What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-20 19:38:25 | Two selfie Android adware apps with 1.5M+ downloads removed from Play Store (lien direct) | Experts at Wandera's threat research team discovered two adware apps on the Google Play Store that were downloaded 1.5M+ times. Researchers at Wandera discovered two adware selfie filter camera apps on the Google Play that were pushing ads and that can record audio. The bad news is that the two apps were downloaded 1.5M+ times. […] | Threat | ||
|
2019-09-20 14:52:05 | U.S. taxpayers hit by a phishing campaign delivering the Amadey bot (lien direct) | Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. The Amadey bot is a quite […] | Malware | ||
|
2019-09-20 11:28:47 | Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign (lien direct) | Agent Tesla is a fully customizable password info-stealer offered as malware-as-a-service, many cyber criminals are choosing it as their preferred recognition tool. Introduction Nowadays the Malware-As-A-Service is one of the criminal favorite ways to breach security perimeter. Agent Tesla is one of these “commodity malware”. It is a fully customizable password info-stealer and many cyber […] | Malware | ||
|
2019-09-20 10:38:01 | Crooks hacked other celebrity Instagram accounts to push scams (lien direct) | There is the same group behind the hack of the celebrity Instagram accounts, attackers used the same attack pattern to push scams. The same threat actor continues to target celebrity Instagram accounts to push scam sites to their wide audience. Recently the Instagram account of the popular actor Robert Downey Jr. (43.3M followers) has been […] | Hack Threat | ||
|
2019-09-20 06:58:04 | Magecart attackers target mobile users of hotel chain booking websites (lien direct) | Trend Micro researchers reported that a Magecart group has hacked the websites of two hotel chains to inject scripts targeting Android and iOS users. Researchers discovered a series of incidents involving software credit card skimmer used by Magecart to hit the booking websites of hotel chains. In early September, the researchers discovered a JavaScript code onto two […] | |||
|
2019-09-19 15:56:02 | At least 1,300 Harbor cloud registry installs open to attack (lien direct) | A critical security flaw in Harbor cloud native registry for container images could be exploited to obtain admin privileges on a vulnerable hosting system. Palo Alto Networks’ Unit 42 researcher Aviv Sasson discovered a critical vulnerability in Harbor cloud native registry for container images. The flaw, tracked as CVE-2019-16097, could be exploited to take control […] | Vulnerability | ||
|
2019-09-19 13:32:39 | Emotet is back, it spreads reusing stolen email content (lien direct) | Emotet is back, its operators leverage a recently introduced spear-phishing technique to deliver their malware, they are hijacking legitimate email conversations. In 2019, security experts haven’t detected any activity associated with Emotet since early April, when researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and […] | Malware | ||
|
2019-09-19 10:35:45 | Smominru Botnet continues to rapidly spread worldwide (lien direct) | Researchers at Guardicore Labs reported that the Smominru botnet is rapidly spreading and now is already infecting over 90,000 machines each month around worldwide. In February 2018, researchers from Proofpoint discovered a huge botnet dubbed 'Smominru' that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. According to the […] | |||
|
2019-09-18 20:37:33 | More than 737 million medical radiological images found on open PACS servers (lien direct) | Researchers at Greenbone Networks vulnerability analysis and management company discovered 400 Million medical radiological images exposed online via unsecured PACS servers. The experts at Greenbone Networks vulnerability analysis and management company discovered 600 unprotected servers exposed online that contained medical radiological images. The research was conducted between mid-July 2019 and early September 2019. The unprotected […] | Vulnerability | ||
|
2019-09-18 13:06:33 | Memory corruption flaw in AMD Radeon driver allows VM escape (lien direct) | Experts at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that could lead to VM escape. Researchers at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that be exploited by an attacker to escale the VM and execute code on the host. This flaw affects […] | Vulnerability Guideline | ||
|
2019-09-18 06:23:39 | Skidmap Linux miner leverages kernel-mode rootkits to evade detection (lien direct) | Trend Micro researchers spotted a piece of Linux cryptocurrency miner, dubbed Skidmap that leverages kernel-mode rootkits to evade the detection. Skidmap is a new piece of crypto-miner detected by Trend Micro that target Linux machines, it uses kernel-mode rootkits to evade the detection. This malware outstands similar miners because of the way it loads malicious […] | Malware | ||
|
2019-09-18 05:29:22 | United States government files civil lawsuit against Edward Snowden (lien direct) | The United States government sued Edward Snowden, the former CIA employee and NSA contractor, to block payment for his book, Permanent Record. The US DoJ filed a lawsuit against Edward Snowden to prevent the former CIA employee and National Security Agency contractor from receiving the payment for his book, Permanent Record. According to the civil […] | |||
|
2019-09-17 20:06:39 | Australia is confident that China was behind attack on parliament, political parties (lien direct) | Australia ‘s intelligence is sure that China is behind the cyberattacks that hit its parliament and political parties, but decided to not publicly accuse it. According to the Reuters agency, Australia’s intelligence has evidence that the attacks that hit its parliament and political parties were orchestrated by China. Anyway the Australian government decided to not […] | |||
|
2019-09-17 14:42:43 | Experts warn of the exposure of thousands of Google Calendars online (lien direct) | The news is shocking, thousands of Google Calendars are leaking private information posing a severe threat to the privacy of the users. Thousands of Google Calendars are leaking private information online threatening the privacy of the users. Google Calendar has more than q billion users that can potentially expose their private affairs due to the […] | Threat | ||
|
2019-09-17 12:52:23 | Backup files for Lion Air and parent airlines exposed and exchanged on forums (lien direct) | Tens of millions of records belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. Data belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. The information was left exposed online on an unsecured Amazon bucket, the records […] | |||
|
2019-09-17 11:25:27 | (Déjà vu) Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors (lien direct) | Researchers discovered many flaws in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. The research is part of a project dubbed SOHOpelessly Broken 2.0 conducted Independent Security Evaluators (ISE). In […] | |||
|
2019-09-17 06:29:28 | Fraudulent purchases of digitals certificates through executive impersonation (lien direct) | Experts at ReversingLabs spotted a threat actor buying digital certificates by impersonating legitimate entities and then selling them on the black market. Researchers at ReversingLabs have identified a new threat actor that is buying digital certificates by impersonating company executives, and then selling them on the black market. The experts discovered that digital certificates are then […] | Threat | ||
|
2019-09-16 20:07:19 | MobiHok RAT, a new Android malware based on old SpyNote RAT (lien direct) | A new Android malware has appeared in the threat landscape, tracked as MobiHok RAT, it borrows the code from the old SpyNote RAT. Experts from threat intelligence firm SenseCy spotted a new piece of Android RAT, dubbed MobiHok RAT, that used code from the old SpyNote RAT. At the beginning of July 2019, the experts […] | Malware Threat | ||
|
2019-09-16 14:06:45 | Data leak exposes sensitive data of all Ecuador \'citizens (lien direct) | Experts discovered a huge data leak affecting Ecuador, maybe the largest full-country leak, that exposed data belonging to 20 million Ecuadorian Citizens. Security experts at vpnMentor have discovered a huge data leak affecting Ecuador that exposed data belonging to 20 million Ecuadorian Citizens. Data were left unsecured online on a misconfigured Elasticsearch server, exposed data […] | |||
|
2019-09-16 11:57:15 | A flaw in LastPass password manager leaks credentials from previous site (lien direct) | A flaw in LastPass password manager leaks credentials from previous site An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user. Tavis Ormandy, the popular white-hat hacker at Google Project Zero, has discovered a vulnerability in the LastPass password manager that exposes […] | Vulnerability | LastPass | |
|
2019-09-16 10:32:03 | France and Germany will block Facebook\'s Libra cryptocurrency (lien direct) | Bad news for Facebook and its projects, France and Germany agreed to block Facebook's Libra cryptocurrency, the French finance ministry said. France and Germany governments announced that they will block Facebook's Libra cryptocurrency, the news was reported by French finance ministry Bruno Le Maire. “We believe that no private entity can claim monetary power, which […] | |||
|
2019-09-16 05:29:04 | Tor Project\'s Bug Smash Fund raises $86K in August (lien direct) | The Tor Project has raised $86,000 for a Bug Smash fund that it will use to pay developers that will address critical flaws in the popular anonymizing network. The Tor Project has raised $86,000 for a Bug Smash fund that was created to pay developers that will address critical security and privacy issues in the popular anonymizing […] | |||
|
2019-09-16 05:08:31 | Astaroth Trojan leverages Facebook and YouTube to avoid detection (lien direct) | Cofense experts uncovered a new variant of the Astaroth Trojan that uses Facebook and YouTube in the infection process. Researchers at Cofense have uncovered a phishing campaign targeting Brazilian citizens with the Astaroth Trojan that uses Facebook and YouTube in the infection process. The attach chain appears to be very complex and starts with phishing […] | |||
|
2019-09-15 12:45:53 | Drone attacks hit two Saudi Arabia Aramco oil plants (lien direct) | Drone attacks have hit two major oil facilities run by the state-owned company Aramco in Saudi Arabia, one of them is the Abqaiq site. Drone attacks have hit Saudi Arabia's oil production suffered severe damage following a swarm of explosive drones that hit two major oil facilities run by the state-owned company Aramco in Saudi […] | |||
|
2019-09-15 10:49:57 | (Déjà vu) Security Affairs newsletter Round 231 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Experts found Joker Spyware in 24 […] | |||
|
2019-09-15 09:44:13 | Delaler Leads, a car dealer marketing firm exposed 198 Million records online (lien direct) | Researcher discovered an unsecured database exposed online, belonging to car dealership marketing firm Dealer Leads, containing 198 million records. The researcher Jeremiah Fowler discovered an unsecured database exposed online that belong to car dealership marketing firm Dealer Leads. The archive containing 198 million records for a total of 413GB of data containing information of potential […] | Guideline | ||
|
2019-09-15 08:23:08 | A bug in Instagram exposed user accounts and phone numbers (lien direct) | Facebook addressed a vulnerability in Instagram that could have allowed attackers to access private user information. The security researcher @ZHacker13 discovered a flaw in Instagram that allowed an attacker to access account information, including user phone number and real name. ZHacker13 discovered the vulnerability in August and reported the issue to Facebook that asked for additional […] | Vulnerability | ||
|
2019-09-14 20:05:23 | Expert disclosed passcode bypass bug in iOS 13 a week before its release (lien direct) | A security researcher disclosed a passcode bypass just a week before Apple has planned to release the new iOS 13 operating system, on September 19. Apple users are thrilled for the release of the iOS 13 mobile operating system planned for September 19, but a security expert could mess up the party. The security researcher […] | |||
|
2019-09-14 15:33:13 | InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets (lien direct) | Researchers at Zscaler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. Researchers at Zscaler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data. “As with just about every piece of malware, InnfiRAT is designed […] | Malware | ||
|
2019-09-14 12:50:58 | Hackers stole payment data from Garmin South Africa shopping portal (lien direct) | Garmin, the multinational company focused on GPS technology for automotive, aviation, marine, outdoor, and sport activities is victim of a data breach. Garmin is the victim of a data breach, it is warning customers in South Africa that shopped on the shop.garmin.co.za portal that their personal info and payment data were exposed. The stolen data, included […] | |||
|
2019-09-13 20:21:12 | The US Treasury placed sanctions on North Korea linked APT Groups (lien direct) | The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and cryptocurrency exchanges […] | Medical | APT 38 | |
|
2019-09-13 18:04:53 | WatchBog cryptomining botnet now uses Pastebin for C2 (lien direct) | A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. The WatchBog bot is a Linux-based malware that is active since last year, it targets […] | Malware | ||
|
2019-09-13 06:51:03 | Poland to establish Cyberspace Defence Force by 2024 (lien direct) | Poland announced it will launch a cyberspace defense force by 2024 composed of around 2,000 soldiers with a deep knowledge in cybersecurity. The Polish Defence Ministry Mariusz Blaszczak has approved the creation of a cyberspace defence force by 2024, it will be composed of around 2,000 soldiers with deep expertise in cybersecurity. The news was […] | |||
|
2019-09-12 22:03:02 | SimJacker attack allows hacking any phone with just an SMS (lien direct) | SimJacker is a critical vulnerability in SIM cards that could be exploited by remote attackers to compromise any phones just by sending an SMS. Cybersecurity researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just […] | Vulnerability | ||
|
2019-09-12 14:12:01 | SAP September 2019 Security Patch Day addresses four Security Notes rated as Hot News (lien direct) | SAP released the September 2019 Security Patch that addressed four Security Notes rated as Hot News by the company. SAP released the September 2019 Security Patch that addressed four Security Notes rated as Hot News by the company, but only one of them is new. SAP released 16 new or updated Security Notes, the overall […] | |||
|
2019-09-12 09:27:00 | Iran-linked group Cobalt Dickens hit over 60 universities worldwide (lien direct) | Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. Researchers at Secureworks’ Counter Threat Unit (CTU) uncovered a phishing campaign carried out by the Iran-linked Cobalt Dickens APT group (also known as Silent Librarian) that targeted more than 60 universities four continents in July and August. According to […] | Threat | ||
|
2019-09-12 05:23:04 | LokiBot info stealer involved in a targeted attack on a US Company (lien direct) | Security researchers at Fortinet uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. FortiGuard SE Team experts uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed […] | Malware | ||
|
2019-09-11 22:02:02 | (Déjà vu) NetCAT attack allows hackers to steal sensitive data from Intel CPUs (lien direct) | Experts discovered a flaw dubbed NetCAT (Network Cache ATtack) that affects all Intel server-grade processors and allows to sniff sensitive data over the network. Researchers from VUSec group at Vrije Universiteit Amsterdam have discovered a new vulnerability that can be exploited by a remote attacker to sniff sensitive details by mounting a side-channel attack over the […] | Vulnerability | ||
|
2019-09-11 13:44:01 | The Wolcott school district suffered a second ransomware attack in 4 months (lien direct) | Another ransomware attack hits a school district, the victim is an institute in Connecticut that was targeted twice in only four months. For the second time in just four months, another the Wolcott school district in Connecticut was a victim of a ransomware attack. Techers and students were not able to access the district's internal […] | Ransomware | ||
|
2019-09-11 13:01:03 | Dissecting the 10k Lines of the new TrickBot Dropper (lien direct) | Malware researchers at Yoroi-Cybaze analyzed the TrickBot dropper, a threat that has infected victims since 2016. Introduction TrickBot it is one of the best known Banking Trojan which has been infecting victims since 2016, it is considered a cyber-crime tool. But nowadays defining it a “Banking Trojan” is quite reductive: during the last years its modularity brought […] | Threat | ||
|
2019-09-11 07:01:04 | Some models of Comba and D-Link WiFi routers leak admin credentials (lien direct) | Security experts have discovered that some models of D-Link and Comba WiFi routers leak their administrative login credentials in plaintext. Security researchers from Trustwave’s SpiderLabs have discovered several credential leaking vulnerabilities in some models of D-Link and Comba Telecom. The researcher Simon Kenin from SpiderLabs discovered five credential leaking vulnerabilities, three of them affect some […] | |||
|
2019-09-11 06:29:04 | (Déjà vu) Adobe September 2019 Patch Tuesday updates fix 2 code execution flaws in Flash Player (lien direct) | Adobe September 2019 Patch Tuesday updates address two code execution bugs in Flash Player and a DLL hijacking flaw in Application Manager. Adobe has released September 2019 Patch Tuesday updates that address two code execution vulnerabilities in Flash Player and a DLL hijacking flaw in Application Manager. The two flaws addressed with the Flash Player 32.0.0.255 release […] | |||
|
2019-09-11 06:05:00 | Microsoft Patch Tuesday updates for September 2019 fix 2 privilege escalation flaws exploited in attacks (lien direct) | Microsoft Patch Tuesday updates for September 2019 address 80 flaws, including two privilege escalation issues exploited in attacks. Microsoft Patch Tuesday security updates for September 2019 address 80 vulnerabilities, including two privilege escalation flaws that have been exploited in attacks in the wild. The updates cover Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, Office and Microsoft Office […] | |||
|
2019-09-10 16:27:00 | Million of Telestar Digital GmbH IoT radio devices can be remotely hacked (lien direct) | A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. The security researcher Benjamin Kunz from Vulnerability-Lab disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack devices without any user […] | |||
|
2019-09-10 09:25:03 | Police dismantled Europe\'s second-largest counterfeit currency network on the dark web (lien direct) | The European authorities announced to have dismantled Europe's second-largest counterfeit currency network on the dark web. A joint operation conducted by The Portuguese Judicial Police (Polícia Judiciária) along with with the Europol allowed dismantling Europe's second-largest counterfeit currency network on the dark web. The authorities announced the arrest of five members of the counterfeit currency […] | |||
|
2019-09-10 07:13:03 | (Déjà vu) Robert Downey Jr\'s Instagram account has been hacked (lien direct) | The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Robert Downey Jr. Instagram account has been hacked, in this case the attacker did not publish offensive messages, but attempted to monetize their efforts by posting fake giveaways for […] | |||
|
2019-09-10 06:21:03 | DoS attack the caused disruption at US power utility exploited a known flaw (lien direct) | A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. In May, the Department of Energy confirmed […] | Vulnerability Threat | ||
|
2019-09-09 21:30:01 | Stealth Falcon New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data (lien direct) | ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data. Stealth Falcon is a nation-state actor active […] | Malware | ||
|
2019-09-09 17:31:05 | Telegram Privacy Fails Again (lien direct) | Security expert discovered that busing a well-known feature of deleting messages it is possible to threate the users’ privacy. This is not a security vulnerability its a privacy issue. As I understand Telegram a messaging app focuses on privacy which has over 10,00,00,000+ downloads in Playstore. In this case, we are abusing a well-known feature of deleting […] | |||
|
2019-09-09 14:09:00 | Symantec uncovered the link between China-Linked Thrip and Billbug groups (lien direct) | The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. In June […] |
To see everything:
Our RSS (filtrered)
