free endpoint scanning service, called OTX Endpoint Threat Hunter. Threat intelligence firm AlienVault announced the launch of a free endpoint scanning service, called OTX Endpoint Threat Hunter, that allows private firms and security experts to identify threats in their networks. “OTX Endpoint Threat Hunter is a free threat-scanning […] | |||
|
2018-04-21 14:54:05 | (Déjà vu) Twitter bans Kaspersky from advertising its products through its platform (lien direct) | Twitter bans Kaspersky Lab from advertising its solutions on the platform citing DHS ban for its alleged ties with the Russian intelligence. Twitter bans Kaspersky Lab from advertising on its platform citing DHS ban for its alleged ties with Russian intelligence agencies. “At the end of January of this year, Twitter unexpectedly informed us about […] | |||
|
2018-04-21 13:07:03 | Attackers Fake Computational Power to Steal Cryptocurrencies from equihash Mining Pools (lien direct) | Security experts at 360 Core Security have recently detected a new type of attack which targets some equihash mining pools. After analysis, they found out the attacked equihash mining pools are using a vulnerable equihash verifier (equihashverify : https://github.com/joshuayabut/equihashverify) to verify miners' shares. There is a logic vulnerability in this verifier, so attacker can easily fake […] | |||
|
2018-04-21 08:08:02 | UK Teenager Kane Gamble who hacked CIA Chief and other US intel officials gets 2-year jail sentence (lien direct) | UK teenager Kane Gamble (18) who broke into the email accounts of top US intelligence and security officials including the former CIA chief John Brennan. was sentenced to two years in prison. The British hacker Kane Gamble (18) who broke into the email accounts of top US intelligence and security officials including the former CIA chief John Brennan. was […] | ★★ | ||
|
2018-04-20 17:20:02 | Exclusive – APT group exploited still unpatched zero-day in IE dubbed \'double play\' (lien direct) | Security researchers at the 360 Core Security observed an APT group exploiting a zero-day vulnerability in IE, dubbed 'double play'. The flaw is still unfixed. Security researchers at the 360 Core Security uncovered a zero-day vulnerability in IE, dubbed 'double play', that was triggered by weaponized MS Office documents. The experts have been observing an APT group targeting a […] | |||
|
2018-04-20 12:29:02 | iOS users can now use Google prompt on their devices via the Gmail app (lien direct) | Google announced that iOS users can now benefit from Google prompt feature via their Gmail application. Security and usability are crucial requirements for Google. Google announced that iOS users can now receive Google prompts via their Gmail application. “In 2017, we made Google prompt the primary choice for G Suite users turning on two-step verification for the first […] | |||
|
2018-04-20 09:26:02 | (Déjà vu) A flaw in LinkedIn feature allowed user data harvesting (lien direct) | The researcher Jack Cable (18) has discovered a vulnerability in LinkedIn, the AutoFill functionality, that allowed user data harvesting. While experts and people are discussing the Cambridge Analytica case another disconcerting case made the headlines, the private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. […] | |||
|
2018-04-20 07:57:04 | At least 20 Million Chrome users have installed malicious Ad Blockers from Chrome store (lien direct) | A security researcher has discovered five malicious Ad Blockers extensions in the Google Chrome Store that had been installed by at least by 20 million users. The security researcher Andrey Meshkov, co-founder of Adguard, has discovered five malicious Ad Blockers extensions in the Google Chrome Store that had been installed by at least by 20 […] | |||
|
2018-04-19 22:31:01 | New Windows Defender Browser Protection Chrome extension aims to protect them from online threats. (lien direct) | Microsoft announced the new Windows Defender Browser Protection extension that aims to protect them from online threats. Microsoft has a surprise for Chrome users in the Chrome Web Store, it’s the new Windows Defender Browser Protection extension that aims to protect them from online threats. The new extension will help users in avoiding phishing emails, as well as, […] | |||
|
2018-04-19 20:05:04 | Rockwell Automation Allen-Bradley Stratix and ArmorStratix switches are exposed to hack due to Cisco IOS flaws (lien direct) | Rockwell Automation is warning that its Allen-Bradley Stratix and ArmorStratix industrial switches are exposed to hack due to security vulnerabilities in Cisco IOS. According to Rockwell Automation, eight flaws recently discovered recently in Cisco IOS are affecting its products which are used in many sectors, including the critical manufacturing and energy. The list of flaws includes […] | |||
|
2018-04-19 17:50:04 | Private Intelligence agency LocalBlox leaked 48 Million personal data records (lien direct) | The private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. Oops … another data breach made the headlines and once again it was discovered by data leak hunters at Upguard. The private intelligence agency LocalBlox has left unsecured online an AWS […] | |||
