What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-03-02 10:39:55 | Venezuela – Power outage knocked out part of the internet connectivity (lien direct) | A power outage and fluctuations in supply across Venezuela 1 March 2020, knocked out approximately 35% of the country's telecommunications infrastructure. The NetBlocks internet observatory, which tracks disruptions and shutdowns, reported that yesterday (March 1, 2020) a massive power outage across Venezuela that knocked out a large part of the country's connectivity to the Internet. The […] | |||
|
2020-03-02 09:44:25 | $1B to help telecom carriers to “rip and replace” Huawei and ZTE equipment (lien direct) | US Congress passed legislation offering $1 billion to help telecom carriers “rip and replace” equipment from Chinese giants Huawei and ZTE. On Thursday, US lawmakers have passed legislation that plans to give $1 billion to telecom carriers to “rip and replace” equipment from Chinese tech giants Huawei and ZTE. The measure approved by the Senate […] | |||
|
2020-03-02 08:04:23 | Nemty ransomware “LOVE_YOU” malspam campaign (lien direct) | Security experts uncovered an ongoing campaign delivering Nemty Ransomware via emails disguised as messages from secret lovers. Researchers from Malwarebytes and X-Force IRIS have uncovered an ongoing spam campaign distributing the Nemty Ransomware via messages disguised as messages from secret lovers. The attackers employed messages with several subject lines and attachment filenames composed to appear […] | Ransomware Spam | ||
|
2020-03-01 17:46:10 | (Déjà vu) 49 million unique email addresses of Straffic Marketing firm exposed online (lien direct) | The Israeli marketing firm Straffic accidentally exposed 49 million unique email addresses stored in an Elasticsearch database. The Israeli marketing firm Straffic exposed 49 million unique email addresses due to mishandled credentials for an Elasticsearch database. The credentials for the company archive were stored in plain text on an unprotected web server. Straffic notified the […] | |||
|
2020-03-01 13:32:03 | Russian spies are attempting to tap transatlantic undersea cables (lien direct) | This week, several media reported that agents of the Russian intelligence reportedly went to Ireland to inspect the undersea cables. The Sunday Times reported that Russian intelligence agents have been sent to Ireland to gather detailed information on the undersea cables that connect Europe to North America. The news is alarming, intelligence agencies fear that […] | |||
|
2020-03-01 10:22:01 | Security Affairs newsletter Round 253 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Google sued by New Mexico attorney general for collecting student data through its Education Platform ISS reveals malware attack impacted parts of the IT environment ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia […] | Malware | ||
|
2020-02-29 22:44:11 | Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm (lien direct) | Not only Maze ransomware gang, the operators behind Sodinokibi Ransomware allegedly leaked the data of Kenneth Cole Productions. The operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions. The news was first reported by the Under the Breach research group. Sodinokibi (aka REvil) is […] | Ransomware | ||
|
2020-02-29 16:15:20 | Crooks are attempting to take over tens of thousands of WordPress sites (lien direct) | Threat actors are launching a hacking campaign aimed at taking over tens of thousands of WordPress sites by exploiting critical vulnerabilities. One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites. Researchers at NinTechNet reported […] | Vulnerability | ||
|
2020-02-29 13:53:34 | US Railroad firm RailWorks discloses a data breach after a ransomware attack (lien direct) | RailWorks Corporation, one of the leading railroad track and transit system providers in North America, disclosed a ransomware attack. RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, disclosed a ransomware attack. The security breach may have also exposed personally identifiable information (i.e. Government-issued IDs, Social Security numbers, dates of birth, dates of hire/termination […] | Ransomware Data Breach Guideline | ||
|
2020-02-28 22:45:13 | All versions of Apache Tomcat are affected by the Ghostcat flaw (lien direct) | Ghostcat flaw affects all versions of Apache Tomcat and could be exploited by hackers to read configuration files or install backdoors on vulnerable servers. All versions of Apache Tomcat are affected by a vulnerability dubbed Ghostcat that could be exploited by attackers to read configuration files or install backdoors on vulnerable servers. The vulnerability, tracked as […] | Vulnerability | ||
|
2020-02-28 15:16:04 | Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates (lien direct) | Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates Network data collected by the NetBlocks internet observatory confirm that the Turkish authorities have blocked access to social media following allegations of an attack on Turkish troops in Idlib, Syria on Thursday 27 […] | |||
