What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-06 00:52:04 | Silk Road Admin Pleads Guilty – Could Face Up to 20 Years in Prison (lien direct) | An Irish national who helped run the now-defunct dark web marketplace Silk Road pleaded guilty on Friday to drug trafficking charges that carry a maximum sentence of 20 years in prison.
Gary Davis, also known as Libertas, was one of Silk Road's site administrators and forum moderators for Silk Road, then-largest underground marketplace on the Internet used by thousands of users to sell and
|
Guideline | ||
|
2018-10-04 06:03:05 | Chinese Spying Chips Found Hidden On Servers Used By US Companies (lien direct) | A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state.
According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including
|
|||
|
2018-10-03 11:36:00 | Wi-Fi Gets Simplified Version Numbers and Next Version is Wi-Fi 6 (lien direct) | Do you know what is the latest version of Wi-Fi? It's okay if you don't know.
It is - Wi-Fi is 802.11ac.
I am sure many of us can't answer this question immediately because the Wi-Fi technology doesn't have a traditional format of version numbers… at least until yesterday.
The Wi-Fi Alliance-the group that manages the implementation of Wi-Fi-has today announced that the next version of WiFi
|
|||
|
2018-10-03 04:18:05 | Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash (lien direct) | The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra.
Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations,
|
Medical | APT 38 | |
|
2018-10-03 00:27:02 | Facebook Finds \'No Evidence\' Hackers Accessed Connected Third-Party Apps (lien direct) | When Facebook last weekend disclosed a massive data breach-that compromised access tokens for more than 50 million accounts-many feared that the stolen tokens could have been used to access other third-party services, including Instagram and Tinder, through Facebook login.
Good news is that Facebook found no evidence "so far" that proves such claims.
In a blog post published Tuesday,
|
|||
|
2018-10-02 09:29:03 | Google Announces 5 Major Security Updates for Chrome Extensions (lien direct) | Google has made several new announcements for its Chrome Web Store that aims at making Chrome extensions more secure and transparent to its users.
Over a couple of years, we have seen a significant rise in malicious extensions that appear to offer useful functionalities, while running hidden malicious scripts in the background without the user's knowledge.
However, the best part is that
|
|||
|
2018-10-02 02:36:05 | New iPhone Passcode Bypass Hack Exposes Photos and Contacts (lien direct) | Looking for a hack to bypass the passcode or screen lock on iPhones?
Jose Rodriguez, an iPhone enthusiast, has discovered a passcode bypass vulnerability in Apple's new iOS version 12 that potentially allows an attacker to access photos and contacts, including phone numbers and emails, on a locked iPhone XS and other recent iPhone models.
Rodriguez, who also discovered iPhone lock screen
|
Hack Vulnerability | ||
|
2018-10-01 05:50:03 | GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers (lien direct) | Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to redirect users to malicious web pages-especially if they visit banking sites-and steal their login credentials.
Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing
|
Malware | ★★★★ | |
|
2018-10-01 01:56:01 | Telegram Calling Feature Leaks Your IP Addresses-Patch Released (lien direct) | The desktop version of the security and privacy-focused, end-to-end encrypted messaging app, Telegram, has been found leaking both users' private and public IP addresses by default during voice calls.
With 200 million monthly active users as of March 2018, Telegram promotes itself as an ultra-secure instant messaging service that lets its users make end-to-end encrypted chat and voice call
|
|||
|
2018-09-29 07:37:05 | Facebook Hacked - 10 Important Updates You Need To Know About (lien direct) | If you also found yourself logged out of Facebook on Friday, you are not alone.
Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach.
On Friday afternoon, the social media giant disclosed that some unknown hackers managed to exploit three vulnerabilities in its website and steal data from 50 million users and that as a
|
|||
|
2018-09-29 02:41:03 | Hackers Stole 50 Million Facebook Users\' Access Tokens Using Zero-Day Flaw (lien direct) | Logged out from your Facebook account automatically? Well you're not alone…
Facebook just admitted that an unknown hacker or a group of hackers exploited a zero-day vulnerability in its social media platform that allowed them to steal secret access tokens for more than 50 million accounts.
UPDATE: 10 Important Updates You Need To Know About the Latest Facebook Hacking Incident.
In a brief
|
Vulnerability | ||
|
2018-09-28 05:44:04 | Julian Assange will no longer be the editor-in-chief of WikiLeaks (lien direct) | Julian Assange, the founder of popular whistleblower website WikiLeaks, is stepping down from the position of editor-in-chief of the organisation under "extraordinary circumstances."
Assange, the 47-year-old Australian hacker, founded WikiLeaks in 2006 and has since made many high-profile leaks, exposing 'dirty' secrets of several individuals, political parties as well as government
|
|||
|
2018-09-28 01:35:00 | Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit (lien direct) | A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8.
Discovered by white hat hacker Jann Horn, the kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that leads to
|
Vulnerability Guideline | ★★★★ | |
|
2018-09-27 12:20:00 | 16-Year-Old Boy Who Hacked Apple\'s Private Systems Gets No Jail Time (lien direct) | An Australian teenager who pleaded guilty to break into Apple's private systems multiple times over several months and download some 90GB of secure files has avoided conviction and will not serve time in prison.
An Australian Children's Court has given the now 19-year-old adult defendant, who was 16 at the time of committing the crime, a probation order of eight months, though the magistrate
|
Guideline | ★★★★ | |
|
2018-09-27 10:40:03 | Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild (lien direct) | Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.
Dubbed LoJax, the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear, Strontium, and
|
Malware | APT 28 | ★★★★★ |
|
2018-09-27 08:21:03 | Pangu Hackers have Jailbroken iOS 12 on Apple\'s New iPhone XS (lien direct) | Bad news for Apple.
The Chinese hacking team Pangu is back and has once again surprised everyone with a jailbreak for iOS 12 running on the brand-new iPhone XS.
Well, that was really fast.
Pangu jailbreak team has been quiet for a while, since it last released the untethered jailbreak tool for iOS 9 back in October 2015.
Jailbreaking is a process of removing limitations on
|
Tool | ★★ | |
|
2018-09-27 03:30:00 | VPNFilter Router Malware Adds 7 New Network Exploitation Modules (lien direct) | Security researchers have discovered even more dangerous capabilities in VPNFilter-the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier.
Attributed to Russia's APT 28, also known as 'Fancy Bear,' VPNFilter is a malware platform designed to infect routers and network-attached storage
|
Malware | VPNFilter APT 28 | ★★★★★ |
|
2018-09-27 00:26:02 | ex-NSA Hacker Discloses macOS Mojave 10.14 Zero-Day Vulnerability (lien direct) | The same day Apple released its latest macOS Mojave operating system, a security researcher demonstrated a potential way to bypass new privacy implementations in macOS using just a few lines of code and access sensitive user data.
On Monday, Apple started rolling out its new macOS Mojave 10.14 operating system update to its users, which includes a number of new privacy and security controls,
|
Vulnerability | ||
|
2018-09-26 05:14:02 | New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions (lien direct) | Security researchers have published the details and proof-of-concept (PoC) exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system.
The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed "Mutagen Astronomy," affects the kernel versions
|
Vulnerability | ||
|
2018-09-26 01:47:00 | Ex-NSA Developer Gets 5.5 Years in Prison for Taking Top Secret Documents Home (lien direct) | A former NSA employee has been sentenced to five and a half years in prison for illegally taking a copy of highly classified documents and hacking tools to his home computer between 2010 and 2015, which were later stolen by Russian hackers.
Nghia Hoang Pho, 68, of Ellicott City, Maryland-who worked as a developer with Tailored Access Operations (TAO) hacking group at the NSA since April 2006-
|
|||
|
2018-09-25 08:09:04 | SHEIN-Fashion Shopping Site Suffers Data Breach Affecting 6.5 Million Users (lien direct) | U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information (PII) of almost 6.5 million customers.
Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online fashion retailers that ships to more than 80 countries worldwide. The site has been initially
|
Data Breach | ||
|
2018-09-25 06:16:03 | ZDResearch Advanced Web Hacking Training 2018 – Learn Online (lien direct) | Are you looking to master web hacking? Interested in a bug-hunting career? Do you want to land a job in cybersecurity?
Are you already working as a security engineer, but want to further advance or refine your skills?
If yes, read on.
ZDResearch Advanced Web Hacking (AWH) course, including optional certification upon completion-is the answer.
Last week, we sat with the ZDResearch training
|
|||
|
2018-09-22 05:05:05 | Operator of VirusTotal Like Malware-Scanning Service Jailed for 14 Years (lien direct) | A Latvian hacker behind the development and operation of counter antivirus service "Scan4You" has finally been sentenced to 14 years in prison.
37-year-old Ruslans Bondars, described as a Latvian "non-citizen" or "citizen of the former USSR who had been residing in Riga, Latvia," was found guilty on May 16 in federal court in Alexandria, during which a co-conspirator revealed he had worked
|
|||
|
2018-09-22 03:46:04 | Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year (lien direct) | The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with.
A bug in Twitter's API inadvertently exposed some users' direct messages (DMs) and protected tweets to unauthorized third-party app developers who weren't supposed to get them, Twitter disclosed in its Developer Blog on Friday.
What Happened?
Twitter found a bug
|
|||
|
2018-09-21 10:36:02 | Researcher Discloses New Zero-Day Affecting All Versions of Windows (lien direct) | A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline.
Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database
|
Vulnerability | ||
|
2018-09-21 01:45:02 | Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable (lien direct) | A high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE that could allow an attacker to run a malicious program on a targeted computer with the highest level of privileges in the system.
The vulnerability-discovered by 20-year-old Osanda Malith, a Sri Lankan security researcher at ZeroDayLab-can be exploited by a low privileged user
|
Vulnerability | ||
|
2018-09-20 06:54:05 | UK Regulator Fines Equifax £500,000 Over 2017 Data Breach (lien direct) | Atlanta-based consumer credit reporting agency Equifax has been issued a £500,000 fine by the UK's privacy watchdog for its last year's massive data breach that exposed personal and financial data of hundreds of millions of its customers.
Yes, £500,000-that's the maximum fine allowed by the UK's Data Protection Act 1998, though the penalty is apparently a small figure for a $16 billion
|
Data Breach | Equifax | |
|
2018-09-19 12:45:01 | Hackers Steal Customers\' Credit Cards From Newegg Electronics Retailer (lien direct) | The notorious hacking group behind the Ticketmaster and British Airways data breaches has now victimized popular computer hardware and consumer electronics retailer Newegg.
Magecart hacking group managed to infiltrate the Newegg website and steal the credit card details of all customers who entered their payment card information between August 14 and September 18, 2018, according to a joint
|
|||
|
2018-09-19 08:32:05 | New Malware Combines Ransomware, Coin Mining and Botnet Features in One (lien direct) | Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems.
Dubbed XBash, the new malware, believed to be tied to the Iron Group, a.k.a. Rocke-the Chinese speaking APT threat
|
Malware | ||
|
2018-09-19 07:07:00 | Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail (lien direct) | Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms.
Paras Jha, 21 from New Jersey, Josiah White, 20 from Washington, and Dalton Norman, 21 from Louisiana, plead guilty in December 2017 to multiple charges for their role
|
Guideline | ||
|
2018-09-19 02:23:05 | Western Digital\'s My Cloud NAS Devices Turn Out to Be Easily Hacked (lien direct) | Security researchers have discovered an authentication bypass vulnerability in Western Digital's My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices.
Western Digital's My Cloud (WD My Cloud) is one of the most popular network-attached storage (NAS) devices which is being used by businesses and individuals to host their
|
Vulnerability | ||
|
2018-09-18 08:05:05 | Powerful Android and iOS Spyware Found Deployed in 45 Countries (lien direct) | One of the world's most dangerous Android and iPhone spyware program has been found deployed against targets across 45 countries around the world over the last two years, a new report from Citizen Lab revealed.
The infamous spyware, dubbed Pegasus, is developed by NSO Group-an Israeli company which is mostly known for selling high-tech surveillance tools capable of remotely cracking into
|
|||
|
2018-09-18 02:39:03 | Linus Torvalds Apologizes For His Rude Behavior-Takes Time Off (lien direct) | What just happened would definitely gonna surprise you.
Linus Torvalds-father of the Linux open-source operating system-finally admitted his behavior towards other developers in the Linux community was hurting people and Linux.
In a surprising move this weekend, Torvalds apologized for insulting and abusing other developers for almost three decades and took a break from the open-source
|
|||
|
2018-09-17 06:01:04 | Ransomware Attack Takes Down Bristol Airport\'s Flight Display Screens (lien direct) | Bristol Airport has blamed a ransomware attack for causing a blackout of flight information screens for two days over the weekend.
The airport said that the attack started Friday morning, taking out several computers over the airport network, including its in-house display screens which provide details about the arrival and departure information of flights.
The attack forced
|
Ransomware | ||
|
2018-09-17 03:38:00 | Greece U-Turns - Now Approves Mr. Bitcoin\'s Extradition To Russia (lien direct) | Greece just took another U-turn.
Mr. Bitcoin a.k.a. Alexander Vinnik is not going to France nor to the United States; instead, he is now possibly going to his homeland Russia.
The Supreme Civil and Criminal Court of Greece on Friday has overruled previous decisions and approved to extradite the alleged owner of the now-defunct Bitcoin cryptocurrency exchange BTC-e Vinnik to Russia.
Several
|
|||
|
2018-09-17 02:36:05 | Watch Out! This New Web Exploit Can Crash and Restart Your iPhone (lien direct) | It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze.
Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept (PoC) web page containing an exploit that uses only a few lines of specially crafted CSS & HTML code.
Beyond just a simple crash, the web page, if visited, causes a
|
|||
|
2018-09-13 06:47:04 | Russian Hacker Pleads Guilty to Operating Kelihos Botnet (lien direct) | The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court.
Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and identity theft charges.
Levashov, also known by many online aliases including Peter Severa, Petr
|
Guideline | ||
|
2018-09-13 06:15:04 | How To Check If Your Twitter Account Has Been Hacked (lien direct) | Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened?
Twitter now lets you know this.
