What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-12 12:05:54 | Malàsmoke gang could infect your PC while you watch porn sites (lien direct) | A cybercrime group named Malàsmoke has been targeting porn sites over the past months with malicious ads redirecting users to exploit kits. A cybercrime group named Malàsmoke has been targeting porn sites over the past months, it is placing malicious ads on adult-themed websites to redirect users to exploit kits and deliver malware. According to […] | |||
|
2020-09-11 21:01:18 | Threat actors target WordPress sites using vulnerable File Manager install (lien direct) | Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager. Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager. In early September, experts reported that hackers were actively exploiting a critical remote […] | Vulnerability Threat | ||
|
2020-09-11 18:30:25 | (Déjà vu) Iran denies any involvement in the attack against 2020 US election (lien direct) | The Iranian government denies Microsoft’s allegations related to the alleged attacks against individuals involved in the upcoming 2020 US presidential election. Microsoft announced to have detected a new wave of attacks carried out by Chinese, Iranian, and Russian state-sponsored hackers against the US election. Threat actors had tried to compromise email accounts belonging to people […] | Threat | ||
|
2020-09-11 14:14:09 | Great news, now you can protect your Zoom account with 2FA (lien direct) | Zoom has implemented two-factor authentication (2FA) to protect all user accounts against security breaches and other cyber attacks. Zoom has announced finally implemented the two-factor authentication (2FA) to protect all user accounts from unauthorized accesses. This is a great news due to the spike in the popularity of the communication software during the ongoing COVID-19 pandemic. […] | |||
|
2020-09-11 12:24:55 | Decrypting TLS connections with new Raccoon Attack (lien direct) | Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications. Security researchers from universities in Germany and Israel have disclosed the details of a new timing attack, dubbed Raccoon, that could allow malicious actors to decrypt TLS-protected communications. The timing vulnerability resides in the Transport Layer […] | Vulnerability Threat | ||
|
2020-09-11 06:17:54 | Chinese, Iranian, and Russian APT groups target 2020 US election (lien direct) | Microsoft reveals that state-sponsored hackers had tried to breach email accounts belonging to people involved in the US election. Microsoft announced to have detected a new wave of attacks carried out by Chinese, Iranian, and Russian state-sponsored hackers against the US election. Threat actors had tried to compromise email accounts belonging to people associated with […] | Threat | ||
|
2020-09-10 20:23:22 | Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS (lien direct) | Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo Alto Networks has released security updates to patch critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. The most severe flaw is a buffer overflow issue can be exploited […] | |||
|
2020-09-10 19:19:19 | Colocation data centers giant Equinix data hit by Netwalker Ransomware (lien direct) | Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Equinix, one of the leaders in the global colocation data center market share, with 205 data centers in 25 countries on five continents, was hit by Netwalker ransomware operators. The popular cybercrime gang is demanding a […] | Ransomware Guideline | ||
|
2020-09-10 15:34:29 | CDRThief Linux malware steals VoIP metadata from Linux softswitches (lien direct) | ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). Security experts from ESET discovered a new piece of malware, tracked as CDRThief, that targets the Linux VoIP platform, Linknat VOS2009/3000 softswitches, to steal call data records (CDR) from telephone exchange equipment. […] | Malware | ||
|
2020-09-10 11:47:34 | BLURtooth flaw allows attacking Bluetooth encryption process (lien direct) | Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. A vulnerability dubbed BLURtooth affects certain implementations of Bluetooth 4.0 through 5.0 affects “dual-mode” Bluetooth devices, like modern smartphones. The vulnerability could be exploited by attackers to overwrite or lower the strength of the pairing key, […] | Vulnerability | ||
|
2020-09-10 08:57:19 | (Déjà vu) Hackers stole $5.4 million from cryptocurrency exchange ETERBASE (lien direct) | Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million. The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it […] | Hack Threat | ||
|
2020-09-10 07:55:27 | SeaChange video delivery provider discloses REVIL ransomware attack (lien direct) | US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020. SeaChange's customers include major organizations such as BBC, Cox, Verizon, […] | Ransomware | ||
|
2020-09-09 14:37:27 | Netwalker ransomware hit K-Electric, the major Pakistani electricity provider (lien direct) | K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services. K-Electric (KE) (formerly known as Karachi Electric Supply Company / […] | Ransomware | ||
