What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-06-29 06:10:00 | Hackers compromised Gentoo Linux GitHub Page and planted a malicious code (lien direct) | The development team of the Gentoo Linux distribution notifies users that hackers compromised one of the GitHub accounts and planted a malicious code. Developers of the Gentoo Linux distribution announced that hackers compromised one of the GitHub accounts used by the organization and planted a malicious code. “Today 28 June at approximately 20:20 UTC unknown […] | |||
|
2018-06-29 05:52:05 | Ticketmaster suffered a data breach and blamed a third-party provider over the incident (lien direct) | The entertainment ticketing service Ticketmaster announced it has suffered a data breach that exposed personal and payment customer information. Hackers accessed name, address, email address, telephone number, payment details and Ticketmaster login details of company customers. According to the company, attackers installed a malicious code on customer support product hosted by Inbenta Technologies, an external […] | Data Breach | ||
|
2018-06-28 19:26:03 | Apophis Squad hacker group is the alleged responsible for the DDoS attack against ProtonMail (lien direct) | A massive DDoS attack hit encrypted email provider ProtonMail, experts believe it was powered by Russian hackers. On Wednesday morning, ProtonMail informed customers that its systems were under attack that was causing a delay in the delivery of the messages. Our network is under attack again. No data is breached or lost, but emails will be […] | |||
|
2018-06-28 11:12:00 | Ops … the DoublePulsar NSA-Linked implant now works also on Windows Embedded devices (lien direct) | This is a very bad news for security community, the NSA-linked DoublePulsar exploit can now target Windows Embedded devices. The DoublePulsar exploit was released publicly in April 2017 by ShadowBrockers hackers that allegedly stole them from the NSA. The hackers leaked a huge trove of hacking tools and exploit codes used by the US intelligence agency, most of […] | |||
|
2018-06-28 06:35:01 | Talos releases ThanatosDecryptor, a free Thanatos Ransomware decryptor (lien direct) | Experts from Cisco's Talos team released a free decryption tool for the Thanatos ransomware to recover the files without paying the ransom. The Thanatos ransomware first appeared in the threat landscape in February when it was discovered by researchers at the MalwareHunterTeam. The experts from Talos believe the malware is being actively developed, it was being distributed […] | Ransomware Malware Tool Threat | ||
|
2018-06-27 18:27:04 | Unpatched WordPress file deletion vulnerability could allow site takeover and code execution (lien direct) | Seven months ago, security experts discovered a critical file deletion vulnerability that affects all WordPress versions, currently, the issue is still unpatched. The vulnerability could be exploited to complete takeover of the websites running the popular CMS and gain arbitrary code execution. The issue is severe if we consider the potential impact, WordPress is the most popular CMS […] | Vulnerability | ||
|
2018-06-27 12:29:03 | FastBooking Hotel booking software firm suffered a data breach (lien direct) | A security breach suffered by the Hotel booking software provider FastBooking has affected hundreds of hotels worldwide. The Hotel booking software provider FastBooking is the last victim of a data breach, the incident exposed personal details and payment card data of guests from affected hotels. FastBooking offers hotel booking platform to more than 4,000 hotels in 100 […] | Data Breach | ||
|
2018-06-27 04:59:04 | (Déjà vu) Recently discovered RANCOR cyber espionage group behind attacks in South East Asia (lien direct) | Security researchers at Palo Alto Networks have uncovered a new cyber espionage group tracked as RANCOR that has been targeting entities in South East Asia. According to the experts, the RANCOR APT group has been targeting political entities in Singapore, Cambodia, and Thailand, and likely in other countries, using two previously unknown strain of malware. The two […] | |||
|
2018-06-27 04:41:01 | Russian police detained cybercriminals who broke into the accounts of 700,000 customers of popular Internet stores (lien direct) | The Ministry of Internal Affairs of the Russian Federation and Group-IB have detained cybercriminals who broke into the accounts of 700,000 customers of popular Internet stores The Administration “K” of the MIA of Russia, with the assistance of Group-IB, an international company specializing in the prevention of cyberattacks and the development of information security products, […] | |||
|
