What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-31 14:29:28 | Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers (lien direct) | Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that runs on carrier-grade routers. Cisco IOS XR […] | Vulnerability Threat | ||
|
2020-08-31 12:40:57 | Qbot uses a new email collector module in the latest campaign (lien direct) | QBot Trojan operators are using new tactics in their campaign to hijack legitimate email conversations to steal sensitive data from the victims. Researchers from Check Point are warning of a new trend observed in QBot Trojan campaign targeting Microsoft Outlook users, QBot Trojan operators are using new tactics to hijack legitimate email conversations and steal […] | |||
|
2020-08-31 07:32:30 | Google removed malicious Terracotta apps from the Play Store (lien direct) | Researchers from White Ops discovers several Android apps in the official Play store which installed on users’ mobile devices the Terracotta ad fraud malware. Researchers from security firm White Ops discovered several Android apps in the official Play Store that installed a hidden browser to load pages containing ad and commit ad fraud. The company […] | |||
|
2020-08-30 16:55:39 | US DoJ wants the funds stored by North Korea in 280 BTC and ETH (lien direct) | US DoJ filed a civil forfeiture complaint to seize 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korea-linked hackers The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns […] | |||
|
2020-08-30 13:09:17 | (Déjà vu) Emotet botnet has begun to use a new \'Red Dawn\' template (lien direct) | In August, the Emotet botnet operators switched to a new template, named ‘Red Dawn,’ for the malicious attachments employed in new campaigns. The notorious Emotet went into the dark since February 2020, but after months of inactivity, the infamous trojan has surged back in July with a new massive spam campaign targeting users worldwide. The Emotet banking trojan […] | Spam | ||
|
2020-08-30 11:29:55 | Security Affairs newsletter Round 279 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A Google Drive weakness could allow attackers to serve malware Adobe released open- source tool Stringlifier to identify randomly generated strings Canadian delivery company Canpar Express suffered a ransomware attack […] | Ransomware Malware Tool | ||
|
2020-08-30 09:05:25 | Malicious npm package \'fallguys\' removed from the official repository (lien direct) | The npm security team removed a malicious JavaScript library from the npm repository that was designed to steal sensitive files from the victims. The npm security team has removed the JavaScript library “fallguys” from the npm portal because it was containing a malicious code used to steal sensitive files from an infected users’ browser and […] | |||
|
2020-08-29 18:52:41 | North Korea-linked APT group BeagleBoyz targets banks (lien direct) | North Korea-linked APT group BeagleBoyz intensified its operations since February, US CISA, Department of the Treasury, FBI, and USCYBERCOM warn. According to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM) North Korea-linked APT group BeagleBoyz […] | |||
|
2020-08-29 16:35:17 | FBI warns of an increase in online romance scams (lien direct) | The FBI is warning of online romance scams and related financial losses, overall losses associated with those complaints exceeded $475 million. The Federal Bureau of Investigation warns of online romance scams (also known as confidence fraud), an ongoing criminal activity that continues to cause large financial losses along with emotional effects with unpredictable consequences. Crooks […] | |||
|
2020-08-29 13:55:36 | Experts demonstrate the PIN is useless in EMV contactless transactions (lien direct) | Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that can allow bypassing PIN verification Researchers David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich discovered multiple vulnerabilities in the implementation of the payment card EMV standard that allow hackers to […] | |||
|
2020-08-28 20:36:08 | Former Cisco employee pleads guilty to hacking, damaging company systems (lien direct) | A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announced […] | Guideline | ||
|
2020-08-28 15:33:29 | Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn (lien direct) | The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying […] | Conference | APT 35 | |
|
2020-08-28 12:08:28 | (Déjà vu) Elon Musk confirms that Russian hackers tried to recruit Tesla employee to plant a malware (lien direct) | Elon Musk confirmed that Russian hackers attempted to recruit an employee to install malware into the network of electric car maker Tesla. Recently US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August […] | Malware | ||
|
2020-08-28 09:06:47 | Lemon_Duck cryptomining malware evolves to target Linux devices (lien direct) | A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. The new variant also exploits SMBGhost bug in Windows systems, and is also able to target servers running Redis […] | Malware | ||
|
2020-08-28 07:59:21 | Cisco addresses ten high-risk issues in NX-OS software (lien direct) | Cisco addressed ten high-risk vulnerabilities in NX-OS software, including some issues that could lead to code execution and privilege escalation. Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS […] | Guideline | ||
|
2020-08-27 21:07:17 | Group with numerous faces: chronicle of UltraRank\'s deceptive JS-sniffer campaigns (lien direct) | Group-IB security researchers provide evidence linking three campaigns with the use of various JS-sniffer families. Singapore – Group-IB, a global threat hunting and intelligence company headquartered in Singapore, today released its analytical report “UltraRank: the unexpected twist of a JS-sniffer triple threat.” In its report, Group-IB Threat Intelligence experts provide evidence linking three campaigns with the use of various JavaScript-sniffer families […] | Threat | ||
|
