What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
The_Hackers_News.webp 2020-10-29 02:45:53 How to Run Google SERP API Without Constantly Changing Proxy Servers (lien direct) You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several scrapes, Google's automated security system kicks in. Then it kicks you out. The standard was to bypass
The_Hackers_News.webp 2020-10-28 22:59:15 FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems (lien direct) The US Federal Bureau of Investigation (FBI), Departments of Homeland Security, and Health and Human Services (HHS) issued a joint alert Wednesday warning of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the [Healthcare and Public Health] Sector with TrickBot malware, often leading to ransomware Ransomware Guideline
The_Hackers_News.webp 2020-10-28 03:57:02 [Webinar and eBook]: Are You\'re Getting The Best Value From Your EDR Solution? (lien direct) Many companies rely on Endpoint Detection and Response (EDR) solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecting it to quadruple over the next five years. The recent introduction of Extended Detection and Tool
The_Hackers_News.webp 2020-10-28 01:12:57 TrickBot Linux Variants Active in the Wild Despite Recent Takedown (lien direct) Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to widen the scope of victims that could be targeted. TrickBot, a financial Trojan first detected in 2016 Malware
The_Hackers_News.webp 2020-10-27 02:25:06 Google Removes 21 Malicious Android Apps from Play Store (lien direct) Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps (list here) were downloaded nearly eight million times from Google's app marketplace. The apps masqueraded as
The_Hackers_News.webp 2020-10-26 05:31:27 Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps (lien direct) Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the background. "Links shared in chats may contain private information intended only for the recipients,"
The_Hackers_News.webp 2020-10-23 03:50:27 New Framework Released to Protect Machine Learning Systems From Adversarial Attacks (lien direct) Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting ML systems. Just Threat
The_Hackers_News.webp 2020-10-21 00:02:44 Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks (lien direct) Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani security researcher Rafay Vulnerability
The_Hackers_News.webp 2020-10-20 07:02:47 Windows GravityRAT Malware Now Also Targets macOS and Android Devices (lien direct) A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware - dubbed "GravityRAT" - now masquerades as legitimate Android and macOS apps to capture device data, contact Malware
The_Hackers_News.webp 2020-10-19 23:04:02 U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks (lien direct) The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate (GRU), have been accused of perpetrating the "most disruptive and destructive series of computer attacks Malware
The_Hackers_News.webp 2020-10-16 00:19:45 Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices (lien direct) Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws - collectively called BleedingTooth - reside in the open-source BlueZ protocol stack
The_Hackers_News.webp 2020-10-14 23:58:51 India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here\'s Why? (lien direct) The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more
The_Hackers_News.webp 2020-10-14 10:59:01 Police Raided German Spyware Company FinFisher Offices (lien direct) German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the German Customs Investigation Bureau (ZKA), ordered by the Munich Public Prosecutor's Office, searched a
The_Hackers_News.webp 2020-10-14 06:05:01 FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks (lien direct) A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective - known as FIN11 - has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying Ransomware Malware Threat
The_Hackers_News.webp 2020-10-14 03:20:04 Guide: Scale or Fail - Why MSSPs Need Multitenant Security Solutions (lien direct) Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security
The_Hackers_News.webp 2020-10-14 03:10:31 Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs (lien direct) Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and
The_Hackers_News.webp 2020-10-13 00:10:08 Microsoft and Other Tech Companies Take Down TrickBot Botnet (lien direct) Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware's back-end infrastructure. The joint collaboration, which involved Microsoft's Digital Crimes Unit, Lumen's Black Lotus Labs, ESET, Financial Services Information Sharing and Analysis Center (FS-ISAC),
The_Hackers_News.webp 2020-10-12 04:39:26 A Self-Service Password Reset Project Can Be Quick Win For IT (lien direct) Since the beginning of this year, organizations' IT staff have faced numerous challenges and an increased workload as a result of the global pandemic and shift to a mainly remote workforce. Supporting end-users that are now working from home has introduced new challenges in troubleshooting since it isn't as simple as visiting an end user's desk to resolve issues as they arise. One support issue
The_Hackers_News.webp 2020-10-12 00:52:49 Watch Out - Microsoft Warns Android Users About A New Ransomware (lien direct) Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as Ransomware ★★★
The_Hackers_News.webp 2020-10-09 02:06:17 55 New Security Flaws Reported in Apple Software and Services (lien direct) A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws - including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities - could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm capable of
The_Hackers_News.webp 2020-10-08 06:56:53 Researchers Find Vulnerabilities in Microsoft Azure Cloud Service (lien direct) As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server. "This enables an attacker to quietly
The_Hackers_News.webp 2020-10-07 05:43:43 A Handy Guide for Choosing a Managed Detection & Response (MDR) Service (lien direct) Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a deep bench of cybersecurity experts. To address this issue, especially for small and mid-sized
The_Hackers_News.webp 2020-10-07 02:51:25 ALERT! Hackers targeting IoT devices with a new P2P botnet malware (lien direct) Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet - written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via a brute-force attack of the Malware
The_Hackers_News.webp 2020-10-06 01:33:43 New \'MosaicRegressor\' UEFI Bootkit Malware Found Active in the Wild (lien direct) Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it the second known public case where a UEFI rootkit has been used in the wild. According to Kaspersky, the Malware
The_Hackers_News.webp 2020-10-05 07:23:48 Secure Your SaaS Apps With Security Posture Management Platform (lien direct) Image credit: Adaptive Shield As security professionals who have spent more than a few years in the industry, we know a good challenge when we see one. SaaS and cloud-based technologies are growing rapidly, offering organizations convenience and constant feature refreshes without the need to install and deploy software on-premises. However, even when referred to as 'a game-changer,' many
The_Hackers_News.webp 2020-10-05 07:08:16 New Flaws in Top Antivirus Software Could Make Computers More Vulnerable (lien direct) Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk Labs today and shared with The Hacker News, the high privileges often associated with anti-malware products Malware
The_Hackers_News.webp 2020-10-02 02:59:55 Researchers Fingerprint Exploit Developers Who Help Several Malware Authors (lien direct) Writing advanced malware for a threat actor requires different groups of people with diverse technical expertise to put them all together. But can the code leave enough clues to reveal the person behind it? To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits Malware Threat
The_Hackers_News.webp 2020-10-01 03:35:09 Beware: New Android Spyware Found Posing as Telegram and Threema Apps (lien direct) A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. "Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call
The_Hackers_News.webp 2020-10-01 03:00:44 Russian Who Hacked LinkedIn, Dropbox Sentenced to 7 Years in Prison (lien direct) A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and
The_Hackers_News.webp 2020-10-01 01:29:08 Critical Flaws Discovered in Popular Industrial Remote Access Systems (lien direct) Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. The flaws, discovered by Tel Aviv-based OTORIO, were identified in B&R Automation's SiteManager and GateManager, and MB Connect Hack
The_Hackers_News.webp 2020-09-30 09:49:49 Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks (lien direct) Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago.Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software that is installed
The_Hackers_News.webp 2020-09-30 02:29:01 Chinese APT Group Targets Media, Finance, and Electronics Sectors (lien direct) Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. Linking the attacks to Palmerworm (aka BlackTech) - likely a China-based advanced persistent threat (APT) - Symantec's Threat Hunter Team said the first wave of activity associated with this campaign began last Threat
The_Hackers_News.webp 2020-09-29 10:26:49 LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection (lien direct) I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability-called Zerologon-that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable to a critical privilege escalation bug that resides in the Netlogon Remote Control Protocol for Domain
The_Hackers_News.webp 2020-09-28 06:27:05 Researchers Uncover Cyber Espionage Operation Aimed At Indian Army (lien direct) Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed "Operation SideCopy" by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an advanced persistent threat (APT) group that has successfully managed to stay Threat
The_Hackers_News.webp 2020-09-28 04:06:48 Red Team - Automation or Simulation? (lien direct) What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, the difference runs deeper. In a nutshell, a pen-test is performed to discover exploitable
The_Hackers_News.webp 2020-09-25 08:01:52 FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations (lien direct) Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. Developed by a German company, FinSpy is extremely powerful spying software that is being sold as a legal law enforcement tool to governments around the world but has also Tool
The_Hackers_News.webp 2020-09-25 07:37:10 Microsoft Windows XP Source Code Reportedly Leaked Online (lien direct) Microsoft's long-lived operating system Windows XP-that still powers over 1% of all laptops and desktop computers worldwide-has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first
The_Hackers_News.webp 2020-09-25 03:24:00 Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers (lien direct) As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution to enable employees to
The_Hackers_News.webp 2020-09-24 03:11:10 Major Instagram App Bug Could\'ve Given Hackers Remote Access to Your Phone (lien direct) Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. What's more worrisome is that the flaw not only lets attackers Hack
The_Hackers_News.webp 2020-09-23 11:09:58 Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability (lien direct) If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the Vulnerability
The_Hackers_News.webp 2020-09-23 02:07:58 A New Hacking Group Hitting Russian Companies With Ransomware (lien direct) As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. The ransomware gang, codenamed "OldGremlin" and believed to be a Russian-speaking threat Ransomware
The_Hackers_News.webp 2020-09-22 06:07:49 Unsecured Microsoft Bing Search Server Exposed User Queries and Location Data (lien direct) A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The data leak, discovered by Ata Hakcil of WizCase on September 12, is a massive 6.5TB cache of log
The_Hackers_News.webp 2020-09-22 04:32:26 British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies (lien direct) A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous international hacking group 'The Dark Overlord,' has been sentenced to five years in prison and Guideline
The_Hackers_News.webp 2020-09-21 03:34:14 A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems (lien direct) German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The Ransomware
The_Hackers_News.webp 2020-09-19 04:24:39 Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents (lien direct) Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts - one for Threat
The_Hackers_News.webp 2020-09-18 01:45:03 U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence (lien direct) The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target Malware Threat
The_Hackers_News.webp 2020-09-18 00:47:42 Android 11 - 5 New Security and Privacy Features You Need to Know (lien direct) After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system-with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being
The_Hackers_News.webp 2020-09-17 07:14:41 Zenscrape: A Simple Web Scraping Solution for Penetration Testers (lien direct) Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It is a much faster and easier process of retrieving data without undergoing the time-consuming
The_Hackers_News.webp 2020-09-17 05:01:19 U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers (lien direct) Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals-Danil Potekhin and Dmitrii Karasavidi-are accused of stealing $16.8 million worth of cryptocurrencies in a series of
The_Hackers_News.webp 2020-09-16 09:50:50 FBI adds 5 Chinese APT41 hackers to its Cyber\'s Most Wanted List (lien direct) The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just Guideline APT 41
Last update at: 2024-08-01 08:18:59
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter