What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-14 15:52:50 | Zerodium will no longer acquire certain types of iOS exploits due to surplus (lien direct) | The popular zero-day broker Zerodium announced new limitations it the submission of certain types of iOS exploits due to surplus. The exploit broker Zerodium announced that it's no longer accepting certain types of iOS exploits due to surplus, this implies that prices for them will drop in the near future. The company announced via Twitter that […] | |||
|
2020-05-14 11:53:32 | China-linked hackers are attempting to steal COVID-19 Vaccine Research (lien direct) | US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal COVID-19 vaccine research. US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal research related to treatments and vaccines for COVID-19. “The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this […] | |||
|
2020-05-14 10:20:30 | Google WordPress Site Kit plugin grants attacker Search Console Access (lien direct) | Experts found a critical bug in Google’s official WordPress plugin ‘Site Kit’ that could allow hackers to gain owner access to targeted sites’ Google Search Console. The Site Kit WordPress plugin makes it easy to set up and configure key Google products (i.e. Search Console, Analytics, Tag Manager, PageSpeed Insights, Optimize, and AdSense), giving users authoritative and […] | |||
|
2020-05-14 08:26:37 | New Ramsay malware allows exfiltrating files from air-gapped computers (lien direct) | Experts discovered a new strain of malware dubbed Ramsay that can infect air-gapped computers and steal sensitive data, including Word, PDF, and ZIP files. Researchers from security firm ESET discovered a new advanced malware framework named Ramsay that appears to have been designed to infect air-gapped computers and exfiltrate sensitive data. The malicious code collects […] | Malware | ||
|
2020-05-13 18:32:19 | Crooks continues to use COVID-19 lures, Microsoft warns (lien direct) | Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan. Lokibot was already employed in Coronavirus-themed campaigns, early of April, security experts at FortiGuard Labs discovered phishing attacks using alleged messages from the World Health Organization […] | |||
|
2020-05-13 14:26:13 | Chancellor Merkel has \'hard evidence\' of Russian hackers targeted her (lien direct) | German Chancellor Angela Merkel revealed that she is the target of an “outrageous” cyber espionage campaign carried out by Russia. German Chancellor Angela Merkel revealed that Russia-linked threat actors were targeting her in an “outrageous” cyberespionage campaign. “I can honestly say that it pains me. Every day I try to build a better relationship with […] | Threat | ||
|
2020-05-13 13:03:07 | Healthcare giant Magellan Health discloses data breach after ransomware attack (lien direct) | Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. Magellan Health Inc. is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. The company ranks 417 on the Fortune […] | Ransomware Data Breach | ||
|
2020-05-13 10:53:27 | Microsoft May 2020 Patch Tuesday fixes 111 flaws, 13 Critical (lien direct) | Microsoft May 2020 Patch Tuesday security updates address 111 vulnerabilities impacting 12 different products, including Windows, Edge, IE, and Office, Microsoft issued May 2020 Patch Tuesday security updates that addressed 111 vulnerabilities impacting 12 products, including Microsoft Windows, Microsoft Edge, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, Visual Studio, Microsoft […] | |||
|
2020-05-13 09:06:30 | Expert found 1,236 websites infected with Magecart e-skimmer (lien direct) | A security researcher is warning of a new wave of MageCart attackers, he has found over 1,000 domains infected with e-skimmers. MageCart gangs continue to be very active, security researcher Max Kersten discovered 1,236 domains hosting e-skimmer software. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with software skimmers. Security firms have […] | |||
|
2020-05-13 06:49:31 | USCYBERCOM shares five new North Korea-linked malware samples (lien direct) | The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT, it has uploaded the malicious code to VirusTotal. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the […] | Malware | APT 38 | |
|
2020-05-12 20:58:02 | Trojan Lampion is back after 3 months (lien direct) | Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file. Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. The latest campaigns in Portugal were observed […] | Malware | ||
|
2020-05-12 16:41:05 | Adobe addresses critical issues in Acrobat, Reader, and DNG SDK (lien direct) | Adobe has released security updates to address 36 vulnerabilities in Adobe Acrobat, Reader, and Adobe DNG Software Development Kit. Adobe has released security updates for Adobe Acrobat, Reader, and Adobe DNG Software Development Kit that address thirty-six security vulnerabilities in Adobe Acrobat, Reader, and Adobe DNG Software Development Kit. Sixteen vulnerabilities addressed by Adobe have […] | |||
|
2020-05-12 15:32:37 | Popular Page Builder WordPress plugin fixes critical issues. Update it now! (lien direct) | Two issues in the popular Page Builder by SiteOrigin WordPress plugin could be exploited to carry out code execution attacks on vulnerable websites. Two high severity vulnerabilities found in the Page Builder WordPress can be exploited by attackers to create new admin accounts and deliver malicious code taking over the compromised websites. The vulnerabilities are a Cross-Site Request […] | |||
|
2020-05-12 11:33:25 | Patch now your vBulletin install before hacker will target your forum (lien direct) | Maintainers of the vBulletin project have released an important fix to address a security vulnerability tracked as CVE-2020-12720. Administrators of online discussion forums based on the popular vBulletin CMS urge to update their install to address a critical security vulnerability tracked as CVE-2020-12720. “A security exploit has been reported within vBulletin 5.6.1. To fix this issue, […] | Vulnerability | ||
|
2020-05-12 09:22:50 | (Déjà vu) A cyber attack hit a port on Strait of Hormuz, Iran said (lien direct) | Iran ‘s officials revealed that hackers compromised and damaged a small number of computers at the port of Shahid Rajaei in the city of Bandar Abbas. Iranian officials announced on sunday that hackers damaged a small number of systems at the port of Shahid Rajaei in the city of Bandar Abbas. Bandar Abbas is the […] | |||
|
2020-05-12 07:39:59 | Zeus Sphinx continues to be used in Coronavirus-themed attacks (lien direct) | The Zeus Sphinx banking Trojan continues to evolve while receiving new updates it is employed in ongoing coronavirus-themed scams. IBM security researcher continues to monitor the evolution of the infamous Zeus Sphinx banking Trojan (aka Zloader or Terdot) that receives frequent updates and that was involved in active coronavirus scams. The Zeus Sphinx banking Trojan is based […] | |||
|
2020-05-11 20:21:22 | ATM vendor Diebold Nixdorf suffered a Ransomware attack (lien direct) | ATM maker Diebold Nixdorf discloses a ransomware attack, the good news is that the infection caused only “a limited IT systems outage.” Diebold Nixdorf, one of the major automatic teller machines (ATMs) maker suffered a ransomware attack that caused only “a limited IT systems outage.” The company discloses the security breach but pointed out that […] | Ransomware | ||
|
2020-05-11 16:45:53 | VMware is going to fix recent Salt issues in vROps (lien direct) | VMware is going to address vulnerabilities impacting the vRealize Operations Manager (vROps) product, including two recently disclosed Salt issues. Recently, researchers from F-Secure disclosed a number of vulnerabilities in the “Salt” framework, including two issues that have been exploited by attackers to take over Salt installations. The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory […] | |||
|
2020-05-11 15:57:24 | GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce (lien direct) | During COVID-19 outbreak data processors have to be extra vigilant to maintain their compliance with data protection authorities like GDPR. COVID-19 has abruptly changed the world. It has imposed online learning and earning, which in turn has open new doors of cybersecurity threats and data breaches. Now the data processors have to be extra vigilant […] | |||
|
2020-05-11 14:20:19 | Experts disclose security flaws in Oracle\'s iPlanet Web Server (lien direct) | Researchers discovered a set of issues impacting Oracle’s iPlanet Web Server that could result in sensitive data exposure and limited injection attacks. Researchers discovered two security flaws impacting Oracle’s iPlanet Web Server, tracked as CVE-2020-9315 and CVE-2020-9314, that could cause sensitive data exposure and limited injection attacks. The flaws have been discovered by experts at Nightwatch […] | |||
|
2020-05-11 12:23:39 | STAMINA, a new approach to malware detection by Microsoft, Intel (lien direct) | Microsoft and Intel have devised a new approach to malware detection, dubbed STAMINA, that involves deep learning and the representation of malware as images. STAtic Malware-as-Image Network Analysis (STAMINA) is a new approach to malware detection proposed by Microsoft and Intel. The study is based on a previous work of Intel's researchers on static malware […] | Malware | ||
|
2020-05-11 07:58:49 | Sodinokibi ransomware uses MS API to encrypt open and locked files (lien direct) | Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process. Many applications lock files to prevent […] | Ransomware Malware Threat | ||
|
2020-05-10 20:17:51 | Blue Mockingbird Monero-Mining campaign targets web apps (lien direct) | Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. Researchers at security firm Red Canary uncovered a Monero cryptocurrency-mining campaign, tracked as Blue Mockingbird, that exploits the CVE-2019-18935 vulnerability in web applications built on the ASP.NET framework. The deserialization vulnerability CVE-2019-18935 could be exploited by attackers to achieve remote […] | Vulnerability | ||
|
2020-05-10 15:23:11 | Swiss rail vehicle manufacturer Stadler hit by a malware-based attack (lien direct) | Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler, disclosed a security breach that might have also allowed the attackers to steal company data. Attackers confirmed that attackers compromised the IT network of the company and deployed some of its machines with malware that […] | Malware | ||
|
2020-05-10 14:15:34 | (Déjà vu) Shiny Hunters group is selling data from 11 companies on the Dark Web (lien direct) | Shiny Hunters hacking group is offering for sale on a dark web marketplace databases containing over 73.2 million user records from over 11 companies. A hacking group named Shiny Hunters is attempting to sell on a dark web hacking marketplace databases containing more than 73.2 million user records from 11 different companies. Shiny Hunters started offering […] | |||
|
2020-05-10 11:56:39 | (Déjà vu) Coronavirus-themed attacks May 03 – May 09, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 03 to May 09, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Below […] | Threat | ||
|
2020-05-10 11:34:08 | Security Affairs newsletter Round 263 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Coronavirus-themed attacks April 26 – May 02, 2020 Cyber Threats Observatory Gets Improvements Indias Jio Coronavirus symptom checker exposed test results TOKOPEDIA e-commerce […] | |||
|
2020-05-09 22:14:52 | North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT (lien direct) | North Korea-linked Lazarus APT group employed a Mac variant of the Dacls Remote Access Trojan (RAT) in recent attacks. North Korea-linked Lazarus APT already used at least two macOS malware in previous attacks, now researchers from Malwarebytes have identified a new Mac variant of the Linux-based Dacls RAT. The activity of the Lazarus APT group (aka HIDDEN COBRA) […] | Malware Medical | APT 38 | |
|
2020-05-09 14:31:45 | 3.68 Million MobiFriends User details leaked online (lien direct) | The personal details of 3.68 million MobiFriends users are available for download since April 2020, it seems that they have been stolen in January 2019. MobiFriends is an online service and Android app that allows registered users to meet new people online. The personal details of 3,688,060 MobiFriends registered users have been released online earlier this year and […] | |||
|
2020-05-09 10:49:45 | Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs (lien direct) | The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware group claims to have stolen gigabytes of legal documents from the entertainment and law firm Grubman Shire Meiselas & Sacks (GSMLaw) that has dozens of international stars and celebrities among […] | Ransomware | ||
|
2020-05-09 08:31:53 | SilverTerrier gang uses COVID-19 lures in BEC attacks against Healthcare, Government Organizations (lien direct) | Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. Researchers at Palo Alto Networks observed a Nigerian cyber gang, tracked as SilverTerrier and specialized in BEC attacks, using COVID-19 lures in a recent wave of attacks on healthcare and government organizations. SilverTerrier has been active since […] | |||
|
2020-05-08 17:36:30 | Microsoft investigates claims that its GitHub account has been hacked (lien direct) | Microsoft confirmed that it is investigating claims that its GitHub account has been hacked after some of its files were leaked online. Microsoft launched an investigation into the claims that its GitHub account has been hacked. Recently some files allegedly stolen from the Microsoft Github account have been leaked online, and they appear to be […] | |||
|
2020-05-08 14:28:01 | Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows (lien direct) | Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. This trend, revealed by Group-IB's Computer Emergency Response Team (CERT-GIB), resulted in the tremendous increase in the number of phishing websites blockages over the given period - it rose by over 230 percent year-on-year. In 2019 in general, web […] | ★★★★★ | ||
|
2020-05-08 12:00:33 | Massive cyber attack forced Ruhr University Bochum (RUB) to shut down its IT infrastructure (lien direct) | Ruhr University Bochum (RUB) shuts down a large portion of its central IT infrastructure between May 6 and May 7, 2020. The Ruhr University Bochum (RUB), German, announced today that it was forced to shut down parts of its central IT infrastructure due to a cyber attack that took place overnight, between May 6 and […] | |||
|
2020-05-08 10:52:24 | Cisco fixes High Severity issues in ASA and FTD products (lien direct) | Cisco addresses tens of flaws in multiple products, including 12 high severity issues in Adaptive Security Appliance and Firepower Threat Defense. Cisco released security updates to address 34 flaws in multiple products, including 12 high severity vulnerabilities that affect Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). Most of the vulnerabilities fixed by Cisco […] | Threat | ||
|
2020-05-07 22:58:16 | Issues in Elementor Pro and Ultimate Addons for Elementor exposed 1 Million WordPress sites at risk (lien direct) | Attackers exploited two security issues in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise over 1M sites. Hackers are actively exploiting two security flaws in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise unpatched WordPress installs. Security experts from Wordfence have observed a hacking campaign targeting the […] | ★★★★ | ||
|
2020-05-07 17:31:12 | Poulight Stealer, a new Comprehensive Stealer from Russia (lien direct) | Researchers from Cybaze-Yoroi ZLab monitored the evolution and the diffusion of an infostealer dubbed Poulight that most likely has a Russian origin. Introduction Nowadays, info-stealer is one of the most common threats. This category of malware includes famous malware like Azorult, Agent Tesla, and Hawkeye. Infostealer market is one of the most remunerative for cyber criminals, information gathered […] | Malware | ||
