Hackers

Retour à Sécurité

Security Affairs

    • 18 mai 2021European Council extends sanctions against foreign threat actors
      European Council extended for one year the sanctions against foreign threat actors that threaten the European Union and its member states. The European Council announced that it will extend for one year the framework for sanctions against threat actors that launched cyberattacks against the infrastructure of the European Union and its member states. The Council Decision (CFSP) 2019/797 was establi …

    • 18 mai 2021Analysis of NoCry ransomware: A variant of the Judge ransomware
      Researchers at Tesorion released a decryptor for Judge ransomware that also decrypts files encrypted by the NoCry ransomware. In January this year, we published a blog post on our analysis of the Judge ransomware. We announced a free decryptor for Judge victims in this blog post, which is available through the NoMoreRansom initiative. Our decryptor has been helping victims to recove …

    • 18 mai 2021Discovery of Simps Botnet Leads To Ties to Keksec Group
      Uptycs’ threat research team discovered a new botnet, tracked as Simps botnet, attributed to Keksec group, which is focused on DDOS activities Uptycs’ threat research team has discovered a new Botnet named ‘Simps’ attributed to Keksec group primarily focussed on DDOS activities. We discovered the Simps Botnet binaries downloaded via shell script sample and Remote Code Execution vulnera …

    • 18 mai 2021Bizarro banking Trojan targets banks in Brazil and abroad
      Bizarro is a new sophisticated Brazilian banking trojan that is targeting customers of tens of banks in Europe and South America. Researchers from Kaspersky have spotted a new sophisticated Brazilian banking trojan dubbed Bizarro that is targeting customers of tens of 70 banks in Europe and South America. Bizarro banking Trojan allows to capture online banking credentials and hijacking Bitcoin wal …

    • 17 mai 2021Android stalkerware, a danger for victims and stalkers
      ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common Android stalkerware apps are affected with vulnerabilities that could expose the privacy and security of the victims. Mobile stalkerware, also known as spouseware, is used by a stalker to spy on a victim, it allows to collect GPS location, spy on conver …

    • 17 mai 2021Expert released PoC exploit code for Windows CVE-2021-31166 bug
      A security researcher has published a working proof-of-concept exploit code for a wormable Windows IIS server vulnerability tracked as CVE-2021-31166. Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities in Microsoft including a critical HTTP Protocol Stack Remote Code Execution vulnerability tracked as CVE-2021-31166. The flaw could be exploited by an unauthenticated …

    • 17 mai 2021Bitcoin down: 51% attack? No, put the blame on Elon Musk
      The price of Bitcoin falls after Elon Musk declared that its company, Tesla, may have sold holdings of the cryptocurrency We have a long-debated about the possibility that the Bitcoin price could be influenced by threat actors through 51% attacks, but recent events demonstrate that it could be easier to manipulate its value. A simple Tweet from an influencer could cause the fall of the price of a …

    • 17 mai 2021Conti ransomware demanded $20M ransom to Ireland Health Service Executive
      Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti ransomware gang. Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack. The Health Service Executive opted to shut down its infrastructure as a precaution to avoid the th …

    • 16 mai 2021Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia
      Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. Ac …

    • 16 mai 2021Two flaws could allow bypassing AMD SEV protection system
      The chipmaker AMD published guidance for two new attacks against its SEV (Secure Encrypted Virtualization) protection technology. Chipmaker AMD has issued guidance for two attacks (CVE-2020-12967, CVE-2021-26311) that allow bypassing the SEV (Secure Encrypted Virtualization) technology implemented to prevent rogue operating systems on virtual machines. The chipmaker is aware of two research papers …

The Hackers News

    • 18 mai 2021How Apple Gave Chinese Government Access to iCloud Data and Censored Apps
      In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move iCloud data belonging to Apple’s China-based users to the latter’s servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a deep-dive report from The New York Times, Apple’s privacy and security concessions have « made it …

    • 18 mai 2021Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand
      Leaders in the InfoSec field face a strange dilemma. On the one hand, there are hundreds of thousands of resources available to find online to read (or watch) if they have questions – that’s a benefit of a digital-first field. On the other hand, most leaders face challenges that – while not entirely unique each time – tend to require a specific touch or solution. For most, it would be great to …

    • 18 mai 2021Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps
      A total of 158 privacy and security issues have been identified in 58 Android stalkware apps from various vendors that could enable a malicious actor to take control of a victim’s device, hijack a stalker’s account, intercept data, achieve remote code execution, and even frame the victim by uploading fabricated evidence. The new findings, which come from an analysis of 86 stalkerware apps for …

    • 18 mai 202170 European and South American Banks Under Attack By Bizarro Banking Malware
      A financially motivated cybercrime gang has unleashed a previously undocumented banking trojan, which can steal credentials from customers of 70 banks located in various European and South American countries. Dubbed « Bizarro » by Kaspersky researchers, the Windows malware is « using affiliates or recruiting money mules to operationalize their attacks, cashing out or simply to helping [sic] with …

    • 18 mai 2021Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices
      Latest research has demonstrated a new exploit that enables arbitrary data to be uploaded from devices that are not connected to the Internet by simply sending « Find My » Bluetooth broadcasts to nearby Apple devices. « It’s possible to upload arbitrary data from non-internet-connected devices by sending Find My [Bluetooth Low Energy] broadcasts to nearby Apple devices that then upload the data for …

    • 17 mai 2021Why Password Hygiene Needs a Reboot
      In today’s digital world, password security is more important than ever. While biometrics, one-time passwords (OTP), and other emerging forms of authentication are often touted as replacements to the traditional password, today, this concept is more marketing hype than anything else. But just because passwords aren’t going anywhere anytime soon doesn’t mean that organizations don’t need to …

    • 17 mai 2021Experts Warn About Ongoing AutoHotkey-Based Malware Attacks
      Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec Labs …

    • 18 mai 2021U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized
      Just as Colonial Pipeline restored all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure. All the dark web sites operated by the gang, including its DarkSide Leaks blog, ransom collection site, and breach data content …

    • 14 mai 2021Hackers Using Microsoft Build Engine to Deliver Malware Filelessly
      Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding the malicious build files came embedded with encoded executables and shellcode that deploy backdoors, …

    • 14 mai 2021Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template
      Security incidents occur. It’s not a matter of ‘if’ but of ‘when.’ There are security products and procedures that were implemented to optimize the IR process, so from the ‘security-professional’ angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 18 mai 2021Chipmaker AMD Discover Two New Flaws Against its SEV Techonology
       The chipmaker AMD published guidelines for two new attacks (CVE-2020-12967, CVE-2021-26311) against its SEV (Secure Encrypted Virtualization) technology that protects virtual machines from rogue operating systems.The two attacks, documented in two research papers, respectively titled as “Severity: Code Injection Attacks against Encrypted Virtual Machines” and “undeSErVed trust: Exploiting Pe …

    • 18 mai 2021Herff Jones Credit Card Breach: College Students Across the US Affected
       Graduating students from many universities in the United States have reported fraudulent transactions after using payment cards at Herff Jones, a prominent cap and gown seller. Following the initial reports last Sunday, the company launched an investigation to assess the scope of the data breach. The complaints persisted this week, prompting others to review their credit card statements …

    • 18 mai 2021Computer Servers go down at Clark County
       An inquiry is ongoing following a malware operation that led all government Clark County computer servers to go down on Thursday, 13 May. Officials from Clark County claim they are still focusing on restoring operations and determining the effects of malware activity. Clark County officials declared on Friday 14th May that it was not evident when the malware operation triggered their ne …

    • 18 mai 2021Brazilian Cybercriminals Created Fake Accounts for Uber, Lyft and DoorDash
       According to a recent report by the Federal Bureau of Investigation (FBI), a Brazilian organization is planning to defraud users of digital networks such as Uber, Lyft, and DoorDash, among others. According to authorities, this group may have used fake IDs to build driver or delivery accounts on these sites in order to sell them to people who were not qualified for the companies’ policies. …

TechWorm

    • 27 avril 2021Emotet Malware Destroys Itself From Infected PCs Around The World
      European law enforcement on Sunday used a customized Windows Dynamic Link Library (DLL) to automatically wipe off Windows malware Emotet from thousands of infected computers. For those unaware, Emotet, one of the world’s most infamous botnets, is a network of hijacked computers and devices infected with malware and controlled remotely by cybercriminals. This network is then used to send spam and l …

    • 25 avril 2021Apple Hit In A $50 Million Ransomware Hack Attack
      Apple has been targeted in a $50 million ransomware attack following the theft of a sizeable amount of schematics related to manufacturing and engineering of current and future products from Quanta, a Taiwan-based company that serves as one of Apple’s suppliers for MacBooks and other products. The leak, first reported by The Record, was carried out by REvil, a Russian hacking group also known as S …

    • 3 avril 2021Hackers Setup Fake Cyber Security Firm To Target Security Researchers
      Google’s Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups, on Wednesday shared that a North Korean government-backed campaign is targeting cybersecurity researchers with malware via social media. For those unaware, in January 2021, TAG had disclosed a hacking campaign, targeting security researchers working on vulnerability research …

    • 9 février 2021Hacker Increased Chemical Level In Florida City’s Water System
      Hackers on Friday gained unauthorized entry into the computer system controlling a water treatment facility in the city of Oldsmar, Florida and sought to add a “dangerous level” of additive to the water supply, according to a report from the Tampa Bay Times.   The incident first took place on February 5th at Oldsmar’s water treatment facility when around 8 a.m. a plant operator noticed someone rem …

    • 22 octobre 2020Mysterious ‘Robin Hood’ Hackers Donate Stolen Money To Charities
      A mysterious hacker group by the name ‘Darkside’ has donated stolen bitcoin money to two charitable organizations.  The hackers who claim to have extorted millions of dollars from large profitable corporations via a ransomware attack said in a post on the dark web that they want to “make the world a better place”. In their dark web post, the Darkside hacker group posted two receipts of …

GBHackers On Security

    • 18 mai 2021Apple’s “Find My Network” Can be Abused to Exfiltrate Data From Nearby Apple Devices
      The security experts at Positive Security have recently detected a new exploit known as Send My in Apple’s Find My network for data transfer.  Apple’s Find My network is a crowdsourced location tracking system, and it works via Bluetooth Low Energy (BLE), so, it works even if the device is not connected to the internet […] The post Apple’s “Find My Network” …

    • 18 mai 2021New Ransomware Attacks Demand Cash From The Customers of Victims Too
      Nowadays ransomware attacks are increasing rapidly, and the threat actors are demanding huge ransom in return. As cybercriminals are making their moves advanced by specializing in ransomware attacks and the newly uncovered attacks are demand ransom from the victim’s customers. The ransomware attackers are using double extorsion methods to deploy the victim’s data that is […] The …

    • 17 mai 2021Magecart Group 12 Hackers Distributed New PHP based Web Skimmer to Steal Credit Cards Data
      Researchers observed a new wave of PHP-based Web Skimmer by Magecart group 12 threat actors to steal card details from Magento 1 websites. Magento eCommerce platform is written by PHP, and acquired by Adobe. also frequently targeted by the threat actors specifically from the Magecart group, who have very active to attack vulnerable e-commerce platforms. […] The post Magecart Group 12 Hackers …

    • 17 mai 2021APT Hacker Group FIN7 Uses A Pentesting Tool to Infect Windows Machines
      In the recent era, cyber crimes are happening quite often, and this is not the first time that a cybercriminal group pretending to be a legitimate security group and have impersonated its malware as a security analysis tool or Ethical hacking Tool. However, BI.ZONE Cyber Threats Research Team has detected that the notorious FIN7 hacking […] The post APT Hacker Group FIN7 Uses A Pentesting To …

    • 16 mai 2021Scheme Flooding Let Hackers Identifying Users While Browsing Websites Including the Tor
      A new fingerprint technique has been discovered by the Konstantin Darutkin of FingerprintJS, and Darutkin has claimed that by using this technique an attacker can easily track down a user. This method will help them to find users across different browsers using the same machine by inquiring about the application that has been installed on […] The post Scheme Flooding Let Hackers Identifying …

Cyber Defense Magazine

    • 17 mai 2021Darkside gang lost control of their servers and funds
      The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of […] The post Darkside gang lost control of their servers and funds appeared first on Cyber Defense Magazine. …

    • 13 mai 2021The Case for Open XDR
      The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, […] The post The Case for Open XDR appeared first on Cyber Defense Magazine. …

blackMORE Ops

    • 22 avril 2021Can’t connect to WiFi in Linux
      So I installed the latest version of Kali Linux from USB into my RAZER Blade 2016 laptop. Took a while as it seems after 5 years on non-stop use and abuse, this laptop is finally slowing down. Oh yes, touchpad was disabled the whole time I was installing but keyboard was just fine. After finishing … The post Can’t connect to WiFi in Linux appeared first on blackMORE Ops. …

    • 18 novembre 2020How to install the noip2 on Ubuntu and run via systemd systemctl (noIP Dynamic Update Client)
      This post attempts to fix that problem by installing required packages to run the make command, install noip2 binary, fix file permissions if missing, create an init.d script for service command, create a systemd file so that we can control it via systemd and finally enable it via systemctl. The post How to install the noip2 on Ubuntu and run via systemd systemctl (noIP Dynamic Update Client) appe …

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … The post Accessing ESXi console screen from an SSH session appear …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … The post Accessing the RAID setup on an HP Proliant DL380 G7 appeared first on blackMORE Ops. …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …