What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-09 10:47:03 | Wikipedia suffered intermittent outages as a result of a malicious attack (lien direct) | The popular free online encyclopedia Wikipedia was not reachable following what it has described as a “malicious attack”. Popular online reference website Wikipedia went down in several countries after the server of the Wikimedia Foundation that host it were hit by a “massive” Distributed Denial of Service (DDoS) attack. The news of intermittent outages was […] | |||
|
2019-09-09 06:52:00 | China-linked APT3 was able to modify stolen NSA cyberweapons (lien direct) | China-linked APT3 stole cyberweapons from the NSA and reverse engineered them to create its arsenal. In 2010, security firm FireEye identified the Pirpi Remote Access Trojan (RAT) which exploited a then 0-day vulnerability in Internet Explorer versions 6, 7 and 8. FireEye named the threat group APT3 which has also been described as TG-0100, Buckeye, […] | Vulnerability Threat | APT 3 | |
|
2019-09-09 06:24:05 | Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites (lien direct) | Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. Belarusian police have seized the servers of XakFor (xakfor[.]net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. The news was first reported by the Belarusian news outlet […] | Malware | ||
|
2019-09-08 15:30:03 | WordPress 5.2.3 fixes multiple issues, including some severe XSS flaws (lien direct) | The WordPress development team released version 5.2.3 that includes 29 fixes, enhancements, and several security patches. WordPress developers released a security and maintenance version 5.2.3 that includes 29 fixes, several enhancements and security patches. These flaws affect the versions 5.2.2 and earlier of the popular CMS. Most of the security flaws addressed with the release […] | |||
|
2019-09-08 14:07:01 | (Déjà vu) Security Affairs newsletter Round 230 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Cisco addresses CVE-2019-12643 critical flaw in […] | |||
|
2019-09-08 13:47:04 | (Déjà vu) Toyota Boshoku Corporation lost over $37 Million following BEC attack (lien direct) | Toyota Boshoku Corporation announced that one of its European subsidiaries lost more than $37 million due to a business email compromise (BEC) attack. Toyota Boshoku Corporation is a Japanese automotive component manufacturer, it is a member of the Toyota Group of companies. Toyota Boshoku Corporation has announced that one of its European subsidiaries lost more than $37 million following a business […] | |||
|
2019-09-08 12:27:04 | University, Professional Certification or Direct Experience? (lien direct) | How to improve technical skills? Would it be better a university course, a professional certification or an experience in a cybersecurity firm? Today I'd like to share a simple and personal thought about teaching models on cybersecurity. Quite often students ask me how to improve their technical skills and the most common question is: “would […] | |||
|
2019-09-08 09:43:02 | Experts found Joker Spyware in 24 apps in the Google Play store (lien direct) | Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The spyware is able to steal SMS messages, contact lists and device […] | ★★★★ | ||
|
2019-09-07 21:52:04 | Google report on iPhone hack created \'False Impression,\' states Apple (lien direct) | Apple replied to Google about the recent report suggesting iPhones may have been hacked as part of a long-running hacking campaign. Apple criticized the report recently published by Google that claims that iPhones may have been hacked by threat actors as part of a long-running hacking campaign. Apple defines the report as inaccurate and misleading. […] | Hack Threat Guideline | ||
|
2019-09-07 14:36:00 | Experts add a BlueKeep exploit module to MetaSploit (lien direct) | Maintainers of the open-source Metasploit penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. There is a surprise for Metasploit users, maintainers of the open-source penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. The BlueKeep vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft […] | |||
|
2019-09-07 12:16:00 | (Déjà vu) Thousands of servers infected with the Lilocked Ransomware (lien direct) | A new ransomware tracked as Lilocked (or Lilu) by researchers is actively targeting servers and encrypting the data stored on them. The Lilocked ransomware has already infected thousands of Linux-based web servers since mid-July. The Lilocked ransomware was first reported at the end of July by the popular malware researcher Michael Gillespie after a sample has been uploaded […] | Ransomware Malware | ||
|
2019-09-06 16:00:02 | CVE-2019-15846 Exim mail server flaw allows Remote Code Execution (lien direct) | A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges. The Exim development team has addressed a vulnerability in Exim mail server, tracked as CVE-2019-15846, that could be exploited by local and remote attackers to execute arbitrary code with root privileges. The vulnerability […] | Vulnerability | ||
|
2019-09-06 14:32:01 | PHP new versions fix multiple code execution issues (lien direct) | Maintainers at the PHP programming language have released new versions that address multiple flaws, including some code execution issues. The development team behind the PHP programming language recently released new versions of PHP to address multiple high-severity vulnerabilities in its core and bundled libraries. The most severe flaw could be exploited by a remote attacker […] | |||
|
2019-09-06 08:23:04 | Over 600k GPS trackers left exposed online with a default password of \'123456\' (lien direct) | 600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” Researchers from Avast discovered at least 600,000 GPS trackers that were exposed online with a default password of “123456.” The […] | |||
|
2019-09-05 22:02:05 | Zero-day vulnerability in Android OS yet to be patched (lien direct) | Maintainers of the Android Open Source Project (AOSP) failed to address a privilege escalation bug in the Android mobile OS that was reported six months ago. Experts disclosed details of a zero-day vulnerability that affects the Android mobile operating system. The high-severity zero-day issue resides in the driver for the Video For Linux 2 (V4L2) […] | Vulnerability | ||
|
2019-09-05 19:08:04 | Hundreds of millions of Facebook users\' phone numbers exposed online (lien direct) | New problems to Facebook, phone numbers associated with more than 400 million accounts of the social network giant were exposed online. A new privacy incident involved Facebook, according to TechCruch, phone numbers associated with 419 million accounts of the social network giant were exposed online. The data was found by Sanyam Jain, a security researcher […] | |||
|
2019-09-05 14:18:02 | Year-Old Samba flaw allows escaping from the share path definition (lien direct) | Experts discovered a year-old flaw in Samba software that could be exploited to bypass file-sharing permissions and access forbidden root shares paths. Security researchers discovered a year-old vulnerability in Samba software that could be exploited, under certain conditions, to bypass file-sharing permissions and access forbidden root shares paths. “On a Samba SMB server for all […] | Vulnerability | ||
|
2019-09-05 12:28:05 | New Bedford city infected with Ryuk ransomware, but did not pay $5.3M ransom (lien direct) | Another US city was the victim of a ransomware attack, this time crooks hit the city of New Bedford, Massachusetts, asking for $5.3 Million Ransom, but… The systems of New Bedford, Massachusetts, were infected with ransomware and crooks asked for a $5.3 million ransom to decrypt data. The ransom was too high for the city […] | Ransomware | ||
|
2019-09-05 09:59:03 | Twitter temporarily disables feature to tweet via SMS after CEO hack (lien direct) | Twitter opted to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account. Twitter announced to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account. “We're taking this step because of vulnerabilities […] | Hack | ||
|
2019-09-05 06:08:05 | Creator of multiple IoT botnets, including Satori, pleaded guilty (lien direct) | Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet, including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Court documents revealed that the man suffers from Asperger Syndrome and autism disorder. Schuchman compromised hundreds […] | Guideline | Satori | |
|
2019-09-04 16:33:03 | Experts devised advanced SMS phishing attacks against modern Android-based phones (lien direct) | Experts warn of advanced phishing attacks in certain modern Android-based phones that can trick users into accepting new malicious phone settings. When users insert a new SIM in their mobile phone and access to the cellular network for the first time, the carrier service automatically configures or sends you a message containing settings for the […] | |||
|
2019-09-04 11:21:01 | JSWorm: The 4th Version of the Infamous Ransomware (lien direct) | Malware researchers at Yoroi-Cybaze ZLab have analyzed the fourth version of the infamous JSWorm Ransomware. Introduction The ransomware attacks have no end. These cyber weapons are supported by a dedicated staff that constantly update and improve the malware in order to make harder detection and decryption. As the popular GandCrab, which was carried on up […] | Ransomware Malware | ||
|
2019-09-04 09:14:01 | Some Zyxel devices can be hacked via DNS requests (lien direct) | Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. Security researchers at SEC Consult discovered multiple vulnerabilities in various Zyxel devices, including hardcoded credentials and issues that could allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure […] | Hack | ||
|
2019-09-04 08:03:02 | (Déjà vu) Cyber Defense Magazine – September 2019 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine September 2019 Edition has arrived. We hope you enjoy this month's edition…packed with over 179 pages of excellent content. Our Growing Media Platforms… www.cyberdefenseawards.comwww.cyberdefensemagazine.comwww.cyberdefenseradio.comwww.cyberdefensetv.com After 7 Years, We’ve Completely RebuiltCyberDefenseMagazine.com – Please Let Us Know What You Think. It’s mobile and tablet friendly and superfast. We hope you like it. In addition, we’re […] | |||
|
2019-09-04 07:29:00 | Android Zero-Day exploits are the most expensive in the new Zerodium price list (lien direct) | Zero-day broker Zerodium has updated the price list for both Android and iOS exploits, with Android ones having surpassed the iOS ones for the first time. For the first time, the price for Android exploits is higher than the iOS ones, this is what has emerged from the updated price list published by the zero-day […] | |||
|
2019-09-03 21:42:02 | USBAnywhere BMC flaws expose Supermicro servers to hack (lien direct) | USBAnywhere – Tens of thousands of enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in USB devices. Tens of thousands of servers worldwide powered by Supermicro motherboards are affected by a vulnerability that would allow an attacker to remotely take over them. Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities […] | Hack Vulnerability | ||
|
2019-09-03 19:47:04 | XKCD forum data breach impacted 562,000 subscribers (lien direct) | The popular webcomic platform XKCD has suffered a data breach that exposed data of its forum users, the incident impacted 562,000 subscribers. XKCD is one of the most popular webcomic platform created by the American author Randall Munroe in 2005, it is a webcomic of romance, sarcasm, math, and language. XKCD has suffered a data […] | Data Breach | ||
|
2019-09-03 15:05:04 | Writing Your First Bootloader for Better Analyses (lien direct) | Marco Ramilli explained MBR works and how is it possible to write a bootloader program, this skill will help you to analyze next BootLoader Malware. From time to time we might observe special Malware storing themselves into a MBR and run during the booting process. Attackers could use this neat technique to infect and to mess-up your […] | Malware | ||
|
2019-09-03 12:36:01 | Crooks stole €1.5 million from German bank OLB cloning EMV cards (lien direct) | Criminals have stolen more than €1.5 million from the German bank OLB by cloning customer debit cards and using them to cash out user funds across Brazil. ZDnet first reported that last week cyber criminals have stolen more than €1.5 million from the German bank Oldenburgische Landesbank (OLB) by cloning customer debit cards and using […] | |||
|
2019-09-03 10:27:00 | Zao app went viral but raised serious privacy concerns (lien direct) | The Chinese face-swapping ZAO app that allows users to create photos starring along their favorite characters is raising privacy concerns. The ZAO app is one of the most downloaded applications, but it made the headlines due to privacy concerns. The AI-based iPhone app was released on august 30, 2019, it allows its users to create […] | |||
|
2019-09-03 05:05:00 | One million cracked Poshmark accounts being sold online (lien direct) | Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. Earlier in August, Poshmark, a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories, disclosed a data breach that took place in May 2018. The company discovered […] | Data Breach | ||
|
2019-09-02 21:18:02 | The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran (lien direct) | Journalists revealed the role of a mole recruited by the Dutch intelligence in the US-Israeli Stuxnet attack on the Natanz plant in Iran. The story of the Stuxnet attack is still one of the most intriguing case of modern information warfare. The virus was developed by the US and Israel to interfere with the nuclear […] | |||
|
2019-09-02 16:52:01 | Flight booking platform Option Way exposes customer and internal data (lien direct) | Researchers from vpnMentor security firm have recently discovered a huge data breach in flight booking platform Option Way. Researchers at vpnMentor discovered a huge data breach in flight booking platform Option Way as part of a web-mapping project. Option Way service allows its users to find flight deals to and from destinations around the world. The research […] | Data Breach | ||
|
2019-09-02 12:17:00 | US cyberattack temporarily paralyzed the ability of Iran to target oil tankers in the Gulf (lien direct) | The United States cyber army carried out a cyberattack in June on a database used by Iran’s Islamic Revolutionary Guard Corps to plot attacks on oil tankers in the Gulf. The New York Times revealed that the US carried out a cyberattack in June on a database used by Iran’s Islamic Revolutionary Guard Corps to […] | |||
|
2019-09-02 07:28:02 | XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers (lien direct) | Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The popular researcher Larry Cashdollar, from Akamai SIRT, announced in exclusive to The Register, that he observed a miner that previously hit only Arm-powered IoT devices targeting Intel systems. The researchers revealed that one […] | |||
|
2019-09-01 15:09:05 | Cisco addresses CVE-2019-12643 critical flaw in virtual Service Container for IOS XE (lien direct) | Cisco released security updates for Cisco IOS XE operating system to address a critical vulnerability that could be exploited by a remote attacker to bypass authentication. Cisco released security updates for Cisco IOS XE OS to address a critical flaw, tracked as CVE-2019-12643, that could be exploited by a remote attacker to bypass authentication. “On […] | Vulnerability | ||
|
2019-09-01 13:17:00 | (Déjà vu) Security Affairs newsletter Round 229 – News of the week (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 80 defendants charged with participating in […] | |||
|
2019-09-01 09:04:02 | Malspam campaign bypasses secure email gateway using Google Docs (lien direct) | Attackers are using Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via camouflaged as PDF documents. Security experts at Cofense uncovered a malspam campaign the leverages Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via executables camouflaged as PDF documents. TrickBot is a popular banking Trojan that has been around […] | |||
|
2019-09-01 07:56:04 | New Google bug bounty allows reporting the abuses of Google API, Chrome, and Android user data (lien direct) | Recently, Google announced a new bug bounty program for experts that can report the abuses of Google API, Chrome, and Android user data. Google announced the Developer Data Protection Reward Program (DDPRP), a new bounty program aimed at security experts that discover data abuse issues in popular Android applications, OAuth projects, and Chrome extensions. Researchers […] | |||
|
2019-08-31 20:48:04 | ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs (lien direct) | Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. Experts noticed that most of the devices targeted by the bot are Android […] | |||
|
2019-08-31 14:48:03 | FIN6 recently expanded operations to target eCommerce sites (lien direct) | The financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. According to researchers at IBM X-Force Incident Response and Intelligence Services (IRIS), the financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. FIN6 group has been active since 2015, […] | Hack | ||
|
2019-08-31 08:43:00 | (Déjà vu) Twitter account of Jack Dorsey, Twitter CEO and co-founder, has been hacked (lien direct) | Hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter, and published and retweeted offensive and racist messages. No one is secure online, news of the day is that hackers compromised the Twitter account of Jack Dorsey, CEO at Twitter and co-founder, and published and retweeted offensive and racist tweets. The hack tool place […] | Hack Tool | ||
|
2019-08-30 20:38:03 | Expert found Russia\'s SORM surveillance equipment leaking user data (lien direct) | A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. The Russian researcher Leonid Evdokimov has found that hardware wiretapping equipment used by the Kremlin as part of the SORM surveillance system (Russian: Система оперативно-разыскных мероприятий, lit. ‘System for Operative Investigative Activities’) had been leaking data online. The […] | |||
|
2019-08-30 17:15:04 | Foxit Software discloses a data breach that exposed user passwords (lien direct) | Foxit Software, the company behind the Foxit PDF reader app, disclosed a data breach that exposed customers’ information, including passwords. Foxit Software, the PDF software provider behind the Foxit PDF reader app disclosed a security breach that took place recently exposing customers’ information. The incident exposed personal identification data of ‘My Account’ service users, third parties […] | Data Breach | ||
|
2019-08-30 15:56:01 | Ransomware attack hits DDS Safe backup service used by hundreds of dental offices (lien direct) | The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe. DDS Safe, is a HIPAA Compliant 3 layered online dental […] | Ransomware | ||
|
2019-08-30 11:59:02 | Google revealed how watering hole attacks compromised iPhone devices earlier this year (lien direct) | Google researchers discovered that iPhone devices could be hacked by tricking owners into visiting specially crafted websites. Researchers at Google Project Zero discovered that it was possible to hack iPhone devices by visiting specially crafted websites. Earlier this year, Google Threat Analysis Group (TAG) experts uncovered an iPhone hacking campaign, initially, they spotted a limited […] | Hack Threat | ||
|
2019-08-30 09:25:05 | BRATA, the Android RAT that infected only Brazilian users (lien direct) | Security experts at Kaspersky have spotted a new Android remote access tool (RAT) dubbed BRATA used to spy on Brazilian users. Security experts at Kaspersky have discovered a new Android remote access tool (RAT), tracked as BRATA (the name comes from ‘Brazilian RAT Android’), that was used to spy on Brazilian users. The BRATA RAT […] | Tool | ||
|
2019-08-29 21:09:05 | Capital One Hacker indicted on federal charges for Wire Fraud and Computer Data Theft (lien direct) | Paige Thompson, the alleged hacker behind the Capital One hack and attacks on 30 other organizations has been indicted on wire fraud and computer fraud. Paige Thompson, a transgender woman, suspected to be the hacker behind the Capital One hack and attacks on 30 other organizations has been indicted on wire fraud and computer fraud. In […] | Hack | ||
|
2019-08-29 15:28:05 | A total of six Hackers already become millionaires on HackerOne (lien direct) | HackerOne announced that five more hackers have become millionaires thanks to their contributes to the bug bounty programs managed by the platform. Bug bounty platform HackerOne announced that four more hackers have become millionaires after participating in the bug bounty programs managed by the platform. In March, HackerOne announced that two of its members have […] | |||
|
2019-08-29 10:13:05 | Lumber Liquidators hit by malware attack that took down its network (lien direct) | Lumber Liquidators, a leading specialty retailer of hard-surface flooring in North America, announced that a malware attack took down its network. North American hard-surface flooring retailer Lumber Liquidators revealed that it was victim of a security incident, a malware-based attack took down part of its network for nearly a week. Lumber Liquidators has 416 locations […] | Malware Guideline |
To see everything:
