What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-02-03 14:50:21 | Japan\'s Financial Services Agency raided the Coincheck headquarters in Tokyo after the hack (lien direct) | Cryptocurrencies are in the middle of a Tempest, on Thursday India announced it would adopt measures to prevent the use of virtual currencies in the country, the value of Bitcoin dropped below $9,000 for the first time since November. Finance Minister Arun Jaitley, in his annual budget, explained its government would “take all measures to eliminate use […] | |||
|
2018-02-03 11:59:55 | JenX botnet leverages Grand Theft Auto videogame community to infect devices (lien direct) | >Researchers at security firm Radware have spotted a new IoT botnet, dubbed JenX, the leverages the Grand Theft Auto videogame community to infect devices. Researchers at security firm Radware have spotted a new IoT botnet, dubbed JenX, that exploits vulnerabilities triggered by the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect devices. […] | Satori | ||
|
2018-02-03 10:16:06 | Western Digital My Cloud flaws allows local attacker to gain root access to the devices (lien direct) | >Trustwave disclosed two vulnerabilities in Western Digital My Cloud network storage devices could be exploited by a local attacker to gain root access to the NAS devices. Researchers at Trustwave disclosed two new vulnerabilities in Western Digital My Cloud network storage devices could be exploited by a local attacker to delete files stored on devices or to […] | |||
|
2018-02-03 08:51:27 | Why are we all silent on the surveillance? (lien direct) | >Silicon Valley with its bright minds has come to a point where almost every day they collect information about individuals. Why are we all silent on the surveillance? NSA spying apart, what Facebook, Apple, and Google know about their usual users is quite overwhelming. Each of these major players is trying to find more about us. […] | |||
|
2018-02-02 22:16:10 | Chinese Iron Tiger APT is back, a close look at the Operation PZChao (lien direct) | >Chinese Iron Tiger APT is back, the new campaign, dubbed by Operation PZChao is targeting government, technology, education, and telecommunications organizations in Asia and the US. Malware researchers from Bitdefender have discovered and monitored for several months the activity of a custom-built backdoor capable of password-stealing, bitcoin-mining, and of course to gain full control of the […] | APT 27 | ||
|
2018-02-02 11:54:42 | DDG, the second largest mining botnet targets Redis and OrientDB servers (lien direct) | >Researchers at Qihoo 360’s Netlab analyzed a new campaign powered by the DDG botnet, the second largest mining botnet of ever, that targets Redis and OrientDB servers. A new Monero-mining botnet dubbed DDG was spotted in the wild, the malware targets Redis and OrientDB servers. According to the researchers at Qihoo 360’s Netlab, the DDG botnet […] | |||
|
2018-02-02 09:40:29 | Researchers discovered several zero-day flaws in ManageEngine products (lien direct) | >Security experts at Digital Defense have discovered several vulnerabilities in the products of the Zoho-owned ManageEngine. The list of vulnerabilities discovered includes a flaw that could be exploited by an attacker to take complete control over the vulnerable application. The flaws affect ServiceDesk Plus, Service Plus MSP, OpManager, Firewall Analyzer, Network Configuration Manager, OpUtils and NetFlow […] | |||
|
2018-02-02 08:24:11 | Watch out, cyber criminals are using fake FBI emails to infect your computer (lien direct) | >The FBI Internet Crime Complaint Center (IC3) is warning of a new malware campaign aimed at infecting victims with weaponized attachments. The Feds’ Internet Crime Complaint Center (IC3) is warning of a new spam campaign aimed at infecting victims with a ransomware. According to an alert issued on Wednesday by the IC3, numerous citizens filled complaints after received […] | |||
|
2018-02-01 22:17:44 | (Déjà vu) South Korea Warns of Flash Zero-Day flaw exploited by North Korea in surgical attacks (lien direct) | >South Korea's Internet & Security Agency (KISA) is warning of a Flash zero-day vulnerability that has reportedly been exploited in attacks by North Korea’s hackers. According to the alert published by the KISA, the vulnerability affects the latest Flash Player version 28.0.0.137 and earlier. The zero-day vulnerability could be exploited by an attack by tricking […] | |||
|
2018-02-01 18:07:03 | WannaMine, the sophisticated crypto miner that spreads via NSA EternalBlue exploit (lien direct) | >Researchers from security firm CrowdStrike spotted a new Monero crypto-mining worm dubbed WannaMine that spreads leveraging the NSA-linked EternalBlue exploit. This morning I wrote about the Smominru botnet that used NSA exploit to infect more than 526,000 systems, and I explained that other threat actors are using similar techniques to mine cryptocurrency. This is the case of […] | |||
|
2018-02-01 13:41:59 | Siemens fixed three flaws in plant management product Siemens TeleControl Basic system (lien direct) | >Siemens has patched three security vulnerabilities in its Plant Management Product, the Siemens TeleControl Basic system. The system is used in water treatment facilities, traffic monitoring systems, and energy distribution plants. The TeleControl Basic control center runs the TeleControl Server Basic software. The Siemens TeleControl Basic system allows organizations to monitor and control processes in […] | |||
|
2018-02-01 11:46:27 | Mining Smominru botnet used NSA exploit to infect more than 526,000 systems (lien direct) | >Researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that is using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. The number of cyber attacks against the cryptocurrency sector continues, vxers are focusing their efforts on the development of cryptocurrency/miner malware. Recently security experts observed cryptocurrency miners leveraging the NSA EternalBlue SMB exploit […] | |||
|
2018-02-01 06:02:38 | Malware exploiting Spectre and Meltdown flaws are currently based on available PoC (lien direct) | >Malware Exploiting Spectre, Meltdown Flaws Emerges Researchers at the antivirus testing firm AV-TEST have discovered more than 130 samples of malware that were specifically developed to exploit the Spectre and Meltdown CPU vulnerabilities. The good news is that these samples appear to be the result of testing activities, but experts fear that we could soon […] | |||
|
2018-01-31 22:19:53 | Mozilla fixes a critical remote code execution vulnerability in Firefox (lien direct) | >Mozilla has released security updates for Firefox 58 that addresses a critical remote code vulnerability that allows a remote attacker to run arbitrary code on vulnerable systems. Mozilla has released an update for the Firefox 58 browser (aka Firefox Quantum) that addresses a critical flaw that could be exploited by a remote attacker to execute […] | |||
|
2018-01-31 18:04:05 | Is ICEMAN behind the malware-based attack on Crystal Finance Millennium? (lien direct) | >Exclusive – The Iceman gang taking responsibility for infecting Crystal Finance Millennium, the journalist Marc Miller interviewd one of the members of the crew. Iceman gang member confirms that they are behind the introduction and spreading of malware that infected the systems at Crystal Finance Millennium. In Septemeber security experts at TrendMicro reported that the Ukraine based Account […] | |||
|
2018-01-31 17:02:01 | US Attorney General set up the Joint Criminal Opioid Darknet Enforcement team to fight online opioid trafficking (lien direct) | >The US Attorney General announced the creation of the Joint Criminal Opioid Darknet Enforcement team to fight online opioid trafficking. Tor network is still a privileged ecosystem for cyber criminals and pedos, law enforcement and intelligence agencies worldwide reserve a significative effort in fighting any illegal practice that leverages anonymizing networks. The US Attorney General […] | |||
|
2018-01-31 09:02:59 | Cybercriminals Stealing From Cybercriminals Ransomware Victims Left Stranded (lien direct) | >What do you get when you add Bitcoin, with a TOR network proxy and cybercriminals? Even more cybercrime! Bitcoin is the preferred cryptocurrency for ransomware payments. Like most cryptocurrencies it is largely anonymous, allowing the ransoming cybercriminals to collect their money while staying safely in the shadows. Even though Bitcoin is the most popular cryptocurrency, […] | |||
|
2018-01-31 06:48:28 | Once again, Oracle MICROS PoS have been breached (lien direct) | >Security experts from ERPScan discovered a new flaw in Oracle MICROS PoS terminals that could be exploited by an attacker to read sensitive data from devices. Security experts from ERPScan discovered a new directory traversal vulnerability in Oracle MICROS Point-of-Sale terminals, tracked as CVE-2018-2636, which could be exploited by an attacker to read sensitive data […] | |||
|
2018-01-30 18:24:16 | Three Dutch banks and Tax Agency under DDoS Attacks … is it a Russian job? (lien direct) | Three Dutch Banks (ABN AMRO, ING Bank, Rabobank) and Tax Agency were targeted by a coordinated DDoS Attacks a few days the revelation of the Russian APT Hack. Early this week a massive DDoS attack targeted three Dutch banks, ABN AMRO, ING Bank, Rabobank, and the Dutch Taxation Authority (Belastingdienst). The attack against the system of ABN AMRO started over the weekend, while […] | |||
|
2018-01-30 13:27:43 | Cisco ASA software is affected by a flaw with 10 out of 10 severity rating. Patch it asap (lien direct) | >Cisco released security updates to address a critical security vulnerability, tracked as CVE-2018-0101, in Cisco ASA software Cisco addressed a critical security flaw, tracked as CVE-2018-0101, in Adaptive Security Appliance (ASA) software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition causing the reload of the […] | |||
|
2018-01-30 11:42:54 | Crooks target ATMs with Ploutus-D malware, these are the first confirmed cases of Jackpotting in US (lien direct) | >Cybercriminals are targeting ATM machines in the US forcing them to spit out hundreds of dollars with ‘jackpotting‘ attacks. According to a senior US Secret Service official, the organization has managed to steal more than $1m from ATM machines using this technique. Once crooks gain physical access to the ATM, they will infect it with a […] | |||
|
2018-01-30 07:41:56 | Intel reportedly alerted Chinese companies before US Government about Meltdown and Spectre flaws (lien direct) | >According to the Wall Stree Journal, Intel reportedly alerted Chinese companies before US Gov about Meltdown and Spectre vulnerabilities. There is no peace for Intel, according to a report published by The Wall Street Journal the company warned Chinese tech giants about the Meltdown and Spectre vulnerabilities before notifying them to the US government. Citing unnamed […] | |||
|
2018-01-29 21:47:01 | #ThinkBeyond – Security solutions from market leaders may all fail in your particular environment (lien direct) | >Buying solutions proposed by analyst firms without carefully analyzing your organization expose it to cyber threats. It's time to #ThinkBeyond this broken paradigm. The cybersecurity market is expected to double by 2022, analysts estimated the growth could reach three hundred thousand dollars, at a Compound Annual Growth Rate (CAGR) of 11.0%. In the same period, the number […] | |||
|
2018-01-29 21:20:25 | Dridex banking Trojan and the FriedEx ransomware were developed by the same group (lien direct) | >Security researchers from ESET have tied another family of ransomware, dubbed FriedEx (aka BitPaymer), to the authors of the Dridex Trojan. The Dridex banking Trojan that has been around since 2014, it was involved in numerous campaigns against financial institutions over the years and crooks have continuously improved it. In April 2017, millions of people were targeted […] | |||
|
2018-01-29 15:04:37 | Military personnel improperly used Fitness Strava Tracker exposed their bases (lien direct) | >Military worldwide have publicly shared online their exercise routes recorded through the fitness tracker Strava revealing the fitness sessions conducted inside or near military bases We discussed many times privacy risks related to IoT devices, here we are to discuss an alarming case, fitness tracker Strava revealed details of Military Bases. American and allied military worldwide have publicly shared their exercise […] | |||
|
2018-01-29 11:51:18 | Over the weekend Microsoft rolled out out-of-band updates to disable mitigations for Spectre v2 attacks (lien direct) | >Over the weekend, Microsoft rolled out out-of-band updates to disable mitigations for one of the Spectre attack variants because they can cause systems to become unstable. The situation is becoming embarrassing! Just after the release of the Meltdown and Spectre security updates Intel excluded any problems for their deployments citing testing activities of conducted by other tech […] | |||
|
2018-01-29 09:53:16 | On Saturday Malwarebytes delivered a buggy update that caused excessive memory usage and crashes. (lien direct) | >On Saturday Malwarebytes issued a buggy update to its home and enterprise products that caused serious problems for the users, including excessive memory usage, connectivity issues, and in some cases system crashes. A buggy update rolled out over the weekend by Malwarebytes to its home and enterprise products caused serious problem for the users, including […] | |||
|
2018-01-29 08:54:18 | A new report from MALWAREBYTES reveals a rise of 90% on ransomware detection in business (lien direct) | >A new report from MALWAREBYTES titled “Malwarebytes Annual State of Malware Report” reveals a rise of 90% on ransomware detection in business. The report brings to light new trends on hackers activities and threats especially the rise of ransomware as a tool of choice. Researchers from MALWAREBYTES had gathered an enormous amount of data from […] | ★★★ | ||
|
2018-01-29 08:05:31 | Cybersecurity week Round-Up (2018, Week 4) (lien direct) | >Cybersecurity week Round-Up (2018, Week 4) -Let’s try to summarize the most important event occurred last week in 3 minutes. The threats that most of all characterized this week are IoT botnets and malvertising. Security experts at NewSky's believe the operators of the recently discovered Satori botnet are launching a new massive hacking campaign against routers to infect and recruit them in the […] | Satori | ||
|
2018-01-28 15:50:41 | (Déjà vu) Japan-based digital exchange Coincheck to refund to customers after cyberheist (lien direct) | >Coincheck announced it will refund about $400 million to 260,000 customers after the hack, the company will use its own funds. On Friday the news of the hack of the Japan-based digital exchange Coincheck caused the drop in the value of the major cryptocurrencies, the incident had a significant impact on the NEM value that dropped more than […] | |||
|
2018-01-28 10:51:00 | Iran-linked APT OilRig target IIS Web Servers with new RGDoor Backdoor (lien direct) | >The Iran-linked cyber-espionage group tracked as OilRig started using a backdoor subbed RGDoor to target Internet Information Services (IIS) Web servers. The Iran-linked cyber-espionage group tracked as OilRig started using a backdoor subbed RGDoor to target Internet Information Services (IIS) Web servers. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015, when targeted mainly organizations in the financial and […] | APT 34 | ||
|
2018-01-28 07:28:51 | Security Affairs newsletter Round 147 – News of the week (lien direct) | >A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·Â Â Â Â Â A hospital victim of a new SamSam Ransomware campaign paid $55,000 ransom ·Â Â Â Â Â OnePlus admitted hackers stole credit card information belonging to up to 40,000 customers ·Â Â Â Â Â Researchers found misconfigured Jenkins servers […] | |||
|
2018-01-28 07:21:09 | Attackers behind Cloudflare_solutions Keylogger are back, 2000 WordPress sites already infected (lien direct) | >More than 2,000 WordPress sites have been infected with a malicious script that can deliver both a keylogger and the cryptocurrency miner CoinHive. More than 2,000 sites running the WordPress CMS have been infected with a malicious script that can deliver both a keylogger and the in-browser cryptocurrency miner CoinHive. This new hacking campaign was […] | |||
|
2018-01-28 05:27:58 | Download URLs for two packages of the phpBB forum software were compromised (lien direct) | >Hacker compromised the download URLs of the popular phpBB forum software, for around three hours they were delivering infected versions of legitimate files. The popular phpBB free and open source forum software has been compromised by an unknown hacker. According to a security advisory released by the phpBB maintainers, the attacker has compromised download URLs for two […] | |||
|
2018-01-27 17:28:01 | Cybercriminals are offering for sale infant fullz on the dark web (lien direct) | >Cybercriminals are offering for sale infant fullz on the dark web, this is the first time that unscrupulous sellers offer this kind of merchandise on a black marketplace. Crooks are offering for sale Social Security numbers of babies on the dark web, the news was reported by the CNN. The news is disconcerting, this is the first time that unscrupulous […] | |||
|
2018-01-27 10:06:38 | Trend Micro spotted a malvertising campaign abusing Google\'s DoubleClick to deliver Coinhive Miner (lien direct) | >Trend Micro uncovered a spike in the number of Coinhie miners over the past few days, including Coinhive, apparently linked to Google’s DoubleClick ads that are proposed on YouTube and other sites. The number of cyber-attacks against cryptocurrencies is increased due to a rapid increase in the value of currencies such as Bitcoin and Ethereum. […] | |||
|
2018-01-27 08:46:53 | Hurry up, update your Lenovo Fingerprint Manager Pro if you use Windows 7, 8 and 8.1 (lien direct) | >Lenovo has fixed a hardcoded password vulnerability in Lenovo Fingerprint Manager Pro affecting a dozen laptop models running Windows 7, 8 and the 8.1 OS. The PC vendor Lenovo has fixed a hardcoded password vulnerability, tracked as (CVE-2017-3762), affecting a dozen Lenovo laptop models that run versions of Microsoft Windows 7, 8 and the 8.1 […] | |||
|
2018-01-26 19:34:03 | Cryptocurrencies Black Friday – Japan-based digital exchange Coincheck hacked (lien direct) | >It is a black Friday for cryptocurrencies, after the news of the hack of the Japan-based digital exchange Coincheck the value of major cryptocurrencies dropped. It is a black Friday for cryptocurrencies, the news of the hack of the Japan-based digital exchange Coincheck had a significant impact on their value. Coincheck was founded in 2012, it is one of […] | |||
|
2018-01-26 14:54:40 | Monero Crypto-Currency Mining Operation impacted 30 Million users (lien direct) | >Security experts from PaloAlto Networks uncovered a large-scale crypto-currency mining operation that involved around 30 million systems worldwide. Security experts from PaloAlto Networks have uncovered a large-scale crypto-currency mining operation active for over 4 months. Experts believe the activity involved around 30 million systems worldwide to mine the Monero cryptocurrency using the open-source XMRig utility. The threat […] | |||
|
2018-01-26 10:40:29 | The Dutch intelligence service AIVD \'hacked\' Russian Cozy Bear systems for years (lien direct) | Spying on spies – The hackers from the Dutch intelligence service AIVD ‘compromised’ for years the network of the Russian APT Cozy Bear. It’s not a mystery, technology firms that intend to work with Russia need to allow the Government experts to scan their code for backdoors and vulnerabilities. The problem is that this software […] | APT 29 | ||
|
2018-01-26 08:05:33 | Stealth CrossRAT malware targets Windows, MacOS, and Linux systems (lien direct) | >The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware used by Dark Caracal for surveillance. Last week a joint report published by security firm Lookout and digital civil rights group the Electronic Frontier Foundation detailed the activity of a long-running hacking group linked to the Beirut Government and tracked as Dark […] | |||
|
2018-01-25 21:58:15 | Maersk chair revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya Attack (lien direct) | >The shipping giant Maersk chair Jim Hagemann Snabe revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya the attack. The shipping giant Maersk was one of the companies that suffered the NotPetya massive attack, in August 2017 the company announced that it would incur hundreds of millions in U.S. dollar losses due to the ransomware massive […] | NotPetya | ||
|
2018-01-25 19:26:13 | A look into the cyber arsenal used by Lazarus APT hackers in recent attacks against financial institutions (lien direct) | >Security experts at Trend Micro have analyzed malware and a tool used by the Lazarus APT group in the recent attacks against financial institutions. Security experts at Trend Micro have analyzed the attacks conducted by the notorious Lazarus APT group against financial institutions. The activity of the Lazarus Group surged in 2014 and 2015, its […] | Medical | APT 38 | |
|
2018-01-25 15:01:03 | Spritecoin ransomware masquerades as cryptocurrency wallet and also harvests victim\'s data (lien direct) | Fortinet discovered a strain of ransomware dubbed Spritecoin ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store. Researchers from Fortinet FortiGuard Labs has discovered a strain of ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store. The ransomware poses itself as a “spritecoin†wallet, it asks […] | |||
|
2018-01-25 13:08:03 | libcurl has had authentication leak bug dated back to before September 1999 (lien direct) | >According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties. libcurl is a free and easy-to-use client-side URL transfer library, it builds and works identically on numerous platforms. According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage […] | |||
|
2018-01-25 07:31:24 | New HNS botnet has already compromised more than 20,000 IoT devices (lien direct) | >A new botnet called Hide ‘N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras. The HNS botnet was first spotted on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and it has risen over the weekend. The number of infected systems […] | |||
|
2018-01-24 21:00:34 | (Déjà vu) Critical code execution flaw in Electron framework impacts popular Desktop apps such as Skype and Signal (lien direct) | >A critical RCE vulnerability in the Electron framework impacts popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com. A remote code execution vulnerability tracked as CVE-2018-1000006 was fixed in the Electron framework, which is used by popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com. Electron is a node.js, […] | |||
|
2018-01-24 15:53:24 | Are you a Tinder user? Watch out, someone could spy on you (lien direct) | >Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users. Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy […] | |||
|
2018-01-24 14:32:22 | Less than 10% of Gmail users enabled two-factor authentication (lien direct) | >According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts. The availability of billions of credentials in the criminal underground due to the numerous massive data breaches occurred in the last years makes it easy for crooks to take over users’ accounts. We always […] | |||
|
2018-01-24 10:35:56 | Bell Canada suffers a data breach for the second time in less than a year (lien direct) | >Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, this is the second security breach in a few months. Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, including names, phone numbers, email addresses, usernames and account numbers. “The protection […] |
To see everything:
Our RSS (filtrered)
