What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-29 20:09:26 | Wawa card breach: 30 million card records for sale in the dark web (lien direct) | New revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this […] | Data Breach | ||
|
2020-01-29 15:13:49 | CVE-2020-7247 RCE flaw in OpenSMTPD library affects many BSD and Linux distros (lien direct) | Security researchers have spotted a vulnerability, tracked as CVE-2020-7247, that affects a core email-related library used by many BSD and Linux distributions. Security experts from Qualys have discovered a flaw, tracked as CVE-2020-7247, in OpenSMTPD. OpenSMTPD is an open-source implementation of the server-side SMTP protocol as defined by RFC 5321, it includes also some additional […] | |||
|
2020-01-29 13:12:37 | Phantom of the ADAS – Phantom Attacks Against Advanced Driving Assistance Systems (lien direct) | Researchers investigate a new perceptual challenge that causes the ADAS systems and autopilots of semi/fully autonomous to consider depthless objects (phantoms) as real. Abstract The absence of deployed vehicular communication systems, which prevents the advanced driving assistance systems (ADASs) and autopilots of semi/fully autonomous cars to validate their virtual perception regarding the physical environment surrounding […] | |||
|
2020-01-29 07:26:10 | Magento 2.3.4 addresses three critical Code execution flaws (lien direct) | Magento has released version 2.3.4 to address multiple vulnerabilities, some of them are critical code execution issues. Magento version 2.3.4 has addressed several vulnerabilities in its e-commerce platform, come of them are critical code execution issues. The vulnerabilities affect Magento Commerce (2.3.3/2.2.10 and below), Open Source (2.3.3/2.2.10 and below), Enterprise Edition (1.14.4.3 and earlier), and […] | |||
|
2020-01-29 06:45:29 | A vulnerability in Zoom platform allowed miscreants to join Zoom meetings (lien direct) | A vulnerability in the Zoom online meeting system could be exploited to join meetings and view all content shared by participants. The popular video conferencing Zoom is affected by a vulnerability that could be exploited to join meetings and view all content shared by participants. The issue allowed anyone to remotely eavesdrop on unprotected active […] | Vulnerability | ||
|
2020-01-28 21:39:38 | A new piece of Snake Ransomware targets ICS processes (lien direct) | The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). The Snake ransomware is written in the Golang programming language and has been used in […] | Ransomware | ||
|
2020-01-28 10:37:16 | Cyber Threat Trends Dashboard (lien direct) | Marco Ramilli published the Cyber Threat Trends Dashboard, a useful tool that will allow us to better understand most active threats in real time. Introduction Information sharing is one of the most important activity that cybersecurity researchers do on daily basis. Thanks to “infosharing” activities it is possible to block or, in specific cases, to […] | Tool Threat | ||
|
2020-01-28 07:46:11 | Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM (lien direct) | The vendor Fortinet has finally released security patches to remove the hardcoded SSH keys in Fortinet SIEM appliances. Fortinet has finally released security updates to remove the hardcoded SSH keys in Fortinet SIEM appliances. Recently Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinet's Security Information and Event Management FortiSIEM that […] | |||
|
2020-01-28 07:39:12 | (Déjà vu) Attacks on Citrix servers increase after the release of CVE-2019-19781 exploits (lien direct) | Citrix has released security patches for the recently disclosed CVE-2019-19781 flaw, but the number of attacks on vulnerable systems is increasing. Last week, Citrix addressed the actively exploited CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller (NetScaler […] | |||
|
2020-01-27 21:36:51 | Did H&M spy on its German employees? Privacy watchdog opens an investigation (lien direct) | A German privacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. Hamburg's data protection commissioner has launched an investigation into Swedish clothing retailer H&M (Hennes & Mauritz) amid evidence that the company was spying on its customer service representatives in Germany. According to the […] | |||
|
2020-01-27 19:11:34 | Aggah: How to run a botnet without renting a Server (for more than a year) (lien direct) | Experts from Yoroi-Cybaze ZLab have spotted new attack attempts directed to some Italian companies operating in the Retail sector linked to Aggah campaign. Introduction During the last year, we constantly kept track of the Aggah campaigns. We started deepening inside the Roma225 Campaign and went on with the RG Campaign, contributing to the joint effort to track the […] | |||
|
2020-01-27 14:40:38 | Which was the most common threat to macOS devices in 2019? Shlayer malware (lien direct) | Malware authors continue to show interest in macOS devices, Kaspersky experts confirmed that the Shlayer malware has been the most common threat to the macOS platform. Security experts from Kaspersky Lab revealed that the Shlayer malware was the most widespread macOS threat in 2019. In February, malware researchers at Carbon Black spotted a new strain […] | Malware Threat | ||
|
2020-01-27 10:40:15 | Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world (lien direct) | More details emerged from the recently disclosed Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of e-commerce. Operators of the JavaScript-sniffer family, dubbed "GetBilling" by Group-IB, were arrested in Indonesia. The arrest came as a result of a joint operation "Night Fury" initiated by INTERPOL's ASEAN Cyber Capability Desk (ASEAN Desk) that involved Indonesian Cyber Police (BARESKRIM POLRI (Dittipidsiber)) and Group-IB's […] | |||
|
2020-01-27 09:31:08 | (Déjà vu) Mozilla banned hundreds of malicious Firefox add-ons over the last weeks (lien direct) | Mozilla is intensifying the efforts to protect its users, in the last couple of weeks, the security staff has banned 200 malicious Firefox add-ons. Over the past two weeks, Mozilla has reviewed and banned 197 Firefox add-ons because they were executing malicious code. The malicious Firefox add-ons were found stealing user data and for this […] | |||
|
2020-01-27 07:54:50 | (Déjà vu) A new piece of Ryuk Stealer targets government, military and finance sectors (lien direct) | A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to […] | Malware | ||
|
2020-01-26 15:42:44 | City of Potsdam offline following a cyberattack (lien direct) | The City of Potsdam suffered a major cyberattack that took down its servers earlier this week, but emergency services were not impacted. The German City of Potsdam has suffered a major cyberattack that took down its servers earlier this week, the good news is that emergency services, including the city’s fire department fully operational and payments […] | |||
|
2020-01-26 10:09:19 | Security Affairs newsletter Round 248 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online Hackers patch Citrix servers to deploy their own backdoor Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 and 12.0 JhoneRAT uses […] | |||
|
2020-01-26 09:46:09 | Authorities arrest 3 Indonesian hackers behind many Magecart attacks (lien direct) | The Indonesian National Police and the Interpol announced the arrest of three Indonesian hackers who carried out Magecart attacks. The Indonesian National Police in a joint press conference with Interpol announced the result of an investigation dubbed ‘Operation Night Fury’ that allowed to arrest three hackers that carried out Magecart attacks to steal payment card data. The […] | |||
|
2020-01-25 16:13:00 | Cisco Webex flaw allows unauthenticated remote attackers to join private meetings (lien direct) | Cisco addressed a vulnerability in Cisco Webex that could be exploited by a remote, unauthenticated attacker to join a protected video conference meeting. Cisco has addressed a high-severity flaw in the Cisco Webex video conferencing platform (CVE-2020-3142) that could be exploited by a remote, unauthenticated attacker to enter a password-protected video conference meeting. In order […] | Vulnerability | ||
|
2020-01-25 13:21:43 | (Déjà vu) Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack (lien direct) | Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers. This week, Mitsubishi Electric disclosed a security breach that might have […] | Hack Vulnerability | ||
|
2020-01-25 10:56:29 | For the second time in a few days, Greek Government websites hit by DDoS attacks (lien direct) | The Greek government announced that a DDoS cyber attack hit the official state websites of the prime minister, the national police and fire service and several important ministries. Yesterday the Greek government announced that the official websites of the prime minister, the national police and fire service and several important ministries were hit by a […] | |||
|
2020-01-24 22:26:42 | (Déjà vu) Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws (lien direct) | Danish security researcher Ollypwn has released DOS exploit PoC for critical vulnerabilities in the Windows RDP Gateway. The Danish security researcher Ollypwn has published a proof-of-concept (PoC) denial of service exploit for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices. A Remote Desktop Gateway server is typically […] | |||
|
2020-01-24 19:08:30 | NK CARROTBALL dropper used in attacks on U.S. Govn Agency (lien direct) | A US Government agency was hit with a phishing attack attempting to deliver a new malware dropper dubbed CARROTBALL. Security experts at Palo Alto Networks have uncovered a new malware dropper called CARROTBALL that was used in targeted attacks against a U.S. government agency and non-US foreign nationals. Experts attribute the attack to the Konni […] | Malware | ||
|
2020-01-24 11:50:55 | (Déjà vu) Russian operator of Cardplanet carding site pleads guilty in the US (lien direct) | A Russian national pleaded guilty this week to running a carding website called Cardplanet that helped people commit credit-card fraud. Last year, the Russian man Aleksei Burkov (29) was accused of running an online criminal marketplace, called Cardplanet, that helped crooks to organize more than $20 million in credit card fraud. In November, the suspect […] | Guideline | ||
|
2020-01-24 10:18:40 | Cisco fixes critical issue in Cisco Firepower Management Center (lien direct) | Cisco addressed a critical issue in the Cisco Firepower Management Center (FMC) that could allow a remote attacker to bypass authentication and execute arbitrary actions. Cisco fixed a critical vulnerability in the Cisco Firepower Management Center that could allow a remote attacker to gain administrative access to the web-based management interface of the vulnerable devices […] | Vulnerability | ||
|
2020-01-23 22:14:15 | THSuite data leak exposes cannabis users information (lien direct) | Experts found online an unsecured database owned by THSuite and used by point-of-sale systems in medical and recreational marijuana dispensaries. Data leak continues to be a frequent issue suffered by companies, news of the day is the discovery of an unsecured database owned by THSuite and used by point-of-sale systems in medical and recreational marijuana dispensaries […] | |||
|
2020-01-23 18:16:05 | Iran-Linked PupyRAT backdoor used in recent attacks on European energy sector (lien direct) | Hackers used a remote access Trojan (RAT) associated with Iran-linked APT groups in recent attacks on a key organization in the European energy sector. Security experts from Recorded Future reported that a backdoor previously used in attacks carried out by an Iran-linked threat actor was used to target a key organization in the European energy […] | Threat | ||
|
2020-01-23 08:01:10 | 250 Million Microsoft customer support records and PII exposed online (lien direct) | An expert discovered that over 250 million Microsoft customer support records might have been exposed along with some personally identifiable information. The popular researcher Bob Diachenko found an unprotected database containing over 250 million customer support records along with some personally identifiable information. The unprotected archive was containing support requests submitted to the tech giant […] | |||
|
2020-01-22 15:40:36 | (Déjà vu) Malware attack took down 600 computers at Volusia County Public Library (lien direct) | System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack. The attack started around 7 AM on […] | Malware | ||
|
2020-01-22 10:35:58 | Jeff Bezos phone was hacked by Saudi crown prince (lien direct) | The phone of the Amazon billionaire Jeff Bezos was hacked in 2018 after receiving a WhatsApp message from the personal account of the crown prince of Saudi Arabia. In April 2019, Gavin de Becker, the investigator hired by Amazon chief Jeff Bezos to investigate into the release of his intimate images revealed that Saudi Arabian authorities […] | |||
|
2020-01-22 08:46:38 | OP Glowing Symphony – How US military claims to have disrupted ISIS \'s propaganda (lien direct) | US military claims to have disrupted the online propaganda activity of the Islamic State (ISIS) in a hacking operation dating back at least to 2016. In 2016, the US Cyber Command carried out successful operations against the online propaganda of the Islamic State (ISIS), this is what emerged from declassified national security top-secret documents released […] | |||
|
2020-01-21 18:58:06 | Yomi Hunter Catches the CurveBall (lien direct) | Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules. The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines. The reason for this unusual outreach […] | Vulnerability | ||
|
2020-01-21 14:14:11 | The Mystery of Fbot (lien direct) | In a few days back, the MalwareMustDie team's security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […] | Malware | ||
|
2020-01-21 13:31:57 | US-based children\'s clothing maker Hanna Andersson discloses a data breach (lien direct) | The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Like other Magecart attacks, crooks compromised the online store and injected a JavaScript code into checkout pages to […] | Data Breach | ||
|
2020-01-21 07:13:59 | NIST releases version 1.0 of the Privacy Framework (lien direct) | The NIST released version 1.0 of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. The National Institute of Standards and Technology (NIST) has published the release version 1.0 of its privacy framework. The Framework is a voluntary tool that can be used by organizations to manage risks in compliance […] | Tool | ||
|
2020-01-21 06:14:11 | Expert found a hardcoded SSH Key in Fortinet SIEM appliances (lien direct) | Expert found a hardcoded SSH public key in Fortinet 's Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinet's Security Information and Event Management FortiSIEM that can be used by attackers to the FortiSIEM Supervisor. […] | |||
|
2020-01-20 20:18:17 | (Déjà vu) Mitsubishi Electric discloses data breach, media blame China-linked APT (lien direct) | Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts. The breach was detected almost eight months ago, on June 28, 2019, […] | |||
|
2020-01-20 13:32:30 | NATO will send a counter-hybrid team to Montenegro to face Russia\'s threat (lien direct) | The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. Last week in Brussels, the Chairman of the NATO Military Committee (MC), Marshal Sir Stuart Peach, announced the effort of the Alliance in facing Russian hybrid attacks. The term “Hybrid warfare” refers to […] | Threat | ||
|
2020-01-20 11:36:42 | Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 and 12.0 (lien direct) | Citrix addressed the actively exploited CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. Citrix has released security patches to address actively exploited CVE-2019-19781 vulnerability in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller […] | Vulnerability | ||
|
2020-01-20 09:20:39 | WP Database Reset WordPress plugin flaws allow website takeover (lien direct) | The WP Database Reset WordPress plugin is affected by an “easily exploitable” vulnerability that can allow attackers to take over vulnerable sites. Security experts from Wordfence discovered two security vulnerabilities in the WP Database Reset WordPress plugin that can van be used to take over the vulnerable websites. The WordPress Database Reset plugin allows users to reset the […] | Vulnerability | ||
|
2020-01-20 08:10:30 | JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East (lien direct) | Researchers from Cisco Talos discovered a new Trojan named JhoneRAT that was used in targeted attacks against entities in the Middle East. A new Trojan named JhoneRAT appeared in the threat landscape, it is selectively attacking targets in the Middle East by checking keyboard layouts. The malware targets a very specific set of Arabic-speaking countries, […] | Malware Threat | ||
|
2020-01-19 14:54:30 | Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online (lien direct) | The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. A hacker has published online a massive list of Telnet credentials for more than 515,000 servers and smart devices, including home routers. This is the biggest leak of Telnet passwords even reported. According […] | |||
|
2020-01-19 12:05:41 | Security Affairs newsletter Round 247 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Google removed 1.7K+ Joker Malware infected apps from its Play Store MageCart attack hit Australia bushfire Donors New Bill prohibits intelligence sharing with countries using Huawei 5G equipment 5G – The Future of Security and Privacy in Smart […] | Malware | ||
|
2020-01-19 09:32:27 | Hackers patch Citrix servers to deploy their own backdoor (lien direct) | Attacks on Citrix servers are intensifying, one of the threat actors behind them is patching them and installing its own backdoor to lock out other attackers. Security experts are monitoring a spike in the number of attacks against Citrix servers after that researchers announced the availability online of proof-of-concept exploits for the CVE-2019-19781 flaw in Citrix NetScaler […] | Threat Patching | ||
|
2020-01-18 21:02:05 | (Déjà vu) Microsoft provides mitigation for actively exploited CVE-2020-0674 IE Zero-Day (lien direct) | Microsoft published a security advisory to warn of an Internet Explorer (IE) zero-day vulnerability (CVE-2020-0674) that is currently being exploited in the wild. Microsoft has published a security advisory (ADV200001) that includes mitigations for a zero-day remote code execution (RCE) vulnerability, tracked as CVE-2020-0674, affecting Internet Explorer. The tech giant confirmed that the CVE-2020-0674 zero-day […] | Vulnerability | ||
|
2020-01-18 15:18:05 | Turkish Hackers hit Greek Government websites and local stock exchange (lien direct) | Turkish hackers hijacked for more than 1 hour the official websites of the Greek parliament, some ministries, as well as the country’s stock exchange. While eastern Libya ports controlled by commander Khalifa Haftar are shutting down oil exports, the group of Turkish hackers named Anka Neferler Tim claimed Friday to have hijacked for more than 90 […] | |||
|
2020-01-18 11:57:29 | Cybercrime Statistics in 2019 (lien direct) | I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020 Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow. According to the Cybersecurity Ventures' cybercrime statistics 2017 […] | |||
|
2020-01-17 20:23:20 | Hack the Army bug bounty program paid $275,000 in rewards (lien direct) | Hack the Army bug bounty program results: 146 valid vulnerabilities were reported by white hat hackers and more than $275,000 were paid in rewards. The second Hack the Army bug bounty program ran between October 9 and November 15, 2019 through the HackerOne platform. The bug bounty program operated by the Defense Digital Service, along […] | Hack | ||
|
2020-01-17 14:37:59 | Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity (lien direct) | Chinese authorities continue operations against unauthorized VPN services that are very popular in the country. China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. The Great Firewall project already blocked access to more hundreds of the world's 1,000 top […] | |||
|
2020-01-17 10:05:15 | Law enforcement seized WeLeakInfo.com for selling access to data from data breaches (lien direct) | The FBI has seized the WeLeakInfo.com websites for selling subscriptions to data that were exposed in data breaches. WeLeakInfo.com is a data breach notification service that allows its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over 10,000 data breaches. […] | Data Breach |
To see everything:
Our RSS (filtrered)
