What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-27 23:38:05 | NIST ACTS Toolkit could find Finds bugs safety-critical systems (lien direct) | US NIST updates its Automated Combinatorial Testing for Software (ACTS) research toolkit that should help experts in finding bugs in complex safety-critical applications. US NIST announced updated for its Automated Combinatorial Testing for Software (ACTS) research toolkit that should allow developers easily spot software errors in complex safety-critical applications. The ACTS toolkit allows development teams […] | ★★★★★ | ||
|
2019-04-27 14:34:01 | Magecart skimmer scripts hosted on GitHub infected 200+ e-commerce sites (lien direct) | Security experts discovered hosted on GitHub the skimmer scripts used by Magecart cybercrime gang to compromised Magento installations worldwide. Experts discovered the Magecart skimmer scripts used to compromise a few hundred e-commerce websites worldwide hosted on GitHub. Security firms have monitored the activities of a dozen Magecart groups at least since 2015. The gangs use […] | ★★★★★ | ||
|
2019-04-27 12:31:00 | Docker Hub Database hacked, 190,000 users impacted (lien direct) | Docker became aware of unauthorized access to a Docker Hub database that exposed sensitive information for roughly 190,000 users. Docker notified its users that an unauthorized entity gained access to a Docker Hub database that exposed sensitive information for roughly 190,000 users. The exposed information included some usernames and hashed passwords, as well as tokens […] | ★★★★ | ||
|
2019-04-27 08:39:04 | Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices (lien direct) | Experts at Cisco Talos group disclosed a dozen vulnerabilities uncovered in Sierra Wireless AirLink gateways and routers, including several serious flaws. Researchers at Cisco Talos group disclosed a dozen vulnerabilities affecting Sierra Wireless AirLink gateways and routers, including several serious flaws. Some of the flaws could be exploited to execute arbitrary code, modify passwords, and […] | ★★★★ | ||
|
2019-04-26 14:05:03 | Beapy Cryptojacking campaign leverages EternalBlue exploit to spread (lien direct) | Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. “Beapy is […] | Malware | ★★★★ | |
|
2019-04-19 17:43:01 | Facebook admitted to have stored millions of Instagram users\' passwords in plaintext (lien direct) | Other problems for Facebook that admitted to have stored millions of Instagram users’ passwords in plaintext Yesterday, Facebook made the headlines once again for alleged violations of the privacy of its users, the company admitted to have 'unintentionally' collected contacts from 1.5 Million email accounts without permission In March, Facebook admitted to have stored the […] | |||
|
2019-04-19 14:01:03 | Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison (lien direct) | Djevair Ametovski was sentenced to 90 months in prison for operating an international cybercrime marketplace named Codeshop. Macedonian national Djevair Ametovski (32) was sentenced to 90 months in prison by US DoJ authorities for operating an international cybercrime marketplace named Codeshop. Codeshop.su was a website that specialized in selling stolen payment card data. Ametovski acquired […] | |||
|
2019-04-19 12:07:04 | Source code of tools used by OilRig APT leaked on Telegram (lien direct) | Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as OilRig, APT34, and HelixKitten. OilRig is an Iran-linked APT group that has been […] | APT 34 | ||
|
2019-04-19 09:41:00 | Ransomware attack knocks Weather Channel off the Air (lien direct) | A ransomware attack knocked the Weather Channel off the air for at least 90 minutes Thursday morning, federal law enforcement are investigating the incident.A ranomware attack knocked the Weather Channel off the air for at least 90 minutes Thursday morning, federal law enforcement are investigating the incident. A cyber attack hit the Weather Channel and […] | Ransomware | ||
|
2019-04-19 08:30:02 | Broadcom WiFi Driver bugs expose devices to hack (lien direct) | Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute arbitrary code and to trigger DoS. According to a DHS/CISA alert and a CERT/CC vulnerability note, Broadcom WiFi chipset drivers are affected by security vulnerabilities impacting multiple operating systems. The flaws could be exploited to remotely execute arbitrary […] | Hack Vulnerability | ||
|
2019-04-18 20:47:05 | Analyzing OilRig\'s malware that uses DNS Tunneling (lien direct) | Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. Security researchers at Palo Alto Networks reported that Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. OilRig is an Iran-linked APT group that has been […] | Malware | APT 34 | |
|
2019-04-18 14:01:03 | Drupal patched security vulnerabilities in Symfony, jQuery (lien direct) | The developers of the Symfony PHP web application framework released updates that patch five vulnerabilities, three affecting the Drupal CMS. The development team of the Symfony PHP web application framework released security updates for five issues, three of which also affects Drupal 7 and 8. The developers of the Symfony PHP web application framework addressed […] | |||
