Hackers


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Retour à Sécurité

Security Affairs

    • 28 novembre 2020Hundreds of C-level executives credentials available for $100 to $1500 per account
      A credible threat actor is offering access to the email accounts of hundreds of C-level executives for $100 to $1500 per account. Access to the email accounts of hundreds of C-level executives is available on the Exploit.in for $100 to $1500 per account. Exploit.in is a popular closed-access underground forum for Russian-speaking hackers, and it isn’t the only one, other prominent forums are …

    • 27 novembre 2020Drupal emergency updates fix critical arbitrary PHP code execution
      Drupal has released emergency security updates to fix a critical flaw with known exploits that could allow for arbitrary PHP code execution. Drupal has released emergency security updates to address a critical vulnerability with known exploits that could be exploited to achieve arbitrary PHP code execution on some CMS versions. The Drupal project uses the PEAR Archive_Tar library that was recently …

    • 27 novembre 2020North Korean hackers allegedly behind cyberattacks on AstraZeneca
      The Reuters agency revealed in an exclusive that the COVID vaccine maker AstraZeneca was targeted by alleged North Korea-linked hackers. According to a report published by Reuters, suspected North Korea-linked hackers targeted AstraZeneca, one of the companies that are developing a COVID vaccine. The attack attempts took place in recent weeks, two people with knowledge of the matter told Reuters. …

    • 27 novembre 2020A week later, Manchester United has yet to recover after a cyberattack
      Manchester United is still facing problems after the cyber attack that suffered last week, it has yet to fully restore its systems. Last week Manchester United was hit by a sophisticated cyber attack, the attack took place on Friday evening and the football club shut down its systems to prevent the malware from spreading within. “Manchester United can confirm that the club has experienced a cyber …

    • 27 novembre 2020The global impact of the Fortinet 50.000 VPN leak posted online
      The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal. A compilation of one-line exploit tracked as CVE-2018-13379 and that could be used to steal VPN credentials from nearly 50.000 Fortinet VPN devices has posted online. This vulnerability resides in an improper limitation of a pathname to a restricted directory (“Path Traversa …

    • 27 novembre 2020Details of 16 million Brazilian COVID-19 patients exposed online
      The personal and health details of more than 16 million Brazilian COVID-19 patients, including Government representatives, have been exposed online. Personal and health details of more than 16 million Brazilian COVID-19 patients has been accidentally exposed online due to an error of an employee of a Brazilian hospital. An employee of Albert Einstein Hospital in Sao Paolo has uploaded a spreadshee …

    • 27 novembre 2020Canon publicly confirms August ransomware attack and data breach
      Canon finally confirmed that it has suffered a ransomware attack in early August that resulted in the theft of data from its servers. Canon has finally confirmed that it was the victim of a ransomware attack in early August and that the threat actors also stole data from its servers. In August, BleepingComputer first revealed the ransomware attack after it has obtained an internal memo that confir …

    • 26 novembre 2020Ransomware hits US Fertility the largest US fertility network
      US Fertility, the largest network of fertility centers in the U.S., discloses a ransomware attack that took place in September 2020. US Fertility, the largest network of fertility centers in the U.S., revealed that a ransomware attack hit its systems in September 2020. The US Fertility (USF) network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 throu …

    • 26 novembre 2020Danish news agency Ritzau hit by ransomware, but did not pay the ransom
      Ritzau, the biggest Danish news agency, was hit by a ransomware attack that brought it offline but refused to pay the ransom. Ritzau, the biggest Danish news agency, was hit by a ransomware attack that brought it offline. The cyber attack hit a quarter of Ritzau ’s 100 servers that have been damaged. The agency confirmed that it has rejected the ransom demand but did not reveal its amount. Ritzaus …

    • 26 novembre 2020Carding Action 2020: Group-IB supports Europol-backed operation saving €40 million
      Carding Action 2020 targeted crooks selling/purchasing compromised card data on sites selling stolen cred itcard data and darkweb marketplaces Group-IB, a global threat hunting and intelligence company, has supported Carding Action 2020 – a cross-border operation led by Europol’s European Cyber Crime Centre (EC3) with the support from law enforcement agencies including The Dedicated Card and Payme …

The Hackers News

    • 27 novembre 2020Digitally Signed Bandook Malware Once Again Targets Multiple Sectors
      A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy « dozens of digitally signed variants » of …

