What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-12 18:19:00 | APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools (lien direct) | The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […] | APT33 APT 33 | ||
|
2018-04-12 16:31:00 | CVE-2018-0950 flaw in Microsoft Outlook could be exploited to steal Windows Passwords (lien direct) | An 18-month-old CVE-2018-0950 vulnerability in Microsoft Outlook could be exploited by hackers to steal the Windows Password. Almost 18 months ago, the security researcher Will Dormann of the CERT Coordination Center (CERT/CC) has found a severe vulnerability in Microsoft Outlook (CVE-2018-0950), time is passed but Microsoft partially addressed it with the last Patch Tuesday updates. […] | |||
|
2018-04-12 07:51:03 | Researchers discovered several flaws that expose electrical substations to hack (lien direct) | The ICS-CERT and Siemens published are warning organizations of security flaws in Siemens devices (SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices) that could be exploited by hackers to target electrical substations. “Successful exploitation of these vulnerabilities could allow an attacker to upload a modified device configuration that could overwrite access authorization passwords, or allow an […] | |||
|
2018-04-12 06:14:02 | SAP April 2018 Security Patch Day address critical flaws in web browser controls in SAP Business Client (lien direct) | SAP released the April 2018 Security Patch Day, a collection of ten security patches that also address critical vulnerabilities in web browser controls in SAP Business Client. SAP also released 2 updates to previously released security notes, one note was rated Hot News, 4 were rated High Priority, and 7 were rated Medium Priority. The most […] | |||
|
2018-04-11 10:52:00 | AMD and Microsoft release microcode and operating system updates against Spectre flaw (lien direct) | AMD released patches for Spectre Variant 2 attack that includes both microcode and operating system updates. AMD and Microsoft worked together to issue the updates on Tuesday. AMD and Microsoft released the microcode and security updates for Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive […] | |||
|
2018-04-11 08:36:02 | Microsoft April Patch Tuesday – Update your system now to avoid being hacked by visiting a site (lien direct) | Microsoft has released April Patch Tuesday security updates that address 66 vulnerabilities, five of them could be exploited by an attacker to compromise a PC by just tricking the victims into visiting a website or opening a specifically crafted file. Hackers can compromise your computer just visiting a malicious website or clicking a malicious link. […] | |||
|
2018-04-11 05:59:02 | Adobe April Security Bulletin Tuesday fixed 4 critical flaws in Flash (lien direct) | Adobe April Security Bulletin Tuesday is out, the company has addressed four critical vulnerabilities in the Flash Player. Adobe April Security Bulletin has addressed a total of 19 vulnerabilities in its products, including Flash Player, Experience Manager, InDesign CC, Digital Editions, ColdFusion and the PhoneGap Push plugin. The company has released the Flash Player version 29.0.0.140 that fixed […] | |||
|
2018-04-10 18:28:02 | (Déjà vu) Top VEVO Music videos Including \'Despacito\' defaced by hackers (lien direct) | Some of the most popular music VEVO videos on YouTube, including the world's most popular video ‘Despacito’ has been hacked by a duo calling themselves Prosox and Kuroi’SH. Some of the most popular music videos on YouTube, including the world's most popular YouTube video ‘Despacito’ has been hacked. Popular videos of pop stars like Shakira, Drake, Selena Gomez, […] | |||
|
2018-04-10 17:30:04 | SirenJack flaw in Emergency Alert Systems could be exploited to trigger false alarms (lien direct) | “SirenJack is a vulnerability found in ATI Systems' emergency alert systems that can be exploited via radio frequencies (RF) to activate sirens and trigger false alarms.” Security experts at Bastille have devised a new technique, dubbed SirenJack to remotely hack emergency warning systems. Emergency warning systems are used worldwide to alert the public of emergency situations […] | |||
|
2018-04-10 12:51:00 | Public services at the Caribbean island Sint Maarten shut down by a cyber attack (lien direct) | A cyber attack shut down the entire government infrastructure of the Caribbean island Sint Maarten. public services were interrupted. A massive cyber attack took offline the entire government infrastructure of the Caribbean island Sint Maarten. it is a constituent country of the Kingdom of the Netherlands. Government building remained closed after the attack. “The Ministry of General Affairs hereby informs […] | |||
