What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-15 22:43:01 | VMware fixes command injection issue in vSphere Replication (lien direct) | VMware released security patches for a potentially serious vulnerability affecting the vSphere Replication product. VMware has recently released security patches to address a serious command injection vulnerability, tracked as CVE-2021-21976, in its vSphere Replication product. VMware vSphere Replication is an extension to VMware vCenter Server that provides hypervisor-based virtual machine replication and recovery. vSphere Replication […] | Vulnerability | ||
|
2021-02-15 21:27:39 | France agency ANSSI links Russia\'s Sandworm APT to attacks on hosting providers (lien direct) | French agency ANSSI attributes a series of attacks targeting Centreon servers to the Russia-linked Sandworm APT group. The French security agency ANSSI is warming of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates back […] | |||
|
2021-02-15 16:14:45 | The malicious code in SolarWinds attack was the work of 1,000+ developers (lien direct) | Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack Microsoft's analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers. Microsoft president Brad Smith provided further details about the investigation of the SolarWinds supply chain attack, the company's analysis of […] | Threat | ||
|
2021-02-15 09:23:52 | French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine (lien direct) | An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS. Some affiliated with the Egregor RaaS, not the main ransomware gang, have been arrested as a result of a joint operation conducted by law enforcement in Ukraine and France. Authorities did not reveal […] | Ransomware Guideline | ||
|
2021-02-14 23:09:17 | The kingpin behind Joker\'s Stash retires with a billionaire exit (lien direct) | The administrators of the most popular carding marketplace on the dark web Joker’s Stash announced his retirement. Cybercriminal behind the most prominent carding marketplace on the dark web Joker’s Stash retires, he will shut down its servers and destroy the backups. According to Forbes, the man has amassed a billion dollars worth of Bitcoin with […] | |||
|
2021-02-14 13:55:26 | PayPal addresses reflected XSS bug in user wallet currency converter (lien direct) | PayPal has addressed a reflected cross-site scripting (XSS) vulnerability that affected the currency converter feature of user wallets. PayPal has fixed a reflected cross-site scripting (XSS) vulnerability that was discovered in the currency converter feature of user wallets on February 19, 2020, close one year ago. The ‘reflected XSS and CSP bypass’ vulnerability was reported […] | Vulnerability | ||
|
2021-02-14 11:12:22 | Security Affairs newsletter Round 301 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. COMB breach: 3.2B email and password pairs leaked online Hacking Nespresso machines to have unlimited funds to purchase […] | |||
|
2021-02-14 10:40:17 | (Déjà vu) FBI\'s alert warns about using Windows 7 and TeamViewer (lien direct) | The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. The FBI issues this week a Private Industry Notification (PIN) alert to warn companies about the risks of using out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. The alert comes […] | |||
|
2021-02-13 18:04:46 | Court documents show FBI could use a tool to access private Signal messages on iPhones (lien direct) | Court documents obtained by Forbes revealed that the FBI may have a tool that allows accessing private Signal messages on iPhones. Court documents related to a recent gun-trafficking case in New York and obtained by Forbes revealed that the FBI may have a tool to access private Signal messages. The documents revealed that encrypted messages can be intercepted from […] | Tool | ||
|
2021-02-13 14:45:15 | The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data (lien direct) | Personal and Corporate data is now regularly targeted and traded by unscrupulous actors, protect it with a proactive Cyber Defense solution. If your enemy is secure at all points, be prepared for them. If they are in superior strength, evade them. If your opponent is temperamental, seek to irritate him. Pretend to be weak, that […] | |||
|
2021-02-13 10:46:40 | Gmail users from US most targeted by email-based phishing and malware (lien direct) | Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. A joint five-month study conducted by Google with Stanford University researchers analyzed over 1.2 billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. Experts discovered that malicious […] | Malware | ||
|
2021-02-12 18:42:44 | (Déjà vu) Yandex security team caught admin selling access to users\' inboxes (lien direct) | Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. Russian search engine and internet provider Yandex discloses a data breach, the company revealed that one of its system administrators was caught selling access to 4,887 user email accounts. The security incident was discovered […] | |||
|
2021-02-12 15:41:11 | TIM\'s Red Team Research (RTR) discovered a critical zero-day vulnerability in IBM InfoSphere Information Server (lien direct) | Researchers at TIM's Red Team Research discovered a zero-day vulnerability in IBM InfoSphere Information Server. Today, TIM's Red Team Research led by Massimiliano Brolli, discovered a new critical vulnerability in IBM InfoSphere Information Server. The flaw has not addressed by IBM, because the product version 8.5.0.0 is in End-of-life. Today, TIM's Red Team Research led […] | Vulnerability | ||
|
2021-02-12 14:34:46 | Microsoft warns of the rise of web shell attacks (lien direct) | Researchers from Microsoft are warning that the number of monthly web shell attacks has doubled since last year. Microsoft reported that the number of monthly web shell attacks has almost doubled since last year, its experts observed an average of 140,000 of these software installs on servers on a monthly basis, while in 2020 they […] | |||
|
2021-02-12 10:45:26 | The “P” in Telegram stands for Privacy (lien direct) | Security expert Dhiraj Mishra analyzed the popular instant messaging app Telegram and identified some failures in terms of handling the users’ data. Summary: While understanding the implementation of various security and privacy measures in Telegram, I identified that telegram fails again in terms of handling the users data. My initial study started with understanding how self-destructing […] | ★★★★★ | ||
|
2021-02-12 10:07:11 | Lampion trojan disseminated in Portugal using COVID-19 template (lien direct) | The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template. In the last few days, a new release of the Latin American Lampion trojan was released in Portugal using a template related to COVID-19. This trojan has been distributed in Portugal […] | |||
|
2021-02-11 22:50:56 | Avaddon ransomware decryptor released, but operators quickly reacted (lien direct) | An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it inefficient. The Spanish student Javier Yuste has released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free. Yuste is a student at […] | Ransomware Malware Tool | ||
|
2021-02-11 18:32:20 | Experts spotted two Android spyware used by Indian APT Confucius (lien direct) | Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Confucius is a pro-India APT group that has been active since […] | |||
|
2021-02-11 07:33:58 | (Déjà vu) Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks (lien direct) | A total of eight criminals have been arrested on 9 February as a result of an international police operation into a series of SIM swapping attacks. Eight men were arrested in England and Scotland as part of a year-long international investigation into a series of SIM swapping attacks targeting high-profile victims in the United States. […] | |||
|
2021-02-10 21:35:32 | (Déjà vu) SAP addresses a critical flaw in SAP Commerce Product (lien direct) | SAP released seven new security notes on February 2021 Security Patch Day, including a Hot News note for a critical issue affecting SAP Commerce. SAP released seven new security notes on February 2021 Security Patch Day and updated six previously released notes. The new security notes include a Hot News note that addresses a critical vulnerability, tracked as CVE-2021-21477, […] | |||
|
2021-02-10 19:12:17 | (Déjà vu) Anti-malware firm Emsisoft accidentally exposes internal DB (lien direct) | Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The anti-malware solutions provider Emsisoft disclosed last week a data breach. The company revealed that a third-party had accessed a publicly exposed database containing technical logs. The root cause of the incident was a misconfiguration of […] | |||
|
2021-02-10 16:05:42 | CD Projekt Red game maker discloses ransomware attack (lien direct) | The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher, has disclosed a ransomware attack. The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher series, has suffered a ransomware attack. The company confirmed the security breach with a series of messages on […] | Ransomware | ||
|
2021-02-10 07:04:21 | (Déjà vu) Adobe fixes a buffer overflow issue in Reader which is exploited in the wild (lien direct) | Adobe released security patches for 50 flaws affecting six products, including a zero-day flaw in Reader that has been exploited in the wild. Adobe has released security updates that address 50 vulnerabilities affecting its Adobe Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver products. Adobe fixed 23 CVEs in Adobe Reader, 17 of which have been rated […] | |||
|
2021-02-09 22:27:22 | Microsoft February 2021 Patch Tuesday fixes 56 bugs, including an actively exploited Windows zero-day (lien direct) | Microsoft February 2021 Patch Tuesday addresses 56 vulnerabilities, including a flaw that is known to be actively exploited in the wild. Microsoft February 2021 Patch Tuesday security updates address 56 CVEs in multiple products, including Windows components, .NET Framework, Azure IoT, Azure Kubernetes Service, Microsoft Edge for Android, Exchange Server, Office and Office Services and […] | Uber | ||
|
2021-02-09 20:45:49 | Ukraine\'s police arrested the author of the U-Admin phishing kit (lien direct) | An international operation conducted by Ukraine’s police, along with the US and Australia peers, shut down the world’s largest phishing Service U-Admin. Last week, an international operation conducted by Ukraine’s police, along with the US and Australian authorities, lead to the shut down of the world’s phishing framework U-Admin. The National Police and its Main […] | Guideline | ||
|
2021-02-09 15:18:06 | Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs (lien direct) | The development team behind the NextGen Gallery plugin has addressed two severe CSRF vulnerabilities that could have allowed site takeover. The developers behind the NextGen Gallery plugin have fixed two critical Cross-site request forgery (CSRF) vulnerabilities, their exploitation could lead to a site takeover, malicious redirects, spam injection, phishing, and other malicious activities. The NextGEN […] | Spam Guideline | ||
|
2021-02-09 07:37:59 | (Déjà vu) Microsoft to notify Office 365 users of nation-state attacks (lien direct) | Microsoft implements alerts for ‘nation-state activity’ in the Defender for Office 365 dashboard, to allow organizations to quickly respond. Since 2016, Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The new security alert will notify companies when their employees are […] | |||
|
2021-02-08 23:52:32 | Hackers attempted to poison the water supply of a US city (lien direct) | Pinellas Sheriff revealed that attackers tried to raise levels of sodium hydroxide, by a factor of more than 100, in the Oldsmar's water supply. The scenario described by Pinellas Sheriff Bob Gualtieri is disconcerting, an attacker attempted to raise levels of sodium hydroxide, also known as lye, by a factor of more than 100, in […] | |||
|
2021-02-08 21:23:57 | Google launches Open Source Vulnerabilities (OSV) database (lien direct) | Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. The database aims at helping both open source maintainers and consumers of open source projects. The archive […] | Vulnerability | ||
|
2021-02-08 16:25:37 | Domestic Kitten has been conducting surveillance targeting over 1,000 individuals (lien direct) | Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten, also tracked as APT-C-50, is an Iran-linked APT group that has been active at least since 2018. In 2018, researchers at security firm CheckPoint uncovered an extensive surveillance operation conducted by Domestic Kitten aimed at […] | |||
|
2021-02-08 13:01:59 | (Déjà vu) Novel phishing technique uses Morse code to compose malicious URLs (lien direct) | Cybercriminals devised a new phishing technique that leverages the Morse code to hide malicious URLs and bypass defense. Experts spotted a new targeted phishing campaign that leverages a new obfuscation technique based on the Morse code to hide malicious URLs in an email attachment and bypass secure mail gateways and mail filters. The Morse code […] | |||
|
2021-02-08 08:50:18 | Victims of Ziggy ransomware can recover their files for free (lien direct) | The Ziggy ransomware gang has shut down its operations and released the decryption keys fearing the ongoing investigation of law enforcement. Good news for the victims of the Ziggy ransomware, the ransomware operators have shut down their operations and released the victims’ decryption keys. The victims can now recover their encrypted files without needing to pay the ransom. […] | Ransomware | ||
|
2021-02-07 22:06:26 | COMB breach: 3.2B email and password pairs leaked online (lien direct) | The Largest compilation of emails and passwords (COMB), more than 3.2 billion login credentials, has been leaked on a popular hacking forum. More than 3.2 billion unique pairs of cleartext emails and passwords have been leaked on a popular hacking forum, the collection aggregates data from past leaks, such as Netflix, LinkedIn, Exploit.in, Bitcoin, and […] | |||
|
2021-02-07 19:58:02 | Hacking Nespresso machines to have unlimited funds to purchase coffee (lien direct) | Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. The attack is possible because the machines use a smart card payment system that leverages insecure technology, the MIFARE Classic smart […] | ★★★ | ||
|
2021-02-07 14:20:55 | The number of ICS flaws in 2020 was 24,72% higher compared to 2019 (lien direct) | The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. According to a report published by the industrial cybersecurity firm Claroty that focuses on the second half of 2020, the number of flaws discovered in industrial control system (ICS) products in 2020 (893 flaws) was 24,72% higher […] | |||
|
2021-02-07 11:55:04 | Security Affairs newsletter Round 300 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Experts explain how to bypass recent improvement of Chinas Great Firewall New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle […] | APT 32 | ||
|
2021-02-07 10:44:34 | Web developers SitePoint discloses a data breach (lien direct) | The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. SitePoint is an Australian-based website, and publisher of books, courses and articles for web developers. The company has disclosed a data breach and notified its users via email. Threat actors offered for sale an archive containing […] | Data Breach Threat | ||
|
2021-02-06 21:35:47 | (Déjà vu) Experts found critical flaws in Realtek Wi-Fi Module (lien direct) | Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. […] | |||
|
2021-02-06 15:10:30 | Watch out! \'The Great Suspender\' Chrome extension contains Malware (lien direct) | Google removed the popular The Great Suspender from the official Chrome Web Store for containing malware and deactivated it from the users’ PC. Google on Thursday removed The Great Suspender extension from the Chrome Web Store. Million of users have installed the popular Chrome extension, the IT giant also took the proactive measure of deactivating it from […] | Malware | ||