2018-06-26 20:14:03 | The Wi-Fi Alliance announced the launch of the WPA3 security standard (lien direct) | The Wi-Fi Alliance announced late on Monday the launch of the WPA3 security standard that promises to increase the Wi-Fi security. The Wi-Fi Alliance officially launched the WPA3, the new Wi-Fi security standard that will address all known security issues affecting the precious standards and will mitigate wireless attacks such as the KRACK attacks and DEAUTH attacks. The Wi-Fi […] | |||
|
2018-06-26 13:47:05 | Recent spam campaigns powered by Necurs uses Internet Query File attachments (lien direct) | Trend Micro experts reported the Necurs botnet has been using Internet Query (IQY) files in recent spam campaigns to bypass security protections. The Necurs botnet is currently the largest spam botnet, it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware, the Scarab ransomware, […] | Spam Malware | ||
|
2018-06-26 11:30:00 | One more reason to hate your cellphone battery when it sends private data to the bad actors (lien direct) | Security Researchers demonstrated how a “poisoned” cellphone battery in smartphones can be leveraged to “infer characters typed on a touchscreen We’ve heard about stealing information through blinking hard drive lights and computer speakers but would you believe the battery in your cell phone can also leak potentially sensitive information? Researchers at Technion Center for Security Science and Technology (CSST), Hebrew […] | |||
|
2018-06-26 05:14:01 | Misconfigured Java web server component Jolokia expose website at cyber attacks (lien direct) | Several websites using the misconfigured Java web server component Jolokia, including those operated by financial organizations. are exposed to cyber attacks. Websites using a misconfigured Java web server component are exposed to cyber attacks. Several high-profile websites including those operated by financial organizations were affected by issues. The security researcher Mat Mannion discovered some flaws […] | |||
|
2018-06-26 04:44:00 | Lazarus APT hackers leverages HWP Documents in a recent string of attacks (lien direct) | Security researchers at AlienVault uncovered a series of cyber attacks on cryptocurrency exchanges leveraging weaponized Hangul Word Processor HWP documents (Hangul Word Processor documents). The string of attacks involving the HWP documents has been attributed to the North Korea-linked Lazarus APT group, and includes the hack of the South Korean virtual currency exchange Bithumb. The hackers […] | Hack Threat | Bithumb APT 38 | |
|
2018-06-25 18:26:01 | China Tick APT group targeting air-gapped systems in Asia (lien direct) | Palo Alto Networks experts uncovered a new operation conducted by the cyber espionage group known as Tick APT that has been targeting a secure USB drive built by a South Korean defense company. The Tick APT group has been active for at least a decade, tracked also as Bronze Butler, it was first spotted in 2016 by […] | |||
|
2018-06-25 13:40:01 | Oracle issued security patches for recently discovered Spectre and Meltdown issues (lien direct) | Last week Oracle started releasing software and microcode updates for products affected by the recently disclosed variants of the Spectre and Meltdown flaws. In May, tech giants Intel, AMD, ARM, IBM, Microsoft and other tech firms teamed to disclose two new variants of both Meltdown and Spectre issues. The so-called Variant 4 (CVE-2018-3639) relies on a Speculative Store Bypass (SSB), […] | |||
|
2018-06-25 07:22:05 | UK Tax Agency HMRC has recorded the voice tracks of 5.1 Million Brits (lien direct) | The UK-based privacy group Big Brother Watch revealed that the British tax agency HMRC has recorded the voice of over 5.1 million Britons. The UK-based privacy and civil liberties group Big Brother Watch has revealed that the British tax agency HMRC (Her Majesty’s Revenue and Customs) has recorded the voice of over 5.1 million Britons. […] | |||
|
2018-06-25 06:52:02 | CSE Malware ZLab – A new variant of Ursnif Banking Trojan served by the Necurs botnet hits Italy (lien direct) | Malware researchers from CSE Cybsec ZLab discovered a missed link between the Necurs Botnet and a variant of the Ursnif trojan that recently hit Italy. Starting from 6th June, a new version of the infamous banking trojan Ursnif hit Italian companies. This malware is well known to the cyber-security community, the Ursnif banking Trojan was […] | Malware | ||
|
2018-06-24 13:37:05 | WannaSpam – Beware messages from WannaCry-Hack-Team, it is the last hoax (lien direct) | WannaSpam – Many users have received a mysterious message that claims their PC was infected by WannaCry Ransomware. Crooks ask victims to pay a ransom, but it’s a scam. Many users have received a mysterious message from a group that called itself the “WannaCry-Hack-Team” that claims that WannaCry Ransomware has returned. The mail informs the recipients that their computer has […] | Wannacry | ||
|
2018-06-24 10:42:04 | (Déjà vu) Security Affairs newsletter Round 168 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · ClipboardWalletHijacker miner hijacks your Ether and Bitcoin […] | |||
|
2018-06-24 10:09:00 | Vulnerabilities in Fredi Wi-Fi baby monitor can be exploited to use it a spy cam (lien direct) | Vulnerabilities in Fredi Wi-Fi baby monitor could be exploited by a remote unauthenticated attacker to control it and spy on the family. Security researchers at SEC Consult reported discovered that vulnerabilities in Fredi Wi-Fi baby monitor could be exploited by a remote unauthenticated attacker to control it and spy on the family. The investigation started when […] | |||
|
2018-06-24 08:19:00 | A hacker devised a method to unlock any iPhone and iPad device (lien direct) | A security researcher has devised a method to brute force a passcode on every Apple iPhone or iPad, even the up-to-date ones. Since iOS 8 rolled out in 2014, iPhone and iPad devices are protected with encryption, without providing passcode it is quite impossible to unlock the device. If the user enters more than 10 times […] | |||
|
2018-06-23 16:56:01 | Supreme Court of the US Police ruled that police need warrant for mobile location data (lien direct) | The Supreme Court of the US ruled that police must obtain a search warrant before obtaining mobile location data from mobile carriers and similar services. The Supreme Court of the United States ruled this week that law enforcement must obtain a search warrant before obtaining cell phone location information from mobile carriers or third-party services. […] | |||
|
2018-06-23 13:07:03 | According to the experts, North Korea is behind the SWIFT attacks in Latin America (lien direct) | SWIFT hackers continue to target banks worldwide, the last string of attacks hit financial institutions across Latin America. According to three people with knowledge of the matter cited by Cyberscoop the attacks were carried by North Korea-linked APT groups that targeted also other banks Recent attacks hit Mexico's Bancomext and Chile's Bank of Chile, in both cases the attackers used a […] | |||
|
2018-06-23 08:06:03 | Wavethrough CVE-2018-8235 flaw in Microsoft Edge leaks sensitive data (lien direct) | A flaw in the Edge browser, dubbed Wavethrough, addressed by latest Microsoft Patch Tuesday for June 2018 could be exploited to read restricted data. A bug in the Edge browser addressed by latest Microsoft Patch Tuesday for June 2018 could be exploited by attackers via malicious or compromised websites to read restricted data. The flaw was reported by […] | |||
|
2018-06-22 17:19:05 | Crooks exploit CVE-2018-7602 Drupal flaw, aka Drupalgeddon3 to deliver Monero miner (lien direct) | Crooks are attempting to exploit a recently patched Drupal vulnerability, tracked as CVE-2018-7602, to drop Monero mining malware onto vulnerable systems. The CVE-2018-7602 flaw is a highly critical remote code execution issue, also known as Drupalgeddon3, that was addressed by the Drupal team in April with the release of versions 7.59, 8.4.8 and 8.5.3. The security patch for the […] | Malware | ||
|
2018-06-22 08:27:00 | GZipDe Downloader spotted serving a Metasploit backdoor (lien direct) | Security experts from AlienVault have spotted a new piece of malware named GZipDe that was used in a cyber-espionage campaign. GZipDe is downloader that is used by threat actors to fetch other payloads from a server controlled by attackers. The malware was detected after user from Afghanistan has uploaded a weaponized Word document on VirusTotal service, the […] | Malware Threat | ||
|
2018-06-22 05:40:03 | Red Alert 2.0 Android Trojan available for rent in the underground at $500 per Month (lien direct) | According to researchers at Trustwave, the source code of the Red Alert 2.0 Android Trojan is now available for rent on cybercrime underground forums at $500 per month. The experts discovered the latest variant because received a malicious apk via mail and analyzed it. “It all started with a spam message, which curiously had an Android App attachment. […] | Spam | ||
|
2018-06-21 20:06:03 | 6 Security Flaws in Smart Speakers You Need to Know About (lien direct) | Connectivity and functionality may offer us convenience, but as with any new connected technology like smart speakers also come with security concerns. How would you feel about having a device in your home that’s always listening to what’s going on, standing ready to record, process and store any information it receives? That might be a […] | |||
|
2018-06-21 19:34:03 | Cisco security updates address five critical issues in NX-OS Software (lien direct) | Cisco released security patches for more than 30 vulnerabilities, including five Critical arbitrary code execution issues affecting the NX-OS Software Cisco released security patches for more than 30 vulnerabilities including five Critical arbitrary code execution issues affecting the NX-API feature of NX-OS Software (CVE-2018-0301) and the Fabric Services component of FXOS Software and NX-OS Software […] | |||