|
2018-04-19 12:27:05 | Hacking Cisco WebEx with a malicious Flash file. Patch it now! (lien direct) | Cisco issues a critical patch to address a remote code execution vulnerability in the Cisco WebEx software, hurry up apply it now! Cisco has issued a critical patch to fix a serious vulnerability (CVE-2018-0112) in its WebEx software that could be exploited by remote attackers to execute arbitrary code on target machines via weaponized Flash files. The vulnerability […] | |||
|
2018-04-19 04:02:00 | (Déjà vu) Experts are observing Drupalgeddon2 (CVE-2018-7600) attacks in the wild (lien direct) | After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub experts started observing attackers using it to deliver backdoors and crypto miners. At the end of March, the Drupal Security Team confirmed that a “highly critical” vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on March 28th. The […] | |||
|
2018-04-18 19:51:03 | ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS (lien direct) | Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […] | |||
|
2018-04-18 18:15:04 | A flaw could allow easy hack of LG Network-attached storage devices (lien direct) | Network-attached storage devices manufactured by LG Electronics are affected by a critical remote code execution vulnerability that could be exploited by attackers to gain full control of the devices. The experts at the security firm VPN Mentor found a pre-auth remote command injection vulnerability that affects the majority of LG NAS device models. “we found a way to […] | |||
|
2018-04-18 09:52:02 | Probably you ignore that Facebook also tracks non-users across the web (lien direct) | Facebook explained how it is tracking Non-Users across the Internet and for which purposes it is using their metadata. Facebook is still in the middle of a storm for its conduct and the way it approached the privacy of its users after the Cambridge Analytica case. Now Facebook is under scrutiny after Zuckerberg testified in front […] | |||
|
2018-04-18 05:01:03 | Intel announced the new Threat Detection Technology and Security Essentials (lien direct) | Intel announced a new Threat Detection Technology and a framework of critical root-of-trust hardware security capabilities in its chips. Intel continues to innovate its products, the tech giant announced two new technologies, the Threat Detection Technology (TDT) and Security Essentials. The Threat Detection Technology leverages the silicon-level telemetry and functionality to allow security products detect sophisticated threats. […] | |||
|
2018-04-17 15:18:04 | UK NCSC, DHS and the FBI Warn of Russian hacking campaign on Western networks (lien direct) | UK NCSC, DHS, and the FBI warn of Russian hacking campaign on Western networks, state-sponsored hackers are targeting network infrastructure key components. US and Britain government agencies warn of Russian state-sponsored cyber attacks to compromise government and business networking equipment. Russian hackers aim to control the data flaw “to support espionage, extract intellectual property, maintain […] | |||
|
2018-04-17 08:10:02 | Roaming Mantis Malware Campaign Leverages Hacked Routers to Infect Android Users With Banking Trojan (lien direct) | According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. Imagine a nefarious person swapped out your […] | |||
|
2018-04-17 06:34:03 | UK GCHQ spy agency warns telcos of the risks of using ZTE equipment and services (lien direct) | The UK GCHQ intelligence agency warns UK telcos firms of the risks of using ZTE equipment and services for their infrastructure. The alert was issued by the National Cyber Security Centre that said the Chinese firm “would present risk to UK national security that could not be mitigated effectively or practicably”. Let’s remind that the ZTE […] | |||
|
2018-04-16 17:47:02 | Massive Ransomware attack cost City of Atlanta $2.7 million (lien direct) | According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million. In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta. The ransomware infection has caused the interruption of several city's online services, including “various internal […] | |||
|
2018-04-16 12:15:04 | Talos experts found many high severity flaws in Moxa EDR-810 industrial routers (lien direct) | Security experts at Cisco's Talos group have discovered a total of 17 vulnerabilities in Moxa EDR-810 industrial routers manufactured by Moxa. The Moxa EDR-810 is an integrated industrial multiport router that implements firewall, NAT, VPN and managed Layer 2 switch capabilities. These devices are used in industrial environments to protect systems such as PLC and SCADA systems […] | |||
|
2018-04-16 10:08:02 | Bitcoin web wallet addresses generated with a flawed library are exposed to brute-force attacks (lien direct) | Multiple vulnerabilities in the SecureRandom() function expose Bitcoin web wallet addresses generated by the flawed library to brute-force attacks. Old Bitcoin web wallet addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic vulnerability that could be exploited b attackers to steal funds. According to the experts, the popular […] | |||
