What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-21 14:51:03 | South Korea – 1,600 guests at 30 motels secretly live streamed (lien direct) | Four people from South Korea are accused of secretly live streaming, and selling videos made with spy-cam installed in 42 motel rooms at 30 motels in 10 cities in South Korea. According to the media, 1600 motel guests between November 24 and March 2 were spied by the indicted individuals that now face up to […] | |||
|
2019-03-21 10:04:01 | Pwn2Own 2019 Day 1 – participants hacked Apple, Oracle, VMware products (lien direct) | Pwn2Own 2019 hacking competition is started and participants hacked Apple Safari browser, Oracle VirtualBox and VMware Workstation on the first day. As you know I always cover results obtained by white hat hackers at hacking competitions, for this reason, today I’ll share with you the results of the first day of the Pwn2Own 2019. Pwn2Own […] | |||
|
2019-03-21 08:33:03 | Experts found a critical vulnerability in the NSA Ghidra tool (lien direct) | A security expert has discovered a vulnerability in the NSA Ghidra platform that could be exploited to execute code remotely. A security expert who goes online with the handle of sghctoma has discovered a vulnerability in Ghidra platform recently released by the US NSA, the issue could be exploited to execute code remotely. GHIDRA is […] | Tool Vulnerability | ||
|
2019-03-21 07:36:02 | [SI-LAB] LockerGoga is the most active ransomware that focuses on targeting companies (lien direct) | LockerGoga is the most active ransomware, experts warns it focuses on targeting companies and bypass AV signature-based detection. LockerGoga ransomware is a crypto-malware that loads the malicious file on the system from an infected email attachment. This threat is very critical these days, and it is the most active ransomware that focuses on targeting companies. Altran and Norsk Hydro are two companies severely […] | Ransomware Threat | ||
|
2019-03-20 18:23:02 | MyPillow and Amerisleep are the latest victims of Magecart gangs (lien direct) | Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. The Magecart umbrella includes at least 11 different hacking crews that has been active at least since […] | |||
|
2019-03-20 14:51:00 | Putty users have to download a new release that fixes 8 flaws (lien direct) | PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws The popular SSH client program PuTTY has released an important software update to address eight high-severity security vulnerabilities. PuTTY is one of the most popular open-source software that allows users to access computers over SSH, Telnet, and Rlogin network protocols. The popular SSH client program […] | |||
|
2019-03-20 12:48:03 | SimBad malware infected million Android users through Play Store (lien direct) | Security experts at Check Point uncovered a sophisticated malware campaign spreading the SimBad malicious code through the official Google Play Store. Researchers at Check Point have uncovered a sophisticated malware campaign spreading the SimBad agent through the official Google Play Store. According to experts, more than 150 million users were already impacted. SimBad disguises itself […] | Malware | ||
|
2019-03-20 09:09:05 | Google white hat hacker found new bug class in Windows (lien direct) | James Forshaw, a white hat hacker at Google Project Zero, has discovered a new class of bugs that affect Windows and some of its drivers. Google Project Zero hacker James Forshaw discovered a new class of flaws that reside in some of the kernel mode drivers in Windows that could allow attackers to escalate privileges. […] | |||
|
2019-03-20 07:50:02 | The Document that Microsoft Eluded AppLocker and AMSI (lien direct) | Experts analyzed an Office document containing a payload that is able to bypass Microsoft AppLocker and Anti-Malware Scan Interface (AMSI), Introduction Few days ago, during intel sources monitoring operation, the Cybaze-Yoroi ZLAB team encountered an interesting Office document containing some peculiarities required a deeper analysis: its payload includes techniques suitable to bypass modern Microsoft security mechanisms […] | |||
|
2019-03-19 18:34:02 | Experts observed the growth of hi-tech crime landscape in Asia in 2018 (lien direct) | Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. Group-IB, an international company that specializes in preventing cyberattacks, on Money2020 Asia presented the analysis of hi-tech crime landscape in Asia in 2018 and concluded that cybercriminals show an increased interest in Asia […] | |||
|
2019-03-19 15:53:02 | Aluminum producer Norsk Hydro hit by a massive cyber attack (lien direct) | The giant of aluminum producers, Norway’s Norsk Hydro, announced on Tuesday that it had been hit by a cyber-attack of unknown origin. One of the biggest Aluminum producer, the Norwegian Norsk Hydro, suffered an extensive cyber attack. “Hydro became victim of an extensive cyberattack in the early hours of Tuesday, impacting operations in several of […] | |||
|
2019-03-19 14:57:04 | New JNEC.a Ransomware delivered through WinRAR exploit (lien direct) | A new strain of ransomware tracked as JNEC.a is spreading through an exploit that triggers the recently discovered vulnerability in WinRAR. The ransomware was involved in the attacks observed by the Qihoo 360 Threat Intelligence Center in the wild, threat actors used an archive named “vk_4221345.rar” that delivers JNEC.a when its contents are extracted with […] | Ransomware Vulnerability Threat | ||
|
2019-03-19 09:30:00 | EU adopts EU Law Enforcement Emergency Response Protocol for massive cyberattacks (lien direct) | Europol announced the EU Law Enforcement Emergency Response Protocol new protocol for law enforcement agencies in the European Union and abroad to handle major cross-border cyberattacks. Europol announced the adoption of a new protocol for law enforcement bodies in the EU and abroad to respond to major cyber cross-border cyberattacks. The protocol dubbed EU Law […] | |||
|
2019-03-19 06:54:03 | A new development shows a potential shift to using Mirai to target enterprises (lien direct) | PaloAlto Networks researchers discovered a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Researchers at PaloAlto Networks spotted a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks […] | Malware | ||
|
2019-03-16 13:46:02 | Israeli Candidate for PM Benny Gantz hacked by Iranian cyberspies (lien direct) | Israeli media reported this week that the Shin Bet internal security service warned Benny Gantz that Iranian cyber spies hacked his cellphone exposing his personal data. Iranian hackers targeted the campaign of the former Israeli military chief Benny Gantz who is a leading challenger to Prime Minister Netanyahu in next elections. According to the Israeli […] | Guideline | ★★ | |
|
2019-03-16 10:11:01 | German legislative body wants to tighten penalties against black marketplace operators (lien direct) | Germany’s states have decided to criminalize black marketplace operators with the introduction of specific federal legislation. Germany’s states have voted to punish operators of dark web platforms with the introduction of federal legislation. The legislation aims at criminalizing every operator behind darkweb marketplaces where illegal activities take place. This Friday, therefore, the German Federal Council […] | ★★ | ||
|
2019-03-16 06:43:04 | Secur Solutions Group data leak exposes 800,000 Singapore blood donors (lien direct) | Secur Solutions Group data leak – Another clamorous data leak made the headlines, personal information of 808,201 blood donors in Singapore was exposed online. The news was first reported by The Straits Times, the huge trove of data was contained in a database operated by the Secur Solutions Group Pte Ltd (SSG). People who registered […] | |||
|
2019-03-15 15:06:00 | It is the first time in the history that civic groups hold a protest against a national CERT (lien direct) | Demonstration in front of the National CERT of Philippines for failing to act on cyber attacks targeting regime critical media and civil society organizations On March 12, the World Day Against Cyber-Censorship, media and civilsociety organizations in Philippines held a demonstration in front ofNCERT (National Computer Emergency Response Team) to protest against the negligence of […] | |||
|
2019-03-15 14:00:04 | Recently fixed WinRAR bug actively exploited in the wild (lien direct) | Several threat actors are still exploiting a recently patched critical vulnerability in the popular compression software WinRAR. Several threat actors are actively exploiting a critical remote code execution vulnerability recently addressed in WinRAR. The exploitation of the flaw in the wild is worrisome because the WinRAR software doesn’t have an auto-update feature, leaving millions of […] | Vulnerability Threat | ||
|
2019-03-15 08:48:01 | Experts published details of the actively exploited CVE-2019-0808 Windows Flaw (lien direct) | Experts from Qihoo 360 disclosed technical details of the actively exploited Windows zero-day flaw CVE-2019-0808 recently patched by Microsoft. Researchers at the security firm Qihoo 360 disclosed technical details of the zero-day vulnerability CVE-2019-0808 that was recently patched by Microsoft. The vulnerability was reported to Microsoft by researchers from Google's Threat Analysis Group that observed […] | Vulnerability Threat | ||
|
2019-03-15 07:53:04 | A few binary plating 0-days for Windows (lien direct) | While we were thinking about a way to escalate privileges during a pen-test, we discovered that most Windows installations were vulnerable to binary planting. A long time ago, while we were thinking about a way to escalate privileges during a pen-test, we discovered that most Windows installations were vulnerable to binary planting. We contacted Microsoft, but […] | |||
|
2019-03-15 07:34:03 | GlitchPOS PoS Malware appears in the cybercrime underground (lien direct) | A new piece of PoS malware appeared in the threat landscape, the malicious code dubbed GlitchPOS has been found on a crimeware forum. The GlitchPOS malware is able to steal credit card numbers (Track1 and Track2) from the memory of the infected system, it uses a regular expression to perform this task. The malicious code […] | Malware Threat | ||
|
2019-03-14 22:03:00 | Payment data of thousands of customers of UK and US online stores could have been compromised (lien direct) | Group-IB, an international company that specializes in preventing cyberattacks, has uncovered a malicious code designed to steal customers' payment data on seven online stores in the UK and the US. The injected code has been identified as a new JavaScript Sniffer (JS Sniffer), dubbed by Group-IB as GMO. Group-IB Threat Intelligence team first discovered the GMO JS Sniffer on the […] | Threat | ||
|
2019-03-14 19:27:03 | Torrent Risks: How to get infected through torrent with a good reputation (lien direct) | Experts at Z-Lab Yoroi/Cybaze have conducted an interesting analysis on the risks for users downloading films, games, and software through Torrent. Digital media sharing is one of the most relevant phenomena since the advent of the internet. During the 80's and 90's, with the rapid growth the Internet, people around the world started sharing digital […] | |||
|
2019-03-14 14:38:00 | Cisco addresses a critical static credential flaw in Common Services Platform Collector (lien direct) | Cisco released security updates to address a critical vulnerability in its Cisco Common Services Platform Collector (CSPC) software. Cisco released security updates to address a critical flaw, tracked as CVE-2019-1723, that consists in the presence of a default account with a static password. The account hasn’t admin privileges, but it could be exploited by an […] | Vulnerability | ||
|
2019-03-14 11:31:01 | CSRF flaw in WordPress potentially allowed the hack of websites (lien direct) | Security researcher Simon Scannell from RIPS Technologies, has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. The flaw is a cross-site request forgery (CSRF) that resides in the comment section of WordPress that is enabled by default, the issue affects all WordPress versions prior to version 5.1.1. […] | Hack Vulnerability Guideline | ||
|
2019-03-14 09:57:02 | 39% of all existing Counter-Strike 1.6 game servers online are malicious (lien direct) | Experts at security firm Dr. Web revealed that 39% of all existing Counter-Strike 1.6 game servers online are malicious, an attacker is exploiting zero-day flaws in game clients. Bad news for gamers of the popular game Counter-Strike, according to the experts at the security firm Dr. Web, 39% of all existing Counter-Strike 1.6 game servers […] | |||
|
2019-03-14 08:15:01 | DMSniff POS Malware has flown under the radar for at least four years (lien direct) | Malware researchers at Flashpoint revealed that at least since 2016, a PoS malware dubbed DMSniff has flown under the radar. Malware researchers at Flashpoint revealed that since 2016, a PoS malware dubbed DMSniff has been involved in breaches of small- and medium-sized businesses in the restaurant and entertainment industries. DMSniff leverages a domain generation algorithm […] | Malware | ||
|
2019-03-13 20:54:04 | (Déjà vu) CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups (lien direct) | One of the zero-day flaws (CVE-2019-0797) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups. This week, Microsoft released Patch Tuesday security updates for March 2019 that address 64 flaws, including two Windows zero-day vulnerabilities exploited in targeted attacks. One of the flaws, […] | |||
|
2019-03-13 15:16:05 | Modular Cryptojacking malware uses worm abilities to spread (lien direct) | Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities by leveraging known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer. The Monero cryptocurrency miner […] | Malware | ||
|
2019-03-13 07:21:01 | Russia attempts to prevent Russian citizens from using ProtonMail (lien direct) | ProtonMail back after the Russian government has been attempting to prevent Russian citizens from sending messages to ProtonMail. ProtonMail is now running normally in Russia, the popular encrypted email service was blocked after students at a sports competition were using it to spread anti-regime propaganda. The Russian news aggregator service Habr reported that Russian telcos […] | |||
|
2019-03-13 06:20:02 | (Déjà vu) Microsoft Patch Tuesday updates for March 2019 patches two Windows flaws exploited in targeted attacks (lien direct) | Microsoft Patch Tuesday updates for March 2019 address 64 flaws, including two Windows zero-day vulnerabilities exploited in targeted attacks. Microsoft Patch Tuesday updates for March 2019 address 64 vulnerabilities, including two Windows zero-day flaws that have been exploited in targeted attacks. Four of the vulnerabilities addressed by Microsoft were publicly disclosed before fixes were released, […] | |||
|
2019-03-12 19:26:01 | Users claim Samsung Galaxy S10 Face Recognition can be bypassed (lien direct) | The screen lock feature in the Samsung Galaxy S10 that is based on face recognition can be easily bypassed using a photo or a video of the owner. The discovery was made by users and tech reviewers that demonstrated how to bypass face recognition screen lock implemented in the Samsung Galaxy S10 model. Even if […] | |||
|
2019-03-12 14:42:00 | Adobe Patch Tuesday updates address critical in Photoshop, Digital Editions (lien direct) | Adobe Patch Tuesday updates for March 2019 address critical vulnerabilities in Photoshop CC and Digital Editions products. Adobe Patch Tuesday updates for March 2019 address critical flaws in Photoshop CC and Digital Editions products. The updates address a heap overflow issue affecting the Digital Editions ebook reader software, the bug could be exploited by attackers […] | |||
|
2019-03-12 12:49:04 | Mysterious open database included \'BreedReady\' status for 1.8 Million Women (lien direct) | Expert found an open database in China containing the personal information of more than 1.8 million women, including a strange “BreedReady” status. Another data leak made the headlines, this time a database containing a creepy set of details collected on more than 1.8 million women in China was left unprotected online. The huge trove of […] | |||
|
2019-03-12 11:03:05 | Apex Legends for Android: a Fake App could Compromise your Smartphone (lien direct) | Yoroi-Cybaze ZLab malware researchers have analyzed four different fake android APKs that pretend to be versions of the Apex Legends game. Introduction At the beginning of 2019, Electronic Arts released a game for PC, XBox One and Playstation 4 named Apex Legends. It is a battle royal game like Titanfall and Fortnite, the latter is […] | Malware | ||
|
2019-03-12 07:42:04 | Vulnerability research hub Crowdfense is willing to pay $3 Million for iOS, Android zero-day exploits (lien direct) | orld-leading vulnerability research hub Crowdfense is offering up to $3 million for full-chain, zero-day exploits for iOS and Android. Vulnerability research firm Crowdfense is offering up to $3 million for working exploits for iOS and Android zero-day. In 2018, Crowdfence ran a $10 million bug bounty program, now the company decided to increment the value […] | Vulnerability Guideline | ||
|
2019-03-11 21:09:01 | Moxa Industrial Switches plagued with several flaws (lien direct) | Security experts have discovered many vulnerabilities, including a critical issue, in Moxa EDS and IKS industrial switches. Industrial control systems used in many industries, including the energy sector, critical manufacturing, and transportation, continues to be an element of concern for security experts. Researchers have discovered several vulnerabilities in Moxa EDS and IKS industrial switches. The […] | |||
|
2019-03-11 14:49:04 | Severe RCE vulnerability affected popular StackStorm Automation Software (lien direct) | The security researcher Barak Tawilyhas discovered a severe vulnerability, tracked as CVE-2019-9580, in the popular, open source event-driven platform StackStorm. According to the expert, the flaw could be exploited by a remote attacker to trick developers into executing arbitrary commands on targeted services. StackStorm has been used to automate workflows in many industries, it allows […] | Vulnerability | ||
|
2019-03-11 12:48:05 | STOP ransomware encrypts files and steals victim\'s data (lien direct) | Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. Experts observed the ransomware also installing the dreaded Azorult password-stealing Trojan on victim’s machine to steal account credentials, cryptocurrency wallets, documents […] | Ransomware | ||
|
2019-03-11 10:58:04 | Crooks use The Pirate Bay to spread PirateMatryoshka malware via reputed seeders (lien direct) | Crooks are abusing the torrent website The Pirate Bay to distribute the PirateMatryoshka malware that fuels the victim’s PC with unwanted software. Crooks abusing torrent services to distribute malware is not a novelty, Torrent users are often exposed to serious threats such if the one recently spotted by Kaspersky Lab and dubbed by the expert […] | Malware | ||
|
2019-03-11 06:44:02 | Saudi caller ID Dalil app exposed data of more than 5 million users (lien direct) | The Android caller ID app Dalil exposed online data belonging over 5 million users, security experts discovered a MongoDB database left accessible on the web without a password. The MongoDB behind the Android caller ID app Dalil was left exposed online, at least for a week, without a password, leaving 5 million users accessible on […] | |||
|
2019-03-10 17:36:03 | Venezuelan Minister declares Venezuela\'s Blackout may be caused by cyberattack carried by US (lien direct) | Venezuelan Minister of Communication and Information Jorge Rodriguez blamed US cyberattack for Venezuela’s blackout. Last week, Venezuela had suffered a major blackout and Nicolas Maduro immediately blamed on opposition “sabotage” of a hydroelectric dam. The power outage hit 22 of 23 states of the country and also the capital Caracas went in the dark. On […] | ★★ | ||
|
2019-03-10 14:26:02 | Security Affairs newsletter Round 204 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! · A Cobalt Strike flaw exposed attackers infrastructure · The operator of DDoS-for-hire service pleads guilty · The Wireshark Foundation released Wireshark 3.0.0 · Annual RSA Conference Exclusive […] | Guideline | ||
|
2019-03-10 10:58:04 | Jackson County paid $400,000 to crooks after ransomare attack (lien direct) | Ransomware threat makes the headlines again, this time an attack hit the computers of Jackson County, Georgia, paralyzing the government activity. Computers of Jackson County, Georgia, were infected with ransomware that paralyzed the government activity until officials decided to pay a $400,000 ransom to decrypt the files. “The Jackson County government paid online criminals about […] | Ransomware Threat | ||
|
2019-03-09 13:46:03 | Vulnerabilities in car alarm systems exposed 3 million cars to hack (lien direct) | Security experts at Pen Test Partners discovered several vulnerabilities in two smart car alarm systems put three million vehicles globally at risk of hack. The flaws could be exploited by attackers to disable the alarm, as well as track and unlock the vehicles using it, or to start and stop the engine even when the […] | Hack | ||
|
2019-03-09 06:50:00 | More than billion records exposed online by email validation biz Verifications.io (lien direct) | Experts found an unprotected server exposing online 4 MongoDB databases belonging to the email validation company Verifications.io. A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records. The archive includes 808,539,849 records containing: emailrecords = 798,171,891 records emailWithPhone = 4,150,600 records […] | |||
|
2019-03-09 05:53:04 | SLUB Backdoor leverages GitHub and Slack in targeted attacks (lien direct) | Malware researchers from Trend Micro have spotted a new piece of malware dubbed SLUB that leverages GitHub and Slack for C&C communications. Malware researchers at Trend Micro have spotted a new backdoor dubbed SLUB that abuse GitHub and Slack for command and control (C&C) communications. According to the experts, the SLUB backdoor (Backdoor.Win32.SLUB.A) was only […] | Malware | ||
|
2019-03-08 22:52:03 | FBI informed software giant Citrix of a security breach (lien direct) | The American multinational software company Citrix disclosed a security breach, according to the firm an international cyber criminals gang gained access to its internal network. The American multinational software company Citrix is the last victim of a security breach, according to the company an international cyber criminal gang gained access to its internal network, Hackers […] | |||
|
2019-03-08 12:41:03 | Evading AV with JavaScript Obfuscation (lien direct) | A few days ago, Cybaze-Yoroi ZLAB researchers spotted a suspicious JavaScript file that implemented several techniques to evade detection of all AV solutions. Introduction A few days ago, Cybaze-Yoroi ZLAB researchers spotted a suspicious JavaScript file needing further attention: it leveraged several techniques in order to evade all AV detection and no one of the […] |
To see everything:
Our RSS (filtrered)
