What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-07 00:16:29 | Pre-Installed Malware Dropper Found On German Gigaset Android Phones (lien direct) | In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app.
"The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app," Malwarebytes researcher Nathan Collier said. "This app is not |
Malware | ||
|
2021-04-06 22:38:07 | Experts uncover a new Banking Trojan targeting Latin American users (lien direct) | Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government.
Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the malware aims to disguise its true intent via lookalike pop-up windows that are designed to resemble |
Malware | ||
|
2021-04-06 06:43:59 | Watch Out! Mission Critical SAP Applications Are Under Active Attack (lien direct) | Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research.
"Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common security and compliance controls, and enabling attackers to steal sensitive information, perform financial |
Guideline | ||
|
2021-04-06 03:09:00 | MITRE Madness: A Guide to Weathering the Upcoming Vendor Positioning Storm (lien direct) | April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a barometer of platform effectiveness.
This means that every cybersecurity vendor will be tripping |
|||
|
2021-04-06 00:04:02 | Hackers Targeting professionals With \'more_eggs\' Malware via LinkedIn Job Offers (lien direct) | A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called "more_eggs."
To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims' job titles taken from their LinkedIn profiles.
"For example, if the |
Malware | ||
|
2021-04-05 07:52:56 | How the Work-From-Home Shift Impacts SaaS Security (lien direct) | The data is in. According to IBM Security's 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365, has increased 630%.
Moreover, 75% of respondents report that discovery and recovery time from data breaches has significantly increased due |
Data Breach | ||
|
2021-04-04 03:04:02 | (Déjà vu) 533 Million Facebook Users\' Phone Numbers and Personal Data Leaked Online (lien direct) | In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free-which was harvested by hackers in 2019 using a Facebook vulnerability.
The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country, |
|||
|
2021-04-02 23:49:52 | How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection (lien direct) | Many enterprises rely on more than one security tool to protect their technology assets, devices, and networks. This is particularly true for organizations that use hybrid systems or a combination of cloud and local applications. Likewise, companies whose networks include a multitude of smartphones and IoT devices are likely to deploy multiple security solutions suitable for different scenarios. |
Tool | ||
|
2021-04-02 23:41:55 | Google limits which apps can access the list of installed apps on your device (lien direct) | Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed.
Apart from all the usual concerns about misuse of such a data grab, the information can be abused by a potentially harmful app to fingerprint other installed apps, check for the presence |
|||
|
2021-04-01 05:34:31 | DeepDotWeb Admin Pleads Guilty to Money Laundering Charges (lien direct) | The U.S. Department of Justice (DoJ) on Wednesday said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb (DDW), a "news" website that "served as a gateway to numerous dark web marketplaces."
According to the unsealed court documents, Tal Prihar, 37, an Israeli citizen residing in Brazil, operated DDW alongside Michael Phan, 34, of Israel, |
Guideline | ||
|
2021-04-01 03:15:49 | 22-Year-Old Charged With Hacking Water System and Endangering Lives (lien direct) | A 22-year-old man from the U.S. state of Kansas has been indicted on charges that he unauthorizedly accessed a public water facility's computer system, jeopardizing the residents' safety and health in the local community.
Wyatt A. Travnichek, 22, of Ellsworth County, Kansas, has been charged with one count of tampering with a public water system and one count of reckless damage to a protected |
|||
|
2021-04-01 02:49:20 | How to Vaccinate Against the Poor Password Policy Pandemic (lien direct) | Data breaches remain a constant threat, and no industry or organization is immune from the risks. From Fortune 500 companies to startups, password-related breaches continue to spread seemingly unchecked.
As a result of the volume of data breaches and cybersecurity incidents, hackers now have access to a vast swathe of credentials that they can use to power various password-related attacks.
One |
|||
|
2021-04-01 01:19:06 | Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence (lien direct) | A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service (BITS) so as to deploy malicious payloads on Windows machines stealthily.
In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign that distributed custom backdoors such as KEGTAP, which ultimately paved the way for RYUK |
|||
|
2021-03-31 23:58:40 | Hackers Set Up a Fake Cybersecurity Firm to Target Real Security Experts (lien direct) | A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack.
In an update shared on Wednesday, Google's Threat Analysis Group said the attackers behind the operation set up a fake security company called SecuriElite and a slew of social media accounts across Twitter and |
Malware Threat | ||
|
2021-03-31 06:02:52 | Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What\'s Next (lien direct) | You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution.
But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team. More than likely, you noticed that it has its share of detection blind spots and limitations for |
|||
|
2021-03-31 01:42:43 | Hackers are implanting multiple backdoors at industrial targets in Japan (lien direct) | Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan.
Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attacks undertaken by APT10 (aka Stone Panda or Cicada) using previously undocumented malware to deliver |
Malware | APT 10 APT 10 | |
|
2021-03-29 23:21:45 | MobiKwik Suffers Major Breach - KYC Data of 3.5 Million Users Exposed (lien direct) | Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month.
The leaked data includes sensitive personal information such as:customer names,hashed passwords,email addresses,residential addresses,GPS |
Data Breach | ||
|
2021-03-29 08:28:08 | Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks (lien direct) | As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units (RTUs) that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service.
"Successful exploitation of these vulnerabilities could result in remote code execution, which may cause a denial-of-service condition," the U.S. |
|||
|
2021-03-29 04:49:07 | New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems (lien direct) | Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory.
Discovered by Piotr Krysiuk of Symantec's Threat Hunter team, the flaws - tracked as CVE-2020-27170 and CVE-2020-27171 (CVSS |
Threat | ||
|
2021-03-29 04:45:53 | How to Effectively Prevent Email Spoofing Attacks in 2021? (lien direct) | Email spoofing is a growing problem for an organization's security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as "the forgery of an email address header to make the message appear as if it was sent from a person or location other than the actual sender," it has plagued brands for decades. |
|||
|
2021-03-29 02:57:10 | PHP\'s Git Server Hacked to Insert Secret Backdoor to Its Source code (lien direct) | In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.
The two malicious commits were pushed to the self-hosted "php-src" repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the |
|||
|
2021-03-27 02:14:40 | Watch Out! That Android System Update May Contain A Powerful Spyware (lien direct) | Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities - from collecting browser searches to recording audio and phone calls.
While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new malicious app |
Malware | ||
|
2021-03-26 23:57:43 | (Déjà vu) Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack (lien direct) | Merely weeks after releasing out-of-band patches for iOS, iPadOS, macOS and watchOS, Apple has released yet another security update for iPhone, iPad, Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild.
Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that could enable adversaries to process maliciously crafted web content that |
Vulnerability | ||
|
2021-03-26 07:56:12 | OpenSSL Releases Patches for 2 High-Severity Security Vulnerabilities (lien direct) | The maintainers of OpenSSL have released a fix for two high-severity security flaws in its software that could be exploited to carry out denial-of-service (DoS) attacks and bypass certificate verification.
Tracked as CVE-2021-3449 and CVE-2021-3450, both the vulnerabilities have been resolved in an update (version OpenSSL 1.1.1k) released on Thursday. While CVE-2021-3449 affects all OpenSSL |
|||
|
2021-03-26 01:57:28 | New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks (lien direct) | New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network.
AdaptiveMobile shared its findings with the GSM Association (GSMA) on February 4, 2021, following which the weaknesses were |
|||
|
2021-03-25 22:07:54 | Another Critical RCE Flaw Discovered in SolarWinds Orion Platform (lien direct) | IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution (RCE).
Chief among them is a JSON deserialization flaw that allows an authenticated user to execute arbitrary code via |
Tool | ||
|
2021-03-25 05:05:29 | Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers (lien direct) | More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities.
The development, a 43% improvement from the previous week, caps off a whirlwind of espionage and malware campaigns that hit |
Ransomware Malware | ||
|
2021-03-25 04:43:56 | Forcing Self-Service Password Reset (SSPR) Registration to Increase ROI (lien direct) | When your organization invests in a new product or service, it is essential that you take advantage of all the features it has to offer. This will help you to maximize your return on investment (ROI). If you have purchased or are thinking about purchasing a self-service password reset (SSPR) tool, one of the most important things you will need to do is make sure that 100% of users are registered |
|||
|
2021-03-25 02:58:36 | Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems (lien direct) | Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS.
Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a |
Hack | ||
|
2021-03-25 01:52:11 | Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad (lien direct) | Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices.
"They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, |
Hack | ||
|
2021-03-23 23:36:20 | Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers (lien direct) | Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities.
The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," according to |
Malware | ||
|
2021-03-23 04:24:24 | (Déjà vu) Critical Flaws Affecting GE\'s Universal Relay Pose Threat to Electric Utilities (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices.
"Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in an advisory |
Threat | ||
|
2021-03-22 22:47:01 | WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack (lien direct) | Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks.
Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an "improper input validation" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests |
Vulnerability | ||
|
2021-03-22 07:52:54 | Popular Netops Remote Learning Software Found Vulnerable to Hacking (lien direct) | Cybersecurity researchers on Sunday disclosed several critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers.
"These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network to gain full |
|||
|
2021-03-22 01:34:44 | Critical RCE Vulnerability Found in Apache OFBiz ERP Software-Patch Now (lien direct) | The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system.
Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an attack vector to permit |
Vulnerability | ||
|
2021-03-20 09:03:30 | Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online (lien direct) | Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks.
News of in the wild exploitation development comes on the heels of a proof-of-concept exploit code that |
|||
|
2021-03-19 04:34:08 | Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud (lien direct) | The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks-a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company.
A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. Department of Justice (DoJ) on Thursday |
Ransomware Malware | ★★★ | |
|
2021-03-18 23:48:27 | New Zoom Screen-Sharing Bug Lets Other Users Access Restricted Apps (lien direct) | A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings.
Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, thereby briefly exposing the contents to all meeting participants.
It's worth pointing out |
Vulnerability | ||
|
2021-03-18 09:08:15 | Critical RCE Flaw Reported in MyBB Forum Software-Patch Your Sites (lien direct) | A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account.
The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it released an |
|||
|
2021-03-18 06:03:41 | How to Successfully Pursue a Career in Malware Analysis (lien direct) | Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds?
As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive. Once upon a time, a computer virus might cause |
Malware | ||
|
2021-03-18 03:19:16 | Why Cached Credentials Can Cause Account Lockouts and How to Stop it (lien direct) | When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked.
Another common cause, for example, is an application or script that is configured to log into the system using an old password. Perhaps the most easily |
|||
|
2021-03-18 02:06:08 | Google Reveals What Personal Data Chrome and It\'s Apps Collect On You (lien direct) | Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes.
"After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company |
|||
|
2021-03-17 23:59:55 | Flaws in Two Popular WordPress Plugins Affect Over 7 Million Websites (lien direct) | Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios.
The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of a WordPress site.
According to Wordfence |
Tool | ★★★★ | |
|
2021-03-17 04:20:39 | Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code (lien direct) | Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories.
"The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials," the company said in a write-up detailing its investigation, adding the |
Threat | ||
|
2021-03-17 04:09:14 | [Webinar] Oy Vey, We Hired a Large, Hairy Hacker… (lien direct) | It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover.
After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing platforms and tools to defend organizations, the other keeping them accountable and looking for blind |
|||
|
2021-03-17 02:25:20 | 18-Year-Old Hacker Gets 3 Years in Prison for Massive Twitter \'Bitcoin Scam\' Hack (lien direct) | A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence.
Graham Ivan Clark, 18, will also serve an additional three years on probation.
The development comes after the U.S. Department of Justice (DoJ) charged Mason Sheppard (aka |
Hack | ||
|
2021-03-17 01:33:24 | Apple May Start Delivering Security Patches Separately From Other OS Updates (lien direct) | Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems.
According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates.
The changes were first reported by the 9to5Mac website.
While Google's Android has had monthly security |
|||
|
2021-03-16 03:32:22 | New Mirai Variant and ZHtrap Botnet Malware Emerge in the Wild (lien direct) | Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy Mirai variants on compromised systems.
"Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection behaviors such as downloading and executing Mirai variants and brute-forcers," Palo Alto Networks' Unit 42 Threat |
Malware | ||
|
2021-03-15 23:06:51 | Use This One-Click Mitigation Tool from Microsoft to Prevent Exchange Attacks (lien direct) | Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks.
Called Exchange On-premises Mitigation Tool (EOMT), the PowerShell-based script serves to mitigate against current known attacks using CVE-2021-26855, scan the Exchange Server using |
Tool | ||
|
2021-03-15 03:03:35 | Rising Demand for DDoS Protection Software Market By 2020-2028 (lien direct) | Distributed Denial of Service (DDoS) attack is a malicious form of attack that disrupts the regular network traffic by overwhelming the website with more traffic than the server can handle. The main aim of this kind of cyberattack is to render the website inoperable.
Over recent years, these kinds of attacks are increasing, fueling the demand for the best DDoS protection software solutions. Many |
★★ |
To see everything:
Our RSS (filtrered)
