What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-08 17:58:14 | Unauthenticated Command Injection bug opens D-Link VPN routers to hack (lien direct) | An unauthenticated command injection vulnerability could be exploited by threat actors to compromise D-Link VPN routers. Security researchers at Digital Defense discovered three vulnerabilities in D-Link VPN routers, including command injection flaws, and an authenticated crontab injection flaw. The experts initially discovered the flaws in DSR-250 router family running firmware version 3.17, further investigation allowed […] | Hack Vulnerability Threat | ||
|
2020-12-06 13:16:18 | Security Affairs newsletter Round 292 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A critical flaw in industrial automation systems opens to remote hack Crooks stole 800,000€ from ATMs in Italy with Black Box attack Operators behind Dark Caracal are still alive and […] | Hack | ||
|
2020-12-04 12:39:59 | Hundreds of millions of Android users exposed to hack due to CVE-2020-8913 (lien direct) | Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913 The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library. The vulnerability is rated 8.8 out […] | Hack Vulnerability | ||
|
2020-12-02 14:15:09 | Google discloses a zero-click Wi-Fi exploit to hack iPhone devices (lien direct) | Google Project Zero expert Ian Beer on Tuesday disclosed a critical “wormable” iOS flaw that could have allowed to hack iPhone devices. Google Project Zero white-hat hacker Ian Beer has disclosed technical details of a critical “wormable” iOS bug that could have allowed a remote attacker to take over any device in the vicinity over […] | Hack | ||
|
2020-11-29 15:41:12 | A critical flaw in industrial automation systems opens to remote hack (lien direct) | Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November […] | Hack Vulnerability | ||
|
2020-11-24 23:17:16 | (Déjà vu) 2FA bypass in cPanel potentially exposes tens of millions of websites to hack (lien direct) | 2FA bypass discovered in web hosting software cPanel More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major security issue in cPanel, a popular […] | Hack | ||
|
2020-11-14 21:02:30 | Feds investigate Zoom-bombings attack against Gonzaga University Black Student Union (lien direct) | FBI and Spokane police are investigating an incident in which the Gonzaga University Black Student Union was hacked during a Zoom meeting. The FBI and Spokane police are investigating the hack of Gonzaga University Black Student Union. The hackers broke into a Zoom meeting and bombarded participants with racial and homophobic slurs. The attackers have […] | Hack | ||
|
2020-11-11 14:24:04 | Ragnar Locker ransomware gang advertises Campari hack on Facebook (lien direct) | Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attackers threaten to release the stolen […] | Ransomware Hack Threat | ||
|
2020-11-10 18:50:46 | Flaws in WordPress Ultimate Member plugin expose 25K sites to hack (lien direct) | Multiple critical vulnerabilities affecting the Ultimate Member plugin could be easily exploited to potentially takeover up to 25K websites. Multiple critical vulnerabilities in the Ultimate Member plugin could be easily exploited to take over websites, the issue potentially impact up to 100K installs. The Ultimate Member WordPress plugin allows admins to easily manage membership to […] | Hack | ||
|
2020-11-09 08:26:07 | Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others (lien direct) | Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. The Tianfu Cup is the most important hacking contest held in China, the […] | Hack | ||
|
2020-10-27 12:03:10 | Hacker was identified after the theft of $24 million from Harvest Finance (lien direct) | A threat actor has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance. A hacker has stolen approximately $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance, a web portal that lets users finding the farming opportunities that will maximize their yield(APY) returns. The hack took place earlier today […] | Hack Threat | ||
|
2020-10-23 11:10:59 | FBI and CISA joint alert blames Russia\'s Energetic Bear APT for US government networks hack (lien direct) | The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. The Energetic Bear […] | Hack | ||
|
2020-10-22 19:21:47 | EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack (lien direct) | The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The Council of the European Union announced sanctions imposed on Russian military intelligence officers, belonging to the 85th Main Centre for Special Services (GTsSS), for their role in the 2015 attack on the German Federal Parliament (Deutscher […] | Hack | ||
|
2020-10-16 17:16:59 | Britain\'s information commissioner fines British Airways for 2018 Hack (lien direct) | Britain's information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. The hackers potentially accessed the personal data of approximately 429,612 customers and staff. Exposed data included names, addresses, […] | Data Breach Hack | ||
|
2020-10-11 09:21:25 | Security Affairs newsletter Round 285 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. HP Device Manager flaws expose Windows systems to hack Visa shares details for two attacks on North American hospitality merchants Australian social news platform leaks 80,000 user records Experts warn […] | Hack | ||
|
2020-10-04 08:27:09 | HP Device Manager flaws expose Windows systems to hack (lien direct) | HP published details of three vulnerabilities in the HP Device Manager that could be exploited by attackers to take over Windows systems. HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. The IT giant revealed that an attacker could […] | Hack | ||
|
2020-10-01 11:57:36 | Flaws in leading industrial remote access systems allow disruption of operations (lien direct) | Experts found critical security flaws in two popular industrial remote access systems that could be exploited by threat actors for malicious purposes. Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper […] | Hack Threat Guideline | ||
|
2020-09-29 12:56:50 | FBI and CISA warn of disinformation campaigns about the hack of voter systems (lien direct) | The FBI and the US CISA issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election. The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint public service announcement to warn of the threat of disinformation campaigns targeting the upcoming 2020 […] | Hack Threat | ||
|
2020-09-25 14:39:55 | Fortinet VPN with default certificate exposes 200,000 businesses to hack (lien direct) | According to SAM Seamless Network, over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN […] | Hack | ||
|
2020-09-10 08:57:19 | (Déjà vu) Hackers stole $5.4 million from cryptocurrency exchange ETERBASE (lien direct) | Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million. The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it […] | Hack Threat | ||
|
2020-09-08 15:12:12 | Expert found multiple critical issues in MoFi routers (lien direct) | Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. The researchers Rich Mirch from CRITICALSTART discovered ten vulnerabilities MOFI4500 MoFi Network routers. The expert reported the issues to the vendor in May but some of the flaws have yet to be patched. Most of […] | Hack | ||
|
2020-08-22 08:15:04 | Thousands of WordPress WooCommerce stores potentially exposed to hack (lien direct) | Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […] | Hack | ||
|
2020-08-21 17:48:00 | Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators (lien direct) | Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen […] | Ransomware Hack Threat | ||
|
2020-08-20 16:04:43 | CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack (lien direct) | Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […] | Hack Vulnerability | ||
|
2020-08-16 13:26:41 | Security Affairs newsletter Round 277 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Homoglyph attacks used in phishing campaign and Magecart attacks Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated US OCC imposed an $80 Million fine to Capital One for 2019 […] | Hack | ||
|
2020-08-11 15:18:16 | Flaws in \'Find My Mobile\' exposed Samsung phones to hack (lien direct) | A researcher found multiple flaws in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. The security researcher Pedro Umbelino from Portugal-based cybersecurity services provider Char49 discovered multiple vulnerabilities in Samsung's Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy […] | Hack | ||
|
2020-08-09 15:40:50 | US OCC imposed an $80 Million fine to Capital One for 2019 hack (lien direct) | US Office of the Comptroller of the Currency (OCC) regulator has fined the credit card provider Capital One Financial Corp with $80 million over 2019 data breach. The US Office of the Comptroller of the Currency (OCC) has imposed an $80 million fine to the credit card provider Capital One Financial Corp over 2019 data breach. Capital One, one of […] | Hack | ||
|
2020-08-09 06:58:27 | Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated (lien direct) | Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. A team of Chinese experts from Sky-Go, the Qihoo 360 division focused on car hacking, discovered 19 vulnerabilities in a Mercedes-Benz E-Class, including some issues that can be exploited by attackers to remotely hack a […] | Hack | ||
|
2020-08-07 22:19:20 | Reddit massive hack: hackers defaced channels with pro-Trump messages (lien direct) | Reddit suffered a massive hack, threat actors compromised tens of Reddit channels and defaced them showing messages in support of Donald Trump’s campaign. Reddit suffered a massive hack, threat actors defaced tens of channel to display messages in support of Donald Trump’s reelection campaign. At the time of writing, the massive hack is still ongoing […] | Hack Threat | ||
|
2020-08-07 08:08:00 | Intel investigates security breach after the leak of 20GB of internal documents (lien direct) | Intel is investigating reports of an alleged hack that resulted in the theft and leak of 20GB of data coming from the chip giant. Intel is investigating reports that an alleged hacker has leaked 20GB of exfiltrated from its systems. The stolen data includes source code and developer documents and tools, some documents are labeled […] | Hack | ||
|
2020-08-01 12:21:27 | Four individuals charged for the recent Twitter hack (lien direct) | Four suspects were charged for their alleged involvement in the recent Twitter hack, announced the Department of Justice. US authorities announced the arrest of 17-year-old Graham Ivan Clark from Tampa, Florida, it is suspected to have orchestrated the recent Twitter hack. The arrest is the result of an operation coordinated by the FBI, the IRS, and […] | Hack | ||
|
2020-07-23 16:36:59 | PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack (lien direct) | Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […] | Hack Vulnerability | ||
|
2020-07-22 11:49:19 | Citrix Workspace flaw can allow remote hack of devices running vulnerable app (lien direct) | Citrix addressed a vulnerability in its Citrix Workspace app that can allow an attacker to remotely hack the computer running the vulnerable application Citrix has patched a high severity vulnerability, tracked as CVE-2020-8207, affecting its Workspace app that can be exploited by an attacker to remotely hack the computer running the flawed application. The flaw affects […] | Hack Vulnerability | ||
|
2020-07-19 13:02:02 | Twitter reveals that hackers also downloaded data from eight compromised accounts (lien direct) | The social media giant Twitter confirmed that hackers compromised 130 accounts in last week hack and downloaded data from eight of them. The social media platform Twitter suffered one of the biggest cyberattacks in its history, multiple high-profile accounts were hacked. Last week, the social media platform Twitter has suffered one of the biggest cyberattacks in its […] | Hack | ||
|
2020-07-14 14:20:44 | 3.4 Million user records from LiveAuctioneers hack available for sale (lien direct) | Auctions platform LiveAuctioneers admitted to have suffered a data breach that likely impacted approximately 3.4 million users. Auctions platform LiveAuctioneers disclosed a a data breach that might have impacted approximately 3.4 million users. LiveAuctioneers is one of the world’s largest art, antiques & collectibles online marketplace that was founded in 2002. The company confirmed the […] | Data Breach Hack | ||
|
2020-07-11 17:39:32 | Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty (lien direct) | The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. […] | Data Breach Hack | ★★★ | |
|
2020-07-02 15:12:27 | Critical Apache Guacamole flaws expose organizations at risk of hack (lien direct) | Security researchers discovered multiple critical reverse RDP vulnerabilities in the remote desktop application Apache Guacamole. Security experts from Check Point Research have discovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole, which is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH and allows system administrators to remotely access and manage Windows and Linux machines. The […] | Hack | ||
|
2020-06-26 06:40:49 | New Lucifer DDoS botnet targets Windows systems with multiple exploits (lien direct) | A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. A new botnet tracked as Lucifer appeared in the threat landscape, it leverages a dozen exploits for high and critical severity flaws affecting Windows systems. Upon infecting a system the bot turns it […] | Hack Threat | ||
|
2020-06-07 11:40:05 | Security Affairs newsletter Round 267 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Anonymous demands justice for George Floyd and threatens attacks ENISA published Proactive detection – Measures and information sources report Over 100K+ WordPress sites using PageLayer plugin exposed to hack Expert […] | Hack | ★★★ | |
|
2020-06-03 23:10:57 | Two issues in Zoom could have allowed code execution (lien direct) | Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat. Zoom is one of the most popular video-conferencing software, every day it is used by millions of users, especially during the COVID outbreak. Cybersecurity researchers from Cisco Talos have disclosed two critical vulnerabilities […] | Hack | ||
|
2020-05-31 08:20:24 | (Déjà vu) Over 100K+ WordPress sites using PageLayer plugin exposed to hack (lien direct) | Two security flaws in the PageLayer WordPress plugin can be exploited to potentially wipe the contents or take over WordPress sites. Security experts from WordFence discovered two high severity security vulnerabilities in the PageLayer WordPress plugin that could potentially allow attackers to wipe the contents or take over WordPress sites using vulnerable plugin versions. PageLayer is a WordPress page […] | Hack | ||
|
2020-05-28 21:47:52 | Security breach impacted Cisco VIRL-PE infrastructure (lien direct) | Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. Cisco has disclosed a security incident that impacted part of its VIRL-PE infrastructure, threat actors exploited vulnerabilities in the SaltStack software package to breach six company servers. These issues affect the following Cisco products running a vulnerable […] | Hack Threat | ||
|
2020-05-24 12:39:10 | Security Affairs newsletter Round 265 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Elexon, a middleman in the UK power grid network hit by cyber-attack Experts reported the hack of several supercomputers across Europe A bug in Edison Mail iOS app impacted over […] | Hack | ||
|
2020-05-20 09:03:30 | Three flaws in Nitro Pro PDF reader expose businesses to hack (lien direct) | Two vulnerabilities in the Nitro Pro PDF editor could be exploited by threat actors to execute code remotely on vulnerable hosts. Security experts from Cisco Talos have discovered three vulnerabilities in the Nitro Pro PDF editor, two of which rated as critical (CVSS score of 8.8) could be exploited by attackers for remote code execution. Nitro […] | Hack Threat | ||
|
2020-05-17 14:34:29 | Experts reported the hack of several supercomputers across Europe (lien direct) | Organizations managing supercomputers across Europe reported their systems have been compromised to deploy cryptocurrency miners. Crooks have compromised supercomputers across Europe to deploy cryptocurrency miners, incidents have been already reported in the UK, Germany, and Switzerland. Rumors are circulating about a similar infection of a supercomputer located in Spain. The supercomputers have shut down to […] | Hack | ||
|
2020-05-04 11:15:24 | Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked (lien direct) | Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […] | Hack | ||
|
2020-04-29 11:55:39 | Google found zero-click vulnerabilities in Apple\'s multimedia processing components (lien direct) | Google Project Zero white-hat hackers have disclosed zero-click vulnerabilities affecting multiple Apple operating systems. White-hat hackers at Google Project Zero team have discovered several zero-click vulnerabilities impacting multiple Apple’s multimedia processing components is several Apple operating systems. Multimedia processing components could be a privileges entry point for threat actos that attempt to hack into the […] | Hack Threat | ||
|
2020-04-28 09:03:11 | 100k+ WordPress sites exposed to hack due to a bug in Real-Time Find and Replace plugin (lien direct) | A bug in the Real-Time Find and Replace WordPress plugin could allow hackers to hackers to create rogue admin accounts on over 100,000 sites. A vulnerability in the Real-Time Find and Replace WordPress plugin could be exploited by attackers to create rogue admin accounts. The Real-Time Find and Replace WordPress plugin is currently installed on over 100,000 sites, it […] | Hack Vulnerability | ||
|
2020-04-22 22:52:20 | Hacking Apple iPhones and iPads by sending emails to the victims (lien direct) | Two zero-day flaws in the default mailing app pre-installed on iPhones and iPads allow attackers to hack the devices just by sending emails. Experts at cybersecurity firm ZecOps have discovered two zero-day vulnerabilities in iPhone and iPad devices that have been exploited in a series of attacks that targeted iOS high-profile users since at least January 2018. […] | Hack | ||
|
2020-04-15 09:04:01 | (Déjà vu) Russia-linked Energetic Bear APT behind San Francisco airport attacks (lien direct) | Security researchers from ESET revealed that the infamous Russian hacker group known as Energetic Bear is behind the hack of two San Francisco International Airport (SFO) websites. Researchers from ESET believe that the attacks against two San Francisco International Airport (SFO) websites were carried out by the Russian cyber-espionage group known as Energetic Bear (aka […] | Hack |
To see everything:
Our RSS (filtrered)
