What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-26 12:01:29 | Security Affairs newsletter Round 274 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Diebold Nixdorf warns of a wave of ATM black box attacks across Europe Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week Twitter reveals that […] | |||
|
2020-07-26 11:11:11 | Records for 7.5 million users of the digital banking app Dave leaked online (lien direct) | Digital banking app Dave.com discloses a security breach after the known threat actor ShinyHunters leaked 7 million user records on a crime forum. The popular digital banking app Dave.com discloses a security breach after the known threat actor ShinyHunters leaked 7,516,625 user records on a crime forum. According to ZDNet, the security breach originated on the network […] | Threat | ||
|
2020-07-25 16:25:06 | D-Link addressed 5 flaws on some router models, some of them reached EoL (lien direct) | D-Link disclosed five severe vulnerabilities affecting some router models which can be exploited by attackers to compromise a network. D-Link has disclosed five severe vulnerabilities affecting some router models, the flaw could allow a severe network compromise. Unfortunately, some of the impacted models have reached their End-of-Support (“EOS”)/ End-of-Life (“EOL”) date, which means they wouldn’t receive security updates to fix the issues. […] | |||
|
2020-07-25 11:35:15 | (Déjà vu) US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP (lien direct) | The U.S. CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The alert includes additional […] | Vulnerability | ||
|
2020-07-25 08:25:03 | Threat actors are hijacking the infamous Emotet botnet (lien direct) | A sort of vigilante is attempting to disrupt the operations of the Emotet botnet by hacking the supply chain of the malware. Someone is attempting to sabotage the operations of the Emotet botnet by replacing the Emotet payloads with animated GIFs, in this way the victims will not be infected with the bot. The mysterious activity […] | Threat | ||
|
2020-07-24 12:51:12 | CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure (lien direct) | Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files from the targeted system. Cisco […] | Vulnerability | ||
|
2020-07-24 12:00:29 | Spanish state-owned railway infrastructure manager ADIF infected with ransomware (lien direct) | ADIF, a Spanish state-owned railway infrastructure manager under the responsibility of the Ministry of Development, was hit by REVil ransomware operators. Administrador de Infraestructuras Ferroviarias (ADIF), a Spanish state-owned railway infrastructure manager was hit by REVil ransomware operators. ADIF (Administrador de Infraestructuras Ferroviarias) is charged with the management of most of Spain’s railway infrastructure, that is the track, signaling and stations. It was formed in 2005 […] | Ransomware | ||
|
2020-07-24 07:24:20 | Twitter revealed that hackers accessed DM Inboxes in July attack (lien direct) | Twitter confirmed that hackers accessed the direct message (DM) inboxes of some of the accounts that were recently compromised. Last week, the social media giant Twitter revealed that hackers compromised 130 accounts in the attack that took place on July 15 and downloaded data from eight of them. Attackers breached a number of high-profile accounts, […] | |||
|
2020-07-23 22:51:20 | Garmin shut down its services after an alleged ransomware attack (lien direct) | Smartwatch and wearable device maker Garmin had to shut down some of its connected services and call centers following a ransomware attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services due to a ransomware attack that targeted its internal network and some production systems. “We are currently experiencing […] | Ransomware | ||
|
2020-07-23 16:36:59 | PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack (lien direct) | Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […] | Hack Vulnerability | ||
|
2020-07-23 14:46:05 | New MATA Multi-platform malware framework linked to NK Lazarus APT (lien direct) | North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide The notorious Lazarus Group is using a new multi-platform malware framework, dubbed MATA, in attacks aimed at organizations worldwide, to deploy Kaspersky researchers observed that MATA was used by the threat actors to distribute ransomware (i.e. VHD […] | Ransomware Malware Threat Medical | APT 38 | |
|
2020-07-23 06:10:03 | Prometei, a new modular crypto-mining botnet exploits Windows SMB (lien direct) | Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.move laterally across systems while covertly mining for cryptocurrency. The Prometei […] | Threat | ||
|
2020-07-22 17:46:47 | US agencies offer $2M in reward for Ukrainian hackers that breached the SEC (lien direct) | The US State Department and Secret Service offered $2 million in reward money for help capturing two Ukrainian SEC hackers. The US State Department and Secret Service offered $2 million in reward money for help capturing two Ukrainian hackers that have been charged with hacking and selling insider corporate data stolen from the Securities and […] | |||
|
2020-07-22 14:17:13 | Dozens of unsecured databases wiped by mysterious Meow attack (lien direct) | Dozens of unsecured databases exposed online web wiped by threat actors as part of a campaign tracked as Meow attack. Experts observed dozens of unsecured Elasticsearch and MongoDB instances exposed online that were inexplicably wiped by threat actors as part of a campaign tracked as Meow attack. The Meow attack began recently and attackers did […] | Threat | ||
|
2020-07-22 11:49:19 | Citrix Workspace flaw can allow remote hack of devices running vulnerable app (lien direct) | Citrix addressed a vulnerability in its Citrix Workspace app that can allow an attacker to remotely hack the computer running the vulnerable application Citrix has patched a high severity vulnerability, tracked as CVE-2020-8207, affecting its Workspace app that can be exploited by an attacker to remotely hack the computer running the flawed application. The flaw affects […] | Hack Vulnerability | ||
|
2020-07-22 10:02:47 | US DoJ charged two Chinese hackers working with MSS (lien direct) | US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide. US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide. According to the Department of Justice’s Office […] | |||
|
2020-07-22 06:07:07 | Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products (lien direct) | This week, Adobe has addressed several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. Adobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile […] | |||
|
2020-07-21 21:31:00 | US DoJ charges Chinese hackers for targeting COVID-19 research (lien direct) | US Justice Department accused two Chinese hackers of stealing trade secrets from companies worldwide and targeting firms developing a COVID-19 vaccine. This week, the US Justice Department accused two Chinese hackers of stealing trade secrets from companies worldwide and recently involved in attacks against firms developing a vaccine for the COVID-19. According to the indictment, […] | |||
|
2020-07-21 14:05:22 | Phishing campaign aimed at stealing Office 365 logins abuses Google Cloud Services (lien direct) | Cybercriminals are increasingly leveraging public cloud services such as Google Cloud Services in phishing campaigns against Office 365 users. Cybercriminals are increasingly abusing cloud services, such as Google Cloud Services, to arrange phishing campaign aimed at stealing Office 365 logins Fraudsters use to host phishing pages on multiple cloud services and trick victims into landing […] | |||
|
2020-07-21 12:40:32 | 7 VPN services left data of millions of users exposed online (lien direct) | vpnMentor experts reported that seven Virtual Private Network (VPN) recently left 1.2 terabytes of private user data exposed to online. Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see. The impacted VPN services are UFO […] | |||
|
2020-07-21 09:55:44 | Cloud computing provider Blackbaud paid a ransom after data breach (lien direct) | Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Blackbaud is a cloud computing provider that serves the social good community - nonprofits, foundations, corporations, education institutions, healthcare organizations, religious organizations, and individual change agents. Its products focus on fundraising, website management, CRM, analytics, financial […] | Ransomware Data Breach | ||
|
2020-07-21 07:44:38 | BadPower attack could burn your device through fast charging (lien direct) | Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire Security researchers from Tencent have devised a technique, dubbed BadPower, to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch […] | |||
|
2020-07-20 19:30:32 | REVil ransomware infected 18,000 computers at Telecom Argentina (lien direct) | Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina, one of the largest internet service providers in Argentina, was hit by a ransomware attack. Ransomware operators infected roughly 18,000 computers during the weekend and now are asking for a $7.5 million ransom. […] | Ransomware | ||
|
2020-07-20 13:55:01 | Two more cyber attacks hit Israel\'s water facilities in June (lien direct) | In April a cyber attack hit an Israeli water facility, last week, officials revealed two more cyber attacks against other water management facilities. In April an attack hit an Israeli water facility attempting to modify water chlorine levels, last week officials from the Water Authority revealed two more cyber attacks on other facilities in the […] | |||
|
2020-07-20 06:19:36 | Tedrade banking malware families target users worldwide (lien direct) | The Tetrade term coined by Kaspersky experts to refer four large banking trojan families developed and spread by Brazilian crooks worldwide. Cybersecurity researchers from Kaspersky Lab have detailed four different families of Brazilian banking trojans, tracked as Tetrade, that have targeted financial institutions in Brazil, Latin America, and Europe. The four malware families are named Guildma, Javali, […] | Malware | ||
|
2020-07-20 05:58:00 | A flaw in Zoom\'s Vanity URL feature could have been exploited in phishing attacks (lien direct) | A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, […] | Vulnerability | ||
|
2020-07-19 18:57:14 | (Déjà vu) Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week (lien direct) | A group of hacktivists that goes online with the name Ghost Squad Hackers has defaced for the second time in a week a site of the European Space Agency (ESA). Last week a group of hackers that goes online with the name Ghost Squad Hackers announced the defacement of a site of the European Space Agency […] | |||
|
2020-07-19 13:02:02 | Twitter reveals that hackers also downloaded data from eight compromised accounts (lien direct) | The social media giant Twitter confirmed that hackers compromised 130 accounts in last week hack and downloaded data from eight of them. The social media platform Twitter suffered one of the biggest cyberattacks in its history, multiple high-profile accounts were hacked. Last week, the social media platform Twitter has suffered one of the biggest cyberattacks in its […] | Hack | ||
|
2020-07-19 10:38:27 | Security Affairs newsletter Round 273 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Google updates policies to ban any ads for surveillance solutions and services Hacker claims to have breached Night Lion security firm Malware campaign attempts to evade analysis with Any.Run sandbox […] | Malware | ||
|
2020-07-19 09:27:58 | Diebold Nixdorf warns of a wave of ATM black box attacks across Europe (lien direct) | ATM maker Diebold Nixdorf is warning banks a new ATM black box attack technique that was recently employed in cyber thefts in Europe. Black box attacks are a type of jackpotting attack aimed at forcing an ATM to dispense the cash by sending a command through a “black box” device. In this attack, a black box […] | |||
|
2020-07-18 16:07:40 | Emotet botnet surges back after months of absence (lien direct) | After months of inactivity, the infamous Emotet trojan has surged back with a new massive spam campaign targeting users worldwide. The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. The Emotet banking trojan has been active at least since 2014, […] | Spam | ||
|
2020-07-18 14:34:16 | Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability (lien direct) | Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability, , tracked as CVE-2020-6287. Immediately after a researcher released a proof-of-concept (PoC) exploit for the RECON vulnerability, […] | Vulnerability Threat | ||
|
2020-07-17 21:48:54 | Orange Business Services hit by Nefilim ransomware operators (lien direct) | Security researchers at Cyble reported that Nefilim ransomware operators allegedly targeted the mobile network operator Orange. Researchers from Cyble came across a post of Nefilim ransomware operators which were claiming to have stolen sensitive data of Orange S.A., one of the largest mobile networks based in France. The discovery was made by the experts during their regular […] | Ransomware | ||
|
2020-07-17 13:49:25 | Iran-linked APT35 accidentally exposed 40 GB associated with their operations (lien direct) | Iran-linked APT35 group accidentally exposed one of its servers, leaving online roughly 40 GB of videos and other files associated with its operations. Researchers at IBM X-Force Incident Response Intelligence Services (IRIS) discovered an unsecured server belonging to Iran-linked APT35 group (aka ITG18, Charming Kitten, Phosphorous, and NewsBeef) containing data for many domains managed by […] | Conference | APT 35 | |
|
2020-07-17 11:43:19 | Introducing the PhishingKitTracker (lien direct) | Experts that want to to study phishing attack schema and Kit-composition can use the recently PhishingKitTracker, which is updated automatically. If you are a security researcher or even a passionate about how attackers implement phishing you will find yourself to look for phishing kits. A phishing kit is not a phishing builder, but a real […] | |||
|
2020-07-17 11:25:50 | DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h (lien direct) | US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. The US DHS CISA issued an emergency directive urging government agencies to patch the recently disclosed SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being […] | Vulnerability | ||
|
2020-07-17 06:02:07 | New Android BlackRock malware targets hundreds of apps (lien direct) | Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. Security experts from ThreatFabric have discovered a new Android banking trojan dubbed BlackRock that steals credentials and credit card data from a list of 337 apps. The BlackRock malware borrows the code from the […] | Malware | ||
|
2020-07-16 19:11:53 | Group-IB helps to detain fraudsters that used cloned SIM cards to steal money from banks\' VIP customers (lien direct) | Russian police have detained the organizers of a criminal group that focused on reissuing SIM cards and stealing money from Russian banking customers. With the assistance of Group-IB, an international company that specializes in preventing and investigating cyberattacks, the Moscow Criminal Investigation Department has detained the organizers of a criminal group that focused on reissuing SIM […] | |||
|
2020-07-16 14:45:58 | UK NCSC blames Russia-linked APT29 for attacks on COVID-19 vaccine research (lien direct) | The UK National Cyber Security Centre says that Russia-linked APT29 group is attempting to steal research data related to potential COVID-19 vaccines. The British National Cyber Security Centre revealed that Russia-linked group APT29 is conducting cyberespionage campaigns targeting UK, US, and Canadian organizations working of the development of a COVID-19 vaccine. “RUSSIAN cyber actors are targeting organisations […] | APT 29 | ||
|
2020-07-16 08:47:59 | (Déjà vu) Cisco fixes 5 critical flaws that could allow router firewall takeover (lien direct) | Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Cisco has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices. An attacker could exploit the vulnerabilities to completely […] | Guideline | ||
|
2020-07-16 07:56:39 | Several High-Profile Twitter accounts hacked in a Bitcoin scam (lien direct) | The social media platform Twitter suffered one of the biggest cyberattacks in its history, multiple high-profile accounts were hacked. Social media platform Twitter has suffered one of the biggest cyberattacks in its history, hackers breached a number of high-profile accounts, including those of Barak Obama, US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon […] | ★★ | ||
|
2020-07-16 05:43:03 | CIA covert operations likely behind attacks against APT34 and FSB (lien direct) | CIA orchestrated dozens of hacking operations against targets worldwide, including APT34 and FSB hacks, states an exclusive report from Yahoo News. In 2018, US President Trump gave to the Central Intelligence Agency (CIA) more powers to conduct covert offensive cyber operations against hostile threat actors, including Iranian and Russian APT groups and intelligence agencies. In […] | Threat | Yahoo APT 34 | |
|
2020-07-15 18:42:32 | New Zealand property management company leaks 30,000 users\' passports, driver\'s licenses and other personal data (lien direct) | CyberNews reported the discovery of an unsecured Amazon S3 bucket containing users' passports, driver's licenses and other personal data The original post available here: https://cybernews.com/security/new-zealand-property-management-company-leaks-30000-passports-drivers-licenses/ CyberNews received information from reader Jake Dixon, a security researcher with Vadix Solutions, who discovered an unsecured Amazon Simple Storage Solution (S3) database containing more than 31,000 images of users' passports, driver's […] | ★★★★ | ||
|
2020-07-15 14:13:58 | How to Extend Security Across Your Kubernetes Infrastructure (lien direct) | How to enhance the security across a Kubernetes Infrastructure and mitigate the risk of cyber attacks. By David Bisson The security risks surrounding containers are well-known. Container images suffer from vulnerabilities that malicious actors could exploit for the purpose of gaining access to the larger container environment, for instance. Containers might also be able to […] | Uber | ||
|
2020-07-15 13:53:56 | US applauds British ban on China\'s Huawei for 5G networks (lien direct) | The United States applauded the UK’s decision to ban equipment from China’s Huawei telecoms giant from its 5G network. Last week, British Prime Minister Boris Johnson announced its decision to phase out the use of network equipment manufactured by the Chinese tech giant Huawei in the UK's 5G network as little as six months. “We […] | ★★ | ||
|
2020-07-15 12:26:23 | Exclusive, Ghost Squad Hackers defaced European Space Agency (ESA) site (lien direct) | A group of hacktivists that goes online with the name Ghost Squad Hackers has defaced a site of the European Space Agency (ESA). A group of hackers that goes online with the name Ghost Squad Hackers has defaced a site of the European Space Agency (ESA), https://business.esa.int/. I have reached them for a comment and […] | |||
|
2020-07-15 11:32:10 | GoldenHelper, a new malware delivered via Chinese tax software (lien direct) | Security researchers discovered another malware family delivered through tax software that some businesses operating in China are required to install. Security researchers at Trustwave have discovered another malware family delivered through tax software that Chinese banks require companies operating in the country to install. At the end of June, the same team of experts spotted […] | Malware | ||
|
2020-07-15 09:10:28 | Microsoft July 2020 Security Updates address 123 vulnerabilities (lien direct) | Microsoft July 2020 addressed 123 security flaws across 13 products, including a 17-year-old wormable issue for hijacking Microsoft Windows Server dubbed SigRed. Microsoft July 2020 addressed 123 security vulnerabilities impacting 13 products, none of them has been observed being exploited in attacks in the wild. The July 2020 security release consists of security updates for […] | ★★★★★ | ||
|
2020-07-14 21:10:30 | Microsoft fixes critical wormable RCE SigRed in Windows DNS servers (lien direct) | Microsoft’s Patch Tuesday security updates for July 2020 addressed a 17-year-old wormable vulnerability for hijacking Microsoft Windows Server dubbed SigRed Microsoft’s Patch Tuesday addressed a 17-year-old wormable vulnerability for hijacking Microsoft Windows Server tracked CVE-2020-1350 and dubbed SigRed. The issue received a severity rating of 10.0 on the CVSS scale and affects Windows Server versions […] | Vulnerability | ||
|
2020-07-14 17:59:10 | Adobe fixes over a dozen flaws in Media Encoder, Download Manager (lien direct) | Adobe has addressed over a dozen flaws in its Creative Cloud, Media Encoder, Genuine Service, ColdFusion and Download Manager products. Adobe has addressed over a dozen vulnerabilities in its Creative Cloud, Media Encoder, Genuine Service, ColdFusion, and Download Manager products. “Adobe has published security bulletins for Adobe Creative Cloud Desktop Application (APSB20-33), Adobe Media Encoder (APSB20-36), […] |
To see everything:
Our RSS (filtrered)
