What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-03 20:49:15 | Alleged China-linked hackers used SolarWinds bug to breach National Finance Center (lien direct) | Alleged China-linked hackers have exploited a flaw in the SolarWinds Orion software to hack systems at the U.S. National Finance Center. FBI investigators discovered that allegedly China-linked hackers have exploited a flaw in the SolarWinds Orion software to break into the systems of the U.S. National Finance Center. The National Finance Center is a federal […] | Hack | ||
|
2021-02-03 16:57:23 | Recently discovered CVE-2021-3156 SUDO bug also affects macOS Big Sur (lien direct) | Experts warn that the recently discovered heap-based buffer overflow bug in Linux SUDO also impacts the latest version of Apple macOS Big Sur. Recently Qualys researchers found a Sudo vulnerability, tracked as CVE-2021-3156, that has allowed any local user to gain root privileges on Unix-like operating systems without authentication. Sudo is one of the most important, powerful, […] | |||
|
2021-02-03 06:38:44 | Hackers stole personnel records of software developer Wind River (lien direct) | The global leader of embedded system software Wind River Systems discloses a data breach that resulted in the theft of customers’ personal information. Wind River Systems, a global leader in delivering software for smart connected systems, discloses a data breach. The company claims its technology is found in more than 2 billion products, it develops […] | Data Breach Guideline | ||
|
2021-02-02 23:52:51 | (Déjà vu) Cyber Defense Magazine – February 2021 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine February 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 108 pages of excellent content. 108 PAGESLOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK HERE AND GRAB THIS VERSION AND […] | |||
|
2021-02-02 19:26:09 | Police Exam Database Exposes 500K Indian Citizens \' PII (lien direct) | CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the threat actor does not mention the name of an organization, the data provided in the sample is clearly associated with a police exam conducted on 22 Dec 2019. Discovery of the leak CloudSEK's proprietary risk […] | Threat | ★★★★★ | |
|
2021-02-02 16:57:29 | Kobalos, a complex Linux malware targets high-performance computing clusters (lien direct) | ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed a new piece of malware, dubbed Kobalos, that was employed in attacks against high-performance computing clusters (HPC). The name Kobalos comes from a small sprite from Greek mythology, a mischievous creature fond of tricking and frightening mortals. Kobalos is a […] | Malware | ||
|
2021-02-02 10:21:49 | (Déjà vu) Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs (lien direct) | Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. According to ZDNet, threat actors are using VMWare ESXi exploits to encrypt the disks of virtual machines deployed in […] | Ransomware Threat | ||
|
2021-02-02 07:20:44 | CISA: Many victims of SolarWinds hackers had no direct connection to SolarWinds (lien direct) | The U.S. CISA reveals that many of the victims of the SolarWinds hackers had no direct connection to SolarWinds. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that many of the organizations targeted by SolarWinds hackers had not direct link to the supply chain attack. “While the supply chain compromise of SolarWinds first highlighted […] | |||
|
2021-02-01 22:13:52 | Experts discovered a new Trickbot module used for lateral movement (lien direct) | Experts spotted a new Trickbot module that is used to scan local networks and make lateral movement inside the target organization. Cybersecurity researchers discovered a new module of the Trickbot malware, dubbed ‘masrv’, that is used to scan a local network and make lateral movement inside the target organization. The masrv module leverage the Masscan open-source utility […] | |||
|
2021-02-01 18:45:36 | Operation NightScout: supply chain attack on NoxPlayer Android emulator (lien direct) | Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and Macs. A new supply chain attack made the headlines, a threat actor has compromised the update process of NoxPlayer, a free Android emulator for Windows and Macs developed by BigNox. The company claims to have […] | Threat | ||
|
2021-02-01 13:53:26 | Experts warn of active exploitation of SonicWall zero-day in the wild (lien direct) | Researchers from the security firm NCC Group warn of the exploitation in the wild of a SonicWall zero-day vulnerability. Security experts from the firm NCC Group have detected “indiscriminate” exploitation of a SonicWall zero-day in attacks in the wild, ZDNet reported. NCC Group first disclosed the attacks on SonicWall devices on Sunday but did not […] | |||
|
2021-02-01 11:59:03 | Google discloses a severe flaw in widely used Libgcrypt encryption library (lien direct) | Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. The popular white hat hacker Tavis Ormandy of Google Project Zero discovered a severe heap buffer overflow flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption software could have allowed a remote attacker to write […] | |||
