What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-28 14:57:02 | Crooks used rare Steganography technique to hack fully patched websites in Latin America (lien direct) | Experts at Trustwave observed threat actors using a rare technique to compromise fully patched websites. Security experts at Trustwave observed threat actors using a rare steganography technique, attackers are hiding PHP scripts in Exchangeable Image Format (EXIF) headers of JPEG images that are uploaded on the website. The Exchangeable image file format is a standard […] | Hack Threat | ||
|
2019-07-26 18:10:01 | A flaw in LibreOffice could allow the hack of your PC (lien direct) | LibreOffice users have to know that their unpatched computers could be hacked by simply opening a specially crafted document. Bad news for LibreOffice users, the popular free and open-source office suite is affected by an unpatched remote code execution vulnerability Recently, LibreOffice released the latest version 6.2.5 that addresses two severe flaws tracked as CVE-2019-9848 and CVE-2019-9849. […] | Hack Vulnerability | ||
|
2019-07-23 19:07:03 | A new ProFTPD vulnerability exposes servers to hack (lien direct) | A flaw in the open-source ProFTPD file transfer protocol (FTP) server can be exploited to copy files to vulnerable servers and potentially execute arbitrary code. The security researcher Tobias Mädel discovered a vulnerability in the open-source ProFTPD file transfer protocol (FTP) server that can be exploited to copy files to vulnerable servers and potentially execute arbitrary […] | Hack Vulnerability | ||
|
2019-06-30 11:44:05 | Security Affairs newsletter Round 220 – News of the week (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Expert released PoC for Outlook for Android flaw addressed by Microsoft Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component NASA hacked! An […] | Hack | ||
|
2019-06-27 04:59:03 | Flaws in EA Games Login exposed accounts of 300 Million Gamers to hack (lien direct) | Experts discovered security flaws in EA Games’ login process that could allow an attacker to take over EA gamers’ accounts and steal sensitive data. Experts at Check Point Research and Cyberint discovered multiple security flaws in EA Games’ login process that could allow an attacker to take over EA gamers’ accounts and steal sensitive data. […] | Hack | ||
|
2019-06-23 14:25:02 | Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component (lien direct) | Hundreds of million computers from many vendors may have been exposed to hack due to a serious flaw in PC-Doctor software. Experts at SafeBreach discovered that the Dell SupportAssist software, that comes preinstalled on most Dell PCs, was affected by a DLL hijacking vulnerability tracked as CVE-2019-12280. The flaw could have been exploited by an […] | Hack Vulnerability | ||
|
2019-06-22 09:03:02 | Flaws allow hacking a system playing untrusted videos on VLC Player (lien direct) | Two vulnerabilities in VLC media player could allow remote attackers to take full control over a computer system while playing untrusted videos. An attacker could remotely take full control over a computer system while playing untrusted videos with any version of VLC media player software prior to 3.0.7. The hack is possible due to two […] | Hack | ||
|
2019-06-12 12:51:01 | Radiohead releases a trove of stolen music in response to the hack (lien direct) | The English rock Radiohead released 18-hour trove of private recordings from their 1997 album “OK Computer” in response to the recent hack. The alternative rock band Radiohead released an 18-hour trove of private recordings from their 1997 album “OK Computer” after being hacked by crooks that demanded a ransom of $150,000 for the music. Radiohead uploaded 1.8-gigabyte […] | Hack | ||
|
2019-06-11 14:18:02 | Customs and Border Protection (CBP) confirms hack of a subcontractor (lien direct) | Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen by hackers. Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen as a result of a cyber attack. […] | Hack | ||
|
2019-06-10 20:28:02 | CVE-2019-12735 – opening a specially crafted file in Vim or Neovim Editor could compromise your Linux system (lien direct) | Bad news for Linux users, a flaw tracked as CVE-2019-12735 allows to hack their systems by tricking them into opening a specially crafted file in Vim or Neovim Editor. Security expert Armin Razmjou has recently found a high-severity vulnerability (CVE-2019-12735) in Vim and Neovim command-line text editing applications. The vulnerability, tracked as CVE-2019-12735, is classified as an arbitrary OS command […] | Hack Vulnerability | ||
|
2019-06-05 10:30:00 | The Australian National University suffered a major, sophisticated attack (lien direct) | The Australian National University suffered a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The Australian National University was the victim of a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The top Australian university is known […] | Hack | ||
|
2019-06-04 06:13:00 | Australian teenager hacked into Apple twice for a job (lien direct) | What can Apple ‘s fan do to work with his favorite company? A teen opted out to hack it twice. A 17-year-old teenager Australian teenager decided to attract the attention of the tech giant by gaining access to its mainframe with false credentials. The teen was dreaming of a job in Apple and was convicted […] | Hack | ||
|
2019-06-03 12:51:02 | Gaining Root Access to Host through rkt Container hack (lien direct) | Unpatched vulnerabilities affect the rkt container runtime that could be exploited by an attacker to escape the container and gain root access to the host. The security researchers Yuval Avrahami discovered some vulnerabilities in the rkt containter that could be exploited by an attacker to compromise the underlying host when a user executes the 'rkt […] | Hack | ||
|
2019-06-03 09:36:03 | Expert shows how to Hack a Supra Smart Cloud TV (lien direct) | Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […] | Hack | ||
|
2019-06-01 12:29:05 | Cryptojacking campaign uses Shodan to scan for Docker hosts to hack (lien direct) | A new cryptojacking campaign was spotted by experts at Trend Micro, crooks are using Shodan to scan for Docker hosts with exposed APIs. Threat actors are using the popular Shodan search engine to find Docker hosts and abuse them in a crypojacking campaign. Attackers leverage self-propagating Docker images infected with Monero miners and scripts that […] | Hack Threat | ||
|
2019-05-11 14:30:01 | Over 100 flaws in management and access control systems expose buildings to hack (lien direct) | Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities that expose buildings to cyber attacks. Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities in management and access control systems from four major vendors. An attacker can exploit the vulnerabilities to gain full control of the vulnerable products and access to […] | Hack | ||
|
2019-05-10 08:24:05 | Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies (lien direct) | A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. The group is offering the accesses to the […] | Hack | ||
|
2019-05-10 06:48:03 | DoJ indicted a member of China-based hacking group behind Anthem hack (lien direct) | US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. The US Department of Justice indicted Fujie Wang (32), a member of sophisticated Chinese hacking group that breached at several US companies, including the health insurer Anthem […] | Hack | ||
|
2019-05-08 09:13:00 | Hackers Steal $41 Million worth of Bitcoin from Binance Exchange (lien direct) | Hackers steal $41 Million worth of Bitcoin from Binance, one of the world's largest cryptocurrency exchange The hack of another cryptocurrency exchange made the headlines, hackers steal $41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. Binance is one of the world's largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the […] | Hack | ||
|
2019-04-29 12:53:01 | Report: Unknown Data Breach Exposes 80 Million US Households (lien direct) | vpnMentor's research team discovered a hack affecting 80 million US households, and the incident is still actively leaking data. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 65% of US households. Hosted by a Microsoft cloud server, the 24 GB database includes the number of people living in each household […] | Data Breach Hack | ||
|
2019-04-19 08:30:02 | Broadcom WiFi Driver bugs expose devices to hack (lien direct) | Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute arbitrary code and to trigger DoS. According to a DHS/CISA alert and a CERT/CC vulnerability note, Broadcom WiFi chipset drivers are affected by security vulnerabilities impacting multiple operating systems. The flaws could be exploited to remotely execute arbitrary […] | Hack Vulnerability | ||
|
2019-04-17 20:12:00 | RCE flaw in Electronic Arts Origin client exposes gamers to hack (lien direct) | Electronic Arts (EA) has fixed a security issue in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. Electronic Arts (EA) has addressed a vulnerability in the Windows version of its gaming client Origin that allowed hackers to remotely execute code on an affected computer. […] | Hack Vulnerability | ★★ | |
|
2019-04-11 06:19:03 | WPA3 attacks allow hackers to hack Wi-Fi password (lien direct) | Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.Security researchers discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks. One of the main advantages of WPA3 is that it’s near impossible to crack […] | Hack | ||
|
2019-04-05 10:59:04 | Flaws in Pre-Installed security App on Xiaomi Phones open to hack them (lien direct) | If you use a Xiaomi smartphone you should be aware that a pre-installed security software could be abused for malicious activities. Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers. Security experts at CheckPoint have discovered that a security app, called Guard Provider, that […] | Hack | ||
|
2019-03-22 20:53:05 | Medtronic\'s implantable heart defibrillators vulnerable to hack (lien direct) | The U.S. Department of Homeland Security Thursday issued a security advisory for multiple vulnerabilities affecting over a dozen heart defibrillators. Multiple vulnerabilities in the heart defibrillators could be exploited by attackers to remotely control the devices, potentially putting the lives of patients at risk. An implantable cardioverter-defibrillator (ICD) is a device implantable inside the human […] | Hack | ||
|
2019-03-14 11:31:01 | CSRF flaw in WordPress potentially allowed the hack of websites (lien direct) | Security researcher Simon Scannell from RIPS Technologies, has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. The flaw is a cross-site request forgery (CSRF) that resides in the comment section of WordPress that is enabled by default, the issue affects all WordPress versions prior to version 5.1.1. […] | Hack Vulnerability Guideline | ||
|
2019-03-09 13:46:03 | Vulnerabilities in car alarm systems exposed 3 million cars to hack (lien direct) | Security experts at Pen Test Partners discovered several vulnerabilities in two smart car alarm systems put three million vehicles globally at risk of hack. The flaws could be exploited by attackers to disable the alarm, as well as track and unlock the vehicles using it, or to start and stop the engine even when the […] | Hack | ||
|
2019-02-27 14:57:00 | Thunderclap vulnerabilities allows to hack most of moder computers (lien direct) | Researchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacksResearchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacks Security experts from Rice University in the United […] | Hack | ||
|
2019-02-26 15:27:00 | The Arsenal Behind the Australian Parliament Hack (lien direct) | Cybaze-Yoroi ZLab investigated artefacts behind Australian Parliament attack to have an insight of Tools and Capabilities associated with the attackers. Introduction In the past days, a cyber attack targeted a high profile target on the APAC area: the Australian Parliament House. As reported by the Australian prime minister there was no evidence of any information theft […] | Hack | ||
|
2019-02-15 11:15:04 | Coffee Meets Bagel dating app confirms data breach (lien direct) | The week closes with the news of another embarrassing data breach, the Coffee Meets Bagel confirmed a hack on Valentine’s Day. The dating app Coffee Meets Bagel confirmed that hackers breached its systems on Valentine’s Day and may have obtained access to users’ account data. The company notified the incident to account holders, the intrusion […] | Data Breach Hack | ||
|
2019-02-07 06:28:05 | Android devices could be hacked by viewing a malicious PNG Image (lien direct) | Google patched a critical flaw in its Android OS that allows an attacker to send a specially crafted PNG image file to hack a target device, Opening an image file on your smartphone could allow attackers to hack into your Android device due to three critical vulnerabilities, CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988. The flaws affect millions […] | Hack | ||
|
2019-01-22 21:00:02 | Critical flaw in Linux APT package manager could allow remote hack (lien direct) | Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The independent security consultant Max Justicz has discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The flaw, tracked as CVE-2019-3462, affects package manager version 0.8.15 and later, […] | Hack Vulnerability | ||
|
2019-01-21 07:04:05 | Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack (lien direct) | Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch SOHO devices allow […] | Hack Vulnerability | ||
|
2019-01-15 15:27:00 | A flaw in vCard processing could allow hackers to compromise a Win PC (lien direct) | A security expert discovered a zero-day flaw in the processing of VCard files that could be exploited by a remote attacker to compromise a Windows PC The security expert John Page (@hyp3rlinx), discovered a zero-day vulnerability in the processing of VCard files that could be exploited by a remote attacker, under certain conditions, to hack Windows […] | Hack Vulnerability | ||
|
2019-01-08 06:14:03 | Tens of thousands of hot tubs are exposed to hack (lien direct) | Experts from security firm Pen Test Partners reported that tens of thousands of hot tubs are currently vulnerable to cyber attacks. Security experts at Pen Test Partners have discovered thousands of connected hot tubs vulnerable to remote cyber attacks. The hot tubs could be remotely controlled by an app, dubbed Balboa Water App, that lack […] | Hack | ||
|
2019-01-01 14:21:01 | Experts show that is easy to hack Hardware-based Cryptocurrency Wallets (lien direct) | A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov, Thomas Roth, ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. The group of researchers presented called “wattet.fail” firmware, […] | Hack | ||
|
2018-12-21 07:21:03 | (Déjà vu) Hack the Air Force 3 – White hat hackers earn $130,000 (lien direct) | Hack the Air Force 3.0 – The US DoD announced that more than 30 white hat hackers earned $130,000 for more than 120 vulnerabilities. The U.S. Defense Department, along with bug bounty platform HackerOne, presented the results of the third bug bounty program Hack the Air Force. The program started on October 19 and lasted […] | Hack | ||
|
2018-12-13 16:00:05 | French foreign ministry announced its Travel Alert Registry Hack (lien direct) | The French foreign ministry announced today that its travel alert registry website had been hacked and personal data of citizens “could be misused”. The French foreign ministry confirmed tha hackers breached into the Ariane system, its travel alert registry website, and personal data of citizens “could be misused”. The Ariane system provides security alerts to registered […] | Hack | ||
|
2018-12-06 21:54:01 | Evidence in Marriott\'s subsidiary Starwood hack points out to China intel (lien direct) | According to a report published by the Reuters, the massive Marriott data breach was carried out by Chinese state-sponsored hackers. According to the Reuters, people investigating the Marriot data breach believe that it is the result of a cyberattack carried out by Chinese hackers. Last week Marriott International announced that hackers compromised guest reservation database at its subsidiary […] | Data Breach Hack | ||
|
2018-11-28 09:56:02 | (Déjà vu) Initial patch for Webex Meetings flaw WebExec was incomplete. Cisco fixed it again (lien direct) | Cisco has released a new round of security patches to address potentially serious WebExec Webex flaw first addressed one month ago. One month ago, Cisco addressed the CVE-2018-15442 vulnerability, also tracked as WebExec by Counter Hack researchers Ron Bowes and Jeff McJunkin who discovered it. The flaw affects Cisco Webex Meetings Desktop and has been rated as a […] | Hack | ||
|
2018-11-22 20:24:02 | Chaining 3 zero-days allowed pen testers to hack Apple macOS computers (lien direct) | Dropbox team disclosed three critical zero-day vulnerabilities in Apple macOS, chaining them it is possible to take over a Mac computer. Dropbox team disclosed three critical zero-day vulnerabilities (CVE-2017-13890, CVE-2018-4176, CVE-2018-4175) affecting the Apple macOS operating system, an attacker could chain them to remotely execute arbitrary code on a targeted Mac computer. The attacker only needs to trick victims […] | Hack | ||
|
2018-11-21 20:22:00 | Facebook increases rewards for its bug bounty program and facilitate bug submission (lien direct) | Facebook updates its bug bounty program, it is increasing the overall rewards for security flaws that could be exploited to take over accounts. Facebook announced an important novelty for its bug bounty, the social media giant is going to pay out as much as $40,000 for vulnerabilities that can be exploited to hack into accounts without […] | Hack | ||
|
2018-11-20 15:00:01 | Two hackers involved in the TalkTalk hack sentenced to prison (lien direct) | Two men from Tamworth, Staffordshire were sentenced to prison for their roles in the 2015 TalkTalk hack. Two men, Connor Allsopp, 21, and Matthew Hanley, 23, pleaded guilty to charges of hacking. Allsopp has been sentenced to 8 months in jail and Hanley to 12 months. In October 2015, TalkTalk Telecom Group plc publicly disclosed that four […] | Hack Guideline | ||
|
2018-11-18 13:20:00 | 6,500+ sites deleted after Dark Web hosting provider Daniel\'s Hosting hack (lien direct) | On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider, and deleted 6,500+ sites. On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider. The news was confirmed by Daniel Winzen, the software developer behind the hosting service. Daniel’s Hosting became the largest Dark Web hosting provider earlier […] | Hack | ||
|
2018-11-12 21:37:05 | Hacking the hackers – IOT botnet author adds his own backdoor on top of a ZTE router backdoor (lien direct) | The author of an IoT botnet is distributing a backdoor script for ZTE routers that also includes his own backdoor to hack script kiddies A weaponized IoT exploit script is being used by script kiddies, making use of a vendor backdoor account to hack the ZTE routers. Ironically, this is not the only backdoor in […] | Hack | ||
|
2018-11-10 14:47:00 | (Déjà vu) Symantec shared details of North Korean Lazarus\'s FastCash Trojan used to hack banks (lien direct) | North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs. The ATP group has been using this malware […] | Malware Hack Medical | APT 38 | |
|
2018-11-05 19:29:04 | Google dorks were the root cause of a catastrophic compromise of CIA\'s communications (lien direct) | Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies The alleged hack of the communications network used by CIA agents allowed Iranian intelligence to identify and kill at least 30 spies. According to Yahoo! News the security breach has happened in 2009, the Iranian […] | Hack | Yahoo | |
|
2018-11-02 07:30:05 | FIFA was hacked again, this is the second hack in a year (lien direct) | According to the New York Times, FIFA has suffered the second hack in a year, new documents are set to be published on Friday by Football Leaks. The Fédération Internationale de Football Association, aka FIFA, is a governing body of association football, futsal, and beach soccer. FIFA reveals it was the victim of a new successful phishing campaign that resulted in the exposed […] | Hack | ||
|
2018-10-31 09:33:02 | Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms (lien direct) | According to the U.S. Department of Justice, the Chinese intelligence officers recruited hackers and insiders to hack aerospace and tech firms. US DoJ accuses the Chinese intelligence to have recruited hackers and insiders to steal confidential information from companies in aerospace and tech companies. US intelligence believes that the cyber espionage operation was under the control of Zha […] | Hack | ||
|
2018-10-28 08:55:00 | The Belgacom hack was the work of the UK GCHQ intelligence agency (lien direct) | Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. Here we are again to speak about this incident after […] | Hack |
To see everything:
Our RSS (filtrered)
