What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-06 21:23:05 | U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions (lien direct) | The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades. The move signals continued efforts on the part of the government to prevent North Korea's Lazarus Group from laundering the funds stolen from the unprecedented hack of Ronin Bridge in late March. The newly imposed sanctions, | Hack Medical | APT 38 APT 28 | ★★★ |
|
2022-04-28 02:57:15 | Twitter\'s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal (lien direct) | Elon Musk, CEO of SpaceX and Tesla and Twitter's new owner, on Thursday called on adding support for end-to-end encryption (E2EE) to the platform's direct messages (DM) feature. "Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages," Musk said in a tweet. The statement comes days after the microblogging service announced it officially entered into | Hack | ★★★★ | |
|
2022-04-16 01:31:45 | Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector (lien direct) | The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets Control's (OFAC) | Hack Threat Medical | APT 38 APT 28 | |
|
2022-04-04 03:41:30 | Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles (lien direct) | A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale. Dubbed "Brokenwire," the method interferes with the control communications that transpire between the vehicle and charger to wirelessly abort the | Hack | ||
|
2022-03-29 00:50:41 | New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack (lien direct) | An independent security researcher has shared what's a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022. In a set of screenshots posted on Twitter, Bill Demirkapi published a two-page "intrusion timeline" allegedly prepared by Mandiant, the cybersecurity firm hired by | Hack | ||
|
2022-03-02 06:47:24 | Hackers Try to Hack European Officials to Get Info on Ukrainian Refugees, Supplies (lien direct) | Details of a new nation-state sponsored phishing campaign has been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region. Enterprise security company Proofpoint, which detected the malicious emails for the first time on February 24, 2022, dubbed the social engineering attacks "Asylum | Hack | ||
|
2022-02-09 05:53:03 | U.S. Arrests Two and Seizes $3.6 Million in Cryptocurrency Stolen in 2016 Bitfinex Hack (lien direct) | The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of cryptocurrency | Hack | ||
|
2022-02-04 03:52:32 | Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware (lien direct) | A now-patched security vulnerability in Apple iOS that was previously found to be exploited by Israeli company NSO Group was also separately weaponized by a different surveillance vendor named QuaDream to hack into the company's devices. The development was reported by Reuters, citing unnamed sources, noting that "the two rival businesses gained the same ability last year to remotely break into | Hack Vulnerability | ||
|
2022-01-30 22:07:04 | Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam (lien direct) | Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues. By exploiting a chain of | Hack | ||
|
2021-11-30 01:36:45 | Panasonic Suffers Data Breach After Hackers Hack Into Its Network (lien direct) | Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. | Data Breach Hack | ||
|
2021-11-11 21:43:11 | Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant (lien direct) | Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat actor to be a | Hack Threat | ||
|
2021-10-21 06:18:02 | Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer (lien direct) | A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks.
Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This |
Hack | ||
|
2021-10-19 08:07:56 | Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services (lien direct) | Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine.
Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used |
Hack Vulnerability | ||
|
2021-08-23 06:27:54 | Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems (lien direct) | Close to 14 million Linux-based systems are directly exposed to the Internet, making them a lucrative target for an array of real-world attacks that could result in the deployment of malicious web shells, coin miners, ransomware, and other trojans.
That's according to an in-depth look at the Linux threat landscape published by U.S.-Japanese cybersecurity firm Trend Micro, detailing the top |
Hack Threat | ||
|
2021-07-22 00:34:29 | Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam (lien direct) | A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts.
Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications. The Spanish |
Hack | ||
|
2021-07-19 03:38:11 | Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely (lien direct) | The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research.
The denial-of-service vulnerability, which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input, triggering a crash on any |
Hack | ||
|
2021-07-16 04:13:36 | Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware (lien direct) | Two of the zero-day Windows flaws patched by Microsoft as part of its Patch Tuesday update earlier this week were weaponized by an Israel-based company called Candiru in a series of "precision attacks" to hack more than 100 journalists, academics, activists, and political dissidents globally.
The spyware vendor was also formally identified as the commercial surveillance company that Google's |
Hack | ||
|
2021-06-18 23:34:04 | North Korea Exploited VPN Flaw to Hack South\'s Nuclear Research Institute (lien direct) | South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which - "27.102.114[.]89 |
Hack Vulnerability | ||
|
2021-06-16 02:14:53 | Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets (lien direct) | As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets.
