What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-05-24 20:49:18 | 25 million Mathway user records available for sale on the dark web (lien direct) | A threat actor is offering for sale on a dark web marketplace a database containing 25 million user records belonging to the Mathway. A data breach broker, known as Shiny Hunters, is offering for sale on a dark web marketplace a database that contains 25 million user records for Mathway. Early May, Shiny Hunters attempted to […] | Threat | ||
|
2020-05-24 13:57:09 | (Déjà vu) Unc0ver is the first jailbreak that works on all recent iOS versions since 2014 (lien direct) | A team of hackers and cyber-security researchers have released a new jailbreak package dubbed Unc0ver for iOS devices. A team of cyber-security researchers and hackers have released a new jailbreak package dubbed Unc0ver (from the name of the team that devised it) that works on all recent iOS versions.devices, even those running the current iOS […] | |||
|
2020-05-24 13:00:31 | (Déjà vu) Coronavirus-themed attacks May 17 – May 23, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 17 to May 23, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 19 – Hackers Target Oil Producers During […] | Threat | ||
|
2020-05-24 12:39:10 | Security Affairs newsletter Round 265 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Elexon, a middleman in the UK power grid network hit by cyber-attack Experts reported the hack of several supercomputers across Europe A bug in Edison Mail iOS app impacted over […] | Hack | ||
|
2020-05-24 09:37:42 | Personal details and documents for millions of Indians available in the deep web (lien direct) | Researchers have discovered a dump containing 29.1M Indian jobseekers personal details that was offered for free in the hacking underground. Researchers discovered a dump containing 29.1M Indian jobseekers personal details that was offered for free in the hacking underground. An anonymous entity told Cyble researchers that the data were stored on an unprotected elastic search […] | |||
|
2020-05-24 08:29:33 | (Déjà vu) Online education site EduCBA discloses data breach and reset customers\' pwds (lien direct) | The online education portal EduCBA discloses a data breach and is resetting customers’ passwords in response to the incident. Online education website EduCBA discloses a data breach, it has started notifying customers that in response to the incident it is resetting their passwords. EduCBA is a leading global provider of skill based education with 500,000+ […] | Data Breach Guideline | ||
|
2020-05-23 21:03:10 | Experts observed a spike in COVID-19 related malspam emails containing GuLoader (lien direct) | Security experts observed a spike in the use of the GuLoader since March 2020 while investigating COVID-19-themed malspam campaigns. Researchers from Vipre Labs observed a spike in the use of GuLoader in COVID-19-themed campaign since March 2020. The discovery confirms that crooks continue to use COVID-19 lures in malspam campaigns. In the campaign monitored by […] | |||
|
2020-05-23 17:35:29 | Voter information for 2 millions of Indonesians leaked online (lien direct) | A hacker has leaked the 2014 voter information for close to 2 million Indonesians on a well-known hacker forum and threatens to release 200 million. A threat actor has published the 2014 voter information for close to 2 million Indonesians on a popular hacker forum and threatens to release data for a total of 200 million […] | Threat | ||
|
2020-05-23 14:06:40 | Silent Night Zeus botnet available for sale in underground forums (lien direct) | Experts reported the existence of a botnet, tracked as Silent Night based on the Zeus banking Trojan that is available for sale in several underground forums. This week researchers from Malwarebytes and HYAS published a report that included technical details on a recently discovered botnet, tracked as Silent Night, being distributed via the RIG exploit kit and COVID-19 malspam […] | |||
|
2020-05-23 07:35:19 | The Florida Unemployment System suffered a data breach (lien direct) | Officials revealed that the Florida Unemployment System suffered a data breach that impacted some residents who have made unemployment claims. The Florida Department of Economic Opportunity revealed that the Florida Unemployment System suffered a data breach that impacted some residents who have made unemployment claims. It has notified 98 people that have been impacted by […] | Data Breach | ||
|
2020-05-22 15:39:28 | Experts found a Privilege escalation issue in Docker Desktop for Windows (lien direct) | A severe privilege escalation vulnerability, tracked as CVE-2020-11492, has been addressed in the Windows Docker Desktop Service. Cybersecurity researchers from Pen Test Partners publicly disclosed a privilege escalation vulnerability in the Windows Docker Desktop Service. The CVE-2020-11492 issue affects the way the service uses named pipes when communicating as a client to child processes. “Docker Desktop for […] | Vulnerability | ||
|
2020-05-22 13:42:08 | Cyber-Criminal espionage Operation insists on Italian Manufacturing (lien direct) | ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. Introduction During our Cyber Threat Intelligence monitoring we spotted new malicious activities targeting some Italian companies operating worldwide in the manufacturing sector, some of them also part of the automotive production chain. The group behind this activity is […] | Threat | ||
|
2020-05-22 10:11:32 | Microsoft warns of “massive campaign” using COVID-19 themed emails (lien direct) | Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. The messages used weaponized Excel documents, the IT giant observed a spike in the number of […] | |||
|
2020-05-22 07:54:55 | Winnti uses a new PipeMon backdoor in attacks aimed at the gaming industry (lien direct) | The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. The Winnti group was first spotted by Kaspersky […] | Malware | ||
|
2020-05-21 21:42:47 | Santander, one of the biggest European banks, was leaking sensitive data on their website (lien direct) | Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed. Our new research recently discovered a security issue with Santander, the 5th largest bank in Europe and the 16th largest in the world. This Spanish multinational bank controls approximately $1.4 trillion in […] | |||
|
2020-05-21 20:00:15 | (Déjà vu) Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware (lien direct) | Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. Threat actors attempted to exploit a zero-day (CVE-2020-12271) in the Sophos XG firewall to spread ransomware to Windows machines, the good news is that the attack was blocked by a hotfix issued […] | Ransomware Threat | ||
|
2020-05-21 16:27:19 | Meal delivery service Home Chef discloses data breach (lien direct) | Meal delivery service Home Chef has confirmed that it recently suffered a security breach that exposed its customer information. Meal delivery service Home Chef has disclosed a data breach that exposed its customer information. Home Chef also explained that only a portion ot its customers were impacted in the security incident. In early May, Shiny […] | Data Breach | ||
|
2020-05-21 13:55:54 | Tens of thousands Israeli websites defaced (lien direct) | Thousands of Israeli websites have been defaced earlier today, hackers published an anti-Israeli message on their homepage and attempted to implant malicious code. A massive hacking campaign defaced thousands of Israeli websites, attackers published an anti-Israeli message on their homepage and attempted to inject a malware seeking permission to access visitors’ webcams. “Be ready for […] | Malware | ||
|
2020-05-21 11:49:49 | Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia (lien direct) | Cybersecurity researchers uncovered an Iranian cyber espionage campaign conducted by Chafer APT and aimed at critical infrastructures in Kuwait and Saudi Arabia. Cybersecurity researchers from Bitdefender published a detailed report on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. The cyber espionage campaigns were carried out by Iran-linked Chafer […] | Prediction | APT 39 | |
|
2020-05-21 08:45:22 | Japan suspects HGV missile data leak in Mitsubishi security breach (lien direct) | Japan continues to investigate a cyberattack that hit this year Mitsubishi Electric Corp., it suspects a possible leak of data including details of a prototype missile. Japan is still investigating a cyberattack that was disclosed by Mitsubishi Electric Corp. early this year. In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, […] | |||
|
2020-05-20 22:17:11 | VMware fixes CVE-2020-3956 Remote Code Execution issue in Cloud Director (lien direct) | VMware has addressed a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, that affects its Cloud Director product. VMware has patched a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, in its Cloud Director product. The vulnerability is a code injection issue that could be exploited by an authenticated attacker to send malicious traffic to […] | Vulnerability | ||
|
2020-05-20 17:07:29 | Adobe fixed several memory corruption issues in some of its products (lien direct) | Adobe addressed multiple memory corruption vulnerabilities, including one that allows arbitrary code execution, in several of its products. Adobe addressed multiple memory corruption vulnerabilities in several of its products, including an arbitrary code execution. The issues affect Character Animation, Premiere Rush, Premiere Pro, and Audition, they were reported to Adobe by researcher Mat Powell of […] | |||
|
2020-05-20 14:46:16 | Israel is suspected to be behind the cyberattack on Iranian port (lien direct) | Israel is likely behind the recent cyberattack which disrupted some operations at Iran's Shahid Rajaei Port, located near the Strait of Hormuz. A couple of weeks ago, Iranian officials announced that hackers damaged a small number of systems at the port of Shahid Rajaei in the city of Bandar Abbas. Bandar Abbas is the capital of Hormozgān […] | |||
|
2020-05-20 11:45:12 | Researchers disclose five Microsoft Windows zero-days (lien direct) | Security experts have disclosed five unpatched vulnerabilities in Microsoft Windows, four of which rated as high-risk severity. Security experts from Trend Micro's Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows. Four vulnerabilities are classified as high-risk severity, three of them are zero-day vulnerabilities tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915. The flaws […] | |||
|
2020-05-20 09:03:30 | Three flaws in Nitro Pro PDF reader expose businesses to hack (lien direct) | Two vulnerabilities in the Nitro Pro PDF editor could be exploited by threat actors to execute code remotely on vulnerable hosts. Security experts from Cisco Talos have discovered three vulnerabilities in the Nitro Pro PDF editor, two of which rated as critical (CVSS score of 8.8) could be exploited by attackers for remote code execution. Nitro […] | Hack Threat | ||
|
2020-05-20 07:45:21 | (Déjà vu) Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials (lien direct) | The Ukrainian Secret Service (SSU) has arrested a hacker known as Sanix, who was selling billions of stolen credentials on hacking forums and Telegram channels. The popular hacker Sanix has been arrested by the Ukrainian Secret Service (SSU). The man is known in the cybercrime underground for selling billions of stolen credentials. The officials did […] | |||
|
2020-05-19 22:04:23 | Bluetooth BIAS attack threatens billions of devices (lien direct) | Boffins disclosed a security flaw in Bluetooth, dubbed BIAS, that could potentially be exploited by an attacker to spoof a remotely paired device. Researchers from École Polytechnique Fédérale de Lausanne (EPFL) discovered a vulnerability in Bluetooth, dubbed Bluetooth Impersonation AttackS or BIAS, that could potentially be exploited by an attacker to spoof a remotely paired device. The issue potentially impact […] | Vulnerability | ||
|
2020-05-19 14:59:12 | Easyjet hacked: 9 million customer\'s data exposed along with 2,200+ credit card details (lien direct) | British airline EasyJet announced it was the victim of a “highly sophisticated” cyber attack that exposed email addresses and travel details of around 9 million of its customers. British airline EasyJet announced that a “highly sophisticated” cyber-attack exposed email addresses and travel details of around 9 million of its customers. “Following discussions with the Information Commissioner’s Office (“ICO”), the […] | |||
|
2020-05-19 11:30:57 | Australian product steel producer BlueScope hit by cyberattack (lien direct) | The Australian flat product steel producer BlueScope Steel Limited was hit by a cyberattack that caused disruptions to some of its operations. Australian steel producer BlueScope was recently hit by a cyberattack that disrupted some of its operations. The incident was spotted on Friday at one of its businesses located in the US, but the company did […] | |||
|
2020-05-19 10:01:00 | Hackers Target Oil Producers During COVID-19 Slump (lien direct) | Recent research shows that the oil industry - already experiencing difficulties due to COVID-19 - must remain abreast of threats to stay safe from hackers. Spear-phishing is a rapidly emerging threat. It’s more specific than generic phishing attempts and often targets a single person or company. Recent research shows that the oil industry - already […] | |||
|
2020-05-19 08:50:41 | Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways (lien direct) | Experts from Palo Alto Networks discovered that the Mirai and Hoaxcalls botnets are targeting a vulnerability in legacy Symantec Web Gateways. Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. “I recently came across new […] | Vulnerability | ||
|
2020-05-19 07:52:05 | (Déjà vu) 129 million records of Russian car owners available on the dark web (lien direct) | A hacker is offering for sale on a dark web forum a database containing 129 million records of car owners in Moscow. A hacker is attempting to sell on a dark web forum a database containing 129 million records of car owners in Moscow. As a proof of the authenticity of the data, the hacker […] | |||
|
2020-05-18 21:31:59 | A bug in Edison Mail iOS app impacted over 6,400 users (lien direct) | A security bug in the iOS app has impacted over 6,400 Edison Mail users, the issue allowed some users to access other people's email accounts. An update released for iOS application of the Edison Mail introduced a security bug that resulted in some users being given access to other people's email accounts. “On Friday, May […] | |||
|
2020-05-18 17:02:25 | Texas Department of Transportation (TxDOT) hit by a ransomware attack (lien direct) | A new ransomware attack hit the Texas government, the malware this time infected systems at the state's Department of Transportation (TxDOT). The Texas government suffered two ransomware attacks in a few weeks, the first one took place on May 8, 2020 and infected systems at the Texas court. Now ransomware has infected malware the systems […] | Ransomware Malware | ||
|
2020-05-18 14:43:59 | Mandrake, a high sophisticated Android spyware used in targeted attacks (lien direct) | Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Mandrake is an advanced cyberespionage platform, but experts believe the attacks are financially motivated. Threat actors behind […] | Threat | ||
|
2020-05-18 10:42:54 | FBI warns US organizations of ProLock ransomware decryptor not working (lien direct) | The FBI issued a flash alert to warn organizations in the United States that the ProLock ransomware decryptor doesn’t work properly. Early this month, the FBI issued a flash alert to warn organizations of the new threat actor targeting healthcare, government, financial, and retail industries in the US. “The decryption key or ‘decryptor’ provided by […] | Ransomware Threat | ||
|
2020-05-18 07:47:38 | (Déjà vu) Stored XSS in WP Product Review Lite plugin allows for automated takeovers (lien direct) | A critical flaw in the WP Product Review Lite plugin installed on over 40,000 WordPress sites could potentially allow their take over. Attackers could exploit a critical vulnerability in the WP Product Review Lite WordPress plugin to inject malicious code and potentially take over vulnerable websites. The WP Product Review Lite plugin allows site owners to quickly create custom review […] | |||
|
2020-05-17 14:34:29 | Experts reported the hack of several supercomputers across Europe (lien direct) | Organizations managing supercomputers across Europe reported their systems have been compromised to deploy cryptocurrency miners. Crooks have compromised supercomputers across Europe to deploy cryptocurrency miners, incidents have been already reported in the UK, Germany, and Switzerland. Rumors are circulating about a similar infection of a supercomputer located in Spain. The supercomputers have shut down to […] | Hack | ||
|
2020-05-17 12:46:02 | (Déjà vu) Coronavirus-themed attacks May 10 – May 16, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 10 to May 16, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 12 – Zeus Sphinx continues to be […] | Threat | ||
|
2020-05-17 11:39:47 | Security Affairs newsletter Round 264 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Blue Mockingbird Monero-Mining campaign targets web apps Shiny Hunters group is selling data from 11 companies on the Dark Web Swiss rail vehicle manufacturer Stadler hit by a malware-based attack […] | |||
|
2020-05-17 07:57:36 | (Déjà vu) Elexon, a middleman in the UK power grid network hit by cyber-attack (lien direct) | Elexon, a middleman in the UK power grid network, recently reported it was hit by a cyber attack. Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, the incident impacted only affected the internal IT network, including the company’s email server, and employee laptops “Hackers have targeted a critical […] | |||
|
2020-05-16 16:07:51 | APT group targets high profile networks in Central Asia (lien direct) | Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector. The level of sophistication of the […] | |||
|
2020-05-16 13:10:57 | Microsoft is open-sourcing COVID-19 threat intelligence (lien direct) | Microsoft has recently announced that it has made some of its COVID-19 threat intelligence open-source. While the number of Coronavirus-themed attacks continues to increase increased Microsoft announced it is open-sourcing its COVID-19 threat intelligence to help organizations to repeal these threats. “Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, […] | Threat | ||
|
2020-05-16 09:15:10 | QNodeService Trojan spreads via fake COVID-19 tax relief (lien direct) | Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. The operators behind the campaign use COVID-19 lure promising victims tax relief. The phishing messages use Trojan sample associated with […] | Malware | ||
|
2020-05-15 20:54:30 | Chinese APT Tropic Trooper target air-gapped military Networks in Asia (lien direct) | Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. The Tropic Trooper APT that has been active at least since 2011, it was first spotted in 2015 […] | Threat | APT 23 | |
|
2020-05-15 15:26:20 | Interserve UK defense contractor hacked, up to 100,000 past and present employees details exposed (lien direct) | Britain’s Ministry of Defence contractor Interserve has been hacked, intruders have stolen up to 100,000 past and present employees’ details. Interserve, a contractor for the Britain’s Ministry of Defence suffered a security breach, hackers have stolen up to 100,000 of past and current employees details. The company currently has around 53,000 employees. Stolen data includes […] | |||
|
2020-05-15 12:13:46 | Russian APT Turla\'s COMpfun malware uses HTTP status codes to receive commands (lien direct) | Russia-linked cyberespionage group Turla targets diplomatic entities in Europe with a new piece of malware tracked as COMpfun. Security experts from Kaspersky Lab have uncovered a new cyberespionage campaign carried out by Russia-linked APT Turla that employs a new version of the COMpfun malware. The new malware allows attackers to control infected hosts using a […] | Malware | ||
|
2020-05-15 10:22:37 | Palo Alto Networks addresses tens of serious issues in PAN-OS (lien direct) | Palo Alto Networks addressed tens of vulnerabilities in PAN-OS, the software that runs on the company's next-generation firewalls. Palo Alto Networks has issued security updates to address tens of vulnerabilities in PAN-OS, the software that runs on the company's next-generation firewalls. One of the most severe vulnerabilities, tracked as CVE-2020-2018, is an authentication bypass vulnerability […] | Vulnerability | ★★★★ | |
|
2020-05-15 08:07:19 | (Déjà vu) Threat actors are offering for sale 550 million stolen user records (lien direct) | Threat actors are offering for sale tens of databases on a hacker forum that contains roughly 550 million stolen user records. Security experts from Cyble reported that a threat actor is attempting to sell twenty-nine databases on a hacker forum since May 7. Forum members could also buy each database individually. The archives allegedly contain a total […] | Threat | ||
|
2020-05-14 21:10:30 | Crooks stole $10 million from Norway\'s state investment fund Norfund (lien direct) | Norway's state investment fund, Norfund, suffered a business email compromise (BEC) attack, hackers stole $10 million. Hackers stole $10 million from Norway's state investment fund, Norfund, in a business email compromise (BEC) attack. Norfund is a private equity company established by the Norwegian Storting (parliament) in 1997 and owned by the Norwegian Ministry of Foreign […] | ★★ |
To see everything:
Our RSS (filtrered)
