Hackers

Retour à Sécurité

Security Affairs

    • 30 septembre 2020Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs
      Last week, the source code for MS Windows XP and Windows Server 2003 OSs were leaked online, now a developer successfully compiled them. Last week, the source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time that the source code of Microsoft’s 19-year-old operating system was leaked …

    • 30 septembre 2020Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison
      Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Let’s summarize the criminal activities of the man who was arrested in Prague in Octobe …

    • 30 septembre 2020Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks
      More than 247,000 Microsoft Exchange servers are still vulnerable to attacks exploiting the CVE-2020-0688 RCE issue impacting Exchange Server. The CVE-2020-0688 vulnerability resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers fail to properly create unique keys at install time. “Knowledge of a the validation key allows an authenticate …

    • 30 septembre 2020Swiss watchmaker Swatch shuts down IT systems in response to a cyberattack
      The Swiss watchmaker giant Swatch Group shut down its systems over the weekend because it was the victim of a cyber attack Swiss watchmaker Swatch Group shut down its IT systems in response to a cyber attack that hit its infrastructure over the weekend. The company turned off its systems to avoid other systems on its network from being infected. The Swatch Group Ltd is a Swiss manufacturer of watc …

    • 30 septembre 2020Cisco fixes actively exploited issues in IOS XR Network OS
      Cisco addressed two actively exploited DoS vulnerabilities that reside in the IOS XR software that runs on multiple carrier-grade routers. Cisco addressed two high severity memory exhaustion DoS vulnerabilities that reside in the IOS XR Network OS that runs on multiple carrier-grade routers. The company confirmed that both vulnerabilities are actively exploited in attacks in the wild. At the end o …

    • 29 septembre 2020Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack
      US-based Arthur J. Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. US-based Arthur J. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. The company did not provide technical details about the attack, it is not clear how the ransomware operators breached the company …

    • 29 septembre 2020FBI and CISA warn of disinformation campaigns about the hack of voter systems
      The FBI and the US CISA issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election. The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint public service announcement to warn of the threat of disinformation campaigns targeting the upcoming 2020 US election season. Threat …

    • 29 septembre 2020QNAP urges users to update NAS firmware and app to prevent infections
      While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. The name AgeLocker comes from the use of the Actually Good Encryption (AGE) algor …

    • 29 septembre 2020Maritime transport and logistics giant CMA CGM hit with ransomware
      The French maritime transport and logistics giant CMA CGM S.A. revealed it was the victim of a malware attack that affecting some servers on its network. CMA CGM S.A., a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. The company is present in over 160 countries through 755 offices and 750 warehouses with 110,000 employees and 489 …

    • 29 septembre 2020Ransomware attack on Tyler Technologies might be worse than initially thought
      Customers of Tyler Technologies are reporting finding suspicious logins and previously unseen remote access tools on their infrastructure Tyler Technologies, Inc. is the largest provider of software to the United States public sector. The company last week disclosed a ransomware attack, and now its customers are reporting finding suspicious logins and previously unseen remote access tools on their …

The Hackers News

    • 30 septembre 2020Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
      Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago.Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software that is installed …

    • 30 septembre 2020Chinese APT Group Targets Media, Finance, and Electronics Sectors
      Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. Linking the attacks to Palmerworm (aka BlackTech) — likely a China-based advanced persistent threat (APT) — Symantec’s Threat Hunter Team said the first wave of activity associated with this campaign began last …

    • 29 septembre 2020LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection
      I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability—called Zerologon—that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable to a critical privilege escalation bug that resides in the Netlogon Remote Control Protocol for Domain …

    • 30 septembre 2020Researchers Uncover Cyber Espionage Operation Aimed At Indian Army
      Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed « Operation SideCopy » by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an advanced persistent threat (APT) group that has successfully managed to stay …

    • 28 septembre 2020Red Team — Automation or Simulation?
      What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, the difference runs deeper. In a nutshell, a pen-test is performed to discover exploitable …

    • 25 septembre 2020FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations
      Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. Developed by a German company, FinSpy is extremely powerful spying software that is being sold as a legal law enforcement tool to governments around the world but has also …

    • 26 septembre 2020Microsoft Windows XP Source Code Reportedly Leaked Online
      Microsoft’s long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft’s 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it’s for the very first …

    • 25 septembre 2020Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers
      As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution—with default …

    • 24 septembre 2020Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone
      Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram’s Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. What’s more worrisome is that the flaw not only lets attackers …

    • 23 septembre 2020Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability
      If you’re administrating Windows Server, make sure it’s up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed ‘Zerologon’ (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 30 septembre 2020Indian Copyright Office Asks for Executable File for Website Code?
      India copyright office grants a series of rights to the developer of a computer program that protects his original creation legally. Under the Copyright Act, computer programming codes can be registered as ‘literary works’. As the program is safeguarded by copyrights, each subsequent modification or addition to the code containing sufficient originality will also be protected under the law. Genera …

    • 30 septembre 2020Roskomnadzor has added the site of the Binance crypto exchange to the list of banned sites in Russia
       Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media) has notified one of the largest cryptocurrency exchanges  Binance about entering it into the register of prohibited sites. So far, the site in Russia is not blocked and continues to work. »On September 24, 2020, we received a notification from Roskomnadzor of the Russian Federation …

    • 30 septembre 2020Cyber Security Solutions for Enterprises Launched by Bharti Airtel
      Bharti Airtel Ltd recently dispatched a ‘suite of cybersecurity solutions’ for large, medium and small businesses as they move on to digital and cloud platforms, expanding the need to protect information from online attacks.Airtel Secure, the suite, will have a security intelligence centre, a best in class infrastructure with admittance to cutting edge innovation and artificial intelligence tools. …

    • 30 septembre 2020Ryuk Ransomware Attacks Union Health Services, Disrupts Hospitals Nationwide
      Universal Health Services (UHS) is shut down after a ransomware attack by hackers. Fortune 5oo organization, UHS runs a network of more than 500 hospitals in the nation. Ryuk ransomware is said to be responsible for this attack. The attack took place earlier this week when the employees on Reddit and other platforms reported the issue. According to these discussions on Reddit, it was clear from th …

    • 29 septembre 2020A new Malware that can intercept your OTP and bypass Two Factor Authentication
      For most of our accounts be it Bank accounts or social media accounts, we rely on two-factor authentication and OTP (one time password); thinking it the most trustable and impenetrable security. But we ought to think again as a new android malware, « Alien » with its remote access threat tool can steal 2FA codes and OTP as well as sniff notifications.Discovered by ThreatFabric, the Trojan Alien has …

TechWorm

    • 28 août 2020Elon Musk Confirms Russian Hackers Targeted Tesla Factory
      Chief Executive Officer Elon Musk on Friday confirmed via Twitter that Tesla’s factory in Nevada was targeted by a Russian hacker, who tried to convince an employee of the company to install a virus in exchange for $1million.  In a tweet, Musk wrote, “Much appreciated. This was a serious attack,” responding to a report on Teslarati. He said that the Nevada factory was the target of a “seriou …

    • 6 août 2020Canon Hit By Maze Ransomware Attack, 10TB Of Data Allegedly Stolen
      Canon, the Japanese camera giant, recently fell victim to a ransomware attack where over 10TB of photos, videos, and other data were stolen across multiple devices. The attack affected the company’s storage and email services, Microsoft Teams, as well as the U.S. version of its website.   Following the incident, Canon’s IT service sent a company-wide notification indicating that it is experiencing …

    • 6 août 2020Pakistani News Channel Broadcast Hacked To Show Indian National Flag
      Pakistan TV news channel, Dawn, was reportedly hacked on Sunday with an Indian tricolour waving on the channel’s screen while it was running an advertisement. Besides the Indian tricolour flag, it also displayed a ‘Happy Independence Day’ message on the screen.  According to media reports, the message appeared on the news channel in Pakistan at 3.30 pm on August 2. It is known th …

    • 25 juillet 2020CarryMinati’s YouTube Channel Hacked To Stream Bitcoin Scam
      Popular Indian roaster and streamer on YouTube, Ajey Nagar, aka CarryMinati is the latest victim of the ongoing BitCoin hack scandal. The hack happened on the second channel of CarryMinati, which goes by the name of CarryisLive, where he streams himself playing video games, often with other YouTubers and celebrities. Just a week ago in a similar incident, Twitter accounts of several renowned celeb …

    • 25 juillet 2020Hackers Are Making ATMs Spit All Cash Using Stolen Proprietary Software
      Cybercriminals have found a new way of “jackpotting” ATMs that is forcing the machines to “spit out” cash in several European countries, warned Diebold Nixdorf, the world’s largest ATM manufacturer. For those unaware, Diebold is one of the top players in the ATM market, which earned $3.3 billion in sales, which includes both selling and servicing machines globally, from its ATM business last …

GBHackers On Security

    • 30 septembre 2020Certified Malware Analyst – Exploit Development, Expert Malware Analysis & Reverse Engineering
      Certified Malware Analyst: In 2020, sophisticated Cyber attacks keep on increasing by APT threats that target most of the enterprise-level networks and individuals. Preventing Enterprise networks from advanced level threats is challenging tasks for malware analysts and threat researchers to break down the complete malware samples. There is a huge skill gap to approach, analysis […] The post …

    • 29 septembre 2020Beware of the New Critical Zerologon Vulnerability in The Windows Server
      Microsoft Patchs the new critical vulnerability in Zerologon, A feature of Netlogon allows the domain controller to authenticate computers and update passwords in the Active Directory. “The elevation of privilege vulnerability for Zerologon, or CVE-2020-147, exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protoco …

    • 28 septembre 2020How to Become a Certified Cyber Threat Intelligent Analyst?
      Nowadays, Cyber crimes are increasing. The demand for cyber thteat intelligence experts is high. The field of cyber Intelligence is growing and booming, and the skills of professionals in this field will continue to be in high demand. In this article, we will discuss about Cyber Threat Intelligence. Threat intelligence is for everyone, no matter […] The post How to Become a Certified Cyber T …

    • 28 septembre 2020Essential Tips to Keep Your PC Safe and Secure
      Since their arrival, computers have been beneficial to businesses, offices, institutions, and private use. They have also helped in automating almost every function, including buying and selling goods and services. Despite their operations and help, computers are always at risk. Several threats target computers, including malware, viruses, and other threats, mostly for online activities. Statistic …

Cyber Defense Magazine

    • 28 septembre 2020Cyber Liability Insurance – Safe Bet or Sales Gimmick?
      By Darren T. Kimura, Spin Technology The threat of ransomware is rising rapidly. Each day, we see more stories about companies overtaken by this type of cyberattack. Garmin and Canon, two well-known consumer brands, are the most recent examples of organizations that paid large sums of money to criminal organizations to regain access to their […] The post Cyber Liability Insurance – Safe Bet …

    • 27 septembre 2020Mapping Automation to the MITRE ATT&CK Framework
      By Chris Calvert, vice president, product strategy, and co-founder Respond Software As major enterprises race to digitize their IT and line of business infrastructures, cybersecurity has become an imperative, both from a business and regulatory perspective. Yet these same forces of digitization and the rise of software have proliferated vulnerable points of access to sensitive […] The post M …

    • 25 septembre 2020Privacy Shield Revoked
      What This Means for EU-US Commercial Data Transfers By Dan Piazza, Technical Product Manager, Stealthbits Technologies On July 16th, the European Court of Justice (ECJ) struck down the EU-US data privacy agreement named Privacy Shield, which many organizations rely on to transfer data between the EU and the U.S. Privacy Shield was enacted in 2016 […] The post Privacy Shield Revoked appeared …

    • 24 septembre 2020Manual vs. Automatic Cybersecurity Testing: What’s the Difference?
      By Tamir Shriki, Customer Operations Manager, XM Cyber In the context of cybersecurity, if you want to protect something, you need the ability to test its defenses. It’s the only way to maintain visibility into the true state of your security posture. The key question, however, is this: How does one get the best and […] The post Manual vs. Automatic Cybersecurity Testing: What’s …

blackMORE Ops

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … The post Accessing ESXi console screen from an SSH session appear …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … The post Accessing the RAID setup on an HP Proliant DL380 G7 appeared first on blackMORE Ops. …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

    • 25 septembre 2019SamSam Ransomware
      The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a …

    • 24 septembre 2019New Exploits for Unsecure SAP Systems
      A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …