What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-19 17:54:59 | Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked (lien direct) | Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. According to a top Taiwan cyber official, the attacks are part of a cyber espionage campaign. […] | |||
|
2020-08-19 16:10:50 | FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH (lien direct) | Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance […] | |||
|
2020-08-19 07:42:42 | Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018 (lien direct) | The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoft's August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […] | Vulnerability | ||
|
2020-08-19 06:35:15 | A flaw in Concrete5 CMS could have allowed website takeover (lien direct) | A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. Concrete5 is an open-source content management system (CMS) designed for ease of use, for users with a minimum of technical […] | Vulnerability | ||
|
2020-08-18 17:55:05 | Critical flaw in Jenkins Server can cause information disclosure (lien direct) | A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […] | Vulnerability | ||
|
2020-08-18 14:54:11 | Ukraine police and Binance dismantled a cyber gang behind $42M money laundering (lien direct) | Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. According to the Ukrainian officials, the cryptocurrency exchanges allowed crooks […] | |||
|
2020-08-18 08:21:25 | Cruise line operator Carnival Corporation suffers a ransomware attack (lien direct) | The world’s largest cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. Cruise line operator Carnival Corporation has disclosed that one of their brands was hit with a ransomware attack over the past weekend. Carnival Corporation & plc is a British-American cruise operator, currently […] | Ransomware | ||
|
2020-08-18 07:01:12 | TeamTNT is the first cryptomining bot that steals AWS credentials (lien direct) | Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since […] | Malware | ||
|
2020-08-17 16:31:51 | CISA warns of phishing attacks delivering KONNI RAT (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert related to attacks delivering the KONNI remote access Trojan (RAT). The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT). The KONNI RAT was first discovered […] | |||
|
2020-08-17 15:11:48 | Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say (lien direct) | The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. The hackers targeted the GCKey service with credential stuffing attacks, the service […] | |||
|
2020-08-17 08:12:48 | Technology giant Konica Minolta hit by a ransomware attack (lien direct) | IT giant Konica Minolta was hit with a ransomware attack at the end of July, its services have been impacted for almost a week. A ransomware attack has impacted the services at the business technology giant Konica Minolta for almost a week, the attack took place at the end of July. Konica Minolta is a […] | Ransomware | ||
|
2020-08-17 06:53:04 | The Australian government wants to respond to attacks on critical infrastructure (lien direct) | The Australian government aims at giving itself the power to manage the response of private enterprises to cyber attacks on critical infrastructure. The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them. According to a Consultation Paper […] | |||
|
2020-08-16 23:06:57 | Ritz hotel diners were victims of a sophisticated scam (lien direct) | Guests at the luxury Ritz hotel in London have been victims of “extremely convincing” scammers who posed as hotel staff to steal payment card details. Clients having dinner at the luxury Ritz hotel in London have been targeted by “extremely convincing” scammers who posed as hotel staff to steal payment card details. The crooks phoned […] | |||
|
2020-08-16 13:26:41 | Security Affairs newsletter Round 277 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Homoglyph attacks used in phishing campaign and Magecart attacks Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated US OCC imposed an $80 Million fine to Capital One for 2019 […] | Hack | ||
|
2020-08-16 08:16:04 | Texas man sentenced to 57 months for the hacking of a major tech firm in New York (lien direct) | A 31-year-old man from Dallas, Texas, was sentenced last week to 57 months in prison for crimes related to the hacking of a major tech firm in New York. Tyler C. King (31), from Dallas, Texas, was sentenced to 57 months in prison for crimes related to the hacking of an unnamed major tech company […] | |||
|
2020-08-16 06:51:40 | Sodinokibi ransomware gang stole 1TB of data from Brown-Forman (lien direct) | Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Threat actors claim to have […] | Ransomware Threat | ||
|
2020-08-15 17:56:03 | Emotet malware employed in fresh COVID19-themed spam campaign (lien direct) | The Emotet malware has begun to spam COVID19-themed emails to U.S. businesses after not being active for most of the USA pandemic. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. businesses. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were […] | Spam Malware | ||
|
2020-08-15 15:52:30 | PoC exploit code for two Apache Struts 2 flaws available online (lien direct) | Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […] | |||
|
2020-08-15 07:04:49 | XCSSET Mac spyware spreads via Xcode Projects (lien direct) | A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The first zero-day issue is used to steal cookies via […] | Ransomware Malware | ||
|
2020-08-14 17:39:50 | (Déjà vu) North Korea\'s Lazarus compromised dozens of organizations in Israel (lien direct) | Since January 2020, the North Korea-linked Lazarus APT has successfully compromised dozens of organizations in Israel and other countries. The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country's defence manufacturers. According to the officials, the attack was launched by “an […] | Threat | APT 38 | |
|
2020-08-14 15:07:49 | (Déjà vu) Threat Report Portugal: Q2 2020 (lien direct) | The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution […] | Threat | ||
|
2020-08-14 08:01:32 | Maze ransomware gang leaked Canon USA\'s stolen files (lien direct) | Maze ransomware operators have leaked online the unencrypted files allegedly stolen from Canon during a recent ransomware attack. According to an internal memo obtained by ZDNet last week, the recent outage suffered by Canon was caused by a ransomware attack, at the same time Maze ransomware operators were taking the credit for the incident. The memo […] | Ransomware | ||
|
2020-08-14 07:47:13 | Chinese APT CactusPete targets military and financial orgs in Eastern Europe (lien direct) | China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. A China-linked APT group, tracked by Kaspersky as CactusPete (aka Karma Panda or Tonto Team), was observed using an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The […] | Threat | ||
|
2020-08-14 06:47:45 | Threat actor leaked data for U.S. gun exchange site on hacking forum (lien direct) | A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. He claims the databases contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video […] | Threat | ||
|
2020-08-13 18:07:18 | FBI and NSA joint report details APT28\'s Linux malware Drovorub (lien direct) | The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub, allegedly employed by Russia-linked the APT28 group. The name […] | Malware | APT 28 | |
|
2020-08-13 15:50:21 | Microsoft failed to fix LSASS elevation of privilege flaw (lien direct) | Microsoft did not properly address an elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS). Google Project Zero researcher who discovered the elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS) warn that Microsoft did not properly address it. “An elevation of privilege vulnerability exists […] | Vulnerability | ||
|
2020-08-13 08:22:03 | Rent a hacker: Group-IB uncovers corporate espionage group RedCurl (lien direct) | Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. In less than three years, RedCurl […] | Threat | ||
|
2020-08-13 08:10:17 | Israel announced to have foiled an attempted cyber-attack on defence firms (lien direct) | Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. According to the officials, the attack […] | Threat | ||
|
2020-08-13 06:51:07 | Threat actors managed to control 23% of Tor Exit nodes (lien direct) | A security researcher has discovered that a threat actor controlled roughly 23% of the Tor network's exit nodes. A security researcher named Nusenu revealed that in May a malicious controlled roughly 23% of the entire Tor network's exit nodes. Experts warn that this was the first time that a single actor controlled such a large […] | Threat | ||
|
2020-08-12 15:56:05 | SANS Institute Email Breach – 28,000 User Records exposed (lien direct) | The SANS Institute suffered a data breach, 28,000 user records containing personally identifiable information (PII) were exposed. On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. The SANS […] | |||
|
2020-08-12 15:13:44 | Agent Tesla includes new password-stealing capabilities from browsers and VPNs (lien direct) | Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Researchers from SentinelOne discovered new variants of the popular Agent Tesla Trojan that includes new modules to steal credentials from applications including popular web browsers, VPN software, as […] | |||
|
2020-08-12 08:08:00 | City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack (lien direct) | The City of Lafayette, Colorado, USA, has been forced to pay $45,000 because they were unable to restore necessary files from backup. On July 27th, the systems at the City of Lafayette, Colorado, were infected with ransomware, the malicious code impacted phone services, email, and online payment reservation systems. The City did not immediately disclose […] | |||
|
2020-08-12 07:22:11 | Citrix fixed flaws in XenMobile that will be likely exploited soon (lien direct) | Citrix addressed multiple vulnerabilities in Citrix Endpoint Management (XenMobile) that can be exploited by an attacker to gain administrative privileges on affected systems. The Citrix Endpoint Management (CEM), formerly XenMobile, is software that provides mobile device management (MDM) and mobile application management (MAM). The vulnerabilities that impacted the Citrix XenMobile were tracked as CVE-2020-8208, CVE-2020-8209, […] | |||
|
2020-08-12 07:02:36 | (Déjà vu) Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days (lien direct) | Microsoft August 2020 Patch Tuesday updates addressed 120 vulnerabilities, including two zero-days that have been exploited in attacks. Microsoft August 2020 Patch Tuesday updates have addressed 120 flaws, including two zero-day vulnerabilities that have been exploited in attacks in the wild. The two issues are a Windows spoofing bug and a remote code execution flaw […] | |||
|
2020-08-11 17:33:39 | Adobe Acrobat and Reader affected by critical flaws (lien direct) | Adobe has released security updates to address twenty-six vulnerabilities in the Adobe Acrobat, Reader, and Lightroom products. Adobe has released security updates to address tens of vulnerabilities in Adobe Acrobat, Reader, and Lightroom products. Eleven out of twenty-six flaws are rated as ‘Critical’ because they could be exploited by attackers to remotely execute arbitrary code […] | |||
|