|
2018-04-10 08:15:01 | (Déjà vu) Booby-trapped Office docs build with ThreadKit trigger CVE-2018-4878 flaw (lien direct) | Microsoft Office documents created with the exploit builder kit dubbed ThreadKit now include the code for CVE-2018-4878 flaw exploitation. At the end of March, security experts at Proofpoint discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking Trojans and RATs (i.e. Trickbot, Chthonic, FormBook and Loki Bot). […] | |||
|
2018-04-10 07:24:00 | Linux open source utility Beep is affected by several vulnerabilitues (lien direct) | Researchers have discovered several vulnerabilities in the Linux command line tool Beep, some experts suggest to remove the utility from distros. An unnamed security researcher has found several vulnerabilities in the Linux command line tool Beep, including a severe flaw introduced by a patch for a privilege escalation vulnerability. Beep is a small open source utility […] | |||
|
2018-04-09 12:54:02 | Sodexo Filmology data breach – Users need cancel their credit cards (lien direct) | Sodexo food services and facilities management company notified a number of customers that it was the victim of a targeted attack on its cinema vouchers platform Sodexo Filmology. Sodexo food services and facilities management company notified a number of customers that it was the victim of a targeted attack on its cinema vouchers platform, Filmology […] | |||
|
2018-04-09 09:39:02 | Verge Cryptocurrency suffered a cyber attack, dev team responded with an Hard Fork (lien direct) | The verge (XVG) currency schema was attacked last week, the hacker reportedly making off with $1 million-worth of tokens. The dev team responded with an Hard Fork. Ripple (XRP) and Verge (XVG) are two cryptocurrencies that attracted many investors in the last months. Last week attackers hackers the Verge cryptocurrency system by exploiting a vulnerability in […] | |||
|
2018-04-09 07:29:01 | Crooks distribute malware masquerade as fake software updates and use NetSupport RAT (lien direct) | Researchers at FireEye have spotted a hacking campaign leveraging compromised websites to spread fake updates for popular software that were also used to deliver the NetSupport Manager RAT. NetSupport is an off-the-shelf RAT that could be used by system admins for remote administration of computers. In the past, crooks abuse this legitimate application to deploy malware on victim’s […] | |||
|
2018-04-09 05:41:04 | Vigilante hackers strike Russia and Iran Networks exploiting Cisco CVE-2018-0171 flaw (lien direct) | Last week, the hacking crew “JHT” launched a hacking campaign exploiting Cisco CVE-2018-0171 flaw against network infrastructure in Russia and Iran. Last week, the hacking crew “JHT” launched a hacking campaign against CISCO devices in Russian and Iranian networks. The hackers exploited the Cisco CVE-2018-0171 Smart Install to reset the routers to the startup-config and reboot […] | |||
|
2018-04-08 15:47:00 | Auth0 authentication bypass issue exposed enterprises to hack (lien direct) | Auth0, one of the biggest identity-as-a-service platform is affected by a critical authentication bypass vulnerability that exposed enterprises to hack. Auth0, one of the biggest identity-as-a-service platform is affected by a critical authentication bypass vulnerability that could be exploited by attackers to access any portal or application which are using it for authentication. Auth0 implements a token-based authentication model for a […] | |||
|
2018-04-08 13:24:04 | ATMJackpot, a new strain of ATM Malware discovered by experts (lien direct) | A new strain of ATM jackpotting malware dubbed ATMJackpot has been discovered by experts at Netskope Threat Research Labs. The malware is still under development and appears to have originated in Hong Kong, it has a smaller system footprint compared with similar threats. “Netskope Threat Research Labs has discovered a new ATM malware, “ATMJackpot.” The malware […] | |||
|
2018-04-08 09:02:01 | Security Affairs newsletter Round 157 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · Airbnb China will share hosts information with the government · Any social media […] | |||
|
2018-04-08 08:22:03 | Experts spotted a campaign spreading a new Agent Tesla Spyware variant (lien direct) | A new variant of the infamous Agent Tesla spyware was spotted by experts at Fortinet, the malware has been spreading via weaponize Microsoft Word documents. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware […] | Tesla | ||
|
