What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-11 02:48:57 | The Weakest Link in Your Security Posture: Misconfigured SaaS Settings (lien direct) | In the era of hacking and malicious actors, a company's cloud security posture is a concern that preoccupies most, if not all, organizations.
Yet even more than that, it is the SaaS Security Posture Management (SSPM) that is critical to today's company security. Recently Malwarebytes released a statement on how they were targeted by Nation-State Actors implicated in SolarWinds breach. Their |
|||
|
2021-02-11 02:22:04 | 10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities (lien direct) | Ten people belonging to a criminal network have been arrested in connection with a series of SIM-swapping attacks that resulted in the theft of more than $100 million by hijacking the mobile phone accounts of high-profile individuals in the U.S.
The Europol-coordinated year-long investigation was jointly conducted by law enforcement authorities from the U.K., U.S., Belgium, Malta, and Canada.
" |
|||
|
2021-02-11 01:02:36 | Poor Password Security Lead to Recent Water Treatment Facility Hack (lien direct) | New details have emerged about the remote computer intrusion at a Florida water treatment facility last Friday, highlighting a lack of adequate security measures needed to bulletproof critical infrastructure environments.
The breach, which occurred last Friday, involved an unsuccessful attempt on the part of an adversary to increase sodium hydroxide dosage in the water supply to dangerous levels |
Hack | ||
|
2021-02-10 23:43:10 | Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies (lien direct) | UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research.
Attributing the operation to be the work of Static Kitten (aka MERCURY or MuddyWater), Anomali said the "objective of this activity is to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) with unique launch |
Tool Threat | ||
|
2021-02-10 04:57:14 | Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies (lien direct) | In what's a novel supply chain attack, a security researcher managed to breach over 35 major companies' internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution.
The technique, called dependency confusion or a substitution attack, takes advantage of the fact that a piece of software may include components from a mix |
Uber | ||
|
2021-02-10 04:18:09 | LodaRAT Windows Malware Now Also Targets Android Devices (lien direct) | A previously known Windows remote access Trojan (RAT) with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives.
"The developers of LodaRAT have added Android as a targeted platform," Cisco Talos researchers said in a Tuesday analysis. "A new iteration of LodaRAT for Windows has been identified with |
Malware | ||
|
2021-02-10 02:23:24 | Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug (lien direct) | Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system.
"A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue was addressed by updating to sudo version 1.9.5p2."
Sudo is a common utility built into most Unix and |
Vulnerability | ★★ | |
|
2021-02-09 20:44:35 | Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs (lien direct) | Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild.
In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity - six of which are previously disclosed vulnerabilities.
The updates cover .NET Framework, Azure IoT, Microsoft Dynamics, Microsoft Edge for Android, |
Vulnerability | ||
|
2021-02-09 02:15:37 | Webinar and eBook: The Dark Side of EDR. Are You Prepared? (lien direct) | Endpoint Detection and Response (EDR) platforms have received incredible attention as the platform for security teams.
Whether you're evaluating an EDR for the first time or looking to replace your EDR, as an information security professional, you need to be aware of the gaps prior already to implementation so you can best prepare how to close the gaps.
It's important to understand that each |
|||
|
2021-02-09 00:26:50 | Ukrainian Police Arrest Author of World\'s Largest Phishing Service U-Admin (lien direct) | Law enforcement officials in Ukraine, in coordination with authorities from the U.S. and Australia, last week shut down one of the world's largest phishing services that were used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses.
The Ukrainian attorney general's office said it worked with the National Police and its Main Investigation Department to |
|||
|
2021-02-08 22:49:38 | Hacker Tried Poisoning Water Supply After Breaking Into Florida\'s Treatment System (lien direct) | Hackers successfully infiltrated the computer system controlling a water treatment facility in the U.S. state of Florida and remotely changed a setting that drastically altered the levels of sodium hydroxide (NaOH) in the water.
During a press conference held yesterday, Pinellas County Sheriff Bob Gualtieri said an operator managed to catch the manipulation in real-time and restored the |
|||
|
2021-02-08 03:28:42 | Detailed: Here\'s How Iran Spies on Dissidents with the Help of Hackers (lien direct) | Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish natives.
Tracing the extensive espionage operations to two advanced Iranian cyber-groups Domestic Kitten ( |
Threat | ||
|
2021-02-08 02:10:04 | Top 5 Bug Bounty Programs to Watch in 2021 (lien direct) | While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the "Application Crowdtesting Services" category.
We have compiled the top 5 most promising bug bounty platforms for those of you who are looking to enhance your existing software testing arsenal with knowledge and expertise from international |
|||
|
2021-02-06 02:30:56 | WARNING - Hugely Popular \'The Great Suspender\' Chrome Extension Contains Malware (lien direct) | Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers.
"This extension contains malware," read a terse notification from Google, but it has since emerged that the add-on stealthily added features that could be exploited to |
Malware | ||
|
2021-02-05 23:28:24 | Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks (lien direct) | A new distributed denial-of-service attack (DDoS) vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline.
"Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a |
|||
|
2021-02-05 00:02:23 | (Déjà vu) Critical Flaws Reported in Cisco VPN Routers for Businesses-Patch ASAP (lien direct) | Cisco has rolled out fixes for multiple critical vulnerabilities in the web-based management interface of Small Business routers that could potentially allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
The flaws - tracked from CVE-2021-1289 through CVE-2021-1295 (CVSS score 9.8) - impact RV160, RV160W, RV260, RV260P, and RV260W VPN |
★★ | ||
|
2021-02-04 23:40:02 | New Chrome Browser 0-day Under Active Attack-Update Immediately! (lien direct) | Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.
The company released 88.0.4324.150 for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.
"Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild," the company said in |
Vulnerability | ★★★★★ | |
|
2021-02-04 03:28:00 | How to Audit Password Changes in Active Directory (lien direct) | Today's admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information.
Password management makes this possible. After all, authentication should ensure that a user is whom they claim to be. This initial layer of security is crucial for protecting one's entire |
|||
|
2021-02-04 02:48:55 | Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices (lien direct) | A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks.
Called "Matryosh" by Qihoo 360's Netlab researchers, the latest threat has been found reusing the Mirai botnet framework and propagates through exposed Android Debug Bridge (ADB) interfaces to infect Android devices and ensnare |
Malware Threat | ||
|
2021-02-04 02:20:16 | Why Human Error is #1 Cyber Security Threat to Businesses in 2021 (lien direct) | Phishing and Malware
Among the major cyber threats, the malware remains a significant danger. The 2017 WannaCry outbreak that cost businesses worldwide up to $4 billion is still in recent memory, and other new strains of malware are discovered on a daily basis.
Phishing has also seen a resurgence in the last few years, with many new scams being invented to take advantage of unsuspecting |
Malware Threat | Wannacry Wannacry | |
|
2021-02-04 00:36:00 | Critical Bugs Found in Popular Realtek Wi-Fi Module for Embedded Devices (lien direct) | Major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device's wireless communications.
The six flaws were reported by researchers from Israeli IoT security firm Vdoo.
The Realtek RTL8195A module is a standalone, low-power-consumption Wi-Fi hardware module targeted at embedded devices used |
|||
|
2021-02-03 06:00:53 | Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions (lien direct) | New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads.
Collectively called "CacheFlow" by Avast, the 28 extensions in question - including Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock - made |
|||
|
2021-02-03 03:42:36 | 3 New Severe Security Vulnerabilities Found In SolarWinds Software (lien direct) | Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges.
Two of the flaws (CVE-2021-25274 and CVE-2021-25275) were identified in the SolarWinds Orion Platform, while a third separate weakness (CVE-2021-25276) was found in the |
|||
|
2021-02-03 03:06:30 | Guide: How Security Consolidation Helps Small Cybersecurity Teams (lien direct) | The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions-from different vendors-creating a layered security infrastructure that introduces new challenges to any team, with a much more significant impact on small ones.
And yet, sophisticated attacks continue to bypass these advanced security |
Threat Guideline | ||
|
2021-02-03 02:43:35 | A New Linux Malware Targeting High-Performance Computing Clusters (lien direct) | High-performance computing clusters belonging to university networks as well as servers associated with government agencies, endpoint security vendors, and internet service providers have been targeted by a newly discovered backdoor that gives attackers the ability to execute arbitrary commands on the systems remotely.
Cybersecurity firm ESET named the malware "Kobalos" - a nod to a "mischievous |
Malware | ||
|
2021-02-02 06:02:15 | Agent Tesla Malware Spotted Using New Delivery & Evasion Techniques (lien direct) | Security researchers on Tuesday uncovered new delivery and evasion techniques adopted by Agent Tesla remote access trojan (RAT) to get around defense barriers and monitor its victims.
Typically spread through social engineering lures, the Windows spyware not only now targets Microsoft's Antimalware Scan Interface (AMSI) in an attempt to defeat endpoint protection software, it also employs a |
Malware | ||
|
2021-02-02 02:28:40 | Data Breach Exposes 1.6 Million Jobless Claims Filed in the Washington State (lien direct) | The Office of the Washington State Auditor (SAO) on Monday said it's investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020.
The SAO blamed the breach on a software vulnerability in Accellion's File Transfer Appliance (FTA) service, which allows organizations to share |
Vulnerability | ★★★ | |
|
2021-02-02 02:13:39 | Sigma Rules to Live Your Best SOC Life (lien direct) | Security Operations is a 24 x 7 job. It does not stop for weekends or holidays or even that much-needed coffee break after the first hour of the shift is complete. We all know this.
Every SOC engineer is hoping for some rest at some point. One of my favorite jokes when talking about Security Operations is "3 SOC engineers walked into a bar…" That the joke. No SOC engineers have time to do that. |
|||
|
2021-02-01 21:28:26 | Hackers Exploiting Critical Zero-Day Bug in SonicWall SMA 100 Devices (lien direct) | SonicWall on Monday warned of active exploitation attempts against a zero-day vulnerability in its Secure Mobile Access (SMA) 100 series devices.
The flaw, which affects both physical and virtual SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v), came to light after the NCC Group on Sunday alerted it had detected "indiscriminate use of an exploit in the wild."
Details of the |
Vulnerability | ||
|
2021-02-01 04:13:18 | A New Software Supply‑Chain Attack Targeted Millions With Spyware (lien direct) | Cybersecurity researchers today disclosed a new supply chain attack compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs.
Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign involved distributing three different malware families via tailored malicious updates to selected victims based in Taiwan, Hong Kong, |
Malware | ||
|
2021-02-01 03:43:58 | LIVE Webinar: Major Lessons to be Learned from Top Cyber Attacks in 2020 (lien direct) | We likely all agree that 2020 was a year we won't soon forget - for many reasons. One area particularly impacted last year was (and continues to be) cybersecurity.
While Internet access allowed many businesses to continue functioning during the COVID-19 stay at home requirements, the unprecedented number of people accessing company assets remotely introduced many new challenges for |
|||
|
2021-02-01 03:15:16 | New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers (lien direct) | A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research.
Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors |
Malware Threat | APT 32 | |
|
2021-01-31 23:14:26 | Google Discloses Severe Bug in Libgcrypt Encryption Library-Impacting Many Projects (lien direct) | A "severe" vulnerability in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution.
The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis Ormandy of Project Zero, a security research unit within Google dedicated to finding zero-day bugs |
Vulnerability Guideline | ||
|
2021-01-29 06:59:18 | Google uncovers new iOS security feature Apple quietly added after zero-day attacks (lien direct) | Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app.
Dubbed "BlastDoor," the improved sandbox system for iMessage data was disclosed by Samuel Groß, a security researcher with Project Zero, a team of security researchers at Google |
|||
|
2021-01-29 04:12:57 | New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021 (lien direct) | The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the largest enterprises. |
|||
|
2021-01-29 02:08:37 | Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide (lien direct) | A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into companies worldwide and extract valuable information.
In a new report published by the ClearSky research team on Thursday, the Israeli cybersecurity firm said it identified at least 250 public-facing web servers since early 2020 that have |
Malware | ||
|
2021-01-28 05:44:07 | Italy CERT Warns of a New Credential Stealing Android Malware (lien direct) | Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video.
Dubbed "Oscorp" by Italy's CERT-AGID, the malware "induce(s) the user to install an accessibility service with which [the attackers] can read what is present and what is typed on the screen."
So named because of the title of the login |
Malware | ||
|
2021-01-28 02:26:43 | Authorities Seize Dark-Web Site Linked to the Netwalker Ransomware (lien direct) | U.S. and Bulgarian authorities this week took control of the dark web site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims.
"We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever possible, recovering ransom |
Ransomware Threat | ||
|
2021-01-28 01:41:53 | European Authorities Disrupt Emotet - World\'s Most Dangerous Malware (lien direct) | Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade.
The coordinated takedown of the botnet on Tuesday - dubbed "Operation Ladybird" - is the result of a joint effort between authorities in the Netherlands, Germany, the U.S. |
Ransomware Spam Malware | ||
|
2021-01-27 07:01:38 | New Docker Container Escape Bug Affects Microsoft Azure Functions (lien direct) | Cybersecurity researchers today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them.
The findings come as part of Intezer Lab's investigations into the Azure compute infrastructure.
Following disclosure to Microsoft, the Windows maker is said to have "determined that the |
Vulnerability | ||
|
2021-01-27 05:59:56 | Warning Issued Over Hackable ADT\'s LifeShield Home Security Cameras (lien direct) | Newly discovered security vulnerabilities in ADT's Blue (formerly LifeShield) home security cameras could have been exploited to hijack both audio and video streams.
The vulnerabilities (tracked as CVE-2020-8101) were identified in the video doorbell camera by Bitdefender researchers in February 2020 before they were eventually addressed on August 17, 2020.
LifeShield was acquired by |
|||
|
2021-01-27 04:58:55 | (Déjà vu) New Attack Could Let Remote Hackers Target Devices On Internal Networks (lien direct) | A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research.
Detailed by enterprise IoT security firm Armis, the new attack (CVE-2020-16043 and CVE-2021-23961) builds on the previously disclosed technique to bypass routers and firewalls and reach any unmanaged device within the internal |
|||
|
2021-01-27 03:09:50 | Top Cyber Attacks of 2020 (lien direct) | With so much of the world transitioning to working, shopping, studying, and streaming online during the coronavirus pandemic, cybercriminals now have access to a larger base of potential victims than ever before.
"Zoombomb" became the new photobomb-hackers would gain access to a private meeting or online class hosted on Zoom and shout profanities and racial slurs or flash pornographic images. |
|||
|
2021-01-27 02:25:16 | Using the Manager Attribute in Active Directory (AD) for Password Resets (lien direct) | Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic.
With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have to bolster security around resetting passwords on user accounts.
How can organizations bolster the |
|||
|
2021-01-26 21:50:09 | Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild (lien direct) | Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild.
Reported by an anonymous researcher, the three zero-day flaws - CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 - could have allowed an attacker to elevate privileges and achieve remote code execution.
The iPhone maker did not |
|||
|
2021-01-26 20:28:38 | In the Wake of the SolarWinds Hack, Here\'s How Businesses Should Respond (lien direct) | Throughout 2020, businesses, in general, have had their hands full with IT challenges. They had to rush to accommodate a sudden shift to remote work. Then they had to navigate a rapid adoption of automation technologies.
And as the year came to a close, more businesses began trying to assemble the safety infrastructure required to return to some semblance of normal in 2021.
But at the end of the |
|||
|
2021-01-26 03:22:12 | Targeted Phishing Attacks Target High-Ranking Company Executives (lien direct) | An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information.
The campaign hinges on a social engineering trick that involves sending emails to potential victims containing fake Office 365 password expiration |
|||
|
2021-01-26 03:03:20 | TikTok Bug Could Have Exposed Users\' Profile Data and Phone Numbers (lien direct) | Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app's users and their associated phone numbers for future malicious activity.
Although this flaw only impacts those users who have linked a phone number with their account or logged in with a phone number, successful exploitation of the |
|||
|
2021-01-26 03:00:15 | vCISO Shares Most Common Risks Faced by Companies With Small Security Teams (lien direct) | Most companies with small security teams face the same issues. They have inadequate budgets, inadequate staff, and inadequate skills to face today's onslaught of sophisticated cyberthreats.
Many of these companies turn to virtual CISOs (vCISOs) to provide security expertise and guidance. vCISOs are typically former CISOs with years of experience building and managing information security |
|||
|
2021-01-25 21:10:52 | N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches (lien direct) | Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development.
The internet giant's Threat Analysis Group (TAG) said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, Twitter, LinkedIn |
Vulnerability Threat |
To see everything:
Our RSS (filtrered)
