What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-16 09:50:50 | FBI adds 5 Chinese APT41 hackers to its Cyber\'s Most Wanted List (lien direct) | The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world.
Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just |
Guideline | APT 41 | |
|
2020-09-16 02:58:10 | 2 Hackers Charged for Defacing Sites after U.S. Airstrike Killed Iranian General (lien direct) | The US Department of Justice (DoJ) on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January.
Behzad Mohammadzadeh (aka Mrb3hz4d), 19, and Marwan Abusrour (aka Mrwn007), 25, have been charged with conspiracy to commit intentional damage to a protected |
|||
|
2020-09-16 02:00:12 | New Report Explains COVID-19\'s Impact on Cyber Security (lien direct) | Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks.
Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible |
|||
|
2020-09-15 04:30:04 | Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web (lien direct) | In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company.
Even the |
Guideline | ||
|
2020-09-15 02:14:30 | CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities.
"CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information |
Threat | ||
|
2020-09-11 05:05:15 | New Linux Malware Steals Call Details from VoIP Softswitch Systems (lien direct) | Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata.
"The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR)," ESET researchers said in a Thursday analysis.
"To steal this |
Malware | ||
|
2020-09-10 14:37:22 | New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices (lien direct) | Bluetooth SIG-an organization that oversees the development of Bluetooth standards-today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide.
Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices |
Vulnerability | ||
|
2020-09-10 12:01:11 | Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange (lien direct) | Cybercriminals successfully plundered another digital cryptocurrency exchange.
European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars.
Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe's Premier Digital Asset |
|||
|
2020-09-10 04:35:00 | A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption (lien direct) | IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes.
Many reasons end-users may contact the helpdesk. However, password related issues are arguably the most common.
Since the onset of the global pandemic that began earlier |
|||
|
2020-09-09 08:21:50 | Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine (lien direct) | We have all heard of the "cybersecurity skills gap" - firms' inability to hire and retain high-level cybersecurity talent.
I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to |
Threat | ||
|
2020-09-09 01:23:41 | Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor (lien direct) | A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research.
"To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity firm Intezer said |
Uber | ||
|
2020-09-08 12:56:26 | Microsoft Releases September 2020 Security Patches For 129 Flaws (lien direct) | As part of this month's Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software.
Of the 129 bugs spanning its various products - Microsoft Windows, Edge browser, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office, |
|||
|
2020-09-08 05:31:53 | Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks (lien direct) | Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand.
"The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team (CERT) said. "These links and attachments may |
Malware | ||
|
2020-09-07 07:46:32 | New PIN Verification Bypass Flaw Affects Visa Contactless Payments (lien direct) | Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered a new flaw in the company's EMV enabled cards that enable cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly.
The research, published by a group of academics from the ETH Zurich, is a PIN bypass attack that allows the adversaries to |
|||
|
2020-09-07 07:07:34 | SMB Cybersecurity Catching Up to Enterprise… But the Human Element Still a Major Concern (lien direct) | SMBs
Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and enterprise-grade security tools, making them easier prey than larger businesses.
A new report from |
|||
|
2020-09-04 05:37:45 | Evilnum hackers targeting financial firms with a new Python-based RAT (lien direct) | An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan (RAT) that can steal passwords, documents, browser cookies, email credentials, and other sensitive information.
In an analysis published by Cybereason researchers yesterday, the Evilnum group has not only tweaked its infection chain but has |
|||
|
2020-09-03 01:58:35 | (Live) Webinar – XDR and Beyond with Autonomous Breach Protection (lien direct) | Anyone paying attention to the cybersecurity technology market has heard the term XDR - Extended Detection and Response.
XDR is a new technology approach that combines multiple protection technologies into a single platform. All the analyst firms are writing about it, and many of the top cybersecurity companies are actively moving into this space.
Why is XDR receiving all the buzz? Combining |
|||
|
2020-09-03 01:36:33 | Cisco Jabber Bug Could Let Hackers Target Windows Systems Remotely (lien direct) | Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities-which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code.
The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently supported |
|||
|
2020-09-02 01:54:16 | New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data (lien direct) | Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit.
In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers.
"For threat actors, |
Threat | ||
|
2020-09-01 02:51:35 | Maximum Lifespan of SSL/TLS Certificates is 398 Days Starting Today (lien direct) | Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days).
In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months (or 398 days) from their |
|||
|
2020-09-01 00:40:02 | Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild (lien direct) | Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device.
"An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend.
"A successful |
Vulnerability | ||
|
2020-08-28 03:36:28 | Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware (lien direct) | An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware.
Detailing the new tactics of the "Charming Kitten" APT group, Israeli firm Clearsky said, "starting July 2020, we have identified a new TTP of the group, |
Malware Conference | APT 35 | |
|
2020-08-27 02:59:37 | QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money (lien direct) | A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research.
In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of |
|||
|
2020-08-26 11:30:25 | Russian Arrested After Offering $1 Million to U.S. Company Employee for Planting Malware (lien direct) | Hackers always find a way in, even if there's no software vulnerability to exploit.
The FBI has arrested a Russian national who recently traveled to the United States and offered $1 million in bribe to an employee of a targeted company for his help in installing malware into the company's computer network manually.
Egor Igorevich Kriuchkov, 27-year-old, entered the United States as a tourist |
Malware Vulnerability | ||
|
2020-08-26 02:33:05 | APT Hackers Exploit Autodesk 3D Max Software for Industrial Espionage (lien direct) | It's one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it's an entirely different matter when they are used as "hackers for hire" by competing private companies to make away with confidential information.
Bitdefender's Cyber Threat Intelligence Lab discovered yet another instance of an espionage attack targeting an unnamed international |
Threat | ||
|
2020-08-25 03:54:07 | Popular iOS SDK Caught Spying on Billions of Users and Committing Ad Fraud (lien direct) | A popular iOS software development kit (SDK) used by over 1,200 apps-with a total of more than a billion mobile users-is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information.
According to a report published by cybersecurity firm Snyk, Mintegral - a mobile programmatic advertising platform owned by Chinese mobile ad tech company |
|||
|
2020-08-25 02:46:10 | Get Lifetime Access to 1000+ Premium Online Training Courses for Just $59 (lien direct) | "In today's knowledge economy, continual learning is an imperative." - Those words from Aytekin Tank, the founder of JotForm, are particularly important for anyone working in IT or development.
With over 1,000 premium courses (complete list) from top instructors, StackSkills Unlimited provides endless learning opportunities. Right now, you can grab lifetime membership for $59.
Categories of |
|||
|
2020-08-24 23:52:09 | Google Researcher Reported 3 Flaws in Apache Web Server Software (lien direct) | If your web-server runs on Apache, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.
Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to cause a crash |
|||
|
2020-08-22 00:49:43 | A Google Drive \'Feature\' Could Let Attackers Trick You Into Installing Malware (lien direct) | An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spear-phishing attacks comparatively with a high success rate.
The latest security issue-of which Google is aware but, unfortunately, left unpatched-resides in the "manage versions" functionality |
Malware | ||
|
2020-08-20 14:39:35 | Former Uber Security Chief Charged Over Covering Up 2016 Data Breach (lien direct) | The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.
According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach" that also |
Data Breach Guideline | Uber | |
|
2020-08-20 12:44:34 | Hackers Target Defence Contractors\' Employees By Posing as Recruiters (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies.
Dubbed 'BLINDINGCAN,' the advanced remote access trojan acts as a backdoor when installed on compromised computers.
According to the FBI |
Malware | ||
|
2020-08-20 11:22:31 | Experian South Africa Suffers Data Breach Affecting Millions; Attacker Identified (lien direct) | The South African arm of one of the world's largest credit check companies Experian yesterday announced a data breach incident that exposed personal information of millions of its customers.
While Experian itself didn't mention the number of affect customers, in a report, the South African Banking Risk Information Centre-an anti-fraud and banking non-profit organization who worked with |
Data Breach | ||
|
2020-08-20 10:06:11 | Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2 (lien direct) | Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities.
Tracked as CVE-2020-1530 and CVE-2020-1537, both flaws reside in the Remote Access Service (RAS) in a way it manages memory and file operations and could let remote attackers gain elevated privileges |
|||
|
2020-08-20 04:59:01 | Experts Reported Security Bug in IBM\'s Db2 Data Management Software (lien direct) | Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks.
The flaw (CVE-2020-4414), which impacts IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms, is caused by improper usage shared memory, |
Vulnerability | ★★★★ | |
|
2020-08-19 04:36:17 | XDR: The Next Level of Prevention, Detection and Response [New Guide] (lien direct) | One new security technology we keep hearing about is Extended Detection and Response (XDR).
This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control and integration technologies.
Think of XDR as prepackaged EDR, NTA, UEBA (and perhaps other |
Threat | ||
|
2020-08-19 03:05:47 | A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide (lien direct) | Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020.
Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according |
Malware | ||
|
2020-08-18 02:55:09 | Critical Jenkins Server Vulnerability Could Leak Sensitive Information (lien direct) | Jenkins-a popular open-source automation server software-published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed.
Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521-a full-featured tool |
Vulnerability | ||
|
2020-08-17 05:45:27 | Researchers Exploited A Bug in Emotet to Stop the Spread of Malware (lien direct) | Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months.
"Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us," Binary Defense's |
Ransomware Spam Malware | ||
|
2020-08-17 03:20:40 | How AppTrana Managed Cloud WAF Tackles Evolving Attacking Techniques (lien direct) | Web applications suffer continuously evolving attacks, where a web application firewall (WAF) is the first line of defense and a necessary part of organizations' cybersecurity strategies.
WAFs are getting more sophisticated all the time, but as its core protection starts with efficient pattern matching, typically using Regular Expressions, and classifying malicious traffic to block cyber |
|||
|
2020-08-13 06:09:01 | New Attack Lets Hackers Decrypt VoLTE Encryption to Spy on Phone Calls (lien direct) | A team of academic researchers-who previously made the headlines earlier this year for uncovering severe security issues in the 4G LTE and 5G networks-today presented a new attack called 'ReVoLTE,' that could let remote attackers break the encryption used by 4G voice calls.
The attack doesn't exploit any flaw in the Voice over LTE (VoLTE) protocol; instead, it leverages weak implementation of |
|||
|
2020-08-13 02:59:12 | Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely (lien direct) | Attention! If you use Amazon's voice assistant Alexa in you smart speakers, just opening an innocent-looking web-link could let attackers install hacking skills on it and spy on your activities remotely. Cybersecurity researchers today disclosed severe security vulnerabilities in Amazon's Alexa virtual assistant that could render it vulnerable to a number of malicious attacks. | |||
|
2020-08-12 05:35:52 | Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked (lien direct) | Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.
This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and the rest are important in severity.
In a nutshell, your Windows computer can be hacked if you:
Play a |
|||
|
2020-08-12 03:45:46 | Flaws in Samsung Phones Exposed Android Users to Remote Attacks (lien direct) | New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'-an Android app that comes pre-installed on most Samsung smartphones-that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone.
Portugal-based cybersecurity services provider Char49 revealed its findings on |
|||
|
2020-08-12 01:25:47 | Contrast Community Edition Empowers Developers to Write Secure Code Faster (lien direct) | As software eats the world, the world faces a software security crisis. The movement to modern software such as cloud technologies and microservice architectures is essential to innovate quickly. Yet, nearly three in four developers say that security slows down Agile and DevOps.
Neither developers nor security teams are to blame. DevOps speed is held back by a 15-year-old, scan-based |
|||
|
2020-08-11 13:17:38 | Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers) (lien direct) | Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees' mobile devices remotely.
Citrix Endpoint Management offers businesses mobile device management (MDM) and mobile application management (MAM) capabilities. It allows |
|||
|
2020-08-11 07:22:52 | Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers (lien direct) | If you haven't recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible.
Cybersecurity researchers on Monday disclosed details about a zero-day flaw in Chromium-based web browsers for Windows, Mac and Android that could have allowed attackers to entirely bypass Content Security Policy (CSP) rules |
|||
|
2020-08-11 06:40:26 | A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly (lien direct) | A security researcher earlier today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability affecting the widely used internet forum software vBulletin that's already under active exploitation in the wild.
vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server that |
Vulnerability | ||
|
2020-08-10 05:06:36 | TeamViewer Flaw Could Let Hackers Steal System Password Remotely (lien direct) | If you are using TeamViewer, then beware and make sure you're running the latest version of the popular remote desktop connection software for Windows.
TeamViewer team recently released a new version of its software that includes a patch for a severe vulnerability (CVE 2020-13699), which, if exploited, could let remote attackers steal your system password and eventually compromise it.
What's |
Vulnerability | ★★ | |
|
2020-08-10 02:25:38 | Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28 (lien direct) | Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data-and even run stealthy malware as a sub-process of a trusted application.
According to cybersecurity researcher Mazin Ahmed, who presented his findings at DEF CON |
Malware | ||
|
2020-08-07 06:01:06 | Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon (lien direct) | Cybersecurity researchers today highlighted an evasive phishing technique that attackers are exploiting in the wild to target visitors of several sites with a quirk in domain names, and leverage modified favicons to inject e-skimmers and steal payment card information covertly.
"The idea is simple and consists of using characters that look the same in order to dupe users," Malwarebytes |
To see everything:
Our RSS (filtrered)