|
2018-04-16 06:25:00 | Attackers exfiltrated a casino\'s high-roller list through a connected fish tank (lien direct) | Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby fish tank. Internet of things devices are enlarging our attack surface, smart devices are increasingly targeted by hackers in the wild. The case we are going to discuss demonstrate […] | |||
|
2018-04-15 19:55:05 | (Déjà vu) Microsoft engineer charged with money laundering linked to Reveton ransomware (lien direct) | The Microsoft network engineer Raymond Uadiale (41) is facing federal charges in Florida for the alleged involvement in Reveton Ransomware case. The man is suspected to have had a role in helping launder money obtained from victims of the Reventon ransomware. Uadiale currently works at Microsoft site in Seattle since 2014, according to Florida police between October […] | |||
|
2018-04-15 12:25:00 | UK GCHQ director confirmed major cyberattack on Islamic State (lien direct) | GCHQ director Jeremy Fleming announced this week that the U.K. has launched a major cyberattack on the Islamic State (IS) terrorist organization. According to the spy chief, the GCHQ the attack was launched in collaboration with the U.K. Ministry of Defence and has distributed operations of the Islamic State. The UK intelligence believes this is the first […] | |||
|
2018-04-15 08:46:03 | (Déjà vu) Security Affairs newsletter Round 158 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · ATMJackpot, a new strain of ATM Malware discovered by experts · Auth0 authentication […] | |||
|
2018-04-15 08:05:04 | TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak (lien direct) | TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak, 46000 people’s data store on an AWS bucked were left on accessible online, including driving licenses and passports. Let’s speak about a new data breach, this time the victim is TrueMove H, the biggest 4G mobile operator in Thailand. The operator exposed online […] | |||
|
2018-04-14 19:14:00 | Malware researcher have dismantled the EITest Network composed of 52,000 (lien direct) | Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […] | |||
|
2018-04-14 12:23:05 | Are your Android devices updated? Researchers say maybe no (lien direct) | Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […] | |||
|
2018-04-14 05:51:00 | Great Western Railway asks users to reset passwords due to a security breach (lien direct) | The British train company Great Western Rail announced it has suffered a security breach that affected at least 1,000 accounts out of more than a million. The company owned by the FirstGroup transport business runs trains between London, Penzance, and Worcester Great Western Rail is urging affected customers to change the password used to access the GWR.com portal, it also informed […] | |||
|
2018-04-13 18:59:03 | Experts warn threat actors are scanning the web for Drupal installs vulnerable to Drupalgeddon2 (lien direct) | After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub for “educational or information purposes,” experts started observing bad actors attempting to exploit the flaw. At the end of March, the Drupal Security Team confirmed that a “highly critical” vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on […] | |||
|
2018-04-13 14:08:01 | When the Russian Malware coder Gatsoev is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia (lien direct) | When the Russian young Malware coder is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia. Under the spotlight: the story of Atsamaz Gatsoev (aka “1ms0rry”) who has set up his illegal business. A new write-up made by a security researcher known as Benkow (@Benkow_) has been […] | |||
|
2018-04-13 11:24:04 | Experts uncovered a proxy botnet composed of over 65,000 routers exposed via UPnP protocol (lien direct) | Security researchers at Akamai have discovered a proxy botnet composed of more than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol. Crooks have compromised the devices of this multi-purpose proxy botnet to conduct a wide range of malicious activities, including spamming and phishing, click fraud, account takeover and credit card […] | |||
|
2018-04-13 07:41:01 | Uber agrees to new FTC settlement over 2016 data breach (lien direct) | Uber agrees to a new settlement with the Federal Trade Commission over the massive 2016 data breach, the authorities could assign civil penalties against the company if it will fail to share incident data with FTC. Uber agrees to a new settlement with the Federal Trade Commission over the massive 2016 data breach. “Uber Technologies, […] | Uber | ||
|
2018-04-13 05:17:00 | $3.3 Million stolen from main Coinsecure Bitcoin wallet (lien direct) | Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin, have been transferred from the main wallet to an account that is not under their control. CEO […] | ★★★★ |
To see everything:
Our RSS (filtrered)