|
2021-02-06 14:08:14 | (Déjà vu) Packaging giant WestRock is still working to resume after recent Ransomware Attack (lien direct) | Packaging giant WestRock revealed this week that the recent ransomware attack impacted the company's IT and operational technology (OT) systems. American corrugated packaging company WestRock announced at the end of January that it was the victim of a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. WestRock did not share details about the security […] | Ransomware | ||
|
2021-02-05 23:19:17 | (Déjà vu) Forward Air Corporation says that December Ransomware attack caused a loss of $7.5M (lien direct) | Trucking and freight transportation logistics giant Forward Air Corporation said a December 2020 ransomware attack had $7.5M Impact. Trucking and freight transportation logistics giant Forward Air Corporation announced that the ransomware attack that hit the company in December will impact its fourth-quarter financial results. This week the company filed a FORM 8-K with SEC that […] | Ransomware | ||
|
2021-02-05 21:57:43 | Hackers abuse Plex Media servers for DDoS amplification attacks (lien direct) | Netscout experts warn of DDoS-for-hire services abusing Plex Media servers to bounce junk traffic and amplify DDoS attacks. Security researchers from Netscout discovered DDoS-for-hire services have found a way to abuse Plex Media servers to bounce junk traffic and amplify distributed denial of service (DDoS) attacks. Plex Media Server is a personal media library and streaming system […] | |||
|
2021-02-05 16:44:53 | TeamTNT group uses Hildegard Malware to target Kubernetes Systems (lien direct) | The TeamTNT hacker group has been employing a new piece of malware, dubbed Hildegard, to target Kubernetes installs. The hacking group TeamTNT has been employing a new piece of malware, dubbed Hildegard, in a series of attacks targeting Kubernetes systems. Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal […] | Malware | Uber | |
|
2021-02-05 08:33:56 | Fortinet addresses 4 vulnerabilities in FortiWeb web application firewalls (lien direct) | Security vendor Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls, including a Remote Code Execution flaw. Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls that were reported by Positive Technologies expert Andrey Medov. The first vulnerability, tracked as CVE-2020-29015, is a blind SQL injection that resides in the FortiWeb user interface. […] | |||
|
2021-02-04 23:51:35 | Google addresses Chrome zero-day flaw actively exploited in the wild (lien direct) | Google has addressed an actively exploited zero-day vulnerability, tracked as CVE-2021-21148, with the release of the Chrome 88.0.4324.150 version. Google released Chrome 88.0.4324.150 version that addressed an actively exploited zero-day security vulnerability. The vulnerability is a Heap buffer overflow that resides in the V8, which is an open-source high-performance JavaScript and WebAssembly engine, written in C++. The flaw […] | |||
|
2021-02-04 20:16:58 | Matryosh DDoS botnet targets Android-Based devices via ADB (lien direct) | Netlab researchers spotted a new Android malware, dubbed Matryosh, that is infecting devices to recruit them in a distributed denial-of-service (DDoS) botnet. On January 25, 2021, researchers at 360 netlab detected a suspicious ELF file, initially attributed to Mirai, but that later revealed his nature, a new bot tracked as Matryosh. “On January 25, 2021, […] | |||
|
2021-02-04 16:06:40 | (Déjà vu) Hackers accessed Stormshield data, including source code of ANSSI certified products (lien direct) | The provider of network security products Stormshield discloses data breach, threat actors stole information on some of its clients. Stormshield is a major provider of network security products to the French government, some approved to be used on sensitive networks. Stormshield is a French publisher of software specialized in computer security, its products are certified […] | Threat | ||
|
2021-02-04 13:57:32 | (Déjà vu) SonicWall released patch for actively exploited SMA 100 zero-day (lien direct) | SonicWall has released a security patch to address the zero-day flaw actively exploited in attacks against the SMA 100 series appliances. SonicWall this week released firmware updates (version 10.2.0.5-29sv) to address an actively exploited zero-day vulnerability in Secure Mobile Access (SMA) 100 series appliances. The vulnerability, tracked as CVE-2021-20016, has been rated as critical and received a […] | Vulnerability | ||
|
2021-02-04 08:06:43 | (Déjà vu) Cisco fixes critical remote code execution issues in SMB VPN routers (lien direct) | Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to execute arbitrary code as root on vulnerable devices. […] | |||
|
2021-02-03 22:05:46 | TIM\'s Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded (lien direct) | Researchers from TIM's Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded Italy also joins the security bug research, with the Red Team Research laboratory of TIM, an important Italian telecommunications company. Among the team’s objectives is to detect the vulnerabilities that a potential attacker could exploit to […] |
To see everything:
Our RSS (filtrered)
