What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-11-15 08:17:26 | A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild (lien direct) | Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka used to siphon payment data from e-commerce merchant websites. Visa Payment Fraud Disruption warns of a new JavaScript skimmer dubbed Pipka that was used by crooks to steal payment data from e-commerce merchant websites. Experts discovered the Pipka while investigating an e-commerce website […] | |||
|
2019-11-14 20:33:26 | Experts found privilege escalation issue in Symantec Endpoint Protection (lien direct) | Symantec addressed a local privilege escalation flaw that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. Symantec addressed a local privilege escalation flaw, tracked as CVE-2019-12758, that affects all Symantec Endpoint Protection client versions prior to 14.2 RU2. The vulnerability could be exploited by attackers to escalate privileges on target devices and carry out malicious actions, including the […] | Vulnerability | ||
|
2019-11-14 14:40:55 | Flaws in Qualcomm chips allows stealing private from devices (lien direct) | Security vulnerabilities in Qualcomm allow attackers to steal private data from hundreds of million millions of devices, especially Android smartphones. Security experts from Check Point have discovered security flaws in Qualcomm that could be exploited attackers to steal private data from the so-called TrustZone. The TrustZone is a security extension integrated by ARM into the […] | |||
|
2019-11-14 11:49:25 | Tracking Iran-linked APT33 group via its own VPN networks (lien direct) | APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations […] | Malware | APT33 APT 33 | |
|
2019-11-14 10:46:50 | Canadian intelligence agencies CSE and CSIS are divided on Huawei 5G ban (lien direct) | The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) are divided over the ban of Huawei 5G technology. The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) agencies are divided over the ban of Huawei 5G technology. Canada, along with the US, the UK, New Zealand, and Australia formed […] | |||
|
2019-11-14 08:28:43 | CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking (lien direct) | McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Security experts at SafeBreach have discovered a vulnerability in McAfee antivirus software tracked as CVE-2019-3648 that could allow an attacker with Administrator privileges to escalate privileges and execute code with SYSTEM privileges. The flaw […] | Vulnerability | ||
|
2019-11-13 20:24:09 | A flaw in PMx Driver can give hackers full access to a device (lien direct) | Eclypsium experts found a vulnerability affecting the popular PMx Driver Intel driver that can give malicious actors deep access to a device. In August, Eclypsium researchers found multiple serious vulnerabilities in more than 40 device drivers from tens of vendors, including AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek, […] | Vulnerability | ||
|
2019-11-13 15:39:06 | New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs (lien direct) | ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. The flaw […] | Vulnerability | ||
|
2019-11-13 13:19:00 | Adobe patch Tuesday updates addressed critical flaws in Media Encoder and Illustrator products (lien direct) | Adobe patch Tuesday updates addressed a total of 11 vulnerabilities affecting its Animate, Illustrator, Media Encoder and Bridge products. Adobe patch Tuesday updates addressed a total of 11 flaws affecting its Animate, Illustrator, Media Encoder and Bridge products. “Adobe has published security bulletins for Adobe Animate CC (APSB19-34), Adobe Illustrator CC (APSB19-36), Adobe Media Encoder […] | |||
|
2019-11-13 09:09:57 | Russian man Aleksei Burkov extradited for running online criminal marketplace (lien direct) | Aleksei Burkov is a Russian accused of being involved in more than $20 million in credit-card frauds, has been extradited to the US to face criminal charges. Aleksei Burkov (29) is a Russian man accused of running an online criminal marketplace, called Cardplanet, that helped crooks to organize more than $20 million in credit card […] | |||
|
2019-11-13 08:23:10 | Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild (lien direct) | Microsoft's Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. Microsoft's Patch Tuesday updates for November 2019 address 74 flaws, including an Internet Explorer vulnerability, tracked as CVE-2019-1429, that has been exploited in the wild. Microsoft doesn’t provide any […] | |||
|
2019-11-12 21:38:37 | Mexican state-owned oil company Pemex hit by ransomware (lien direct) | On Sunday, the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos (Pemex) taking down part of its network. According to the company, less than 5% of the computers in its network were […] | Ransomware | ||
|
2019-11-12 18:55:50 | Facebook is secretly using iPhone\'s camera as users scroll their feed (lien direct) | New problems for Facebook, it seems that the social networking giant is secretly using the camera while iPhone users are scrolling their feed. Is this another privacy issue for Facebook? The iPhone users Joshua Maddux speculates that Facebook might be actively using your camera without your knowledge while you're scrolling your feed. Maddux published footage […] | |||
|
2019-11-12 13:49:59 | TA505 Cybercrime targets system integrator companies (lien direct) | The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. Introduction During a normal monitoring activity, one of the detection tools hits a suspicious email coming from the validtree.com domain. The domain was protected by a Panama company to hide its real registrant and this […] | |||
|
2019-11-12 13:15:35 | Buran ransomware-as-a-service continues to improve (lien direct) | The recently discovered ransomware-as-a-service (RaaS) Buran attempts to gain popularity by offering discounted licenses. In May, researchers from McAfee's Advanced Threat Research Team discovered a new piece of ransomware named 'Buran.' Buran is offered as a RaaS model, but unlike other ransomware families such as REVil, GandCrab the authors take 25% of the income earned […] | Ransomware Threat | ||
|
2019-11-12 07:47:43 | Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure (lien direct) | Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month. Researchers from Radware are warning of a wave of TCP SYN-ACK DDoS reflection attacks that in the last 30 days hit Amazon, SoftLayer and telecom infrastructure. “Over the last 30 days, Radware has observed […] | |||
|
2019-11-12 06:49:03 | Bugcrowd paid over $500,000 in bug bounty rewards in one week (lien direct) | Crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards during the last week of October. Bug bounty program could represent an excellent opportunity to monetize your passion, in just one week crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards at the end of October. Bugcrowd is […] | |||
|
2019-11-11 20:09:47 | ZoneAlarm forum site hack exposed data of thousands of users (lien direct) | This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users. ZonaAlarm, the popular security software firm owned by Check Point Technologies, has suffered a data breach. According to the post published by The Hacker News, the security breach exposed the data of ZonaAlarm discussion […] | Data Breach Hack | ||
|
2019-11-11 15:44:16 | CERTrating a new Tool to evaluate CERT/CSIRT maturity level (lien direct) | The Global Cyber Security Center has developed a tool named CERTrating to evaluate the Maturity Level of CERTs and services provided to the Constituency Cyber-attacks that have occurred in recent years have fully confirmed that Cybersecurity is an increasingly complex challenge that represents a priority for all companies both in terms of development and investments. […] | Tool | ||
|
2019-11-11 10:16:08 | Australian Govt agency ACSC warns of Emotet and BlueKeep attacks (lien direct) | The Australian Signals Directorate's Australian Cyber Security Centre (ACSC) warns businesses and netizens of Emotet and BlueKeep attacks in the wild. The ACSC is warning organizations and people of a wave of cyberattacks exploiting the Windows BlueKeep vulnerability to deliver crypto-currency miners. “The Australian Signals Directorate's Australian Cyber Security Centre (ACSC), with its state and territory partners, […] | Vulnerability | ||
|
2019-11-11 07:47:19 | Apple Mail stores parts of encrypted emails in plaintext DB (lien direct) | The Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets.db. The Apple expert Bob Gendler discovered that the Apple Mail app available on macOS stores leaves a portion of users encrypted emails in plaintext in a database called snippets.db. The issue affects all […] | |||
|
2019-11-10 19:00:52 | (Déjà vu) Major ASP.NET hosting provider SmarterASP hit by ransomware attack (lien direct) | Another day, another victim of a ransomware attack, this time major ASP.NET hosting provider SmarterASP announced it was infected by ransomware. SmarterASP.NET is one of the most popular ASP.NET hosting providers, the company has more than 440,000 customers. SmarterASP announced it was hit yesterday by ransomware attack. The attack encrypted customer data and the company’s […] | Ransomware | ||