|
2020-09-09 06:40:05 | France, Japan, and New Zealand warn of a surgein Emotet attacks (lien direct) | Cybersecurity agencies from multiple countries are warning of the surge of Emotet attacks targeting the private sector and public administration entities. Cybersecurity agencies across Asia and Europe are warning of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of a significant increase […] | Spam | ||
|
2020-09-09 06:34:02 | (Déjà vu) Microsoft September 2020 Patch Tuesday addresses 129 flaws (lien direct) | Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities, including twenty critical remote code execution issues. Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities in Microsoft products across 15 products (Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer (IE), SQL Server, Office and Office Services and Web Apps, Microsoft Dynamics, Visual Studio, […] | |||
|
2020-09-08 20:41:57 | Adobe fixes critical flaws in Adobe InDesign, Framemaker, and Experience Manager (lien direct) | Adobe has released security updates to address 12 critical vulnerabilities in Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. Adobe has released security updates to address twelve critical vulnerabilities that could be exploited by attackers to execute arbitrary code on systems running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. “Adobe has […] | |||
|
2020-09-08 15:12:12 | Expert found multiple critical issues in MoFi routers (lien direct) | Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. The researchers Rich Mirch from CRITICALSTART discovered ten vulnerabilities MOFI4500 MoFi Network routers. The expert reported the issues to the vendor in May but some of the flaws have yet to be patched. Most of […] | Hack | ||
|
2020-09-08 09:57:09 | Newcastle University infected with DoppelPaymer Ransomware (lien direct) | UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide […] | Ransomware | ||
|
2020-09-08 06:58:32 | France national cyber-security agency warns of a surge in Emotet attacks (lien direct) | The French national cyber-security agency warns of a surge in Emotet attacks targeting the private sector and public administration entities. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least […] | |||
|
2020-09-07 18:32:40 | Chilean bank BancoEstado hit by REVil ransomware (lien direct) | Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations. […] | Ransomware | ||
|
2020-09-07 13:55:42 | Russian national indicted for attempting to recruit Tesla employee to install malware (lien direct) | US authorities have indicted a Russian national for conspiring to recruit a Tesla employee to install malware onto the company's infrastructure. Russian national Egor Igorevich Kriuchkov (27) has been indicted in the United States for conspiring to recruit a Tesla employee to install malware onto the company's network. In August, US authorities arrested the Russian […] | Malware | ||
|
2020-09-07 10:30:30 | US Federal systems must be covered by vulnerability-disclosure policies by March 2021 (lien direct) | A new Cybersecurity and Infrastructure Security Agency (CISA) mandate requires U.S. agencies to implement vulnerability-disclosure policies by March 2021. The U.S. government's cybersecurity agency CISA has issued a mandate that requires federal agencies to implement vulnerability-disclosure policies (VDPs) by March 2021. The main purpose of vulnerability-disclosure policies is to ensure that required information, other than […] | |||
|
2020-09-07 08:01:05 | Epic Manchego gang uses Excel docs that avoid detection (lien direct) | A recently discovered cybercrime gang, tracked as Epic Manchego, is using a new technique to create weaponized Excel files that are able to bypass security checks Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since […] | Malware | ||
|
2020-09-06 22:49:52 | Netwalker Ransomware hit Argentina\'s official immigration agency (lien direct) | Argentina’s official immigration agency, Dirección Nacional de Migraciones, is the last victim of the Netwalker ransomware operators. Argentina’s official immigration agency, Dirección Nacional de Migraciones, was hit by a Netwalker ransomware attack that caused the interruption of the border crossing into and out of the country for four hours. The ransomware operators also exfiltrated sensitive […] | Ransomware | ||
|
2020-09-06 14:14:30 | Visa warns of new sophisticated credit card skimmer dubbed Baka (lien direct) | Visa issued a warning regarding a new credit card JavaScript skimmer, tracked as Baka, that implements new features to evade detection. Visa issued a warning regarding a new e-skimmer known as Baka that removes itself from memory after having exfiltrating payment card details. The e-skimmer was first spotted by experts with Visa’s Payment Fraud Disruption […] | |||
|
2020-09-06 10:31:33 | Security Affairs newsletter Round 280 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Emotet botnet has begun to use a new 'Red Dawn template Malicious npm package 'fallguys removed from the official repository US DoJ wants the funds stored by North Korea in […] | |||
|
2020-09-06 09:45:17 | WhatsApp discloses six previously undisclosed flaws (lien direct) | WhatsApp addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated security advisory site. WhatsApp announced more transparency about the vulnerabilities affecting its app and will publicly disclose them to the users. The company addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated web site. Some […] | |||
|
2020-09-05 18:14:58 | A full replacement of all Huawei and ZTE hardware on American wireless networks will cost $1.837bn (lien direct) | The US Federal Communications Commission (FCC) estimates the cost of a full replacement of all Huawei and ZTE hardware on American wireless networks at $1.837bn. A report published by the US Federal Communications Commission (FCC) revealed that performing a full replacement of all Huawei and ZTE equipment on American wireless networks will cost $1.837bn in […] | |||
|
2020-09-05 15:27:01 | Hackers use overlay screens on legitimate sites to steal Outlook credentials (lien direct) | Experts spotted a phishing campaign that employees overlay screens and email 'quarantine' policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email 'quarantine' policies to steal Microsoft Outlook credentials from the targets. The overlay screens are displayed on top of legitimate webpages to […] | |||
|
2020-09-05 13:22:27 | FBI issued a second flash alert about ProLock ransomware in a few months (lien direct) | FBI issued a second flash alert about ProLock ransomware stealing data, four months after the first advisory published by the feds on the same threat. The FBI has issued the 20200901-001 Private Industry Notification about ProLock ransomware stealing data on September 1st. The fresh alert is the second one related to this threat, the first […] | Ransomware | ||
|
2020-09-04 22:26:01 | SunCrypt Ransomware behind North Carolina school district data breach (lien direct) | A school district in North Carolina disclosed a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The Haywood County School district in North Carolina has suffered a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The ransomware attack took place on August 24th, 2020, but at the […] | Ransomware Data Breach | ||
|
2020-09-04 18:26:16 | U.S. Department of Defense discloses details about critical and high severity issues (lien direct) | The U.S. Department of Defense has disclosed the details about four critical and high severity vulnerabilities in its infrastructure. The U.S. Department of Defense has disclosed details of four vulnerabilities in its infrastructure, two high severity rating issues and other two critical flaws. The vulnerabilities could be exploited by threat actors to hijack a subdomain, […] | Threat | ||
|
2020-09-04 15:36:16 | Warner Music Group online stores hit by look-like Magecart attack (lien direct) | Warner Music Group (WMG) disclosed a data breach affecting US-based e-commerce stores, the compromise appears to be a Magecart attack. Warner Music Group (WMG) is a major music company with interests in recorded music, music publishing and artist services. The company has disclosed a data breach that impacted customers’ personal and financial information, the incident […] | Data Breach | ★★★ | |
|
2020-09-04 06:41:26 | Evilnum APT used Python-based RAT PyVil in recent attacks (lien direct) | The Evilnum APT group has added a new weapon to its arsenal, it is a Python-based spy RAT, dubbed PyVil, designed to target FinTech organizations. The Evilnum APT group was first spotted in 2018 while using the homonym malware. Over the years, the group added new tools to its arsenal, including custom and homemade malware […] | Malware | ||
|
2020-09-03 20:12:31 | The Twitter account of Indian Prime Minister Modi was hacked (lien direct) | The Twitter account of the Indian Prime Minister Modi was hacked, attackers sent a series of tweets asking followers to donate cryptocurrency to a relief fund. The Twitter account for the personal website of the Indian Prime Minister Narendra Modi (@narendramodi_in) has been hacked. The hackers have sent a series of tweets asking the followers […] | |||
|
2020-09-03 14:28:43 | Online marketing company exposes 38+ million US citizen records (lien direct) | CyberNews researchers discovered an unsecured data bucket that belongs to View Media containing close to 39 million US citizen records. Original post: https://cybernews.com/security/online-marketing-company-exposes-data-of-millions-americans/ The CyberNews research team discovered an unsecured data bucket that belongs to View Media, an online marketing company. The bucket contains close to 39 million US citizen records, including their full names, […] | |||
|
2020-09-03 13:40:22 | Is the Belarusian government behind the surveillance Android app banned by Google? (lien direct) | Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. Google has removed the app NEXTA LIVE (com.moonfair.wlkm) from the official Play Store because it was used by the Belarusian government to spy on anti-government protesters. The malicious app remained in the store for almost […] | |||
|
2020-09-03 08:54:21 | (Déjà vu) Cyber Defense Magazine – September 2020 has arrived. Enjoy it! (lien direct) | Cyber Defense Magazine September 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. 150 Pages Loaded with excellent content Learn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings […] | |||
|
2020-09-03 07:59:01 | AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time (lien direct) | Bryan Connor Herrell (25) from Colorado, was sentenced to 11 years of prison time for being one of the moderators on the dark web marketplace AlphaBay. Bryan Connor Herrell (25) from Colorado, was sentenced to 11 years of prison time for being one of the moderators on the popular dark web marketplace AlphaBay. “A Colorado man was […] | |||
|
2020-09-02 21:13:23 | Cisco addresses critical code execution flaw in Cisco Jabber for Windows (lien direct) | Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495, that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client that integrates users with presence, audion, video […] | Vulnerability | ||
|
2020-09-02 14:58:04 | Hackers are actively exploiting critical RCE in WordPress sites using File Manager plugin (lien direct) | Hackers actively exploiting a critical remote code execution vulnerability in the File Manager plugin, over 300,000 WordPress sites potentially exposed. Hackers are actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin. […] | Vulnerability | ||
|
2020-09-02 14:19:17 | Hackers use e-skimmer that exfiltrates payment data via Telegram (lien direct) | Researchers observed a new tactic adopted by Magecart groups, the hackers used Telegram to exfiltrate stolen payment details from compromised websites. Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details from compromised websites. Attackers encrypt payment data to make identification more difficult before transferring it […] | |||
|
2020-09-02 12:39:34 | (Déjà vu) New KryptoCibule Windows Trojan spreads via malicious torrents (lien direct) | Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware has been active since at least December 2018, it targets cryptocurrency […] | Malware | ||
|
2020-09-02 09:29:10 | MAGMI Magento plugin flaw allows remote code execution on a vulnerable site (lien direct) | Researchers discovered multiple vulnerabilities in the MAGMI Magento plugin that could lead to remote code execution on a vulnerable Magento site. Tenable published a research advisory for two vulnerabilities impacting the Magento Mass Import (MAGMI) plugin. The flaws were discovered by Enguerran Gillier of the Tenable Web Application Security Team. MAGMI is a Magento database […] | Guideline | ||
|
2020-09-01 20:56:57 | Norway \'s Parliament, Stortinget, discloses a security breach (lien direct) | Hackers breached Norway ‘s Parliament, Stortinget, and accessed to email for a small number of parliamentary representatives and employees. Norway’s parliament announced Tuesday that it was the target of a major cyber-attack that allowed hackers to access emails and data of a small number of parliamentary representatives and employees. “The parliament has recently been targetted […] | |||
|
2020-09-01 15:08:44 | Details of millions of U.S. Voters leaked to Russia\'s Dark Web forum (lien direct) | Russia's Kommersant business newspaper reported that a database containing millions of American voters' details has appeared on the Russian dark web. A database containing several million American voters' personal information has appeared on the Russian dark web, Russia's Kommersant business newspaper reported this week. The news is worrisome due to the upcoming presidential elections in the US and the […] | |||
|
2020-09-01 13:05:50 | Tor launches Tor Project Membership Program to financially support its work (lien direct) | The Tor Project announced the launch of the Tor Project Membership Program to financially support the work of the organizations. The Tor Project launched the Tor Project Membership Program to financially support its work. The move aims at diversifying funding in the budget of the organization and to increase unrestricted funds for the software development of tor and other tools. […] | |||
|
2020-09-01 09:22:34 | Iran-linked APT group Pioneer Kitten sells access to hacked networks (lien direct) | Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has […] | |||
|
2020-09-01 07:42:46 | France will not ban Huawei from its upcoming 5G networks (lien direct) | French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks. However, Macron said that France will favor European providers of 5G technology […] | |||
|
2020-08-31 18:06:53 | Researchers warn of QNAP NAS attacks in the wild (lien direct) | Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. Hackers are scanning the Internet for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions vulnerable to a remote code execution (RCE) vulnerability addressed by the vendor 3 years ago. […] | Vulnerability |
To see everything:
Our RSS (filtrered)
