What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-23 23:44:14 | Antivirus Pioneer John McAfee Found Dead in Spanish Jail (lien direct) | Controversial mogul and antivirus pioneer John McAfee on Wednesday died by suicide in a jail cell in Barcelona, hours after reports that he would be extradited to face federal charges in the U.S.
McAfee was 75. He is said to have died by hanging "as his nine months in prison brought him to despair," according to McAfee's lawyer Javier Villalba, Reuters reported. Security personnel at the Brians |
|||
|
2021-06-23 07:36:52 | Pakistan-linked hackers targeted Indian power company with ReverseRat (lien direct) | A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research.
"Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan," Lumen's Black Lotus Labs said in a Tuesday |
Threat | ||
|
2021-06-23 02:33:00 | [Whitepaper] Automate Your Security with Cynet to Protect from Ransomware (lien direct) | It seems like every new day brings with it a new ransomware news item – new attacks, methods, horror stories, and data being leaked.
Ransomware attacks are on the rise, and they've become a major issue for organizations across industries. A recent report estimated that by 2031, ransomware attacks would cost the world over $260 billion.
A new whitepaper from XDR provider Cynet demonstrates how |
Ransomware | ||
|
2021-06-23 01:54:53 | Patch Tor Browser Bug to Prevent Tracking of Your Online Activities (lien direct) | Open-source Tor browser has been updated to version 10.0.18 with fixes for multiple issues, including a privacy-defeating bug that could be used to uniquely fingerprint users across different browsers based on the apps installed on a computer.
In addition to updating Tor to 0.4.5.9, the browser's Android version has been upgraded to Firefox to version 89.1.1, alongside incorporating patches |
|||
|
2021-06-22 22:35:59 | SonicWall Left a VPN Flaw Partially Unpatched Amidst 0-Day Attacks (lien direct) | A critical vulnerability in SonicWall VPN appliances that was believed to have been patched last year has been now found to be "botched," with the company leaving a memory leak flaw unaddressed, until now, that could permit a remote attacker to gain access to sensitive information.
The shortcoming was rectified in an update rolled out to SonicOS on June 22.
Tracked as CVE-2021-20019 (CVSS score |
Vulnerability | ★★★★★ | |
|
2021-06-22 12:28:09 | Unpatched Supply-Chain Flaw Affects \'Pling Store\' Platforms for Linux Users (lien direct) | Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software (FOSS) marketplaces for Linux platform that could be potentially abused to stage supply chain attacks and achieve remote code execution (RCE).
"Linux marketplaces that are based on the Pling platform are vulnerable to a wormable [cross-site scripting] with potential for |
Vulnerability | ||
|
2021-06-22 03:02:28 | Wormable DarkRadiation Ransomware Targets Linux and Docker Instances (lien direct) | Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications.
"The ransomware is written in Bash script and targets Red Hat/CentOS and Debian Linux distributions," researchers from Trend Micro said in |
Ransomware | ||
|
2021-06-22 00:24:34 | NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws (lien direct) | U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure.
Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series, |
Guideline | ||
|
2021-06-21 07:17:48 | 5 Critical Steps to Recovering From a Ransomware Attack (lien direct) | Hackers are increasingly using ransomware as an effective tool to disrupt businesses and fund malicious activities.
A recent analysis by cybersecurity company Group-IB revealed ransomware attacks doubled in 2020, while Cybersecurity Venture predicts that a ransomware attack will occur every 11 seconds in 2021.
Businesses must prepare for the possibility of a ransomware attack affecting their |
Ransomware Tool | ||
|
2021-06-21 03:05:00 | DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps (lien direct) | A new research published by a group of academics has found that anti-virus programs for Android continue to remain vulnerable against different permutations of malware, in what could pose a serious risk as malicious actors evolve their toolsets to better evade analysis.
"Malware writers use stealthy mutations (morphing/obfuscations) to continuously develop malware clones, thwarting detection by |
Malware | ||
|
2021-06-21 00:30:17 | Beware! Connecting to This Wireless Network Can Break Your iPhone\'s Wi-Fi Feature (lien direct) | A wireless network naming bug has been discovered in Apple's iOS operating system that effectively disables an iPhone's ability to connect to a Wi-Fi network.
The issue was spotted by security researcher Carl Schou, who found that the phone's Wi-Fi functionality gets permanently disabled after joining a Wi-Fi network with the unusual name "%p%s%s%s%s%n" even after rebooting the phone or changing |
|||
|
2021-06-18 23:34:04 | North Korea Exploited VPN Flaw to Hack South\'s Nuclear Research Institute (lien direct) | South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which - "27.102.114[.]89 |
Hack Vulnerability | ||
|
2021-06-18 23:13:20 | Cyber espionage by Chinese hackers in neighbouring nations is on the rise (lien direct) | A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus.
In a wide-ranging report published by Massachusetts-headquartered Recorded Future this week, the cybersecurity firm's Insikt Group said it identified ties between a group it tracks as " |
|||
|
2021-06-18 06:07:00 | Russia bans VyprVPN, Opera VPN services for not complying with blacklist request (lien direct) | Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country.
"In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and |
|||
|
2021-06-18 00:34:33 | Google Releases New Framework to Prevent Software Supply Chain Attacks (lien direct) | As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications.
Called "Supply chain Levels for Software Artifacts" (SLSA, and pronounced "salsa"), the end-to-end framework aims to secure the software development and |
|||
|
2021-06-17 23:33:55 | [eBook] 7 Signs You Might Need a New Detection and Response Tool (lien direct) | It's natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns.
In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes obsolete, often overnight.
This combination usually results in one of two things – organizations |
Tool | ||
|
2021-06-17 20:33:11 | Update Your Chrome Browser to Patch Yet Another 0-Day Exploited in-the-Wild (lien direct) | Google has rolled out yet another update to Chrome browser for Windows, Mac, and Linux to fix four security vulnerabilities, including one zero-day flaw that's being exploited in the wild.
Tracked as CVE-2021-30554, the high severity flaw concerns a use after free vulnerability in WebGL (aka Web Graphics Library), a JavaScript API for rendering interactive 2D and 3D graphics within the browser. |
|||
|
2021-06-17 05:09:16 | Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments (lien direct) | A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month.
Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated threat actor it |
Threat | ||
|
2021-06-17 03:25:33 | A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran (lien direct) | Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan (RAT) capable of stealing sensitive information from targets' devices since at least 2015.
Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an advanced persistent threat (APT) |
Threat | ||
|
2021-06-17 01:06:05 | Strengthen Your Password Policy With GDPR Compliance (lien direct) | A solid password policy is the first line of defense for your corporate network. Protecting your systems from unauthorized users may sound easy on the surface, but it can actually be quite complicated. You have to balance password security with usability, while also following various regulatory requirements.
Companies in the EU must have password policies that are compliant with the General Data |
|||
|
2021-06-17 00:46:17 | Researchers Uncover \'Process Ghosting\' - A New Malware Evasion Technique (lien direct) | Cybersecurity researchers have disclosed a new executable image tampering attack dubbed "Process Ghosting" that could be potentially abused by an attacker to circumvent protections and stealthily run malicious code on a Windows system.
"With this technique, an attacker can write a piece of malware to disk in such a way that it's difficult to scan or delete it - and where it then executes the |
Malware | ||
|
2021-06-16 07:44:16 | Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks (lien direct) | Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019.
As part of a joint operation between the National Police of Ukraine and authorities from the Republic of Korea and the U.S., six defendants have been accused of running a double extortion |
Ransomware | ||
|
2021-06-16 05:25:25 | Malware Attack on South Korean Entities Was Work of Andariel Group (lien direct) | A malware campaign targeting South Korean entities that came to light earlier this year has been attributed to a North Korean nation-state hacking group called Andariel, once again indicating that Lazarus attackers are following the trends and their arsenal is in constant development.
"The way Windows commands and their options were used in this campaign is almost identical to previous Andariel |
Malware | APT 38 | |
|
2021-06-16 02:14:53 | Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets (lien direct) | As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets.
"Ransomware operators often buy access from independent cybercriminal groups who infiltrate major |
Ransomware Hack Threat | ||
|
2021-06-16 00:00:24 | Critical ThroughTek Flaw Opens Millions of Connected Cameras to Eavesdropping (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued an advisory regarding a critical software supply-chain flaw impacting ThroughTek's software development kit (SDK) that could be abused by an adversary to gain improper access to audio and video streams.