|
2019-04-18 12:36:00 | Facebook \'unintentionally\' collected contacts from 1.5 Million email accounts without permission (lien direct) | Facebook made the headlines once again for alleged violations of the privacy of its users, this time collecting contacts from 1.5 Million email accounts without permission. New problems for Facebook, the company collected contacts from 1.5 Million email accounts without user’permission. We recently read about an embarrassing incident involving the social network giant that asked […] | |||
|
2019-04-18 11:08:02 | APT28 and Upcoming Elections: evidence of possible interference (Part II) (lien direct) | In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction The uncertain attribution of the Ukrainian themed malicious document discussed in our past article “APT28 and Upcoming Elections: Possible Interference Signals”, led us to a review of Sofacy's phishing techniques to confirm or […] | APT 28 | ||
|
2019-04-18 10:04:04 | Russian TA505 threat actor target financial entities worldwide (lien direct) | Russian financially motivated threat actor TA505 used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. The hackers used remote access Trojans (RATs) in attacks aimed at financial entities in the […] | Threat | ||
|
2019-04-18 08:13:03 | Cisco addresses a critical bug in ASR 9000 series Routers (lien direct) | Cisco released security patches for 30 vulnerabilities, including a critical flaw in ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit. The critical vulnerability in ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit is tracked as CVE-2019-1710 (CVSS score of 9.8). The flaw could be exploited by an unauthenticated, remote attacker to […] | Vulnerability | ||
|
2019-04-17 20:12:00 | RCE flaw in Electronic Arts Origin client exposes gamers to hack (lien direct) | Electronic Arts (EA) has fixed a security issue in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. Electronic Arts (EA) has addressed a vulnerability in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. […] | Hack Vulnerability | ★★ | |
|
2019-04-17 16:46:00 | Code execution – Evernote (lien direct) | A local file path traversal issue exists in Evernote 7.9 for macOS which allows an attacker to execute arbitrary programs. Technical observation:A crafted URI can be used in a note to perform this attack using file:/// as an argument or by traversing to any directory like(../../../../something.app). Since Evernote also has a feature of sharing notes, in such a […] | |||
|
2019-04-17 14:34:05 | Justdial is leaking personal details of all customers real-time (lien direct) | A database belonging to the Indian local search service JustDial was left online without protection exposing personal data of over 100M users. The archive is still leaking personally identifiable information of more than JustDial customers that are accessing the service via its website, mobile app, or even by calling on the customer care number (“88888 […] | |||
|
2019-04-17 10:12:04 | European Commission is not in possession of evidence of issues with Kaspersky products (lien direct) | The European Commission confirmed that has no evidence of issues associated with using products designed by Kaspersky Lab. In June 2018, European Parliament passed a resolution that classified the security firm's software as “malicious” due to the alleged link of the company with the Russian intelligence. The call for a ban on Kaspersky's software among […] | |||
|
2019-04-12 19:43:00 | Siemens addressed several DoS flaws in many products (lien direct) | Siemens Patch Tuesday updates for April 2019 address several serious vulnerabilities, including some DoS flaws in many industrial products. Siemens has released Patch Tuesday updates that address several serious flaws including some DoS vulnerabilities. Siemens published six new advisories that cover a total of 11 vulnerabilities. One of the issues addressed by Siemens is a […] | |||
|
2019-04-12 14:14:05 | APT28 and Upcoming Elections: evidence of possible interference (lien direct) | In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This file was uncommon, it seemed carefully prepared and was speaking about who is leading in the elections […] | Guideline | APT 28 | |
|
2019-04-12 11:59:04 | Emsisoft released a free decryptor for CryptoPokemon ransomware (lien direct) | Good news for the victims of the CryptoPokemon ransomware, security experts at Emsisoft just released a free decrypter tool. Victims of the CryptoPokemon ransomware have a good reason to smile, security experts at Emsisoft have released a free decrypter tool. The ransomware was first discovered by experts at IntezerLabs, the CryptoPokemon ransomware is a new […] | Ransomware | ||
|
2019-04-12 10:17:00 | VPN apps insecurely store session cookies in memory and log files (lien direct) | At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. Along with many security features, it ensure the user’s privacy and security. People use VPNs […] | |||
|
2019-04-12 09:35:02 | Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild (lien direct) | According to experts a vulnerability in the popular WordPress plugin Yuzo Related Posts is exploited by attackers to redirect users to malicious sites. The XSS flaw allows attackers to inject a JavaScript into the sites that redirect visitors to websites displaying scams, including tech support scams, and sites promoting unwanted software. The Yuzo Related Posts […] | Vulnerability | ||
|
2019-04-12 06:02:00 | VSDC video editing software website hacked again (lien direct) | Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with a banking trojan and an information stealer. VSDC is a popular, free video editing and converting app and […] | |||
|
2019-04-11 19:58:01 | FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT (lien direct) | According to a joint report published by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks. According to a joint report issued by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North […] | APT 38 | ||
|
2019-04-11 16:04:00 | WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy (lien direct) | WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew asylum after seven years. Seven years ago, WikiLeaks founder Julian Assange took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to […] | |||
|
2019-04-11 06:19:03 | WPA3 attacks allow hackers to hack Wi-Fi password (lien direct) | Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks. One of the main advantages of WPA3 is that it’s near impossible to crack […] | Hack | ||
|
2019-04-11 05:28:01 | SAP April 2019 Security Patch Day addresses High severity flaws in Crystal Reports, NetWeaver (lien direct) | SAP released the April 2019 Security Patch Day that is included6 Security Notes, two of which address High severity flaws in Crystal Reports and NetWeaver. SAP released 6 Security Notes as part of the April 2019 Security Patch Day, two of which address High severity flaws in Crystal Reports and NetWeaver. SAP April 2019 Security […] | |||
|
2019-04-10 19:37:05 | Genesis Store black marketplace offers more than 60k+ stolen bot profiles (lien direct) | Security experts at Kaspersky Lab over 60,000 stolen profiles are offered for sale on an invitation-based private marketplace called Genesis Store. More than 60,000 stolen profiles are offered for sale in the underground marketplace Genesis Store, it includes browser fingerprints, web site user logins and passwords, cookies, and credit card information. The seller is offering […] | |||
|
2019-04-10 13:35:00 | [SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services (lien direct) | EMOTET spread in Chile targeted financial and banking services. SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. This threat is known as a […] | Malware Threat | ||
|
2019-04-10 13:08:00 | Minnesota Department of Human Services suffered a security breach (lien direct) | Minnesota Department of Human Services announced to have suffered a data breach that may have exposed the personal information of about 11,000 people. Minnesota Department of Human Services suffered a data breach that may have exposed the personal information of about 11,000 people. The state Department of Human Services notified lawmakers Tuesday the incident. Attackers […] | Data Breach | ||
|
2019-04-10 11:15:05 | (Déjà vu) Microsoft April 2019 Patch Tuesday fixes Windows 0days under attack (lien direct) | Microsoft Patches Windows Privilege Escalation Flaws Exploited in Attacks Microsoft has released its April 2019 Patch Tuesday updates that address over 70 vulnerabilities, including two Windows zero-day flaws. Microsoft has released the April 2019 Patch Tuesday updates that address 74 vulnerabilities, including two Windows zero-days under active attack. April 2019 Patch Tuesday security updates resolve […] | |||
|
2019-04-10 10:42:05 | Sophisticated TajMahal APT Framework remained under the radar for 5 years (lien direct) | Cybersecurity experts at Kaspersky Lab uncovered a highly sophisticated spyware framework dubbed TajMahal that was involved in cyberespionage campaign for at least last 5 years. Cybersecurity researchers at Kaspersky discovered a highly sophisticated spyware framework, dubbed TajMahal, that has been used in cyber operations for at least last 5 years. The TajMahal framework remained undetected until […] | |||
|
2019-04-10 09:12:00 | Yoroi Welcomes “Yomi: The Malware Hunter” (lien direct) | Yomi's malware engine implements a multi-analysis approach that is able to exploit both: static analysis and behavioral analysis, enjoy it” Nowadays malware represents a powerful tool for cyber attackers and cyber criminals all around the world, with over 856 million of distinct samples identified during the last year it is, with no doubt, one of […] | Malware Tool | ||
|
2019-04-10 08:53:01 | Experts spotted a new Mirai variant that targets new processors (lien direct) | Palo Alto Networks researchers discovered a new variant of the Mirai malware that is targeting more processor architectures than previous ones. Mirai botnet continues to be one of the most dangerous malware in the threat landscape, experts at Palo Alto Networks discovered a new variant that targets more processor architectures than before. Mirai malware first […] | Malware Threat | ||
|
2019-04-09 22:32:00 | (Déjà vu) Adobe Patch Tuesday updates for April 2019 address 43 flaws in its products (lien direct) | Adobe Patch Tuesday updates for April 2019 address a total of 43 vulnerabilities affecting the eight products of the company. Adobe's Patch Tuesday updates for April 2019 address a total of 43 vulnerabilities affecting the Acrobat and Reader, Flash Player, Shockwave Player, Dreamweaver, XD, InDesign, Experience Manager Forms, and Bridge CC products. “Adobe has published […] | |||
|
2019-04-09 21:27:04 | Yahoo proposes $117.5 million for the settlement of data breach (lien direct) | Yahoo is continuously trying to settle a lawsuit on the massive data breach over the period of 2013 to 2016. This time Yahoo could pay $117.5 million for the settlement of 3 billion hacked accounts. As the news was first published by the team of Reuters, “Yahoo has struck a revised $117.5 million settlement with […] | Data Breach | Yahoo | |
|
2019-04-09 20:34:01 | Experts spotted the iOS version of the Exodus surveillance app (lien direct) | In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Security experts at LookOut have discovered an iOS version of the dreaded surveillance Android app Exodus that was initially found on the official Google Play Store. Exodus for Android is a […] | Malware | ||
|
2019-04-09 16:50:03 | LimeRAT spreads in the wild (lien direct) | Cybaze-Yoroi ZLab team spotted an interesting infection chain leveraging several techniques able to defeat traditional security defences and spread LimeRAT. Introduction Few days ago, Cybaze-Yoroi ZLab team came across an interesting infection chain leveraging several techniques able to defeat traditional security defences and hiding a powerful inner payload able to seriously threaten its victims. The […] | |||
|
2019-04-09 05:04:03 | Gulf countries came under hackers\' spotlight in 2018, with more than 130 000 payment cards compromised (lien direct) | Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks, and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. Group-IB Threat Intelligence team identified compromised credentials of 7 306 users from the Gulf countries in 2018 and detected the total of 138 978 compromised cards issued by the Gulf countries' banks. Number […] | Threat | ||
|
2019-04-08 20:53:01 | AeroGrow suffered a payment card data breach (lien direct) | The developer, marketer, direct-seller, and wholesaler of indoor garden systems, AeroGrow International, suffered a payment card data breach. AeroGrow International, a developer, marketer, direct-seller, and wholesaler of indoor garden systems, recently notified customers of a payment card data breach. The incident impacted the company website. “On March 4, 2019, AeroGrow learned that an unauthorized person […] | Data Breach | ||
|
2019-04-05 14:11:05 | Xwo Malware scans the Internet for Exposed Services, Default Passwords (lien direct) | Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […] | Malware | ||
|
2019-04-05 12:57:02 | Ursnif: The Latest Evolution of the Most Popular Banking Malware (lien direct) | ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction A few days ago, […] | Malware | ||
|
2019-04-05 10:59:04 | Flaws in Pre-Installed security App on Xiaomi Phones open to hack them (lien direct) | If you use a Xiaomi smartphone you should be aware that a pre-installed security software could be abused for malicious activities. Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers. Security experts at CheckPoint have discovered that a security app, called Guard Provider, that […] | Hack | ||
|
2019-04-05 08:44:02 | Step By Step Office Dropper Dissection (lien direct) | Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […] | |||
|
2019-04-05 07:51:04 | (Déjà vu) More than 2 million Apache HTTP servers still affected by CVE-2019-0211 flaw (lien direct) | Security experts at Rapid7 have discovered that over 2 million Apache HTTP servers are still affected by the CVE-2019-0211 critical privilege escalation flaw. An important privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems via scoreboard […] | Vulnerability | ||
|
2019-04-04 20:36:03 | Cisco fixes flaws RV320 and RV325 routers targeted in attacks (lien direct) | On Thursday Cisco announced new security patches to definitively address two vulnerabilities in Small Business RV320 and RV325 routers. Last week Cisco revealed that security patches released in January to address vulnerabilities in Small Business RV320 and RV325 routers were incomplete. “The initial fix for this vulnerability was found to be incomplete. Cisco is currently […] | Vulnerability | ||
|
2019-04-04 17:59:01 | (Déjà vu) NSA releases the source code of the GHIDRA reverse engineering framework (lien direct) | NSA released the complete source code for its GHIDRA suite, the version 9.0.2 is available on the Agency’s Github repository. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, […] |
To see everything:
Our RSS (filtrered)
