What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-22 21:12:16 | (Déjà vu) Securiry firm accidentally exposed an unprotected database with 5 Billion previously leaked records (lien direct) | Expert discovered an Elasticsearch instance belonging to a security firm containing over 5 billion records of data leaked in previous incidents. The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. […] | |||
|
2020-03-22 21:12:16 | Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records (lien direct) | Expert discovered an Elasticsearch instance belonging to security firm Keepnet Labs containing over 5 billion records of data leaked in previous cybersecurity incidents. The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between […] | |||
|
2020-03-22 15:05:21 | Coronavirus-themed attacks March 15 – March 21, 2020 (lien direct) | In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 15 to March 21, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 21, 2020 – New […] | Threat | ||
|
2020-03-22 13:09:27 | Security Affairs newsletter Round 256 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs BlackWater, a malware that uses Cloudflare Workers for C2 Communication Coronavirus-themed attacks February 1 – March 15, 2020 Massive cyber attack hit the town hall of Marseille ahead local election Noooo, now Ancient Tortoise BEC scammers are launching […] | Malware | ||
|
2020-03-22 09:58:23 | Google addresses high severity bugs in Chrome (lien direct) | Google released security updates to address multiple high-severity vulnerabilities in the popular Chrome browser. Google released security updates to address multiple high-severity vulnerabilities in Chrome, the tech giant also announced a pause for upcoming releases of the popular browser. The version 80.0.3987.149 is available for download for Windows, Mac, and Linux. Google announced that it […] | |||
|
2020-03-21 21:27:09 | New Coronavirus-themed attack uses fake WHO chief emails (lien direct) | Day after day the number of Coronavirus-themed attacks increases, fraudsters have launched a phishing campaign to deliver keyloggers on users’ PC Experts from IBM X-Force have uncovered a new Coronavirus-themed phishing campaign aimed at delivering keyloggers on users’ PC Threat actors are using phishing emails claiming to be sent from the chief of the World Health […] | Threat | ||
|
2020-03-21 19:20:27 | UK Fintech company Finastra hit by a cyber attack (lien direct) | The financial technology firm Finastra announced it has suffered a ransomware attack that took down its some of its systems. Finastra, the UK leading financial technology provider, announced that some of its servers were shut down in response to a ransomware attack that the company detected. Finastra provides financial software and services to more than 9,000 customers […] | Ransomware Guideline | ||
|
2020-03-21 15:46:39 | Mukashi, the new Mirai variant that targets Zyxel NAS (lien direct) | A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. Security experts have discovered a new variant of the infamous Mirai malware, tracked as Mukashi, was employed in attacks against network-attached storage (NAS) devices manufactured by Zyxel. According to Palo Alto researchers, threat actors exploited […] | Threat | ||
|
2020-03-21 07:48:46 | Healthcare sector targeted : what you need to know about the hackers very unusual strategy (lien direct) | Orange Cyberdefense's Epidemiology Lab has published a report on cyberattacks targeting the healthcare sector. While COVID-19 infections around the world are exploding, cyber threat actors are trying to capitalise on this global health crisis by creating malwares or launching attacks with a COVID-19 theme. Last week, a COVID-19 testing centre was hit by a cyberattack, […] | Threat | ||
|
2020-03-20 21:26:49 | UK printing company Doxzoo exposed US and UK military docs (lien direct) | UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. Security experts at vpnMentor discovered 343GB worth of files belonging to the printing company Doxzoo that were exposed on an AWS server. The researchers reported their discovery to the company on January 26, but it never […] | |||
|
2020-03-20 12:47:42 | Russia-linked APT28 has been scanning vulnerable email servers in the last year (lien direct) | Experts warn of scanning activity conducted by Russia-linked APT28 cyberespionage group, hackers are searching for vulnerable mail servers. According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) has been active since at least 2007 and it has […] | APT 28 | ||
|
2020-03-20 10:08:42 | (Déjà vu) Pwn2Own 2020 – Participants hacked Adobe Reader, Oracle VirtualBox, and Windows (lien direct) | Pwn2Own 2020 Day 2 -Participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows. The Coronavirus outbreak hasn't stopped the Pwn2Own hacking conference, for the first time its organizer, the Zero Day Initiative (ZDI), has decided to arrange the event allowing the participants to remotely demonstrate their exploits. Day 2 […] | |||
|
2020-03-20 08:31:28 | Drupal addresses two XSS flaws by updating the CKEditor (lien direct) | Drupal developers released security updates for versions 8.8.x and 8.7.x that fix two XSS vulnerabilities affecting the CKEditor library. The Drupal development team has released security updates for versions 8.8.x and 8.7.x that address two XSS vulnerabilities that affect the CKEditor library. CKEditor is the far superior successor of FCKeditor, it is a popular, highly […] | |||
|
2020-03-19 21:20:48 | Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations (lien direct) | A new variant of the TrickBot malware is targeting telecommunications organizations in the United States and Hong Kong. Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously […] | Malware | ||
|
2020-03-19 14:51:33 | CERT France – Pysa ransomware is targeting local governments (lien direct) | CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. Operators behind this campaign are spreading a new version of the Mespinoza ransomware (aka […] | Ransomware | ||
|
2020-03-19 10:29:16 | Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS (lien direct) | During the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for exploits targeting Windows 10, Ubuntu Desktop and macOS. The Coronavirus outbreak hasn’t stopped the Pwn2Own hacking conference, for the first time its organizer, the Zero Day Initiative (ZDI), has decided to arrange the event allowing the participants to […] | |||
|
2020-03-19 08:36:55 | Is APT27 Abusing COVID-19 To Attack People ?! (lien direct) | Security researcher Marco Ramilli analyzed a new Coronavirus (COVID-19)-themed attack gathering evidence of the alleged involvement of an APT group. Scenario We are living hard time, many countries all around the world are hit by COVID-19 which happened to be a very dangerous disease. Unfortunately many deaths, thousands of infected people, few breathing equipment, stock […] | APT 27 | ||
|
2020-03-19 07:58:20 | Coronavirus news used by Emotet and Trickbot to evade detection (lien direct) | Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, new campaigns aim at spreading TrickBot and Emotet Trojans. Experts warn of new Coronavirus-themed attacks that are spreading TrickBot and Emotet Trojans. Operators behind these campaigns are using new Coronavirus-themed messages to attempt to bypass security software. The trend was first reported […] | |||
|
2020-03-18 21:54:23 | Cisco addresses multiple issues in its SD-WAN product (lien direct) | Cisco has addressed a total of five vulnerabilities in its SD-WAN solution, including three high severity flaws. Cisco has addressed five vulnerabilities in its SD-WAN solution, including three high severity flaws. The vulnerabilities could be exploited by attackers to make unauthorized changes to the system, inject arbitrary commands that are executed with root permissions, and […] | |||
|
2020-03-18 17:46:47 | Thousands of Coronavirus-related malicious domains are being created every day (lien direct) | The Coronavirus-themed attacks continue to increase, experts warn of thousands of COVID-19 scam and malware sites are being created every day. Crooks and nation-state actors continue to exploit the interest of potential victims in the Coronavirus outbreak. In recent weeks, we observed that threat actors are creating thousands of coronavirus-themed websites on a daily basis. […] | Malware Threat | ||
|
2020-03-18 14:39:24 | (Déjà vu) VMware fixes high severity privilege escalation and DoS in its products (lien direct) | VMware released security updates to address high severity privilege escalation and DoS in the Workstation, Fusion, VMware Remote Console and Horizon Client. VMware has released security updates to address high severity privilege escalation and denial-of-service (DoS) flaws in the Workstation, Fusion, Remote Console and Horizon Client. The two security vulnerabilities have been tracked as CVE-2020-3950 and CVE-2020-3951 respectively. The CVE-2020-3950 is […] | |||
|
2020-03-18 11:58:42 | Adobe releases out-of-band patches for critical issues in Acrobat Reader, Photoshop, Bridge, ColdFusion (lien direct) | Adobe has released a collection of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. Adobe has released a set of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. “Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS.” […] | |||
|
2020-03-18 10:25:47 | Trend Micro addresses two issues exploited by hackers in the wild (lien direct) | Trend Micro has addressed several serious vulnerabilities in its products, including two flaws that have been exploited in the wild. Trend Micro has released security updates to address several serious flaws in its Worry-Free Business Security, Apex One and OfficeScan products, including a couple of vulnerabilities that have been exploited by threat actors in the […] | Threat | ||
|
2020-03-18 08:54:05 | TrueFire Guitar tutoring website was hacked, financial data might have been exposed (lien direct) | The online guitar tutoring website TrueFire was compromised by hackers in a classic Magecart style attack that exposed customers’ payment card data. The popular online guitar tutoring website TrueFire has suffered a ‘Magecart‘ style security breach that might have exposed customers’ personal information and payment card data. TrueFire has over 1 million users, its customer could […] | |||
|
2020-03-17 21:56:52 | Operators behind Nefilim Ransomware threaten to release stolen data (lien direct) | Operators behind a new piece of ransomware dubbed Nefilim have started threatening victims to release stolen data like other cybercrime gangs. A new ransomware dubbed Nefilim appeared in the threat landscape at the end of February, it borrows its code from other malware, the Nemty ransomware. The main difference between the two threats is that […] | Ransomware Threat | ||
|
2020-03-17 19:26:38 | Most ransomware attacks take place outside the working hours (lien direct) | Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours. FireEye compiled the report using data from […] | Ransomware | ||
|
2020-03-17 15:28:17 | Corporate Finance firms leak 500K+ legal and financial documents online (lien direct) | Security experts from vpnMentor have discovered two corporate finance companies that leak half a million legal and financial documents online vpnMentor experts uncovered a database exposed online on Amazon Web Services (AWS) that is leaking a huge amount of sensitive legal and financial documents. “Whatever the intended purpose of this database was, over 500,000 highly sensitive and private […] | |||
|
2020-03-17 15:03:44 | Ursnif campaign targets Italy with a new infection Chain (lien direct) | Malware researchers from Cybaze-Yoroi ZLab have uncovered a new Ursnif campaign that is targeting Italy with a new infection chain. Introduction Ursnif is one of the most and widespread common threats today delivered through malspam campaigns. It appeared on the threat landscape about 13 years ago and gained its popularity since 2014 when its source […] | Threat | ||
|
2020-03-17 13:17:10 | The parabola of a prolific cyber-criminal known as Dton (lien direct) | Check Point researchers detailed the activity of a prolific cyber-criminal known as 'Dton' that earned at least $100,000 US from his operations. Over the past few months, experts at Check Point have monitored the activity of a prolific cyber-criminal known as 'Dton'. The man is active at least since 2013 and already earned at least […] | |||
|
2020-03-17 10:13:52 | (Déjà vu) Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections (lien direct) | Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. In this campaign, crooks are exploiting the interest […] | Ransomware | ||
|
2020-03-16 22:53:23 | Aerial Direct, the O2\'s largest UK partner suffered a data breach (lien direct) | Hackers have stolen O2 customers’ data from a database run by Aerial Direct, one of the largest UK partners of the telecommunications services provider. Hackers have stolen the data of O2 customers from a database operated by Aerial Direct, which is O2’s largest direct business partner in the UK and has more than 130,000 customers. […] | Data Breach | ||
|
2020-03-16 20:00:46 | Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw (lien direct) | Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. The CVE-2020-0688 flaw resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers […] | Patching | ||
|
2020-03-16 15:19:53 | A cyberattack hits the US Department of Health and Human Services (lien direct) | While the Coronavirus is spreading in the U.S., a mysterious cyberattack hit the Department of Health and Human Services on Saturday. According to Bloomberg, that cited three people familiar with the matter, a cyberattack hit the U.S. Department of Health and Human Services on Saturday night. People cited by Bloomberg confirmed that the cyber attack […] | |||
|
2020-03-16 12:55:12 | MonitorMinor, the outstanding stalkerware can track Gmail, WhatsApp, Instagram, and Facebook (lien direct) | Security experts spotted a new stalkerware, dubbed MonitorMinor, that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Security experts from Kaspersky Lab spotted a new stalkerware, dubbed MonitorMinor (Monitor.AndroidOS.MonitorMinor.c), that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Stalkerware is commercial monitoring software or spyware that is used for stalking, it is usually […] | |||
|
2020-03-16 10:56:28 | Open Exchange Rates discloses a security breach (lien direct) | Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service. Open Exchange […] | Data Breach | ||
|
2020-03-16 08:40:59 | Experts warn of a new strain of ransomware, the PXJ Ransomware (lien direct) | Experts warn of a new malware strain, dubbed PXJ Ransomware, that does share the same underlying code with existing ransomware families. Security experts from IBM X-Force have spotted a new strain of ransomware, dubbed PXJ Ransomware, that does share the same code with other known ransomware families. While PXJ performs typical ransomware functions, it does […] | Ransomware Malware | ||
|
2020-03-15 15:30:44 | Security Affairs newsletter Round 255 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Facebook sues Namecheap to protect people from domain name fraud Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers New Coronavirus-themed malspam campaign delivers FormBook Malware The City of Durham shut down its network […] | Malware | ||
|
2020-03-15 14:00:44 | Coronavirus-themed attacks February 1 – March 15, 2020 (lien direct) | In this post, I decided to share the details of the Coronavirus-themed attacks launched from February 1 to March 15, 2020. February 1, 2020 – Crooks start exploiting Coronavirus as bait to spread malware Security researchers warn of campaigns aimed at spreading malware that exploits media attention on the COVID-19 epidemic. February 25, 2020 – South Korea […] | Malware | ★★★ | |
|
2020-03-15 13:04:46 | Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks (lien direct) | A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. While the Coronavirus is spreading worldwide cybercriminals and nation-state actors are launching COVID19-themed attacks on a global scale. Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a […] | Malware | ★★★ | |
|
2020-03-15 10:39:25 | Massive cyber attack hit the town hall of Marseille ahead local election (lien direct) | While the Coronavirus is spreading worldwide, a massive cyber attack hit the town hall of Marseille and the metropolis. Ahead of the 2020 municipal elections in Marseille that will take place on 15 and March 22, a ‘massive and widespread’ cyber attack hit the city of Marseille as well as the metropolis Aix-Marseille-Provence The 2020 municipal elections in […] | |||
|
2020-03-15 10:04:26 | (Déjà vu) BlackWater, a malware that uses Cloudflare Workers for C2 Communication (lien direct) | Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19. Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Cloudflare Workers provide a serverless execution […] | Malware | ||
|
2020-03-14 19:09:24 | Trump signed a bill to help small telecoms replace Huawei equipment (lien direct) | This week US President Donald Trump signed a bill that assigns $1 billion to small telecom providers for replacing equipment made by China's Huawei and ZTE. US President Donald Trump continues its battle against the Chinese telco giants Huawei and ZTE, this week he has signed a bill that assigns $1 billion to small telecom providers for […] | |||
|
2020-03-14 17:50:13 | Slack bugs allowed take over victims\' accounts (lien direct) | Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover. The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account takeover. Slack addressed the vulnerability within 24 hours it was reported by the researcher, the […] | Vulnerability | ||
|
2020-03-14 16:18:34 | A bug in Tor Browser allows execution of JavaScript even in Safest security level (lien direct) | Tor Project maintainers warned users about a severe flaw in the Tor browser that may execute JavaScript code on sites it should not. The Tor Project announced a major bug in the Tor browser that may cause the execution of JavaScript code on sites for which users have specifically blocked JavaScript. The development team at […] | |||
|
2020-03-14 12:48:54 | One of the major COVID-19 testing laboratories in Czech hit by cyberattack (lien direct) | A cyber attack hit one of the major COVID-19 testing laboratories in Czech, the Brno University Hospital in the city of Brno. While the Coronavirus (COVID-19) is spreading on a global scale, crooks and nation-state actors are launching Coronavirus-themed attacks against targets worldwide. The healthcare systems of any country are under pressure, for this reason, […] | |||
|
2020-03-13 23:34:39 | European police arrested tens of members of two SIM Hijacking Gangs (lien direct) | European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. In SIM hijacking attacks (aka SIM swapping attacks) crooks are able to port the phone number of the victims to a new SIM card […] | |||
|
2020-03-13 20:00:04 | VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest (lien direct) | VMware has fixed three serious flaws in its products, including a critical issue in Workstation and Fusion that allow code execution on the host from guest. VMware has addressed three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that could be exploited to execute code on the host from guest. […] | |||
|
2020-03-13 14:05:12 | State-sponsored hackers are launching Coronavirus-themed attacks (lien direct) | State-sponsored hackers are now using coronavirus lures to infect their targets In the last weeks, security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, now experts warn of similar attacks from nation–state actors. Recently security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, but now experts are warning of similar attacks […] | |||
|
2020-03-13 11:42:03 | Flaws in the Popup Builder WordPress plugin expose 100K+ websites to hack (lien direct) | Flaws in the Popup Builder WordPress plugin could allow unauthenticated attackers to inject malicious JavaScript code into popups of 100K+ websites. The Popup Builder WordPress plugin is affected by security flaws that could be exploited by unauthenticated attackers to inject malicious JavaScript code into popups displayed on websites using it. More than 100,000 websites are […] | Hack | ||
|
2020-03-13 09:17:44 | Russia-Linked Turla APT uses new malware in watering hole attacks (lien direct) | The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous […] | Malware |
To see everything:
Our RSS (filtrered)