|
2018-06-21 12:44:00 | Magento credit card stealer Reinfector allows reinfect sites with malicious code (lien direct) | Cybercriminals used the ‘credit card stealer reinfector’ to reinfect the websites and continue to steal personal and financial data. Researchers at Sucuri reported crooks are using a very simple evasion technique to reinfect Magento websites after their malicious code has been removed. Cybercriminals have devised a method to hide the malicious code, the ‘credit card stealer reinfector’, used to […] | |||
|
2018-06-21 06:29:00 | Building a malware distribution network is too easy with Kardon Loader (lien direct) | Researchers at Netscout Arbor have discovered a malware downloader advertised on underground forums as a paid open beta product, its name is Kardon Loader. Researchers from Netscout Arbor have discovered a downloader advertised on underground forums dubbed Kardon Loader, it allows customers to build a malware distribution network or a botshop. Advs for Kardon Loader were first discovered on April 21, 2018, the author […] | |||
|
2018-06-21 05:53:01 | Chronicle launches VirusTotal Monitor to reduce false positives (lien direct) | Alphabet owned cybersecurity firm Chronicle announced the launch of a new VirusTotal service that promises to reduce false positives. VirusTotal Monitor service allows developers to upload their application files to a private cloud store where they are scanned every day using anti-malware solutions from antivirus vendors in VirusTotal. Every time the service flags the file as malicious, […] | |||
|
2018-06-20 19:59:01 | Flight tracking service Flightradar24 suffered a data breach (lien direct) | The popular flight tracking service Flightradar24 has discovered a data breach that affected one of its servers. The company notified the incident to its users via email and asked them to change their passwords, affected users' passwords have been reset. FlightRadar24 promptly reported the incident to the Swedish Data Protection Authority in order to comply with the […] | |||
|
2018-06-20 14:37:03 | China-linked Thrip APT group target defense and satellite firms (lien direct) | Symantec tracked a new APT group named Thrip that targeted0 satellite operators, telco companies and defense contractors in the US and Southeast Asia. Chinese APT groups are always very active, experts at Symantec have tracked a new APT group named Thrip that has breached the systems of satellite operators, telecommunications companies and defense contractors in the United States and Southeast Asia. The […] | |||
|
2018-06-20 11:08:01 | (Déjà vu) Hackers Steal $31 Million from South Korean cryptocurrency exchange Bithumb (lien direct) | Just weeks after Korean exchange Coinrail was hacked, the Bithumb crypto exchange was hacked, crooks stole over $30 million in cryptocurrency. It has happened again, for the second time in a year, the cryptocurrency exchange Bithumb has been hacked. The South Korean cryptocurrency exchange confirmed that hackers stole 35 billion won ($31.6 million) worth of cryptocurrency […] | Bithumb | ||
|
2018-06-20 08:27:05 | ZeroFont phishing attack can bypass Office 365 protections (lien direct) | ZeroFont phishing attack – Crooks are using a new technique that involves manipulating font sizes to bypass Office 365 protections. According to cloud security firm Avanan, one of the detection mechanisms in Office 365 involves natural language processing to identify the content of the messages typically used in malicious emails. For example, an email including […] | |||
|
2018-06-20 07:33:00 | Olympic Destroyer was involved in a new wave of cyber attacks (lien direct) | Olympic Destroyer, the malicious code that was used in attacks against Winter Games in Pyeongchang, was involved in a new wave of cyber attacks. The same malware used in recent Olympic Winter Games in Pyeongchang, tracked as Olympic Destroyer, has been used in a new wave of attacks against organizations in Germany, France, the Netherlands, Russia, Switzerland, […] | |||
|
2018-06-19 19:31:00 | Does Cryptocurrency Encourage Crime? (lien direct) | Is cryptocurrency making some wrongdoings harder to commit while making others more rampant in society? Does Cryptocurrency Encourage Crime? People hear a lot about how cryptocurrency - and particularly the blockchain technology associated with it - could decrease some kinds of crime because it's so transparent and all transactions become part of an unchangeable record. […] | |||
|
2018-06-19 17:13:04 | Ex-CIA employee Joshua Adam Schulte charged with leaking Vault 7 dumps (lien direct) | An Ex-CIA employee, Joshua Adam Schulte (29), has been charged with stealing classified national defense information and sharing Vault 7 dumps with WikiLeaks. Yesterday, the Department of Justice announced that Schulte has been charged with 13 count indictment. In middle May, both The New York Times and The Washington Post, revealed the name of the alleged source of the Vault 7 […] | |||
|
2018-06-19 12:47:05 | (Déjà vu) Deprecating TLS 1.0 and TLS 1.1 … kill them now! (lien direct) | The Internet-Draft document if approved formally deprecates Transport Layer Security versions 1.0 (TLS 1.0) [RFC2246] and 1.1 (TLS 1.1) [RFC4346]. In March, the Internet Engineering Task Force (IETF) finally announced the approval of TLS 1.3, the new version of the Transport Layer Security traffic encryption protocol. It was a long journey, the IETF has been analyzing proposals for TLS 1.3 since April 2014, the […] | |||
|
2018-06-19 08:01:02 | (Déjà vu) HeroRAT – A totally new Telegram-based Android RAT is spreading in the wild (lien direct) | Malware researchers from ESET have discovered a new strain of Android RAT, tracked as HeroRat, that leverages Telegram protocol for command and control, and data exfiltration. HeroRat isn’t the first malware abusing Telegram protocol, past investigation reported similar threats like TeleRAT and IRRAT. The new RAT has been in the wild at least since August 2017 and in March […] | |||
|
2018-06-19 05:11:01 | Don\'t install Fortnite Android APK because it could infect your mobile device (lien direct) | Fortnite is currently the most popular game, crooks are attempting to exploit the interest in forthcoming Fortnite Android to infect millions of fans. No doubt, Fortnite is currently the most popular game, it is a co-op sandbox survival game developed by Epic Games and People Can Fly. The game was released as a paid-for early access title […] | |||
|
2018-06-18 20:31:01 | Hacking more than 400 Axis camera models by chaining 3 flaws (lien direct) | Researchers from cybersecurity firm VDOO have discovered several vulnerabilities affecting nearly 400 security cameras from Axis Communications. Researchers from cybersecurity firm VDOO have conducted a study on IoT devices and discovered seven vulnerabilities in cameras manufactured by Axis Communications. According to the vendor, nearly 400 models are affected by the issue and Axis has released […] | |||
|
2018-06-18 15:18:04 | DHS, FBI published a join alert including technical details of Hidden Cobra-linked \'Typeframe\' Malware (lien direct) | The US DHS and the FBI have published a new joint report that includes technical details of a piece of malware allegedly used by the Hidden Cobra APT. A new joint report published by US DHS and FBI made the headlines, past document details TTPs associated with North Korea-linked threat groups, tracked by the US government as […] | Medical | TYPEFRAME APT 38 | |
|
2018-06-18 12:41:02 | China-Linked APT15 is still very active, experts found its new malware tracked as \'MirageFox\' (lien direct) | Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […] | APT 15 APT 25 | ||
|
2018-06-18 06:22:04 | Android-based devices Amazon Fire TV and Fire Stick hit by cryptomining malware (lien direct) | A new crypto mining malicious code dubbed ADB.miner is targeting Android-based devices Amazon Fire TV and Fire Stick. Recently, security experts spotted the crypto mining malware ADB.miner (Android.CoinMine.15) targeting Amazon Fire TV and Fire TV Stick devices. The malicious code is active at least since February when researchers at Qihoo 360's Netlab have spotted the Android mining botnet […] | |||
|
2018-06-18 05:51:05 | Apple USB Restricted Mode feature will make hard for law enforcement to crack devices (lien direct) | Apple introduced a new feature in the latest beta versions of iOS, dubbed USB Restricted Mode, to improve the security of a locked device, Apple is implementing a new feature dubbed USB Restricted Mode to improve the security of its device, it is going to lock down the iPhone's data port to avoid unauthorized access, […] | |||
|
2018-06-17 13:47:05 | Two Critical flaws affect Schneider Electric U.motion Builder. Patch them now! (lien direct) | Schneider Electric has patched last week four flaws affecting the U.motion Builder software, including two critical command execution vulnerabilities. Schneider Electric U.motion Builder is a tool designed for creating projects for U.motion devices that are used in critical manufacturing, energy, and commercial facilities industries. “This exploit occurs when the submitted data of an input string is evaluated […] | |||
|
2018-06-17 12:33:04 | (Déjà vu) Security Affairs newsletter Round 167 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · Crooks used a KilllDisk wiper in an […] |
To see everything:
Our RSS (filtrered)
