What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-02 08:17:29 | (Déjà vu) Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords (lien direct) | Security expert discovered a Google Chrome extension named Shitcoin Wallet that steals passwords and wallet private keys. Harry Denley, director of security at the MyCrypto, discovered that the Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys. The Google Chrome extension was injecting JavaScript code on web pages to steal passwords and […] | |||
|
2020-01-01 17:34:31 | Mariah Carey \'s Twitter Hacked on New Year\'s Eve (lien direct) | Another celebrity was the victim of the hackers, Mariah Carey ‘s Twitter account appears to have been hacked on New Year’s Eve. The Twitter account of Mariah Carey was hacked on New Year’s Eve, attackers posted a series of offensive, racist and lewd tweets. The messages also contained sexual insults against the about rapper Eminem. […] | |||
|
2020-01-01 14:30:02 | Irish National Cyber Security Strategy warns of attacks on Irish data centres (lien direct) | The Irish government has published its National Cyber Security Strategy, it is an update of the country’s first Strategy which was published in 2015. The 2019 National Cyber Security Strategy aims to allow Ireland to continue to safely enjoy the benefits of the digital revolution and play a full part in shaping the future of […] | |||
|
2020-01-01 12:19:03 | Expert finds Starbucks API Key exposed online (lien direct) | Developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The development team at Starbucks left exposed an API key that could be used by an attacker to access company internal systems and manipulate the list of authorized users. […] | |||
|
2019-12-31 16:48:47 | Dark web Grey Market still down, users speculate possible Exit Scam (lien direct) | Exit scam – Bad news for Grey Market users, one of its administrators revealed that another administrator had emptied the cold storage wallets. According to one of the admins of the Grey Market marketplace one of the admins, ‘theiving‘, has stolen all the users’ funds the platform stored for the escrow service. “ you can […] | |||
|
2019-12-31 14:43:54 | DHS report – Voting systems in North Carolina county in 2016 were not hacked (lien direct) | Computer faults that disrupted voting in a North Carolina county in 2016 were not caused by cyber attacks, a federal investigation states. On Monday, the U.S. Department of Homeland Security shared the results of an investigation on computer errors that disrupted voting in a North Carolina county in 2016, authorities were not able to associate […] | |||
|
2019-12-31 09:48:57 | Nonprofit organization Special Olympics New York hacked and its server used to send phishing emails (lien direct) | Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities was hacked. Special Olympics New York provides inclusive opportunities for people with intellectual disabilities to compete in Olympic-style, coached sports. Unfortunately, the nonprofit organization was hacked during the Christmas holiday and the attackers later used its email server to launch […] | |||
|
2019-12-30 21:57:04 | Microsoft sued North Korea-linked Thallium group (lien direct) | Microsoft sued Thallium North Korea-linked APT for hacking into its customers’ accounts and networks via spear-phishing attacks. Microsoft sued a North Korea-linked cyber espionage group tracked as Thallium for hacking into its customers’ accounts and networks via spear-phishing attacks. The hackers target Microsoft users impersonating the company, according to a lawsuit unsealed Dec. 27 in […] | Cloud | APT 37 | |
|
2019-12-30 15:41:43 | Wawa faces several lawsuits following a massive payment card breach (lien direct) | Recently the Wawa convenience store chain disclosed a payment card breach, news of the day is that Wawa is facing lawsuits over the incident. The Wawa convenience store chain is facing a wave of lawsuits over a recent security breach that affected its 850 locations in the US. Wawa convenience store chain disclosed a payment card breach, its security […] | ★★★★★ | ||
|
2019-12-30 13:58:10 | Vladimir Putin \'s computers still run Windows XP, Media reports (lien direct) | Russia is one of the most advanced cyber states, but according to the media President Vladimir Putin ‘s personal PC is apparently still running Win XP. The news is curious and it probably has little real if not the fact that Vladimir Putin is not a super cyber security expert, although he knows its importance […] | ★★★★ | ||
|
2019-12-30 11:15:51 | UN approves Russia-Cina sponsored resolution on new cybercrime convention (lien direct) | The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The resolution was sponsored by Russia and China and has alarmed rights groups that fear the bid could threaten online freedom. […] | |||
|
2019-12-30 09:27:32 | UAE government denies using ToTok for mass surveillance (lien direct) | The United Arab Emirates denied reports that the popular mobile app ToTok was used as part of a government massive surveillance program. According to a report recently published by the New York Times, the popular app ToTok was used by the UAE government as a surveillance tool. It has been removed from both Apple and […] | |||
|
2019-12-29 16:49:55 | Security experts disclosed Wyze data leak (lien direct) | IoT vendor Wyze announced that one of its servers exposed the details of roughly 2.4 million customers. IoT vendor Wyze announced that details of roughly 2.4 million customers were accidentally exposed online. The company produces inexpensive smart home products and wireless cameras. The leak was reported to Wyze on December 26th at around 10:00 AM […] | |||
|
2019-12-29 12:58:44 | A new trojan Lampion targets Portugal (lien direct) | New trojan called 'Lampion' has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. SI-LAB noted that Portuguese users were targeted with malscam messages […] | |||
|
2019-12-29 12:33:56 | Security Affairs newsletter Round 246 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Experts warn of Greta Thunberg-themed Emotet malware campaign Former contractor sentenced to 10 months in prison for hacking airline Jet2 UK authorities sentenced hacker who blackmailed Apple for $100,000 Champagne Bakery Cafe and Islands burger chain disclose payment […] | Malware | ||
|
2019-12-29 09:25:34 | A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor (lien direct) | Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. Security experts from Fortinet’s enSilo have discovered a new loader, dubbed BIOLOAD, associated with the financially-motivated group FIN7. The group that has been active since late 2015 targeted businesses worldwide […] | Tool | ||
|
2019-12-18 19:58:41 | Trend Micro observed notable malware activity associated with the Momentum Botnet (lien direct) | Security experts recently found notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Malware researchers from Trend Micro recently observed notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices […] | Malware | ||
|
2019-12-18 15:12:06 | Flaws in Acer and ASUS pre-installed software could lead to arbitrary code execution (lien direct) | Experts found several flaws in Acer and ASUS software preinstalled on most of their PCs that could lead to privilege escalation and arbitrary code execution. SafeBreach experts discovered several vulnerabilities in Acer and ASUS software that comes pre-installed on most PCs from these vendors. The flaws could be exploited by attackers for privilege escalation and […] | Guideline | ||
|
2019-12-18 12:43:45 | (Déjà vu) Lab test provider LifeLabs disclose a data breach that exposed personal info of 15M customers (lien direct) | Lab test provider LifeLabs has disclosed a data breach that exposed personal information for up to 15 million Canadians. Lab test provider LifeLabs announced that personal information for up to 15 million Canadians have been exposed after an unauthorized user gained access to their systems. LifeLabs notified its customers via letter, exposed data includes names, […] | Data Breach | ||
|
2019-12-18 08:19:44 | Gangnam Industrial Style APT campaign targets industrial firms worldwide (lien direct) | Experts discovered that at least 200 companies were the victims of a campaign, dubbed Gangnam Industrial Style, carried out by an advanced persistent threat (APT) group. Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South […] | Threat | ||
|
2019-12-17 20:43:46 | (Déjà vu) Dacls RAT, the first Lazarus malware that targets Linux devices (lien direct) | Researchers spotted a new Remote Access Trojan (RAT), dubbed Dacls, that was used by the Lazarus APT group to target both Windows and Linux devices. Experts at Qihoo 360 Netlab revealed that the North-Korea Lazarus APT group used a new Remote Access Trojan (RAT), dubbed Dacls, to target both Windows and Linux devices. The activity […] | Malware | APT 38 | |
|
2019-12-17 15:31:34 | A WhatsApp bug could have allowed crashing of all group members (lien direct) | WhatsApp fixed a severe bug that could have allowed a malicious group member to crash the messaging app for all members of the same group. WhatsApp addressed a severe vulnerability that could have allowed a malicious group member to crash the messaging app for all members of the same group. An attacker could trigger the […] | Vulnerability | ||
|
2019-12-17 12:57:38 | TP-Link Archer routers allow remote takeover without passwords (lien direct) | TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. TP-Link addressed a critical zero-day vulnerability (CVE-2017-7405) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. “This is a zero-day flaw that was […] | Vulnerability | ||
|
2019-12-17 09:16:48 | Online Retailer LightInTheBox exposes unsecured DB containing 1.3TB of web server logs (lien direct) | vpnMentor researchers discovered an unsecured server belonging to the Chinese e-store LightInTheBox.com containing 1.3TB of web server logs. Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. LightInTheBox is a Chinese online retailer trading on the New York Stock Exchange, most of its […] | ★★★★ | ||
|
2019-12-17 07:16:39 | A study reveals the list of worst passwords of 2019 (lien direct) | Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. The company collected […] | ★★★ | ||
|
2019-12-16 21:29:23 | A thief stole hard drives containing Facebook payroll data from a car (lien direct) | Facebook informed its employees that hard drives containing information about its workers’ payroll were stolen from a car last month. On Friday, Facebook announced that hard drives containing information about its workers’ payroll were stolen from a car last month. According to the company, a thief stole unencrypted hard drives containing banking data belonging to […] | ★★ | ||
|
2019-12-16 15:12:19 | Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products (lien direct) | Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […] | |||
|
2019-12-16 13:00:51 | Experts found binary planting and arbitrary file overwrite flaws in NPM (lien direct) | NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute “binary planting” attacks. NPM maintainers have addressed a vulnerability that could allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed, so-called “binary planting” attacks. The vulnerability […] | Vulnerability | ||
|
2019-12-16 07:00:54 | Ryuk Ransomware is suspected to be involved in the New Orleans cyberattack (lien direct) | New evidence suggests that in the recent attack against the systems at the City of New Orleans was used the Ryuk ransomware. Over the weekend, New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019. The IT […] | Ransomware | ||
|
2019-12-15 19:37:56 | From iPhone to NT AUTHORITY\SYSTEM – exploit \'Printconfig\' dll with a real-world example (lien direct) | From iPhone to NT AUTHORITY\SYSTEM – As promised in my previous post, I will show you how to exploit the “Printconfig” dll with a real world example. But what does Apple's iPhone have to do with it?? Well, keep on reading… (sorry no) Some time ago, me and my “business partner” @padovah4ck, were looking for possible privileged […] | |||
|
2019-12-06 13:07:46 | VMware addresses ESXi issue disclosed at the Tianfu Cup hacking competition (lien direct) | VMware has addressed a critical remote code execution vulnerability in ESXi that was disclosed recently at the Tianfu Cup hacking competition. This week VMware has released security updates that fix a critical remote code execution vulnerability in ESXi that was recently disclosed by white hat hackers at the Tianfu Cup hacking competition in China. The Tianfu […] | Vulnerability | ★★★★ | |
|
2019-12-06 07:27:15 | CVE-2019-14899 flaw allows hijacking VPN connections on Linux, Unix systems (lien direct) | Researchers discovered a vulnerability tracked as CVE-2019-14899 that can be exploited to hijack active TCP connections in a VPN tunnel Researchers from the University of New Mexico have discovered a vulnerability, tracked as CVE-2019-14899, that can be exploited by an attacker to determine if a user is connected to a VPN and hijack active TCP […] | Vulnerability | ★★★★★ | |
|
2019-12-05 12:34:51 | China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors (lien direct) | China is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG, a forum used by Hong Kong residents to organize protests. The Great Cannon Distributed Denial of Service (DDoS) tool was used again by the Chinese government, this time it was used to target the LIHKG forum used by Hong Kong protesters to […] | Tool | ||
|
2019-12-05 07:34:30 | CyrusOne, one of the major US data center provider, hit by ransomware attack (lien direct) | Ransomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection. A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware. The company reported the incident to law […] | Ransomware | ||
|
2019-12-05 06:41:32 | The evolutions of APT28 attacks (lien direct) | Analyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. APT28 is a well known Russian cyber espionage group attributed, with a medium level of confidence, to Russian military intelligence agency GRU (by CrowdStrike). It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it's used to target Aereospace, Defence, Governmente Agencies, International […] | APT 28 | ||
|
2019-12-05 06:15:45 | Iran-Linked APT groups target energy, industrial sectors with ZeroCleare Wiper (lien direct) | Experts spotted a piece of malware dubbed ZeroCleare that has been used in highly targeted attacks aimed at energy and industrial organizations in the Middle East. Security experts at IBM X-Force found a piece of malware dubbed ZeroCleare (the name ZeroCleare comes from the path in the binary file) that has been used in highly targeted […] | Malware | ||
|
2019-12-04 15:37:35 | Two malicious Python libraries were stealing SSH and GPG keys (lien direct) | The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The Python security team removed two tainted Python libraries from PyPI (Python Package Index) that were found stealing SSH and GPG keys from the projects of infected developers. […] | |||
|
2019-12-04 06:35:37 | Mozilla removed 4 Avast and AVG extensions for spying on Firefox users (lien direct) | Mozilla has removed four extensions from Avast and AVG from the Firefox site that are suspected to track user activity online. Four Avast and AVG Firefox extensions have been removed from Mozilla Addons Site over concerns of spying of users. “This add-on violates Mozilla’s add-on policy by collecting data without user disclosure or consent,” explained […] | ★★★ | ||
|
2019-12-04 06:28:12 | Talos experts found a critical RCE in GoAhead Web Server (lien direct) | Experts at Cisco Talos found two vulnerabilities in the GoAhead embedded web server, including a critical remote code execution flaw. GoAhead is the world’s most popular, tiny embedded web server. It is developed by EmbedThis that defines it as compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and […] | ★★★★★ | ||
|
2019-11-29 09:39:47 | Group-IB presents its annual report on global threats to stability in cyberspace (lien direct) | Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has analyzed key recent changes to the global cyberthreat landscape. According to Group-IB's experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. The […] | |||
|
2019-11-29 07:09:17 | (Déjà vu) Dutch National Cyber Security Centre warns ransomware infected thousands of businesses (lien direct) | According to a confidential report from the Dutch National Cyber Security Centre (NCSC), at least 1,800 companies were infected with 3 ransomware. A confidential report published by the Dutch National Cyber Security Centre (NCSC) revealed that at least 1,800 companies are affected by three strains of ransomware across the world. According to the report, the […] | Ransomware | ||
|
2019-11-28 18:48:00 | RevengeHotels campaign – crooks target the hospitality industry (lien direct) | RevengeHotels campaign – The hospitality industry continues to be a privileged target for cybercriminals that target hotels, restaurant chains, and tourism services. Security experts at Kaspersky have published a report on a targeted cybercrime malware campaign, tracked as RevengeHotels, that hit hotels, hostels, hospitality and tourism companies. According to the experts, the threat actor has […] | Malware Threat | ||
|
2019-11-28 13:58:40 | (Déjà vu) A Ransomware infected the network of the cybersecurity firm Prosegur (lien direct) | A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. The network of the Prosegur firm was infected with a piece of the Ryuk […] | Ransomware | ★★★★ | |
|
2019-11-27 22:49:38 | Adobe revealed that the Magento Marketplace was hacked (lien direct) | Adobe discloses security breach impacting Magento Marketplace users Adobe discloses a security breach that affected the users of the Magento marketplace website, the incident was discovered last week. Adobe disclosed a security breach that affected the users of the Magento Marketplace portal, the security team discovered the incident on November 21. The Magento Marketplace is […] | |||
|
2019-11-27 21:03:55 | Law enforcement agencies arrested 79 people involved in fraudulent online purchases of flight tickets (lien direct) | Law enforcement agencies arrested 79 people worldwide as part of the Global Airline Action Days operation to fight fraudulent online purchases of flight tickets An international operation of law enforcement to fight fraudulent online purchases of flight tickets resulted in the arrest of 79 people as part of the Global Airline Action Days (GAAD). Crooks […] | |||
|
2019-11-27 14:14:29 | Upbit cryptocurrency exchange hacked, crooks stole $48.5 million worth of ETH (lien direct) | Another South Korean cryptocurrency exchange was hacked, this time the victim is Upbit that lost $48.5 million in cryptocurrency. The South Korean cryptocurrency exchange Upbit disclosed a security breach, the company told its customers that hackers have stolen $48.5 million in crypto-currency from its hot wallet. The company has halted its operations on Wednesday, customers […] | |||
|
2019-11-27 07:10:09 | Microsoft warns of Dexphot miner, an interesting polymorphic threat (lien direct) | Microsoft revealed that the new Dexphot cryptocurrency miner has already infected more than 80,000 computers worldwide. Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency, according to […] | Threat | ||
|
2019-11-27 05:55:12 | Full(z) House Magecart group mix phishing and MiTM in its attacks (lien direct) | A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. Security experts at RiskIQ continue to monitor activities of several Magecart groups, recently they spotted a new crew, tracked as Full(z) House, that leverages phishing and web skimming for its attacks. The Full(z) […] | |||
|
2019-11-26 21:55:32 | Kaspersky addressed multiple issues in online protection solutions (lien direct) | Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus, Security Cloud, and Small Office Security products. The vulnerabilities were found by the security researcher Wladimir […] | |||
|
2019-11-26 15:45:09 | Czech intelligence report warns of Russian and Chinese activity in the country (lien direct) | A Czech intelligence report states that Russian and Chinese cyberspies carried out several attacks against the country during 2018. The Czech intelligence agency ‘Security Information Service (BIS)’ published a report on the activities related to 2018 that claims that Russian and Chinese cyberspies carried out several attacks against the country. The agency claims that nation-state […] |
To see everything:
Our RSS (filtrered)
