What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-01 17:35:01 | GandCrab operators are shutting down their operations (lien direct) | GandCrab first appeared in the threat landscape in early 2018 and continuously evolved over time. Now operators are shutting down their operations. Early 2018, experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and […] | Threat | ||
|
2019-06-01 14:34:01 | Apple updates address SQLite, WebKit issues in iTunes and iCloud for Windows (lien direct) | Apple released security updates for Windows versions of iTunes and iCloud, to address recently disclosed SQLite and WebKit security flaws. Apple released security updates to address recently disclosed SQLite and WebKit security vulnerabilities affecting Windows versions of iTunes and iCloud. Apple released iTunes for Windows 12.9.5 that addresses a total of 25 flaws, four SQLite […] | |||
|
2019-06-01 12:29:05 | Cryptojacking campaign uses Shodan to scan for Docker hosts to hack (lien direct) | A new cryptojacking campaign was spotted by experts at Trend Micro, crooks are using Shodan to scan for Docker hosts with exposed APIs. Threat actors are using the popular Shodan search engine to find Docker hosts and abuse them in a crypojacking campaign. Attackers leverage self-propagating Docker images infected with Monero miners and scripts that […] | Hack Threat | ||
|
2019-06-01 06:55:02 | Russian military plans to replace Windows with Astra Linux (lien direct) | The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing […] | |||
|
2019-05-31 19:44:00 | 0patch released micropatch for BearLPE Zero-Day flaw in Windows 10 Task Scheduler (lien direct) | Researchers at 0patch released a temporary micropatch for the unpatched BearLPE local privilege escalation zero-day flaw in Windows 10. Experts at 0patch released a micropatch to temporary fix a still-unpatched local privilege escalation on systems without rebooting them. The zero-day vulnerability, dubbed BearLPE, was recently disclosed by the security researcher SandboxEscaper. The following video shows how the […] | |||
|
2019-05-31 14:26:03 | Microsoft warns for the second time of applying BlueKeep patch (lien direct) | Microsoft issued a new warning for users to update their systems to address the remote code execution vulnerability dubbed BlueKeep. Microsoft issued a new warning for users of older Windows OS versions to update their systems in order to patch the remote code execution vulnerability dubbed BlueKeep. The vulnerability, tracked as CVE-2019-0708, impacts the Windows […] | Vulnerability | ||
|
2019-05-31 12:59:00 | Security expert shows how to bypass macOS Gatekeeper (lien direct) | A security researcher demonstrated how to bypass the Apple macOS Gatekeeper by leveraging trust in network shares. The Italian security researcher Filippo Cavallarin demonstrated how to bypass the macOS Gatekeeper by leveraging trust in network shares. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing an App to run. […] | |||
|
2019-05-31 11:34:04 | HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel (lien direct) | Security experts at Intezer have discovered a new Linux malware tracked as 'HiddenWasp' that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions. According to the experts at Intezer, the malware was involved in targeted attacks. “Unlike common Linux malware, HiddenWasp is not […] | Malware | ||
|
2019-05-31 07:11:03 | The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains (lien direct) | vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. vpnMentor experts have discovered that hotel brands managed by The Pyramid Hotel Group, including Marriott, have suffered a data leak, vpnMentor's research team discovered the unprotected server through port scanning to examine known IP blocks. Researchers […] | |||
|
2019-05-30 17:44:01 | Checkers double drive-thru restaurants chain discloses card breach (lien direct) | Checkers and Rally’s, one of the largest chains of double drive-thru restaurants in the United States, disclosed a credit card breach. “We recently became aware of a data security issue involving malware at certain Checkers and Rally's locations.” reads a breach notice published by the company. “After discovering the issue, we quickly engaged leading data […] | Malware Guideline | ||
|
2019-05-30 13:02:05 | Convert Plus WordPress plugin flaw allows hackers to create Admin accounts (lien direct) | The WordPress plugin Convert Plus is affected by a critical flaw that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. The WordPress plugin Convert Plus is affected by a critical vulnerability that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. A vulnerability ties with the […] | Vulnerability | ||
|
2019-05-30 09:04:05 | VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs (lien direct) | Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro shows that the popular mobile VPN developer Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of […] | |||
|
2019-05-30 08:48:03 | (Déjà vu) Emissary Panda APT group hit Government Organizations in the Middle East (lien direct) | Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27, TG-3390, Bronze Union, and Lucky Mouse) has been targeting government organizations in two different […] | APT 27 | ||
|
2019-05-30 06:54:05 | Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers (lien direct) | Guardicore Labs uncovered a widespread cryptojacking campaign tracked as Nansh0u and aimed at Windows MS-SQL and PHPMyAdmin servers. Security experts at Guardicore Labs uncovered a widespread cryptojacking campaign leveraging a malware dubbed Nansh0u. The malicious code aimed at Windows MS-SQL and PHPMyAdmin servers worldwide. According to the experts, the malicious campaign is being carried out […] | Malware | ||
|
2019-05-29 19:56:04 | Google white hat hacker found code execution flaw in Notepad (lien direct) | The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft's Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft's Notepad text editor. Ormandy reported the issue to Microsoft and will wait 90 days according to Google vulnerability […] | Vulnerability | ||
|
2019-05-29 14:07:03 | Using Public Wi-Fi? Your data can be hacked easily! Here\'s How… (lien direct) | Public Wi-Fi is easily accessible by everyone, as much as free surfing sounds cool, it is risky as well. Let’s see how your data can be hacked easily. In the contemporary world of networking, Wi-Fi has become a vital commodity. Wi-Fi are now installed in each and every place regardless of the size of the […] | |||
|
2019-05-29 12:49:01 | All Docker versions affected by an unpatched race condition issue (lien direct) | A race condition flaw that could be exploited by an attacker to read and write any file on the host system affects any versions of Docker. Experts found a race condition vulnerability in any versions of Docker, the vulnerability could be exploited by an attacker to read and write any file on the host system. […] | Vulnerability | ||
|
2019-05-29 08:55:00 | TA505 is expanding its operations (lien direct) | An attack against an Italian organization lead the experts at Yoroi-Cybaze ZLab to shed the light on ongoing operations attributed to TA505. Introduction In the last few days, during monitoring activities, Yoroi CERT noticed a suspicious attack against an Italian organization. The malicious email contains a highly suspicious sample which triggered the ZLAB team to […] | Guideline | ||
|
2019-05-29 07:33:05 | News aggregator Flipboard disclosed a data breach (lien direct) | The news aggregator Flipboard announced that it suffered a breach, unauthorized users had access to some databases storing user account information. The news and social media aggregator Flipboard disclosed on Tuesday that it suffered a breach, unauthorized users had access to some databases storing user information. Hackers had access to the company systems between June […] | Data Breach | ||
|
2019-05-29 06:09:04 | HawkEye Keylogger is involved in attacks against business users (lien direct) | Experts at IBM X-Force observed a new campaign involving the HawkEye keylogger in April and May 2019 aimed at business users. Malware attacks leveraging a new variant of the HawkEye keylogger have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for sale […] | Malware | ||
|
2019-05-28 20:29:02 | DuckDuckGo Address Bar Spoofing (lien direct) | The DuckDuckGo Privacy Browser application 5.26.0 for Android allows address bar spoofing via a setInterval call, as demonstrated by reloading every 50 ms. Technical Observation: A browser that's scoring in the 50,00,000+ tier of Android download.It was observed that the DuckDuckGo privacy browser ominibar can be spoofed by a crafted javascript page spoofing `setInterval` function and reloading the […] | |||
|
2019-05-28 19:48:01 | Internet scans found nearly one million systems vulnerable to BlueKeep (lien direct) | Roughly one million devices are vulnerable to attacks exploiting the BlueKeep Windows vulnerability and hackers are ready to hit them. Yesterday I reported the discovery made by experts at GreyNoise that detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability. The scans were first detected on May 25, 2019, experts explained that a single […] | Vulnerability | ||
|
2019-05-28 12:37:03 | Shade Ransomware is very active outside of Russia and targets more English-speaking victims (lien direct) | Experts at PaloAlto Networks spotted a new Shade ransomware campaigns targeting news countries, including in the U.S. and Japan. Researchers observed a new wave of Shade ransomware attacks against targets in several countries, including the US and Japan. Shade is considered one of the most dangerous threats in the cyber crime scenario, it has been active […] | Ransomware | ||
|
2019-05-28 11:11:04 | Siemens Healthineers medical products vulnerable to Windows BlueKeep flaw (lien direct) | Several products made by Siemens Healthineers are affected by a recently patched Windows BlueKeep vulnerability (CVE-2019-0708). The BlueKeep issue is a remote code execution vulnerability in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP and sending specially crafted requests. As explained by […] | Vulnerability | ||
|
2019-05-28 05:48:02 | APT10 is back with two new loaders and new versions of known payloads (lien direct) | The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. In April 2019, China-linked cyber-espionage group tracked as APT10 has added two new loaders to its arsenal and used it against government and private organizations in Southeast Asia. The group […] | Malware | APT 10 | |
|
2019-05-27 16:53:02 | BlueKeep scans observed from exclusively Tor exit nodes (lien direct) | GreyNoise experts detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability from exclusively Tor exit nodes. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS vulnerability dubbed BlueKeep that can be exploited to carry out WannaCry-like attack. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that it can […] | Vulnerability | Wannacry | |
|
2019-05-27 12:39:04 | Crooks leverages .htaccess injector on Joomla and WordPress sites for malicious redirects (lien direct) | Security researchers are monitoring a new hacking campaign aimed at Joomla and WordPress websites, attackers used .htaccess injector for malicious redirect. Researchers at Sucuri are warning Joomla and WordPress websites admins of malicious hypertext access (.htaccess) injector found on a client website. The website was used by attackers to redirect traffic to advertising sites that […] | |||
|
2019-05-27 08:14:03 | First American Financial exposed 16 years\' worth of personal and financial documents (lien direct) | The US real-estate insurance biz, First American Financial, accidentally leaked customers’ highly personal files online, hundreds of millions of documents. The US real-estate insurance company First American Financial Corp. accidentally leaked hundreds of millions of documents. The company has more than 18,000 employees and brought in more than $5.7 billion in 2018. Roughly 885 million insurance-related documents […] | |||
|
2019-05-27 04:24:04 | (Déjà vu) Hacker breached Perceptics, a US maker of license plate readers (lien direct) | Perceptics, a maker of vehicle license plate scanning solutions used in the US, has been hacked, attackers stole data and offered for free on the dark web. Perceptics is a leader in license plate readers (LPRs), license plate recognition systems and vehicle identification products. The company was hacked and attackers stole data and offered business […] | Guideline | ||
|
2019-05-26 14:07:03 | Sectigo says that most of certificates reported by Chronicle analysis were already revoked (lien direct) | According to Sectigo, most of the certificates used to sign the malware submitted to VirusTotal and issued by the company were expired and were already revoked. This week experts at Chronicle published a study on signed malware registered on VirusTotal that states that most of the digital certificates used to sign malware samples found on […] | Malware | ||
|
2019-05-26 12:39:00 | (Déjà vu) Security Affairs newsletter Round 215 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Dutch intelligence investigate alleged Huawei 'backdoor Salesforce […] | |||
|
2019-05-26 09:41:04 | Remarks on NATO and its approach to the cyber offensive (lien direct) | This week NATO Secretary General Jens Stoltenberg explained during a conference at the Cyber Defence Pledge conference in London how the Alliance is countering cyber threats. This week during the Cyber Defence Pledge conference in London, NATO Secretary General Jens Stoltenberg explained how the Alliance is countering cyber threats. Stoltenberg declared that NATO is pushing […] | |||
|
2019-05-26 08:09:04 | Police seized Bestmixer, the mixing service washed at least $200 million in a year (lien direct) | European law enforcement seized and shut down Bestmixer.io for reportedly laundering over $200 million in cryptocurrency. This week the Europol has dealt another blow to cybercrime, the European police along with the Dutch Fiscal Information and Investigation Service (FIOD), and Luxembourg authorities shut down Bestmixer.io, on one of the world's leading cryptocurrency mixing services. A […] | Guideline | ||
|
2019-05-25 17:16:05 | Hackers target MySQL databases to deliver the GandCrab ransomware (lien direct) | Security experts at Sophos have detected a wave of attacks targeting Windows servers that are running MySQL databases with the intent of delivering the GandCrab ransomware Sophos researchers have observed a wave of attacks targeting Windows servers that are running MySQL databases, threat actors aim at delivering the GandCrab ransomware. This is the first time […] | Ransomware Threat | ||
|
2019-05-25 12:02:02 | 0patch issued a micropatch to address the BlueKeep flaw in always-on servers (lien direct) | 0patch, released a security patch to address the BlueKeep vulnerability, that can be deployed by administrators to protect always-on servers. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS vulnerability dubbed BlueKeep that can be exploited to carry out WannaCry-like attack. The issue is a remote code execution flaw in Remote Desktop […] | Vulnerability | Wannacry | |
|
2019-05-25 06:13:01 | GitHub introduces new tools and security features to secure code (lien direct) | GitHub announced the introduction of several new tools and security features to help developers secure their code. The popular code repository hosting service GitHub continues its efforts in helping its customers in developing and maintaining a secure code. “Ninety-nine percent of new software projects depend on open source code. This extensive code reuse helps everyone […] | |||
|
2019-05-25 05:25:04 | Snapchat staff used internal tools to spy on users (lien direct) | Snapchat internal staff has allegedly abused their role in the company to spy on Snapchat users using and internal tools and steal data. Snapchat is a multimedia messaging app that makes pictures, videos, and messages (snaps) available for a short time before they become inaccessible to their recipients. Initially, it was only allowing person-to-person photo sharing, but now […] | |||
|
2019-05-24 20:01:04 | How Hackers Access Direct Deposit Paycheck - And What to Do About It (lien direct) | Getting your paycheck deposited directly into your bank account seems like a handy solution but in some cases. hackers can access them. Getting your paycheck deposited directly into your bank account seems like a handy solution because you don’t have to pick up the check from your workplace and take it to the bank to […] | |||
|
2019-05-24 14:11:02 | (Déjà vu) US DoJ\'s superseding indictment charges Assange with violating Espionage Act (lien direct) | The United States Department of Justice charges WikiLeaks founder Julian Assange with 18 counts on the alleged violation of the Espionage Act. A federal grand jury returned an 18-count superseding indictment that charges WikiLeaks founder Julian Assange with counts related to illegally obtaining and disclosing classified information. British authorities arrested Assange on April 11 at the […] | |||
|
2019-05-24 10:48:05 | Chronicle\'s study reveals CAs that issued most certificates to sign malware samples on VirusTotal (lien direct) | Most of the digital certificates used to sign malware samples found on VirusTotal have been issued by the Certificate Authority (CA) Comodo CA. Most of the digital certificates used to sign malware samples found on VirusTotal in 2018 have been issued by the Certificate Authority (CA) Comodo CA (aka Sectigo). Chronicle's security researchers have analyzed […] | Malware | ||
|
2019-05-24 08:14:03 | Facebook says it took down 2.19 billion accounts in Q1 2019 (lien direct) | Social network giant Facebook revealed it recently disabled billions of accounts operated by “bad actors” and that five percent of active accounts are fake. The news is disconcerting, but sincerely not so surprising, Facebook announced it recently disabled billions of accounts operated by “bad actors” and that five percent of its active accounts are fake. […] | |||
|
2019-05-23 20:40:03 | UK provided evidence to 16 NATO allies of Russia hacking campaigns (lien direct) | UK Government has provided to 16 NATO allies evidence of malicious Russia ‘s cyber activity in their countries over the last 18 months. According to the foreign minister Jeremy Hunt, the UK Government has provided to 16 NATO allies evidence of cyber attacks carried out by Russia against their countries over the last 18 months. […] | |||
|
2019-05-23 14:26:01 | Tor Browser for Android is available through the Play Store (lien direct) | Tor Browser for Android is now available on the Play Store, this is a great result for experts that everyday fight to defend human rights and privacy online. The Tor Project announced on Tuesday that the Tor Browser version Tor Browser 8.5 for Android is finally available on the Google Play Store. “Tor Browser 8.5 […] | |||
|
2019-05-23 10:55:02 | Anonymous and LulzSec target the Italian Police and doctors (lien direct) | In the last 10 days, the collectives of Anonymous and LulzSec continued their operations carrying out several cyber attacks. The main objectives of the attacks carried out by Anonymous and LulzSec ITA were the Italian doctors and the Law enforcement agencies Forces, in particular, the Police and the Carabinieri. They protest against the abuses the […] | |||
|
2019-05-23 10:17:04 | Playing Cat and Mouse: Three Techniques Abused to Avoid Detection (lien direct) | The experts at Yoroi-Cybaze Zlab described three techniques commonly implemented by threat actors to avoid detection. Introduction During our analysis we constantly run into the tricks cyber-attackers use to bypass companies security defences, sometimes advanced, others not. Many times, despite their elegance (or lack of it), these techniques are effective and actually help the cyber […] | Threat | ||
|
2019-05-23 09:43:04 | SandboxEscaper disclosed 3 Microsoft zero-day flaws in 24 hours (lien direct) | Yesterday SandboxEscaper publicly disclosed a Windows zero-day vulnerability, now she disclosed other two unknown issues in less than 24 hours. Just Yesterday, the popular developer SandboxEscaper publicly disclosed a Windows zero-day vulnerability in the Task Manager, now in less than 24 hours the revealed two more unpatched Microsoft zero-day flaws. The two new zero-day issues […] | Vulnerability | ||
|
2019-05-22 22:10:02 | Emsisoft released a free Decrypter for the GetCrypt ransomware (lien direct) | For the second time in a few days, experts at Emsisoft released a free decrypter, this time to help victims of the GetCrypt ransomware. Security experts at Emsisoft released a new decrypted in a few days, it could be used for free by victims of the GetCrypt ransomware to decrypt their files encrypted by the malware. The […] | Ransomware | ||
|
2019-05-22 20:55:03 | ActiveX Controls in South Korean websites are affected by critical flaws (lien direct) | Security experts discovered tens of critical vulnerabilities were found in 10 South Korean ActiveX controls as part of a short research project. Security researchers at Risk Based Security have discovered tens of critical vulnerabilities in 10 South Korean ActiveX controls as part of a research project. The experts discovered that many South Korean websites still […] | |||
|
2019-05-22 14:01:00 | G Suite users\' passwords stored in plain-text for more than 14 years (lien direct) | Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them. The news is disconcerting, Google has accidentally stored the passwords of the G Suite users in plain-text for 14 years, this means that every employee in the company was able to access them. According […] | |||
|
2019-05-22 08:10:03 | SandboxEscaper is back with a new Windows Zero-Day in Task Scheduler (lien direct) | SandboxEscaper is back with a new Windows Zero-Day in Win 10 Task Scheduler The developer SandboxEscaper makes the line again, this time he publicly released the exploit code for a Windows zero-day that affect the Windows 10 Task Scheduler. Since August 2018, the expert already revealed other four Windows zero-day vulnerabilities without reporting them to […] |
To see everything:
Our RSS (filtrered)
