What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-23 09:20:04 | NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point (lien direct) | NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. According to a report published by the NASA Office of Inspector General, hackers breached the Agency’s network in April 2018 and remained undetected for nearly a year. The report […] | |||
|
2019-06-23 08:12:04 | (Déjà vu) Expert released PoC for Outlook for Android flaw addressed by Microsoft (lien direct) | Security researcher from F5 Networks that released more details and proof-of-concept for the recently addressed flaw in Outlook for Android. Microsoft has recently addressed an important vulnerability, tracked as CVE-2019-1105, in Outlook for Android, that potentially affected over 100 million users. The vulnerability is a stored cross-site scripting issue that is related to the way […] | Vulnerability | ||
|
2019-06-22 14:18:04 | (Déjà vu) Android Botnet leverages ADB ports and SSH to spread (lien direct) | Trend Micro recently discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). Security researchers at Trend Micro have discovered an new Android crypto-currency mining botnet that spreads via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). The Android Debug Bridge (adb) is […] | |||
|
2019-06-22 09:03:02 | Flaws allow hacking a system playing untrusted videos on VLC Player (lien direct) | Two vulnerabilities in VLC media player could allow remote attackers to take full control over a computer system while playing untrusted videos. An attacker could remotely take full control over a computer system while playing untrusted videos with any version of VLC media player software prior to 3.0.7. The hack is possible due to two […] | Hack | ||
|
2019-06-21 21:35:04 | Bird Miner, a macOS miner that runs by emulating Linux (lien direct) | Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating Linux. Researchers at MalwareBytes have spotted a new cryptominer, tracked as Bird Miner, that targets macOS and emulates Linux. The malware spreads via a cracked installer for the music production software Ableton Live that is distributed […] | Malware | ||
|
2019-06-21 17:14:00 | Credit Union Giant Desjardins suffered a massive data breach (lien direct) | Desjardins credit union announced a data breach that exposed personal banking information of 2.9 million customers. The nation’s largest credit union, one of the largest in the world, confirmed it suffered a data leak that exposed personal banking information of 2.9 Million customers. The security breach occurred in December, but law enforcement only revealed it […] | Data Breach | ||
|
2019-06-21 13:01:04 | Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig (lien direct) | Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspies used a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Recent campaigns demonstrate that Turla continues to evolve its arsenal and adopt news […] | APT 34 | ||
|
2019-06-21 06:18:05 | Microsoft fixed CVE-2019-1105 flaw in Outlook for Android (lien direct) | Microsoft has addressed an important vulnerability (CVE-2019-1105) in Outlook for Android, potentially affected over 100 million users. Microsoft has addressed an important flaw tracked as CVE-2019-1105 that affects versions of Outlook for Android app before 3.0.88. The vulnerability is a stored cross-site scripting issue that is related to the way the app parses incoming email […] | Vulnerability | ||
|
2019-06-20 19:56:02 | (Déjà vu) CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges (lien direct) | Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. Experts discovered that recently patched Firefox zero-day vulnerability (CVE-2019-11707) has been exploited by threat actors to deliver Windows and Mac malware to employees of cryptocurrency exchanges. CVE-2019-11707 is a type confusion vulnerability in Array.pop. Mozilla has addressed […] | Malware Vulnerability Threat | ||
|
2019-06-20 13:49:02 | The Riviera Beach City pays $600,000 in ransom (lien direct) | The Riviera Beach City, Florida, agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. The Riviera Beach City Council voted unanimously to pay $600,000 in ransom to decrypt its records after a ransomware attack hit its systems. The council has previously agreed to spend $941,000 to […] | Ransomware | ||
|
2019-06-20 12:56:05 | Oregon Department of Human Services data breach impacted 645,000 clients (lien direct) | Oregon Department of Human Services announced it was a victim of a data breach in January, roughly 645,000 potentially impacted. Oregon Department of Human Services officials confirmed that the organization has suffered a data breach that has exposed personal details and health information of 645,000 clients. The incident happened in January and the Oregon Department […] | Data Breach | ||
|
2019-06-20 06:53:00 | Tor Browser 8.5.2 fixes Firefox zero-day. Update it now! (lien direct) | Developers at the Tor Project have released the Tor Browser 8.5.2 to address the recently fixed CVE-2019-11707 zero-day flaw in Mozilla Firefox. Yesterday I reported the news of a critical zero-day in Firefox that was addressed by Mozilla with a new release. The vulnerability, tracked as CVE-2019-11707, is a type confusion flaw in Array.pop. Mozilla has addressed […] | |||
|