|
2019-11-10 14:37:06 | Security Affairs newsletter Round 239 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Controversial law entered into effect in Russia this week First Cyber Attack 'Mass Exploiting BlueKeep RDP Flaw Spotted in the Wild New Gafgyt botnet targets Gaming Servers Everis and Spains radio network Cadena SER hit by ransomware Exclusive […] | Ransomware | ||
|
2019-11-10 14:18:27 | Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks (lien direct) | Experts believe Artificial intelligence (AI) could introduce new cybersecurity concerns, and that the upcoming 5G network could pose new risks as well. Information Risk Management (IRM) recently published its 2019 Risky Business Report. The document shows the results of polling decision-makers in the cybersecurity and risk management sectors to get their expert opinions on things […] | |||
|
2019-11-10 09:13:40 | Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware (lien direct) | Ransomware attacks made the lines again, victims are the leading action sports company Boardriders and its subsidiaries including QuikSilver and Billabong. Systems at the action sports company Boardriders was hit by a ransomware attack, the incident also impacted some of its subsidiaries, including QuikSilver and Billabong. In response to the infection, the company shut down its […] | Ransomware Guideline | ★★★★★ | |
|
2019-11-09 16:15:45 | The Platinum APT group adds the Titanium backdoor to its arsenal (lien direct) | Kaspersky researchers have found a new advanced backdoor used by the Platinum advanced persistent threat (APT) group in attacks in the wild. Security experts at Kaspersky Lab have spotted a new backdoor, tracked as Titanium, that was used by the Platinum APT group in attacks in the wild, the malicious code implements sophisticated evasion techniques. […] | Threat | ||
|
2019-11-09 08:35:52 | DHS CISA warns of Critical issues in Medtronic Medical equipment (lien direct) | Department of Homeland Security (DHS) warns of critical flaws impacting Medtronic Valleylab products that could allow hackers to overwrite files and achieve remote code execution. The US DHS Cybersecurity & Infrastructure Security Agency (CISA) issued a security advisory to warn of three recently patched flaws in Medtronic Valleylab products that could be exploited to install […] | |||
|
2019-11-09 07:43:45 | Cisco Talos discovered multiple flaws in the LEADTOOLS toolkits (lien direct) | Cisco Talos security researchers discovered multiple flaws in the LEADTOOLS imaging toolkits that could lead to code execution on the target system. Security experts at Cisco Talos discovered four High severity vulnerabilities in the LEADTOOLS imaging toolkits that could be exploited to execute arbitrary code on the target system. LEADTOOLS is a collection of comprehensive […] | Guideline | ||
|
2019-11-08 15:30:50 | Italian police shut down darkweb Berlusconi market and arrested admins (lien direct) | Italian law enforcement shut down the ‘Berlusconi market’ black market and arrested three suspected of being its administrators. Italian financial police “Guardia di Finanza” shut down the ‘Berlusconi market’ black market hosted on the Tor network and arrested three administrators. The site was managed by two individuals that go online with nicknames of “VladimirPutin” with […] | |||
|
2019-11-08 13:28:09 | Microsoft warns of more disruptive BlueKeep attacks and urges patch installation (lien direct) | Microsoft is warning once again of more BlueKeep attacks that could deliver disruptive payloads and urges organizations to patch their systems. Recently, researchers warned of the first mass-hacking campaign exploiting the BlueKeep exploit, the attack aimed at installing a cryptocurrency miner on the infected systems. The popular expert Kevin Beaumont observed some of its EternalPot RDP honeypots crashing after being […] | |||
|
2019-11-08 11:01:36 | Capesand is a new Exploit Kit that appeared in the threat landscape (lien direct) | A recently discovered exploit kit dubbed Capesand is being involved in live attacks despite the fact that it's still under development. In October 2019, researchers at TrendMicro discovered a new exploit kit dubbed Capesand that is being involved in live attacks. The tool was discovered while analyzing a malvertising campaign employing the RIG EK to […] | Tool Threat | ||
|
2019-11-08 08:37:25 | Pwn2Own Tokyo 2019 -Day2: experts hacked Samsung Galaxy S10 and Xiaomi Mi9 phones and TP-Link AC1750 routers (lien direct) | Pwn2Own Tokyo 2019 -Day2: Experts earned a total of $120,000 for finding exploits against Samsung Galaxy S10 and Xiaomi Mi9 phones and TP-Link AC1750 routers. On the second day of the Pwn2Own Tokyo 2019 hacking contest, white hat hackers received a total of $120,000 for finding exploits against Samsung Galaxy S10 and Xiaomi Mi9 phones […] | |||
|
2019-11-08 08:25:37 | DNA-testing startup Veritas Genetics disclosed a security breach (lien direct) | DNA-testing startup Veritas Genetics disclosed a security breach that exposed customer information, but genetic information, health records are not affected. Veritas Genetics is a whole genome sequencing company that provides actionable insights for a healthier life and family, it offers whole-genome sequencing for $599. The company announced that it recently discovered authorized access to its customer-facing […] | |||
|
2019-11-07 20:16:53 | Amazon\'s Ring Video Doorbell could open the door of your home to hackers (lien direct) | Bitdefender discovered a high-severity security flaw in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal WiFi password. Amazon’s Ring Video Doorbell is a smart wireless home security doorbell camera that allows users to use to remotely control their doorbell. Amazon’s Ring Video Doorbell allows users to interact with anyone on their […] | |||
|
2019-11-07 15:44:15 | Specially Crafted ZIP archives allow bypassing secure email gateways (lien direct) | Experts observed a new phishing campaign that used a specially crafted ZIP archive that was designed to bypass secure email gateways to distribute malware. Attackers have devised a new technique to distribute malware bypassing secure email gateways and other security solutions by using a specially crafted ZIP file. The structure of a ZIP archive contains […] | Malware | ||
|
2019-11-07 13:14:14 | Two former Twitter employees charged of spying on Users for Saudi Arabian Government (lien direct) | Two former Twitter employees have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. Two former Twitter employees have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. The two former Twitter employees operated for the Saudi Arabian government […] | |||
|
2019-11-07 10:58:28 | Trend Micro rogue employee sold customer data to tech support scammers (lien direct) | A Trend Micro employee was spotted stealing consumer customer information and selling it to tech support scammers. TrendMicro confirmed that it has discovered one employee that was stealing consumer customer information and selling it to tech support scammers. In August 2019, the security firm was informed that some of their customers were receiving tech support […] | |||
|
2019-11-07 09:25:02 | Bug Hunters Earn $195,000 for Hacking TVs, Routers, Phones at Pwn2Own Tokyo 2019 (lien direct) | Bug hunters have earned a total of $195,000 for finding flaws in TVs, routers and smartphones on the first day of the Pwn2Own Tokyo 2019 contest. Pwn2Own is the annual hacking contest event organized by Trend Micro's Zero Day Initiative (ZDI). Pwn2Own Tokyo 2019 contest offers over $750,000 in rewards for working exploits targeting one […] | |||
|
2019-11-06 22:05:53 | A flaw in the Libarchive library impacts major Linux distros (lien direct) | Google experts found a flaw, tracked as CVE-2019-18408, in the compression library libarchive could lead to arbitrary code execution. Google experts found a vulnerability, tracked as CVE-2019-18408, in the compression library libarchive could be exploited to execute arbitrary code. The libarchive library is a multi-format archive and compression library that implements a single interface for reading/writing various compression formats. Several […] | Guideline | ||
|
2019-11-06 21:16:44 | \'Camgirl\' sites expose millions of members and users (lien direct) | Hackers compromised a network of 'camgirl' sites and exposed data belonging to millions of users and sex workers. Hackers compromised several ‘camgirl‘ sites and have exposed millions of sex workers and users. All the sites were run by the Spanish company VTS Media that left the back-end database unprotected online. The unprotected database was discovered […] | |||
|
2019-11-06 19:06:53 | Facebook discloses a new leak that exposes group members\' data (lien direct) | Facebook disclosed a new security incident, the social network giant admitted that app developers may have accessed its group users’ data. Facebook disclosed another security incident, the company revealed that roughly 100 app developers may have improperly accessed users’ data in certain Facebook groups. Let’s understand how it is possible. The company explained that before […] | |||
|
2019-11-06 10:53:53 | Brooklyn Hospital lost patient records after a ransomware infection (lien direct) | Another organization in the healthcare industry was a victim of a Ransomware attack, this time the victim is Brooklyn Hospital. A ransomware attack has infected several computer systems at the Brooklyn Hospital Center in New York, the organization permanently lost patient data. The patient records encrypted in the attack include names and certain dental or […] | Ransomware | ||
|
2019-11-05 23:35:30 | Anonymous and LulzSecITA hacked professional orders and telephone operator Lyca Mobile (lien direct) | The #FifthOfNovember has arrived, the Italian branch of Anonymous and LulzSecITA hacked websites of professional orders, prefecture of Naples, and also the telephone operator Lyca Mobile. The Million Mask March, also known as “Operation Vendetta” is a worldwide, annual protest associated with the hacktivist group Anonymous occurring annually on Guy Fawkes Day, the 5th of November. […] | |||
|
2019-11-05 18:55:52 | Mysterious DarkUniverse APT remained undetected for 8 years (lien direct) | Kaspersky discovered a previously unknown APT group, tracked as DarkUniverse, by analyzing Shadow Brokers’ “Lost in Translation” data dump. In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group, then it published online the data dump called “Lost in Translation.” The dump […] | Malware | ||
|
2019-11-05 12:49:59 | Ransomware attack impacted government services in the territory of Nunavut, Canada (lien direct) | A ransomware attack disrupted IT operations in the territory of Nunavut (Canada), all government services requiring access to electronic data were impacted. A ransomware attack disrupted IT operations in the remote Canadian territory of Nunavut, all government services requiring access to electronic information were impacted. The territory is extended over more than 1.9 million square […] | Ransomware | ||
|
2019-11-05 08:47:15 | \'Light commands\' attack: hacking Alexa, Siri, and other voice assistants via Laser Beam (lien direct) | Experts demonstrated that is possible to hack smart voice assistants like Siri and Alexa using a lasers beam to send them inaudible commands. Researchers with the University of Michigan and the University of Electro-Communications (Tokyo) have devised a new technique, dubbed “light commands,” to remotely hack Alexa and Siri smart speakers using a laser light […] | Hack | ||
|
2019-11-05 06:29:03 | Flaws in Able2Extract Professional tool allow hacking targeted machine with malicious image files (lien direct) | Researchers found serious flaws in Investintech's Able2Extract Professional tool that could be exploited to execute arbitrary code using specially crafted image files. The Able2Extract Professional has over 250,000 licensed users across 135 countries, it allows them to view, convert and edit PDF files. Cisco Talos experts discovered two high-severity memory corruption vulnerabilities that can be […] | Tool | ||
|
2019-11-04 20:21:37 | Everis and Spain\'s radio network Cadena SER hit by ransomware (lien direct) | NTT DATA-owned firm Everis is one of Spain’s largest managed service providers (MSP), it has suffered a ransomware attack, and it was not the only case. Systems at Spain’s largest managed service providers (MSP) Everis have been infected by a ransomware, and it was not alone because the also Spain’s largest radio station Cadena SER […] | Ransomware | ||
|
2019-11-04 15:32:55 | GitLab plans to ban hires in China and Russia due to espionage concerns (lien direct) | The popular code hosting platform GitLab is considering to block new hires from China and Russia due to espionage concerns. GitLab is a popular code hosting platform GitLab that is currently used by several major tech companies including IBM, Sony, NASA, Alibaba, Oracle, Invincea, Boeing, and SpaceX. The news was confirmed by Eric Johnson, VP […] | |||
|
2019-11-04 13:58:20 | Ocala City in Florida lost $742,000 following BEC attack (lien direct) | Business email compromise scam (BEC) continues to target organizations worldwide, crooks stole $742,000 from Ocala City in Florida. The City of Ocala in Florida is the last victim in order of time of a profitable business email compromise scam (BEC) attack, fraudsters redirected over $742,000 to a bank account under their control. Attackers’ emails posed […] |
To see everything:
Our RSS (filtrered)
