What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-08-29 09:09:05 | A new variant of Trickbot banking Trojan targets Verizon, T-Mobile, and Sprint users (lien direct) | A new Trickbot Trojan variant is targeting Verizon Wireless, T-Mobile, and Sprint users, confirming the evolution of the threat. TrickBot is a popular banking Trojan that has been around since October 2016, its authors has continuously upgraded it by implementing new features. For example, in February Trend Micro detected a variant that includes a new module […] | |||
|
2019-08-29 07:02:04 | Expert releases Metasploit modules for Cisco UCS flaws (lien direct) | An expert published technical details of recently disclosed Cisco Unified Computing System (UCS) flaws that can be exploited to take complete control of vulnerable systems. Security researcher Pedro Ribeiro, aka “bashis,” has released the details of three the recently addressed vulnerabilities in the Cisco Unified Computing System (UCS) products along with Metasploit modules for their exploitation. […] | |||
|
2019-08-28 18:15:05 | Magecart hackers compromise another 80 eCommerce sites (lien direct) | Security experts at Aite Group and Arxan Technologies have discovered that hackers under the Magecart umbrella have compromised 80 more eCommerce sites. Security experts at Aite Group and Arxan Technologies have discovered that Magecart hackers continue to target online stores to steal credit card data, in recent operations, they have compromised 80 more eCommerce sites. […] | |||
|
2019-08-28 16:21:05 | French Police remotely disinfected 850,000 PCs from RETADUP bot (lien direct) | The French police force, National Gendarmerie, announced to have neutralized the Retadup malware on over 850,000 computers taking over its C2 server. The French police force, National Gendarmerie, announced the successful takedown of a huge RETADUP botnet after it has taken the control of its command and control (C2) server. The operation allowed the France law enforcement […] | Malware | ★★★ | |
|
2019-08-28 08:38:05 | (Déjà vu) TA505 group updates tactics and expands the list of targets (lien direct) | Recent campaigns show threat actors behind the Dridex and Locky malware families, the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. TA505 hacking group has been active since 2014 […] | Malware Threat | ||
|
2019-08-27 23:12:02 | Imperva data Breach: WAF customers\' data exposed (lien direct) | Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula. Incapsula, is a CDN service designed […] | Data Breach | ||
|
2019-08-27 22:31:00 | Kaspersky found malware in popular CamScanner app. Remove it now from your phone! (lien direct) | Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could […] | Malware | ||
|
2019-08-27 19:23:05 | Lyceum APT made the headlines with attacks in Middle East (lien direct) | A recently reported APT group dubbed Lyceum group targets Oil and Gas organizations in the Middle East with simple techniques. The activity of the Lyceum APT group was first documents earlier of August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations […] | |||
|
2019-08-27 16:52:01 | Code Execution and DoS flaw addressed in QEMU (lien direct) | The open-source emulator QEMU is affected by a flaw that could be exploited to trigger a (DoS) condition or gain arbitrary code execution. QEMU (short for Quick Emulator) is a free and open-source emulator that performs hardware virtualization. It emulates the machine’s processor through dynamic binary translation and provides a set of different hardware and device models for the machine, enabling it to run a […] | |||
|
2019-08-27 08:14:04 | Experts uncovered an advanced phishing campaign delivering the Quasar RAT (lien direct) | Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The use of multiple anti-analysis methods to camouflage the attack vectors is the main characteristic of this campaign. Quasar RAT is available as an open-source […] | |||
|
2019-08-27 06:17:01 | White hat hacker demonstrated how to hack a million Instagram accounts (lien direct) | A researcher was awarded $10,000 by Facebook for the discovery of a critical vulnerability that could have been exploited to hack Instagram accounts. The white-hat hacker Laxman Muthiyah has discovered a critical vulnerability that could have been exploited to hack Instagram accounts. The process affected Instagram's password recovery process for mobile devices that leverages on […] | Hack Vulnerability | ||
|
2019-08-26 22:55:00 | Apple released an emergency patch to address CVE-2019-8605 iOS flaw (lien direct) | Apple has released an emergency patch in iOS 12.4.1 that addresses the CVE-2019-8605 use-after-free vulnerability that allowed iPhone jailbreak. Recently, Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers and allowing the jailbreak of the devices. Experts discovered that the iOS version 12.4 released in June has reintroduced a security […] | Vulnerability | ||
|
2019-08-26 17:48:03 | Nemty Ransomware, a new malware appears in the threat landscape (lien direct) | A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. The name of the ransomware comes after the extension it adds to the encrypted file names, the malicious code also deletes […] | Ransomware Malware Threat | ||
|
2019-08-26 16:49:05 | (Déjà vu) Binance says that leaked KYC Data are from third-party vendor. (lien direct) | The Binance cryptocurrency exchange revealed that leaked users’ KYC data were obtained by hackers from a third-party vendor. In July, the hack of the Binance cryptocurrency exchange made the headlines, hackers stole$41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. Binance is one of the world's largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the hackers […] | Hack | ||
|
2019-08-26 08:26:03 | Judge ordered Capital One hacker Paige Thompson to remain in prison (lien direct) | A U.S. judge ordered Capital One hacker Paige Thompson to remain in custody pending trial because her “bizarre and erratic” behavior makes the woman at risk. The judge argued that she is a flight risk and poses a physical danger to herself and others. “In today's America, it is easy enough to obtain firearms, and […] | |||
|
2019-08-26 07:05:04 | UK National Cyber Security Centre urge to drop Python 2 (lien direct) | The UK National Cyber Security Centre (NCSC) urges developers to drop Python 2 due to imminent End-of-Life to avoid attacks on a large scale. The UK National Cyber Security Centre (NCSC) is recommending developers to drop Python 2.x due to the imminent End-of-Life. Attackers could start targeting applications based on Python 2 on a large […] | |||
|
2019-08-25 22:58:03 | Hostinger disclosed a data breach that affects 14 Million customers (lien direct) | The popular Hosting provider Hostinger disclosed a recent security breach that allowed unauthorized access to a client database. Hostinger, one of the biggest hosting providers, disclosed a recent security breach that allowed attackers to access a client database. The security breach took place on August 23 and may have impacted up to 14 million Hostinger […] | Data Breach | ||
|
2019-08-25 17:25:04 | Bad Packets warns of over 14,500 Pulse secure VPN endpoints vulnerable to CVE-2019-11510 (lien direct) | BadPackets experts observed on August 22 a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. Recently another popular cybersecurity expert, Kevin Beaumont, has also observed attackers attempting to exploit the CVE-2018-13379 in the FortiOS […] | |||
|
2019-08-25 15:21:05 | (Déjà vu) Security Affairs newsletter Round 228 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! At least 23 Texas local governments […] | |||
|
2019-08-25 08:16:00 | 80 defendants charged with participating in massive BEC and romance scams (lien direct) | DOJ charged 80 people, most of them are Nigerian nationals, with participating in massive BEC and romance scams that collected millions of dollars. Federal authorities arrested 80 people accused participating in massive BEC and romance scams that raked millions of dollars from victims worldwide. The suspected fraudsters, many of whom are Nigerian nationals, prosecutors say, who […] | |||
|
2019-08-25 08:01:04 | Internal Revenue Service warns taxpayers of a malware campaign (lien direct) | The Internal Revenue Service (IRS) is warning of an active IRS impersonation scam campaign sending spam emails to distribute malware. The Internal Revenue Service (IRS) issued an alert to warn taxpayers of a new scam campaign distributing malware. Last week the US agency has received several reports from taxpayers that received spam messages with “Automatic Income […] | Spam Malware | ||
|
2019-08-25 06:41:05 | Experts uncovered a hacking campaign targeting several WordPress Plugins (lien direct) | Researchers at Wordfence reported an ongoing hacking campaign exploiting security flaws in some WordPress plugins. Researchers from Wordfence uncovered an ongoing hacking campaign exploiting security vulnerabilities in some WordPress plugins to redirect visitors to websites under the control of the attackers. The campaign specifically targeted flaws in WordPress plugins developed by the developer NicDark (now […] | |||
|
2019-08-24 17:42:01 | Cisco released 4CAN hardware tool to find flaws in automotive computers (lien direct) | Cisco has released a hardware tool, called 4CAN, developed to help researchers to discover vulnerabilities in automotive systems. Computer systems in modern vehicles are very complex, they contain a huge quantity of devices and units that exchange a lot of data in real-time. These components communicate via the vehicle's network, dubbed Controller Area Network (CAN). […] | Tool | ||
|
2019-08-24 15:14:00 | Hacker will compensate victims with $1.1 million Bitcoin illegally earned (lien direct) | UK authorities have seized over £920,000 ($1.1 million) worth of Bitcoin from a prolific hacker, the funds will be used to compensate his victims. Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ The man was charged with multiple […] | |||
|
2019-08-24 08:27:05 | Buffer overflow exposes unpatched Squid servers to RCE and DoS attacks (lien direct) | Some versions of the Squid web proxy cache server built with Basic Authentication features are affected by a heap buffer overflow vulnerability. The heap buffer overflow security flaw, tracked as CVE-2019-12527, could be exploited by attackers to trigger DoS condition and also to execute arbitrary code on the vulnerable servers. The flaw received a high severity CVSS […] | |||
|
2019-08-24 06:56:01 | Mastercard data breach affected Priceless Specials loyalty program (lien direct) | Mastercard disclosed a data breach that impacted customer data from the company’s Priceless Specials loyalty program. The American multinational financial services corporation notified the data breach to the German and Belgian Data Protection Authorities. The data leaked online includes customers’ names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth. “The Belgian Data […] | Data Breach | ||
|
2019-08-23 22:33:05 | Lenovo Solution Centre flaw allows hacking Windows laptop in 10 minutes (lien direct) | Researchers at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) tracked as CVE-2019-6177. Security experts at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) that exists since 2011. “A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log […] | Vulnerability | ||
|
2019-08-23 17:56:01 | A new variant of Asruex Trojan exploits very old Office, Adobe flaws (lien direct) | Experts at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect systems. Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. Asruex first appeared in the […] | Malware | ||
|
2019-08-23 16:02:00 | Hackers are scanning the web for vulnerable Fortinet, Pulse Secure Products installs (lien direct) | Hackers are exploiting recently disclosed flaws in enterprise virtual private network (VPN) products from Fortinet and Pulse Secure. The popular cybersecurity expert Kevin Beaumont has observed threat actors attempting to exploit the CVE-2018-13379 in the FortiOS SSL VPN web portal and CVE-2019-11510 flaw in Pulse Connect Secure. The CVE-2018-13379 is a path traversal vulnerability in the […] | Vulnerability Threat | ||
|
2019-08-23 08:27:01 | Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency (lien direct) | The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryptocurrency. The Ukrainian Secret Service (SBU) launched an investigation after employees at a local nuclear power plant connected some systems of the internal network to the Internet to mine cryptocurrency. The incident was […] | |||
|
2019-08-23 07:09:00 | Cisco warns of the availability of public exploit code for critical flaws in Cisco Small Business switches (lien direct) | Cisco provided updates for security advisories for three flaws affecting Cisco Small Business 220 Series Smart Switches patched in early August. Cisco has updated security advisories for three vulnerability in Cisco Small Business 220 Series Smart Switches that have been patched in early August. The three vulnerabilities were reported by the security researcher Pedro Ribeiro, […] | Vulnerability | ||
|
2019-08-22 17:57:00 | Cisco addressed several vulnerabilities in UCS products (lien direct) | Cisco released security patches to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products (UCS and IMC). Cisco has released security fixes to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products. Most of the flaws affect the Integrated Management Controller (IMC) that is a baseboard management controller that […] | |||
|
2019-08-22 16:04:02 | App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice (lien direct) | ESET experts discovered that an Android app infected with AhMyth open-source RAT has bypassed the security of Google Play twice over two weeks. The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security […] | Malware | ||
|
2019-08-22 15:22:02 | The Dangers of Using Unsecured Wi-Fi Networks (lien direct) | Isn't public Wi-Fi great? If you're having a tea or coffee in a cafe or restaurant you can check your emails and social media. If you're waiting for a flight what better way to pass the time than logging onto your favourite website, checking your bank account or even doing a bit of online shopping? […] | ★★ | ||
|
2019-08-22 14:26:01 | Texas attackers demand $2.5 million to allow towns to access encrypted data (lien direct) | Crooks behind the attacks against Texas governments are now demanding $2.5 million to allow victims to access encrypted data. The cybercriminals behind the wave of attacks that hit 23 Texas governments are now demanding $2.5 million to allow victims to access encrypted data. The attacks started in the morning of August 16 and security experts […] | |||
|
2019-08-22 08:28:00 | (Déjà vu) A new Zero-Day in Steam client impacts over 96 million Windows users (lien direct) | A new zero-day vulnerability in the for Windows impacting over 96 million users was disclosed by researcher Vasily Kravets. A news zero-day flaw in the Steam client for Windows client impacts over 96 million users. The flaw is a privilege escalation vulnerability and it has been publicly disclosed by researcher Vasily Kravets. Kravets is one of the […] | Vulnerability | ||