|
2021-02-01 07:32:45 | Exploiting a bug in Azure Functions to escape Docker (lien direct) | Expert disclosed an unpatched vulnerability in Microsoft Azure Functions that could be exploited to escape the Docker container hosting them. Cybersecurity researcher Paul Litvak from Intezer Lab disclosed an unpatched vulnerability in Microsoft Azure Functions that could be exploited by an attacker to escalate privileges and escape the Docker container that hosts them. The experts […] | Vulnerability | ||
|
2021-01-31 16:05:25 | Experts explain how to bypass recent improvement of China\'s Great Firewall (lien direct) | Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it. Last year, the group published a detailed analysis […] | |||
|
2021-01-31 12:52:57 | Security Affairs newsletter Round 299 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Chipmaker Intel reveals that an internal error caused a data leak Hacker leaks data of 2.28M users of […] | |||
|
2021-01-31 11:27:14 | New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs (lien direct) | The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and Redis installs. The cybercrime group Rocke is using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis intalls. The malware is an evolution of a Monero cryptocurrency […] | Malware | APT 32 | |
|
2021-01-30 21:37:25 | UScellular data breach: attackers ported customer phone numbers (lien direct) | US wireless carrier UScellular discloses data breach, personal information of customers may have been exposed and their phone numbers ported. US wireless carrier UScellular discloses a data breach that exposed personal information of its customers. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over 4.9 million customers in 426 […] | Data Breach | ||
|
2021-01-30 18:51:06 | UK Research and Innovation (UKRI) discloses ransomware attack (lien direct) | A ransomware infected the systems at the UK Research and Innovation (UKRI), at leat two services were impacted. The UK Research and Innovation (UKRI) discloses a ransomware incident that impacted a number of UKRI-related web assets. Two services were impacted, a portal for our UK Research Office (UKRO) based in Brussels and an extranet used […] | Ransomware | ||
|
2021-01-30 14:17:20 | (Déjà vu) Victims of FonixCrypter ransomware could decrypt their files for free (lien direct) | FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. The FonixCrypter gang also closed its Telegram channel that was used to […] | Ransomware Threat | ||
|
2021-01-29 22:43:33 | Domain for programming website Perl.com hijacked (lien direct) | Threat actors took over the domain name perl.com and pointed it to an IP address associated with malware campaigns. Attackers have taken over the official domain name of The Perl Foundation perl.com and pointed it to an IP address associated with malware campaigns. Users are recommended to avoid visiting the domain. The domain Perl.com was […] | Malware | ||
|
2021-01-29 18:42:00 | (Déjà vu) Experts addressed flaws in Popup Builder WordPress plugin (lien direct) | Multiple issues in WordPress ‘Popup Builder’ Plugin could be exploited by hackers to perform various malicious actions on affected websites. Developers behind the “Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter” WordPress plugin have recently addressed multiple vulnerabilities that can be exploited to perform various malicious actions on affected websites. The plugin […] | |||
|
2021-01-29 14:49:07 | Microsoft: North Korea-linked Zinc APT targets security experts (lien direct) | Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers from Microsoft monitored a cyber espionage campaign aimed at vulnerability researchers and attributed the attacks to North Korea-linked Zinc APT group. “In recent months, Microsoft has detected cyberattacks targeting security researchers by an […] | Vulnerability Medical | APT 38 | |
|
2021-01-29 00:00:15 | Oscorp, a new Android malware targets Italian users (lien direct) | Researchers at the Italian CERT warns of new Android malware dubbed Oscorp that abuses accessibility services for malicious purposes. Researchers from security firm AddressIntel spotted a new Android malware dubbed Oscorp, its name comes from the title of the login page of its command-and-control server. Like other Android malware, the Oscorp malware trick users into granting […] | Malware | ||
|
2021-01-28 22:08:59 | Lebanese Cedar APT group broke into telco and ISPs worldwide (lien direct) | Clearsky researchers linked the Lebanese Cedar APT group to a cyber espionage campaign that targeted companies around the world. Clearsky researchers linked the Lebanese Cedar group (aka Volatile Cedar) to a cyber espionage campaign that targeted companies around the world. The APT group has been active since 2012, experts linked the group to the Hezbollah […] | |||
|
2021-01-28 15:59:38 | TeamTNT group adds new detection evasion tool to its Linux miner (lien direct) | The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn. Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker […] | Tool | ||
|