2020-08-11 15:18:16 | Flaws in \'Find My Mobile\' exposed Samsung phones to hack (lien direct) | A researcher found multiple flaws in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. The security researcher Pedro Umbelino from Portugal-based cybersecurity services provider Char49 discovered multiple vulnerabilities in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy […] | Hack | ||
|
2020-08-11 08:16:32 | Avaddon ransomware operators have launched their data leak site (lien direct) | Avaddon ransomware operators, like other cybercrime groups, decided to launch a data leak site where publish data of victims who refuse to pay a ransom demand. Avaddon ransomware operators announced the launch of their data leak site where they will publish the data stolen from the victims who do not pay a ransom demand. The […] | Ransomware | ||
|
2020-08-11 08:14:27 | Researcher discloses exploit code for a vBulletin zero-day (lien direct) | A researcher published details and proof-of-concept exploit code for a zero-day RCE vulnerability in the popular forum CMS vBulletin. The researcher Amir Etemadieh has published technical details and proof-of-concept exploit code for a zero-day remote code execution vulnerability in vBulletin, the popular forum software. The new vulnerability is a bypass for a the security patch […] | Vulnerability | ||
|
2020-08-11 07:01:46 | TeamViewer flaw can allow hackers to steal System password (lien direct) | A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability (CVE 2020-13699), that could be exploited by remote attackers to steal system password and potentially compromise it. TeamViewer is a popular software application for remote control, […] | Vulnerability | ★★★ | |
|
2020-08-10 14:58:32 | Nefilim ransomware operators claim to have hacked the SPIE group (lien direct) | Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services. The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to […] | Ransomware Threat Guideline | ||
|
2020-08-10 08:02:11 | NCSC Director warns of interference on elections tied to Russia, China, Iran (lien direct) | The Director of the U.S. National Counterintelligence and Security Center (NCSC) shared info on attempts of influence 2020 U.S. elections. The Director of the U.S. National Counterintelligence and Security Center (NCSC) William Evanina shared information on ongoing operations aimed at influencing the 2020 U.S. elections. “Many foreign actors have a preference for who wins the election, which they express through a […] | |||
|
2020-08-10 07:56:50 | INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL (lien direct) | The list of sites blocked in MYANMAR includes many websites that did not fall under the categories adult content or fake news Original post at: https://www.qurium.org/alerts/myanmar/internet-blocking-in-myanmar-secret-block-list-and-no-means-to-appeal In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; […] | |||
|
2020-08-10 07:00:30 | Spying on satellite internet comms with a $300 listening station (lien direct) | An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference, explained that satellite internet communications are susceptible to eavesdropping and signal interception. Attackers could use cheap equipment like a basic home-television gear that goes from […] | |||
|
2020-08-09 17:30:01 | Security Affairs newsletter Round 276 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account FBI issued a flash alert about Netwalker ransomware attacks Garmin allegedly paid for a decryptor for WastedLocker […] | Ransomware | ||
|
2020-08-09 15:40:50 | US OCC imposed an $80 Million fine to Capital One for 2019 hack (lien direct) | US Office of the Comptroller of the Currency (OCC) regulator has fined the credit card provider Capital One Financial Corp with $80 million over 2019 data breach. The US Office of the Comptroller of the Currency (OCC) has imposed an $80 million fine to the credit card provider Capital One Financial Corp over 2019 data breach. Capital One, one of […] | Hack | ||
|
2020-08-09 08:18:06 | Homoglyph attacks used in phishing campaign and Magecart attacks (lien direct) | Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. The hackers targeted visitors of several sites using typo-squatted domain names, and modified favicons […] | |||
|
2020-08-09 06:58:27 | Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated (lien direct) | Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. A team of Chinese experts from Sky-Go, the Qihoo 360 division focused on car hacking, discovered 19 vulnerabilities in a Mercedes-Benz E-Class, including some issues that can be exploited by attackers to remotely hack a […] | Hack | ||
|
2020-08-08 15:53:56 | FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw (lien direct) | According to the FBI, Iranian hackers are actively attempting to exploit an unauthenticated RCE flaw, tracked as CVE-2020-5902, in F5 Big-IP ADC devices. The FBI is warning of Iranian hackers actively attempting to exploit an unauthenticated remote code execution flaw (CVE-2020-5902) affecting F5 Big-IP application delivery controller (ADC) devices. Early June, researchers at F5 Networks […] | |||
|
2020-08-08 07:58:32 | Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks (lien direct) | Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k, a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The Kr00k vulnerability, tracked as CVE-2019-15126, could be exploited by nearby remote attackers […] | |||
|
2020-08-07 22:19:20 | Reddit massive hack: hackers defaced channels with pro-Trump messages (lien direct) | Reddit suffered a massive hack, threat actors compromised tens of Reddit channels and defaced them showing messages in support of Donald Trump’s campaign. Reddit suffered a massive hack, threat actors defaced tens of channel to display messages in support of Donald Trump’s reelection campaign. At the time of writing, the massive hack is still ongoing […] | Hack Threat |
To see everything:
Our RSS (filtrered)