|
2020-05-07 13:35:06 | Snake Ransomware hits Europe\'s largest private hospital operator Fresenius during COVID-19 outbreak (lien direct) | Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization. The operators behind the Snake Ransomware have launched a new campaign that targeted companies worldwide and that infected at least one organization in the healthcare industry over the last few days. In January experts observed a new […] | Ransomware | ||
|
2020-05-07 11:00:11 | Brazilian trojan banker is targeting Portuguese users using browser overlay (lien direct) | Since the end of April 2020, a new trojan has been affecting Portuguese users from several bank organizations. The modus operandi of this piece of malware is not new in Portugal. At least since the year of 2014 that new variants have been observed, with minor changes, and with the objective of collecting bank details […] | Malware | ||
|
2020-05-07 07:26:26 | (Déjà vu) Samsung fixes a zero-click issue affecting its phones (lien direct) | Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014. The flaw is tracked as SVE-2020-16747 in the Samsung security bulletin. “A possible memory overwrite vulnerability in Quram […] | Vulnerability | ★★★ | |
|
2020-05-06 18:31:16 | (Déjà vu) Unacademy hacked, 22 million accounts offered for sale (lien direct) | Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users. Unacademy, one of the largest Indian online learning […] | Data Breach | ||
|
2020-05-06 15:43:55 | Shipping Giant Toll suffered a second ransomware attack in a few months (lien direct) | Australian shipping giant Toll informed its customers that it has shut down some IT systems due to a new ransomware attack. The Australian transportation and logistics giant Toll Group informed its customers that it has shut down some IT systems after a new ransomware attack, it is the second infection disclosed by the company this […] | Ransomware | ||
|
2020-05-06 12:00:40 | 9% of SAP\'s 440,000 customers impacted by security bugs in some cloud products (lien direct) | The software giant SAP announced to have found security issues in its cloud-based products as part of an internal security review. German software giant SAP announced the discovery of security issues in its cloud-based products as part of an internal security review, the company already started to address the vulnerabilities. The list of the affected […] | |||
|
2020-05-06 09:59:34 | Data belonging 44 Million Pakistani mobile users leaked online (lien direct) | A threat actor is offering a database apparently belonging to Pakistan’s leading telecom service, it includes data of 44 Million Pakistani mobile users. The threat actor is leaking the database of Pakistan’s leading telecom service Mobilink’s (now @jazzpk). The database contains personally-identifiable and subscription information for 44,000,000 Pakistanis, including customer full names, home addresses (city, […] | Threat Guideline | ||
|
2020-05-06 08:03:58 | (Déjà vu) Law enforcement agencies dismantled Infinity Black hacker group (lien direct) | Europol arrested five members of the Infinity Black hacker group that were selling stolen user credentials and hacking tools. Europol announced another success in the fight against cybercrime, today it has arrested five Polish hackers who were members of the Infinity Black hacking group. The joint operation coordinated by the Europol, saw the participation of […] | ★★★★★ | ||
|
2020-05-05 20:36:39 | Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension (lien direct) | Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000 Recorded Future, the largest global security intelligence provider, today released a free browser extension that helps prioritize SIEM alerts and vulnerability patching, in addition to providing enhanced malware analysis. With this release, Recorded […] | Malware Vulnerability | ||
|
2020-05-05 15:40:51 | (Déjà vu) CAM4 adult cam site leaked 11M database records including emails, private chats (lien direct) | The popular adult live streaming website CAM4 exposed over 7TB of personally identifiable information (PII) of members and users. The popular adult live streaming website CAM4 exposed over 10.88 billion database records containing a total of 7TB of personally identifiable information (PII) of its members and users. The data leak is the result of the accidental exposure […] | |||
|
2020-05-05 13:30:53 | GoDaddy discloses a data breach, web hosting account credentials exposed (lien direct) | GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. Headquartered in Scottsdale, Arizona, the Internet domain registrar and web hosting company claims to have over […] | Threat | ★★★★★ | |
|
2020-05-05 11:38:33 | (Déjà vu) Expert released PoC exploit for CVE-2020-1967 DoS flaw in OpenSSL (lien direct) | A proof-of-concept (PoC) exploit for the recently fixed CVE-2020-1967 denial-of-service (DoS) issue in OpenSSL has been made public. Recently, the OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. The CVE-2020-1967 vulnerability has been described as a […] | Vulnerability | ||
|
2020-05-04 23:09:04 | Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files (lien direct) | Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […] | Spam Threat | ★★ |
To see everything:
Our RSS (filtrered)