2018-04-07 19:25:01 | After Cambridge Analytica Facebook COO Sandberg admits other possible misuses (lien direct) | After the Cambridge Analytica privacy scandal, Facebook chief operating officer Sheryl Sandberg admitted that the company cannot rule out other cases of misuse. In the wake of recent revelations about the Cambridge Analytica scandal, Facebook Chief operating officer Sheryl Sandberg doesn’t exclude other data misuse. Sandberg gave two interviews last weeks to National Public Radio and NBC’s “Today […] | |||
|
2018-04-07 13:58:00 | 130,000 Finnish user data exposed in third largest data breach ever happened in the country (lien direct) | Personal information belonging to more than 130,000 Finnish citizens have been compromised in the third largest data breach ever happened in the country. The data breach affected a website maintained by the New Business Center in Helsinki (“Helsingin Uusyrityskeskus”), that is company that provides business advice to entrepreneurs. “Data batches have overwritten username and password for over 130,000 […] | |||
|
2018-04-07 07:49:01 | New variant of the Mirai Botnet targets the financial industry (lien direct) | Early this year at least three European financial institutions were hit by DDoS attacks powered by a new variant of the Mirai botnet. A variant of the Mirai botnet, composed at lease of 13,000 compromised IoT devices was used to launch a series of DDoS attacks against financial sector businesses. The DDoS attacks peaked at up […] | |||
|
2018-04-06 18:16:04 | VirusTotal presents its new Android Droidy sandbox (lien direct) | VirusTotal announced on Thursday the launch of a new Android sandbox, named Droidy sandbox, that will replace the previous one that was designed in 2013. “Recently we called out Additional crispinness on the MacOS box of apples sandbox, continuing with our effort to improve our malware behavior analysis infrastructure we are happy to announce […] | ★★★★ | ||
|
2018-04-06 12:50:05 | A Remote Code Execution Vulnerability found in the Spring Framework. Upgrade it now! (lien direct) | Security experts have discovered a vulnerability in the Spring Framework that could be exploited by a remote attacker to execute arbitrary code on applications built with it. Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of them could be exploited by a remote attacker to execute arbitrary code on applications built […] | |||
|
2018-04-06 07:28:00 | [24]7.ai Payment Card Breach affected major firms, including Best Buy, After Delta Air Lines and Sears Holdings (lien direct) | A payment card breach suffered by [24]7.ai. between September 26 and October 12, 2017, is impacting major firm, including Best Buy, After Delta Air Lines and Sears Holdings. Another day another data breach, while media are reporting the securityb breach suffered Delta Air Lines and Sears Holdings due to the [24]7.ai a payment card brech, […] | |||
|
2018-04-06 04:50:00 | Cisco Smart Install Protocol misuse could expose critical infrastructure to attacks (lien direct) | Cisco PSIRT has published a new security advisory for abuse of the Smart Install protocol, the IT giant has identified hundreds of thousands of exposed devices online. Cisco is advising organizations that hackers could target its switches via the Smart Install protocol. The IT giant has identified hundreds of thousands of exposed devices and warned critical infrastructure […] | |||
|
2018-04-05 18:23:02 | OSX_OCEANLOTUS.D, a new macOS backdoor linked to APT 32 group (lien direct) | Security experts at Trend Micro have discovered a new macOS backdoor that they linked to the APT 32 (OceanLotus, APT-C-00, SeaLotus, and Cobalt Kitty) cyber espionage group. The APT32 group has been active since at least 2013, according to the experts it is a state-sponsored hacking group. The hackers hit organizations across multiple industries and have also targeted foreign […] | APT 32 | ★★ | |
|
2018-04-05 16:22:02 | Zuckerberg admitted public data of its 2.2 billion users has been scraped by Third-party entities (lien direct) | Third-party scrapers have exploited an issue in the Facebook 's search function that allows anyone to look up users via their email address or phone numbers. Facebook revealed on Wednesday that 87 million users have been affected by the Cambridge Analytica case, much more than 50 million users initially thought. Facebook is the middle of a storm, Mark […] | |||
|
2018-04-05 09:22:01 | North Korea-Linked Lazarus APT suspected for online Casino assault (lien direct) | The North Korea-linked APT group known as Lazarus made the headlines again for attacking an online casino in Central America and other targets. The activity of the Lazarus Group (aka Hidden Cobra) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […] | Medical | APT 38 | |
|
