Hackers


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Retour à Sécurité

Security Affairs
Erreur: Il y a un erreur avec ce flux.

The Hackers News

    • 15 avril 2021New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely
      Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what’s known as a « man-in-the-disk » attack that makes it possible for …

    • 14 avril 2021New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
      Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack. Dubbed SMASH (Synchronized MAny-Sided Hammering), the technique can be used to successfully trigger the attack from JavaScript on modern DDR4 RAM cards, notwithstanding extensive mitigations that have been put in place by manufacturers over the …

    • 14 avril 2021Simplify, then Add Lightness – Consolidating the Technology to Better Defend Ourselves
      One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves.  This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest in disparate “best in class” components instead of finding the best fit for their needs. The constant …

    • 14 avril 2021Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits
      Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine ( …

    • 15 avril 2021NSA Discovers New Vulnerabilities Affecting Microsoft Exchange Servers
      In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server. Of the 114 flaws, 19 are rated as Critical, 88 are rated Important, and one is rated Moderate in severity. Chief among them is CVE-2021-28310, a privilege escalation vulnerability in Win32k that’s said to be …

    • 13 avril 2021New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices
      Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed « NAME:WRECK » by Forescout and JSOF, the flaws are the latest in series of studies undertaken as part of an initiative called Project Memoria to study the security …

    • 13 avril 2021Hackers Using Website's Contact Forms to Deliver IcedID Malware
      Microsoft has warned organizations of a « unique » attack campaign that abuses contact forms published on websites to deliver malicious links to businesses via emails containing fake legal threats, in what’s yet another instance of adversaries abusing legitimate infrastructure to mount evasive campaigns that bypass security protections. « The emails instruct recipients to click a link to review …

    • 13 avril 2021Detecting the "Next" SolarWinds-Style Cyber Attack
      The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, the perpetrators were also able to infiltrate many other organizations, looking for intellectual …

    • 13 avril 2021BRATA Malware Poses as Android Security Scanners on Google Play Store
      A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. « These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of the device by abusing accessibility services, » cybersecurity firm …

    • 13 avril 2021RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
      An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave. Released by Rajvardhan Agarwal, the working exploit concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web browsers. It is believed …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 15 avril 2021Linux, MacOS Malware Hidden in Fake Browserify NPM Package
       Over the course of the weekend, Sonatype’s automated malware detection system spotted a serious exceptional malware sample published to the NPM registry. NodeJS engineers working with Linux and Apple macOS operating systems were targeted by a brand-new malicious package recognized on the NPM (Node Package Manager) registry. The malignant package, named « web-browserify » looks like the well-kn …

    • 14 avril 2021Banks have assessed the security of digital ruble payments
      Major Russian banks are ready to take part in testing the digital ruble and have no doubt that it will be in demand among customersAccording to market participants, special attention should be paid to information security: digital rubles can be paid offline and, according to banks, such operations may become a tidbit for fraudsters.The Bank of Russia presented the idea of a digital ruble in mid-Oc …

    • 14 avril 2021Cybercriminals Are Using Google URLs as a Weapon to Spread Malware
       Security researchers at Microsoft warned the organizations of a new phishing campaign, they have been tracking activity where contact forms published on websites are exploited to send malicious links to organizations via emails containing fake legal threats. The emails direct recipients to click on a link to review supposed evidence behind their allegations, but are instead led to downloadin …

    • 14 avril 2021Russian expert give tips on how to protect yourself from "eavesdropping" on your smartphone
      A smartphone can « eavesdrop » on its owner, said information and computer security expert Sergei Vakulin. In an interview with Radio Sputnik, he explained who might need to record conversations and how to protect sensitive informationSome smartphone applications may record our conversations when we do not expect them to. Moreover, we ourselves provide them with this opportunity, giving them permiss …

    • 14 avril 2021Research Study shows that 100 Million IOT Devices are at Risk
       Forescout Research Labs has disclosed a new collection of DNS vulnerabilities in collaboration with JSOF, potentially impacting over 100 million consumer devices. The seemingly simple code that underpins how computers interact with the internet has identified a shocking number of vulnerabilities for researchers. As of now, there are 9 new vulnerabilities, including Internet of Things product …

TechWorm

    • 3 avril 2021Hackers Setup Fake Cyber Security Firm To Target Security Researchers
      Google’s Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups, on Wednesday shared that a North Korean government-backed campaign is targeting cybersecurity researchers with malware via social media. For those unaware, in January 2021, TAG had disclosed a hacking campaign, targeting security researchers working on vulnerability research …

    • 9 février 2021Hacker Increased Chemical Level In Florida City’s Water System
      Hackers on Friday gained unauthorized entry into the computer system controlling a water treatment facility in the city of Oldsmar, Florida and sought to add a “dangerous level” of additive to the water supply, according to a report from the Tampa Bay Times.   The incident first took place on February 5th at Oldsmar’s water treatment facility when around 8 a.m. a plant operator noticed someone rem …

    • 22 octobre 2020Mysterious ‘Robin Hood’ Hackers Donate Stolen Money To Charities
      A mysterious hacker group by the name ‘Darkside’ has donated stolen bitcoin money to two charitable organizations.  The hackers who claim to have extorted millions of dollars from large profitable corporations via a ransomware attack said in a post on the dark web that they want to “make the world a better place”. In their dark web post, the Darkside hacker group posted two receipts of …

    • 28 août 2020Elon Musk Confirms Russian Hackers Targeted Tesla Factory
      Chief Executive Officer Elon Musk on Friday confirmed via Twitter that Tesla’s factory in Nevada was targeted by a Russian hacker, who tried to convince an employee of the company to install a virus in exchange for $1million.  In a tweet, Musk wrote, “Much appreciated. This was a serious attack,” responding to a report on Teslarati. He said that the Nevada factory was the target of a “seriou …

    • 6 août 2020Canon Hit By Maze Ransomware Attack, 10TB Of Data Allegedly Stolen
      Canon, the Japanese camera giant, recently fell victim to a ransomware attack where over 10TB of photos, videos, and other data were stolen across multiple devices. The attack affected the company’s storage and email services, Microsoft Teams, as well as the U.S. version of its website.   Following the incident, Canon’s IT service sent a company-wide notification indicating that it is experiencing …

GBHackers On Security

    • 14 avril 2021Hackers Abuse Website Contact Forms To Deliver Sophisticated IcedID Malware
      The security researchers at Microsoft have recently detected that hackers are continuously abusing legitimate corporate contact forms to send phishing emails. The main motive of abusing and sending phishing emails to the enterprises so that the threat actors can threaten targeted enterprises with legitimate-looking lawsuits, and not only this but the threat actors also try […] The post Hacke …

    • 13 avril 2021500,000 Huawei Users Infected with Joker Android Malware From Own Apps Store
      In a report,  Doctor Web’s analyst has pronounced that they have recently found Joker Android Malware, identified as multifunctional Trojans of the Android, in the official app store for Huawei devices, AppGallery. The Joker family encourages Android users to pay for all the mobile services, and according to the report, over 500,000 Huawei smartphone users […] The post 500,000 Hua …

    • 12 avril 2021TOP 11 Deep Web Search Engine Alternative for Google and Bing 2021
      Deep Web Search Engine is an alternative search engine when we need to search something, then Google or Bing will the first choice hit in mind suddenly. But unlike the Deep Web Search Engine, Google and Bing will not give all the Hidden information which is served under the Dark web. Google has the ability […] The post TOP 11 Deep Web Search Engine Alternative for Google and Bing 2021 appear …

    • 11 avril 2021New Wormable Android Malware Disguised as a Netflix Tool Spreads Through WhatsApp Messages
      Check Point Research (CPR) team has recently discovered a new Android malware that tricks the users into promising to provide them Netflix premium subscription for free.  The malware that is in question is basically an app that is known as “FlixOnline,” and posing itself as a legitimate version of the streaming service, Netflix to trick […] The post New Wormable Android Malw …

Cyber Defense Magazine

blackMORE Ops

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

    • 25 septembre 2019SamSam Ransomware
      The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …