What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-25 02:58:36 | Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems (lien direct) | Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS.
Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a |
Hack | ||
|
2021-03-25 01:52:11 | Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad (lien direct) | Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices.
"They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, |
Hack | ||
|
2021-03-23 23:36:20 | Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers (lien direct) | Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities.
The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," according to |
Malware | ||
|
2021-03-23 04:24:24 | (Déjà vu) Critical Flaws Affecting GE\'s Universal Relay Pose Threat to Electric Utilities (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices.
"Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in an advisory |
Threat | ||
|
2021-03-22 22:47:01 | WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack (lien direct) | Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks.
Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an "improper input validation" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests |
Vulnerability | ||
|
2021-03-22 07:52:54 | Popular Netops Remote Learning Software Found Vulnerable to Hacking (lien direct) | Cybersecurity researchers on Sunday disclosed several critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers.
"These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network to gain full |
|||
|
2021-03-22 01:34:44 | Critical RCE Vulnerability Found in Apache OFBiz ERP Software-Patch Now (lien direct) | The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system.
Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an attack vector to permit |
Vulnerability | ||
|
2021-03-20 09:03:30 | Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online (lien direct) | Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks.
News of in the wild exploitation development comes on the heels of a proof-of-concept exploit code that |
|||
|
2021-03-19 04:34:08 | Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud (lien direct) | The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks-a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company.
A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. Department of Justice (DoJ) on Thursday |
Ransomware Malware | ★★★ | |
|
2021-03-18 23:48:27 | New Zoom Screen-Sharing Bug Lets Other Users Access Restricted Apps (lien direct) | A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings.
Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, thereby briefly exposing the contents to all meeting participants.
It's worth pointing out |
Vulnerability | ||
|
2021-03-18 09:08:15 | Critical RCE Flaw Reported in MyBB Forum Software-Patch Your Sites (lien direct) | A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account.
The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it released an |
|||
|
2021-03-18 06:03:41 | How to Successfully Pursue a Career in Malware Analysis (lien direct) | Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds?
As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive. Once upon a time, a computer virus might cause |
Malware | ||
|
2021-03-18 03:19:16 | Why Cached Credentials Can Cause Account Lockouts and How to Stop it (lien direct) | When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked.
Another common cause, for example, is an application or script that is configured to log into the system using an old password. Perhaps the most easily |
|||
|
2021-03-18 02:06:08 | Google Reveals What Personal Data Chrome and It\'s Apps Collect On You (lien direct) | Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes.
"After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company |
|||
|
2021-03-17 23:59:55 | Flaws in Two Popular WordPress Plugins Affect Over 7 Million Websites (lien direct) | Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios.
The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of a WordPress site.
According to Wordfence |
Tool | ★★★★ | |
|
2021-03-17 04:20:39 | Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code (lien direct) | Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories.
"The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials," the company said in a write-up detailing its investigation, adding the |
Threat | ||
|
2021-03-17 04:09:14 | [Webinar] Oy Vey, We Hired a Large, Hairy Hacker… (lien direct) | It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover.
After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing platforms and tools to defend organizations, the other keeping them accountable and looking for blind |
|||
|
2021-03-17 02:25:20 | 18-Year-Old Hacker Gets 3 Years in Prison for Massive Twitter \'Bitcoin Scam\' Hack (lien direct) | A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence.
Graham Ivan Clark, 18, will also serve an additional three years on probation.
The development comes after the U.S. Department of Justice (DoJ) charged Mason Sheppard (aka |
Hack | ||
|
2021-03-17 01:33:24 | Apple May Start Delivering Security Patches Separately From Other OS Updates (lien direct) | Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems.
According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates.
The changes were first reported by the 9to5Mac website.
While Google's Android has had monthly security |
|||
|
2021-03-16 03:32:22 | New Mirai Variant and ZHtrap Botnet Malware Emerge in the Wild (lien direct) | Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy Mirai variants on compromised systems.
"Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection behaviors such as downloading and executing Mirai variants and brute-forcers," Palo Alto Networks' Unit 42 Threat |
Malware | ||
|
2021-03-15 23:06:51 | Use This One-Click Mitigation Tool from Microsoft to Prevent Exchange Attacks (lien direct) | Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks.
Called Exchange On-premises Mitigation Tool (EOMT), the PowerShell-based script serves to mitigate against current known attacks using CVE-2021-26855, scan the Exchange Server using |
Tool | ||
|
2021-03-15 03:03:35 | Rising Demand for DDoS Protection Software Market By 2020-2028 (lien direct) | Distributed Denial of Service (DDoS) attack is a malicious form of attack that disrupts the regular network traffic by overwhelming the website with more traffic than the server can handle. The main aim of this kind of cyberattack is to render the website inoperable.
Over recent years, these kinds of attacks are increasing, fueling the demand for the best DDoS protection software solutions. Many |
★★ | ||
|
2021-03-15 02:39:15 | (Déjà vu) CEO of Encrypted Chat Platform Indicted for Aiding Organised Criminals (lien direct) | The U.S. Department of Justice (DoJ) on Friday announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global, and an associate for wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement.
Eap (also known as "888888") and Thomas Herdman, a former high-level distributor of Sky Global devices, have been |
★★★★★ | ||
|
2021-03-13 00:25:57 | CompTIA Security Certification Prep - Lifetime Access for just $30 (lien direct) | At long last, top companies are starting to take cybersecurity seriously. As a consequence, technical recruiters are looking for people with hacking skills and certifications to prove it.
CompTIA is seen as the gold standard when it comes to cybersecurity exams, with several certifications to choose from.
If you would like to scoop them all, The CompTIA Security Infrastructure Expert Bundle is |
|||
|
2021-03-12 19:16:30 | Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild (lien direct) | Google has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month.
The browser maker on Friday shipped 89.0.4389.90 for Windows, Mac, and Linux, which is expected to be rolling out over the coming days/weeks to all users.
While the update contains a total of five security fixes, the most important flaw rectified by |
|||
|
2021-03-12 01:53:41 | Researchers Spotted Malware Written in Nim Programming Language (lien direct) | Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language.
Dubbed "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape.
"Malware developers may choose to use a rare programming language |
Malware Threat | ||
|
2021-03-12 00:43:28 | Hackers Are Targeting Microsoft Exchange Servers With Ransomware (lien direct) | It didn't take long. Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week.
Now it appears that threat actors have caught up.
According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server |
Ransomware Threat | ||
|
2021-03-11 22:35:18 | New Browser Attack Allows Tracking Users Online With JavaScript Disabled (lien direct) | Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled.
"This is a side-channel attack which doesn't require any JavaScript to run," the researchers said. "This means script blockers cannot stop it. The attacks work even if you strip out |
|||
|
2021-03-11 07:04:03 | ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) on Wednesday issued a joint advisory warning of active exploitation of vulnerabilities in Microsoft Exchange on-premises products by nation-state actors and cybercriminals.
"CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal |
|||
|
2021-03-11 06:28:12 | Fixing the Weakest Link - The Passwords - in Cybersecurity Today (lien direct) | Password security has long been an issue for businesses and their cybersecurity standards. Account passwords are often the weakest link in the overall security posture for many organizations.
Many companies have used Microsoft's default password policies for decades. While these can be customized, businesses often accept the default values for their organization.
The Windows default password |
|||
|
2021-03-10 22:01:14 | Critical Pre-Auth RCE Flaw Found in F5 Big-IP Platform - Patch ASAP! (lien direct) | Application security company F5 Networks on Wednesday published an advisory warning of four critical vulnerabilities impacting multiple products that could result in a denial of service (DoS) attack and even unauthenticated remote code execution on target networks.
The patches concern a total of seven related flaws (from CVE-2021-22986 through CVE-2021-22992), two of which were discovered and |
|||
|
2021-03-10 08:31:56 | Researchers Unveil New Linux Malware Linked to Chinese Hackers (lien direct) | Cybersecurity researchers on Wednesday shed light on a new sophisticated backdoor targeting Linux endpoints and servers that's believed to be the work of Chinese nation-state actors.
Dubbed "RedXOR" by Intezer, the backdoor masquerades as a polkit daemon, with similarities found between the malware and those previously associated with the Winnti Umbrella (or Axiom) threat group such as PWNLNX, |
Malware Threat | APT 17 | |
|
2021-03-10 01:24:29 | FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware (lien direct) | Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies.
One such group is FIN8, a financially motivated threat actor that's back in action after a year-and-a-half hiatus with a powerful version of a backdoor with |
Malware Threat | ||
|
2021-03-09 21:43:00 | Microsoft Issues Security Patches for 82 Flaws - IE 0-Day Under Active Attacks (lien direct) | Microsoft plugged as many as 89 security flaws as part of its monthly Patch Tuesday updates released today, including fixes for an actively exploited zero-day in Internet Explorer that could permit an attacker to run arbitrary code on target machines.
Of these flaws, 14 are listed as Critical, and 75 are listed as Important in severity, out of which two of the bugs are described as publicly |
|||
|
2021-03-09 03:13:45 | 9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware (lien direct) | Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices.
"This dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect |
Malware | ||
|
2021-03-09 02:42:07 | Cybersecurity Webinar - SolarWinds Sunburst: The Big Picture (lien direct) | The SolarWinds Sunburst attack has been in the headlines since it was first discovered in December 2020.
As the so-called layers of the onion are peeled back, additional information regarding how the vulnerability was exploited, who was behind the attack, who is to blame for the attack, and the long-term ramifications of this type of supply chain vulnerabilities continue to be actively |
Vulnerability | Solardwinds Solardwinds | |
|
2021-03-09 01:58:23 | SolarWinds Hack - New Evidence Suggests Potential Links to Chinese Hackers (lien direct) | A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group.
In a report published by Secureworks on Monday, the cybersecurity firm attributed the intrusions to a threat actor it calls Spiral.
Back on December 22, 2020, Microsoft disclosed that a second |
Hack Threat | ★★★★★ | |
|
2021-03-09 00:05:01 | Microsoft Exchange Hackers Also Breached European Banking Authority (lien direct) | The European Banking Authority (EBA) on Monday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to take its email systems offline as a precautionary measure temporarily.
"As the vulnerability is related to the EBA's email servers, access to personal data through emails held on that servers may have been obtained by the attacker," the Paris-based |
Vulnerability | ||
|
2021-03-08 22:51:24 | Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices (lien direct) | Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari browsers to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content.
Tracked as CVE-2021-1844, the vulnerability was discovered and reported to the company by Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability |
Vulnerability Threat | ||
|
2021-03-08 04:15:40 | Iranian Hackers Using Remote Utilities Software to Spy On Its Targets (lien direct) | Hackers with suspected ties to Iran are actively targeting academia, government agencies, and tourism entities in the Middle East and neighboring regions as part of an espionage campaign aimed at data theft.
Dubbed "Earth Vetala" by Trend Micro, the latest finding expands on previous research published by Anomali last month, which found evidence of malicious activity aimed at UAE and Kuwait |
|||
|
2021-03-08 03:08:11 | Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks (lien direct) | A new research has yielded yet another means to pilfer sensitive data by exploiting what's the first "on-chip, cross-core" side-channel in Intel Coffee Lake and Skylake processors.
Published by a group of academics from the University of Illinois at Urbana-Champaign, the findings are expected to be presented at the USENIX Security Symposium coming this August.
While information leakage attacks |
|||
|
2021-03-05 08:36:49 | Bug in Apple\'s Find My Feature Could\'ve Exposed Users\' Location Histories (lien direct) | Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple's crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby by deanonymizing users.
The findings are a consequence of an exhaustive review undertaken by the Open Wireless Link ( |
Guideline | ||
|
2021-03-05 02:22:04 | Google Cloud Certifications - Get Prep Courses and Practice Tests at 95% Discount (lien direct) | As cloud computing continues to grow, Google Cloud is quickly becoming one of the most popular solutions.
However, relatively few engineers know this platform well.
This leaves the door open for aspiring IT professionals who take the official exams.
The Google Cloud Certifications Practice Tests + Courses Bundle helps you get certified faster, with 43 hours of video content and |
|||
|
2021-03-05 02:14:04 | Mazafaka - Elite Hacking and Cybercrime Forum - Got Hacked! (lien direct) | In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.
The intrusion is said to have occurred on March 3, with information about the forum members - including usernames, email addresses, and hashed passwords - publicly |
|||
|
2021-03-05 01:20:07 | Researchers Find 3 New Malware Strains Used by SolarWinds Hackers (lien direct) | FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat actor's tactics and techniques.
Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of |
Malware Threat | ||
|
2021-03-04 05:54:04 | Google Will Use \'FLoC\' for Ad Targeting Once 3rd-Party Cookies Are Dead (lien direct) | Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022.
"Instead, our web products will be powered by privacy-preserving APIs which prevent individual tracking while |
|||
|
2021-03-04 01:49:19 | (Déjà vu) Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit (lien direct) | Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents.
As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared |
Data Breach | ||
|
2021-03-04 00:50:30 | CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws (lien direct) | Following Microsoft's release of out-of-band patches to address multiple zero-day flaws in on-premises versions of Microsoft Exchange Server, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive warning of "active exploitation" of the vulnerabilities.
The alert comes on the heels of Microsoft's disclosure that China-based hackers were |
|||
|
2021-03-03 04:56:56 | Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection (lien direct) | Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly.
New research released by Cisco Talos reveals a new malware campaign targeting organizations in South Asia that utilize malicious |
Malware Threat | ||
|
2021-03-03 02:34:25 | Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams (lien direct) | The attack surface is virtually expanding before our eyes. Protecting assets across multiple locations, with multiple solutions from different vendors, has become a daily concern for CISOs globally.
In a new e-book recently published (download here), CISOs with small security teams talk about the drivers for replacing their EDR/NGAV solutions with an Autonomous XDR solution and why they believe |
To see everything:
Our RSS (filtrered)
