What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-11 20:38:56 | Tens of million PCs potentially impacted by a flaw in HP Touchpoint Analytics (lien direct) | SafeBreach experts discovered that the HP Touchpoint Analytics service is affected by a potentially serious vulnerability. Security researchers at SafeBreach have discovered that the HP Touchpoint Analytics service is affected by a serious flaw tracked as CVE-2019-6333. The vulnerability received a CVSS score of 6.7 (medium severity). The TouchPoint Analytics is a service that allows the vendor to […] | Vulnerability | ||
|
2019-10-11 13:46:32 | Researchers released a free decryptor for the Nemty Ransomware (lien direct) | Good news for the victims of the Nemty Ransomware, security researchers have released a free decryptor that could be used to recover files. I have great news for the victims of the recently discovered Nemty Ransomware, security researchers have released a free decryptor tool that could be used to recover files. In mid-August, the Nemty […] | Ransomware Tool | ||
|
2019-10-11 12:33:41 | Top cybersecurity certifications to consider for your IT career (lien direct) | With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career. Cyber attacks are making headlines almost every day in today's era. The attacks have increased both in number and complexity. Because of this natural demand, it is now crucial for companies and specialized firms […] | |||
|
2019-10-11 07:16:56 | Hacker breached escort forums in Italy and the Netherlands and is selling user data (lien direct) | Popular prostitution and escort forums in Italy and the Netherlands have been hacked and data have been offered for sale in the cybercrime underground. A Bulgarian hacker known as InstaKilla has breached two online escort forums and stole the user information that he is now offering for sale on a hacking forum. The two escort […] | |||
|
2019-10-11 06:14:11 | Sophos fixed a critical vulnerability in Cyberoam firewalls (lien direct) | A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target's internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company's internal network without providing a password. “A critical shell injection vulnerability in Sophos […] | Vulnerability | ||
|
2019-10-10 21:00:58 | iTunes Zero-Day flaw exploited by the gang behind BitPaymer ransomware (lien direct) | The gang behind BitPaymer and ransomware attacks has been found exploiting Windows zero-day for Apple iTunes and iCloud. The cybercriminals behind BitPaymer and iEncrypt ransomware attacks have been found exploiting a Windows zero-day vulnerability for Apple iTunes and iCloud in attacks in the wild. The zero-day vulnerability resides in the Bonjour updater that comes packaged with […] | Ransomware Vulnerability | ||
|
2019-10-10 18:02:09 | (Déjà vu) Attor malware was developed by one of the most sophisticated espionage groups (lien direct) | New espionage malware found targeting Russian-speaking users in Eastern Europe ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. ESET researchers discovered an advanced malware piece of malware named Attor, that was used in cyberespionage operations on diplomats and high-profile Russian-speaking users in Eastern Europe. […] | Malware | ||
|
2019-10-10 13:14:36 | SAP October 2019 Security Patch Day fixes 2 critical flaws (lien direct) | SAP addressed two critical vulnerabilities (Hot News) as part of the October 2019 Security Patch Day. SAP has released its October 2019 Security Patch Day updates that also address two critical vulnerabilities (Hot News) with CVSS scores of 9.3 and 9.1. The October 2019 Security Patch Day also includes a High Priority Note addressing Binary Planting […] | |||
|
2019-10-10 11:14:28 | Tor Project is going to remove End-Of-Life relays from the network (lien direct) | Maintainers at the Tor Project have removed from its network more than 800 relay servers running outdated and EOL versions of the Tor software. Currently, the Tor network is composed of more than 6000 relays, some of them running outdated Tor software versions (in some cases back to the 0.2.4.x versions). Other relays are running […] | |||
|
2019-10-10 09:10:42 | Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware (lien direct) | NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco. Experts at […] | Malware | ||
|
2019-10-10 06:56:21 | Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012 (lien direct) | Security experts discovered a critical remote code execution vulnerability, tracked as CVE-2019-9535, in the GPL-licensed iTerm2 macOS terminal emulator app. Security experts at cybersecurity firm Radically Open Security (ROS) discovered a 7-year old critical remote code execution vulnerability in the GPL-licensed iTerm2 macOS terminal emulator app. The iTerm2 macOS terminal emulator app is one of the most […] | Vulnerability | ||
|
2019-10-09 20:37:39 | (Déjà vu) Multiple APT groups are exploiting VPN vulnerabilities, NSA warns (lien direct) | NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws Last week, the UK's National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to […] | Threat | ||
|
2019-10-09 14:40:55 | vBulletin addresses three new high-severity vulnerabilities (lien direct) | vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […] | |||
|
2019-10-09 12:59:23 | Hackers compromised Volusion infrastructure to siphon card details from thousands of sites (lien direct) | Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Volusion is a privately-held technology company that provides ecommerce software and marketing and web design services for small and medium sized businesses. The company has over 250 employees and has served more than 180,000 customers since its founding in 1999. […] | ★★★★ | ||
|
2019-10-09 09:23:38 | Twitter inadvertently used Phone Numbers collected for security for Ads (lien direct) | Twitter admitted having “inadvertently” used phone numbers and email addresses, collected for security purposes, for advertising. Twitter apologized to have used phone numbers and email addresses, privided by the users for security purposes, for advertising. According to the social media company, data used for account authentication were also matched with advertisers’ database to improve the […] | |||
|
2019-10-09 07:21:02 | Researchers discovered a code execution flaw in NSA GHIDRA (lien direct) | Security researchers discovered a code-execution vulnerability that affects versions through 9.0.4 of the Ghidra software reverse engineering (SRE) framework. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux). The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly originating from […] | Vulnerability | ||
|
2019-10-08 20:46:08 | MS October 2019 Patch Tuesday updates address 59 flaws (lien direct) | Microsoft October 2019 Patch Tuesday addressed a total of 59 vulnerabilities. 9 of which are rated as critical and 49 as important. The tech giant released its October 2019 Patch Tuesday security updates to address a total of 59 vulnerabilities in Windows operating systems and other software, 9 of which are rated as ‘critical’, 49 are […] | |||
|
2019-10-08 14:14:46 | Experts found a link between a Magecart group and Cobalt Group (lien direct) | Researchers from MalwareBytes and HYAS Threat Intelligence linked one of the hacking groups under the Magecart umbrella to the notorious Cobalt cybercrime Group. Hacker groups under the Magecart umbrella continue to target organizations worldwide to steal payment card data with so-called software skimmers. Security firms have monitored the activities of a dozen groups at least since 2010. According to […] | Threat | ||
|
2019-10-08 12:50:11 | Developer hacked back Muhstik ransomware crew and released keys (lien direct) | One of the victims of the Muhstik ransomware gang who initially paid the ransomware, decided to hack back the crooks and released their decryption keys. Tobias Frömel, is a German software developer, who was a victim of the Muhstik ransomware. Frömel initially paid the ransom to decrypt his files, but later decided to get his […] | Ransomware Hack | ||
|
2019-10-08 06:30:12 | Users reported problems with patches for CVE-2019-1367 IE zero-day (lien direct) | Patches for Internet Explorer Zero-Day Causing Problems for Many Users Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch. On September 23, Microsoft released an out-of-band patch to address a zero-day memory corruption flaw in Internet Explorer (CVE-2019-1367) that […] | |||
|
2019-10-08 05:32:23 | Hackers continue to exploit the Drupalgeddon2 flaw in attacks in the wild (lien direct) | Researchers from Akamai uncovered a new campaign targeting the Drupalgeddon2 vulnerability to deliver malware. The popular security expert Larry W. Cashdollar from Akamai has uncovered a new campaign targeting the popular Drupalgeddon2 vulnerability (CVE-2018-7600) to deliver malware. Drupalgeddon2 is a “highly critical” vulnerability that affects Drupal 7 and 8 core, it could be exploited by an attacker […] | Vulnerability | ||
|
2019-10-07 14:47:06 | D-Link router models affected by remote code execution issue that will not be fixed (lien direct) | Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. The flaw has received a CVSS v31 base […] | Vulnerability | ||
|
2019-10-07 10:59:00 | (Déjà vu) US will help Baltic states to secure baltic energy grid (lien direct) | The United States and Baltic announced cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. The US and Baltic agreed to cooperate to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. US Energy Secretary Rick Perry and counterparts […] | |||
|
2019-10-07 08:45:45 | Data from Sephora and StreetEasy data breaches added to HIBP (lien direct) | The popular data breach notification service Have I Been Pwned? (HIBP) has added the stolen data from the StreetEasy and Sephora data incidents. Have I Been Pwned? (HIBP), the popular service that allows users to check whether their personal data has been compromised by data breaches has added the stolen data from the StreetEasy and Sephora data […] | Data Breach | ||
|
2019-10-07 05:28:34 | PoS malware infections impacted four restaurant chains in the U.S. (lien direct) | Four restaurant chains in the U.S. disclosed payment card theft via PoS malware that took place over the summer. Four restaurant chains in the United States disclosed security breaches that impacted their payment systems over the summers, crooks used PoS malware to steal payment card data of the customers. The restaurant chains are McAlister’s Deli, […] | Malware | ||
|
2019-10-06 14:10:54 | Iran-linked Phosphorus group hit a 2020 presidential campaign (lien direct) | Microsoft says that the Iran-linked cyber-espionage group tracked as Phosphorus (aka APT35, Charming Kitten, Newscaster, and Ajax Security Team) a 2020 presidential campaign. Microsoft’s Threat Intelligence Center (MSTIC) revealed that an Iran-linked APT group tracked as Phosphorus (aka APT35, Charming Kitten, Newscaster, and Ajax Security Team) attempted to access to email accounts belonging to current and former US government officials, journalists, Iranians living abroad, and individuals […] | Threat Conference | APT 35 | |
|
2019-10-06 12:08:09 | (Déjà vu) Security Affairs newsletter Round 234 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Hacker claims to have stolen over […] | |||
|
2019-10-06 10:16:56 | (Déjà vu) UK NCSC agency warns of APTs exploiting Enterprise VPN vulnerabilities (lien direct) | The UK's National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure According to the UK's National Cyber Security Centre (NCSC), advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors […] | Threat | ||
|
2019-10-06 08:41:20 | Hacker is auctioning a database containing details of 92 million Brazilians (lien direct) | A database containing details of 92 million Brazilians was auctioned by a threat actor on underground forums along with a search service focused on Brazilians. Someone is auctioning on several restricted underground forums a database containing personal information of 92 million Brazilian citizens. The threat actor, registered as X4Crow, is also advertising a search service that […] | Threat | ||
|
2019-10-05 18:34:16 | A bug in Signal for Android could be exploited to spy on users (lien direct) | Researcher discovered a logical flaw in the Signal messaging app for Android that could be exploited by a malicious caller to force a call to be answered at the receiver’s end without interaction. Google Project Zero white-hat hacker Natalie Silvanovich discovered a logical vulnerability in the Signal messaging app for Android that could be exploited […] | Vulnerability | ||
|
2019-10-05 14:57:07 | Magecart hackers are expanding their operations (lien direct) | Cybercrime gangs under the Magecart umbrella continue to compromise e-commerce platforms to steal payment card data from users worldwide. Hacker groups under the Magecart umbrella continue to target organizations payment card data with so-called software skimmers. Security firms have monitored the activities of a dozen groups at least since 2010. According to a joint report published […] | |||
|
2019-10-05 07:47:26 | NSA Launches New Cybersecurity Directorate (lien direct) | NSA is redefining its cybersecurity mission and with the Cybersecurity Directorate it will enhance its partnerships with unclassified collaboration and information sharing. Under the new Cybersecurity Directorate - a major organization that unifies NSA's foreign intelligence and cyberdefense missions The NSA announced the new Cybersecurity Directorate - which will help defend domestic organizations from foreign […] | |||
|
2019-10-04 14:17:03 | The sLoad Threat: Ten Months Later (lien direct) | Since September 2018, SLoad (tracked as TH-163) is the protagonist of an increasing and persistent wave of attacks against Italian organizations. Introduction SLoad (TH-163) is the protagonist of increasing and persistent attack waves against the Italian panorama since Q3 2018 and then in 2019 (e.g N020419, N040619, N010819), but also against the UK and Canada as reported by Proofpoint. Ten months […] | |||
|
2019-10-04 11:48:25 | Project Zero researcher found unpatched Android zero-day likely exploited by NSO group (lien direct) | Google Project Zero researcher Maddie Stone discovered a critical unpatched zero-day vulnerability affecting the Android mobile operating system. Maddie Stone, a member of the Google elite team Project Zero, discovered a critical unpatched zero-day vulnerability affecting the Android mobile operating system. According to the expert, the bug, tracked as CVE-2019-2215, was allegedly being used or […] | Vulnerability | ||
|
2019-10-04 10:08:20 | Egypt regularly spies on opponents and activists with mobile apps (lien direct) | Researchers at Check Point discovered that Egypt ‘ government has been spying citizens in a sophisticated surveillance program Researchers at Check Point discovered that the Egyptian government has been spying on activists and opponents as part of a sophisticated surveillance program. The list of victims is long and includes journalists, politicians, activists and lawyers. The […] | |||
|
2019-10-03 22:24:52 | 6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group (lien direct) | Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. The name comes from the threat actor using PlugX inside ZIP archives containing […] | Threat | ||
|
2019-10-03 14:28:10 | FBI warns about high-impact Ransomware attacks on U.S. Organizations (lien direct) | The U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) warns organizations about high-impact ransomware attacks. In a wake of the recent string of attacks against cities, school districts and hospitals, the U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) issued organizations about high-impact ransomware attacks. “Ransomware attacks are becoming more targeted, […] | Ransomware | ||
|
2019-10-03 12:22:02 | Ukrainian police dismantled a bot farm involved in multiple spam campaigns (lien direct) | The Ukrainian police dismantled a bot farm involved in spam campaigns carried out through various services, including email and social networks. Cybercrime is a prolific business, criminal organizations continues to make profits with illegal activities in the cyberspace, but police are ready to contrast them. Cyber experts at the Ukrainian police dismantled a bot farm […] | Spam | ||
|
2019-10-03 08:53:10 | Dutch police shut down bulletproof service hosting tens of DDoS botnets (lien direct) | Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. A joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof […] | |||
|
2019-10-03 05:24:11 | US Secretary of State Mike Pompeo warns Italy over 5G Chinese equipment supply (lien direct) | US continues to warn its allies over China’s “predatory approach” especially for 5G technology, this time US Secretary of State alerts Italy. US Secretary of State Mike Pompeo during the recent meeting with Italian Foreign Minister Luigi Di Maio warned Italy of China’s “predatory approach” to trade and investment. Once again US is warning its […] | |||
|
2019-10-02 21:33:42 | (Déjà vu) Zendesk 2016 security breach may impact Uber, Slack, and over 100k organizations (lien direct) | Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers. Zendesk software is currently used by […] | Data Breach | Uber | |
|
2019-10-02 20:17:05 | Expert disclosed details of remote code execution flaw in Whatsapp for Android (lien direct) | Researcher discovered a double-free vulnerability in WhatsApp for Android that could be exploited by remote attackers to execute arbitrary code on the vulnerable device. A security researcher that goes online with the moniker Awakened discovered a double-free vulnerability in WhatsApp for Android and demonstrated how to leverage on it to remotely execute arbitrary code on […] | Vulnerability | ||
|
2019-10-02 14:17:13 | Former American Express employee under investigation for customers\' data abuse (lien direct) | Authorities are investigating an American Express employee for unauthorized access to cardholder information and potentially abuse for fraud. Authorities launched a criminal investigation on an American Express employee that is suspected to accessed to cardholder information and potentially abused for fraud. Exposed information includes full name, physical and/or billing address, Social Security numbers, birth dates, […] | |||
|
2019-10-02 11:58:26 | Asics apologizes after pornography ran on screens at central store in Auckland for hours (lien direct) | NZ Sports Store Apologises Over Porn Played on Big Screens Hackers broadcasted pornography content on large television screens located above the Asics central store in Auckland for several hours. The New Zealand branch of sports brand Asics apologized for an embarrassing incident that took place over the weekend. On Sunday, hackers broadcasted pornography content on […] | |||
|
2019-10-02 08:15:06 | Ten hospitals in Alabama and Australia have been hit with ransomware attacks (lien direct) | A new wave of ransomware attacks hit US and Australian hospitals and health service providers causing the paralysis of their systems. Several hospitals and health service providers from the U.S. and Australia were hit by ransomware attacks that forced the administrators to shut part of their IT infrastructure. “Ten hospitals-three in Alabama and seven in […] | Ransomware | ||
|
2019-10-02 06:24:54 | Experts found 20 Million tax records for Russian citizens exposed online (lien direct) | Experts discovered an unprotected Elasticsearch cluster containing personally identifiable and tax information of Russian citizens exposed online. Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. The experts found an unprotected Elasticsearch cluster that was containing personally […] | |||
|
2019-10-01 20:28:39 | Teheran: U.S. has started \'Cyber War\' against Iran (lien direct) | Iran 's Passive Defense Organization chief Gholamreza Jalali declared that the US government has started its cyber war against the country. Gholamreza Jalali, Iran's Passive Defense Organization chief, announced that that “America has started its cyber war against Iran, without providing more details. The news was reported by the ISNA news website on October 1, […] | |||
|
2019-10-01 18:28:55 | Singapore presented the Operational Technology (OT) Cybersecurity Masterplan (lien direct) | The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to enhance the security and resilience of Singapore's Critical Information Infrastructure (CII) sectors in delivering essential services. […] | |||
|
2019-10-01 14:27:35 | A new Adwind variant involved in attacks on US petroleum industry (lien direct) | Adwind is back, a new variant of the popular RAT is targeting US petroleum industry entities with new advanced features. A new variant of the popular Adwind RAT (aka jRAT, AlienSpy, and JSocket) is targeting entities in the US petroleum industry. The new variant implements advanced features such as multi-layer obfuscation. The malware is distributed via a […] | Malware | ||
|
2019-10-01 12:52:17 | Hackers breached one of Comodo Forums, 245,000 users impacted (lien direct) | The ITarian Forum, the Comodo discussion board and support forums, has been hacked and data belonging to nearly 245,000 registered users were exposed. Hackers breached the ITarian Forum, the Comodo discussion board and support forums, accessing login credentials of nearly 245,000 users registered with the Comodo Forums websites. Comodo has not specified which of its […] |
To see everything:
Our RSS (filtrered)