After Google and Facebook, Twitter now lets you see all the devices-laptop, phone, tablet, and otherwise-logged into your Twitter account.
Twitter has recently rolled out a new security feature for its users, dubbed Apps and Sessions, allowing
|
|||
|
2018-09-13 05:28:01 | New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs (lien direct) | Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption.
The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers steal information that briefly remains in the memory (RAM) after the computer is shut down.
|
|||
|
2018-09-12 06:48:00 | Tesla Model S Hack Could Let Thieves Clone Key Fobs to Steal Cars (lien direct) | Despite having proper security measures in place to protect the driving systems of its cars against cyber attacks, a team of security researchers discovered a way to remotely hack a Tesla Model S luxury sedans in less than two seconds.
Yes, you heard that right.
A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group of the Department of Electrical
|
Hack | Tesla | |
|
2018-09-12 04:50:03 | Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs (lien direct) | A security researcher has discovered a serious vulnerability that could allow attackers to spoof website addresses in the Microsoft Edge web browser for Windows and Apple Safari for iOS.
While Microsoft fixed the address bar URL spoofing vulnerability last month as part of its monthly security updates, Safari is still unpatched, potentially leaving Apple users vulnerable to phishing attacks.
|
Hack Vulnerability | ||
|
2018-09-11 11:36:02 | Microsoft Issues Software Updates for 17 Critical Vulnerabilities (lien direct) | Times to gear up your systems and software.
Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity.
This month's security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office,
|
Patching | ||
|
2018-09-11 10:25:02 | Adobe Issues ColdFusion Software Update for 6 Critical Vulnerabilities (lien direct) | Adobe has released September 2018 security patch updates for a total of 10 vulnerabilities in Flash Player and ColdFusion, six of which are rated as critical that affected ColdFusion and could allow attackers to remotely execute arbitrary code on a vulnerable server.
What's the good news this month for Adobe users?
This month Adobe Acrobat and Reader applications did not receive any patch
|
|||
|
2018-09-11 08:52:01 | Apple Removes Several Trend Micro Apps For Collecting MacOS Users\' Data (lien direct) | Apple has removed almost all popular security apps offered by well-known cyber-security vendor Trend Micro from its official Mac App Store after they were caught stealing users' sensitive data without their consent.
The controversial apps in question include Dr Cleaner, Dr Cleaner Pro, Dr Antivirus, Dr Unarchiver, App Uninstall, Dr. Battery, and Duplicate Finder for Mac computers.
The apps
|
|||
|
2018-09-10 12:07:02 | Tor Browser Zero-Day Exploit Revealed Online – Patch Now (lien direct) | Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit.
In a Tweet, Zerodium shared a zero-day vulnerability that resides in the NoScript browser plugin comes pre-installed with
|
Vulnerability | ||
|
2018-09-07 12:04:03 | No.1 Adware Removal Tool On Apple App Store Caught Spying On Mac Users (lien direct) | A highly popular top-tier app in Apple's Mac App Store that's designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China.
What's more concerning? Even after Apple was warned a month ago, the company did not take any action against the app.
The app in
|
Malware Tool | ||
|
2018-09-07 00:23:00 | British Airways Hacked – 380,000 Payment Cards Compromised (lien direct) | British Airways, who describes itself as "The World's Favorite Airline," has confirmed a data breach that exposed personal details and credit-card numbers of up to 380,000 customers and lasted for more than two weeks.
So who exactly are victims?
In a statement released by British Airways on Thursday, customers booking flights on its website (ba.com) and British Airways mobile app between
|
Data Breach | ||
|
2018-09-06 10:31:03 | U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack (lien direct) | The U.S. Department of Justice is preparing to announce criminal charges against a North Korean government spy in connection with the 2017 global WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack.
According to multiple government officials cited by the NY Times who are familiar with the indictment, the charges would be brought against Park Jin Hyok, who works for North
|
Ransomware Hack | Wannacry | |
|
2018-09-06 06:12:00 | 19-Year-Old Hacker Arrested Over Making Hoax School and Flight Bomb Threats (lien direct) | British police have arrested a 19-year-old teen who is an alleged member of Apophis Squad cybercriminal group responsible for making hoax bomb threats to thousands of schools and airlines; and DDoSing ProtonMail and Tutanota secure email services.
George Duke-Cohan was arrested in his bedroom at his family home in Watford by British National Crime Agency (NCA) on 31st August and pledged
|
|||
|
2018-09-06 06:08:03 | (Déjà vu) CISSP Certification Course - Become An IT Security Professional (lien direct) | If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone.
Certified Information Systems Security Professional (CISSP) is a globally recognised certification in the field of information security, which has become a gold standard of achievement that is acknowledged worldwide.
CISSP certification deals with a range of information security
|
To see everything:
Our RSS (filtrered)