"Successful exploitation of this vulnerability could permit unauthorized access to sensitive information, such |
Vulnerability | ||
|
2021-06-15 06:05:51 | Experts Shed Light On Distinctive Tactics Used by Hades Ransomware (lien direct) | Cybersecurity researchers on Tuesday disclosed "distinctive" tactics, techniques, and procedures (TTPs) adopted by operators of Hades ransomware that set it apart from the rest of the pack, attributing it to a financially motivated threat group called GOLD WINTER.
"In many ways, the GOLD WINTER threat group is a typical post-intrusion ransomware threat group that pursues high-value targets to |
Ransomware Threat | ||
|
2021-06-15 04:12:03 | Instagram Bug Allowed Anyone to View Private Accounts Without Following Them (lien direct) | Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them.
"This bug could have allowed a malicious user to view targeted media on Instagram," Mayur Fartade said in a Medium post today. "An attacker could have been able to see details of private/archived posts, stories, reels, IGTV without following the user |
|||
|
2021-06-14 20:32:43 | Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild (lien direct) | Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild.
The latest update, iOS 12.5.4, comes with three security fixes, including a memory corruption issue in the ASN.1 decoder (CVE-2021-30737) and two flaws concerning the WebKit browser engine that could be abused to achieve |
|||
|
2021-06-14 07:26:27 | Google Workspace Now Offers Client-side Encryption For Drive and Docs (lien direct) | Google on Monday announced that it's rolling out client-side encryption to Google Workspace (formerly G Suite), thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys.
"With client-side encryption, customer data is indecipherable to Google, while users can continue to take advantage of Google's native web-based |
|||
|
2021-06-14 06:34:33 | NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers (lien direct) | A new cyber espionage group named Gelsemium has been linked to a supply chain attack targeting the NoxPlayer Android emulator that was disclosed earlier this year.
The findings come from a systematic analysis of multiple campaigns undertaken by the APT crew, with evidence of the earliest attack dating back all the way to 2014 under the codename Operation TooHash based on malware payloads |
Malware | ||
|
2021-06-14 05:17:38 | Cybersecurity Executive Order 2021: What It Means for Cloud and SaaS Security (lien direct) | In response to malicious actors targeting US federal IT systems and their supply chain, the President released the "Executive Order on Improving the Nation's Cybersecurity (Executive Order)."
Although directed at Federal departments and agencies, the Executive Order will likely have a ripple effect through the Federal technology supply stream. Private companies and enterprises will look to the |
|||
|
2021-06-13 23:59:46 | Chinese Hackers Believed to be Behind SITA, Air India Data Breach (lien direct) | The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41.
Group-IB dubbed the campaign "ColunmTK" based on the names of the command-and-control (C2) server domains that were used for communications. "The |
Data Breach Threat Guideline | APT 41 | |
|
2021-06-11 06:14:09 | Mozilla Says Google\'s New Ad Tech-FLoC-Doesn\'t Protect User Privacy (lien direct) | Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users.
"FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk," said Eric Rescorla, author of TLS standard |
|||
|
2021-06-11 02:28:02 | Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users (lien direct) | Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices.
"The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device |
|||
|
2021-06-11 01:17:25 | Live Cybersecurity Webinar - Deconstructing Cobalt Strike (lien direct) | Organizations' cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments.
Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization's environment and attack it from |
|||
|
2021-06-11 00:47:01 | 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access (lien direct) | A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker to bypass authorization and escalate permissions to the root user.
Tracked as CVE-2021-3560 (CVSS score: 7.8), the flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse, who said |
Vulnerability | ||
|
2021-06-11 00:01:09 | New Cyber Espionage Group Targeting Ministries of Foreign Affairs (lien direct) | Cybersecurity researchers on Thursday took the wraps off a new cyberespionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017.
Dubbed "BackdoorDiplomacy," the campaign involves targeting weak points in internet-exposed devices such as web servers to perform a panoply of cyber |
|||
|
2021-06-10 21:51:37 | U.S. Authorities Shut Down Slilpp-Largest Marketplace for Stolen Logins (lien direct) | The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as "Slilpp" that specialized in trading stolen login credentials as part of an international law enforcement operation.
Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown, which involved the joint |
|||
|
2021-06-10 03:51:05 | Emerging Ransomware Targets Dozens of Businesses Worldwide (lien direct) | An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate.
First observed in February 2021, "Prometheus" is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle |
Ransomware Threat | ||
|
2021-06-10 02:52:44 | Using Breached Password Detection Services to Prevent Cyberattack (lien direct) | Bolstering password policies in your organization is an important part of a robust cybersecurity strategy. Cybercriminals are using compromised accounts as one of their favorite tactics to infiltrate business-critical environments; as we've seen in recent news, these attacks can be dangerous and financially impactful.
Unfortunately, account compromise is a very successful attack method and |
|||
|
2021-06-09 22:46:05 | Beef Supplier JBS Paid Hackers $11 Million Ransom After Cyberattack (lien direct) | Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month.
"In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated," |
Ransomware | ||
|
2021-06-09 21:14:21 | New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP! (lien direct) | Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today.
Google on Wednesday rolled out an urgent update for Chrome browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild.
Tracked as |
|||
|
2021-06-09 09:39:33 | New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites (lien direct) | Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim's web browser to a different TLS service endpoint located on another IP address to steal sensitive information.
The attacks have been dubbed ALPACA, short for "Application Layer Protocol Confusion - Analyzing and mitigating Cracks in |
|||
|
2021-06-09 04:01:03 | Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances (lien direct) | Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers.
The campaign involved deploying TensorFlow pods on Kubernetes clusters, with the pods running legitimate TensorFlow images from the official Docker Hub account. However, the container images were configured to execute rogue commands that mine |
Uber | ||
|
2021-06-09 03:17:22 | EBook – Creating a Large Company Security Stack on a Lean Company Budget (lien direct) | The speed at which malicious actors have improved their attack tactics and continue to penetrate security systems has made going bigger the major trend in cybersecurity.
Facing an evolving threat landscape, organizations have responded by building bigger security stacks, adding more tools and platforms, and making their defenses more complex-a new eBook from XDR provider Cynet (read it here). |
Threat | ||
|
2021-06-08 23:07:06 | Update Your Windows Computers to Patch 6 New In-the-Wind Zero-Day Bugs (lien direct) | Microsoft on Tuesday released another round of security updates for Windows operating systems and other supported software, squashing 50 vulnerabilities, including 6 zero-days that are said to be under active attack.
The flaws were identified and resolved in Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge (Chromium-based and EdgeHTML), SharePoint Server, Hyper-V, |
|||
|
2021-06-08 09:02:15 | Feds Secretly Ran a Fake Encrypted Chat App and Busted Over 800 Criminals (lien direct) | In a huge sting operation, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) ran an "encrypted chat" service called ANoM for almost 3 years to intercept 27 million messages between criminal gang members globally.
Dubbed Operation Ironside (AFP), Operation Greenlight (Europol), and Operation Trojan Shield (FBI), the long-term covert probe into transnational and |
|||
|
2021-06-08 03:37:24 | New UAF Vulnerability Affecting Microsoft Office to be Patched Today (lien direct) | Four security vulnerabilities discovered in the Microsoft Office suite, including Excel and Office online, could be potentially abused by bad actors to deliver attack code via Word and Excel documents.
"Rooted from legacy code, the vulnerabilities could have granted an attacker the ability to execute code on targets via malicious Office documents, such as Word, Excel and Outlook," researchers |
Vulnerability | ||
|
2021-06-08 03:08:52 | Top 10 Privacy and Security Features Apple Announced at WWDC 2021 (lien direct) | Apple on Monday announced a number of privacy and security-centric features to its upcoming versions of iOS and macOS at its all-online Worldwide Developers Conference.
Here is a quick look at some of the big-ticket changes that are expected to debut later this fall:
1 - Just Patches, Not Entire OS Update Every Time: As rumored before, users now have a choice between two software update versions |
|||
|
2021-06-08 00:56:59 | U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers (lien direct) | In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins (currently valued at $2.3 million) paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California.
The ransomware attack also hobbled the pipeline company's fuel supply, prompting the government to |
Ransomware |
To see everything:
Our RSS (filtrered)