|
2019-08-22 06:58:04 | DoS attacks against most used default Tor bridges could be very cheap (lien direct) | Researchers explained that carrying out attacks against the most used default Tor bridges would cost threat actors $17,000 per month. According to security researchers Rob Jansen from the U.S. Naval Research Laboratory, and Tavish Vaidya and Micah Sherr from Georgetown University, launching denial-of-service (DoS) attacks against most commonly used default Tor bridges would cost attackers […] | Threat | ||
|
2019-08-21 17:58:02 | Romania is going to exclude Huawei from its 5G Network (lien direct) | Romania will ban Chinese giant Huawei from its 5G network, reads a joint statement signed by the Romanian and US presidents. Romania could be the last state in order of time to ban Chinese giant Huawei from its 5G network, reads a joint statement signed by the Romanian and US presidents. The document was signed […] | |||
|
2019-08-21 17:26:00 | China-linked APT41 group targets US-Based Research University (lien direct) | Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks […] | Guideline | APT 41 | |
|
2019-08-21 15:01:05 | The Cost of Dealing With a Cybersecurity Attack in These 4 Industries (lien direct) | A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas. In addition to the monetary costs associated with things like lost productivity and improving network security to reduce the likelihood of […] | |||
|
2019-08-21 08:06:05 | Thousands credit card numbers of MoviePass customers were exposed online (lien direct) | A security expert discovered that the popular movie ticket subscription service MoviePass has exposed thousands of customer card numbers and personal credit cards. The security expert Mossab Hussein from cybersecurity firm SpiderSilk, discovered that MoviePass exposed a database containing the credit card data on one of its subdomains. The archive was containing 161 million records and the amount […] | |||
|
2019-08-21 06:53:03 | Damage from Silence APT operations increases fivefold. The gang deploys new tools on its “worldwide tour” (lien direct) | Experts from Group-Ib that exposed the most recent campaigns carried out by Silence reported that damage from the APT group operations increases fivefold. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has exposed the most recent campaigns carried out by Silence, a Russian-speaking APT group, in the new “Silence 2.0: Going Global” report. […] | |||
|
2019-08-20 21:50:04 | A backdoor mechanism found in tens of Ruby libraries (lien direct) | Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions […] | |||
|
2019-08-20 15:00:04 | 5 Ways to Protect Yourself from IP Address Hacking (lien direct) | Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet. It allows your device to connect with the rest of the online world. For […] | |||
|
2019-08-20 07:49:00 | Twitter bans 936 accounts that attempted to sow political discord in Hong Kong (lien direct) | Twitter announced it has banned 936 accounts managed by China-linked actors that attempted to sow political discord in Hong Kong. Twitter has observed and banned 936 accounts managed by China-linked actors that attempted to stir up riots and sow political discord in Hong Kong. The tweets aimed at discrediting the motivation of the Hong Kong […] | |||
|
2019-08-20 06:40:03 | Backdoored Webmin versions were available for download for over a year (lien direct) | Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […] | Vulnerability | ||
|
2019-08-19 22:36:02 | Hacker publicly releases Jailbreak for iOS version 12.4 (lien direct) | Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers. A public Jailbreak for iPhones in was released by a hacker, it is an exceptional event because it is the first in years. According to Motherboard, that first reported the news, Apple accidentally unpatched a flaw it had […] | Vulnerability | ||
|
2019-08-19 15:55:05 | Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization (lien direct) | A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. The researchers analyzed PDF documents and email files (.msg and .eml) uploaded […] | Malware Threat | ||
|
2019-08-19 07:07:04 | 5 Common Phishing Attacks and How to Avoid Them? (lien direct) | Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal and organizational data. The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. People fell prey for these manipulative emails and provide […] | Tool | ||
|
2019-08-19 06:27:02 | Galaxy S10 is the first 5G phone that can be used by US DoD (lien direct) | Samsung announced that the Galaxy S10, the Galaxy S9, and Galaxy Note 9 have obtained the Security Technical Implementation Guide (STIG) approval Other Samsung devices are included in the list of smartphones that can be used by the US federal government of the, they are the Galaxy S10, the Galaxy S9, and Galaxy Note 9. The above devices have achieved the […] |
To see everything:
Our RSS (filtrered)