2021-01-28 13:51:37 | LogoKit, a new phishing kit that dynamically creates phishing forms (lien direct) | Researchers from RiskIQ have discovered a new phishing kit dubbed LogoKit that dynamically compose phishing content. Researchers from RiskIQ discovered a new phishing kit that outstands for its ability to dynamically create phishing messages to target specific users. LogoKit has a modular structure that makes it easy to implement a phishing-as-as-Service model. This toolkit, unlike […] | |||
|
2021-01-28 08:16:27 | CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite (lien direct) | The U.S. CISA published a security advisory for High-Severity flaws in some SCADA/HMI products made by Japanese company Fuji Electric. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security advisory to warn industrial organizations of some high severity flaws in SCADA/HMI products made by Japanese electrical equipment company Fuji Electric. The vulnerabilities affect […] | |||
|
2021-01-27 23:28:26 | (Déjà vu) Law enforcement announced global action against NetWalker Ransomware (lien direct) | A joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. Law enforcement authorities in the U.S. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations. “The […] | Ransomware | ★★★ | |
|
2021-01-27 21:36:38 | Emotet Botnet dismantled in a joint international operation (lien direct) | A global operation of law enforcement has dismantled the infrastructure of the infamous Emotet botnet. A global operation of law enforcement, lead by Europol, has dismantled the infrastructure of the infamous Emotet botnet. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. In the middle-August, the malware was […] | Threat Guideline | ||
|
2021-01-27 19:14:54 | Pwn2Own 2021, more than $1,500,000 in cash and prizes for contestants (lien direct) | Trend Micro's Zero Day Initiative announced the Pwn2Own Vancouver 2021 hacking competition that will also cover Zoom, MS Teams Exploits. Trend Micro's Zero Day Initiative (ZDI) on this week announced the forthcoming Pwn2Own Vancouver 2021 hacking competition that will take place on April 6-8. The organizers provided information about the targets, prizes and rules for […] | |||
|
2021-01-27 15:54:55 | Maritime port cybersecurity (lien direct) | Let’s talk about cyber risk in the maritime and port setting to better understand Maritime Port cybersecurity. In order to better understand the evolutionary trend of worldwide shipping and port facilities from 2007 to present, it is necessary to talk again about cyber risk in the maritime and port setting. It is not the purpose […] | |||
|
2021-01-27 14:01:15 | Apple addresses three iOS zero-day flaws exploited in the wild (lien direct) | Apple has addressed three zero-day vulnerabilities in its iOS operating system that have been exploited in the wild. Apple has addressed three zero-day vulnerabilities in iOS that have been exploited in the wild with the release of security updates (iOS 14.4). The first zero-day issue, tracked as CVE-2021-1782, is a race condition that resides in the […] | |||
|
2021-01-27 09:13:03 | Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges (lien direct) | CVE-2021-3156 Sudo vulnerability has allowed any local user to gain root privileges on Unix-like operating systems without authentication. Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system. sudo is a program for Unix-like computer operating systems that allows […] | Vulnerability | ||
|
2021-01-26 22:35:03 | Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack (lien direct) | Security vendors Fidelis, Mimecast, Palo Alto Networks, and Qualys revealed that were also impacted by SolarWinds supply chain attack The SolarWinds supply chain attack is worse than initially thought, other security providers, confirmed that they were also impacted. Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed to have installed tainted updates of the SolarWinds Orion […] | Hack | ||
|
2021-01-26 18:20:46 | (Déjà vu) Threat Report Portugal: Q4 2020 (lien direct) | Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also supported by a healthy community […] | Malware | ||
|
2021-01-26 15:35:10 | TikTok privacy issue could have allowed stealing users\' private details (lien direct) | A vulnerability in the video-sharing social networking service TikTok could have allowed hackers to steal users’ private personal information. Developers at ByteDance, the company that owns TikTok, have fixed a security vulnerability in the popular video-sharing social networking service that could have allowed attackers to steal users’ private personal information. Check Point researchers found a vulnerability in Find Friends […] | Vulnerability | ||
|
2021-01-26 11:51:57 | North Korea-linked campaign targets security experts via social media (lien direct) | Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. According to the Google team that focuses on nation-state attacks, a North Korea-linked APT group has targeted experts that are working on the research […] | Threat | ||
|
2021-01-25 23:12:05 | Dutch police arrested two people for the illegal sale of COVID-19 patient data (lien direct) | Dutch police arrested two individuals for allegedly selling COVID-19 patient data stolen from the Dutch health ministry. Dutch police have arrested two individuals in the country for selling COVID-19 patient data stolen from the national COVID-19. The availability of COVID-19 patient data in the cybercrime underground was spotted by the RTL Nieuws reporter Daniel Verlaan. […] | |||