2020-08-27 20:14:15 | Experts hacked 28,000 unsecured printers to raise awareness of printer security issues (lien direct) | Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security Original post: https://cybernews.com/security/we-hacked-28000-unsecured-printers-to-raise-awareness-of-printer-security-issues/ Most of us already know the importance of using antivirus, anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Printers? Not so much. We at CyberNews […] | |||
|
2020-08-27 17:57:20 | 350 million decrypted email addresses left exposed on an unsecured server (lien direct) | Experts found an unsecured data bucket containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. Original post at: https://cybernews.com/security/350-million-email-addresses-left-exposed-on-an-unsecured-server/ The CyberNews research team uncovered an unsecured data bucket owned by an unidentified party, containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. The massive trove […] | |||
|
2020-08-27 17:42:00 | Anubis, a new info-stealing malware spreads in the wild (lien direct) | Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Anubis is the name of an Android malware […] | Malware | ||
|
2020-08-27 15:44:06 | REvil ransomware operators breached healthcare org Valley Health Systems (lien direct) | REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. Healthcare organizations are a privileged target of […] | Ransomware | ||
|
2020-08-27 11:21:18 | New Zealand stock exchange (NZX) halted 2 days by DDoS attack (lien direct) | New Zealand's stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days. New Zealand's stock exchange (NZX) has been hit by distributed denial-of-service (DDoS) attacks that took it offline for two days, trading activity was interrupted until the connectivity was restored. According […] | |||
|
2020-08-27 09:32:08 | Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere (lien direct) | Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security […] | Guideline | ||
|
2020-08-26 23:40:16 | FBI arrested a Russian national for recruiting employee of US firm to plant malware (lien direct) | FBI authorities arrested a Russian national in the U.S. after attempting to recruit an employee at a targeted company to plant a malware. US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August […] | Malware | ||
|
2020-08-26 14:21:41 | Hackers for hire group target organizations via 3ds Max exploit (lien direct) | Experts discovered a new hacker hacker-for-hire group that is targeting organizations worldwide with malware hidden inside malicious 3Ds Max plugins. Security researchers from Bitdefender discovered a new hacker group that is currently targeting companies across the world with malware hidden inside malicious 3Ds Max plugins. Autodesk 3ds Max, formerly 3D Studio and 3D Studio Max, […] | Malware | ||
|
2020-08-26 08:06:27 | DeathStalker cyber-mercenary group targets the financial sector (lien direct) | A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. Victim organizations are small and medium-sized businesses located in Argentina, China, Cyprus, India, Israel, […] | |||
|
2020-08-26 06:43:13 | Lazarus APT targets cryptocurrency organizations with using LinkedIn lures (lien direct) | North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide, including in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan. The activity of […] | Medical | APT 38 | |
|
2020-08-25 17:55:55 | Expert discloses unpatched Safari flaw that allows stealing local files (lien direct) | A researcher disclosed technical details of an unpatched vulnerability in Apple's Safari web browser that can be exploited to steal files from the targeted system. An expert disclosed the details of an unpatched vulnerability in Apple's Safari web browser that can be exploited by attackers to steal files from a targeted system. The vulnerability was […] | Vulnerability | ||
|
2020-08-25 08:09:56 | Google Project Zero expert found 3 flaws in Apache Web Server (lien direct) | Administrators of servers running Apache have to update their installs immediately to fix multiple vulnerabilities disclosed by a Google researcher. Apache Foundation released the 2.4.46 version to address three flaws affecting its web server software that could be potentially exploited by attackers, under specific conditions, to execute arbitrary code or to trigger a DoS condition […] | |||
|
2020-08-25 06:58:04 | SourMint SDK used by 1200 iOS apps shows malicious behavior (lien direct) | Experts at security firm Snyk discovered a malicious behavior in an advertising SDK that is used in more than 1,200 iOS apps available in the Apple App Store. Experts at security firm Snyk discovered a malicious behavior in the advertising SDK SourMint developed by Mintegral, a China-based mobile advertising platform provider. The Mintegral SDK is […] | |||
|
2020-08-24 22:57:43 | Dark web Empire Market still down after 3 days. DDoS attack or exit scam? (lien direct) | The dark web marketplace Empire Market has been down for at least 3 days, two of the possible reasons, an exit scam or a prolonged DDoS attack. The popular dark web site Empire Market has been down for at least 60 hours, it hasn't been down for so long since 2019. The cause is still […] | |||
|
2020-08-24 15:43:24 | Canadian delivery company Canpar Express suffered a ransomware attack (lien direct) | A ransomware attack hit TFI International's four Canadian courier divisions last week, Canpar Express, ICS Courier, Loomis Express and TForce Integrated Solutions. A couple of days after the transportation and logistics TFI International company raised millions of dollars in a share offering, the news of a ransomware attack against its four Canadian courier divisions (Canpar Express, […] | Ransomware | ||
|
2020-08-24 14:26:31 | Cybercriminal greeners from Iran attack companies worldwide for financial gain (lien direct) | Group-IB has detected financially motivated attacks carried out in June by newbie threat actors from Iran. The attackers used Dharma ransomware and a mix of publicly available tools to target companies in Russia, Japan, China, and India. All the affected organizations had hosts with Internet-facing RDP and weak credentials. The hackers typically demanded a ransom between 1-5 […] | Threat | ||
|
2020-08-24 08:04:57 | Grandoreiro campaign impersonates Spanish Agencia Tributaria (lien direct) | Operators of Grandoreiro Latin American banking trojan have launched a new campaign using emails posing as the Agencia Tributaria in order to infect new victims. Operators behind the Grandoreiro banking trojan, which is popular in Latin America, have been using emails posing as the Agencia Tributaria to trick victims into installing the malware. The campaign began […] | |||
|
2020-08-24 06:51:36 | Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months (lien direct) | The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide. The group upgraded its Crimson RAT by adding a management console and implementing a USB worming capability that allows it […] | APT 36 | ||
|
2020-08-23 14:56:11 | A Google Drive weakness could allow attackers to serve malware (lien direct) | A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. enabling bad actors to perform spear-phishing attacks comparatively with a high success […] | Malware Threat | ||
|
2020-08-23 07:54:12 | Security Affairs newsletter Round 278 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Ritz hotel diners were victims of a sophisticated scam Sodinokibi ransomware gang stole 1TB of data from Brown-Forman Texas man sentenced to 57 months for the hacking of a major […] | Ransomware | ||
|
2020-08-23 06:56:08 | Adobe released open- source tool Stringlifier to identify randomly generated strings (lien direct) | Adobe has released an open-source tool, dubbed Stringlifier, that allows users to identify randomly generated strings in any plain text, it can be used to sanitize logs. Adobe has released an open-source tool, dubbed Stringlifier, which was designed to identify randomly generated strings in any plain text. The Stringlifier tool was written in Python and […] | Tool | ||
|
2020-08-22 15:52:41 | ATM vendors Diebold and NCR fixed deposit forgery bugs (lien direct) | The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks The flaws that could have allowed crooks to modify the […] | |||
|
2020-08-22 08:15:04 | Thousands of WordPress WooCommerce stores potentially exposed to hack (lien direct) | Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […] | Hack | ||
|
2020-08-22 08:13:16 | Popular Freepik site discloses data breach impacting 8.3M users (lien direct) | Freepik, one of the most popular online graphic resources sites online has disclosed a security breach that impacted 8.3 Million users. Freepik, the popular website that provides high-quality free photos and design graphics, has disclosed a major security breach that impacted 8.3 Million users. Freepik says that hackers were able to steal emails and password hashes for […] | Data Breach | ||
|
2020-08-22 06:59:36 | Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn (lien direct) | The FBI and CISA issued a joint alert to warn teleworkers of an ongoing vishing campaign targeting entities from multiple US sectors. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries. […] | |||
|
2020-08-21 17:48:00 | Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators (lien direct) | Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen […] | Ransomware Hack Threat | ||
|
2020-08-21 15:55:02 | Mozilla offers rewards for Bypassing Firefox Exploit Mitigations (lien direct) | Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Mozilla announced this week that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features, and defense-in-depth measures implemented in the Firefox […] | |||
|
2020-08-21 07:19:50 | University of Utah pays a $457,000 ransom to ransomware gang (lien direct) | The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social […] | Ransomware | ||
|
2020-08-21 06:50:52 | Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws (lien direct) | Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access. Both vulnerabilities were addressed by Microsoft in August, […] | |||
|
2020-08-20 22:03:34 | Google fixed email spoofing flaw 7 hours after public disclosure (lien direct) | Google addressed an email spoofing vulnerability affecting Gmail and G Suite a few hours after it was publicly disclosed. Google addressed an email spoofing vulnerability affecting its Gmail and G Suite products a few hours after it was publicly disclosed, but the IT giant was ware of the flaw since April. On Wednesday, the researcher […] | Vulnerability | ||
|
2020-08-20 17:52:14 | Shared memory flaw in IBM Db2 can lead to Information Disclosure (lien direct) | IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […] | Vulnerability Guideline | ||
|
2020-08-20 16:04:43 | CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack (lien direct) | Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […] | Hack Vulnerability | ||
|
2020-08-20 08:03:58 | Experian South Africa discloses data breach, 24 million customers impacted (lien direct) | The South African branch of consumer credit reporting agency Experian disclosed a data breach that impacted 24 million customers. The South African branch of consumer credit reporting agency Experian disclosed this week a data breach that impacted 24 million customers. The company revealed that only personal information was exposed in the data breach, no financial […] | Data Breach | ||
|
2020-08-20 06:50:46 | (Déjà vu) CISA\'s MAR warns of North Korean BLINDINGCAN RAT (lien direct) | US CISA published an alert related to a new North Korean malware, dubbed BLINDINGCAN, used in attacks on the US defense and aerospace sectors. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) that includes technical details about a new strain of malware, tracked as BLINDINGCAN, that was attributed […] | Malware |
To see everything:
Our RSS (filtrered)
