Security Affairs
- Slickwraps discloses data leak that impacted 850,000 user accounts 24 février 2020
Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Slickwraps is an online store that offers for sale skins mobile devices, laptops, smartphones, tablets, and gaming consoles. The data leak was disclosed last week, on February 21 the company that customer records were accidentally exposed online via an ex … - FBI recommends using passphrases instead of complex passwords 24 février 2020
The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters. Recent guidance from the National Institute of Standards and Technology (NIST) highlights that the password length is much more important than password complexity. The recommendations are part of the Protected Voices initiative l … - FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019 24 février 2020
FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report, FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%) … - ISS reveals malware attack impacted parts of the IT environment 23 février 2020
ISS, the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS, the Danish multinational services company announced it was hit with malware, in response to the incident the firm disabled access to shared IT services worldwide. ISS services include cleaning services, support services, property services, catering services, sec … - Security Affairs newsletter Round 252 23 février 2020
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs IOTA cryptocurrency shuts down entire network after a coordinated attack on its Trinity wallet Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak US administration requests $9.8B for cyber 2021 budget for the Department of Defense Cyberwarfare: A deep dive into th … - Google sued by New Mexico attorney general for collecting student data through its Education Platform 23 février 2020
New Mexico sues Google for allegedly using the Google for Education platform to gather personal and private data from children. Google is facing a new lawsuit for allegedly using the Google for Education platform to gather personal and private data from students with an age of less than 13 years. The lawsuit was filed by the state of New Mexico Attorney General Hector Balderas last week, alleging … - ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia 23 février 2020
Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. The malware was employed in targeted attacks against organizations in So … - Joker malware still able to bypass Google Play Store checks 22 février 2020
The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “the Joker.” The Joker malware is a malicious co … - Google removed nearly 600 apps from the Play Store for ad policy violation 22 février 2020
Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing efforts — along with help from newly developed technologie … - VMware addresses serious flaws in vRealize Operations for Horizon Adapter 21 février 2020
VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. VMware vRealize Operations is a software product that provides operations management across physical, virtual and cloud environments, it supports environments based on vSphere, Hyper-V or Amazon Web Services. Horizon Adapter instances created on …
The Hackers News
- Microsoft Brings Defender Antivirus for Linux, Coming Soon for Android and iOS 21 février 2020
Almost within a year after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian. If this news hasn’t gotten you excited yet… Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and … - Google Bans 600 Android Apps from Play Store for Serving Disruptive Ads 21 février 2020
Google has banned nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines. The company categorizes disruptive ads as « ads that are displayed to users in unexpected ways, including impairing or interfering with the usability of device functions, » such as a full-screen ad served when attempting to make a phone call. Although … - Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes 20 février 2020
Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility of Russian Internet portal Rambler to trick users into participating in a fictitious « Like of the … - Deal: Cloud And Networking Certification Training ~ Get 97% OFF 20 février 2020
Cloud computing and networking are two of the most significant areas of growth in the IT business. Companies need engineers who can maintain distributed software and keep the company connected. If you want to work in either niche, the Essential Cloud & Networking Certification Training Bundle offers 93 hours of essential knowledge. You can pick up all 5 courses now for only $39.99 via the THN … - Adobe Patches Critical Bugs Affecting Media Encoder and After Effects 20 février 2020
Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. Both critical vulnerabilities exist due to out-of-bounds write memory corruption issues and can be exploited to execute arbitrary code on targeted systems by tricking victims into opening a specially crafted file using the affected software. … - Ring Makes 2-Factor Authentication Mandatory Following Recent Hacks 19 février 2020
Smart doorbells and cameras bring a great sense of security to your home, especially when you’re away, but even a thought that someone could be spying on you through the same surveillance system would shiver up your spine. Following several recent reports of hackers gaining access to people’s internet-connected Ring doorbell and security cameras, Amazon yesterday announced to make two-factor … - US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility 20 février 2020
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in response to a cyberattack targeting an unnamed natural gas compression facility that employed … - Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide 18 février 2020
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed « Fox Kitten, » the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectors … - Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations 18 février 2020
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering (click here to learn more) based on more than 72 hours of data collection, enabling … - Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers 17 février 2020
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs. The vulnerable plugin in question is ‘ThemeGrill Demo Importer’ that comes with free as well as premium themes sold by the software development … - OpenSSH now supports FIDO U2F security keys for 2-factor authentication 17 février 2020
Here’s excellent news for sysadmins. You can now use a physical security key as hardware-based two-factor authentication to securely log into a remote system via SSH protocol. OpenSSH, one of the most widely used open-source implementations of the Secure Shell (SSH) Protocol, yesterday announced the 8.2 version of the software that primarily includes two new significant security enhancements. … - A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices 17 février 2020
A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named ‘SweynTooth,’ affecting millions of Bluetooth-enabled wireless smart devices worldwide—and worryingly, a few of which haven’t yet been patched. All SweynTooth flaws basically reside in the way software development kits (SDKs) used by multiple … - U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies 14 février 2020
The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. Accusing Huawei and its affiliates of « using fraud and deception to misappropriate sophisticated technology from US … - 500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users 14 février 2020
Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019, although evidence points out the possibility that the actor behind the scheme may have been … - Download: Definitive 'IR Management and Reporting' Presentation Template 12 février 2020
The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice, some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the management of the actual response process, the CISO must also be able to efficiently communicate … - Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims 12 février 2020
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered Emotet sample leverages a « Wi-Fi spreader » module to scan Wi-Fi networks, and then attempts to … - Update Microsoft Windows Systems to Patch 99 New Security Flaws 11 février 2020
A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this month are critical in severity, and the remaining 87 have been listed as important. Five of the … - Adobe Releases Patches for Dozens of Critical Flaws in 5 Software 11 février 2020
Here comes the second ‘Patch Tuesday’ of this year. Adobe today released the latest security updates for five of its widely used software that patch a total of 42 newly discovered vulnerabilities, 35 of which are critical in severity. The first four of the total five affected software, all listed below, are vulnerable to at least one critical arbitrary code execution vulnerability that could … - App Used by Israel's Ruling Party Leaked Personal Data of All 6.5 Million Voters 11 février 2020
An election campaigning website operated by Likud―the ruling political party of Israeli Prime Minister Benjamin Netanyahu―inadvertently exposed personal information of all 6.5 million eligible Israeli voters on the Internet, just three weeks before the country is going to have a legislative election. In Israel, all political parties receive personal details of voters before the election, which … - U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach 11 février 2020
The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans. In a joint press conference held today with the Attorney General William Barr and FBI Deputy Director David Bowdich, the DoJ officials labeled the state-sponsored …
Dark Reading
- SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps 24 février 2020
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you. - Enterprise Cloud Use Continues to Outpace Security 24 février 2020
Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them. - Solving the Cloud Data Security Conundrum 24 février 2020
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud. - Latest Security News from RSAC 2020 24 février 2020
Check out Dark Reading’s updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco. - 7 Tips to Improve Your Employees' Mobile Security 24 février 2020
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them. - All About SASE: What It Is, Why It's Here, How to Use It 22 février 2020
Secure Access Service Edge is a new name for a known and growing architecture designed to strengthen security in cloud environments. - Emotet Malware Rears Its Ugly Head Again 21 février 2020
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020. - California Man Arrested for Politically Motivated DDoS 21 février 2020
The distributed denial-of-service attacks took a congressional candidate’s website offline for a total of 21 hours during the campaign for office. - NRC Health Ransomware Attack Prompts Patient Data Concerns 21 février 2020
The organization, which sells patient administration tools to hospitals, could not confirm whether patient data was accessed. - Olympics Could Face Disruption from Regional Powers 21 février 2020
Destructive attacks and disinformation will likely target the Summer Olympics in Tokyo, two groups of threat experts say.
gHacks
- Textfinder is a very fast bulk text search tool for Windows 24 février 2020
Textfinder is a free program for Microsoft Windows devices to find text in multiple files quickly. The program has been created in 2001 and updated in 2006 for the last time; tests on devices running recent versions of Windows confirmed that it works fine even on these devices. Update: If you prefer programs that are updated regularly, check out Nirsoft’s SearchMyFiles, findstr, or Notepad++ to na … - Firefox Monitor gets resolve feature 24 février 2020
Firefox Monitor is a service by Firefox maker Mozilla that allows anyone to check whether an email address or username has been part of a data breach. Mozilla launched Firefox Monitor back in 2018 and integrated the service into the Firefox web browser in the same year. Anyone may open the Firefox Monitor website to check an email address for breaches and to set up the service to receive emails wh … - What are Firefox Containers? 24 février 2020
You may have heard of Firefox Containers. But do you know what they are? How do they help us? To understand the purpose of this feature, you need to understand how web tracking works. Let’s begin with Facebook. For e.g. John looks up used cars on a search engine and visits some pages for more information. Later he visits Facebook, and starts seeing recommendations for used cars. John is puzzled be … - How to add a Menu Bar to Microsoft Edge 23 février 2020
The Menu Bar, once a given for any desktop web browser, has been removed from the majority of web browsers. Some, Firefox or Vivaldi, still support a menu bar but even these need to be configured to display the toolbar permanently in the browser. Firefox users may use the Alt-key to display the menu bar at any time. Microsoft’s new Edge web browser does not support a menu bar at all; that is no su … - NV Updater is a tool to customize Nvidia driver installations 22 février 2020
NV Updater is a free software program for Microsoft Windows devices that assists administrators when it comes to the installation of Nvidia graphics drivers. Nvidia graphics driver install the driver for the video card but also additional components. Some of them may be useful, others, e.g. Telemetry, not so much for the user. It is our recommendation to only install the components that you requir … - Simple Tab Groups is a Firefox extension for organizing your tabs 22 février 2020
Simple Tab Groups is a Firefox extension that can help you organize your tabs. The extension was inspired by one with a similar name, Tab Groups. The extension includes five plugins (add-ons from the same developer) merged into one for a functioning Tab Group manager extension. After you install Simple Tab Groups, it opens a local web page with a screenshot to guide users how to « Enable the restor … - Google implemented a controversial feature in Chrome 21 février 2020
Google has implemented a new feature in version 80 of the company’s Chrome web browser called Scroll To Text Fragment designed as a global method to deep link to any part of a web document. Unlike HTML’s anchor functionality, Scroll To Text Fragment links may be created by anyone to point to different parts of a document; this is done by specifying a text snippet in the URL. The text snippet has t … - Adobe Photoshop turns 30 (your chance to win a 1-year subscription) 21 février 2020
The first version of Adobe Photoshop was released on February 19, 1990 for Apple’s Macintosh operating system exclusively before it was ported to Windows in 1993. Newer versions of the application are also available for Apple’s iPad. Software programs that manage to lead an entire Industry are rare, and even rarer are programs that manage to do so for decades. Adobe Photoshop is such an applicatio … - Google updates its Terms of Service to include Chrome and Chrome OS 21 février 2020
If you visit a Google website right now you will likely see a notification at the top stating that the company has changed its Terms of Service and that the new terms will take effect on March 31, 2020. The message, « We’re updating our Terms of Service. Get to known our new Terms before they take effect on March 31, 2020 », has « review » and « got it » buttons attached to it. One of the most important … - Lintalist is an open source snippet manager for Windows 21 février 2020
Lintalist is an open source snippet manager for Windows. You can use it as a text expander to quickly add phrases in the document that you’re working with. The program is portable, when running it for the first time, it asks you whether you’d like it to auto-start with Windows. A quick start guide is displayed on start up but it only explains the basics. Lintalist starts in the system tray. Bring …
blackMORE Ops
- Change IP address in packet capture file (faking IP) 7 octobre 2019
I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c … - SamSam Ransomware 25 septembre 2019
The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a … - New Exploits for Unsecure SAP Systems 24 septembre 2019
A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit … - Microsoft Operating Systems BlueKeep Vulnerability 22 septembre 2019
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions: The post Microsoft Operating Systems BlueKeep Vulnerability appeared first on blackMORE Ops. … - A .vimrc config file everyone should use 24 avril 2019
Ever had that issue when you login to a Linux terminal, editing a file and the texts are just blue and you can’t read? I’ve had way too many cause default vim/vi config is just bad. I created a good .vimrc config file. Simply create a file with .vimrc name in home directory a paste … The post A .vimrc config file everyone should use appeared first on blackMORE Ops. … - Remove cloud-init from Ubuntu 19 avril 2019
Cloud images are operating system templates and every instance starts out as an identical clone of every other instance. It is the user data that gives every cloud instance its personality and cloud-init is the tool that applies user data to your instances automatically. Cloud-init is the defacto multi-distribution package that handles early initialization of … The post Remove cloud-init fro … - How to Prevent DOM-based Cross-site Scripting 8 janvier 2019
There’s no denying the role that JavaScript has played in making web applications the sleek, interactive, online experiences that we know and love today. This powerful scripting language brought interactivity and animation to the web. But with great power comes great responsibility. Cross-site-scripting (XSS) remains a persistent stalwart among the OWASP Top 10. Malicious JavaScript … The po … - Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown 28 décembre 2018
On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware implementations are vulnerable to the … - How to access Dark Web? 27 décembre 2018
The concept of the Dark Web isn’t vastly different from the Surface Web. There are message boards (e.g. 8chan, nntpchan), places you can buy things (e.g. Alphabay, Hansa), and blogs (e.g. OnionNews, Deep Web Radio). The rules, or rather a lack thereof, is what makes the Dark Web unique. Anything that is illegal to sell … The post How to access Dark Web? appeared first on blackMORE Ops. … - Inception Attackers Target Europe with Year-old Office Vulnerability 14 décembre 2018
The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against European targets observed in October … The post Inception Attackers Target Eu …