Security Affairs
- Google forgot to tell customers that Nest Hub has a microphone 22 février 2019
Google on Wednesday revealed that it forgot to inform users that its Nest Secure home alarm system includes a microphone. Google announced this week that it forgot to inform users that its Nest Secure home alarm system includes a microphone. “The problem: Nest users didn’t know a microphone existed on their security device to begin with.” states a post published by Business Insid … - Cisco addresses flaws in HyperFlex and Prime Infrastructure 22 février 2019
Cisco released security patches that address more than a dozen issues in its products, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. Cisco released security patches that address more than a dozen issues in its products, including high severity vulnerabilities affecting HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. Securit … - Expert found a DoS flaw in Windows Servers running IIS 22 février 2019
Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks carried out through malicious HTTP/2 requests. Microsoft revealed that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks. Attackers can trigger a DoS condition by sending specially crafted HTTP/2 requests, the CPU usage will tempo … - Adobe released second fix for the same Adobe Reader flaw 21 février 2019
Adobe released a second patch to address the CVE 2019-7089 flaw in Adobe Reader after an expert found the way to bypass the first fix. Adobe on Thursday released a second patch to address a critical information disclosure vulnerability in Adobe reader, tracked as CVE 2019-7089, after the expert who initially discovered the flaw devised a method to bypass the first fix. The vulnerability was discov … - Security experts released new GandCrab Decryptor for free 21 février 2019
Security experts at BitDefender have released a new version of the GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5. Security experts at BitDefender have released a new version of the GandCrab decryptor that could be used to decrypt versions of GandCrab 1, 4 and 5, including the latest version 5.1. The GandCrab decryptor is available for free from BitDefender and from the NoMoreR … - Critical bug in WINRAR affects all versions released in the last 19 years 21 février 2019
Security experts at Check Point have disclosed technical details of a critical vulnerability in the popular file compression software WinRAR. Experts at Check Point discovered the logical bug in WinRAR by using the WinAFL fuzzer and found a way to exploit it to gain full control over a target computer Over 500 million users worldwide use the popular software and are potentially affected … - CVE-2019-6340 Critical flaw in Drupal allows Remote Code Execution 21 février 2019
Security expert found a “highly critical” vulnerability (CVE-2019-6340) in the popular Drupal CMS that could be exploited for remote code execution. Drupal released security updates that addresses a “highly critical” vulnerability in the popular Drupal CMS, tracked as CVE-2019-6340, that could be exploited for remote code execution. The CVE-2019-6340 flaw is caused by the lack of proper data sanit … - The interface of WinPot ATM Malware looks like a slot machine 21 février 2019
Malware researchers from Kaspersky Lab have detected a new piece of malware dubbed WinPot that was designed to target automated teller machines (ATMs). Security experts from Kaspersky Lab have discovered a new piece of malware dubbed WinPot that target ATMs, it could be used by crooks to make the ATMs automatically dispense all cash from their cassettes. WinPot was first detected in March 201 … - Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe 20 février 2019
Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. Microsoft revealed that hackers belonging to the cyber espionage group APT28 (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) launched several attacks on democratic institutions in Europe between September and December 2018. The tech … - Expert released a PoC for a remote code execution flaw in mIRC App 20 février 2019
Security experts discovered a vulnerability in the mIRC application that allows attackers to execute commands remotely. Security researchers Benjamin Chetioui and Baptiste Devigne from ProofOfCalc discovered a vulnerability in the mIRC application that could be exploited by attackers to execute commands remotely. mIRC is a popular Internet Relay Chat application that allows users to chat by connec …
The Hackers News
- Hacking Virtual Reality – Researchers Exploit Popular Bigscreen VR App 22 février 2019
A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world. According to the researchers—Ibrahim Baggili, Peter Casey and Martin Vondráček—the underlying … - Almost Half A Million Delhi Citizens' Personal Data Exposed Online 21 février 2019
Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens… thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report shared with The Hacker News, Bob Diachenko disclosed that two days ago he found a 4.1 GB-sized … - Another Critical Flaw in Drupal Discovered — Update Your Site ASAP! 21 février 2019
Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability that could allow remote attackers to hack your site. The update came two days after the Drupal security team released an advance security notification of the upcoming patches, giving websites … - Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years 21 février 2019
Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the … - Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years 19 février 2019
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence of a critical remote code execution vulnerability that … - Learn How XDR Can Take Breach Protection Beyond Endpoint Security 19 février 2019
How do you know whether an attacker has infiltrated your network? Can you really rely on an Endpoint Detection and Response (EDR) solution to be your go-to technology for identifying security breaches? Endpoint detection and response (EDR) platform has been an important technology to detect cybersecurity incidents, but it provides only the view of endpoints, just a portion of the big picture. … - LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers 19 février 2019
Why would someone bother to hack a so-called « ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls, » when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym « Elliot Alderson » on Twitter, with the help of an Indian researcher, who wants to remain anonymous, … - Kali Linux 2019.1 Released — Operating System For Hackers 18 février 2019
Wohooo! Great news for hackers and penetration testers. Offensive Security has just released Kali Linux 2019.1, the first 2019 version of its Swiss army knife for cybersecurity professionals. The latest version of Kali Linux operating system includes kernel up to version 4.19.13 and patches for numerous bugs, along with many updated software, like Metasploit, theHarvester, DBeaver, and more. … - Popular Torrent Uploader 'CracksNow' Caught Spreading Ransomware 18 février 2019
It’s not at all surprising that downloading movies and software from the torrent network could infect your computer with malware, but it’s more heartbreaking when a popular, trusted file uploader goes rogue. Popular software cracks/keygens uploader « CracksNow, » who had trusted status from many torrent sites, has now been banned from several torrent sites after he was repeatedly found … - How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link 18 février 2019
It’s 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into … - Over 92 Million New Accounts Up for Sale from More Unreported Breaches 18 février 2019
All these numbers…. « More than 5 billion records from 6,500 data breaches were exposed in 2018 » — a report from Risk Based Security says. « More than 59,000 data breaches have been reported across the European since the GDPR came into force in 2018 » — a report from DLA Piper says. …came from data breaches that were reported to the public, but in reality, more than half of all data breaches … - WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For 15 février 2019
How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that … - Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale 15 février 2019
A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. <! … - Ex-US Intelligence Agent Charged With Spying and Helping Iranian Hackers 14 février 2019
The United States Department of Justice has announced espionage charges against a former US Air Force intelligence officer with the highest level of top-secret clearance for providing the Iranian government classified defense information after she defected to Iran in 2013. Monica Elfriede Witt, 39, was a former U.S. Air Force Intelligence Specialist and Special Agent of the Air Force Office … - Snapd Flaw Lets Attackers Gain Root Access On Linux Systems 13 février 2019
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed « Dirty_Sock » and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the … - Hackers Destroyed VFEmail Service – Deleted Its Entire Data and Backups 13 février 2019
What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out? The worst nightmare of its kind. Right? But that’s precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users after unknown hackers destroyed its entire U.S. … - Researchers Implant "Protected" Malware On Intel SGX Enclaves 13 février 2019
Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise … - Microsoft Patch Tuesday — February 2019 Update Fixes 77 Flaws 12 février 2019
Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity. February security update addresses flaws in Adobe Flash Player, Internet Explorer, Edge, Windows, MS Office, and Office Services and Web Apps, … - New Unpatched macOS Flaw Lets Apps Spy On Your Safari Browsing History 12 février 2019
A new security vulnerability has been discovered in the latest version of Apple’s macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app. Discovered by application developer Jeff Johnson on February 8, the vulnerability is unpatched at the time of writing and impacts all version of macOS Mojave, … - Adobe Releases February 2019 Patch Updates For 75 Vulnerabilities 12 février 2019
Welcome back! Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone. February 2019 patch Tuesday updates address several critical and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Creative Cloud Desktop Application, and Adobe Flash …
Dark Reading
- Learn to Plug (or Exploit) New Vulnerabilities at Black Hat Asia 22 février 2019
There’s no better place to bone up on the ins and outs of web security than Black Hat Asia in Singapore next month. - Researchers Propose New Approach to Address Online Password-Guessing Attacks 21 février 2019
Recommended best practices not effective against certain types of attacks, they say. - Attack Campaign Experiments with Rapid Changes in Email Lure Content 21 février 2019
It’s like polymorphic behavior – only the changes are in the email lures themselves, with randomized changes to headers, subject lines, and body content. - Human Negligence to Blame for the Majority of Insider Threats 21 février 2019
In 98% of the assessments conducted for its research, Dtex found employees exposed proprietary company information on the Web – a 20% jump from 2018. - Why Cybersecurity Burnout Is Real (and What to Do About It) 21 février 2019
The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here’s how to turn down the pressure. - New Free Tool Scans for Chrome Extension Safety 21 février 2019
CRXcavator scans extensions in real time based on factors including permissions, external calls, and third-party libraries. - Cyber Extortionists Can Earn $360,000 a Year 21 février 2019
Extortion scams capitalize on compromised credentials, sensitive data, and technical vulnerabilities on Internet-facing applications to pressure victims to pay up. - Security Analysts Are Only Human 21 février 2019
SOC security analysts shoulder the largest cybersecurity burden. Automation is the way to circumvent the unavoidable human factor. Third in a six-part series. - Insurer Offers GDPR-Specific Coverage for SMBs 21 février 2019
Companies covered under the EU mandate can get policies for up to $10 million for fines, penalties, and other costs. - As Businesses Move Critical Data to Cloud, Security Risks Abound 20 février 2019
Companies think their data is safer in the public cloud than in on-prem data centers, but the transition is driving security issues.
gHacks
- 7-Zip 19.00 released 22 février 2019
7-Zip 19.00 was released as a stable version on February 21, 2019. The new version of the open source program to manage archives is the first stable release of 2019. It comes a day after the disclosure of a critical vulnerability in WinRAR and several other programs that rely on an old library file. The program is offered as a 32-bit or 64-bit version for Microsoft Windows devices. 7-Zip supports … - Learn Languages with Google Translate for Chrome 22 février 2019
Learn Languages with Google Translate is a browser extension for Google Chrome that combines Google’s translation service with options to record and practice vocabulary. The extension is maintained by Wordeys and available as a free limited version and paid subscription-based versions. The free is good enough for creating lists and words, and practicing using two different testing methods. Subscri … - Add custom search engines to Firefox 22 février 2019
Add custom search engine is a free extension for the Firefox web browser to add any search engine to the Firefox web browser. Firefox users have quite a few options when it comes to adding search providers to the web browser: add them on Mozilla AMO, run searches on sites to have them added, use the search bar to add Open Search search engines, or use the Mycroft Project website to do so. Mozilla … - How Windows Sandbox config files work 22 février 2019
Microsoft is working on Windows Sandbox, a sandboxed environment for the Windows operating system, currently. The feature is being tested in Windows 10 Insider Builds currently and it is possible that Windows Sandbox will find its way into Windows 10 version 1903. The initial version of Windows Sandbox was quite basic: users could launch it on Windows 10 devices and use it, but that was about the … - Ghacks Deals: The DevOps Certification Training Master Class Bundle (95% off) 21 février 2019
The DevOps Certification Training Master Class Bundle is a huge guide for users of all experience level. It covers important DevOps tools, Git, Docker, Jenkins, Cucumer, Nagios and more, and teaches you a wide variety of related skills: Master configuration management & continuous integration deployment, delivery and monitoring Learn how to deploy, manage, & operate highly-scalable systems … - Microsoft: fix security issue with non-security update. Instructions point to non-existent KB page 21 février 2019
Can things get any worse than this? Microsoft published a security advisory yesterday — ADV190005 | Guidance to adjust HTTP/2 SETTINGS frames — which affects Windows Server running Internet Information Services (IIS). The security issue could be abused to cause CPU usage to increase to 100% until the malicious HTTP/2 « connections are killed by IIS ». The advisory recommends to administrators that … - WinRAR has a critical security bug: here is the fix 21 février 2019
WinRAR is a very popular software to create and extract archives on Windows and other supported operating systems. Part of its popularity comes from its support for different types of packing formats, another that the software’s trial version never expires. A bug was discovered recently that affects all versions of WinRAR prior to 5.70. The bug, a remote code execution vulnerability, affects all W … - About Microsoft Edge's secret Flash whitelist 21 février 2019
Microsoft’s Edge web browser users a secret Flash whitelist that allows Flash content to run without click to play protection on included sites. Microsoft Edge, the default browser of Microsoft’s Windows 10 operating system, supports Adobe Flash natively. Flash is set to click-to-play in the browser, and users may disable Flash entirely in the browser’s settings. Microsoft releases Flash updates r … - OnionShare 2 released: Tor-powered file sharing 21 février 2019
The initial version of OnionShare launched in 2017 for Windows, Mac OS X, and Linux. It featured options to share files anonymously using the Tor network using a simple but effective interface. Files would remain on the local computer as they were shared from it directly. While that meant that the local computer had to be on to allow others to download the files, it ensured that the files would no … - Password Manager study highlights potential leak issues 20 février 2019
What would the result be if you analyze how popular password managers protect sensitive information such as the master password or stored passwords; that’s what Independent Security Evaluators tried to find out in their analysis of five popular password managers running on Microsoft’s Windows 10 platform. The paper Password Managers: Under the Hood of Secrets Management looked at how the password …
blackMORE Ops
- How to Prevent DOM-based Cross-site Scripting 8 janvier 2019
There’s no denying the role that JavaScript has played in making web applications the sleek, interactive, online experiences that we know and love today. This powerful scripting language brought interactivity and animation to the web. But with great power comes great responsibility. Cross-site-scripting (XSS) remains a persistent stalwart among the OWASP Top 10. Malicious JavaScript … The po … - Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown 28 décembre 2018
On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware implementations are vulnerable to the … - How to access Dark Web? 27 décembre 2018
The concept of the Dark Web isn’t vastly different from the Surface Web. There are message boards (e.g. 8chan, nntpchan), places you can buy things (e.g. Alphabay, Hansa), and blogs (e.g. OnionNews, Deep Web Radio). The rules, or rather a lack thereof, is what makes the Dark Web unique. Anything that is illegal to sell … The post How to access Dark Web? appeared first on blackMORE Ops. … - Inception Attackers Target Europe with Year-old Office Vulnerability 14 décembre 2018
The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against European targets observed in October … The post Inception Attackers Target Eu … - Brute Force Attacks Conducted by Cyber Actors 13 décembre 2018
In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a password-spray attack (also known as … The post Brute Force Attacks Conducted … - Avoiding Web Application Firewall using Python 21 novembre 2018
Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you arehired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess. The figure below depicts … The post Avoiding Web Application Firewall using Python appeared first … - Targeting websites with Password Reset Poisoning 20 novembre 2018
Most of web application security vulnerabilities, leverage user input in ways that were not initially intended by their developer(s). Password Reset Poisoning is one such vulnerability, that leverages commonly unthought of headers, such as the Host header seen in an HTTP request: GET https://example.com/reset.php?email=foo@bar.com HTTP/1.1 Host: evilhost.com Notice the difference where we specify … - Cyber Actors Target Home and Office Routers and Networked Devices Worldwide 19 novembre 2018
DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded to the latest available versions … Th … - Identify website technologies with WhatWeb 15 novembre 2018
WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1700 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addres … - Automatically crack WiFi password with besside-ng 14 novembre 2018
besside-ng is a tool like Wesside-ng but it support also WPA encryption. It will automatically crack all the WEP networks in range and log the WPA handshakes. WPA handshakes captured can be uploaded to the online cracking service at Darkircop.org (Besside-ng Companion) to attempt to get the password and where provides useful statistics based on … The post Automatically crack WiFi password wi …