What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-23 14:58:47 | HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT (lien direct) | Researchers at Qurium Media Foundation published a report that provides insight on how Sandvine DPI performs the blocking, and how it can be detected. Sandvine has during recent years become infamous for its support to Internet repressive regimes, such as Belarus, Azerbaijan, Egypt, where its DPI equipment is used to block independent media and human rights organizations. This […] | |||
|
2020-09-23 14:34:00 | Samba addresses the CVE-2020-1472 Zerologon Vulnerability (lien direct) | Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication […] | Vulnerability | ||
|
2020-09-23 10:47:35 | HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? (lien direct) | Researchers at Qurium Media Foundation analyzed the blocking implemented by four different operators in Belarus. September 23, 2020 Qurium analyzes the blocking implemented by four different operators in Belarus Belarus operators use their own infrastructure to implement the blocking Block techniques include transparent web proxies, injection of HTTP responses, stateless and stateful SSL DPI and […] | |||
|
2020-09-23 10:06:30 | Group-IB detects a series of ransomware attacks by OldGremlin (lien direct) | Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. The Russian-speaking threat actors are relatively new to the Big Game Hunting. Since […] | Ransomware Threat | ||
|
2020-09-23 09:36:35 | Russia-linked APT28 targets govt bodies with fake NATO training docs (lien direct) | Russia-linked cyberespionage group APT28 uses fake NATO training documents as bait in attacks aimed at government bodies. The Russia-linked cyberespionage group APT28 is behind a string of attacks that targeting government bodies with Zebrocy Delphi malware. The malicious code was distributed using fake NATO training materials as bait and had a very low detection rate […] | APT 28 | ||
|
2020-09-22 22:21:06 | (Déjà vu) CISA\'s advisory warns of notable increase in LokiBot malware (lien direct) | US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new security advisory warning federal agencies and the private sector of a surge in the attacks employing the LokiBot […] | Malware Threat | ||
|
2020-09-22 19:52:44 | Operation DisrupTor: police arrested 179 vendors engaged in the sale of illicit good (lien direct) | A global police sting dubbed Operation DisrupTor targeted vendors and buyers of illicit goods on the dark web, Europol announced. A coordinated operation conducted by law enforcement agencies across the world, dubbed Operation DisrupTor, targeted vendors and buyers of illicit goods on the dark web. The operation, led by the German federal criminal police, saw […] | |||
|
2020-09-22 16:55:07 | (Déjà vu) German investigators blame Russian DoppelPaymer gang for deadly hospital attack (lien direct) | The investigation of German authorities on the recent attack on the Dusseldorf hospital reveals the possible involvement of Russian hackers. Last week, German authorities revealed that a cyber attack hit a major hospital in Duesseldorf, the Duesseldorf University Clinic, and a woman who needed urgent admission died after she had to be taken to another […] | |||
|
2020-09-22 12:39:12 | Hackers hit Luxottica, production stopped at two Italian plants (lien direct) | The Italian eyewear and eyecare giant Luxottica has reportedly suffered a cyber attack that disrupted its operations in Italy and China. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass […] | |||
|
2020-09-22 09:47:19 | A member The Dark Overlord group sentenced to 5 years in prison (lien direct) | A United Kingdom national, member of 'The Dark Overlord' hacking group was sentenced to five years in federal prison, announced the US DoJ. The United Kingdom national Nathan Wyatt (39), a member of 'The Dark Overlord' hacking group, was extradited to the United States in December 2019. The man was charged by U.S. authorities on six counts of aggravated […] | |||
|
2020-09-21 22:51:48 | Alleged Activision hack, 500,000 Call Of Duty players impacted (lien direct) | Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto. According to Dexerto, the login for Activision […] | Data Breach | ||
|
2020-09-21 20:18:56 | Discount Rules for WooCommerce WordPress plugin gets patch once again (lien direct) | It has happened again, users of the Discount Rules for WooCommerce WordPress plugin have to install a third patch to fix 2 high-severity XSS flaws. Developers of the Discount Rules for WooCommerce WordPress plugin have revealed for the third time a security patch to address two high-severity cross-site scripting (XSS) flaws that could be exploited […] | |||
|
2020-09-21 18:13:04 | FERC, NERC joint report on cyber incident response at electric utilities (lien direct) | The US FERC and NERC published a study on cyber incident response at electric utilities that also includes recovery best practices. The U.S. Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) released a study on cyber incident response and recovery best practices for electric utilities. The report is based on information […] | |||
|
2020-09-21 10:43:12 | US House Passes IoT Cybersecurity Improvement Act (lien direct) | The U.S. House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. The U.S. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. The IoT Cybersecurity Improvement Act First was first introduced in […] | |||
|
2020-09-21 06:58:29 | DHS CISA orders federal agencies to fix Zerologon flaw by Monday (lien direct) | DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism […] | Vulnerability | ||
|
2020-09-20 14:06:15 | Mozi Botnet is responsible for most of the IoT Traffic (lien direct) | The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware, it appeared on the threat landscape in late 2019. The Mozi botnet was spotted by security experts from 360 […] | Threat | ||
|
2020-09-20 11:59:01 | NCSC warns of a surge in ransomware attacks on education institutions (lien direct) | The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. The British security agency is urging the institutions in the industry to follow the recommendations […] | Ransomware | ||
|
2020-09-20 09:39:26 | Security Affairs newsletter Round 282 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Gaming hardware manufacturer Razer suffered a data leak CIRWA Project tracks ransomware attacks on critical infrastructure Popular Marketing Tool exposes data of users of dating sites Staples discloses data breach […] | Ransomware Data Breach Tool | ||
|
2020-09-20 09:13:26 | IPG Photonics high-performance laser developer hit with ransomware (lien direct) | IPG Photonics, a leading U.S. manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. The company was founded in 1990 in Russia by physicist Valentin Gapontsev, it employs over 4,000 people […] | Ransomware Guideline | ||
|
2020-09-19 18:28:57 | Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug (lien direct) | Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network. Mozilla has addressed a vulnerability that can be abused by attackers to hijack all the Firefox for Android browsers on the same WiFi network and force them to visit malicious sites, […] | Vulnerability | ||
|
2020-09-19 06:45:36 | Twitter announces measures to protect accounts of people involved in 2020 Presidential election (lien direct) | Twitter announced that it will adopt new security measures to protect high-profile accounts during the upcoming election in the United States. Twitter announced new measures to protect high-profile accounts during the upcoming US Presidential election. The types of accounts that are in this designated group are: US Executive Branch and Congress US Governors and Secretaries […] | |||
|
2020-09-18 17:47:35 | Rampant Kitten \'s arsenal includes Android malware that bypasses 2FA (lien direct) | Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Rampant Kitten has been active at least since 2014 and was involved in […] | Malware | ||
|
2020-09-18 15:52:22 | Chinese hackers stole info from Spanish centers working on Covid19 vaccine (lien direct) | Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19, El Pais newspaper revealed. The El Pais newspaper reported that Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19. While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, […] | |||
|
2020-09-18 11:44:24 | US DoJ charges Iranian hackers for attacks on US satellite companies (lien direct) | The US Department of Justice announced the indictment of three Iranian hackers for hacking US aerospace and satellite companies. Three Iranian hackers residing in Iran have been indicted for stealing data from aerospace and satellite tracking companies. The hackers were employed in a coordinated campaign of identity theft and hacking on behalf of Iran's Islamic […] | |||
|
2020-09-18 09:38:15 | Ransomware en masse on the wane: top threats inside web-phishing in H1 2020 (lien direct) | Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 - Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It came as no […] | Ransomware Threat | ||
|
2020-09-18 08:29:30 | CISA Named Top-Level Root CVE Numbering Authority (CNA) (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). The US Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA), it will be overseeing CNAs in assigning CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices. […] | |||
|
2020-09-17 21:30:19 | Maze ransomware uses Ragnar Locker virtual machine technique (lien direct) | The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. This technique was first adopted by Ragnar Locker gang in […] | Ransomware Malware | ||
|
2020-09-17 17:39:17 | Drupal addressed XSS and information disclosure flaws (lien direct) | Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) flaws in the popular content management system (CMS). Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) vulnerabilities in the popular content management system (CMS). The most severe issue, tracked as CVE-2020-13668, is a critical reflected XSS issue affecting Drupal 8 and 9. Let’s remind that Drupal uses […] | |||
|
2020-09-17 15:54:30 | Major Duesseldorf hospital infected with ransomware, patient died for consequences (lien direct) | A major hospital in Duesseldorf was hit by a cyber attack, a woman who needed urgent admission died after she had to be hijacked to another city. The news is shocking, German authorities revealed that a cyber attack hit a major hospital in Duesseldorf, the Duesseldorf University Clinic, and a woman who needed urgent admission […] | |||
|
2020-09-17 11:26:39 | SunCrypt ransomware operators leak data of University Hospital New Jersey (lien direct) | University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online. The incident took place in September. The UHNJ is […] | Ransomware Threat | ||
|
2020-09-17 09:59:53 | APT41 actors charged for attacks on more than 100 victims globally (lien direct) | US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The United States Department of Justice this week announced indictments against five Chinese nationals believed to be members of the cyber-espionage group known as APT41 (Winnti, Barium, Wicked Panda and Wicked Spider). US authorities are […] | Guideline | APT 41 | |
|
2020-09-16 22:36:00 | Source code of Cerberus banking Trojan leaked on underground forums (lien direct) | The source code of the infamous Cerberus banking Trojan has been released for free on underground hacking forums following a failed auction. The author of the Cerberus banking Trojan has released the source code of the malware on underground hacking forums following a failed auction. In July, the authors of the notorious Cerberus Android banking trojan auctioned […] | Malware | ||
|
2020-09-16 21:13:40 | NSA publishes guidance on UEFI Secure Boot customization (lien direct) | The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations. The Unified Extensible Firmware Interface (UEFI) is a specification that defines […] | |||
|
2020-09-16 12:42:20 | US CISA report shares details on web shells used by Iranian hackers (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. A web shell is a code, often written in typical web development programming languages (e.g., ASP, PHP, JSP), that attackers implant on web servers to gain remote access and code […] | Malware | ||
|
2020-09-16 09:23:47 | New MrbMiner malware infected thousands of MSSQL DBs (lien direct) | A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. According to security firm Tencent, the team of […] | Malware Threat | ||
|
2020-09-15 23:05:46 | Microsoft open-sourced its Project OneFuzz fuzzing framework for Azure (lien direct) | Microsoft released the Project OneFuzz, an open-source fuzzing framework for its cloud computing service Azure. Microsoft this week announced the release of the Project OneFuzz which is an open-source fuzzing framework for its cloud computing service Azure. The project was previously used by the IT giant to find vulnerabilities in the popular service. “Today, we're […] | |||
|
2020-09-15 21:14:42 | Out-of-band security update fixes Adobe Media Encoder issu (lien direct) | Adobe has released an out-of-band security update to address three ‘Important’ security vulnerabilities in the Adobe Media Encoder. Adobe has released an out-of-band security update for Adobe Media Encoder that addresses three ‘Important’ Information Disclosure flaws. The three vulnerabilities could be exploited by an attacker to access sensitive information that is leaked in the security […] | |||
|
2020-09-15 19:37:27 | Experts warn of surge in DDoS attacks targeting education institutions (lien direct) | Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. While the popularity of online learning is increasing due to the ongoing Coronavirus pandemic, threat actors are launching distributed denial-of-service (DDoS) on education institutions and the academic industry across the world. The DDoS attacks are causing […] | Threat | ||
|
2020-09-15 12:19:38 | UK NCSC releases the Vulnerability Disclosure Toolkit (lien direct) | The British National Cyber Security Centre (NCSC) released a guideline, dubbed The Vulnerability Disclosure Toolkit, for the implementation of a vulnerability disclosure process. The UK National Cyber Security Centre (NCSC) has released a guideline, dubbed The Vulnerability Disclosure Toolkit, on how to implement a vulnerability disclosure process. The guidelines highlight the importance for any organization […] | Vulnerability | ||
|
2020-09-15 09:16:41 | China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange (lien direct) | CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking […] | |||
|
2020-09-14 21:08:09 | Thousands of Magento stores hacked in a few days in largest-ever skimming campaign (lien direct) | Thousands of Magento online stores have been hacked over the past few days as part of the largest ever skimming campaign. Security experts from cybersecurity firm Sansec reported that nearly 2,000 Magento online stores have been hacked over the past few days as part of the largest ever Magecart-style campaign. Most of the hacked sites […] | |||
|
2020-09-14 15:32:25 | Staples discloses data breach exposing customer order data (lien direct) | Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. The office retail giant sent out a data breach notification letter to the […] | Data Breach Threat | ||
|
2020-09-14 11:48:28 | (Déjà vu) Zerologon attack lets hackers to completely compromise a Windows domain (lien direct) | Zerologon attack allows threat actors to take over enterprise networks by exploiting the CVE-2020-1472 patched in the August 2020 Patch Tuesday. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. The CVE-2020-1472 flaw is an elevation of privilege […] | Threat | ||
|
2020-09-14 08:42:52 | (Déjà vu) Popular Marketing Tool exposes data of users of dating sites (lien direct) | Personal details of hundreds of users of dating sites were exposed online earlier this month. An Elasticsearch server containing personal details of hundreds of thousands of dating site users were exposed online without authentication. The unsecured database was discovered by security researchers from vpnMentor at the end of August. “vpnMentor's research team recently received a report from […] | Tool | ||
|
2020-09-14 05:53:49 | CIRWA Project tracks ransomware attacks on critical infrastructure (lien direct) | Researchers from Temple University have been tracking ransomware attacks on critical infrastructure all over the world. A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide. The project was launched in September 2019 and […] | Ransomware | ||
|
2020-09-13 17:08:16 | Fairfax County Public Schools hit by Maze ransomware (lien direct) | Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators. Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators. FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion […] | Ransomware | ||
|
2020-09-13 11:53:37 | Security Affairs newsletter Round 281 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Visa warns of new sophisticated credit card skimmer dubbed Baka WhatsApp discloses six previously undisclosed flaws Chilean bank BancoEstado hit by REVil ransomware Epic Manchego gang uses Excel docs that […] | Ransomware | ||
|
2020-09-13 11:28:24 | Gaming hardware manufacturer Razer suffered a data leak (lien direct) | Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online. Gaming hardware manufacturer Razer has suffered a data leak, this is the discovery made by the security researcher Bob Diachenko. The expert discovered an unsecured database that exposed the information of approximately 100,000 individuals who purchased […] | |||
|
2020-09-12 17:12:30 | Bank of Seychelles hit by a ransomware attack (lien direct) | The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. DBS is a joint venture by the Seychelles government and some shareholders including […] | Ransomware | ||
|
2020-09-12 14:18:15 | INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years (lien direct) | The INVDoS (Bitcoin Inventory Out-of-Memory Denial-of-Service)Attack would have allowed hackers to crash Bitcoin nodes and alternative chains. Two years ago, the Bitcoin protocol engineer Braydon Fuller. discovered a major uncontrolled memory resource consumption denial-of-service vulnerability (INVDoS), tracked as CVE-2018-17145, that affected the peer-to-peer network code of three implementations of Bitcoin and other blockchains, including Litecoin, Namecoin, […] | Vulnerability |
To see everything:
Our RSS (filtrered)
