What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
SecurityAffairs.png 2019-03-25 21:08:03 Operation ShadowHammer – Supply-Chain attack hit ASUS users (lien direct)

Operation ShadowHammer – ASUS is the last victim of a clamorous supply chain attack that delivered a backdoor to more than one million users, Kaspersky Lab reported. Over 1 million ASUS users may have been impacted by a supply chain attack that leveraged the ASUS Live Update utility to inject a backdoor in ASUS systems. […]

The post Operation ShadowHammer – Supply-Chain attack hit ASUS users appeared first on Security Affairs.

SecurityAffairs.png 2019-03-25 15:01:00 Anubis II – malware and afterlife (lien direct)

Due to the growing demand for Android banking malware, threat actors continue using Anubis even is the creator has vanished. Introduction Besides being the Egyptian God associated with mummification and afterlife, Anubis is also an Android banking malware that has caused quite some trouble for over 300 financial institutions worldwide since 2017. Anubis II is […]

The post Anubis II – malware and afterlife appeared first on Security Affairs.

SecurityAffairs.png 2019-03-25 13:26:05 Free Tools: spotting APTs through Malware streams (lien direct)

Cyber security expert and founder of Yoroi has published a new tool that could be used to spot APTs (Advanced Persistent Threats) through Malware streams. There are many ways to spot Advanced Persistent Threats, for example during a forensic analysis on “high rate incident” or having sandbox systems on critical infrastructures or again working as […]

The post Free Tools: spotting APTs through Malware streams appeared first on Security Affairs.

SecurityAffairs.png 2019-03-25 12:11:05 Hackers raised fake tornado alarms in two Texas towns (lien direct)

Hackers took control of the emergency tornado alarms in Texas causing the panic, it has happened on March 12th, at around 2:30 a.m., On March 12th, at around 2:30 a.m. in two towns in Texas (the DeSoto and Lancaster areas) hackers took control of the emergency tornado alarms causing the panic among residents. The alarms […]

The post Hackers raised fake tornado alarms in two Texas towns appeared first on Security Affairs.

SecurityAffairs.png 2019-03-25 09:49:05 PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel (lien direct)

It is a battle with no holds barred between T-Series and PewDiePie, their fans are spreading the PewDiePie ransomware to force users to subscribe to PewDiePie Youtube channel. The story I’m going to tell you is another chapter of the battle between the most followed Youtuber T-Series and PewDiePie. T-Series is an Indian music company, […]

The post PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel appeared first on Security Affairs.

SecurityAffairs.png 2019-03-25 07:42:03 Telegram allows users to delete any sent/received message from both sides with no time limit (lien direct)

Telegram development team implemented a new feature that allows users to delete any received message from the sender’s device. Telegram announced a new feature to improve user privacy, the development team implemented a functionality that allows users to delete any received message from the sender’s device. Two years ago, Telegram introduced the “unsend” feature that […]

The post Telegram allows users to delete any sent/received message from both sides with no time limit appeared first on Security Affairs.

SecurityAffairs.png 2019-03-24 18:23:04 Microsoft Defender APT now protects also macOS (lien direct)

Microsoft has announced the availability of Defender ATP Endpoint Security for Apple macOS Microsoft has announced the availability of Microsoft 365 advanced endpoint security solution across platforms, with the support of Apple Mac it added to Microsoft Defender Advanced Threat Protection (ATP). Microsoft Windows Defender ATP was first introduced in 2016 as a defensive solution […]

The post Microsoft Defender APT now protects also macOS appeared first on Security Affairs.

SecurityAffairs.png 2019-03-24 14:30:03 Federal Emergency Management Agency\'s (FEMA) data leak exposes data of 2.3M survivors (lien direct)

The Federal Emergency Management Agency\'s (FEMA) has disclosed a data leak that exposed banking details and other personal information of 2.3 million survivors. In case of national disasters, the Federal Emergency Management Agency\'s (FEMA) offers a program called Transitional Sheltering Assistance (TSA) that provides shelter to survivors.  News of the day is that FEMA has […]

The post Federal Emergency Management Agency\'s (FEMA) data leak exposes data of 2.3M survivors appeared first on Security Affairs.

SecurityAffairs.png 2019-03-24 11:55:05 Security Affairs newsletter Round 206 – News of the week (lien direct)

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Experts uncovered a malspam campaign using Boeing 737 Max crashes gnosticplayers offers 26 Million new accounts for sale on the Dark Web Massive attacks bypass MFA on Office 365 […]

The post Security Affairs newsletter Round 206 – News of the week appeared first on Security Affairs.

SecurityAffairs.png 2019-03-24 11:01:03 WordPress Social Warfare plugin zero-day exploited in attacks (lien direct)

A Cross-Site Scripting (XSS) vulnerability in Social Warfare installations (v3.5.1 and v3.5.2) is actively exploited to add malicious redirects. The vulnerability in the WordPress plugin has been fixed with the release of the 3.5.3 version of the plugin. Vulnerable versions of the Social Warfare plugin are currently installed on more than 70,000 websites. The plugin […]

The post WordPress Social Warfare plugin zero-day exploited in attacks appeared first on Security Affairs.

SecurityAffairs.png 2019-03-24 09:56:01 Malware Static Analysis (lien direct)

Malware researcher and founder of Yoroi Marco Ramilli shared a simple tool for malware static analysis he used to perform massive Malware analysis research. The following interface stands in front of a live engine which takes binary files and runs them against a plethora of hundreds of YARA rules. Some of them are publicly available […]

The post Malware Static Analysis appeared first on Security Affairs.

SecurityAffairs.png 2019-03-23 12:28:03 Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser (lien direct)

Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle\'s web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. The security experts Amat Cama and Richard Zhu of team […]

The post Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 22:32:05 Russian APT groups target European governments ahead of May Elections (lien direct)

Russian APT groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. According to experts from FireEye, Russia-linked APT28 (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) and Sandworm Team (also TeleBots) cyberespionage groups are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections. The activity of the Russia-linked groups is […]

The post Russian APT groups target European governments ahead of May Elections appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 20:53:05 Medtronic\'s implantable heart defibrillators vulnerable to hack (lien direct)

The U.S. Department of Homeland Security Thursday issued a security advisory for multiple vulnerabilities affecting over a dozen heart defibrillators. Multiple vulnerabilities in the heart defibrillators could be exploited by attackers to remotely control the devices, potentially putting the lives of patients at risk. An implantable cardioverter-defibrillator (ICD) is a device implantable inside the human […]

The post Medtronic’s implantable heart defibrillators vulnerable to hack appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 14:58:02 Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series (lien direct)

Cisco released security updates to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco released security patches to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco IP Phone 8800 series are business desk phones […]

The post Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 09:46:05 Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks (lien direct)

On the second day of the Pwn2Own 2019 hacking competition, white hat hackers earned a total of $270,000 for exploits against the Mozilla Firefox and Microsoft Edge web browsers. Day 2 at Pwn2Own 2019 hacking competition – White hat hackers earned $270,000 for exploits against the Mozilla Firefox and Microsoft Edge browsers. The security duo […]

The post Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 08:34:05 FIN7 is back with a previously unseen SQLRat malware (lien direct)

The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak) used new malware in a recent hacking campaign. The group that has been active since late 2015 targeted businesses worldwide to […]

The post FIN7 is back with a previously unseen SQLRat malware appeared first on Security Affairs.

SecurityAffairs.png 2019-03-21 21:54:03 Facebook passwords stored in plain text, hundreds of millions users affected (lien direct)

News problems for Facebook that admitted to have stored the passwords of hundreds of millions of users in plain text. Facebook revealed to have stored the passwords of hundreds of millions of users in plain text, including passwords of Facebook Lite, Facebook, and Instagram users. “As part of a routine security review in January, we […]

The post Facebook passwords stored in plain text, hundreds of millions users affected appeared first on Security Affairs.

SecurityAffairs.png 2019-03-21 14:51:03 South Korea – 1,600 guests at 30 motels secretly live streamed (lien direct)

Four people from South Korea are accused of secretly live streaming, and selling videos made with spy-cam installed in 42 motel rooms at 30 motels in 10 cities in South Korea. According to the media, 1600 motel guests between November 24 and March 2 were spied by the indicted individuals that now face up to […]

The post South Korea – 1,600 guests at 30 motels secretly live streamed appeared first on Security Affairs.

SecurityAffairs.png 2019-03-21 10:04:01 Pwn2Own 2019 Day 1 – participants hacked Apple, Oracle, VMware products (lien direct)

Pwn2Own 2019 hacking competition is started and participants hacked Apple Safari browser, Oracle VirtualBox and VMware Workstation on the first day. As you know I always cover results obtained by white hat hackers at hacking competitions, for this reason, today I’ll share with you the results of the first day of the Pwn2Own 2019. Pwn2Own […]

The post Pwn2Own 2019 Day 1 – participants hacked Apple, Oracle, VMware products appeared first on Security Affairs.

SecurityAffairs.png 2019-03-21 08:33:03 Experts found a critical vulnerability in the NSA Ghidra tool (lien direct)

A security expert has discovered a vulnerability in the NSA Ghidra platform that could be exploited to execute code remotely. A security expert who goes online with the handle of sghctoma has discovered a vulnerability in Ghidra platform recently released by the US NSA, the issue could be exploited to execute code remotely. GHIDRA is […]

The post Experts found a critical vulnerability in the NSA Ghidra tool appeared first on Security Affairs.

SecurityAffairs.png 2019-03-21 07:36:02 [SI-LAB] LockerGoga is the most active ransomware that focuses on targeting companies (lien direct)

LockerGoga is the most active ransomware, experts warns it focuses on targeting companies and bypass AV signature-based detection. LockerGoga ransomware is a crypto-malware that loads the malicious file on the system from an infected email attachment. This threat is very critical these days, and it is the most active ransomware that focuses on targeting companies. Altran and Norsk Hydro are two companies severely […]

The post [SI-LAB] LockerGoga is the most active ransomware that focuses on targeting companies appeared first on Security Affairs.

SecurityAffairs.png 2019-03-20 18:23:02 MyPillow and Amerisleep are the latest victims of Magecart gangs (lien direct)

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. The Magecart umbrella includes at least 11 different hacking crews that has been active at least since […]

The post MyPillow and Amerisleep are the latest victims of Magecart gangs appeared first on Security Affairs.

SecurityAffairs.png 2019-03-20 14:51:00 Putty users have to download a new release that fixes 8 flaws (lien direct)

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws The popular SSH client program PuTTY has released an important software update to address eight high-severity security vulnerabilities. PuTTY is one of the most popular open-source software that allows users to access computers over SSH, Telnet, and Rlogin network protocols. The popular SSH client program […]

The post Putty users have to download a new release that fixes 8 flaws appeared first on Security Affairs.

SecurityAffairs.png 2019-03-20 12:48:03 SimBad malware infected million Android users through Play Store (lien direct)

Security experts at Check Point uncovered a sophisticated malware campaign spreading the SimBad malicious code through the official Google Play Store. Researchers at Check Point have uncovered a sophisticated malware campaign spreading the SimBad agent through the official Google Play Store. According to experts, more than 150 million users were already impacted. SimBad disguises itself […]

The post SimBad malware infected million Android users through Play Store appeared first on Security Affairs.

SecurityAffairs.png 2019-03-20 09:09:05 Google white hat hacker found new bug class in Windows (lien direct)

James Forshaw, a white hat hacker at Google Project Zero, has discovered a new class of bugs that affect Windows and some of its drivers. Google Project Zero hacker James Forshaw discovered a new class of flaws that reside in some of the kernel mode drivers in Windows that could allow attackers to escalate privileges. […]

The post Google white hat hacker found new bug class in Windows appeared first on Security Affairs.

SecurityAffairs.png 2019-03-20 07:50:02 The Document that Microsoft Eluded AppLocker and AMSI (lien direct)

Experts analyzed an Office document containing a payload that is able to bypass Microsoft AppLocker and Anti-Malware Scan Interface (AMSI), Introduction Few days ago, during intel sources monitoring operation, the Cybaze-Yoroi ZLAB team encountered an interesting Office document containing some peculiarities required a deeper analysis: its payload includes techniques suitable to bypass modern Microsoft security mechanisms […]

The post The Document that Microsoft Eluded AppLocker and AMSI appeared first on Security Affairs.

SecurityAffairs.png 2019-03-19 18:34:02 Experts observed the growth of hi-tech crime landscape in Asia in 2018 (lien direct)

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. Group-IB, an international company that specializes in preventing cyberattacks, on Money2020 Asia presented the analysis of hi-tech crime landscape in Asia in 2018 and concluded that cybercriminals show an increased interest in Asia […]

The post Experts observed the growth of hi-tech crime landscape in Asia in 2018 appeared first on Security Affairs.

SecurityAffairs.png 2019-03-19 15:53:02 Aluminum producer Norsk Hydro hit by a massive cyber attack (lien direct)

The giant of aluminum producers, Norway’s Norsk Hydro, announced on Tuesday that it had been hit by a cyber-attack of unknown origin. One of the biggest Aluminum producer, the Norwegian Norsk Hydro, suffered an extensive cyber attack. “Hydro became victim of an extensive cyberattack in the early hours of Tuesday, impacting operations in several of […]

The post Aluminum producer Norsk Hydro hit by a massive cyber attack appeared first on Security Affairs.

SecurityAffairs.png 2019-03-19 14:57:04 New JNEC.a Ransomware delivered through WinRAR exploit (lien direct)

A new strain of ransomware tracked as JNEC.a is spreading through an exploit that triggers the recently discovered vulnerability in WinRAR. The ransomware was involved in the attacks observed by the Qihoo 360 Threat Intelligence Center in the wild, threat actors used an archive named “vk_4221345.rar” that delivers JNEC.a when its contents are extracted with […]

The post New JNEC.a Ransomware delivered through WinRAR exploit appeared first on Security Affairs.

SecurityAffairs.png 2019-03-19 09:30:00 EU adopts EU Law Enforcement Emergency Response Protocol for massive cyberattacks (lien direct)

Europol announced the EU Law Enforcement Emergency Response Protocol new protocol for law enforcement agencies in the European Union and abroad to handle major cross-border cyberattacks. Europol announced the adoption of a new protocol for law enforcement bodies in the EU and abroad to respond to major cyber cross-border cyberattacks. The protocol dubbed EU Law […]

The post EU adopts EU Law Enforcement Emergency Response Protocol for massive cyberattacks appeared first on Security Affairs.

SecurityAffairs.png 2019-03-19 06:54:03 A new development shows a potential shift to using Mirai to target enterprises (lien direct)

PaloAlto Networks researchers discovered a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Researchers at PaloAlto Networks spotted a new variant of the infamous Mirai botnet is targeting IoT devices belonging to businesses. Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive attacks […]

The post A new development shows a potential shift to using Mirai to target enterprises appeared first on Security Affairs.

SecurityAffairs.png 2019-03-16 13:46:02 Israeli Candidate for PM Benny Gantz hacked by Iranian cyberspies (lien direct)

Israeli media reported this week that the Shin Bet internal security service warned Benny Gantz that Iranian cyber spies hacked his cellphone exposing his personal data. Iranian hackers targeted the campaign of the former Israeli military chief Benny Gantz who is a leading challenger to Prime Minister Netanyahu in next elections. According to the Israeli […]

The post Israeli Candidate for PM Benny Gantz hacked by Iranian cyberspies appeared first on Security Affairs.

SecurityAffairs.png 2019-03-16 10:11:01 German legislative body wants to tighten penalties against black marketplace operators (lien direct)

Germany’s states have decided to criminalize black marketplace operators with the introduction of specific federal legislation. Germany’s states have voted to punish operators of dark web platforms with the introduction of federal legislation. The legislation aims at criminalizing every operator behind darkweb marketplaces where illegal activities take place. This Friday, therefore, the German Federal Council […]

The post German legislative body wants to tighten penalties against black marketplace operators appeared first on Security Affairs.

