What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-22 12:52:23 | Data of 2 million MyFreeCams users sold on a hacker forum (lien direct) | A threat actor was offering for sale on a hacker forum data from 2 million users allegedly stolen from the adult streaming site MyFreeCams. A threat actor was offering for sale on a hacker forum a database containing user records allegedly stolen from the adult streaming site MyFreeCams. MyFreeCams it's one of the top adult […] | Threat | ||
|
2021-01-22 11:19:44 | Abusing Windows RDP servers to amplify DDoS attacks (lien direct) | Threat actors are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. Attackers are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks. The Microsoft Remote Desktop Protocol (RDP) is a built-in service in Microsoft Windows operating systems that provides authenticated remote virtual […] | |||
|
2021-01-22 08:25:23 | Drupal fixed a new flaw related PEAR Archive_Tar library (lien direct) | Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library. The PEAR Archive_Tar class provides handling of tar files in PHP. It supports creating, listing, extracting, and adding […] | Vulnerability | ||
|
2021-01-21 22:41:13 | Dovecat crypto-miner is targeting QNAP NAS devices (lien direct) | QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. The malware was designed to abuse NAS resources and mine cryptocurrency. The malware […] | Malware | ||
|
2021-01-21 18:01:21 | Passwords stolen via phishing campaign available through Google search (lien direct) | Bad ops of operators of a phishing campaign exposed credentials stolen in attacks and made them publicly available through Google queries. Check Point Research along with experts from cybersecurity firm Otorio shared details on their investigation into a large-scale phishing campaign that targeted thousands of global organizations. The campaign has been active since August, the attackers […] | |||
|
2021-01-21 16:05:16 | Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit (lien direct) | Experts warn of automated scanning activity for servers affected by a critical SAP SolMan flaw after the release of an exploit code. Experts warn of an automated scanning activity for servers affected by vulnerabilities in SAP software, attackers started probing the systems after the release of an exploit for the critical CVE-2020-6207 flaw in SAP Solution Manager […] | |||
|
2021-01-21 12:01:36 | SolarWinds Attack: Microsoft sheds lights into Solorigate second-stage activation (lien direct) | Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware and tools. Microsoft published a new report that includes additional details of the SolarWinds supply chain attack. The new analysis shad lights on the handover from the Solorigate DLL backdoor to the Cobalt Strike loader. […] | Malware | Solardwinds Solardwinds | |
|
2021-01-21 08:43:16 | Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI (lien direct) | Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices. These vulnerabilities impact devices running the following Cisco SD-WAN Software: IOS XE SD-WAN […] | |||
|
2021-01-20 21:44:21 | Logic bugs found in popular apps, including Signal and FB Messenger (lien direct) | Flaws in popular messaging apps, such as Signal and FB Messenger allowed to force a target device to transmit audio to an attacker device. Google Project Zero security researcher Natalie Silvanovich found multiple flaws in popular video conferencing apps such as Signal and FB Messenger, that allowed to force a target device to transmit audio […] | |||
|
2021-01-20 13:43:17 | Livecoin halted operations after the December attack (lien direct) | The Russian cryptocurrency exchange Livecoin has announced it is terminating its operation following the December cyberattack. The Russian cryptocurrency exchange was hacked on Christmas Eve, it published a message on its website warning customers to stop using its services. “Dear clients, we ask you to stop using our service in all meanings: don't deposit funds, […] | |||
|
2021-01-20 13:01:02 | FireEye releases an auditing tool to detect SolarWinds hackers\' activity (lien direct) | Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. The experts explained how the UNC2452 and other threat actors breached […] | Tool Threat | ★★★★★ | |
|
2021-01-19 23:21:34 | Malwarebytes \'s email systems hacked by SolarWinds attackers (lien direct) | Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed today that SolarWinds hackers also breached its systems and gained access to its email. Malwarebytes joins the club of security firms that were hit by Solarwinds attackers, after FireEye, Microsoft, and CrowdStrike. The intrusion took […] | Threat | ||
|
2021-01-19 22:31:27 | Raindrop, a fourth malware employed in SolarWinds attacks (lien direct) | The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts from Symantec revealed that threat actors behind the SolarWinds supply chain attack leveraged a malware named Raindrop for lateral movement and deploying additional payloads. Raindrop is the fourth malware that was discovered investigating the SolarWinds […] | Malware Threat | Solardwinds | |
|
2021-01-19 13:34:06 | FreakOut botnet target 3 recent flaws to compromise Linux devices (lien direct) | Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from Check Point have uncovered a series of attacks associated with the FreakOut botnet that is targeting multiple unpatched flaws in applications running on top of Linux systems. The botnet appeared in the threat landscape in […] | Threat | ||
|
2021-01-19 12:17:29 | (Déjà vu) Vishing attacks conducted to steal corporate accounts, FBI warns (lien direct) | The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) that warns of ongoing vishing attacks aimed at stealing corporate accounts and credentials from US and international-based employees. Vishing (also known as voice phishing) is a social engineering […] | |||
|
2021-01-18 22:54:29 | OpenWRT forum hacked, intruders stole user data (lien direct) | The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach. OpenWrt is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. The main components are Linux, util-linux, musl, and BusyBox. All components have been optimized […] | |||
|
2021-01-18 18:34:57 | 500K+ records of C-level people from Capital Economics leaked online (lien direct) | Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. CapitalEconomics.com is one of the leading independent economic research companies in the world that provides macroeconomic, financial market and sectoral forecasts and consultancy. […] | Guideline | ||
|
2021-01-18 16:59:50 | Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts (lien direct) | A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them to company’s servers. The Indian white hat hackers Harsh Jaiswal and Rahul Maini claim to have discovered multiple flaws that allowed them to access Apple servers. The duo started focusing on Apple’s infrastructure in an […] | |||
|
2021-01-18 15:06:03 | Rob Joyce is the new NSA Cyber Director (lien direct) | The U.S. National Security Agency has appointed Rob Joyce as the agency's new director of cybersecurity, who has long experience in US cybersecurity The National Security Agency (NSA) has appointed US cybersecurity official Rob Joyce as the new chief of the Cybersecurity Directorate. Joyce served as the NSA’s top representative in the UK since 2018, he […] | |||
|
2021-01-18 09:54:43 | German laptop retailer fined €10.4m under GDPR for video-monitoring employees (lien direct) | German data regulator LfD announced a €10.4M fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. The State Commissioner for Data Protection (LfD) Lower Saxony announced a €10.4 million fine under the GDPR against an online laptop and electronic goods retailer NBB's (notebooksbilliger.de) for video-monitoring employees for at least […] | |||
|
2021-01-18 00:58:20 | President Biden\'s Peloton exercise equipment under scrutiny (lien direct) | President Joe Biden can’t bring his Peloton exercise equipment to the White House due to security reasons. According to a Popular Mechanics report, President Joe Biden is going to move to the White House and likely he will have to give up his Peloton exercise equipment for security reasons. Peloton exercise equipment’s popularity surged during […] | |||
|
2021-01-17 22:29:57 | EMA said that hackers manipulated stolen documents before leaking them (lien direct) | The European Medicines Agency (EMA) revealed Friday that COVID-19 vaccine documents stolen from its servers have been manipulated before the leak. The European Medicines Agency (EMA) declared that COVID-19 vaccine documents stolen from its servers in a recent cyber attack have been manipulated. In December, a cyber attack hit the European Medicines Agency (EMA). At […] | |||
|
2021-01-17 13:46:26 | (Déjà vu) Critical flaws in Orbit Fox WordPress plugin allows site takeover (lien direct) | Two vulnerabilities in the Orbit Fox WordPress plugin, a privilege-escalation issue and a stored XSS bug, can allow site takeover. Security experts from Wordfence have discovered two security vulnerabilities in the Orbit Fox WordPress plugin. The flaws are a privilege-escalation vulnerability and a stored XSS bug that impacts over 40,000 installs. The Orbit Fox plugin […] | Vulnerability | ||
|
2021-01-17 11:20:44 | Security Affairs newsletter Round 297 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. It is time to re-evaluate Cyber-defence solutions New Zealand central bank hit by a cyber attack TeamTNT botnet now steals Docker API and AWS credentials Connecting the dots between SolarWinds […] | |||
|
2021-01-16 22:52:19 | Two kids found a screensaver bypass in Linux Mint (lien direct) | The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The maintainers of the Linux Mint project have addressed a security bug that could have allowed attackers to bypass the OS screensaver. The curious aspect of this vulnerability is related to its […] | Vulnerability | ||
|
2021-01-16 14:14:01 | Siemens fixed tens of flaws in Siemens Digital Industries Software products (lien direct) | Siemens has addressed tens of vulnerabilities in Siemens Digital Industries Software products that can allow arbitrary code execution. Siemens has addressed 18 vulnerabilities affecting some products of Siemens Digital Industries Software which provides product lifecycle management (PLM) solutions. The vulnerabilities affect Siemens JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format) and […] | Tool | ||
|
2021-01-16 13:05:09 | (Déjà vu) Joker\'s Stash, the largest carding site, is shutting down (lien direct) | Joker’s Stash to shut down on February 15, 2021. Joker's Stash, the largest carding marketplace online announced that it was shutting down its operations on February 15, 2021. Joker's Stash, the largest carding marketplace online, announced that its operations will shut down on February 15, 2021. The administrator announced the decision via messages posted on […] | |||
|
2021-01-15 21:46:32 | Signal is down for multiple users worldwide (lien direct) | The popular signal messaging app Signal is currently facing issues around the world, users are not able to make calls and send/receive messages. At the time of this writing, it is not possible to make calls and send/receive messages. Users that attempted to send messages via the messaging app were seeing loading screen and after it […] | |||
|
2021-01-15 17:36:14 | Expert launched Malvuln, a project to report flaws in malware (lien direct) | The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes. The security expert John Page (aka hyp3rlinx) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes. The news was first announced by SecurityWeek, the researcher explained that Malvuln is […] | Malware | ||
|
2021-01-15 14:13:30 | Winnti APT continues to target game developers in Russia and abroad (lien direct) | A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers from Positive Technologies have uncovered a series of attacks conducted by a Chinese threat actor that aimed at organizations in Russia and Hong Kong. Experts attribute the attacks to the China-linked Winnti APT group (aka APT41) […] | Threat Guideline | APT 41 APT 41 | |
|
2021-01-15 07:49:44 | Cisco says its RV routers will no longer receive updates (lien direct) | Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life (EOL). Cisco will no longer release firmware updates to address 74 vulnerabilities affecting some of its RV routers that reached end-of-life (EOL). The vendor will not release updates for RV110W, RV130, RV130W, and RV215W devices […] | |||
|
2021-01-14 21:55:17 | Expert discovered a DoS vulnerability in F5 BIG-IP systems (lien direct) | A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks. The security expert Nikita Abramov from Positive Technologies discovered a DoS vulnerability, tracked as CVE-2020-27716, that affects certain versions of F5 BIG-IP Access Policy Manager (APM). The F5 BIG-IP Access Policy Manager is a secure, flexible, […] | Vulnerability | ||
|
2021-01-14 19:28:15 | Operation Spalax, an ongoing malware campaign targeting Colombian entities (lien direct) | Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian entities exclusively. The attacks aimed at government institutions and private companies, most of them in the energy and metallurgical sectors. The campaign […] | Malware | ||
|
2021-01-14 16:46:13 | CAPCOM: 390,000 people impacted in the recent ransomware Attack (lien direct) | Capcom revealed that the recent ransomware attack has potentially impacted 390,000 people, an increase of approximately 40,000 people from the previous report. In November, Japanese game developer Capcom admitted to have suffered a cyberattack that is impacting business operations. The company has developed multiple multi-million-selling game franchises, including Street Fighter, Mega Man, Darkstalkers, Resident Evil, Devil May […] | Ransomware | ||
|
2021-01-14 13:15:39 | Classiscam expands to Europe: Russian-speaking scammers lure Europeans to pages mimicking classifieds (lien direct) | Russian-speaking scammers started targeting users of European marketplaces and classifieds is a criminal scheme dubbed Classiscam. Group-IB, a global threat hunting and and adversary-centric cyber intelligence company, has discovered that Russian-speaking scammers started targeting users of European marketplaces and classifieds. The scheme, dubbed Classiscam by Group-IB, is an automated scam as a service designed to steal money […] | Threat | ||
|
2021-01-14 12:17:20 | Cisco addresses a High-severity flaw in CMX Software (lien direct) | Cisco addressed tens of high-severity flaws, including some flaws in the AnyConnect Secure Mobility Client and in its small business routers. This week Cisco released security updates to address 67 high-severity vulnerabilities, including issues affecting Cisco's AnyConnect Secure Mobility Client and small business routers (i.e. Cisco RV110W, RV130, RV130W, and RV215W). One of the flaws fixed […] | |||
|
2021-01-14 10:35:55 | CISA warns of recent successful cyberattacks against cloud service accounts (lien direct) | The US CISA revealed that several recent successful cyberattacks against various organizations' cloud services. The Cybersecurity and Infrastructure Security Agency (CISA) announced that several recent successful cyberattacks hit various organizations' cloud services. According to the agency, the attackers conducted phishing campaigns and exploited poor cyber hygiene practices of the victims in the management of cloud […] | |||
|
2021-01-13 22:49:05 | Attackers targeted Accellion FTA in New Zealand Central Bank attack (lien direct) | The root cause for the hack of the New Zealand Central Bank was the Accellion FTA (File Transfer Application) file sharing service. During the weekend, the New Zealand central bank announced that a cyber attack hit its infrastructure. According to the Government organization, one of its data systems has been breached by an unidentified hacker, commercially […] | Hack | ★★ | |
|
2021-01-13 18:43:38 | Rogue Android RAT emerges from the darkweb (lien direct) | Experts discovered an Android Remote Access Trojan, dubbed Rogue, that can allow to take over infected devices and steal user data. Rogue is a new mobile RAT discovered by researchers from Check Point while investigating the activity of the darknet threat actors known as Triangulum and HeXaGoN Dev. Both actors are Android malware authors that […] | Malware Threat | ||
|
2021-01-13 14:25:32 | Microsoft Patch Tuesday for January 2021 fixes 83 flaws, including an actively exploited issue (lien direct) | Microsoft Patch Tuesday security updates for January 2021 address 83 vulnerabilities, including a critical flaw actively exploited in the wild. Microsoft Patch Tuesday security updates for January 2021 fix 83 security vulnerabilities in multiple products, including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Office and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Malware Protection Engine, […] | Malware | ||
|
2021-01-13 06:59:42 | Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe\'s data policies compare (lien direct) | CyberNews researchers analyzed data from multiple social platforms like Parler, Twitter, Facebook, MeWe's to compare data policies. Original Post at https://cybernews.com/privacy/how-parler-twitter-facebook-mewe-data-policies-compare/ Alternative social media platforms, also known as “alt” or alt-tech, were catapulted into the spotlight near the end of 2020 due to US President Donald Trump's claims of election interference. Twitter-alternative Parler in particular […] | |||
|
2021-01-12 23:32:41 | Sophisticated hacking campaign uses Windows and Android zero-days (lien direct) | Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole […] | Threat | ||
|
2021-01-12 21:41:52 | (Déjà vu) Police took down DarkMarket, the world\'s largest darknet marketplace (lien direct) | The world’s largest black marketplace on the dark web, DarkMarket, has been taken offline by law enforcement in an international operation. DarkMarket, the world’s largest black marketplace on the dark web, has been taken offline as a result of an international operation conducted by law enforcement from Germany, Australia, Denmark, Moldova, Ukraine, the United Kingdom […] | |||
|
2021-01-12 19:22:53 | (Déjà vu) EMA: Some of Pfizer/BioNTech COVID-19 vaccine data was leaked online (lien direct) | The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In December, a cyber attack hit the European Medicines Agency (EMA). At the time, the EMA did not provide technical details about the attack, nor whether it will have an impact on its operations while it […] | |||
|
2021-01-12 11:41:20 | Sunspot, the third malware involved in the SolarWinds supply chain attack (lien direct) | Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot, directly involved in the SolarWinds supply chain attack. According to a new report published by the cybersecurity firm Crowdstrike, a third malware, dubbed SUNSPOT, was involved in the recently disclose SolarWinds supply chain attack. SUNSPOT was discovered after the Sunburst/Solorigate backdoor and […] | Malware | Solardwinds | |
|
2021-01-12 08:38:14 | (Déjà vu) Bitdefender releases free decrypter for Darkside ransomware (lien direct) | Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware, they could recover their files for free using a tool that was released by the security firm Bitdefender. The decrypter seems to work for all […] | Ransomware Tool | ★★★★ | |
|
2021-01-11 23:08:33 | Ubiquiti discloses a data breach (lien direct) | American technology company Ubiquiti Networks is disclosed a data breach and is notifying its customers via email. American technology vendor Ubiquiti Networks suffered a data breach and is sending out notification emails to its customers asking them to change their passwords and enable 2FA for their accounts. The company discovered unauthorized access to some of […] | Data Breach | ||
|
2021-01-11 21:37:06 | Connecting the dots between SolarWinds and Russia-linked Turla APT (lien direct) | Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar. Security experts from Kaspersky have identified multiple similarities between the Sunburst malware used in the SolarWinds supply chain attack and the Kazuar backdoor that has been employed in cyber espionage campaigns conducted by Russia-linked APT group Turla. The discovery […] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-11 13:31:18 | Russian hacker Andrei Tyurin sentenced to 12 years in prison (lien direct) | A U.S. court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in an international hacking campaign. A U.S. court sentenced this week Andrei Tyurin (37) to 12 years in prison for carrying out an international hacking campaign that targeted several financial institutions, brokerage firms, financial news publishers, […] | |||
|
2021-01-11 11:06:07 | Experts found gained access to the Git Repositories of the United Nations (lien direct) | Researchers obtained gained access to the Git Repositories belonging to the United Nations, exposing staff records and credentials. The research group Sakura Samurai was able to access the repositories of the United Nations as part of the Vulnerability Disclosure Program and a Hall of Fame operated by the organization. The group, composed of Jackson Henry, […] | Vulnerability |
To see everything:
Our RSS (filtrered)
