Hackers

Retour à Sécurité

Security Affairs

    • 25 février 2021North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor
      North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The experts discovered the custom backdoor while investigati …

    • 25 février 2021Google discloses technical details of Windows CVE-2021-24093 RCE flaw
      Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093, that can be exploited for remote code execution in the context of the DirectWrite client. DirectWrite is a Windows …

    • 25 février 2021Thousands of VMware Center servers exposed online and potentially vulnerable to CVE-2021-21972 flaw
      A Chinese security researcher published a PoC code for the CVE-2021-21972 vulnerability in VMware Center, thousands of vulnerable servers are exposed online. A Chinese security researcher published the Proof-of-concept exploit code for the CVE-2021-21972 RCE vulnerability affecting VMware vCenter servers. vCenter Server is the centralized management utility for VMware, and is used t …

    • 24 février 2021Ukraine: nation-state hackers hit government document management system
      Ukraine ‘s government attributes a cyberattack on the government document management system to a Russia-linked APT group. The Ukraine ‘s government blames a Russia-linked APT group for an attack on a government document management system, the System of Electronic Interaction of Executive Bodies (SEI EB). According to Ukrainian officials, the hackers aimed at disseminating malicious doc …

    • 24 février 2021A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism
      Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2.  This technique allows botnet operators to make their infrastructure res …

    • 24 février 2021APT32 state hackers target human rights defenders with spyware
      Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. Vietnam-linked APT32 (aka Ocean Lotus) group has conducted a cyberespionage campaign targeting Vietnamese human rights defenders (HRDs) and a nonprofit (NPO) human rights organization from Vietnam between February 2018 and November 2020. The threat actors used by spyware to take ov …

    • 24 février 2021Airplane manufacturer Bombardier has disclosed a security breach, data leaked online
      Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker Bombardier and leak data on the site operated by the Clop ransomware gang. The wave of attacks exploiting multiple zero-day vulnerabilities in the Accell …

    • 23 février 2021VMware addresses a critical RCE issue in vCenter Server
      VMware addressed a critical remote code execution flaw, tracked as CVE-2021-21972, in vCenter Server virtual infrastructure management platform. VMware has addressed a critical remote code execution (RCE) vulnerability in the vCenter Server virtual infrastructure management platform, tracked as CVE-2021-21972, that could be exploited by attackers to potentially take control of affected s …

    • 23 février 2021Twitter removes 100 accounts linked to Russia disseminating disinformation
      Twitter removed dozens of accounts allegedly used by Russia-linked threat actors to disseminate disinformation and target western countries. Twitter has removed dozens of accounts used by Russia-linked threat actors that were used to disseminate disinformation and to target the European Union, the United States, and the NATO alliance. Experts believe the accounts were part of two separate clusters …

    • 23 février 2021IBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMS
      IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions.  IBM has released security updates to address several high- and medium-severity flaws affecting some of its enterprise products, including IBM Java Runtime, IBM Planning Analytics Workspace, and IBM Kenexa LMS On Premise.  Two issues, tracked as CVE-2020-14782 and CVE- …

The Hackers News

    • 25 février 2021Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
      Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. « Threat actors aligned with the Chinese Communist Party’s state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users’ Gmail accounts, » Proofpoint said …

    • 25 février 2021The Top Free Tools for Sysadmins in 2021
      It’s no secret that sysadmins have plenty on their plates. Managing, troubleshooting, and updating software or hardware is a tedious task. Additionally, admins must grapple with complex webs of permissions and security. This can quickly become overwhelming without the right tools. If you’re a sysadmin seeking to simplify your workflows, you’re in luck. We’ve gathered some excellent software …

    • 25 février 2021Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
      Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities. « The purpose of the attack was the mass contamination of information resources of public authorities, as this system is used for the circulation of documents in most …

    • 24 février 2021Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
      With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy. Called CNAME Cloaking, the practice of blurring the distinction between first-party and third-party cookies not only results in leaking sensitive private information without …

    • 24 février 2021Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
      New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. « A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or other threat detection software, » researchers from ThreatLocker said in an analysis shared today with The …

    • 24 février 2021Everything You Need to Know About Evolving Threat of Ransomware
      The cybersecurity world is constantly evolving to new forms of threats and vulnerabilities. But ransomware proves to be a different animal—most destructive, persistent, notoriously challenging to prevent, and is showing no signs of slowing down. Falling victim to a ransomware attack can cause significant data loss, data breach, operational downtime, costly recovery, legal consequences, and …

    • 24 février 2021Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
      VMware has addressed multiple critical remote code execution (RCE) vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. « A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying …

    • 24 février 2021Experts Find a Way to Learn What You're Typing During Video Calls
      A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the University of Texas at San Antonio and Anindya Maiti from the University of Oklahoma, who say the attack …

    • 23 février 20215 Security Lessons for Small Security Teams for the Post COVID19 Era
      A full-time mass work from home (WFH) workforce was once considered an extreme risk scenario that few risk or security professionals even bothered to think about. Unfortunately, within a single day, businesses worldwide had to face such a reality. Their 3-year long digital transformation strategy was forced to become a 3-week sprint during which offices were abandoned, and people started working …

    • 23 février 2021Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs
      Researchers have demonstrated a novel class of attacks that could allow a bad actor to potentially circumvent existing countermeasures and break the integrity protection of digitally signed PDF documents. Called « Shadow attacks » by academics from Ruhr-University Bochum, the technique uses the « enormous flexibility provided by the PDF specification so that shadow documents remain …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 25 février 2021 Private Information of 50,000 French Healthcare Workers Stolen
       French authorities unearthed a glut of stolen credentials on the dark web, apparently belonging to the healthcare workers. The authorities have alerted the healthcare department and advised them to remain vigilant. In recent weeks, threat actors have attacked several French hospitals – including hospitals in Dax and Villefranche-sur-Saone.The French Ministry of Social Affairs and Health issu …

    • 25 février 2021Total Cookie Protection Launched in The New Upgrade of Firefox
       Mozilla’s latest Firefox 86 has been rolled -out for desktop, Mac, Windows, and Linux platforms. The browser upgrade brings features like multiple image mode and video replay, backward and forward buttons. Total Cookie Protection has been integrated into the Strict Enhanced Tracking Protection (ETP) platform, which has been revealed on Tuesday with the launch of Firefox 86. Complete cookie p …

    • 25 février 2021A Crypto Mining Botnet is Abusing Bitcoin Blockchains
       Security experts from Akamai have detected another botnet utilized for illegal cryptocurrency mining exercises that are abusing Bitcoin (BTC) transactions to remain under the radar. This procedure permits botnet operators to make their infrastructure resilient to takedown led by law enforcement. “A recent piece of malware from a known crypto mining botnet campaign has started leveraging …

    • 24 février 2021Experts listed the methods used by fraudsters to obtain personal data
      As noted by experts, information leakage in large companies does not often happen, but data theft can occur through contractorsScammers learn personal data of Russians from gaps in the security of companies or from their informants in them, from social networks of citizens, as well as through phishing sites. »Often, a person can simply share their name and phone number, for example, on social netwo …

    • 24 février 2021Bitcoin Slips 17% to $45,000 as Caution Sweeps Over Crypto
       Bitcoin, the world’s largest cryptocurrency slumped as much as 17 percent to $45,000 on Tuesday, sparking concerns from investors over the cryptocurrency’s sky-high valuations and its volatility in an unpredictable market. The cryptocurrency traded 13% lower, at $47,608.24, as of 11:45 p.m. in New York.The value of the cryptocurrency has soared in 2021, with the price more than doubling this …

TechWorm

    • 9 février 2021Hacker Increased Chemical Level In Florida City’s Water System
      Hackers on Friday gained unauthorized entry into the computer system controlling a water treatment facility in the city of Oldsmar, Florida and sought to add a “dangerous level” of additive to the water supply, according to a report from the Tampa Bay Times.   The incident first took place on February 5th at Oldsmar’s water treatment facility when around 8 a.m. a plant operator noticed someone rem …

    • 22 octobre 2020Mysterious ‘Robin Hood’ Hackers Donate Stolen Money To Charities
      A mysterious hacker group by the name ‘Darkside’ has donated stolen bitcoin money to two charitable organizations.  The hackers who claim to have extorted millions of dollars from large profitable corporations via a ransomware attack said in a post on the dark web that they want to “make the world a better place”. In their dark web post, the Darkside hacker group posted two receipts of …

    • 28 août 2020Elon Musk Confirms Russian Hackers Targeted Tesla Factory
      Chief Executive Officer Elon Musk on Friday confirmed via Twitter that Tesla’s factory in Nevada was targeted by a Russian hacker, who tried to convince an employee of the company to install a virus in exchange for $1million.  In a tweet, Musk wrote, “Much appreciated. This was a serious attack,” responding to a report on Teslarati. He said that the Nevada factory was the target of a “seriou …

    • 6 août 2020Canon Hit By Maze Ransomware Attack, 10TB Of Data Allegedly Stolen
      Canon, the Japanese camera giant, recently fell victim to a ransomware attack where over 10TB of photos, videos, and other data were stolen across multiple devices. The attack affected the company’s storage and email services, Microsoft Teams, as well as the U.S. version of its website.   Following the incident, Canon’s IT service sent a company-wide notification indicating that it is experiencing …

    • 6 août 2020Pakistani News Channel Broadcast Hacked To Show Indian National Flag
      Pakistan TV news channel, Dawn, was reportedly hacked on Sunday with an Indian tricolour waving on the channel’s screen while it was running an advertisement. Besides the Indian tricolour flag, it also displayed a ‘Happy Independence Day’ message on the screen.  According to media reports, the message appeared on the news channel in Pakistan at 3.30 pm on August 2. It is known th …

GBHackers On Security

    • 25 février 2021New PDF Vulnerability Let Attackers Bypass the Signature Validation in PDF and Replace Content
      A team of researchers from the Ruhr-University Bochum in Germany has reported the attacks bypassing the signature validation in PDF. Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification. In […] The post New PDF Vulnerability Let Attackers Bypass t …

    • 25 février 2021NSA Tools used by Chinese APT Hackers Before it Released Online
      Check Point Research team revealed that the China-linked APT31 group known as Zirconium, used a tool dubbed Jian, which is a replica of NSA Equation Group‘s “EpMe” hacking tool, years back it was leaked online by Shadow Brokers hackers. According to the evidence collected on the various cyberespionage campaigns over the years, Kaspersky experts hypothesize […] The post NSA Tools used by Chin …

    • 23 février 2021Kroger Data Breach – Hackers Stole Files that Shared Through Secure File Transfer Service
      The Kroger Company is the United States’ largest supermarket by revenue and the second-largest general retailer. Kroger operates almost 2,750 supermarkets in 35 states. Kroger employs approximately 500,000 people and had over $122 billion in sales for 2019. The company has confirmed that it was impacted by the data security incident affecting Accellion, Inc. Accellion’s […] The post Kr …

    • 23 février 2021Hackers Abuse Google Alerts to Promote a Fake Adobe Flash Player Update that Installs Malware
      Google Alerts is a content change detection and notification service, offered by the search engine company Google. The service sends emails to the user when it finds new results, such as web pages, newspaper articles, blogs, or scientific research, that match the user’s search term. According to BleepingComputer, threat actors are using Google Alerts to […] The post Hackers Abuse Googl …

    • 22 février 2021Windows Registry Analysis – Tracking Every Activity That You Do on the Windows System
      The purpose of this article is to provide you with a depth understanding of the Windows Registry and Wealth of information it holds. Today most administrators and forensic analysts, the registry probably looks like the entrance to a dark. Besides Configuration information,  the Windows Registry holds information regarding recently accessed files and considerable information about […] Th …

Cyber Defense Magazine

    • 21 février 2021Top 100 Cybersecurity Breaches
      Looking back over the past year, it’s impossible not to recognize the widespread data breaches that have caused […] The post Top 100 Cybersecurity Breaches appeared first on Cyber Defense Magazine. …

    • 21 février 2021Top 100 Cybersecurity Hackers
      The following list, in no particular order, contains the names, their countries of origins, their (biggest) victim (s) […] The post Top 100 Cybersecurity Hackers appeared first on Cyber Defense Magazine. …

blackMORE Ops

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

    • 25 septembre 2019SamSam Ransomware
      The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …