What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-21 01:11:42 | Iranian APT Group Targets Governments in Kuwait and Saudi Arabia (lien direct) | Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia.
Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known for its attacks on telecommunication and travel industries in the Middle East to collect personal |
Threat Prediction | APT 39 | |
|
2020-05-20 06:11:45 | [Guide] Finding Best Security Outsourcing Alternative for Your Organization (lien direct) | As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form.
Today, Cynet releases the Security Outsourcing Guide (download here), providing IT Security executives with clear and actionable guidance on |
|||
|
2020-05-20 03:33:03 | Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records (lien direct) | The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums.
In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix |
|||
|
2020-05-19 09:04:10 | Brazil\'s Biggest Cosmetic Brand Natura Exposes Personal Details of Its Users (lien direct) | Brazil's biggest cosmetics company Natura accidentally left hundreds of gigabytes of its customers' personal and payment-related information publicly accessible online to anyone without authentication.
SafetyDetective researcher Anurag Sen last month discovered two unprotected Amazon-hosted servers-272GB and 1.3TB in size-belonging to Natura that exposed more than 192 million records. |
|||
|
2020-05-19 06:50:41 | British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers\' Data (lien direct) | British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers.
In an official statement released today, EasyJet confirmed that of the 9 million affected users, a small subset of customers, i.e., 2,208 customers, have also had their |
Data Breach | ||
|
2020-05-19 04:20:48 | New Bluetooth Vulnerability Exposes Billions of Devices to Hackers (lien direct) | Academics from École Polytechnique Fédérale de Lausanne (EPFL) disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers.
The attacks, dubbed Bluetooth Impersonation AttackS or BIAS, concerns Bluetooth Classic, which supports Basic Rate (BR) and Enhanced Data Rate (EDR) for |
Vulnerability | ||
|
2020-05-15 02:43:00 | HTTP Status Codes Command This Malware How to Control Hacked Systems (lien direct) | A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.
The cyberespionage malware-traced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victims-spread via an initial dropper that masks itself as |
Malware | ||
|
2020-05-14 04:16:02 | Effective Business Continuity Plans Require CISOs to Rethink WAN Connectivity (lien direct) | As more businesses leverage remote, mobile, and temporary workforces, the elements of business continuity planning are evolving and requiring that IT professionals look deep into the nuts and bolts of connectivity.
CISOs and their team members are facing new challenges each and every day, many of which have been driven by digital transformation, as well as the adoption of other |
|||
|
2020-05-14 03:24:50 | Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable (lien direct) | Remember the Reverse RDP Attack-wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol?
Though Microsoft had patched the vulnerability (CVE-2019-0887) as part of its July 2019 Patch Tuesday update, it turns out researchers were able to bypass the patch just by replacing the backward |
Vulnerability | ||
|
2020-05-13 07:54:43 | Researcher Spots New Malware Claimed to be \'Tailored for Air‑Gapped Networks\' (lien direct) | A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks.
Dubbed 'Ramsay,' the malware is still under development with two more variants (v2.a and v2.b) spotted in the |
Malware | ||
|
2020-05-13 02:35:07 | U.S Defence Warns of 3 New Malware Used by North Korean Hackers (lien direct) | Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.
Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from |
Ransomware Malware | Wannacry | |
|
2020-05-12 03:37:18 | Over 4000 Android Apps Expose Users\' Data via Misconfigured Firebase Databases (lien direct) | More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data.
The investigation, led by Bob Diachenko from Security Discovery in partnership with Comparitech, is the result of an analysis of 15,735 |
|||
|
2020-05-12 02:59:54 | Cynet Offers IR Specialists Grants up to $1500 for each IR Engagement (lien direct) | In the past, the autonomous breach protection company Cynet announced that it is making Cynet 360 threat detection and response platform available at no charge for IR (incident response) service providers and consultants.
Today Cynet takes another step and announces a $500 grant for Incident Responders for each IR engagement in which Cynet 360 was used, with an additional $1,000 grant if the |
Threat | ||
|
2020-05-11 12:11:00 | An Undisclosed Critical Vulnerability Affect vBulletin Forums - Patch Now (lien direct) | If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability.
Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any information on the underlying security vulnerability, identified as CVE-2020-12720.
Written in PHP |
Vulnerability | ||
|
2020-05-11 09:28:30 | 7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years (lien direct) | A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports.
Collectively dubbed 'ThunderSpy,' the vulnerabilities can be exploited in 9 realistic evil-maid attack scenarios, primarily to steal data or read/write all of the system memory of a |
|||
|
2020-05-08 15:03:00 | DigitalOcean Data Leak Incident Exposed Some of Its Customers Data (lien direct) | DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties.
Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email.
According to the breach notification |
APT 32 | ||
|
2020-05-07 02:59:30 | This Asia-Pacific Cyber Espionage Campaign Went Undetected for 5 Years (lien direct) | An advanced group of Chinese hackers has recently been spotted to be behind a sustained cyber espionage campaign targeting government entities in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei-which went undetected for at least five years and is still an ongoing threat.
The group, named 'Naikon APT,' once known as one of the most active APTs in Asia until 2015, |
APT 30 | ||
|
2020-05-06 06:19:38 | Facebook Launches \'Discover,\' A Secure Proxy to Browse the Internet for Free (lien direct) | More than six years after Facebook launched its ambitious Free Basics program to bring the Internet to the masses, the social network is back at it again with a new zero-rating initiative called Discover.
The service, available as a mobile web and Android app, allows users to browse the Internet using free daily data caps.
Facebook Discover is currently being tested in Peru in partnership |
|||
|
2020-05-05 09:57:29 | Download: \'Coronavirus Cyber Security for Management\' Template for CISOs (lien direct) | The Coronavirus crisis introduces critical operational challenges to business continuity, placing high stress on organizations' management.
As a result, CIOs and CISOs face a double challenge on the cyber risk front – apart from the new risks that the mass transfer of employees working remotely brings, capturing the management mindshare for further investments in security becomes harder than |
|||
|
2020-05-05 09:14:59 | Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets (lien direct) | Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform.
The security advisory-about which The Hacker News learned from Dimitri van de Giessen, an ethical hacker and system engineer-is scheduled to be available |
|||
|
2020-05-05 04:54:19 | Change This Browser Setting to Stop Xiaomi from Spying On Your Incognito Activities (lien direct) | If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities.
Smartphone maker Xiaomi has begun rolling out an update to its Mi Browser/Mi Browser Pro (v12.1.4) and Mint Browser (v3.4.3) after concerns were raised over |
|||
|
2020-05-04 04:59:47 | New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers (lien direct) | A researcher from Israel's Ben Gurion University of the Negev recently demonstrated a new kind of malware that could be used to covertly steal highly sensitive data from air-gapped and audio-gapped systems using a novel acoustic quirk in power supply units that come with modern computing devices.
Dubbed 'POWER-SUPPLaY,' the latest research builds on a series of techniques leveraging |
Malware | ||
|
2020-05-04 02:58:02 | Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability (lien direct) | Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and Digicert.
Tracked as CVE-2020-11651 and CVE-2020-11652, the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data |
Vulnerability | ||
|
2020-05-01 06:04:13 | Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers (lien direct) | Two severe security flaws have been discovered in the open-source SaltStack Sat configuration framework that could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments.
The vulnerabilities were identified by F-Secure researchers earlier this March and disclosed on Thursday, a day after SaltStack released a patch (version 3000.2) |
|||
|
2020-04-30 07:33:42 | Targeted Phishing Attacks Successfully Hacked Top Executives At 150+ Companies (lien direct) | In the last few months, multiple groups of attackers successfully compromised corporate email accounts of at least 156 high-ranking officers at various firms based in Germany, the UK, Netherlands, Hong Kong, and Singapore.
Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services-including Sway, SharePoint, and OneNote-to launch highly targeted |
|||
|
2020-04-30 05:14:47 | New Android Malware Steals Banking Passwords, Private Data and Keystrokes (lien direct) | A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.
Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, |
Malware | ||
|
2020-04-30 04:07:09 | Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites (lien direct) | Security researchers are sounding the alarm over newly discovered vulnerabilities in some popular online learning management system (LMS) plugins that various organizations and universities use to offer online training courses through their WordPress-based websites.
According to the Check Point Research Team, the three WordPress plugins in question - LearnPress, LearnDash, and LifterLMS - |
|||
|
2020-04-30 03:59:37 | Cato SDP: Cloud-Scale and Global Remote Access Solution Review (lien direct) | The Scouts acknowledged the necessity to "Be Prepared" over 100 years (!) ago; the industry should have, as well.
Yet COVID-19 took businesses – more like the entire world – by surprise. Very few were prepared for the explosion of remote access, and the challenge of instantly shifting an entire organization to work from anywhere.
Cato Networks shared its increase in remote access usage post |
|||
|
2020-04-28 15:24:10 | Critical Security Patches Released for Magento, Adobe Illustrator and Bridge (lien direct) | It's not 'Patch Tuesday,' but software giant Adobe today released emergency updates for three of its widely used products that patch dozens of newly discovered critical vulnerabilities.
The list of affected software includes Adobe Illustrator, Adobe Bridge, and Magento e-commerce platform, containing a total of 35 vulnerabilities where each one of them is affected with multiple critical |
|||
|
2020-04-28 01:19:23 | Researchers Uncover Novel Way to De-anonymize Device IDs to Users\' Biometrics (lien direct) | Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information.
The details come from a newly published research titled "Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and Devices" by a group of academics from the University of Liverpool, New York University, The Chinese |
|||
|
2020-04-27 01:34:39 | How An Image Could\'ve Let Attackers Hack Microsoft Teams Accounts (lien direct) | Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image.
The flaw, impacting both desktop and web versions of the app, was discovered by cybersecurity researchers at |
Hack Vulnerability | ★★★★ | |
|
2020-04-24 03:38:56 | Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet (lien direct) | Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency.
The botnet, named "VictoryGate," has been active since May 2019, with infections mainly reported in Latin America, particularly Peru accounting for 90% of the compromised |
Malware | ||
|
2020-04-23 03:01:01 | Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million (lien direct) | In a recent highly targeted BEC attack, hackers managed to trick three British private equity firms into wire-transferring a total of $1.3 million to the bank accounts fraudsters have access to - while the victimized executives thought they closed an investment deal with some startups.
According to the cybersecurity firm Check Point, who shared its latest investigation with The Hacker News, |
|||
|
2020-04-22 09:14:29 | Zero-Day Warning: It\'s Possible to Hack iPhones Just by Sending Emails (lien direct) | Watch out Apple users! The default mail app pre-installed on millions of iPhone and iPad has been found vulnerable to two critical flaws that could let remote hackers secretly take complete control over Apple devices just by sending an email to targeted individuals.
According to cybersecurity researchers at ZecOps, the vulnerabilities in question are out-of-bounds write and remote heap |
Hack | ||
|
2020-04-22 02:11:59 | New iPhone Hack is Being Exploited to Spy Uyghurs Muslims in China (lien direct) | A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang.
The findings, published by digital forensics firm Volexity, reveal that the exploit - named "Insomnia" - works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by |
Hack | ★★ | |
|
2020-04-21 08:15:24 | The Incident Response Challenge 2020 - Win $5,000 Prize! (lien direct) | Cybersecurity firm Cynet today announced the launch of a first of its kind challenge to enable Incident Response professionals to test their skills with 25 forensic challenges that were built by top researchers and analysts.
The challenge is available on https://incident-response-challenge.com/ and is open to anyone willing to test his or her investigation skills, between April 21st and May |
|||
|
2020-04-21 06:36:21 | Researcher Discloses 4 Zero-Day Bugs in IBM\'s Enterprise Security Software (lien direct) | A cybersecurity researcher today publicly disclosed technical details and PoC for 4 unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure.
The affected premium product in question is IBM Data Risk Manager (IDRM) that has been designed to analyze sensitive business information |
|||
|
2020-04-21 02:55:42 | Unpatchable \'Starbleed\' Bug in FPGA Chips Exposes Critical Devices to Hackers (lien direct) | A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans.
The details of the attacks against Xilinx 7-Series and Virtex-6 Field Programmable Gate Arrays (FPGAs) have been covered in a paper titled "The |
Vulnerability | ||
|
2020-04-20 03:58:02 | COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware (lien direct) | A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam.
The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to |
Malware | ||
|
2020-04-17 04:43:34 | Why SaaS opens the door to so many cyber threats (and how to make it safer) (lien direct) | Cloud services have become increasingly important to many companies' daily operations, and the rapid adoption of web apps has allowed businesses to continue operating with limited productivity hiccups, even as global coronavirus restrictions have forced much of the world to work from home.
But at the same time, even major corporations have fallen prey to hackers. How can you maintain the |
|||
|
2020-04-17 04:20:03 | CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution (RCE) vulnerability in Pulse Secure VPN servers-even if they have already patched it.
The warning comes three months after another |
Vulnerability | ||
|
2020-04-16 05:59:15 | Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository (lien direct) | As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on.
In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 |
Threat | ||
|
2020-04-15 13:26:28 | How to transform your revolutionary idea into a reality: $100K Nokia Bell Labs Prize (lien direct) | Revolutionary ideas in science, technology, engineering, and mathematics don't occur every day.
But when those "eureka" moments happen, we need to provide a forum to explore those ideas, judge them on their merits, and distinguish the extraordinary from the merely good.
Once a year, Nokia Bell Labs makes that forum a reality, where robust proposals that have the potential to revolutionize |
|||
|
2020-04-15 12:53:15 | U.S. Offers Rewards up to $5 Million for Information on North Korean Hackers (lien direct) | The United States agencies today released a joint advisory warning the world about the 'significant cyber threat' posed by North Korean state-sponsored hackers to the global banking and financial institutions.
Besides a summary of recent cyberattacks attributed to North Korean hackers, the advisory-issued by U.S. Departments of State, the Treasury, and Homeland Security, and the FBI-also |
|||
|
2020-04-15 03:40:12 | 49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets (lien direct) | Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are |
Threat | ||
|
2020-04-14 11:51:29 | Microsoft Issues Patches for 2 Bugs Exploited as Zero-Day in the Wild (lien direct) | It's April 2020 Patch Tuesday, and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely.
Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 |
|||
|
2020-04-14 06:52:10 | Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks (lien direct) | Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS.
Dubbed 'SafeBIOS Events & Indicators of Attack' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their |
Tool Threat | ||
|
2020-04-14 03:00:07 | Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic (lien direct) | As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals-with no conscience and empathy-are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers.
The new research, published by Palo Alto Networks and shared with The Hacker News, confirmed that "the |
Ransomware | ||
|
2020-04-14 02:56:33 | Webinar: How MSSPs Can Overcome Coronavirus Quarantine Challenges (lien direct) | The Coronavirus quarantine introduces an extreme challenge for IT and Security teams to maintain secure environments during the mass transition of employees working remotely and the surge in cyberattacks targeting its inherent security weaknesses.
In a webinar for security service providers taking place on April 22nd (register here), a leading MSSP will share how they conquer and overcome the |
Guideline | ||
|
2020-04-11 01:42:52 | Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices (lien direct) | Tech giants Apple and Google have joined forces to develop an interoperable contract-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19.
As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that |
Tool |
To see everything:
Our RSS (filtrered)