    • 26 novembre 2020Become a White Hat Hacker — Get 10 Top-Rated Courses at 97% OFF
      Many of us here would love to turn hacking into a full-time career. To make that dream come true, you need to master your subject and earn some key certifications. To speed up this process, you might want to take a little guidance from the experts. Featuring 98 hours of content from top instructors, The Ultimate 2020 White Hat Hacker Certification Bundle is the ultimate launchpad for your career …

    • 26 novembre 2020Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities
      Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday. The investigation, dubbed « Operation Falcon, » was jointly undertaken by the international police organization along with …

    • 25 novembre 20202-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software
      cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account. The issue, tracked as « SEC-575 » and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, …

    • 26 novembre 2020China's Baidu Android Apps Caught Collecting Sensitive User Data
      Two popular Android apps from Chinese tech giant Baidu were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details. The two apps in question—Baidu Maps and Baidu Search Box—were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users’ knowledge, thus making …

    • 24 novembre 2020Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies
      An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor …

    • 24 novembre 2020Critical Unpatched VMware Flaw Affects Multiple Corporates Products
      VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. « A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating …

    • 23 novembre 2020Why Replace Traditional Web Application Firewall (WAF) With New Age WAF?
      At present, web applications have become the top targets for attackers because of potential monetization opportunities. Security breaches on the web application can cost millions. Strikingly, DNS (Domain Name System) related outage and Distributed denial of service (DDoS) lead a negative impact on businesses. Among the wide range of countermeasures, a web application firewall is the first line …

    • 24 novembre 2020Facebook Messenger Bug Lets Hackers Listen to You Before You Pick Up the Call
      Facebook has patched a bug in its widely installed Messenger app for Android that could have allowed a remote attacker to call unsuspecting targets and listen to them before even they picked up the audio call. The flaw was discovered and reported to Facebook by Natalie Silvanovich of Google’s Project Zero bug-hunting team last month on October 6 with a 90-day deadline, and impacts version …

    • 20 novembre 2020WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages
      GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos. « This means any sensitive media shared between users of this messenger app is at risk of being compromised by an unauthenticated attacker or curious user, » …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 27 novembre 2020Cyber security 2021 : What new threats can be expected?; here is our estimate
      2020 has been an event-full year for cybersecurity, to say the least COVID-19 completely shifted the paradigm for the 184 Billion dollar industry, with ramifications felt throughout the year and possibly next year. So, what new threats can be expected in cybersecurity for the year 2021? We assessed future threats trends that you’ll need to be careful of: Social Engineering Attacks:Verizon’s D …

    • 26 novembre 2020Cybersecurity Company Sophos Hit By Data Breach Attack, Company Informs Customers
       A data breach attack recently hit Sophos, a Uk based cybersecurity company. The company currently has notified its customers regarding the data attack via mail, which the company suffered last week. The leaked information includes user names, emails, and contact numbers. According to Sophos, only a small number of customers were affected by the data breach. The spokesperson says that a « smal …

    • 26 novembre 2020Massive BEC Phishing Ring Uncovered, 3 Nigerian Nationals Arrested
       In the city of Lagos, three Nigerian nationals suspected of participation in an organized cybercrime group behind malware distribution, phishing attacks, and a massive business email compromise (BEC) ring responsible for scams globally, have been arrested under “Operation Falcon” carried out jointly by international police organization with Nigeria Police Force and Singapore-based cybersecur …

    • 25 novembre 2020Pinterest soon to join the Online Classes Plethora
       With 400 Million monthly active users (a 30% increase from last year), Pinterest is gaining foot among millennials and Gen Z. And their secret of success is their creative interface and their constant new features that attract Gen Z to the platform for future growth, learning, and inspiration. And thus, the photo-sharing social app is aired to be testing online events where users can sign up …

    • 25 novembre 2020Fake Minecraft Modpacks On Google Play Deliver Millions of Abusive Ads and Disrupt Normal Phone Usage
       Scammers have now begun taking advantage of the Minecraft sandbox video clip game’s wild accomplishment by building Google Play applications.These applications surface to be Minecraft modpacks, but in its place supply abusive ads, as per researchers. Because Minecraft was designed in Java, it was easy for third-party developers to create compatible applications or these “modpacks” to enhance …

TechWorm

    • 22 octobre 2020Mysterious ‘Robin Hood’ Hackers Donate Stolen Money To Charities
      A mysterious hacker group by the name ‘Darkside’ has donated stolen bitcoin money to two charitable organizations.  The hackers who claim to have extorted millions of dollars from large profitable corporations via a ransomware attack said in a post on the dark web that they want to “make the world a better place”. In their dark web post, the Darkside hacker group posted two receipts of …

    • 28 août 2020Elon Musk Confirms Russian Hackers Targeted Tesla Factory
      Chief Executive Officer Elon Musk on Friday confirmed via Twitter that Tesla’s factory in Nevada was targeted by a Russian hacker, who tried to convince an employee of the company to install a virus in exchange for $1million.  In a tweet, Musk wrote, “Much appreciated. This was a serious attack,” responding to a report on Teslarati. He said that the Nevada factory was the target of a “seriou …

    • 6 août 2020Canon Hit By Maze Ransomware Attack, 10TB Of Data Allegedly Stolen
      Canon, the Japanese camera giant, recently fell victim to a ransomware attack where over 10TB of photos, videos, and other data were stolen across multiple devices. The attack affected the company’s storage and email services, Microsoft Teams, as well as the U.S. version of its website.   Following the incident, Canon’s IT service sent a company-wide notification indicating that it is experiencing …

    • 6 août 2020Pakistani News Channel Broadcast Hacked To Show Indian National Flag
      Pakistan TV news channel, Dawn, was reportedly hacked on Sunday with an Indian tricolour waving on the channel’s screen while it was running an advertisement. Besides the Indian tricolour flag, it also displayed a ‘Happy Independence Day’ message on the screen.  According to media reports, the message appeared on the news channel in Pakistan at 3.30 pm on August 2. It is known th …

    • 25 juillet 2020CarryMinati’s YouTube Channel Hacked To Stream Bitcoin Scam
      Popular Indian roaster and streamer on YouTube, Ajey Nagar, aka CarryMinati is the latest victim of the ongoing BitCoin hack scandal. The hack happened on the second channel of CarryMinati, which goes by the name of CarryisLive, where he streams himself playing video games, often with other YouTubers and celebrities. Just a week ago in a similar incident, Twitter accounts of several renowned celeb …

GBHackers On Security

    • 27 novembre 2020cPanel 2FA Bypass Exposes Tens of Millions of Websites to Hack
      Digital Defense, Inc., a leader in vulnerability and threat management solutions, announced that its Vulnerability Research Team (VRT) exposed a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform. cPanel & WHM is a suite of tools built for Linux OS that enables hosting providers and users the ability to automate server management and [ …

    • 27 novembre 2020WAPDropper – Android Malware Subscribing Victims To Premium Services By Telecom Companies
      Security analysts have found a new malware that infects mobile devices and subscribes the victims to premium subscription provided by telecom companies, and the victim remains oblivious to this. The CAPTCHA verification that is usually required to subscribe to these services is bypassed via Machine Learning using the services of a Chinese company named “Super […] The post WAPDropper – Androi …

    • 25 novembre 2020Spotify Hack – Over 300k Accounts Hacked in Credential Stuffing Attack
      Spotify is a Swedish-based audio streaming and media services provider, with over 299 million active monthly users in 2020. Noam Rotem and Ran Locar, vpnMentor’s research team have discovered a potential credential stuffing operation whose origins are unknown, but that affected some online users who even have Spotify accounts. Credential stuffing is a hacking technique that tak …

    • 25 novembre 2020Telsa Flaw Let Attackers to Steal Vehicles in Minutes
      90 seconds and $195 is all it takes to steal your brand new $100,000 Tesla Model X!! Computer Security and Industrial Cryptography (COSIC) Researchers from the University of Leuven, Belgium have discovered a few major security flaws in the keyless entry system of the Tesla Model X. Tesla Model S was also hacked by the […] The post Telsa Flaw Let Attackers to Steal Vehicles in Minutes appeare …

    • 24 novembre 2020Malware Operators Arrested for Running Services To Bypass Antivirus Software
      Romanian police forces have arrested two individuals this week, for allegedly running two malware crypting services like CyberSeal and DataProtector to escape antivirus software detection. These services were purchased by quite 1560 criminals and used for crypting several different types of malware, including Remote Access Trojans, Information stealers, and Ransomware. The pair used the Cyberscan …

Cyber Defense Magazine
Erreur: Il y a un erreur avec ce flux.

blackMORE Ops

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

    • 25 septembre 2019SamSam Ransomware
      The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …