What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-01 06:13:54 | Incomplete \'Go SMS Pro\' Patch Left Millions of Users\' Data Still Exposed Online (lien direct) | A week after cybersecurity researchers disclosed a flaw in the popular GO SMS Pro messaging app, it appears the developers of the app are silently taking steps to fix the issue from behind the scenes.
The security misstep made it possible for an attacker to come up with a trivial script to access media files transferred between users, including private voice messages, photos, and videos, stored |
|||
|
2020-12-01 00:54:36 | Nation-State Hackers Caught Hiding Espionage Activities Behind Crypto Miners (lien direct) | A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research.
Attributing the shift to a threat actor tracked as Bismuth, Microsoft's Microsoft 365 Defender Threat Intelligence Team said the group deployed Monero coin miners in attacks that targeted both |
Threat | ||
|
2020-12-01 00:24:40 | 4 Free Online Cyber Security Testing Tools For 2021 (lien direct) | Set of must-have online security tools that we believe may make a real difference to your cybersecurity program and improve your 2021 budget planning.
In September, Gartner published a list of "Top 9 Security and Risk Trends for 2020" putting a bold emphasis on the growing complexity and size of the modern threat landscape.
Incomplete visibility of external Attack surfaces led to the dramatic |
Threat | ||
|
2020-11-30 23:37:36 | Indian National Gets 20-Year Jail in United States for Running Scam Call Centers (lien direct) | An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016.
Hitesh Madhubhai Patel (aka Hitesh Hinglaj), who hails from the city of Ahmedabad, India, was sentenced in connection with charges of fraud and money laundering.
He was |
|||
|
2020-11-30 04:52:44 | Quick Guide - How to Troubleshoot Active Directory Account Lockouts (lien direct) | Active Directory account lockouts can be hugely problematic for organizations. There have been documented instances of attackers leveraging the account lockout feature in a type of denial of service attack. By intentionally entering numerous bad passwords, attackers can theoretically lock all of the users out of their accounts.
But what do you do if you are experiencing problems with account |
|||
|
2020-11-27 00:17:40 | Digitally Signed Bandook Malware Once Again Targets Multiple Sectors (lien direct) | A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan.
Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy "dozens of digitally signed variants" of |
Malware | ||
|
2020-11-25 22:53:55 | Become a White Hat Hacker - Get 10 Top-Rated Courses at 97% OFF (lien direct) | Many of us here would love to turn hacking into a full-time career. To make that dream come true, you need to master your subject and earn some key certifications.
To speed up this process, you might want to take a little guidance from the experts.
Featuring 98 hours of content from top instructors, The Ultimate 2020 White Hat Hacker Certification Bundle is the ultimate launchpad for your career |
|||
|
2020-11-25 22:22:23 | Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities (lien direct) | Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday.
The investigation, dubbed "Operation Falcon," was jointly undertaken by the international police organization along with |
|||
|
2020-11-24 23:14:18 | 2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software (lien direct) | cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account.
The issue, tracked as "SEC-575" and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, |
Vulnerability | ||
|
2020-11-24 22:50:22 | (Déjà vu) Baidu\'s Android Apps Caught Collecting and Leaking Sensitive User Data (lien direct) | Two popular Android apps from Chinese tech giant Baidu have been removed from the Google Play Store in October after they were caught collecting sensitive user details.
The two apps in question-Baidu Maps and Baidu Search Box-were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users' knowledge, thus making them |
|||
|
2020-11-24 06:56:39 | Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies (lien direct) | An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.
According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor |
Malware Threat | ||
|
2020-11-23 23:08:37 | Critical Unpatched VMware Flaw Affects Multiple Corporates Products (lien direct) | VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system.
"A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating |
Vulnerability | ★★★ | |
|
2020-11-23 00:02:36 | Why Replace Traditional Web Application Firewall (WAF) With New Age WAF? (lien direct) | At present, web applications have become the top targets for attackers because of potential monetization opportunities. Security breaches on the web application can cost millions. Strikingly, DNS (Domain Name System) related outage and Distributed denial of service (DDoS) lead a negative impact on businesses. Among the wide range of countermeasures, a web application firewall is the first line |
Guideline | ||
|
2020-11-20 00:47:32 | Facebook Messenger Bug Lets Hackers Listen to You Before You Pick Up the Call (lien direct) | Facebook has patched a bug in its widely installed Messenger app for Android that could have allowed a remote attacker to call unsuspecting targets and listen to them before even they picked up the audio call.
The flaw was discovered and reported to Facebook by Natalie Silvanovich of Google's Project Zero bug-hunting team last month on October 6 with a 90-day deadline, and impacts version |
|||
|
2020-11-19 06:04:54 | WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages (lien direct) | GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos. "This means any sensitive media shared between users of this messenger app is at risk of being compromised by an unauthenticated attacker or curious user," |
|||
|
2020-11-19 03:17:52 | Evolution of Emotet: From Banking Trojan to Malware Distributor (lien direct) | Emotet is one of the most dangerous and widespread malware threats active today.
Ever since its discovery in 2014-when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses.
Being constantly under development, Emotet updates itself regularly to improve stealthiness, persistence, |
Malware | ||
|
2020-11-18 23:49:41 | Researchers Warn of Critical Flaws Affecting Industrial Automation Systems (lien direct) | A critical vulnerability uncovered in Real-Time Automation's (RTA) 499ES EtherNet/IP (ENIP) stack could open up the industrial control systems to remote attacks by adversaries.
RTA's ENIP stack is one of the widely used industrial automation devices and is billed as the "standard for factory floor I/O applications in North America."
"Successful exploitation of this vulnerability could cause a |
Vulnerability | ★★★ | |
|
2020-11-18 01:14:22 | Apple Lets Some of its Big Sur macOS Apps Bypass Firewall and VPNs (lien direct) | Apple is facing the heat for a new feature in macOS Big Sur that allows many of its own apps to bypass firewalls and VPNs, thereby potentially allowing malware to exploit the same shortcoming to access sensitive data stored on users' systems and transmit them to remote servers.
The issue was first spotted last month by a Twitter user named Maxwell in a beta version of the operating system.
"Some |
Malware | ||
|
2020-11-17 01:27:04 | Chinese APT Hackers Target Southeast Asian Government Institutions (lien direct) | Cybersecurity researchers today unveiled a complex and targeted espionage attack on potential government sector victims in South East Asia that they believe was carried out by a sophisticated Chinese APT group at least since 2018.
"The attack has a complex and complete arsenal of droppers, backdoors and other tools involving Chinoxy backdoor, PcShare RAT and FunnyDream backdoor binaries, with |
|||
|
2020-11-16 23:36:23 | Researcher Discloses Critical RCE Flaws In Cisco Security Manager (lien direct) | Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) a week after the networking equipment maker quietly released patches with version 4.22 of the platform.
The development comes after Code White researcher Florian Hauser (frycos) yesterday publicly disclosed proof-of-concept (PoC) code for as many as 12 security vulnerabilities affecting the |
|||
|
2020-11-16 02:29:40 | Trojanized Security Software Hits South Korea Users in Supply-Chain Attack (lien direct) | Cybersecurity researchers took the wraps off a novel supply chain attack in South Korea that abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems.
Attributing the operation to the Lazarus Group, also known as Hidden Cobra, Slovak internet security company ESET said the state-sponsored threat actor leveraged the |
Threat Medical | APT 38 | |
|
2020-11-13 00:17:13 | Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs (lien direct) | Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises (SMEs) with limited budgets and staff are significantly impacted.
On average, SMEs manage more than a |
Threat Guideline | ||
|
2020-11-12 23:12:25 | SAD DNS - New Flaws Re-Enable DNS Cache Poisoning Attacks (lien direct) | A group of academics from the University of California and Tsinghua University has uncovered a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks.
Dubbed "SAD DNS attack" (short for Side-channel AttackeD DNS), the technique makes it possible for a malicious actor to carry out an off-path attack, rerouting any traffic originally destined to a specific |
Guideline | ||
|
2020-11-12 04:59:57 | Uncovered: APT \'Hackers For Hire\' Target Financial, Entertainment Firms (lien direct) | A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies.
Dubbed "CostaRicto" by Blackberry researchers, the campaign appears to be the handiwork of APT mercenaries who possess bespoke malware tooling and complex VPN proxy and SSH tunneling capabilities.
"CostaRicto targets |
Malware | ||
|
2020-11-12 02:31:34 | New ModPipe Point of Sale (POS) Malware Targeting Restaurants, Hotels (lien direct) | Cybersecurity researchers today disclosed a new kind of modular backdoor that targets point-of-sale (POS) restaurant management software from Oracle in an attempt to pilfer sensitive payment information stored in the devices.
The backdoor - dubbed "ModPipe" - impacts Oracle MICROS Restaurant Enterprise Series (RES) 3700 POS systems, widely used software suite restaurants, and hospitality |
Malware | ★★★ | |
|
2020-11-12 02:11:22 | MISSIONS - The Next Level of Interactive Developer Security Training (lien direct) | If organizations want to get serious about software security, they need to empower their engineers to play a defensive role against cyberattacks as they craft their code.
The problem is, developers haven't had the most inspiring introduction to security training over the years, and anything that can be done to make their experience more engaging, productive, and fun is going to be a powerful |
|||
|
2020-11-11 19:36:28 | Two New Chrome 0-Days Under Active Attacks – Update Your Browser (lien direct) | Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks.
The company released 86.0.4240.198 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users.
Tracked as CVE-2020-16013 and CVE-2020-16017, the flaws were |
|||
|
2020-11-11 02:50:17 | Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers (lien direct) | A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research.
"This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, such as the Adverline incident, or through the use of |
|||
|
2020-11-11 02:09:42 | Microsoft Releases Windows Security Updates For Critical Flaws (lien direct) | Microsoft formally released fixes for 87 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week.
The rollout addresses a total of 112 vulnerabilities, 17 of which are rated critical, once again bringing the patch count over 110 after a drop last month.
The security updates |
|||
|
2020-11-09 23:35:03 | Watch Out! New Android Banking Trojan Steals From 112 Financial Apps (lien direct) | Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware.
According to Kaspersky's Global Research and Analysis Team (GReAT), the Brazil-based threat group Guildma |
Threat | ||
|
2020-11-09 06:01:37 | Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses (lien direct) | Image credit: Adaptive Shield
Enterprises depend on SaaS applications for countless functions, like collaboration, marketing, file sharing, and more. But problematically, they often lack the resources to configure those apps to prevent cyberattacks, data exfiltration, and other risks.
Catastrophic and costly data breaches result from SaaS security configuration errors. The Verizon 2020 Data |
|||
|
2020-11-08 23:59:28 | Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition (lien direct) | Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China.
"Many mature and hard targets have been pwned on this year's contest," the event organizers said. "11 out of 16 targets cracked with 23 |
|||
|
2020-11-05 23:48:17 | Update Your iOS Devices Now - 3 Actively Exploited 0-Days Discovered (lien direct) | Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild.
Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges.
The |
|||
|
2020-11-05 11:34:56 | North Korean Hackers Used \'Torisma\' Spyware in Job Offers-based Attacks (lien direct) | A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought.
The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia |
|||
|
2020-11-05 02:19:16 | Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies (lien direct) | Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months.
According to findings published by Check Point Research, the threat actors - believed to be located in the Palestinian Gaza Strip - have targeted Sangoma PBX, an |
Hack Threat | ||
|
2020-11-05 01:08:20 | Deception Technology: No Longer Only A Fortune 2000 Solution (lien direct) | A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable - intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and password he acquired no longer works.
Unknowingly, |
|||
|
2020-11-05 00:35:31 | If You Don\'t Have A SASE Cloud Service, You Don\'t Have SASE At All (lien direct) | The Secure Access Service Edge (or SASE) has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform.The capabilities that SASE delivers aren't new and include SD-WAN, threat prevention, remote access, and others that were |
Threat | ||
|
2020-11-03 03:49:37 | New Kimsuky Module Makes North Korean Spyware More Powerful (lien direct) | A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities.
The APT - dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 - has been now linked to as many as three hitherto undocumented malware, |
Threat Cloud | APT 37 | |
|
2020-11-03 01:33:08 | New Chrome Zero-Day Under Active Attacks – Update Your Browser (lien direct) | Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update.
The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users.
The zero-day flaw, tracked as CVE-2020-16009, was reported by Clement Lecigne of |
|||
|
2020-11-02 04:41:39 | How to Protect Yourself From Pwned and Password Reuse Attacks (lien direct) | Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, there is an extremely important area of security that often gets overlooked – passwords.
Weak passwords have long been a |
|||
|
2020-11-02 04:08:09 | New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service (lien direct) | A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine.
Called NAT Slipstreaming, the method involves sending the target a link to a malicious site (or a legitimate site loaded with malicious ads) that, when visited, ultimately triggers the gateway to open any TCP/UDP port on the victim, |
|||
|
2020-11-02 01:43:23 | WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild (lien direct) | Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild.
The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited for a sandbox escape.
"The bug |
|||
|
2020-10-30 03:22:45 | Browsers Bugs Exploited to Install 2 New Backdoors on Targeted Computers (lien direct) | Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes.
Dubbed "Operation Earth Kitsune" by Trend Micro, the campaign involves the use of SLUB (for SLack and githUB) malware and two new backdoors - dneSpy and |
Malware | ||
|
2020-10-29 03:02:42 | KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms (lien direct) | An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems (CMS).
The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for popular CMS platforms such as WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, |
|||
|
2020-10-29 02:45:53 | How to Run Google SERP API Without Constantly Changing Proxy Servers (lien direct) | You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while.
After several scrapes, Google's automated security system kicks in. Then it kicks you out.
The standard was to bypass |
|||
|
2020-10-28 22:59:15 | FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems (lien direct) | The US Federal Bureau of Investigation (FBI), Departments of Homeland Security, and Health and Human Services (HHS) issued a joint alert Wednesday warning of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers.
"Malicious cyber actors are targeting the [Healthcare and Public Health] Sector with TrickBot malware, often leading to ransomware |
Ransomware Guideline | ||
|
2020-10-28 03:57:02 | [Webinar and eBook]: Are You\'re Getting The Best Value From Your EDR Solution? (lien direct) | Many companies rely on Endpoint Detection and Response (EDR) solutions as their primary security tool to protect their organizations against cyber threats.
EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecting it to quadruple over the next five years. The recent introduction of Extended Detection and |
Tool | ||
|
2020-10-28 01:12:57 | TrickBot Linux Variants Active in the Wild Despite Recent Takedown (lien direct) | Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle.
According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to widen the scope of victims that could be targeted.
TrickBot, a financial Trojan first detected in 2016 |
Malware | ||
|
2020-10-27 02:25:06 | Google Removes 21 Malicious Android Apps from Play Store (lien direct) | Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads.
The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps (list here) were downloaded nearly eight million times from Google's app marketplace.
The apps masqueraded as |
|||
|
2020-10-26 05:31:27 | Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps (lien direct) | Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the background.
"Links shared in chats may contain private information intended only for the recipients," |
To see everything:
Our RSS (filtrered)