"Ransomware operators often buy access from independent cybercriminal groups who infiltrate major |
Ransomware Hack Threat | ||
|
2021-05-21 22:01:08 | Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers (lien direct) | India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year.
The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact |
Data Breach Hack | ||
|
2021-04-15 04:09:58 | 1-Click Hack Found in Popular Desktop Apps - Check If You\'re Using Them (lien direct) | Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems.
The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Mumble. |
Hack | ||
|
2021-04-14 07:51:05 | New WhatsApp Bugs Could\'ve Let Attackers Hack Your Phone Remotely (lien direct) | Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even compromise encrypted communications.
The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what's known as a "man-in-the-disk" attack that makes it possible |
Hack | ||
|
2021-03-25 02:58:36 | Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems (lien direct) | Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS.
Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a |
Hack | ||
|
2021-03-25 01:52:11 | Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad (lien direct) | Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices.
"They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, |
Hack | ||
|
2021-03-17 02:25:20 | 18-Year-Old Hacker Gets 3 Years in Prison for Massive Twitter \'Bitcoin Scam\' Hack (lien direct) | A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence.
Graham Ivan Clark, 18, will also serve an additional three years on probation.
The development comes after the U.S. Department of Justice (DoJ) charged Mason Sheppard (aka |
Hack | ||
|
2021-03-09 01:58:23 | SolarWinds Hack - New Evidence Suggests Potential Links to Chinese Hackers (lien direct) | A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group.
In a report published by Secureworks on Monday, the cybersecurity firm attributed the intrusions to a threat actor it calls Spiral.
Back on December 22, 2020, Microsoft disclosed that a second |
Hack Threat | ★★★★★ | |
|
2021-02-19 07:28:53 | New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card (lien direct) | Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card.
The research, published by a group of academics from the ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad actors to leverage |
Hack | ||
|
2021-02-15 22:00:16 | Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities (lien direct) | Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon.
The intrusion campaign - which breached "several French entities" - is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, said the French |
Hack Tool Threat | ||
|
2021-02-11 01:02:36 | Poor Password Security Lead to Recent Water Treatment Facility Hack (lien direct) | New details have emerged about the remote computer intrusion at a Florida water treatment facility last Friday, highlighting a lack of adequate security measures needed to bulletproof critical infrastructure environments.
The breach, which occurred last Friday, involved an unsuccessful attempt on the part of an adversary to increase sodium hydroxide dosage in the water supply to dangerous levels |
Hack | ||
|
2021-01-21 03:59:10 | Here\'s How SolarWinds Hackers Stayed Undetected for Long Enough (lien direct) | Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history.
Calling the threat actor "skillful and methodic operators who follow |
Hack Threat | ||
|
2021-01-10 23:11:27 | Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack (lien direct) | A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.
Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online |
Hack | ||
|
2020-12-17 20:56:04 | Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack (lien direct) | The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought.
News of Microsoft's compromise was first reported by Reuters, which also said the company's own products were then |
Hack | ||
|
2020-12-10 23:42:22 | Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam (lien direct) | Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware.
Tracked as APT32 (or Bismuth, OceanLotus, and Cobalt Kitty), the state-aligned operatives affiliated with the Vietnam government have been known for |
Hack Threat | APT 32 | |
|
2020-12-01 23:18:58 | Google Hacker Details Zero-Click \'Wormable\' Wi-Fi Exploit to Hack iPhones (lien direct) | Google Project Zero whitehat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi.
The exploit makes it possible to "view all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device] |
Hack | ||
|
2020-11-05 02:19:16 | Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies (lien direct) | Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months.
According to findings published by Check Point Research, the threat actors - believed to be located in the Palestinian Gaza Strip - have targeted Sangoma PBX, an |
Hack Threat | ||
|
2020-10-01 01:29:08 | Critical Flaws Discovered in Popular Industrial Remote Access Systems (lien direct) | Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets.
The flaws, discovered by Tel Aviv-based OTORIO, were identified in B&R Automation's SiteManager and GateManager, and MB Connect |
Hack | ||
|
2020-09-24 03:11:10 | Major Instagram App Bug Could\'ve Given Hackers Remote Access to Your Phone (lien direct) | Ever wonder how hackers can hack your smartphone remotely?
In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image.
What's more worrisome is that the flaw not only lets attackers |
Hack | ||
|
2020-07-31 13:01:24 | 17-Year-Old \'Mastermind\', 2 Others Behind the Biggest Twitter Hack Arrested (lien direct) | Three young individuals - 17, 19, and 22-year-old - have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts as part of a massive bitcoin scam.
According to the U.S. Department of Justice, Mason Sheppard, aka "Chaewon," 19, from the United Kingdom, Nima Fazeli, aka "Rolex," 22, from Florida and an |
Hack | ||
|
2020-07-15 22:11:20 | Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time (lien direct) | Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history.
A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a |
Hack | Uber | |
|
2020-06-09 15:56:47 | Indian IT Company Was Hired to Hack Politicians, Investors, Journalists Worldwide (lien direct) | A team of cybersecurity researchers today outed a little-known Indian IT firm that has secretly been operating as a global hackers-for-hire service or hacking-as-a-service platform.
Based in Delhi, BellTroX InfoTech allegedly targeted thousands of high-profile individuals and hundreds of organizations across six continents in the last seven years.
Hack-for-hire services do not operate as a |
Hack | ||
|
2020-06-03 08:53:45 | Two Critical Flaws in Zoom Could\'ve Let Attackers Hack Systems via Chat (lien direct) | If you're using Zoom-especially during this challenging time to cope with your schooling, business, or social engagement-make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers.
No, it's not about the arrival of the most-awaited "real" end-to-end encryption feature, which apparently, according to the latest news, |
Hack | ||
|
2020-06-03 05:56:01 | Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers (lien direct) | A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios.
The six flaws, disclosed by cybersecurity firm Trustwave today, reside in Sybase Adaptive Server Enterprise (ASE), a relational database management software geared towards |
Hack | ||
|
2020-05-30 00:56:49 | Exclusive – Any Mitron (Viral TikTok Clone) Profile Can Be Hacked in Seconds (lien direct) | Mitron (means "friends" in Hindi), you have been fooled again!
Mitron is not really a 'Made in India' product, and the viral app contains a highly critical, unpatched vulnerability that could allow anyone to hack into any user account without requiring interaction from the targeted users or their passwords.
I am sure many of you already know what TikTok is, and those still unaware, it's a |
Hack Vulnerability | ★★★★★ | |
|
2020-04-27 01:34:39 | How An Image Could\'ve Let Attackers Hack Microsoft Teams Accounts (lien direct) | Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image.
The flaw, impacting both desktop and web versions of the app, was discovered by cybersecurity researchers at |
Hack Vulnerability | ★★★★ | |
|
2020-04-22 09:14:29 | Zero-Day Warning: It\'s Possible to Hack iPhones Just by Sending Emails (lien direct) | Watch out Apple users! The default mail app pre-installed on millions of iPhone and iPad has been found vulnerable to two critical flaws that could let remote hackers secretly take complete control over Apple devices just by sending an email to targeted individuals.
According to cybersecurity researchers at ZecOps, the vulnerabilities in question are out-of-bounds write and remote heap |
Hack | ||
|
2020-04-22 02:11:59 | New iPhone Hack is Being Exploited to Spy Uyghurs Muslims in China (lien direct) | A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang.
The findings, published by digital forensics firm Volexity, reveal that the exploit - named "Insomnia" - works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by |
Hack | ★★ | |
|
2020-01-08 02:05:50 | Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS (lien direct) | TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds-but it's not over yet, as the security of billions of TikTok users would be now under question.
The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers |
Hack | ||
|
2019-12-13 02:53:40 | Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites (lien direct) | Attention WordPress users!
Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder," or "Ultimate Addons for Elementor" and haven't recently updated them to the latest available versions.
Security researchers have discovered a critical yet easy-to-exploit authentication bypass vulnerability in both widely-used premium WordPress plugins that could allow |
Hack Vulnerability | ★★ | |
|
2019-11-05 02:11:04 | Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light (lien direct) | A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices - all just by shining a laser at the targeted device instead of using spoken words.
Dubbed 'Light Commands,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally |
Hack Vulnerability | ||
|
2019-10-29 00:24:28 | Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics (lien direct) | As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers.
Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group of Russian state-sponsored hackers attempting to hack over a dozen anti-doping authorities and |
Hack |
To see everything:
Our RSS (filtrered)
