What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-02 11:04:39 | Android Keyboard Apps with 2 Million downloads can remotely hack your device (lien direct) | >Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn of three Android keyboard apps with cumulatively two million installs that are affected by multiple flaws (CVE-2022-45477, CVE-2022-45478, CVE-2022-45479, CVE-2022-45480, CVE-2022-45481, CVE-2022-45482, CVE-2022-45483) that can be […] | Hack | ★★★ | |
|
2022-11-03 21:29:12 | LockBit ransomware gang claims the hack of Continental automotive group (lien direct) | >The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. The group added the name of the company to its Tor leak site and is threatening to publish alleged stolen data if the […] | Ransomware Hack | ||
|
2022-09-30 15:44:10 | US DoD announced the results of the Hack US bug bounty challenge (lien direct) | >The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which is considered part of DoD's vulnerability disclosure program (VDP). The challenge was launched Chief […] | Hack Vulnerability | ||
|
2022-09-18 11:58:11 | Uber says there is no evidence that users\' private information was compromised (lien direct) | Uber hack update: There is no evidence that users’ private information was compromised in the data breach. Uber provided an update regarding the recent security breach of its internal computer systems, the company confirmed that there is no evidence that intruders had access to users’ private information. “We have no evidence that the incident involved […] | Hack | Uber Uber | |
|
2022-09-17 18:11:10 | LastPass revealed that intruders had internal access for four days during the August hack (lien direct) | >The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the August hack. Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days […] | Hack Threat | LastPass | |
|
2022-09-05 08:39:46 | EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web (lien direct) | >Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark […] | Hack Guideline | ||
|
2022-09-02 07:25:46 | Attack infrastructure used in Cisco hack linked to Evil Corp affiliate (lien direct) | >Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm. Researchers from cybersecurity firm eSentire discovered that the attack infrastructure used in recent Cisco hack was also used to attack a top Workforce Management corporation in in April 2022. The experts also speculate that the […] | Hack | ||
|
2022-08-29 15:25:45 | Twilio breach let attackers access Authy two-factor accounts of 93 users (lien direct) | >Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Early August, the communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through […] | Hack Threat | ||
|
2022-08-27 16:14:51 | Twilio hackers also breached the food delivery firm DoorDash (lien direct) | >Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee info. On-demand food delivery service DoorDash disclosed a data breach, the threat actors behind the Twilio hack gained access to the company’s data. DoorDash declared that malicious hackers stole credentials from employees of a third-party vendor, then […] | Hack Threat | ||
|
2022-08-23 00:02:06 | Lockbit leak sites hit by mysterious DDoS attack after Entrust hack (lien direct) | >LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The Lockbit ransomware […] | Ransomware Hack | ||
|
2022-08-12 08:00:43 | Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite (lien direct) | >Threat actors are exploiting an authentication bypass Zimbra flaw, tracked as CVE-2022-27925, to hack Zimbra Collaboration Suite email servers worldwide. An authentication bypass affecting Zimbra Collaboration Suite, tracked as CVE-2022-27925, is actively exploited to hack ZCS email servers worldwide. Zimbra is an email and collaboration platform used by more than 200,000 businesses from over 140 countries. Yesterday, August 11, CISA has […] | Hack | ||
|
2022-07-20 14:53:48 | Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers (lien direct) | >Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles. An attacker […] | Hack | ||
|
2022-06-30 17:58:47 | Experts blame North Korea-linked Lazarus APT for the Harmony hack (lien direct) | >North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. Harmony's […] | Hack Threat | APT 38 | |
|
2022-06-29 14:48:08 | Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers (lien direct) | >Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra […] | Hack Vulnerability | ||
|
2022-06-20 21:46:13 | Russian APT28 hacker accused of the NATO think tank hack in Germany (lien direct) | >The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NATO […] | Hack | APT 28 | |
|
2022-06-11 13:34:12 | PACMAN, a new attack technique against Apple M1 CPUs (lien direct) | >PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory. […] | Hack | ||
|
2022-05-25 11:12:40 | (Déjà vu) Chaining Zoom bugs is possible to hack users in a chat by sending them a message (lien direct) | >Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022-22784 through CVE-2022-22787, […] | Hack | ||
|
2022-04-21 20:17:50 | Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack (lien direct) | A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets. The ALAC […] | Hack | ||
|
2022-04-16 17:00:40 | The unceasing action of Anonymous against Russia (lien direct) | This week the Anonymous collective and its affiliates have targeted multiple Russian organizations stealing gigabytes of data. This week Anonymous and other hacker groups affiliated with the collective have launched multiple attacks against Russian government agencies and organizations. The week started with the announcement of the hack of Russia's Ministry of Culture, Anonymous leaked 446 […] | Hack | ||
|
2022-04-15 19:49:36 | Conti Ransomware Gang claims responsibility for the Nordex hack (lien direct) | The Conti ransomware gang has claimed responsibility for the recent attack against Nordex, one of the largest manufacturers of wind turbines. The Conti ransomware gang claimed responsibility for the cyberattack that hit the manufacturer of wind turbines Nordex on March 31, 2022. Nordex Group shut down “IT systems across multiple locations and business units” as […] | Ransomware Hack | ||
|
2022-04-13 12:15:55 | (Déjà vu) JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals (lien direct) | Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon's TUG autonomous mobile robots. Researchers at healthcare IoT security firm Cynerio discovered a collection of five vulnerabilities impacting TUG autonomous mobile robots, collectively named JekyllBot:5, that could be exploited by remote attackers to hack the devices. According to a US CISA advisory, the […] | Hack | ||
|
2022-04-01 14:42:28 | Anonymous targets oligarchs\' Russian businesses: Marathon Group hacked (lien direct) | Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group. Anonymous continues to target Russian firms owned by oligarchs, yesterday the collective announced the hack of the Thozis Corp, while today the group claimed the hack of Marathon Group. The Marathon Group is a Russian investment firm […] | Hack | ||
|
2022-03-31 20:05:46 | Apple issues emergency patches to fix actively exploited zero-days (lien direct) | Apple released emergency patches to address two zero-day vulnerabilities actively exploited to compromise iPhones, iPads, and Macs. Apple has released emergency security patches to address two zero-day vulnerabilities actively exploited to hack iPhones, iPads, and Macs. The first zero-day, tracked as CVE-2022-22674, is an out-of-bounds read issue that resides in the Intel Graphics Driver that could […] | Hack | ||
|
2022-03-30 14:18:14 | Lapsus$ extortion gang claims to have hacked IT Giant Globant (lien direct) | The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked tens of gigabytes of stolen data. The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked roughly 70 Gb of stolen data. The gang claims that the company has implemented poor security practices that allowed them to hack their […] | Hack | ||
|
2022-03-29 22:03:16 | $625M stolen from Axie Infinity \'s Ronin bridge, the largest ever crypto hack (lien direct) | Threat actors have stolen approximately $625 million worth of Ethereum and USDC tokens from Axie Infinity ‘s Ronin network bridge. Threat actors have stolen almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but the cyber heist was […] | Hack Threat | ||
|
2022-03-28 21:48:16 | Anonymous is working on a huge data dump that will blow Russia away (lien direct) | The Anonymous collective hacked the Russian construction company Rostproekt and announced that a leak that will Blow Russia Away. Anonymous continues its offensive against Russia, the collective announced the hack of the Russian construction company Rostproekt and announced a leak that will blow Russia away. Link to the stolen data from the company have been […] | Hack | ||
|
2022-03-24 22:09:04 | Experts explained how to hack a building controller widely adopted in Russia (lien direct) | A researcher discovered critical flaws that can be exploited by remote attackers to hack a building controller popular in Russia. A researcher has identified critical vulnerabilities that can allegedly be exploited to remotely hack a building controller predominantly used by organizations in Russia. Researcher Jose Bertin discovered critical flaws affecting a controller made by Russian […] | Hack | ||
|
2022-03-24 06:34:03 | Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying (lien direct) | The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted. This week Lapsus$ extortion group claimed to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots […] | Data Breach Hack | ||
|
2022-03-22 14:31:17 | Lapsus$ extortion gang claims to have stolen sensitive data from Okta (lien direct) | The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […] | Hack Threat | ||
|
2022-03-17 16:50:47 | Anonymous continues to support Ukraine against the Russia (lien direct) | The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days. Yesterday Anonymous announced the hack of the website of […] | Hack | ||
|
2022-03-10 05:37:58 | TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices (lien direct) | Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them. Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. The flaws can allow remote attackers to manipulate the power of millions of enterprise devices carrying out extreme […] | Hack | ||
|
2022-02-08 22:30:26 | US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack (lien direct) | The law enforcement seized $3.6 billion worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. Law enforcement Ilya Lichtenstein (34) and his wife, Heather Morgan (31), were arrested for alleged conspiracy to launder $4.5 Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. Law enforcement also seized over $3.6 billion in cryptocurrency […] | Hack | ||
|
2022-02-03 10:46:23 | Wormhole cryptocurrency platform hacked, crooks stole $326 million, the second-biggest hack of a DeFi platform (lien direct) | Threat actors have stolen $325 million in cryptocurrency leveraging a bug in the Wormhole communication bridge. Wormhole, one of the most popular bridges that links the Ethereum and Solana blockchains, lost about $325 million in an attack that took place on Wednesday. This is the second-biggest hack of a DeFi platform ever, just after the $600 […] | Hack | ||
|
2022-01-31 15:33:06 | Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform (lien direct) | Threat actors stole $80M worth of cryptocurrency from the Qubit DeFi platform by exploiting a flaw in the smart contract code used in an Ethereum bridge. The DeFi platform Qubit Finance was victim of a cyber heist, threat actors stole around $80 million in cryptocurrency last week. The hack took place at around 5PM ET […] | Hack Threat | ||
|
2022-01-31 12:19:57 | Expert earned $100,500 bounty to hack Apple MacBook webcam and microphone (lien direct) | Apple paid +$100K bounty for a macOS series of flaws that can allow threat actors to take over the microphone and camera. Apple last year addressed multiple macOS vulnerabilities discovered by the security researcher Ryan Pickren in the Safari browser that could allow threat actors to access users’ online accounts, microphone, and webcam. Pickren received […] | Hack Threat | ||
|
2022-01-26 22:25:35 | Apple fixed the first two zero-day vulnerabilities of 2022 (lien direct) | Apple released security updates to fix two zero-day flaws, one of them actively exploited to hack iPhones and Macs. Apple has released security updates to address a couple of zero-day vulnerabilities, one of them being actively exploited in the wild by threat actors to compromise iPhone and Mac devices. One of the zero-day flaws addressed […] | Hack Threat | ||
|
2022-01-22 16:29:21 | Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack (lien direct) | Two critical security vulnerabilities in Control Web Panel potentially expose Linux servers to remote code execution attacks Researchers from Octagon Networks disclosed details of two critical security flaws in Control Web Panel that potentially expose Linux servers to remote code execution attacks. Control Web Panel is a popular open-source Linux control panel for servers and VPS that allows easy […] | Hack | ||
|
2022-01-20 15:05:32 | Crypto.com hack impacted 483 accounts and resulted in a $34 million theft (lien direct) | Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Crypto.com is a cryptocurrency exchange app based in Singapore, the app currently has 10 million users and 3,000 employees. Recently, several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts […] | Hack Guideline | ||
|
2022-01-11 14:52:46 | Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers (lien direct) | Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. The ransomware gang started its operations on December 27, 2021, and […] | Ransomware Hack Vulnerability | ||
|
2022-01-07 15:47:57 | Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns (lien direct) | A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web shells. The security team at the UK National Health Service (NHS) announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An unknown threat group has […] | Hack Vulnerability Threat | ||
|
2022-01-04 21:05:11 | UScellular discloses the second data breach in a year (lien direct) | UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over […] | Data Breach Hack | ||
|
2021-11-04 14:58:51 | (Déjà vu) Hacker allegedly involved in 2020 Twitter hack charged with theft of $784K in crypto (lien direct) | The US DoJ charged the suspected Twitter hacker ‘PlugWalkJoe’ with the theft of $784,000 worth of cryptocurrency using SIM swap attacks. The US Department of Justice has indicted Joseph James O’Connor, a suspected Twitter hacker also known as ‘PlugWalkJoe,’ for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. Crooks conduct SIM swapping attacks to take […] | Hack | ||
|
2021-11-01 13:52:42 | How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash (lien direct) | Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. “According to Vladimir Kononovich, some manufacturers rely on security through […] | Hack | ||
|
2021-10-21 20:10:31 | A flaw in WinRAR could lead to remote code execution (lien direct) | A vulnerability in the WinRAR is a trialware file archiver utility for Windows could be exploited by a remote attacker to hack a system. Positive Technologies researcher Igor Sak-Sakovskiy discovered a remote code execution vulnerability, tracked as CVE-2021-35052, in the popular WinRAR trialware file archiver utility for Windows. The vulnerability affects the trial version of […] | Hack Vulnerability | ||
|
2021-10-18 07:27:01 | REvil ransomware operation shuts down once again (lien direct) | It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor hidden service. The REvil ransomware gang has shut down its operation once again after a threat actor has hijacked their Tor leak site and payment portal. The news of the hack was shared by the […] | Ransomware Hack Threat | ||
|
2021-09-15 18:17:09 | OMIGOD vulnerabilities expose thousands of Azure users to hack (lien direct) | OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to attacks. Recently released September 2021 Patch Tuesday security updates have addressed four severe vulnerabilities, collectively tracked as OMIGOD, in the Open Management Infrastructure (OMI) software agent that exposes Azure users to attack. Below is the list of the […] | Hack | ||
|
2021-08-27 23:00:41 | An RCE in Annke video surveillance product allows hacking the device (lien direct) | Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. The vulnerability, tracked as […] | Hack Vulnerability | ||
|
2021-08-17 16:55:17 | Kalay cloud platform flaw exposes millions of IoT devices to hack (lien direct) | FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. Researchers at FireEye's Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors. The flaw […] | Hack Vulnerability | ||
|
2021-08-12 06:31:10 | Threat actors behind the Poly Network hack are returning stolen funds (lien direct) | The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds. The threat actor behind the hack of the Poly Network cross-chain protocol is now returning the stolen funds. The hackers have stolen $611 million worth of cryptocurrency assets, $273 million worth of Ethereum tokens, $253 million […] | Hack Threat | ||
|
2021-08-11 19:23:35 | Accenture has been hit by a LockBit 2.0 ransomware attack (lien direct) | Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT and consulting giant Accenture was hit by a ransomware attack carried out by LockBit 2.0 ransomware operators, the group announced the hack on its leak site, “These people are beyond privacy and security. I really hope […] | Ransomware Hack |
To see everything:
Our RSS (filtrered)
