What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-24 06:00:42 | Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court (lien direct) | A Texas man found guilty of hacking the Los Angeles Superior Court (LASC) computer system and used it to send out phishing emails. A Texas man, Oriyomi Sadiq Aloba (33), was found guilty of hacking the Los Angeles Superior Court (LASC) computer system and abusing it to send out roughly 2 million phishing messages. The […] | |||
|
2019-10-23 14:28:02 | Experts found DLL Hijacking issues in Avast, AVG, and Avira solutions (lien direct) | Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. Security experts at SafeBreach Labs discovered flaws in Avast, AVG, and Avira Antivirus that could be exploited by an attacker to load a malicious DLL file to bypass defenses and […] | |||
|
2019-10-23 11:34:02 | Robots at HIS Group are vulnerable to hack (lien direct) | The Japanese hotel chain HIS Group admitted that its in-room robots were vulnerable and could allow hackers to remotely view video footage from the devices. The personnel at the Henn na Hotel managed by the Japanese hotel chain HIS Group is composed of robots that provide hospitality services to the guests. The HIS Group hotel […] | Hack | ||
|
2019-10-23 09:13:55 | Exploring the CPDoS attack on CDNs: Cache Poisoned Denial of Service (lien direct) | Boffins disclosed a web attack technique (CPDoS attack) that can poison content delivery networks (CDNs) into caching and then serving error pages. Two researchers from the Technical University of Cologne (TH Koln) have devised a new web attack that can be used by threat actors to poison content delivery networks (CDNs) into caching and then […] | Threat | ||
|
2019-10-23 06:40:31 | Experts believe the Magecart Group 5 could be linked to the Carbanak APT (lien direct) | Security experts linked the Magecart group 5 to the infamous Dridex banking Trojan and the Carbanak cybercrime group. Researchers at Malwarebytes found a link between a scheme associated with the Magecart group and Dridex phishing campaigns and the activities of the Carbanak group. The Magecart group tracked as Magecart Group 5, one of the most […] | |||
|
2019-10-22 19:39:55 | Autoclerk travel reservations platform data leak also impacts US Government and military (lien direct) | vpnMentor's discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. Security experts at vpnMentor's discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. The data leak exposed sensitive personal information of thousands of users […] | |||
|
2019-10-22 14:00:11 | German firm Pilz still down a week after getting infected with ransomware (lien direct) | German company Pilz, one of the world's biggest producers of automation tools is still down after getting infected by ransomware more than a week ago. German firm Pilz was still down after getting infected by the BitPaymer ransomware more than a week ago, on October 13, 2019. “Since Sunday, October 13, 2019, all servers and […] | Ransomware | ||
|
2019-10-22 12:32:47 | Trend Micro Anti-Threat Toolkit could be used to run malware on Win PCs (lien direct) | A vulnerability in the Trend Micro Anti-Threat Toolkit (ATTK) can be exploited by attackers to run malware on targets’ Windows systems. The security expert and bug-hunter John “hyp3rlinx” Page discovered an arbitrary code execution vulnerability, tracked as CVE-2019-9491, in the Trend Micro Anti-Threat Toolkit. Trend Micro ATTK allows analyzing malware issues and clean infections. It can […] | Malware Vulnerability | ||
|
2019-10-22 07:32:53 | NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches (lien direct) | NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. The information belonging to the NordVPN company […] | Threat | ||
|
2019-10-21 21:10:23 | Czech Police and Intelligence agency dismantled Russian Spy ring on its soil (lien direct) | Czech police and intelligence services have identified a Russian espionage network operating having a nerve center in its Prague embassy. Czech police and intelligence services have dismantled a Russian espionage network operating that was operating via its Prague embassy. The officials were helped by peers at the National Organised Crime Centre (NCOZ). According to the […] | |||
|
2019-10-21 14:41:55 | Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers (lien direct) | Security experts have a new malware, dubbed skip-2.0 used by the China-linked APT group to establish a backdoor in Microsoft SQL Server systems. Security experts at ESET have discovered a new malware, dubbed skip-2.0, used by the Chinese Winnti cyberespionage group to gain persistence on Microsoft SQL Server systems. The Winnti group was first spotted by […] | Malware | ||
|
2019-10-21 13:39:10 | Avast internal network breached for the second time by sophisticated hackers (lien direct) | The popular security firm Avast disclosed today a security breach that impacted its internal network accessed via a compromised VPN profile. The security firm Avast disclosed today a security breach that impacted its internal network, according to a statement published by the company, the intent of the hackers was to carry out a supply chain […] | |||
|
2019-10-21 09:43:09 | UK/US investigation revealed that Russian Turla APT masqueraded as Iranian hackers (lien direct) | A joint UK and US investigation has revealed that the Russian cyber espionage group Turla carried out cyber attacks masqueraded as Iranian hackers. According to the Financial Times, a joint UK and US investigation revealed that Russia-linked cyberespionage group Turla conducted several cyber attacks in more than 35 countries masqueraded as Iranian hackers. The use […] | |||
|
2019-10-21 05:34:19 | Hackers stole card details from BriansClub carding site (lien direct) | BriansClub, one of the biggest a dark web “carding store,” which specializes in the sale of stolen payment card data, has been hacked. Hackers have breached BriansClub (BriansClub[.]at), one of the biggest black market sites, that specializes in the sale of stolen credit card data. According to the security experts Brian Krebs, who first reported […] | |||
|
2019-10-20 17:57:00 | TA505 cybercrime group use SDBbot RAT in recent campaigns (lien direct) | TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. The TA505 group, that is known to have operated both the Dridex and Locky malware families, continues […] | |||
|
2019-10-20 12:25:14 | (Déjà vu) Security Affairs newsletter Round 236 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. A new Mac malware dubbed Tarmac has been distributed via […] | Malware | ||
|
2019-10-20 11:55:38 | US Army stopped using floppy disks as storage for SACCS system that manages nuclear weapons arsenal (lien direct) | The news is quite curious, the US military will no longer use 8-inch floppy disks in an antiquated computer (SACCS) to manage nuclear weapons arsenal. It’s official, the US strategic command has announced that it has replaced the 8-inch floppy disks in an ancient computer to receive nuclear launch orders from the President with a […] | |||
|
2019-10-20 05:46:08 | Fake UpdraftPlus WordPress Plugins used to backdoor sites (lien direct) | Threat actors leverage malicious plugins that hide in plain sight to backdoor WordPress websites and to use them for brute-forcing other sites. The use of fake WordPress plugins installed by hackers is not a novelty, recently at Sucuri observed multiple infections aimed at installing fake plugins with backdoor capabilities. Attackers use automated tools to create malicious WordPress […] | |||
|
2019-10-19 13:41:08 | A critical Linux Wi-Fi bug could be exploited to fully compromise systems (lien direct) | A researcher discovered a critical Linux vulnerability, tracked as CVE-2019-17666, that could be exploited to fully compromise vulnerable machines. Nico Waisman, principal security engineer at Github, discovered a critical Linux flaw, tracked as CVE-2019-17666, that could be exploited by attackers to fully compromise vulnerable machines. The vulnerability affects Linux versions through 5.3.6, according to the […] | Vulnerability | ||
|
2019-10-19 09:45:31 | (Déjà vu) Hundreds of millions of UC Browser Android Users Exposed to MiTM Attacks. Again. (lien direct) | Over 600 million UC Browser and UC Browser Mini Android users have been exposed to man-in-the-middle (MiTM) attacks. More than 600 million users of the popular UC Browser and UC Browser Mini Android apps have been exposed to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels. […] | |||
|
2019-10-19 07:36:45 | Emsisoft released a free decryption tool for the STOP (Djvu) ransomware (lien direct) | Emsisoft firm has released a new free decryption tool the STOP (Djvu) ransomware, in the last months the research team helped victims of many other threats. STOP (Djvu) ransomware has 160 variants that infected more hundreds of thousands of victims worldwide. Experts estimated a total number of 460,000 victims, that makes this threat the most […] | Ransomware Tool Threat | ||
|
2019-10-18 19:35:09 | Systems at Ingredients provider Ingredion infected with a Malware (lien direct) | The US ingredient provider Ingredion Incorporated announced that it has recently detected suspicious activity associated with a malware attack. The US ingredient provider Ingredion Incorporated revealed to have detected an ongoing malware attack after its experts noticed a suspicious activity this week. Ingredion has hired third-party experts to help its staff in investigating the incident […] | Malware | ||
|
2019-10-18 14:40:53 | Trojanized Tor Browser targets shoppers of Darknet black marketplaces (lien direct) | A tainted version of the Tor Browser is targeting dark web market shoppers to steal their cryptocurrency and gather information on their browsing activity. A Trojanized version of the Tor Browser is targeting shoppers of black marketplaces in the dark web, threat actors aim to steal their cryptocurrency and gather information on their browsing activity. […] | Threat | ||
|
2019-10-18 12:34:41 | China-linked cyberspies Turbine PANDA targeted aerospace firms for years (lien direct) | Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. According to the experts the cyber espionage operations begun in January 2010, after the state-owned enterprise Commercial Aircraft Corporation of China (COMAC) selected […] | APT 26 | ||
|
2019-10-18 10:23:40 | (Déjà vu) Pitney Bowes revealed that its systems were infected with Ryuk Ransomware (lien direct) | The global shipping and mailing services company Pitney Bowes revealed that the recent partial outage was caused by the Ryuk ransomware. The global shipping and mailing services company Pitney Bowes recently suffered a partial outage of its service caused by a ransomware attack. Pitney Bowes is a global technology company that provides commerce solutions in the […] | Ransomware | ||
|
2019-10-18 08:56:03 | Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw (lien direct) | A researcher has published a proof-of-concept (PoC) exploit code for the CVE-2019-2215 zero-day flaw in Android recently addressed by Google Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. According to the expert, the bug was allegedly being used or sold by the controversial surveillance firm NSO […] | |||
|
2019-10-17 19:38:33 | Cryptocurrency miners infected more than 50% of the European airport workstations (lien direct) | Researchers at Cyberbit spotted a crypto mining campaign that infected more than 50% of the European airport workstations. Security experts at Cyberbit have uncovered a crypto mining campaign that infected more than 50% of the European airport workstations. European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this […] | |||
|
2019-10-17 14:36:37 | Critical and high-severity flaws addressed in Cisco Aironet APs (lien direct) | A critical flaw in Aironet access points (APs) can be exploited by a remote attacker to gain unauthorized access to vulnerable devices. Cisco disclosed a critical vulnerability in Aironet access points (APs), tracked as CVE-2019-15260, that can be exploited by a remote, unauthenticated attacker to gain unauthorized access to vulnerable devices with elevated privileges. This vulnerability […] | Vulnerability | ||
|
2019-10-17 12:54:45 | International operation dismantled largest Dark Web Child abuse site (lien direct) | The United States Department of Justice announced the arrest of hundreds of criminals as part of a global operation against a dark web child abuse community. The US Department of Justice announced the arrest of hundreds of criminals as part of a global operation conducted against the crime community operating the largest dark web child […] | |||
|
2019-10-17 09:54:48 | Graboid the first-ever Cryptojacking worm that targets Docker Hub (lien direct) | Security experts at Palo Alto Networks discovered a worm dubbed Graboid that spreads using Docker containers. Palo Alto Networks researchers discovered a new Monero miner with wormable capabilities, dubbed Graboid, that spreads using Docker containers. Experts discovered that to target new systems, the Graboid worm periodically queries the C&C for vulnerable hosts, in this way […] | |||
|
2019-10-17 08:02:21 | (Déjà vu) M6 Group, largest France private multimedia group, hit by ransomware attack (lien direct) | M6, one of France’s biggest TV channels, hit by ransomware Unlike The Weather Channel earlier this year, M6 remained on the air. The M6 Group, the largest France private multimedia group, was the victim of ransomware over the weekend. The systems at the M6 Group, France’s largest private multimedia group, were infected with the ransomware […] | Ransomware | ||
|
2019-10-16 13:40:33 | Signature update for Symantec Endpoint protection crashed many device (lien direct) | Symantec rolled out an intrusion prevention signature update for its Endpoint Protection product that has caused many devices to crash and display a so-called blue screen of death (BSOD). An intrusion prevention signature update for the Endpoint Protection product had a bad impact on the devices, in many cases it caused the devices to crash […] | |||
|
2019-10-16 12:53:23 | Approaching the Reverse Engineering of a RFID/NFC Vending Machine (lien direct) | Security expert Pasquale Fiorillo demonstrates how to hack n RFID/NFC Vending Machine. The affected vendor did not answer to my responsible disclosure request, so I'm here to disclose this “hack” without revealing the name of the vendor itself. The target vending machine uses an insecure NFC Card, MIFARE Classic 1k, that has been affected by multiple […] | Hack | ||
|
2019-10-16 06:55:39 | Chinese-speaking cybercrime gang Rocke changes tactics (lien direct) | Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past, has now using news tactics to evade detection. The group has been observed using new tactics, techniques, and procedures (TTPs), it is also […] | |||
|
2019-10-16 05:52:54 | Adobe out-of-band security updates address 82 flaws in 3 products (lien direct) | Adobe has released out-of-band security updates to address a total of 82 security vulnerabilities that affect three products of the company. On Tuesday, Adobe released out-of-band security updates to address 82 flaws in Acrobat and Reader, Experience Manager, Experience Manager Forms, and Download Manager. Out of 82 security flaws, 45 vulnerabilities affecting Adobe Acrobat and Reader have […] | |||
|
2019-10-15 20:11:00 | Click2Mail suffered a data breach that potentially impacts 200,000 registrants (lien direct) | Click2Mail.com, a US Postal Service affiliate partner, has suffered a data breach that exposed the personal information of its users. The US Postal Service affiliate partner Click2Mail has suffered a data breach that exposed the personal information of its users. The company allows its users to professionally print letters, flyers or postcards and deliver them […] | Data Breach | ||
|
2019-10-15 14:53:28 | Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack (lien direct) | The global shipping and mailing services company Pitney Bowes suffered a partial outage of its service caused by a ransomware attack. The Pitney Bowes company announced that a ransomware attack infected its systems and cause a partial system outage that made some of its service unavailable for some customers. Pitney Bowes is a global technology company […] | Ransomware | ||
|
2019-10-15 10:09:47 | sudo flaw allows any users to run commands as Root on Linux (lien direct) | Experts discovered a security policy bypass issue in the Sudo utility that is installed as a command on almost every Linux and Unix system. The Sudo utility that is installed as a command on almost every Linux and Unix system is affected by a security policy bypass issue tracked as CVE-2019-14287. The vulnerability could be […] | Vulnerability | ||
|
2019-10-15 06:24:54 | Winnti Group was planning a devastating supply-chain attack against Asian manufacturer (lien direct) | Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Security experts at ESET revealed that Winnti Group continues to update its arsenal, they observed that the China-linked APT group using a new modular Windows backdoor that they used to infect the […] | |||
|
2019-10-14 17:49:43 | Is Emotet gang targeting companies with external SOC? (lien direct) | Cybercrime gang behind the Emotet malware is targeting organization with external SOC with emails claiming to deliver a SOC “weekly report.” Introduction The group behind Emotet malware is getting smarter and smarter in the way they deliver such a Malware. While the infection schema looks alike from years; the way the group tries to infect victims improves from day […] | |||
|
2019-10-14 14:17:23 | Privacy advocates criticize Apple for sharing some users browsing data with Tencent (lien direct) | New problems for Apple, most of its users likely ignore that the company is sharing iOS web browsing data on some of them to Chinese giant Tencent. Most Apple users likely don’t know that the tech giant is sending iOS web browsing data on some of them to the Chinese giant Tencent. The news is […] | |||
|
2019-10-14 10:29:31 | (Déjà vu) Imperva explains how hackers stole AWS API Key and accessed to customer data (lien direct) | Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall (WAF) customers. In August, cybersecurity firm Imperva disclosed a data breach that exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula. Incapsula, is a CDN service designed […] | Data Breach | ||
|
2019-10-14 06:40:50 | Talos experts found 11 flaws in Schneider Electric Modicon Controllers (lien direct) | Cisco Talos experts discovered nearly a dozen flaws affecting some of the models of Schneider Electric's Modicon programmable logic controllers. Talos experts discovered 11 security flaws affecting some models of Schneider Electric's Modicon programmable logic controllers. Affected models are Modicon M580, M340, BMENOC 0311, BMENOC 0321, Quantum, Premium, and Modicon BMxCRA and 140CRA. The unique […] | |||
|
2019-10-13 23:06:24 | Charming Kitten Campaign involved new impersonation methods (lien direct) | Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians. Microsoft Threat Intelligence Center (MSTIC) observed the APT group making more than 2,700 attempts to […] | Threat Conference | APT 35 | |
|
2019-10-13 11:47:29 | Alabama Hospital chain paid ransom to resume operations after ransomware attack (lien direct) | An Alabama hospital chain announced to have restored normal operation after paying the ransom request by crooks that infected its systems with ransomware. A hospital chain in west Alabama was recently hit by a ransomware attack that paralyzed its systems. The organization opted out to pay the ransom and announced to have restored normal operation. […] | Ransomware | ||
|
2019-10-13 10:12:18 | (Déjà vu) Security Affairs newsletter Round 235 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Hacker is auctioning a database containing details of 92 million […] | |||
|
2019-10-13 09:32:45 | A new Mac malware dubbed Tarmac has been distributed via malvertising campaigns (lien direct) | Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan. “Malicious ads redirect victims to sites showing popups peddling software updates, […] | Malware | ||
|
2019-10-12 17:45:07 | Leafly Cannabis information platform suffered a data leak (lien direct) | Leafly, a cannabis information platform, suffered a data leak that exposed the personal information of some of its customers. Leafly, the world's leading cannabis resource, informed its customers via email that has suffered a data leak. On September 30, the company discovered that customer The company discovered on September 30 that a secondary database was […] | Guideline | ||
|
2019-10-12 14:52:04 | FIN7 Hackers group is back with a new loader and a new RAT (lien direct) | FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. Security experts at FireEye Mandiant discovered that the FIN7 hacking group has added new tools to its arsenal, including a new loader and a module that hooks into the legitimate […] | |||
|
2019-10-12 10:44:46 | (Déjà vu) SIM cards used in 29 countries are vulnerable to Simjacker attack (lien direct) | Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile operators use flawed SIM cards. Exactly one month ago, researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just […] | Vulnerability |
To see everything:
Our RSS (filtrered)
