Hackers

Retour à Sécurité

Security Affairs

    • A backdoor mechanism found in tens of Ruby libraries 20 août 2019
      Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions of the libraries. One of the most po …

    • Flaw in New Facebook Design Allowed Removal of Profile Photos 20 août 2019
      A security vulnerability in the Facebook design (FB5) could have allowed attackers to remove any photo from profiles of the users. The security expert Philippe Harewood is one of the security researchers that received early access by Facebook to the new FB5 design and discovered an important design flaw. Harewood explained that the issue affects the GraphQL that is a feature implemented in th …

    • 5 Ways to Protect Yourself from IP Address Hacking 20 août 2019
      Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet. It allows your device to connect with the rest of the online world. For most people, IP address is just a numeric identity and they are least concerne …

    • Twitter bans 936 accounts that attempted to sow political discord in Hong Kong 20 août 2019
      Twitter announced it has banned 936 accounts managed by China-linked actors that attempted to sow political discord in Hong Kong. Twitter has observed and banned 936 accounts managed by China-linked actors that attempted to stir up riots and sow political discord in Hong Kong. The tweets aimed at discrediting the motivation of the Hong Kong protesters “We are disclosing a significant state-b …

    • Backdoored Webmin versions were available for download for over a year 20 août 2019
      Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day is that Webmin contained a remote code execution vulner …

    • Hacker publicly releases Jailbreak for iOS version 12.4 19 août 2019
      Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers. A public Jailbreak for iPhones in was released by a hacker, it is an exceptional event because it is the first in years. According to Motherboard, that first reported the news, Apple accidentally unpatched a flaw it had already fixed allowing the hacker to exploit it. The jailbr …

    • Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization 19 août 2019
      A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. The researchers analyzed PDF documents and email files (.msg and .eml) uploaded to three unname …

    • 5 Common Phishing Attacks and How to Avoid Them? 19 août 2019
      Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal and organizational data. The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. People fell prey for these manipulative emails and provide confidential details like passwords and bank information in the …

    • Galaxy S10 is the first 5G phone that can be used by US DoD 19 août 2019
      Samsung announced that the Galaxy S10, the Galaxy S9, and Galaxy Note 9 have obtained the Security Technical Implementation Guide (STIG) approval Other Samsung devices are included in the list of smartphones that can be used by the US federal government of the, they are the Galaxy S10, the Galaxy S9, and Galaxy Note 9. The above devices have achieved the Security Technical Implementation Guide (ST …

    • At least 23 Texas local governments targeted by coordinated ransomware attacks 18 août 2019
      At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At least 23 local government organizations were impacted by the ransomware attacks, the Department of Information Resources (DIR) is currently investigatin …

The Hackers News

    • Use This Privacy Tool to View and Clear Your 'Off-Facebook Activity' Data 20 août 2019
      Well, here we have great news for Facebook users, which is otherwise terrible for marketers and publishers whose businesses rely on Facebook advertisement for re-targeted conversations. Following the Cambridge Analytica scandal, Facebook has taken several privacy measures in the past one year with an aim to give its users more control over their data and transparency about how the social …

    • iOS 12.4 jailbreak released after Apple 'accidentally un-patches' an old flaw 20 août 2019
      A fully functional jailbreak has been released for the latest iOS 12.4 on the Internet, making it the first public jailbreak in a long time—thanks to Apple. Dubbed « unc0ver 3.5.0, » the jailbreak works with the updated iPhones, iPads and iPod Touches by leveraging a vulnerability that Apple previously patched in iOS 12.3 but accidentally reintroduced in the latest iOS version 12.4. …

    • How Activity Logs Help WordPress Admins Better Manage Website Security 20 août 2019
      Managing a WordPress website can sap a lot of your time and energy, which otherwise you’d spend on managing your business. If you’re looking to cut down on the hours, you spend troubleshooting WordPress technical and security problems, better managing and monitoring your website and users, or your customers, you need a WordPress activity log plugin. This post explains how to use the WP Security …

    • Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers 20 août 2019
      Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project’s maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly persisted into …

    • European Central Bank Shuts Down 'BIRD Portal' After Getting Hacked 16 août 2019
      The European Central Bank (ECB) confirmed Thursday that it had been hit by a cyberattack that involved attackers injecting malware into one of its websites and potentially stealing contact information of its newsletter subscribers. Headquartered in Germany, the European Central Bank (ECB) is the central bank of the 19 European Union countries which have adopted the euro and is itself …

    • Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again 16 août 2019
      If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is one of the most popular and open source alternatives to Microsoft Office suite and is available …

    • Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps 16 août 2019
      In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers’ credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding credit card skimmers, including: Gas pump skimmer found at a 7-Eleven in Pinellas County Credit …

    • Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online 15 août 2019
      In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads. Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint …

    • New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections 16 août 2019
      Over a billion Bluetooth-enabled devices, including smartphones, laptops, smart IoT devices, and industrial devices, have been found vulnerable to a high severity vulnerability that could allow attackers to spy on data transmitted between the two devices. The vulnerability, assigned as CVE-2019-9506, resides in the way ‘encryption key negotiation protocol’ lets two Bluetooth BR/EDR devices …

    • 8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks 14 août 2019
      Various implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft’s IIS, and NGINX. Launched in May 2015, HTTP/2 has been designed for better security and improved online experience by speeding up page loads. Today, over hundreds of …

    • 4 New BlueKeep-like 'Wormable' Windows Remote Desktop Flaws Discovered 13 août 2019
      If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched ‘BlueKeep’ RDP vulnerability. Discovered by Microsoft’s security team itself, all …

    • Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows 15 août 2019
      Update — With this month’s patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back …

    • Cerberus: A New Android 'Banking Malware For Rent' Emerges 14 août 2019
      After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. Dubbed « Cerberus, » the new remote access Trojan allows remote attackers to take total control over the infected Android devices and …

    • Let Experts Do Their Job – Managed WAF by Indusface 13 août 2019
      WAF (Web Application Firewall) has been the first line of defence when it comes to application security for a while now. Many organizations have adopted WAF in one form or the other and most cases, compliance has been the driver for adoption. But unfortunately, when it comes to the efficacy of WAF in thwarting attacks, it has not lived up to the expectations. In most organizations, WAF has …

    • Epic Games Hit With Class Action Lawsuit Over Hacked 'Fortnite' Accounts 13 août 2019
      Epic Games, the creator of the popular ‘Fortnite’ video game, is facing a class-action lawsuit from gamers over hacked Fortnite accounts, accusing the company of failing to maintain adequate security measures and notify users of the security breach in a timely manner. The lawsuit, filed by ‘Franklin D. Azar and Associates’ in the United States District Court in North Carolina on behalf of …

    • Android Users Can Now Log in to Google Services Using Fingerprint 12 août 2019
      If you’re using Chrome on Android, you can now sign-in to your Google account and some of the other Google services by simply using your fingerprint, instead of typing in your password every time. Google is rolling out a new feature, called « local user verification, » that allows you to log in to both native applications and web services by registering your fingerprint or any other method …

    • Price Dropped: Get Lifetime Access to Cisco Certification Courses 2019 12 août 2019
      With the migration of governments and enterprises towards controller-based architectures, the role of a core network engineer has become more important than ever. Today, majority of interconnected wide area networks (WANs) and local area networks (LANs) in the world run on Cisco routers and other Cisco networking equipment, and therefore most organizations need network engineers to maintain …

    • Canon DSLR Cameras Can Be Hacked With Ransomware Remotely 12 août 2019
      The threat of ransomware is becoming more prevalent and severe as attackers’ focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage …

    • Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs 11 août 2019
      If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you’re probably screwed. A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware …

    • Apple will now pay hackers up to $1 million for reporting vulnerabilities 9 août 2019
      Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that’s by far the biggest bug bounty offered by any major tech company for reporting …

Dark Reading

gHacks

    • Microsoft moves Notepad to the Microsoft Store 20 août 2019
      The plain text editor Notepad has been turned into a Microsoft Store application in the latest preview builds of the next major feature update for Windows 10, version 20H1. Notepad is certainly not the first core Windows program that Microsoft turned into a Store application and it certainly won’t be the last. Microsoft announced in 2017 that it would move Microsoft Paint to the store but that has …

    • Ghacks Deals: Google Analytics Certification: Get Certified In 2 Days (just $13.99) 20 août 2019
      The Google Analytics Certification: Get Certified In 2 Days is designed for users of all experience levels; ideal for beginning webmasters and those that want to use Google Analytics to its fullest potential, it is available for just $13.99 at the time of writing and preps you for Google Analytics Certification. Here is a quick overview of what is included: Access 20 lectures & 2 hours of cont …

    • Microsoft releases KB4512478 and KB4512514 previews 20 août 2019
      Microsoft released the monthly rollup previews KB4512478 and KB4512514 for Windows 7, Windows 8.1, and Windows Server 2008 R2 and 2012 R2 this weekend. The release on a Saturday is a deviation from the Tuesday or Thursday release schedule for the preview updates. Whether that is a one-time deviation or something that could happen more often in the future remains to be seen. KB4512478 and KB4512514 …

    • Here is what you can do against auto-playing trailers on Netflix 20 août 2019
      If I had to name one thing that I really, really dislike about Netflix I’d pick the auto-playing trailers on the site. Netflix calls these video previews, and they play automatically whenever you hover over a title for a short period. I was not a subscriber for some time but subscribed again this month planning to watch some of the shows for a couple of months before ending my subscription again ( …

    • Enhancer for YouTube is an add-on for Firefox and Chrome which offers a ton of customization 19 août 2019
      There are a lot of quirks in YouTube, but we have plenty of workarounds for most issues. Most of these are possible thanks to add-ons. Today, we take a look at Enhancer for YouTube. It is an add-on for Firefox and Chrome, that can change the way you experience the streaming service. The extension adds a ton of features including better playback controls, removal of advertisement, and an option to …

    • VLC Media Player 3.0.8 is a security update 19 août 2019
      VideoLAN, the organization behind one of the most popular media players VLC Media Player, released VLC Media Player 3.0.8 today. VLC Media Player 3.0.8 is a security update that patches a total of 13 different security issues in the client.  The update is not related to a recently disclosed vulnerability that a too eager researcher attributed to VLC Media Player. It turned out that VLC was not vul …

    • Opera Touch update introduces improved file sharing capabilities 19 août 2019
      Remember Opera Touch? Opera Software released the first version of the mobile browser Opera Touch in April 2018 to the public.  The browser was available for Android initially but it is now also available for Apple iOS devices. One of the features that sets Opera Touch apart from other browsers, including Opera Software’s main browser for Android or iOS, is a feature that Opera Software calls Oper …

    • Back to Basics: Windows Shutdown Autostart explained 19 août 2019
      Windows supports autostart functionality; the autostart on startup feature is the better known variant but there is also an option to autostart on shutdown. Some programs add entries to the autostart list when they are installed. Programs like antivirus and security software may add entries so that they are launched as early as possible on the Windows PC. Windows administrators may configure devic …

    • Windows 10 20H1: Paint and WordPad turned into optional features 18 août 2019
      Windows 10 20H1, the first feature update version of 2020 for Windows 10 and the first major update for Windows 10 after Windows 10 version 1903, will introduce quite a number of changes to the operating system. Microsoft continues to push new builds to the Insider Channel that feature some of the changes. The latest Windows 10 20H1 build, build 18963, makes a handful of Windows tools optional fea …

    • KB4512534 for Windows 10 version 1809 fixes VB bug and more 18 août 2019
      Microsoft released the cumulative update KB4512534 for its Windows 10 version 1809 operating system on August 17, 2019. The update follows the release of the updates KB4517297 for Windows 7 and Windows Server 2008 R2, KB4517298 for Windows 8.1 and Windows Server 2012 R2, and KB4512494 for Windows 10 version 1709 which the company released on August 16, 2019. KB4512534 is available on Windows Updat …

blackMORE Ops

    • A .vimrc config file everyone should use 24 avril 2019
      Ever had that issue when you login to a Linux terminal, editing a file and the texts are just blue and you can’t read? I’ve had way too many cause default vim/vi config is just bad. I created a good .vimrc config file. Simply create a file with .vimrc name in home directory a paste … The post A .vimrc config file everyone should use appeared first on blackMORE Ops. …

    • Remove cloud-init from Ubuntu 19 avril 2019
      Cloud images are operating system templates and every instance starts out as an identical clone of every other instance. It is the user data that gives every cloud instance its personality and cloud-init is the tool that applies user data to your instances automatically. Cloud-init is the defacto multi-distribution package that handles early initialization of … The post Remove cloud-init fro …

    • How to Prevent DOM-based Cross-site Scripting 8 janvier 2019
      There’s no denying the role that JavaScript has played in making web applications the sleek, interactive, online experiences that we know and love today. This powerful scripting language brought interactivity and animation to the web. But with great power comes great responsibility. Cross-site-scripting (XSS) remains a persistent stalwart among the OWASP Top 10. Malicious JavaScript … The po …

    • Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown 28 décembre 2018
      On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware implementations are vulnerable to the …

    • How to access Dark Web? 27 décembre 2018
      The concept of the Dark Web isn’t vastly different from the Surface Web. There are message boards (e.g. 8chan, nntpchan), places you can buy things (e.g. Alphabay, Hansa), and blogs (e.g. OnionNews, Deep Web Radio). The rules, or rather a lack thereof, is what makes the Dark Web unique. Anything that is illegal to sell … The post How to access Dark Web? appeared first on blackMORE Ops. …

    • Inception Attackers Target Europe with Year-old Office Vulnerability 14 décembre 2018
      The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against European targets observed in October … The post Inception Attackers Target Eu …

    • Brute Force Attacks Conducted by Cyber Actors 13 décembre 2018
      In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a password-spray attack (also known as … The post Brute Force Attacks Conducted …

    • Avoiding Web Application Firewall using Python 21 novembre 2018
      Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you arehired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess. The figure below depicts … The post Avoiding Web Application Firewall using Python appeared first …

    • Targeting websites with Password Reset Poisoning 20 novembre 2018
      Most of web application security vulnerabilities, leverage user input in ways that were not initially intended by their developer(s). Password Reset Poisoning is one such vulnerability, that leverages commonly unthought of headers, such as the Host header seen in an HTTP request: GET https://example.com/reset.php?email=foo@bar.com HTTP/1.1 Host: evilhost.com Notice the difference where we specify …

    • Cyber Actors Target Home and Office Routers and Networked Devices Worldwide 19 novembre 2018
      DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded to the latest available versions … Th …