|
2020-02-28 13:05:57 | Which are the most dangerous mobile app stores online? (lien direct) | An interesting report published by RiskIQ on 2019 Mobile App Threat Landscape, lists the most dangerous mobile app store online. Mobile users downloaded over 200 billion apps in 2019 and the overall expense in app stores worldwide has been estimated in more than $120 billion. Threat actors don’t want to miss this amazing business opportunity […] | Threat | ||
|
2020-02-28 10:33:08 | Cisco addresses vulnerabilities in FXOS, UCS Manager and NX-OS Software (lien direct) | Cisco released security patches for 11 vulnerabilities in its products, including the Cisco UCS Manager, FXOS, and the NX-OS software. The most severe vulnerabilities, rated as high severity, affect FXOS and NX-OS that could be exploited by an unauthenticated, adjacent attacker to execute arbitrary code as root. The exploitation of the flaw could trigger a denial […] | |||
|
2020-02-28 08:40:51 | NRC Health health care company hit with ransomware (lien direct) | A Lincoln health care company has been targeted by crooks, no patient data has been compromised during the cyber attack. NRC Health recently disclosed that it was hit by a ransomware attack that took place on February 11. The company provides analytics that help health care providers measure and improve quality and services. The Lincoln […] | Ransomware | ||
|
2020-02-27 20:57:04 | Facial recognition firm Clearview AI reveals intruders stole its client list (lien direct) | Bad news for the controversial facial recognition startup Clearview AI, hackers gained “unauthorized access” to a list of all of its customers. The controversial facial-recognition company that contracts with law-enforcement agencies announced that attackers have gained unauthorized access to its entire client list. The company already informed its customers of the security breach. The startup came under […] | |||
|
2020-02-27 18:57:25 | Lampion malware origin servers geolocated in Turkey (lien direct) | After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal. Lampion malware is the most critical malware affecting Portuguese users' last three months. From December 2019 it had spread, impersonating and using template emails from the Portuguese […] | Malware Threat | ★★ | |
|
2020-02-27 15:46:24 | Hunting the coronavirus in the dark web (lien direct) | Let me share with you the result of a one-night long analysis of major black marketplaces searching for anything related to the coronavirus epidemic. Recently I have received many questions from journalists and colleagues about the activity in the dark web related to the coronavirus epidemic, here you are what I have found digging in […] | |||
|
2020-02-27 14:47:57 | (Déjà vu) SQL Dump from popular Indian BGR tech site leaked online (lien direct) | Hackers share SQL databases from unsecured AWS buckets, including the archive belonging to the BGR tech news site in India. Hackers are sharing SQL databases from unsecured Amazon S3 buckets, one of them belongs to the BGR tech news site in India. BGR, aka Boy Genius Report, is a popular technology-influenced website that covers topics […] | |||
|
2020-02-27 13:21:26 | (Déjà vu) New strain of Cerberus Android banking trojan can steal Google Authenticator codes (lien direct) | Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Security researchers from ThreatFabric warn of a new Android malware strain can now steal one-time passcodes (OTP) generated through Google Authenticator that is used as part of 2FA to protect online […] | Malware | ||
|
2020-02-27 10:13:23 | Data on Detection of Malicious Documents in Gmail are impressive (lien direct) | Google revealed that the enhancements to its scanning system implemented in Gmail are boosting its detection capabilities. Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents. The IT giant proudly announced that combining its existing machine learning models with other protections it was able to detect […] | |||
|
2020-02-27 08:05:01 | Threat actors scan Internet for Vulnerable Microsoft Exchange Servers (lien direct) | Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. Hackers are actively scanning the Internet for Microsoft Exchange Servers affected by the CVE-2020-0688 remote code execution flaw. The vulnerability resides in the Exchange Control Panel (ECP) component, the root cause of the […] | Vulnerability Threat | ||
|
2020-02-26 20:07:22 | Kr00k Wi-Fi Encryption flaw affects more than a billion devices (lien direct) | A high-severity hardware vulnerability, dubbed Kr00k, in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The vulnerability could have a severe impact on the IT sector, the […] | Vulnerability | ||
|
2020-02-26 15:16:54 | Reading Municipal Light Department, an electric utility in Massachusetts, hit by ransomware (lien direct) | The Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. This week, the Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. Reading Municipal Light Department provides electricity to over 68,000 citizens that live in the towns […] | Ransomware | ||
|
2020-02-26 12:25:38 | Samsung leaked data of a few UK Customers (lien direct) | The South Korean multinational conglomerate Samsung announced that customers' personal information was leaked online due to a “technical error” Samsung announced that customers' personal information was exposed online through its website due to a “technical error.” The glitch only affected the U.K. website (http://samsung.com/UK) for a total of 150 impacted customers. “People who logged on were […] | |||
|
2020-02-26 11:44:54 | Silence Hacking Crew threatens Australian banks of DDoS attacks (lien direct) | DDoS extortionists are blackmailing Australian banks asking for payments of large sums in Monero cryptocurrency threatening DDoS attacks. Cybercriminals are threatening Australian banks of DDoS attacks if they will not pay large sums in Monero cryptocurrency. The extortion campaign was observed over the past week, attackers are sending emails to the banks threatening to carry […] | |||
|
2020-02-26 08:55:15 | New Cyber Attack Campaign Leverages the COVID-19 Infodemic (lien direct) | Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. Introduction Nowadays, it is common to say that the physical world and the cyber world are strictly connected. The proof is the leverage of the current physical threat, the CoronaVirus (COVID-19), as a social engineering […] | |||
|
2020-02-26 08:38:46 | Fbot re-emerged, the backstage (lien direct) | Mirai Fbot is back with the stronger infection speed, “Currently FBOT’s infection speed is about 100 nodes per day.. Don’t trust me, trust the number”, said the researcher who figured the come-back…” In the previous month we covered the mystery behind the Mirai botnet variant dubbed as “Fbot” after the threat's latest encryption was disclosed […] | |||
|
2020-02-25 23:03:39 | Decathlon Spain data leak exposed Spanish employees\' data & more (lien direct) | Experts discovered a leaking, active database with over 123 million records belonging to Decathlon Spain (and possibly Decathlon UK as well). Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). The unsecure archive is greater than […] | |||
|
2020-02-25 20:25:38 | Zyxel addresses Zero-Day vulnerability in NAS devices (lien direct) | Tech vendor Zyxel addresses a critical vulnerability in several network-attached storage (NAS) devices that is already being exploited in the wild. Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. The flaw can be exploited by an unauthenticated attacker, it resides in the weblogin.cgi CGI executable […] | Vulnerability | ||
|
2020-02-25 15:26:42 | Experts discovered a new critical OpenSMTPD RCE flaw exploited in the wild (lien direct) | Experts discovered a new critical remote code execution vulnerability in the OpenSMTPD that could allow hacking email servers running BSD or Linux. A new critical remote code execution vulnerability was discovered in the OpenSMTPD that could be exploited by attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD is an […] | Vulnerability | ||
|
2020-02-25 13:53:34 | Google fixes Chrome zero-day flaw exploited in the wild (lien direct) | Google has released Chrome 80 update that addresses three high-severity vulnerabilities, one of them has been exploited in the wild. Google has released Chrome 80 update (version 80.0.3987.122) that addresses three high-severity vulnerabilities, including a zero-day issue (CVE-2020-6418) that has been exploited in the wild. The CVE-2020-6418 vulnerability is a type confusion issue that affects […] | Vulnerability | ||
|
2020-02-25 12:58:22 | European Commission has chosen the Signal app to secure its communications (lien direct) | The popular cross-platform encrypted messaging service Signal has been chosen by the European Commission for its communications. The European Commission has decided to adopt for its staff the popular cross-platform encrypted messaging service Signal for its communications. The news was first reported earlier this month by the Politico website, a message issued on the commission's […] | |||
|
2020-02-25 10:09:27 | South Korea suffers from the spread of people infected with Corona 19 (lien direct) | In this situation, ‘Est security’ found malicious code disguised as a ‘Corona 19 real-time status’ inquiry program and asked the public’s attention. The malware found is an executable program (EXE) using file names such as ‘Corona’s domestic status’ and ‘Corona’s real-time corona status.’ When you run the file, you will see a pop-up window titled […] | Malware | ||
|
2020-02-25 09:13:11 | Hacking campaign targets sites running popular Duplicator WordPress plugin (lien direct) | Security experts are warning of a new wave of attacks targeting a zero-day vulnerability in the popular Duplicator WordPress Plugin. Last week the development team behind the popular Duplicator WordPress plugin, the Snap Creek, addressed a zero-day vulnerability that affected at least 1 million websites. Now researchers at security firm WordFence are warning of a […] | Vulnerability | ||
|
2020-02-24 21:35:29 | Lampion malware v2 February 2020 (lien direct) | Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Several devices have been infected when the victims open the zip file downloaded from the URL embedded in the malicious email that lures the Portuguese Government Finance & Tax (ATA), Energias de Portugal (EDP), and more recently the DPD firm – an international parcel delivery […] | Malware | ||
|
2020-02-24 20:10:50 | Raccoon Malware, a success case in the cybercrime ecosystem (lien direct) | Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware, Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data […] | Malware Threat | ||
|
2020-02-24 13:44:31 | Slickwraps discloses data leak that impacted 850,000 user accounts (lien direct) | Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Slickwraps is an online store that offers for sale skins mobile devices, laptops, smartphones, tablets, and gaming consoles. The data leak was disclosed last week, on February 21 the company that customer records were accidentally exposed […] | Data Breach | ||
|
2020-02-24 10:27:50 | FBI recommends using passphrases instead of complex passwords (lien direct) | The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters. Recent guidance from the National Institute of Standards and Technology (NIST) highlights that the password length is much more important than password complexity. The recommendations are part of the […] | |||
|
2020-02-24 08:25:13 | FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019 (lien direct) | FireEye's report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report, FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families […] | Malware | ||
|
2020-02-23 17:17:08 | ISS reveals malware attack impacted parts of the IT environment (lien direct) | ISS, the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS, the Danish multinational services company announced it was hit with malware, in response to the incident the firm disabled access to shared IT services worldwide. ISS services include cleaning services, support services, property services, catering […] | Malware | ||
|
2020-02-23 13:50:03 | Security Affairs newsletter Round 252 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs IOTA cryptocurrency shuts down entire network after a coordinated attack on its Trinity wallet Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak US administration requests $9.8B for cyber 2021 budget for […] | |||
|
2020-02-23 13:16:30 | (Déjà vu) Google sued by New Mexico attorney general for collecting student data through its Education Platform (lien direct) | New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. The lawsuit was filed by the […] | |||
|
2020-02-23 11:14:42 | ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia (lien direct) | Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. The malware was employed in targeted attacks against […] | Malware Threat | ||
|
2020-02-22 18:12:26 | Joker malware still able to bypass Google Play Store checks (lien direct) | The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were […] | Malware | ★★★★★ | |
|
2020-02-22 12:37:37 | Google removed nearly 600 apps from the Play Store for ad policy violation (lien direct) | Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing […] | |||
|
2020-02-21 20:39:08 | VMware addresses serious flaws in vRealize Operations for Horizon Adapter (lien direct) | VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. VMware vRealize Operations is a software product that provides operations management across physical, virtual and cloud environments, it supports environments based on vSphere, Hyper-V or Amazon Web Services. Horizon Adapter instances created on VMware vRealize Operations Manager […] | |||
|
2020-02-21 13:48:11 | Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later (lien direct) | Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. […] | APT 36 | ||
|
2020-02-21 10:46:03 | (Déjà vu) DOD DISA US agency discloses a security breach (lien direct) | The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security of IT and telecommunications for the White House and military troops has suffered a cyber […] | |||
|
2020-02-21 06:25:54 | Dragos Report: Analysis of ICS flaws disclosed in 2019 (lien direct) | More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique types of flaws, […] | |||
|
2020-02-20 22:06:58 | Croatia\'s largest petrol station chain INA group hit by ransomware attack (lien direct) | Some operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. INA, d.d. is a stock company with the Hungarian MOL Group and the Croatian Government as its biggest shareholders, […] | Ransomware |
To see everything:
Our RSS (filtrered)
