What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-12-23 20:47:58 | Experts uncovered a new GlobeImposter Ransomware malspam campaign (lien direct) | >Experts observed cybercriminals are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware According to Lawrence Abrams from BleepingComputer, crooks are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware that appends the “..doc” extension to encrypted files. The malicious messages pretend to have attached photos being sent to the […] | |||
|
2017-12-23 18:02:29 | Chinese authorities have sentenced a man to 5 years in prison for selling a VPN service without the authorization (lien direct) | >The Chinese authorities have sentenced a man to five-and-a-half years in prison for selling a VPN service without the authorization. China continues to intensify the monitoring of the cyberspace applying, the authorities always fight any services that could be used to bypass its censorship system known as the Great Firewall. The Great Firewall project already blocked access to […] | |||
|
2017-12-23 13:48:25 | Russian Fancy Bear APT Group improves its weapons in ongoing campaigns (lien direct) | >Fancy Bear APT group refactored its backdoor and improved encryption to make it stealthier and harder to stop. The operations conducted by Russian Fancy Bear APT group (aka Sednit, APT28, and Sofacy,  Pawn Storm, and Strontium) are even more sophisticated and hard to detect due to. According to a new report published by experts from security firm ESET, the […] | APT 28 | ||
|
2017-12-23 06:58:34 | Satori is the latest Mirai botnet variant that is targeting Huawei HG532 home routers (lien direct) | >Satori botnet, Mirai variant, is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The Mirai botnet makes the headlines once again, a new variant dubbed Satori is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The activity […] | Satori | ||
|
2017-12-22 18:29:12 | Digmine Cryptocurrency Miner spreads via Facebook messenger (lien direct) | >Researchers from security firm Trend Micro observed crooks spreading a new cryptocurrency mining bot dubbed Digmine via Facebook Messenger. Watch out for video file (packed in zip archive) sent by your friends via Facebook messenger, according to the researchers from security firm Trend Micro crooks are using this technique to spread a new cryptocurrency mining bot dubbed Digmine. The bot […] | |||
|
2017-12-22 12:53:50 | (Déjà vu) Nissan Finance Canada hacked, 1.13 million customers may have been exposed (lien direct) | >Nissan Finance Canada announced on Thursday that the personal information of 1.13 million customers may have been exposed as a result of a data breach. Nissan Finance Canada has been hacked, personal information of 1.13 million customers may have been exposed as a result of a data breach discovered by the company on December 11 (The […] | |||
|
2017-12-22 07:20:10 | After US, also Lithuania bans Kaspersky Software due to its alleged link to the Kremlin (lien direct) | >Lithuania announced it will ban the products of the cyber security giant Kaspersky from computers in critical infrastructure. After the decision of the US Government for banning Kaspersky software, Lithuania announced it will ban the products of the security giant from computers in critical infrastructure (energy, finance, and transport). Lithuania is member of the EU and […] | |||
|
2017-12-21 19:19:45 | Chinese crime group targets database servers for mining cryptocurrency (lien direct) | > Security researchers discovered multiple hacking campaigns conducted by a Chinese criminal gang targeting database servers. The researchers from the security firm GuardiCore Labs Security have discovered multiple hacking campaigns conducted by a Chinese criminal gang targeting database servers. The attackers targeted systems worldwide for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The experts […] | |||
|
2017-12-21 12:06:00 | WMWare addressed severe Code Execution vulnerabilities in several products (lien direct) | >VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker […] | |||
|
2017-12-21 12:06:00 | (Déjà vu) VMWare addressed severe Code Execution vulnerabilities in several products (lien direct) | >VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker […] | |||
|
2017-12-21 09:10:21 | Exclusive, CSE CybSec ZLAB Malware Analysis Report: The Bladabindi malware (lien direct) | >The CSE CybSec Z-Lab Malware Lab analyzed a couple of new malware samples, belonging to the Bladabindi family, that were discovered on a looking-good website. ZLab team detected two new threats hosted on a looking-good website www[.]camplace[.]com/live-cams. Both malware looks like a legitimate app that users have to install in order to access the media file hosted on the website. […] | |||
|
2017-12-21 06:23:05 | Operation Bakovia – Romanian authorities arrest 5 individuals for Spreading CTB Locker and Cerber Ransomware (lien direct) | >Operation Bakovia – Romanian police arrested 5 individuals suspected of infecting tens of thousands of computers across Europe and the US with Ransomware. Another success of law enforcement against cybercrime, this time Romanian police have arrested five individuals suspected of infecting tens of thousands of computers across Europe and the United States with Ransomware. The arrests […] | |||
|
2017-12-20 14:00:25 | Windows 10 Hello facial recognition feature can be spoofed with photos (lien direct) | >Experts discovered that the Windows 10 facial recognition security feature Hello can be spoofed using a photo of an authorized user. Security experts at pen-test firm Syss have discovered that the Windows 10 facial recognition security feature dubbed Hello can be spoofed in the simplest way, using a photo of an authorized user. “Microsoft face authentication in Windows 10 is an enterprise-grade identity […] | |||
|
2017-12-20 09:32:20 | Backdoor in Captcha Plugin poses serious risks to 300K WordPress sites (lien direct) | >Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. Security experts at WordFence have discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. The WordPress team promptly removed the plugin from the official WordPress […] | |||
|
2017-12-20 05:56:09 | Loapi Android malware can destroy your battery mining Monero (lien direct) | >Experts from Kaspersky have spotted an Android malware dubbed Loapi that includes a so aggressive mining component that it can destroy your battery. Researchers from security firm Kaspersky Lab have spotted a new strain of Android malware dubbed Loapi lurking in fake anti-virus and porn applications, that implements many features, including cryptocurrency mining. Loapi can be used to perform a […] | |||
|
2017-12-19 15:21:41 | South Korea cryptocurrency exchange Youbit shuts down after second hack in 2017 (lien direct) | >The South Korea Cryptocurrency Exchange Youbit has gone bankrupt.after suffering a major cyber attack for the second time this year. The South Korea Cryptocurrency Exchange Youbit shuts down after suffering a major cyber attack for the second time this year. The company announced bankrupt on Tuesday after being hacked for the second time in the last eight months, the […] | |||
|
2017-12-19 13:39:23 | U.S. blames North Korea for the massive WannaCry ransomware attack (lien direct) | >It’s official, according to Tom Bossert, homeland security adviser, the US Government attributes the massive ransomware attack Wannacry to North Korea. It’s official, the US Government attributes the massive attack Wannacry to North Korea. The news of the attribution was first reported by The Wall Street Journal, according to the US Government, the WannaCry attack […] | Wannacry | ||
|
2017-12-19 11:25:21 | The thin line between BlackEnergy, DragonFly and TeamSpy attacks (lien direct) | >Experts from McAfee Labs collected evidence that links DragonFly malware to other hacking campaigns, like BlackEnergy and TeamSpy attacks. On September 6, Symantec published a detailed analysis of the Dragonfly 2.0 campaign that targeted dozens of energy companies this year. Threat actor is the same behind the Dragonfly campaign observed in 2014. Further analysis conducted […] | |||
|
2017-12-19 10:13:42 | Kaspersky Lab files Lawsuit over DHS Ban of its products and services (lien direct) | >Kaspersky Lab sues the U.S. Government over product ban, it's appeal was filed in the U.S. District Court for the District of Columbia. Last week, the US President Donald Trump signed a bill that bans the use of Kaspersky Lab products and services in federal agencies. Section 1634Â of the bill prohibits the use of security […] | ★★ | ||
|
2017-12-19 07:19:31 | Networked Printers are Some of the Oldest IoT Devices, and over 1,000 Lexmark Printers Are Vulnerable Today (lien direct) | >Experts at NewSky Security scanned the Internet and discovered that “out of 1,475 unique IPs, 1,123 Lexmark printers had no security.” We think of Internet of Things (IoT) as all the “new” devices added to networks like webcams, Internet-connected toys, smarthome devices, etc. But we have been connecting unattended things to networks for a very long […] | ★★★★★ | ||
|
2017-12-18 20:47:51 | Information Warfare At Bay – The Dangers of Russian Menace to Underwater Internet Critical Infrastructure (lien direct) | >British Armed Forces chief has warned that Russia could compromise underwater communication cables causing severe damage to the financial global economy It came as silently as a fatal heart stroke, and now the dangers of Russian Cyber Warfare materializes into reality. Join us to uncover this cripple and stealth threat to our global community. As […] | |||