2019-06-20 05:59:05 | Bouncing Golf cyberespionage campaign targets Android users in Middle East (lien direct) | According to security researchers at Trend Micro, a cyberespionage campaign is targeting Android users in Middle Eastern countries. Security researchers at Trend Micro have spotted a cyberespionage campaign, dubbed ‘Bouncing Golf, that is targeting Android users in Middle Eastern countries. Threat actors are using a piece of malware detected as GolfSpy, that implements multiple features […] | Malware Threat | ||
|
2019-06-19 14:19:05 | (Déjà vu) AMCA files for bankruptcy following the recently disclosed security breach (lien direct) | Retrieval-Masters Creditors Bureau, the company that operates healthcare billing services provider AMCA, has filed for Chapter 11 bankruptcy due to a recent data breach. Retrieval-Masters Creditors Bureau, the company that operates the recovery agency for patient collections American Medical Collection Agency (AMCA), has filed for Chapter 11 bankruptcy due to a recent security breach that […] | |||
|
2019-06-19 11:03:00 | Another Remote Code Execution flaw in WebLogic exploited in the wild (lien direct) | Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server. On Tuesday, Oracle released emergency patches for another critical remote code execution vulnerability affecting the WebLogic Server. The vulnerability, tracked as CVE-2019-2729, affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The vulnerability is a remotely exploitable deserialization vulnerability via XMLDecoder in Oracle WebLogic […] | Vulnerability | ||
|
2019-06-19 09:57:02 | (Déjà vu) Mozilla fixed a Firefox Zero-Day flaw exploited in targeted attacks (lien direct) | Mozilla released security updates for Firefox that addressed a critical zero-day vulnerability exploited in targeted attacks in the wild. Mozilla released security updates for its Firefox web browser that address a critical vulnerability that has been actively exploited in the wild. The zero-day vulnerability, tracked as CVE-2019-11707, is a type confusion flaw in Array.pop. Mozilla has addressed […] | Vulnerability | ||
|
2019-06-19 08:27:03 | Eatstreet, the online food ordering service disclosed a security breach (lien direct) | Eatstreet, the online food ordering service, disclosed a security breach that exposed customer payment card data and details of partners EatStreet, an online and mobile food ordering service, disclosed a security breach that exposed customer payment card data and details of delivery and restaurant partners Attackers breached the company network on May 3 stole data […] | |||
|
2019-06-19 07:02:02 | Modular Plurox backdoor can spread over local network (lien direct) | Kaspersky experts recently discovered a backdoor dubbed Plurox that can spread itself over a local network and can allow installing additional malware. Kaspersky experts discovered the Plurox backdoor in February, it can spread itself over a local network and could be used by attackers to install additional malware. The Plurox backdoor is written in C […] | |||
|
2019-06-18 21:08:03 | Yana Peel, chief executive of London\'s Galleries, resigned after discovery of her links with NSO group (lien direct) | The head of London’s Serpentine Galleries resigned on Tuesday following a Guardian report about her links to the Israeli surveillance firm NSO Group. On Tuesday, the chief executive of London’s Serpentine Galleries, Yana Peel, resigned following the revelation of the Guardian newspaper about her links to the Israeli surveillance firm NSO Group. According to the newspaper, Yana […] | |||
|
2019-06-18 14:29:03 | Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin (lien direct) | Expert discovered a new technique bypassing SMS-based two-factor authentication while circumventing Google's recent SMS permissions restrictions The popular security expert Lukas Stefanko from ESET discovered some apps (namedBTCTurk Pro Beta and BtcTurk Pro Beta) impersonating the Turkish cryptocurrency exchange, BtcTurk, in the attempt of stealing login credentials. In order to steal the 2FA OTPs the […] | |||
|
2019-06-18 13:02:04 | Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders (lien direct) | A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where […] | Vulnerability | ||
|
2019-06-18 11:03:01 | Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API (lien direct) | Researcher leaked online a dataset containing over 7,000,000 transactions scraped from the Venmo public API Venmo is a digital wallet app owned by PayPal that lets you make and share payments with friends. In August 2016, security expert Martin Vigo devised a method to abuse an optional SMS-based feature that allowed users to authorize payments […] | |||
|
2019-06-18 08:45:03 | DHS also issued an alert for the Windows BlueKeep flaw (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). After Microsoft and the US NSA, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). Experts at the CISA Agency successfully […] | |||
|
2019-06-18 07:49:00 | Multiple DoS vulnerabilities affect Linux and FreeBSD (lien direct) | Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition. Jonathan Looney, a security expert at Netflix, found three Linux DoS vulnerabilities, two of them related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, and one related only to MSS. The most severe […] | |||