2018-04-05 06:46:03 | Facebook: Cambridge Analytica scandal affected 87 Million users (lien direct) | Facebook revealed on Wednesday that 87 million users have been affected by the Cambridge Analytica case, much more than 50 million users initially thought. The social network giant recently unveiled clearer terms of service to ensure transparency to its users about data sharing. Facebook’s chief technology officer Mike Schroepfer provided further details on the case, including new estimations […] | |||
|
2018-04-04 19:12:00 | Thousands of compromised Magento websites delivering Malware (lien direct) | Hackers compromised hundreds of Magento e-commerce websites to steal credit card numbers and install crypto-mining malware. According to the security firm Flashpoint, hackers launched brute-force attacks against Magento installs, they used a dictionary composed of common and known default Magento credentials. “Ecommerce websites running on the popular open-source Magento platform are being targeted by attackers who are using […] | ★★★ | ||
|
2018-04-04 13:58:00 | (Déjà vu) Microsoft issued out-of-band patch to fix CVE-2018-0986 Malware Protection Engine flaw (lien direct) | On April 3, Microsoft Out-Of-Band Security Update to address the CVE-2018-0986 vulnerability affecting the Microsoft Malware Protection Engine (MMPE). Microsoft Malware Protection Engine is the core component for malware detection and cleaning of several Microsoft anti-malware software. It is currently implemented in Windows Defender, Microsoft Security Essentials, Microsoft Endpoint Protection, Windows Intune Endpoint Protection, and Microsoft Forefront Endpoint […] | |||
|
2018-04-04 12:52:03 | Many natural gas pipeline operators in the U.S. Gas affected by cyberattack (lien direct) | Natural gas pipeline operators in the United States have been affected by a cyber attack that hit a third-party communications system. The hackers targeted the Latitude Technologies unit at the Energy Services Group, but the attack did not impact operational technology. At least four US pipeline operators were affected by the attack on their electronic systems, […] | |||
|
2018-04-04 10:54:04 | KevDroid Android RAT can steal private data and record phone calls (lien direct) | Security researchers discovered a new Android Remote Access Trojan (RAT) dubbed KevDroid that can steal private data and record phone calls. Security researchers at South Korean cybersecurity firm ESTsecurity have discovered a new strain of Android Trojan KevDroid that is being distributed disguised as a fake anti-virus application, dubbed “Naver Defender.” “Spear phishing attacks targeting Android […] | |||
|
2018-04-04 06:16:00 | Panera Bread left millions of customer records exposed online for months (lien direct) | The website belonging to the Panera Bread restaurant chain, Panerabread.com, exposed personal information in plain text for months. The company has more than 2,100 retail locations in the United States and Canada, its customers could order food online for pickup in stores or for delivery. Panera Bread exposed the data at least for eight months after […] | |||
|
2018-04-03 13:59:01 | Project Kalamata – Apple will replace Intel processors in Macs with its custom designed chips (lien direct) | In the wake of the discovery of severe flaws in Intel chips, so-called Meltdown andSpectre vulnerabilities, Apple announced it plans to use custom-designed ARM chips in Mac computers starting as early as 2020. The move aims to replace the Intel processors running on its desktop and laptop systems like done for its own A-series custom chips […] | |||
|
2018-04-03 12:48:01 | Google to banish cryptocurrency mining extensions from official Chrome Web Store (lien direct) | Google will ban cryptocurrency mining extensions from the official Chrome Web Store after finding many of them abusing users’ resources without consent. The number of malicious extensions is rapidly increased over the past few months, especially those related to mining activities. The company has introduced a new Web Store policy that bans any Chrome extension submitted to […] | |||
|
2018-04-03 10:15:01 | Grindr shared people\' HIV status with other companies (lien direct) | An analysis conducted by the Norwegian research nonprofit SINTEF revealed that the popular Grindr gay dating app is sharing its users' HIV status with two other companies. Grindr gay-dating app made the headlines again, a few days ago an NBC report revealed that the app was affected by 2 security issues (now patched) that could have exposed […] | |||
|
2018-04-03 07:50:05 | Fin7 hackers stole 5 Million payment card data from Saks Fifth Avenue and Lord & Taylor Stores (lien direct) | FIN7 hackers stole credit and debit card information from millions of consumers who have purchased goods at Saks Fifth Avenue and Lord & Taylor stores. A new data breach made the headlines, the victim is Saks Fifth Avenue and Lord & Taylor stores. According to the parent company Hudson’s Bay Company (HBC), the security breach […] | |||
|
2018-04-03 06:39:03 | 70% of VPN Chrome Extensions Leak Your DNS (lien direct) | Researchers John Mason with the help of TheBestVPN.com the ethical hacker File Descriptor from Cure53 tested 15 VPN services and 10 of them were causing DNS leaks through their Chrome browser extensions. Intro Google Chrome has a feature called DNS Prefetching(https://www.chromium.org/developers/design-documents/dns-prefetching) which is an attempt to resolve domain names before a user tries to follow a link. It's a solution to reduce latency delays […] | |||
|
2018-04-02 18:44:04 | HiddenMiner Android Cryptocurrency miner can brick your device (lien direct) | Researchers at Trend Micro recently discovered a new strain of Android miner dubbed ANDROIDOS HIDDENMINER that can brick infected devices Crooks are looking with increasing interest cryptocurrency mining malware developed for mobile devices. Researchers at Trend Micro recently discovered a new strain of Android malware dubbed ANDROIDOS HIDDENMINER that abuse device CPU to mine Monero cryptocurrency. HiddenMiner […] | |||
|
2018-04-02 09:41:02 | After Cambridge Analytica scandal Facebook announces Election security Improvements (lien direct) | After Cambridge Analytica case, Facebook announced security improvements to prevent future interference with elections. Facebook is under the fire after the revelation of the Cambridge Analytica case and its role in the alleged interference to the 2016 US presidential election. While the analysts are questioning about the interference with other events, including the Brexit vote, Facebook is now looking […] | |||
|
2018-04-02 09:14:04 | MITRE is evaluating a service dubbed ATT&CK for APT detection (lien direct) | MITRE is evaluating a new service dubbed ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) for APT detection. MITRE is going to offer a new service dubbed ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) to evaluate products based on their ability in detecting advanced persistent threats. “MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a […] | |||
|
2018-04-02 07:39:05 | VPNs & Privacy Browsers leak users\' IPs via WebRTC (lien direct) | The security researcher Dhiraj Mishra (@mishradhiraj_) has studied how VPNs & Privacy Browsers leak users’ IPs via WebRTC Hi Internet, You might have heard about VPN’s & Privacy Browsers leaking users’ IPs via WebRTC [1] [2] Summary: Got CVE-2018-6849 reserved, wrote a Metasploit Module for this issue which uses WebRTC and collects the leak private IP address, however this module may […] | |||
|
2018-04-01 17:53:02 | Philippine central bank has thrown an alert after SWIFT hackers hit Malaysia central bank (lien direct) | The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the SWIFT servers at the Malaysian central bank. The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the Malaysian central bank. According to Malaysian governor, the hackers attempted to steal money through fraudulent wire […] | |||
|
2018-04-01 15:48:03 | Airbnb China will share hosts information with the government (lien direct) | Airbnb China announced that it will share user data belonging to Chinese users with the Government to comply with national laws and regulations. Airbnb announced that it will share user data belonging to Chinese users with the Government. The company is notifying the Chinese users it will share guest’s information with local authorities to comply […] | |||
|
2018-04-01 13:17:03 | Apple macOS issues reveal passwords for APFS encrypted volumes in plaintext (lien direct) | A security expert discovered severe security issues in APFS file system for macOS High Sierra that expose passwords of encrypted external drives in plain text. A vulnerability in APFS file system for macOS High Sierra operating system has been discovered by forensic analyst Sarah Edwards. According to Edwards, the flaw exposes passwords of encrypted external drives in plain text. […] | |||
|
2018-04-01 09:56:01 | Security Affairs newsletter Round 156 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · A new massive cryptomining campaign target Linux servers exploiting old flaw · The […] | |||
|
2018-04-01 08:15:02 | Any social media accounts to declare? Visa applicants would have to declare them (lien direct) | The US Department of State wants to ask visa applicants to provide details on the social media accounts they’ve managed in the past five years. The US Government wants to make it mandatory for all foreigners (immigrant /non-immigrant) to provide social media details, telephone numbers, email addresses, and international travel during this period. when applying for […] |
To see everything:
Our RSS (filtrered)