|
2021-01-25 21:16:47 | Ransomware attack hit WestRock IT and OT systems (lien direct) | Packaging giant WestRock disclosed a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. American corrugated packaging company WestRock announced it was the victim of a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. WestRock did not share details about the security incident, it only confirmed that its […] | Ransomware | ||
|
2021-01-25 19:24:39 | Cryptomining DreamBus botnet targets Linux servers (lien direct) | Zscaler's research team recently spotted a Linux-based malware family, tracked as DreamBus botnet, targeting Linux servers. Researchers at Zscaler's ThreatLabZ research team recently analyzed a Linux-based malware family, tracked as DreamBus Botnet, which is a variant of SystemdMiner. The bot is composed of a series of Executable and Linkable Format (ELF) binaries and Unix shell scripts. The […] | Malware | ||
|
2021-01-25 08:41:52 | Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked (lien direct) | Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web. Leaked data includes names, e-mails, mobile numbers, encrypted passwords, user […] | Threat | ||
|
2021-01-24 22:55:08 | Tesla sues former employee for allegedly stealing sensitive docs (lien direct) | Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his personal Dropbox On Saturday, Tesla sued the former employee Alex Khatilov for allegedly stealing 26,000 confidential documents, including trade secrets. The software engineer transferred the sensitive files to his personal Dropbox account. Khatilov stole files […] | |||
|
2021-01-24 18:40:58 | Hacker leaks data of 2.28M users of dating site MeetMindful (lien direct) | A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported that the well-known threat actor ShinyHunters has leaked the data of more than 2.28 million users registered on the dating site MeetMindful, The threat actor leaked the data for free download on a publicly accessible hacking […] | Threat | ||
|
2021-01-24 13:40:04 | Security Affairs newsletter Round 298 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Critical flaws in Orbit Fox WordPress plugin allows site takeover EMA said that hackers manipulated stolen documents before leaking them Security Affairs newsletter Round 297 500K+ records of C-level people […] | |||
|
2021-01-24 12:51:56 | Chipmaker Intel reveals that an internal error caused a data leak (lien direct) | The chipmaker Intel Corp. revealed that an internal error it the root cause of a data leak, it confirmed that corporate network was not impacted. The computer chipmaker Intel Corp. confirmed that an internal error is the cause of a data leak that prompted it to release a quarterly earnings report early. Intel chief financial officer, […] | |||
|
2021-01-23 22:11:27 | ADT employee pleads guilty for accessing cameras installed by the company (lien direct) | A former ADT employee pleads guilty for accessing the cameras he installed at the home of the company’s customers in the Dallas area. Telesforo Aviles (35) is a former ADT employee that pleaded for accessing the cameras he installed at the home of the company’s customers. Every time the man worked at the home of […] | Guideline | ||
|
2021-01-23 16:06:37 | MrbMiner cryptojacking campaign linked to Iranian software firm (lien direct) | Sophos experts believe that an Iranian company is behind a recently uncovered MrbMiner crypto-jacking campaign targeting SQL servers. Sophos researchers that investigated the recently uncovered crypto-mining campaign targeting SQL servers with MrbMiner malware believe that it was conducted by an Iran-based company. In September, a group of hackers launched brute-force attacks on MSSQL servers with […] | Malware | ||
|
2021-01-23 10:05:28 | Security firm SonicWall was victim of a coordinated attack (lien direct) | The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vulnerabilities […] | Threat | ★★ | |
|
2021-01-22 22:39:24 | FSB warns Russian businesses of cyber attacks as retaliation for SolarWinds hack (lien direct) | Russian authorities are alerting Russian organizations of potential cyberattacks launched by the United States in response to SolarWinds attack. The Russian intelligence agency FSB has issued a security alert this week warning Russian organizations of potential cyberattacks launched by the United States in response to the SolarWinds supply chain attack. The alert was issued after […] | Hack | ||
|
2021-01-22 18:38:05 | KindleDrip exploit – Hacking a Kindle device with a simple email (lien direct) | KindleDrip: Amazon addressed a number of flaws affecting the Kindle e-reader that could have allowed an attacker to take control of victims’ devices. Security experts at Realmode Labs discovered multiple vulnerabilities in the Kindle e-reader that could have allowed an attacker to take over victims’ devices. The researchers noticed that the “Send to Kindle” feature allows Kindle […] |
To see everything:
Our RSS (filtrered)