|
2019-06-17 20:58:04 | (Déjà vu) A free Decryptor tool for GandCrab Ransomware released (lien direct) | Good news for the victims of the latest variants of the GandCrab ransomware, NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website. The tool works with versions 5 to 5.2 of the ransomware, […] | Ransomware Tool | ||
|
2019-06-17 13:35:05 | NYT Report: U.S. Cyber units planted destructive Malware in Russian Power Grid (lien direct) | According to The New York Times, the United States planted destructive malware in Russia's electric power grid. The New York Times, citing current and former government officials, revealed that the United States planted a potentially destructive malware in Russia's electric power grid. The U.S. cyber army is targeting the Russian power grid since at least […] | Malware | ||
|
2019-06-17 12:03:00 | New phishing campaign targets bank customers with WSH RAT (lien direct) | Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT. The […] | |||
|
2019-06-17 08:37:05 | From Targeted Attack to Untargeted Attack (lien direct) | Today I'd like to share an interesting and heavily obfuscated Malware which made me thinking about the meaning of ‘Targeted Attack’. Nowadays a Targeted Attack is mostly used to address state assets or business areas. For example a targeted attack might address Naval industry (MartyMcFly example is definitely a great example) or USA companies (Botnet Against […] | Malware | ||
|
2019-06-17 07:29:02 | Hacker is targeting DNA sequencer applications from Iranian IP address (lien direct) | Threat actors are targeting Web-based DNA sequencer applications leveraging a still-unpatched zero-day to take over the targeted systems. Starting from June 12, 2019, the researcher Ankit Anubhav from NewSky Security, observed threat actors targeting Web-based DNA sequencer applications. The attackers are leveraging a still-unpatched zero-day vulnerability, tracked as CVE-2017-6526, to gain full control over the […] | Threat | ||
|
2019-06-16 23:34:03 | Bella Thorne published her private nude photos before a hacker that was threatening her (lien direct) | Bella Thorne is the last victim of a sextortion attack, in a case similar to the Fappening saga, a hacker threatened the actress to publish her private nude photos. The hacker first obtained nude photos of Bella Thorne then threatened her to leak online the picture, but she gave an unsettling answer. Bella Thorne published tweets […] | |||
|
2019-06-16 18:09:02 | New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits (lien direct) | Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan. […] | Threat | ||
|
2019-06-16 16:28:01 | Linux worm spreading via Exim servers hit Azure customers (lien direct) | On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim email servers, that already compromised some Azure installs. Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers. Microsoft Azure is not immune, recently […] | Malware | ||
|
2019-06-16 05:38:02 | Security Affairs newsletter Round 218 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Critical RCE affects older Diebold Nixdorf ATMs Facebook is going to stop Huawei pre-installing apps on mobile devices Millions of Exim mail servers vulnerable to cyber attacks CIA sextortion […] | |||
|
2019-06-16 05:19:05 | (Déjà vu) XSS flaw would have allowed hackers access to Google\'s network and impersonate its employees (lien direct) | Bug hunter Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to Google’s internal network The Czech researcher Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to part of Google’s internal network. The Google Invoice Submission Portal is […] | Vulnerability | ||
|
2019-06-15 22:27:02 | Crooks exploit exposed Docker APIs to build AESDDoS botnet (lien direct) | Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA). Threat actors are actively scanning the Internet for exposed […] | Threat | ||
|
2019-06-15 06:18:03 | Xenotime threat actor now is targeting Electric Utilities in US and APAC (lien direct) | Experts at Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack is targeting electric utilities in the US and APAC. Xenotime threat actor is considered responsible for the 2017 Trisis/Triton malware attack that hit oil and gas organizations. In December 2017, the Triton malware (aka Trisis) was discovered by researchers at FireEye, it was specifically […] | Malware Threat | ||
|
2019-06-14 18:43:04 | (Déjà vu) Mozilla addressed flaws in Thunderbird that allow code execution (lien direct) | Mozilla released security updates for the Thunderbird email client that address vulnerabilities that could allow code execution on impacted systems. Mozilla released security updates for the Thunderbird email client that address vulnerabilities that could be exploited by attackers to execute arbitrary code on impacted systems. Mozilla released Thunderbird version 60.7.1 that addresses three High severity […] | |||
|
2019-06-14 12:58:01 | French authorities released the PyLocky decryptor for versions 1 and 2 (lien direct) | Good news for the victims of the pyLocky Ransomware versions 1 and 2, French authorities have released the pyLocky decryptor to decrypt the files for free. French authorities have released a decryptor for pyLocky Ransomware versions 1 and 2. The decryptor allows victims to decrypt their files for free. It was developed in collaboration between […] | Ransomware | ||
|
2019-06-14 12:19:05 | Dissecting NanoCore Crimeware Attack Chain (lien direct) | The Cybaze-Yoroi ZLab analyzed a new sample of Nanocore Remote Administrator Tools (RAT) using a Delphi wrapper to protect its code. Introduction Historically, cyber-criminals adopted one or more layers of encryption and obfuscation to lower their footprint and avoid detection. The usage of cryptors and packers has become a commodity in the contemporary malware landscape, providing the […] | Malware | ||
|
2019-06-14 08:05:05 | Yubico is replacing for free YubiKey FIPS devices due to security weakness (lien direct) | Yubico is replacing YubiKey FIPS security keys due to a serious flaw that makes cryptographic operations easier to crack under specific conditions. Yubico is replacing YubiKey FIPS security keys due to a serious issue that flaw that makes it easier to crack RSA keys and ECDSA signatures generated on these devices. The security advisory published […] | |||
|
2019-06-14 06:08:04 | Millions of Exim mail servers are currently under attack (lien direct) | Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage the CVE-2019-10149 flaw. Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are under attack, threat actors are exploiting the CVE-2019-10149 flaw to take over them. A critical vulnerability affects versions 4.87 to 4.91 […] | Vulnerability Threat | ||
|
2019-06-13 21:42:02 | WAGO Industrial Switches affected by multiple flaws (lien direct) | A security expert at SEC Consult discovered that some WAGO industrial managed switches are affected by several serious vulnerabilities. A security researcher at consulting company SEC Consult discovered several vulnerabilities in some models of WAGO industrial switches. The vulnerabilities affect WAGO industrial switches 852-303, 852-1305 and 852-1505 models. The company has already fixed the issues with […] | |||
|
2019-06-13 10:55:02 | Ransomware paralyzed production for at least a week at ASCO factories (lien direct) | Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO. ASCO, is of the world’s largest manufacturers of aerospace components The company has offices and production plants in Belgium, Canada, Germany the US, Brasil, and France. ASCO provides components to Airbus, Boeing, Bombardier Aerospace, […] | Ransomware | ||
|
2019-06-13 09:35:02 | Massive DDos attack hit Telegram, company says most of junk traffic is from China (lien direct) | Encrypted messaging service Telegram was hit by a major DDoS attack apparently originated from China, likely linked to the ongoing political unrest in Hong Kong. Telegram was used by protesters in Hong Kong to evade surveillance and coordinate their demonstrations against China that would allow extraditions from the country to the mainland. The country is […] | |||
|
2019-06-13 07:29:03 | Flaw in Evernote Web Clipper for Chrome extension allows stealing data (lien direct) | Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site scripting (XSS) vulnerability in the Evernote Web Clipper for Chrome. “In May 2019 Guardio’s research team has discovered […] | Vulnerability | ||
|
2019-06-12 21:26:05 | Google expert disclosed details of an unpatched flaw in SymCrypt library (lien direct) | Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The recently released Microsoft Patch Tuesday security updates for June 2019 failed to address a flaw in SymCrypt, a core cryptographic function library currently used by Windows. The flaw could be […] | |||
|
2019-06-12 14:07:05 | FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor (lien direct) | After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. Two years later after the last report, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry using an improved version of the ShellTea/PunchBuggy backdoor. The last time […] | |||
|
2019-06-12 12:51:01 | Radiohead releases a trove of stolen music in response to the hack (lien direct) | The English rock Radiohead released 18-hour trove of private recordings from their 1997 album “OK Computer” in response to the recent hack. The alternative rock band Radiohead released an 18-hour trove of private recordings from their 1997 album “OK Computer” after being hacked by crooks that demanded a ransom of $150,000 for the music. Radiohead uploaded 1.8-gigabyte […] | Hack | ||
|
2019-06-12 09:11:04 | RAMBleed, a new Side-Channel Attack that allows stealing sensitive data (lien direct) | Security researchers disclosed the details of RAMBleed, a new type of side-channel attack on DRAM that can allow stealing sensitive data from a memory. A team of academics from several universities has disclosed the details a new type of side-channel attack on dynamic random-access memory (DRAM), dubbed RAMBleed. The RAMBleed issue, tracked as CVE-2019-0174, could […] | |||
|
2019-06-12 07:55:01 | Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws (lien direct) | Microsoft releases Patch Tuesday security updates for June 2019 that address 88 vulnerabilities in Windows OS and other products. Microsoft Patch Tuesday security updates for June 2019 address 88 vulnerabilities in Windows OS and other products of the tech giant (Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, […] |
To see everything:
Our RSS (filtrered)