SecurityAffairs.png 2019-03-16 06:43:04 Secur Solutions Group data leak exposes 800,000 Singapore blood donors (lien direct)

Secur Solutions Group data leak – Another clamorous data leak made the headlines, personal information of 808,201 blood donors in Singapore was exposed online. The news was first reported by The Straits Times, the huge trove of data was contained in a database operated by the Secur Solutions Group Pte Ltd (SSG). People who registered […]

The post Secur Solutions Group data leak exposes 800,000 Singapore blood donors appeared first on Security Affairs.

SecurityAffairs.png 2019-03-15 15:06:00 It is the first time in the history that civic groups hold a protest against a national CERT (lien direct)

Demonstration in front of the National CERT of Philippines for failing to act on cyber attacks targeting regime critical media and civil society organizations On March 12, the World Day Against Cyber-Censorship, media and civilsociety organizations in Philippines held a demonstration in front ofNCERT (National Computer Emergency Response Team) to protest against the negligence of […]

The post It is the first time in the history that civic groups hold a protest against a national CERT appeared first on Security Affairs.

SecurityAffairs.png 2019-03-15 14:00:04 Recently fixed WinRAR bug actively exploited in the wild (lien direct)

Several threat actors are still exploiting a recently patched critical vulnerability in the popular compression software WinRAR. Several threat actors are actively exploiting a critical remote code execution vulnerability recently addressed in WinRAR. The exploitation of the flaw in the wild is worrisome because the WinRAR software doesn’t have an auto-update feature, leaving millions of […]

The post Recently fixed WinRAR bug actively exploited in the wild appeared first on Security Affairs.

SecurityAffairs.png 2019-03-15 08:48:01 Experts published details of the actively exploited CVE-2019-0808 Windows Flaw (lien direct)

Experts from Qihoo 360 disclosed technical details of the actively exploited Windows zero-day flaw CVE-2019-0808 recently patched by Microsoft. Researchers at the security firm Qihoo 360 disclosed technical details of the zero-day vulnerability CVE-2019-0808 that was recently patched by Microsoft. The vulnerability was reported to Microsoft by researchers from Google\'s Threat Analysis Group that observed […]

The post Experts published details of the actively exploited CVE-2019-0808 Windows Flaw appeared first on Security Affairs.

SecurityAffairs.png 2019-03-15 07:53:04 A few binary plating 0-days for Windows (lien direct)

While we were thinking about a way to escalate privileges during a pen-test, we discovered that most Windows installations were vulnerable to binary planting. A long time ago, while we were thinking about a way to escalate privileges during a pen-test, we discovered that most Windows installations were vulnerable to binary planting. We contacted Microsoft, but […]

The post A few binary plating 0-days for Windows appeared first on Security Affairs.

SecurityAffairs.png 2019-03-15 07:34:03 GlitchPOS PoS Malware appears in the cybercrime underground (lien direct)

A new piece of PoS malware appeared in the threat landscape, the malicious code dubbed GlitchPOS has been found on a crimeware forum. The GlitchPOS malware is able to steal credit card numbers (Track1 and Track2) from the memory of the infected system, it uses a regular expression to perform this task. The malicious code […]

The post GlitchPOS PoS Malware appears in the cybercrime underground appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 22:03:00 Payment data of thousands of customers of UK and US online stores could have been compromised (lien direct)

Group-IB, an international company that specializes in preventing cyberattacks, has uncovered a malicious code designed to steal customers\' payment data on seven online stores in the UK and the US. The injected code has been identified as a new JavaScript Sniffer (JS Sniffer), dubbed by Group-IB as GMO. Group-IB Threat Intelligence team first discovered the GMO JS Sniffer on the […]

The post Payment data of thousands of customers of UK and US online stores could have been compromised appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 19:27:03 Torrent Risks: How to get infected through torrent with a good reputation (lien direct)

Experts at Z-Lab Yoroi/Cybaze have conducted an interesting analysis on the risks for users downloading films, games, and software through Torrent. Digital media sharing is one of the most relevant phenomena since the advent of the internet. During the 80\'s and 90\'s, with the rapid growth the Internet, people around the world started sharing digital […]

The post Torrent Risks: How to get infected through torrent with a good reputation appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 14:38:00 Cisco addresses a critical static credential flaw in Common Services Platform Collector (lien direct)

Cisco released security updates to address a critical vulnerability in its Cisco Common Services Platform Collector (CSPC) software. Cisco released security updates to address a critical flaw, tracked as CVE-2019-1723, that consists in the presence of a default account with a static password. The account hasn’t admin privileges, but it could be exploited by an […]

The post Cisco addresses a critical static credential flaw in Common Services Platform Collector appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 11:31:01 CSRF flaw in WordPress potentially allowed the hack of websites (lien direct)

Security researcher Simon Scannell from RIPS Technologies, has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. The flaw is a cross-site request forgery (CSRF) that resides in the comment section of WordPress that is enabled by default, the issue affects all WordPress versions prior to version 5.1.1. […]

The post CSRF flaw in WordPress potentially allowed the hack of websites appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 09:57:02 39% of all existing Counter-Strike 1.6 game servers online are malicious (lien direct)

Experts at security firm Dr. Web revealed that 39% of all existing Counter-Strike 1.6 game servers online are malicious, an attacker is exploiting zero-day flaws in game clients. Bad news for gamers of the popular game Counter-Strike, according to the experts at the security firm Dr. Web, 39% of all existing Counter-Strike 1.6 game servers […]

The post 39% of all existing Counter-Strike 1.6 game servers online are malicious appeared first on Security Affairs.

SecurityAffairs.png 2019-03-14 08:15:01 DMSniff POS Malware has flown under the radar for at least four years (lien direct)

Malware researchers at Flashpoint revealed that at least since 2016, a PoS malware dubbed DMSniff has flown under the radar. Malware researchers at Flashpoint revealed that since 2016, a PoS malware dubbed DMSniff has been involved in breaches of small- and medium-sized businesses in the restaurant and entertainment industries. DMSniff leverages a domain generation algorithm […]

The post DMSniff POS Malware has flown under the radar for at least four years appeared first on Security Affairs.

SecurityAffairs.png 2019-03-13 20:54:04 CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups (lien direct)

One of the zero-day flaws (CVE-2019-0797) patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including FruityArmor and SandCat APT groups. This week, Microsoft released Patch Tuesday security updates for March 2019 that address 64 flaws, including two Windows zero-day vulnerabilities exploited in targeted attacks. One of the flaws, […]

The post CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups appeared first on Security Affairs.

SecurityAffairs.png 2019-03-13 15:16:05 Modular Cryptojacking malware uses worm abilities to spread (lien direct)

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities by leveraging known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer. The Monero cryptocurrency miner […]

The post Modular Cryptojacking malware uses worm abilities to spread appeared first on Security Affairs.

SecurityAffairs.png 2019-03-13 07:21:01 Russia attempts to prevent Russian citizens from using ProtonMail (lien direct)

ProtonMail back after the Russian government has been attempting to prevent Russian citizens from sending messages to ProtonMail. ProtonMail is now running normally in Russia, the popular encrypted email service was blocked after students at a sports competition were using it to spread anti-regime propaganda. The Russian news aggregator service Habr reported that Russian telcos […]

The post Russia attempts to prevent Russian citizens from using ProtonMail appeared first on Security Affairs.

SecurityAffairs.png 2019-03-13 06:20:02 Microsoft Patch Tuesday updates for March 2019 patches two Windows flaws exploited in targeted attacks (lien direct)

Microsoft Patch Tuesday updates for March 2019 address 64 flaws, including two Windows zero-day vulnerabilities exploited in targeted attacks. Microsoft Patch Tuesday updates for March 2019 address 64 vulnerabilities, including two Windows zero-day flaws that have been exploited in targeted attacks. Four of the vulnerabilities addressed by Microsoft were publicly disclosed before fixes were released, […]

The post Microsoft Patch Tuesday updates for March 2019 patches two Windows flaws exploited in targeted attacks appeared first on Security Affairs.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter