What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-10 13:32:24 | 1.2 million CPR numbers for Danish citizen leaked through tax service (lien direct) | A glitch in the TastSelv Borger tax service has sent over one million Danish CPR numbers to the US companies Google and Adobe. The Danish Agency for Development and Simplification has discovered the data leak that involved the TastSelv Borger service, which is managed by the US company DXC Technology. The TastSelv service allows everyone […] | |||
|
2020-02-10 12:11:11 | A sad story of pedophilia on how disgusting images fed the web (lien direct) | The journalist Livio Varriale sheds the light on a story about pedophilia that starts from afar and still today finds its roots in the darker side of the internet. Today, I’m going to tell you a horrible story that dwells on the dark web, a story about pedophilia that starts from afar and still today […] | |||
|
2020-02-10 08:28:13 | Malaysia\'s MyCERT warns cyber espionage campaign carried out by APT40 (lien direct) | Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the China-linked APT40 group aimed at Malaysian government officials. The attackers aimed at stealing confidential documents […] | Industrial | APT 40 | |
|
2020-02-10 07:47:04 | A cyber-attack on major banks could trigger a liquidity crisis, ECB President Christine Lagarde warns (lien direct) | The president of the European Central Bank (ECB), Christine Lagarde, is warning that a cyber-attack on a major financial institution could trigger a liquidity crisis. The president of the European Central Bank (ECB), Christine Lagarde, has warned that a coordinated cyber-attack on major banks could trigger a liquidity crisis. President Lagarde cited findings of a […] | |||
|
2020-02-09 18:53:09 | Massive DDoS attack brought down 25% Iranian Internet connectivity (lien direct) | Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%. The NetBlocks internet observatory, which […] | |||
|
2020-02-09 12:01:57 | The number of cyber attacks on Saudi Aramco is increasing (lien direct) | Saudi Aramco, the Saudi Arabian national petroleum and natural gas company, revealed that it has seen an increase in attempted cyber attacks since the Q4 2019. The energy industry is under attack, Saudi Aramco announced it has seen an increase in attempted cyber attacks since the final quarter of 2019. The data is alarming, even […] | |||
|
2020-02-09 09:57:21 | Security Affairs newsletter Round 250 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Microsoft announces the launch of a bug bounty program for Xbox Microsoft warns TA505 changed tactic in an ongoing malware campaign Russias watchdog Roskomnadzor threatens to fine Twitter and Facebook The Russian Government blocked ProtonMail and ProtonVPN Apollon […] | Malware | ||
|
2020-02-09 09:42:27 | Maastricht University finally paid a 30 bitcoin ransom to crooks (lien direct) | In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Maastricht University is an excellent university attended by over 18,000 students, roughly 4,400 employees, and 70,000 alumni. “Maastricht […] | Ransomware | ||
|
2020-02-08 15:21:07 | IoT devices at major Manufacturers infected with crypto-miner (lien direct) | Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world's largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? The experts reported that several IoT devices […] | Malware | ||
|
2020-02-08 13:05:34 | Facebook\'s official Twitter and Instagram accounts hacked by OurMine (lien direct) | The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group OurMine Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and Messenger. The company accounts have been quickly restored. The notorious Saudi Arabian OurMine hacking group […] | |||
|
2020-02-08 09:42:50 | Group-IB detects Half a Million Indian Banks\' Cards on Joker\'s Stash Cardshop (lien direct) | Group-IB experts detected a database containing over 460,000 payment card records uploaded to Joker's Stash cardshops, most of records were from the Indian banks. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected a database containing over 460,000 payment card records uploaded to one of the most popular darknet cardshops (Joker’s Stash) […] | |||
|
2020-02-08 00:17:52 | (Déjà vu) RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software (lien direct) | The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling security products. Ransomware operators leverage a custom antivirus killing package that is delivered to workstations […] | Ransomware | ||
|
2020-02-07 15:05:54 | Japanese defense contractors Pasco and Kobe Steel disclose security breaches (lien direct) | Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan's largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Just last week, Japan's Ministry of Defense announced in addition to Mitsubishi Electric and the NEC defense business division […] | |||
|
2020-02-07 10:59:52 | Iran-linked APT group Charming Kitten targets journalists, political and human rights activists (lien direct) | Iran-linked APT group Charming Kitten has been targeting journalists, political and human rights activists in a new campaign. Researchers from Certfa Lab reports have spotted a new cyber espionage campaign carried out by Iran-linked APT group Charming Kitten that has been targeting journalists, political and human rights activists. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the […] | Conference | APT 35 | |
|
2020-02-07 09:15:52 | Critical Android Bluetooth flaw CVE-2020-0022 could be exploited without user interaction (lien direct) | Google addressed a critical vulnerability in its Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. Google has addressed a critical flaw in Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. The vulnerability tracked as CVE-2020-0022 is a remote code execution flaw that could […] | Vulnerability | ||
|
2020-02-06 12:45:17 | cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP) (lien direct) | A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. The experts tracked the set as CDPwn and warned that the […] | |||
|
2020-02-06 09:44:53 | Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs (lien direct) | Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. Lightbulbs could be remotely […] | |||
|
2020-02-05 15:18:59 | (Déjà vu) Microsoft detects 77,000 active web shells on a daily basis (lien direct) | Microsoft published an interesting report that investigates web shell attacks, the IT giant says it detects 77,000 active web shells daily. According to a report published by Microsoft, the company detects an average of 77,000 active web shells, spreading across 46,000 infected servers, on a daily base. A web shell is a code, often written […] | |||
|
2020-02-05 13:52:30 | Expert released PoC exploit code for unpatched backdoor in HiSilicon chips (lien direct) | Researcher published details about a backdoor mechanism he found in HiSilicon chips, but he did not report it to the vendor due to the lack of trust in it. The Russian security expert Vladislav Yarmak has published technical details about a backdoor mechanism he discovered in HiSilicon chips. The backdoor mechanism could allow attackers to […] | |||
|
2020-02-05 12:00:10 | Dropbox paid more than $1 Million via its bug bounty program (lien direct) | File hosting service company Dropbox paid out $1 million for vulnerabilities reported by researchers through its bug bounty program. Since the launch of its bug bounty program in 2014, the file-hosting company Dropbox has paid out $1 million to date for vulnerabilities reported by researchers. “Our bug bounty program recently passed a significant milestone. Since […] | |||
|
2020-02-05 09:08:42 | (Déjà vu) Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware (lien direct) | Threat actors are abusing the Bitbucket code hosting service to host seven types of malware that has already claimed more than 500,000 business computers. Cybereason researchers reported that attackers are abusing the Bitbucket code hosting service to store seven types of malware that were employed in an ongoing campaign. According to the experts, the malware […] | Malware | ||
|
2020-02-05 06:44:48 | Google mistakenly shared private videos of some users with others in 2019 (lien direct) | Google has accidentally shared private videos of some users that were stored on its servers with other, the tech giant notified impacted users. Google admitted a new privacy incident, it has accidentally shared private videos saved on its servers with other users. At the time it is not clear the number of impacted users, anyway, […] | |||
|
2020-02-04 20:51:20 | (Déjà vu) Facebook fixed a WhatsApp bug that allowed hackers to access local file system (lien direct) | Facebook addressed a critical issue in WhatsApp that would have allowed attackers to read files from a user’s local file system, on macOS and Windows. Facebook has addressed a critical vulnerability in WhatsApp, tracked as CVE-2019-18426, that would have allowed hackers to read files from a user’s local file system, on macOS and Windows systems. […] | Vulnerability | ||
|
2020-02-04 15:29:09 | Using 99 mobile phones to create a fake traffic jam in Google Maps (lien direct) | A German artist demonstrated how using a simple trick it is possible to deceive Google Maps and create a virtual traffic jam. The German artist Simon Weckert conducted a simple experiment to demonstrate how to deceive Google Maps and create a virtual traffic jam. The man put 99 cell mobile phones using Google Maps in a […] | |||
|
2020-02-04 13:49:25 | The city of Racine was offline following a ransomware attack (lien direct) | The city of Racine joins to the long string of US municipalities that were hit with ransomware attack, it was forced offline following the infection. The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on January 31, 2020. Most of non-emergency computer services of the city went offline following the […] | Ransomware | ||
|
2020-02-04 12:19:34 | Toll Group shuts down some online systems after ransomware attack (lien direct) | The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to the incident the company has shut down some of its online services. The Toll Group is an […] | Ransomware | ||
|
2020-02-04 10:16:20 | Hackers abused Twitter API to match usernames to phone numbers (lien direct) | Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames to phone numbers. The company immediately suspended the involved accounts. “On December 24, 2019 we […] | |||
|
2020-02-04 09:09:59 | NCA arrested six men in UK over Malta Bank Cyber-Heist (lien direct) | Last week NCA arrested six individuals in the United Kingdom because they are suspected to be involved in a Malta cyber-heist and money laundering operation. Britain’s National Crime Agency (NCA) arrested six individuals in the United Kingdom because they are accused to be involved in a cyber-heist of a Malta bank and money laundering operation. […] | |||
|
2020-02-03 20:44:16 | Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root (lien direct) | Apple researcher discovered an important vulnerability (CVE-2019-18634) in ‘sudo’ utility that allows non-privileged Linux and macOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘sudo‘ utility, tracked as CVE-2019-18634, that allows non-privileged Linux and macOS users to run commands as Root. The issue could be […] | Vulnerability | ||
|
2020-02-03 15:12:24 | Police are warning crooks are using cleaners to compromise businesses (lien direct) | Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them. The alert was launched by a senior police officer, cyber criminals are planting so-called “sleepers” in cleaning companies so that they can gau physical access IT infrastructure and hack them. The police are urging organizations to […] | Hack | ||
|
2020-02-03 11:37:23 | Ransomware brought down services of popular TV search engine TVEyes (lien direct) | TVEyes was brought down after its core server and engineering workstations were infected with a ransomware attack, company CEO confirmed. TVEyes is a company that manages a popular platform for monitoring TV and radio news broadcasts, it is used worldwide by PR agencies and newsrooms. On Thursday night, a ransomware attack hit the company network causing […] | Ransomware | ||
|
2020-02-03 09:08:18 | Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks (lien direct) | Hackers have already compromised more than 2,300 Linear eMerge E3 building access systems exploiting a severe vulnerability that has yet to be fixed. Linear eMerge E3 smart building access systems designed by Nortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning […] | Vulnerability | ||
|
2020-02-03 07:39:39 | Apollon Darknet market is allegedly pulling an exit scam (lien direct) | The Apollon market, one of the largest marketplaces, is likely exit scamming after the administrators have locked vendors’ accounts. The Apollon market, one of the darknet's largest marketplaces, is likely exit scamming, vendors and customers reported suspicious behavior of its administrators. Users on Reddit are reporting that vendors can't withdrawal funds nor sign into their […] | |||
|
2020-02-02 18:01:09 | Russia\'s watchdog Roskomnadzor threatens to fine Twitter and Facebook (lien direct) | Russia’s Roskomnadzor watchdog wants to fine Facebook and Twitter after they refused to store data of Russian users on servers located in the country. Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. “On January 31, 2020, Roskomnadzor instituted administrative […] | |||
|
2020-02-02 15:27:21 | The Russian Government blocked ProtonMail and ProtonVPN (lien direct) | The popular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. Roskomnadzor explained that the services were abused by cybercriminals and that Proton Technologies refused to register them with state authorities. The […] | |||
|
2020-02-02 13:00:11 | Microsoft announces the launch of a bug bounty program for Xbox (lien direct) | Microsoft announced the launch of an Xbox bug bounty program with rewards of up to $20,000 for critical remote code execution flaws. Microsoft is going to launch an Xbox bug bounty program that will pay rewards of up to $20,000 for critical remote code execution vulnerabilities. “The Xbox Bounty Program invites gamers, security researchers, and […] | |||
|
2020-02-02 10:20:36 | Security Affairs newsletter Round 249 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Authorities arrest 3 Indonesian hackers behind many Magecart attacks City of Potsdam offline following a cyberattack A new piece of Ryuk Stealer targets government, military and finance sectors Aggah: How to run a botnet without renting a Server […] | |||
|
2020-02-02 09:52:04 | Microsoft warns TA505 changed tactic in an ongoing malware campaign (lien direct) | An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs Security experts from Microsoft have uncovered an ongoing phishing campaign launched by the TA505 cybercrime gang (aka Evil Corp) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. According to Microsoft, this is the […] | Malware | ||
|
2020-02-01 16:04:23 | Crooks start exploiting Coronavirus as bait to spread malware (lien direct) | Security researchers warn of malspam campaigns aimed at spreading malware that exploits media attention on the coronavirus epidemic. Unscrupulous cybercriminal groups are attempting to exploit media attention on the coronavirus to infect systems worldwide. Recently, coronavirus is monopolizing media attention, users online are searching for information about the virus and the way it is rapidly […] | Malware | ||
|
2020-02-01 10:04:26 | (Déjà vu) Winnti APT Group targeted Hong Kong Universities (lien direct) | Winnti Group has compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Hackers from the China-linked Winnti group have compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Researchers from ESET discovered the attacks in November 2019 […] | |||
|
2020-01-31 19:27:52 | Hackers penetrated NEC defense business division in 2016 (lien direct) | Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. The Japanese firm confirmed the unauthorized access to its internal network after Japanese newspapers disclosed the security […] | |||
|
2020-01-31 14:48:35 | US continues to press UE members to ban Huawei and Chinese 5G technologies (lien direct) | The United States appreciated European Union’s new rules on 5G networks, but pressed them to ban China’s Huawei technology. The EU's executive Commission this week presented a set of rules and technical measures aimed at reducing cybersecurity risks from the adoption of 5G networks. The Commission’s recommendations include blocking high-risk equipment suppliers from “critical and […] | |||
|
2020-01-31 12:05:11 | NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones (lien direct) | Crooks sometimes damage their mobile devices to destroy evidence, NIST tests forensic methods for getting data from damaged mobile phones Criminals sometimes damage their mobile phones in an attempt to destroy evidence. They might smash, shoot, submerge or cook their phones, but forensics experts can often retrieve the evidence anyway. Now, researchers at the National […] | |||
|
2020-01-31 08:17:43 | Report: Threat of Emotet and Ryuk (lien direct) | Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a […] | Ransomware Malware Threat | ||
|
2020-01-31 07:53:00 | Iran-linked APT34 group is targeting US federal workers (lien direct) | Iran-linked APT34 group has targeted a U.S.-based research company that provides services to businesses and government organizations. Security experts from Intezer observed targeted attacks on a US-based research company that provides services to businesses and government organizations. “Our researchers Paul Litvak and Michael Kajilolti have discovered a new campaign conducted by APT34 employing an updated toolset. Based […] | APT 34 | ||
|
2020-01-30 21:14:52 | Check Point detailed two flaws in Microsoft Azure that could have allowed taking over cloud servers (lien direct) | Check Point detailed two recently patched vulnerabilities in Microsoft Azure services that could have allowed hackers to take over cloud services. Check Point researchers have published technical details of two recently fixed flaws in Microsoft Azure that could have allowed hackers to take over cloud services. Azure App Service allows users to build and host multi-platform web apps, mobile […] | |||
|
2020-01-30 15:21:48 | Cisco Small Business Switches affected by DoS and information disclosure flaws (lien direct) | Cisco addressed high-severity flaws in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Cisco released security patches to addressed high-severity vulnerabilities in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Both issues could be exploited […] | |||
|
2020-01-30 13:56:29 | Over 200K WordPress sites potentially exposed to hack due to Code Snippets flaw (lien direct) | Over 200K WordPress sites are exposed to attacks due to a high severity cross-site request forgery (CSRF) bug in Code Snippets plugin. A high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417, in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin. The […] | Hack | ||
|
2020-01-30 11:14:02 | US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware (lien direct) | The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack, the news was reported by ZDNet. Last week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. Electronic Warfare Associates provides electronic equipment to the US government, the list of customers […] | Ransomware | ||
|
2020-01-30 08:35:24 | Leaked confidential report states United Nations has been hacked (lien direct) | A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United Nations that was leaked to The New Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and […] |
To see everything:
Our RSS (filtrered)
