What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-01-17 07:43:32 | (Déjà vu) Expert released PoC exploits for recently disclosed Cisco DCNM flaws (lien direct) | A researcher has publicly released some proof-of-concept (PoC) exploits and technical details for flaws in Cisco's Data Center Network Manager (DCNM). Early this month, Cisco released security updates for its Cisco's Data Center Network Manager (DCNM) product that address several critical and high-severity vulnerabilities. All the vulnerabilities were reported to Cisco through Trend Micro's Zero Day Initiative (ZDI) and Accenture's iDefense service […] | |||
|
2020-01-16 15:55:27 | Hundreds of million users installed Android fleeceware apps from Google Play (lien direct) | Security experts from Sophos discovered 25 Android apps on the official Google Play that were involved in financial fraud, 600 million affected. Security researchers from Sophos discovered a set of so-called fleeceware apps that have been installed by more than 600 million Android users. Fleeceware apps are malicious applications uploaded to the official Google Play […] | |||
|
2020-01-16 12:48:16 | (Déjà vu) Two PoC exploits for CVE-2020-0601 NSACrypto flaw released (lien direct) | Researchers published proof-of-concept (PoC) code exploits for a recently-patched CVE-2020-0601 flaw in the Windows operating system reported by NSA. Security researchers have published two proof-of-concept (PoC) code exploits for the recently-patched CVE-2020-0601 vulnerability that has been reported to Microsoft by the US National Security Agency (NSA). Microsoft Patch Tuesday updates for January 2020 address a […] | Vulnerability | ||
|
2020-01-16 08:14:00 | Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins (lien direct) | WP Time Capsule and InfiniteWP WordPress plugins are affected by security flaws that could be exploited to take over websites running the popular CMS. Experts at security firm WebArx have ethically disclosed vulnerabilities in WP Time Capsule and InfiniteWP plugins, both were patched earlier this month by the developer Revmakx. The flaws in WP Time […] | |||
|
2020-01-16 07:05:50 | 5ss5c Ransomware emerges after Satan went down in the hell (lien direct) | The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan, DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’. The Bart Blaze believes that the threat actors have […] | Ransomware Malware Threat | ||
|
2020-01-15 18:58:36 | VMware addresses flaws in VMware Tools and Workspace ONE SDK (lien direct) | VMware has released security updates to address a local privilege escalation vulnerability in VMware Tools version 10 for Windows. VMware has released VMware Tools 11.0.0 that addresses a local privilege escalation issue in Tools 10.x.y tracked as CVE-2020-3941. The issue, classified as a race condition flaw that could be exploited by an attacker to access […] | Vulnerability | ||
|
2020-01-15 15:38:19 | P&N Bank data breach may have impacted 100,000 West Australians (lien direct) | P&N Bank discloses data breach, customer account information, balances exposed The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, suffered a data breach and is reporting the incident […] | Data Breach | ||
|
2020-01-15 12:00:45 | (Déjà vu) Hacker offers for sale 49 million user records from US data broker LimeLeads (lien direct) | 49 million user records from US data broker LimeLeads were available for sale on a hacking forum. 49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server. Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, […] | Guideline | ||
|
2020-01-15 09:02:12 | Iranian Threat Actors: Preliminary Analysis (lien direct) | Nowadays Iran's Cybersecurity capabilities are under the microscope, experts warn about a possible infiltration of the Iranian government. Nowadays Iran's Cybersecurity capabilities are under microscope, many news sites, gov. agencies and security experts warn about a possible cybersecurity infiltration from Iranian government and alert to increase cybersecurity defensive levels. Today I want to share a […] | Threat | ||
|
2020-01-11 15:52:50 | PoC exploits for Citrix ADC and Gateway CVE-2019-19781 flaw released online (lien direct) | Experts announced the availability online of proof-of-concept exploit code for CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway servers. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerability, many experts are announcing the availability online of proof-of-concept exploit […] | |||
|
2020-01-11 07:57:01 | Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking (lien direct) | A flaw, dubbed Cable Haunt, in Broadcom’s cable modem firmware exposed as many as 200 million home broadband gateways in Europe alone, at risk of remote hijackings. Hundreds of millions of Broadcom-based cable modems are at risk of remote hijacking due to the presence of a vulnerability dubbed Cable Haunt, CVE-2019-19494. The flaw resides in […] | Vulnerability | ||
|
2020-01-11 06:57:23 | CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploited (lien direct) | The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is warning organizations that attackers continue to exploit the well known Pulse Secure VPN vulnerability tracked as CVE-2019-11510. The CVE-2019-11510 flaw in Pulse Connect Secure […] | Vulnerability Threat | ||
|
2020-01-10 20:42:58 | Albany County Airport authority hit by a ransomware attack (lien direct) | Officials at the Albany County Airport Authority revealed that New York airport servers were infected with ransomware on Christmas. Officials at the Albany County Airport Authority announced this week that a ransomware attack hit the New York airport and its computer management provider LogicalNet over Christmas. The news of the attack was disclosed after LogicalNet reported its own management […] | Ransomware | ||
|
2020-01-10 14:08:26 | Two MageCart groups competed to steal credit cards data from Perricone MD \'s European skincare sites (lien direct) | Two MageCart groups have planted software skimmers on multiple European websites for the Perricone MD anti-aging skincare Two distinct MageCart groups have compromised multiple European websites for the Perricone MD anti-aging skin-care brand with the intent of stealing customer payment card info. The two groups planted software skimmers on Perricone MD websites in Italy, Germany, […] | |||
|
2020-01-10 07:00:29 | 56.25 million US residents records collected by CheckPeople exposed on a Chinese server (lien direct) | A database containing the personal details of 56.25 million US residents that allegedly belongs to CheckPeople.com website was exposed online. A database containing the personal details of 56.25 million US residents that allegedly belongs to the CheckPeople.com website was exposed online on a server having a Chinese IP address. The huge trove of data includes […] | |||
|
2020-01-10 06:23:08 | North Korea-linked Lazarus APT continues to target cryptocurrency exchanges (lien direct) | In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges. In the mid-2018, the APT targeted cryptocurrency exchanges and cryptocurrency […] | APT 38 | ||
|
2020-01-09 21:34:50 | Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781 (lien direct) | Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities. The anomalous activities were detected last week, as reported by the popular expert Kevin […] | |||
|
2020-01-09 19:35:59 | TrickBot gangs developed the PowerTrick backdoor for high-value targets (lien direct) | Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets. SentinelLabs experts discovered a new PowerShell backdoor used by TrickBot operators in recent attacks aimed at Powershell high-value targets, such as financial institutions. TrickBot is a popular banking Trojan that has been around since October 2016, its […] | |||
|
2020-01-09 12:54:09 | Interpol: Goldfish Alpha operation reduces cryptojacking by 78% (lien direct) | An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia Interpol announced that it has coordinated a successful international operation aimed at removing cryptocurrency miners that infected routers located in Southeast Asia. The operation sees the contribution of Trend Micro, law enforcement and CERTs from ASEAN countries, including […] | |||
|
2020-01-09 09:41:36 | Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks (lien direct) | Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates to address a critical Firefox browser zero-day issue (CVE-2019-17026) that has been exploited in targeted attacks. The CVE-2019-17026 flaw is an “IonMonkey type confusion with StoreElementHole and FallibleStoreElement,” where IonMonkey is the […] | |||
|
2020-01-08 22:27:35 | The city of Las Vegas announced it has suffered a cyber attack (lien direct) | The city of Las Vegas announced it has suffered a cyber attack that breached its computer systems, it is unclear whether any sensitive data was exposed. Las Vegas officials say a cyber attack breached the city’s computer systems, the attack took place on Tuesday, but it wasn’t immediately clear if any sensitive data was exposed. […] | |||
|
2020-01-08 15:18:32 | MITRE presents ATT&CK for ICS, a knowledge base for ICS (lien direct) | MITRE announced the initial release of a version of its MITRE ATT&CK knowledge base that focuses on industrial control systems (ICS). MITRE's ATT&CK framework is becoming a standard in cybersecurity community for the classification of attacker behavior. Now the organization is going to propose a knowledge base that focused on ICS systems for its MITRE’s ATT&CK. […] | |||
|
2020-01-08 13:27:18 | Security flaws allowed hijacking any TikTok account (lien direct) | A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. Security experts from CheckPoint have discovered a critical vulnerability in the popular TikTok app that could be exploited by a remote attacker to hijack any user account just by knowing the […] | Vulnerability | ||
|
2020-01-08 11:16:44 | SNAKE Ransomware is targeting business networks (lien direct) | A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. The SNAKE is a new ransomware that is threatening enterprises worldwide along with most popular ransomware families such as Ryuk, Maze, Sodinokibi, LockerGoga, BitPaymer, DoppelPaymer, MegaCortex, LockerGoga. The scary trend sees criminal organizations targeting enterprises, instead of […] | Ransomware Malware Threat | ||
|
2020-01-08 07:06:17 | Facebook declares war to Deepfake videos (lien direct) | Monika Bickert, Facebook for global policy management, announced that Facebook will ban deepfake videos and manipulated content. Facebook has announced it will ban deepfake videos, which are media that take a person in an existing image or video and replace them with someone else’s likeness using artificial neural networks. Monika Bickert, Facebook vice-president for global policy […] | |||
|
2020-01-07 22:26:26 | Medical info of 49,351 patients exposed in Alomere Health hospital breach (lien direct) | Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients. Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts. Alomere Health is a general medical and surgical hospital in Alexandria, MN, with 127 beds. It is accredited […] | |||
|
2020-01-07 15:52:42 | MageCart gang compromised popular Focus Camera website (lien direct) | A new MageCart attack made the headlines, this time the gang compromised the website of popular Focus Camera. The Magecart group has compromised the website of the photography and imaging retailer Focus Camera. The hack took place last year, the hacker planted a software skimmer on the website to steal payment card data of users […] | Hack | ||
|
2020-01-07 13:54:53 | Google blocks Xiaomi integrations on Nest hub over privacy concerns (lien direct) | Google has recently disabled all Xiaomi smart home integrations on Nest Hub after being informed that some users could access other people's camera feeds. On January 1st, 2020, a Reddit user (‘/u/Dio-V’) posted a discussion revealing that Nest Hub was able to access feeds from other Xiaomi cameras. As proof of the issue, the user […] | |||
|
2020-01-07 11:01:12 | China-based Bronze President APT targets South and East Asia (lien direct) | A cyber-espionage group tracked as Bronze President has been targeting countries in South and East Asia, Secureworks experts warn. Researchers at Secureworks’ Counter Threat Unit (CTU) have uncovered a cyber espionage campaign carried out by an APT group tracked as Bronze President, The Bronze President group is targeting political and law enforcement organizations and NGOs […] | Threat | ||
|
2020-01-07 09:19:56 | Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March (lien direct) | Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. Maddie Stone published technical details and a proof-of-concept exploit for the high-severity security vulnerability, seven days after she reported it to the colleagues […] | |||
|
2020-01-07 06:28:27 | HappyHotel, popular search engine for love hotels in Japan discloses data breach (lien direct) | HappyHotel, a Japanese search engine used to find and book rooms in “love hotels,” announced to have suffered a security breach in December. HappyHotel is a popular Japanese search engine for “love hotels,” it is used by married couples and unfaithful spouses, it allows users to book rooms in love hotels in Japan. Almex, the […] | Data Breach | ||
|
2020-01-06 17:20:55 | Microsoft report: around 0.08% of RDP brute-force attacks are successful (lien direct) | Microsoft published an interesting analysis of RDP brute-force attacks that targeted the 45,000 have analyzed in months of study. Researchers from Microsoft have analyzed several months' worth of data to investigate RDP brute force attacks occurring across Microsoft Defender ATP customers. The study involved 45,000 machines that had both RDP public IP connections and at […] | |||
|
2020-01-06 13:54:30 | DHS warns of Iran-linked attacks in a National Terrorism Advisory System bulletin (lien direct) | The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked hackers. The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked threat actors. The attacks could be the response of Teheran after Maj. Gen. Qassim Suleimani was killed by a U.S. drone airstrike […] | Threat | ||
|
2020-01-06 09:15:31 | School software provider Active Network discloses data breach (lien direct) | The US-based School management software provider Active Network disclosed a severe security breach last week. Active Network provides web-based school management software for K-12 schools and districts, last week it announced to have suffered a major security breach. The hackers gained access to Blue Bear, a cloud school accounting software customized especially for K-12 schools and […] | Data Breach | ||
|
2020-01-05 21:39:33 | Austria\'s foreign ministry is facing a \'serious cyberattack\' (lien direct) | Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. Austria’s foreign ministry was the victim of a cyber-attack that is suspected to have been conducted by a foreign state due to its level of sophistication. “Due to the gravity and nature of the […] | |||
|
2020-01-05 20:25:57 | California IT service provider Synoptek pays ransom after Sodinokibi attack (lien direct) | Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files following a Sodinokibi ransomware attack. The gang behind the Sodinokibi ransomware has been very active […] | Ransomware | ||
|
2020-01-05 17:50:52 | Federal Depository Library Program Govn agency breached by Iranian hackers (lien direct) | A group of alleged Iranian hackers claims to have breached the website of a US government agency, Federal Depository Library Program, on Saturday after the killing of Qasem Soleimani. A group of Iranian hackers claims to have breached the website of a US government agency, the Federal Depository Library Program, vowing revenge for the killing […] | |||
|
2020-01-05 15:15:10 | DeathRansom ransomware evolves encrypting files, but experts identified its author (lien direct) | DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Researchers at Fortinet published an analysis that shows the threat evolving, […] | Ransomware Threat | ||
|
2020-01-04 20:39:04 | U.S. CISA Agency warns of possible cyber attacks from Iran (lien direct) | US Government fears a new wave of cyber attacks from Iran as retaliation for the airstrike that killed Maj. Gen. Qassim Suleimani at the Baghdad airport in Iraq. Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) warned of a potential new wave of cyber attacks carried out by Iran-linked hacker groups targeting U.S. assets. […] | |||
|
2020-01-04 18:54:04 | BusKill, a $20 USB Dead Man\'s Switch for Linux Laptop (lien direct) | ‘BusKill‘ is a cheap kill cord Dead Man Switch to trigger the machine to self-destruct in case the laptop is stolen, it was designed by the software engineer Michael Altfield. The idea is very simple, the BusKill cable connects a Linux laptop to the user, for example, to his belt. In case of theft, the USB […] | |||
|
2020-01-04 15:04:38 | Facebook fined $1.65 by Brazil Governenment over Cambridge Analytica (lien direct) | Early this week, Brazil fined Facebook $1.65 million for improperly sharing users’ data in a case linked to the Cambridge Analytica privacy scandal. Brazil fined Facebook $1.65 million for improperly sharing users’ data in a case linked to the Cambridge Analytica privacy scandal. According to the Brazilian prosecutors, Facebook is responsible for an “abusive practice” […] | |||
|
2020-01-04 09:05:49 | Cisco Talos discovered 2 critical flaws in the popular OpenCV library (lien direct) | Maintainers of the OpenCV library addressed two buffer overflow flaws that could lead to arbitrary code execution. Maintainers of the OpenCV library addressed two high-severity buffer overflow vulnerabilities that could be exploited by an attacker to execute arbitrary code. OpenCV (Open Source Computer Vision Library) is an open-source library of programming functions mainly aimed at […] | Guideline | ||
|
2020-01-03 15:28:56 | US Army banned the popular TikTok app over China security concerns (lien direct) | The U.S. Army this week has banned the popular TikTok app from government mobile amid fear of China-linked cyberespionage. The US Army has banned the use of the popular TikTok app on mobile phones used by its personnel for security reasons. TikTok is a social media app that allows its users to create and share […] | |||
|
2020-01-03 14:03:37 | Travelex currency exchange suspends services after malware attack (lien direct) | The Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve. This week, the UK-based currency exchange Travelex announced that it has shut down its services as a “precautionary measure” following a malware attack. The London-based company, which operates more than 1,500 stores globally, suffered the attack on December […] | Malware | ||
|
2020-01-03 09:08:12 | Cisco addresses several flaws in its DCNM product (lien direct) | Cisco has released software updates for its Data Center Network Manager (DCNM) product to address several critical and high-severity issues. Cisco has released software updates that address several critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) product. All the vulnerabilities were reported to Cisco through Trend Micro's Zero Day Initiative (ZDI) and […] | |||
|
2020-01-03 08:18:03 | Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers (lien direct) | Experts disclosed PoC exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. Security researchers Miguel Méndez Zúñiga and Pablo Pollanco from Telefónica Chile recently published Proof-of-concept (PoC) exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. The security duo published on Medium the technical details of the […] | |||
|
2020-01-02 23:11:28 | US restaurant chain Landry\'s discloses payment card breach (lien direct) | The popular US restaurant chain Landry’s announced that it was the victim of a cyber-attack, malware has infected its point of sale (POS) systems. The popular US restaurant chain Landry’s disclosed a security incident, its point of sale (POS) systems have been infected with malware specifically developed to steal customers’ payment card information (i.e. credit […] | Malware | ||
|
2020-01-02 21:04:39 | Poloniex forces password reset following a data leak (lien direct) | The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. The measure was necessary to prevent spear-phishing attacks against the users aimed at […] | |||
|
2020-01-02 12:10:34 | Crooks use Star Wars saga as bait in Phishing and malware attacks (lien direct) | Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full movie. Experts at Kaspersky have analyzed some threats that exploit the new Star Wars movie […] | Malware | ||
|
2020-01-02 10:03:14 | Watch out, sextortion scammers are using a new tactic (lien direct) | Sextortion cybercrimes continue to threaten Internet users, scammers are using new tactics to bypass spam filters and secure email gateways. Sextortion scams continue to evolve to bypass security measures such as spam filters and secure email gateways. Sextortion messages threaten the victims of revealing their private videos while watching adult websites or making virtual sex […] | Spam |
To see everything:
Our RSS (filtrered)