|
2017-12-18 12:11:06 | (Déjà vu) Expert found critical issues in Palo Alto PAN-OS Networks Security Platform (lien direct) | >Palo Alto Networks released security updates for its PAN-OS security platform that address critical and high severity vulnerabilities Last week, Palo Alto Networks released security updates for its PAN-OS security platform that address critical and high severity vulnerabilities that can be exploited by a remote and unauthenticated for remote code execution and command injection. The critical issue, […] | |||
|
2017-12-18 09:14:55 | Researchers discovered two serious code execution flaws in vBulletin not yet unpatched (lien direct) | >Two code execution vulnerabilities affecting version 5 of the vBulletin forum software were disclosed by researchers last week. Two code execution vulnerabilities affecting version 5 of the popular vBulletin forum CMS were disclosed by researchers last week via Beyond Security's SecuriTeam Secure Disclosure program. vBulletin is currently used by over 100,000 sites, including Fortune 500 […] | |||
|
2017-12-18 07:59:04 | BGP hijacking – Traffic for Google, Apple, Facebook, Microsoft and other tech giants routed through Russia (lien direct) | >Traffic for Google, Apple, Facebook, Microsoft and other tech giants routed through Russia, experts believe it was an intentional BGP Hijacking. Last week a suspicious event routed traffic for major tech companies (i.e. Google, Facebook, Apple, and Microsoft) through a previously unknown Russian Internet provider. The event occurred on Wednesday, researchers who investigated it believe the traffic […] | |||
|
2017-12-17 16:38:16 | Zealot Campaign leverages NSA exploits to deliver Monero miners of both Windows and Linux servers (lien direct) | >Security researchers spotted a sophisticated malware campaign, tracked as Zealot campaign targeting Linux and Windows servers to install Monero miners. Security researchers from F5 Networks spotted a sophisticated malware campaign, tracked as Zealot campaign (after the name zealot.zip, one of the files dropped on targeted servers), targeting Linux and Windows servers to install Monero cryptocurrency miners. The campaign was detected […] | |||
|
2017-12-17 14:56:24 | Security Affairs newsletter Round 141 – News of the week (lien direct) | >A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·Â Â Â Â Â National Institute of Standards and Technology releases a second Draft of the NIST Cybersecurity Framework ·Â Â Â Â Â Security Affairs newsletter Round 140 – News of the week ·Â Â Â Â Â Severe flaws in most popular […] | |||
|
2017-12-17 10:02:58 | New PRILEX ATM Malware used in targeted attacks against a Brazilian bank (lien direct) | >PRILEX is a new ATM malware analyzed by researchers at Trend Micro that was used in high-targeted attacks against a Brazilian bank. Security researchers from Trend Micro recently discovered a strain of ATM malware dubbed PRILEX that was involved in targeted attacks in Brazil. PRILEX is written in Visual Basic 6.0 (VB6), it was specifically designed to […] | |||
|
2017-12-17 08:57:58 | The Russian pipeline giant Transneft infected with a Monero cryptocurrency miner (lien direct) | >The Russian pipeline giant Transneft admitted its computers were used for mining Monero cryptocurrency, the company removed the malware from its computers. The Russian pipeline giant Transneft announced its systems were infected with a Monero cryptocurrency miner. The company confirmed it has successfully removed the threat from its systems, the company spokesman Igor Demin told Reuters the cryptomining […] | |||
|
2017-12-16 11:24:30 | Pre-Installed Keeper Password Manager on Windows 10 exposes systems to passwords stealing (lien direct) | >White hat hacker discovered some Windows 10 versions come with a pre-installed version of Keeper Password Manager that exposes systems to passwords stealing. I was reading Tweets when I noticed the following post: I don't want to hear about how even a password manager with a trivial remote root that shares all your passwords with […] | |||
|
2017-12-16 09:01:01 | 19 Million California Voter records held for ransom attack on a MongoDB instance (lien direct) | >Voter registration data for more than 19 million California residents stored in an unsecured MongoDB instance has been deleted and held for ransom. Voter registration data for more than 19 million California residents that was stored in an unsecured MongoDB database has been deleted and held for ransom by attackers. The incident was discovered by researchers at […] | ★★ | ||
|
2017-12-16 07:01:45 | Triton malware was developed by Iran and used to target Saudi Arabia (lien direct) | >CyberX who analyzed samples of the Triton malware believes it was likely developed by Iran and used to target an organization in Saudi Arabia. Security experts from security firms FireEye and Dragos reported this week the discovery of a new strain of malware dubbed Triton (aka Trisis) specifically designed to target industrial control systems (ICS). Both FireEye and Dragos […] | ★★ | ||
|
2017-12-15 21:04:37 | Lazarus APT Group targets a London cryptocurrency company (lien direct) | >Security experts from Secureworks revealed the Lazarus APT group launched a spearphishing campaign against a London cryptocurrency company. The dreaded Lazarus APT group is back and launched a spearphishing campaign against a London cryptocurrency company to steal employee credentials. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […] | Medical | APT 38 | |
|
2017-12-15 14:59:56 | Germany – Court rules against foreign intelligence agency (BND) surveillance (lien direct) | >According to a German court, the BND must not store the metadata of international phone calls for the purpose of intelligence analysis. Just a week ago, we discussed the German Government is preparing a law that will force hardware vendors to include a backdoor in their products and to allow its unit to hack back, now German […] | |||
|
2017-12-15 13:05:35 | The cybersecurity firm Fox-IT disclosed a security breach that affected its infrastructure (lien direct) | >For Fox-IT disclosed a security breach that affected its infrastructure and demonstrated how to manage it in an outstanding way. The cybersecurity firm Fox-IT, one of the top security companies currently owned by the UK giant NCC Group, disclosed a security breach that affected its infrastructure. According to the firm, on September 19 an unknown attacker carried […] | |||
|
2017-12-15 10:03:09 | US Military wants cyber warriors along with soldiers on the Battlefield (lien direct) | >Cyber warriors and soldiers will fight together on the battlefield, the US Army will soon send its cyber experts to support the conventional army. The news was reported by officials this week, it confirms the strategic importance of Information warfare in the modern military. Cyber warriors will be engaged in the offensive against enemy computer networks. The Army is […] | |||
|
2017-12-15 08:31:38 | Avast releases open sources Machine-Code Decompiler (RetDec) to fight malware (lien direct) | >RetDec is the retargetable machine-code decompiler (RetDec) released by the anti-malware firm Avast to boost the fight against malicious codes. The anti-malware company Avast announced the release of retargetable machine-code decompiler (RetDec) as open source in an effort to boost the fight against malicious codes. RetDec, short for Retargetable Decompiler, was originally created as a joint project by the Faculty of Information […] | |||
|
2017-12-14 20:41:51 | New Triton malware detected in attacks against a Critical Infrastructure operator (lien direct) | >Triton malware – A new strain of malware specifically designed to target industrial control systems (ICS) system has been spotted by researchers at FireEye A new strain of malware dubbed Triton specifically designed to target industrial control systems (ICS) system has been spotted by researchers at FireEye. The Triton malware has been used in attacks aimed at an unnamed […] | |||
|
2017-12-14 13:28:40 | FortiClient improper access control exposes users\' VPN credentials (lien direct) | FortiClient for Linux, Mac OSX and Windows stores encrypted VPN authentication credentials in improperly secured locations. Fortinet provided security updates for its next-generation endpoint protection FortiClient product that address a serious information disclosure vulnerability. The flaw, tracked as CVE-2017-14184, could be exploited by an attacker to obtain VPN authentication credentials. FortiClient is a powerful product that includes […] | |||
|
2017-12-14 12:16:28 | (Déjà vu) Trump signed a bill prohibiting the use of Kaspersky Lab product and services (lien direct) | >The US President Donald Trump signed a bill that bans the use of Kaspersky Lab products and services in federal agencies. Section 1634 of the bill prohibits the use of security software and services provided by security giant Kaspersky Lab, the ban will start from October 1, 2018. Below the details of the ban included in the section […] | |||
|
2017-12-14 11:32:31 | Experts disclosed an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit (lien direct) | Security researchers at Trend Micro have publicly disclosed an unpatched zero-day flaw in the firmware of AT&T DirecTV WVB kit after manufactured failed to patch it Security researchers at Trend Micro have discovered an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit after the manufacturer failed to patch this flaw over the past few months. […] | |||
|
2017-12-14 09:11:13 | US DoJ charges 3 Men with developing and running the Mirai Botnet (lien direct) | >The US DoJ announced plea agreements for Paras Jha, Josiah White, and Dalton Norman, 21 for creating and operating the dreaded Mirai botnet. US authorities charge three men with developing and running the dreaded Mirai botnet that was involved in several massive DDoS attacks. According to documents released by the US Department of Justice (DOJ), the […] | |||
|
2017-12-13 21:31:49 | ISIS & Al Qaeda: What\'s Coming Down the Line for the U.S. in 2018 (lien direct) | ISIS & Al Qaeda: What's Coming Down the Line for the U.S. in 2018. From drones to chemical attacks, which are the major risks? Last month, the Department of Homeland Security (DHS) warned that, “our enemies remain focused on attacking the United States, and they are constantly adapting. DHS and its partners are stepping up […] | ★★★ | ||
|
2017-12-13 16:19:21 | ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains (lien direct) | >ROBOT ATTACK – Security experts have discovered a 19-year-old flaw in the TLS network security protocol that affects many software worldwide. The security researchers Hanno Böck and Juraj Somorovsky of Ruhr-Universität Bochum/Hackmanit, and Craig Young of Tripwire VERT, have discovered a 19-year-old vulnerability in the TLS network security protocol in the software several tech giants […] | ★★★★ | ||
|
2017-12-13 10:52:38 | (Déjà vu) December Microsoft Patch Tuesday addresses 19 Critical browser issues (lien direct) | >Microsoft released Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 Critical browser issues. Microsoft has released its Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 critical flaws affecting the Internet Explorer and Edge web browsers. Microsoft addressed several memory corruption flaws that can be exploited […] | |||
|
2017-12-13 07:59:13 | A banking Trojan targeting the Polish banks was found in Google Play (lien direct) | >It has happened again, several banking Trojan samples have been found on Google Play, this time the malicious code targeted a number of Polish banks. The malware was disguised as seemingly legitimate apps “Crypto Monitorâ€, a cryptocurrency price tracking app, and “StorySaverâ€, a third-party tool for downloading stories from Instagram. The malicious code is able to display […] | |||
|
2017-12-13 07:21:46 | Adobe Patch Tuesday only addressed a moderate severity regression issue affecting Flash Player (lien direct) | >Adobe released the Patch Tuesday, this month it only addressed a moderate severity regression issue affecting Flash Player tracked as CVE-2017-11305. It was a poor Patch Tuesday this month for Adobe that only addressed a moderate severity regression issue affecting Flash Player tracked as CVE-2017-11305. The vulnerability was described as a “business logic error,†that can cause the unintended reset of […] | |||
|
2017-12-12 13:44:56 | Smart Shield Detector allows thieves to discover if the ATM is protected by anti-skimming technology (lien direct) | >Crooks are now involving a small, battery-powered device dubbed Smart Shield Detector that is able to detect digital anti-skimming technology used by ATMs. ATM skimmers are widely adopted by crooks to steal payment card data, in the last months, experts observed an increase in the number of cyber attacks against ATM involving so-called 'insert skimmers.' In response, […] | |||
|
2017-12-12 10:31:09 | A collection of 1.4 Billion Plain-Text leaked credentials is available online (lien direct) | >A 41-gigabyte archive containing 1.4 Billion credentials in clear text was found in dark web, it had been updated at the end of November. Another monster data dump was found online, the huge archive contains over 1.4 billion email addresses, passwords, and other credentials in clear text. The huge trove of data, a 41-gigabyte archive, has been […] | |||
|
2017-12-12 09:17:54 | Google Project Zero white hacker reveals Apple jailbreak exploit (lien direct) | >White hat hacker Ian Beer of Google Project Zero has revealed an Apple jailbreak exploit that relies on a kernel memory corruption vulnerability. White hat hacker Ian Beer of Google Project Zero has revealed an Apple jailbreak exploit. The expert publicly disclosed the kernel memory corruption vulnerability after Apple addressed it with a fix. Last week highlighted Beer announced […] | |||
|
2017-12-12 07:55:49 | The OceanLotus MacOS Backdoor Transforms into HiddenLotus with a Slick UNICODE Trick (lien direct) | >Experts at Malwarebytes warns of a new variant of the macOS OceanLotus backdoor is using an innovative technique to avoid detection, A few years ago the bad actors realized they could use UNICODE characters that looked like English characters to lead unsuspecting victims to malicious websites. Now, they have figured out how to use a […] | Guideline | APT 32 |
To see everything:
Our RSS (filtrered)
