Hackers

Retour à Sécurité

Security Affairs

    • China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors 5 décembre 2019
      China is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG, a forum used by Hong Kong residents to organize protests. The Great Cannon Distributed Denial of Service (DDoS) tool was used again by the Chinese government, this time it was used to target the LIHKG forum used by Hong Kong protesters to coordinate their protests against the Beijing government. …

    • CyrusOne, one of the major US data center provider, hit by ransomware attack 5 décembre 2019
      Ransomware attacks continue to threaten organizations worldwide, CyrusOne, one of the biggest data center providers in the US, is facing with an infection. A new ransomware attack made the headlines, systems at CyrusOne, one of the biggest data center providers in the US, were infected by the malware. The company reported the incident to law enforcement, it hired forensics firms to investigate the …

    • The evolutions of APT28 attacks 5 décembre 2019
      Analyzing how tactics, techniques and procedures of the Russia-linked APT28 cyberespionage group evolve over the time. APT28 is a well known Russian cyber espionage group attributed, with a medium level of confidence, to Russian military intelligence agency GRU (by CrowdStrike). It is also known as Sofacy Group (by Kaspersky) or STRONTIUM (by Microsoft) and it’s used to target Aereospace, Defence, …

    • Iran-Linked APT groups target energy, industrial sectors with ZeroCleare Wiper 5 décembre 2019
      Experts spotted a piece of malware dubbed ZeroCleare that has been used in highly targeted attacks aimed at energy and industrial organizations in the Middle East. Security experts at IBM X-Force found a piece of malware dubbed ZeroCleare (the name ZeroCleare comes from the path in the binary file) that has been used in highly targeted attacks aimed at energy and industrial organizations in the Mi …

    • Two malicious Python libraries were stealing SSH and GPG keys 4 décembre 2019
      The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The Python security team removed two tainted Python libraries from PyPI (Python Package Index) that were found stealing SSH and GPG keys from the projects of infected developers. Both libraries, “python3-dateutil …

    • Mozilla removed 4 Avast and AVG extensions for spying on Firefox users 4 décembre 2019
      Mozilla has removed four extensions from Avast and AVG from the Firefox site that are suspected to track user activity online. Four Avast and AVG Firefox extensions have been removed from Mozilla Addons Site over concerns of spying of users. “This add-on violates Mozilla’s add-on policy by collecting data without user disclosure or consent,” explained Mozilla. The four extensions …

    • Talos experts found a critical RCE in GoAhead Web Server 4 décembre 2019
      Experts at Cisco Talos found two vulnerabilities in the GoAhead embedded web server, including a critical remote code execution flaw. GoAhead is the world’s most popular, tiny embedded web server. It is developed by EmbedThis that defines it as compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices. Searchin …

    • A flaw in Microsoft OAuth authentication could lead Azure account takeover 3 décembre 2019
      A vulnerability in the Microsoft OAuth implementation exposes Azure cloud accounts to takeover. The vulnerability affects the way Microsoft applications use OAuth for authentication, these applications trust certain third-party domains and sub-domains that are not registered by Microsoft. Experts from Cyberark discovered the following three vulnerable Microsoft applications that trust these unregi …

    • Website of gunmaker Smith & Wesson hit by a Magecart attack 3 décembre 2019
      The US gunmaker Smith & Wesson was hacked late last month in a Magecart attack, attackers injected a malicious software skimmer. A new Magecart attack made the headlines, the victim is the American gunmaker Smith & Wesson. The hack took place last month, the attackers planted a malicious software skimmer on its website to steal customers’ payment card data. The hack was discovered by …

    • Experts discovered DLL hijacking issues in Kaspersky and Trend Micro solutions 3 décembre 2019
      Experts discovered several DLL hijacking flaws in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application. Researchers from SafeBreach discovered several vulnerabilities in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application products that could be exploited by hackers for DLL preloading, code execution, and privilege escal …

The Hackers News

    • FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware 5 décembre 2019
      The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years. Maksim Yakubets, the leader of ‘Evil Corp’ hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as ‘Bugat’ …

    • Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD 5 décembre 2019
      OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework. The other three vulnerabilities are privilege escalation issues that could allow local users or malicious software to gain privileges of an auth group, …

    • ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector 5 décembre 2019
      Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East. Dubbed ZeroCleare, the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups—APT34, also known as ITG13 and Oilrig, and Hive0081, …

    • Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices 4 décembre 2019
      Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution flaw that can be exploited by attackers to execute malicious code on vulnerable devices and take …

    • Europol Shuts Down Over 30,500 Piracy Websites in Global Operation 4 décembre 2019
      In a coordinated global law enforcement operation, Europol has taken down more than 30,500 websites for distributing counterfeit and pirated items over the Internet and arrested three suspects. Among other things, the seized domains reportedly offered various counterfeit goods and pirated products and services, including pirated movies, illegal television streaming, music, electronics, …

    • Avast and AVG Browser Extensions Spying On Chrome and Firefox Users 3 décembre 2019
      If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible. Avast Online Security AVG Online Security Avast SafePrice AVG SafePrice Why? Because these four widely installed browser extensions have been caught collecting a lot more data on its millions of users than …

    • Top 5 Cybersecurity and Cybercrime Predictions for 2020 3 décembre 2019
      We distilled 30 independent reports dedicated to cybersecurity and cybercrime predictions for 2020 and compiled the top 5 most interesting findings and projections in this post. Compliance fatigue will spread among security professionals Being a source of ongoing controversy and debate, the California Consumer Privacy Act (CCPA) was finalized on 11th January 1, 2019. Driven by laudable …

    • Unpatched Strandhogg Android Vulnerability Actively Exploited in the Wild 3 décembre 2019
      Cybersecurity researchers have discovered a new unpatched vulnerability in the Android operating system that dozens of malicious mobile apps are already exploiting in the wild to steal users’ banking and other login credentials and spy on their activities. Dubbed Strandhogg, the vulnerability resides in the multitasking feature of Android that can be exploited by a malicious app installed on a …

    • New Facebook Tool Let Users Transfer Their Photos and Videos to Google 2 décembre 2019
      Facebook has finally started implementing the open source data portability framework as the first phase of ‘Data Transfer Project,’ an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook today announced a new feature that will allow its users to transfer their Facebook photos and videos to their Google Photos accounts—directly and …

    • Europol Shuts Down 'Imminent Monitor' RAT Operations With 13 Arrests 29 novembre 2019
      In a coordinated International law enforcement operation, Europol today announced to shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely. The operation targeted both buyers and sellers of the IM-RAT (Imminent Monitor Remote Access Trojan), which was sold to …

    • Magento Marketplace Suffers Data Breach Exposing Users' Account Info 28 novembre 2019
      If you have ever registered an account with the official Magento marketplace to bought or sold any extension, plugin, or e-commerce website theme, you must change your password immediately. Adobe—the company owning Magento e-commerce platform—today disclosed a new data breach incident that exposed account information of Magento marketplace users to an unknown group of hackers or individuals. …

    • Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019 27 novembre 2019
      As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year. According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with « credential phishing emails » that tried to trick …

    • The Hacker News 2020 Cybersecurity Salary Survey – Call for Participation 27 novembre 2019
      For the first time, The Hacker News launches a comprehensive Cybersecurity Salary Survey aimed to provide insights into the payment standards of security positions, enabling security professionals to benchmark their salaries against their peers, as well as get clear insights into the leading roles, certifications, geo- and industry- components that factor a cybersecurity position payroll. …

    • Latest Kali Linux OS Added Windows-Style Undercover Theme for Hackers 27 novembre 2019
      You can relate this: While working on my laptop, I usually prefer sitting at a corner in the room from where no one should be able to easily stare at my screen, and if you’re a hacker, you must have more reasons to be paranoid. Let’s go undercover: If you’re in love with the Kali Linux operating system for hacking and penetration testing, here we have pretty awesome news for you. Offensive …

    • Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data 26 novembre 2019
      Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users’ data associated with their connected social media accounts. In a blog post published yesterday, Twitter revealed that an SDK developed by OneAudience contains a privacy-violating component which may have passed some of its users’ personal …

    • Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software 23 novembre 2019
      Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system. VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB (Remote FrameBuffer) that allows users to …

    • OnePlus Suffers New Data Breach Impacting Its Online Store Customers 23 novembre 2019
      Chinese smartphone maker OnePlus has suffered a new data breach exposing personal and order information of an undisclosed number of its customers, likely, as a result of a vulnerability in its online store website. The breach came to light after OnePlus started informing affected customers via email and published a brief FAQ page to disclose information about the security incident. According …

    • Boost Your Personal Security With These Killer 2019 Black Friday and Cyber Monday Deals 22 novembre 2019
      If you’re like most consumers, you’re probably looking forward to the upcoming Black Friday and Cyber Monday sale events. Who wouldn’t want to get all sorts of products and services at massive discounts? But while most consumers are typically eyeing personal gadgets and entertainment appliances, you may want to consider scoring deals on personal security software and devices. Everyone’s …

    • Google offers up to $1.5 million bounty for remotely hacking Titan M chip 22 novembre 2019
      With its latest announcement to increase bug bounty rewards for finding and reporting critical vulnerabilities in the Android operating system, Google yesterday set up a new challenging level for hackers that could let them win a bounty of up to $1.5 million. Starting today, Google will pay $1 million for a « full chain remote code execution exploit with persistence which compromises the Titan …

    • Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison 22 novembre 2019
      A Russian hacker who created and used Neverquest banking malware to steal money from victims’ bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the …

Dark Reading

gHacks

    • Ghacks Deals: KeepSolid VPN Unlimited: Lifetime Subscription 5 décembre 2019
      A lifetime subscription of KeepSolid VPN Unlimited for just $39? Yes, that is today’s deal. The no-log service gives you access to servers in over 80 locations and does not restrict your bandwidth. It supports a variety of protocols, P2P servers, a kill switch on several platforms, and support for all popular desktop and mobile operating systems. The deal allows customers to use the service on up …

    • Vivaldi releases second Beta of its Android browser 5 décembre 2019
      Vivaldi Technologies, the company behind the Vivaldi web browser, released the second Beta of the upcoming Vivaldi mobile browser for Android on December 5, 2019. The company released the first, long-awaited, version of its Android browser back in September and has been working on improvements since then. The new version is already available on Google Play. Users who have installed the previous be …

    • Opera 55 Stable for Android is out: here is what is new 5 décembre 2019
      Opera Software released a new stable version of the web browser on December 5, 2019. The new Opera 55 web browser for Android devices includes a new Night Mode and improved keyboard dimming functionality. The new version of the mobile web browser should be offered to Android users soon via Play Store updates. It may also be downloaded from Google Play (and other sources) manually. The major new fe …

    • MPV-Easy Player is another front-end for mpv with a menu full of quick options and a proper settings panel 5 décembre 2019
      We taught you how to configure mpv manually. And if you weren’t comfortable with it, you could use the Glow settings generator to set up the player or make use of frontends such as Celluloid or mpv.net. Didn’t like either of those methods and want a simpler way? MPV-Easy Player is an open source front-end for mpv, that packs a lot of user-friendly options. Though the GitHub page only has an EXE to …

    • Ashampoo ZIP Free review 4 décembre 2019
      Ashampoo ZIP Free is a free file archiver tool which offers some interesting options. A professional version is also available that offers more functionality. Let’s take an in-depth tour of the free version, its interface and features. Note: Windows users may choose from a good selection of file archivers. From classics such as 7-Zip or WinRar to PeaZip and Bandizip. You will need to click on the …

    • O&O ShutUp10 updated with new privacy features 4 décembre 2019
      O&O, the developers behind the privacy tool O&O ShutUp10 for Windows 10, released a new version of the program yesterday. O&O ShutUp10 1.7 introduces the new Activity History and Clipboard group to the program to provide its users with activity and clipboard privacy controls. The application is a privacy tool for Windows 10 that users of the operating system may run to modify privacy-r …

    • Latest Kali Linux features an Undercover Windows 10 theme 4 décembre 2019
      The latest version of the Linux distribution Kali Linux features a new « Undercover » theme that turns the interface into one that resembles Microsoft’s Windows 10 operating system. Kali Linux is a security-focused Linux distribution based on Debian that is used by security researchers and hackers alike. It features advanced penetration testing and security auditing tools and is maintained by Offens …

    • Microsoft improves Tracking Prevention in the new Edge browser 4 décembre 2019
      Work on the new Chromium-based Edge continues as the first official Stable release will become available on January 15, 2020 (one day after end of support for Windows 7). Microsoft implemented a tracking prevention system into the Edge browser that is powered by  Disconnect tracking protection lists. Mozilla added a similar system to the organization’s Firefox browser and enabled it in mid-2019 by …

    • Mozilla launches Firefox Private Network VPN for $4.99 per month 3 décembre 2019
      Mozilla continues to expand its products and services beyond the Firefox web browser. Firefox Private Network was launched as the first product of the revamped Test Pilot program that Mozilla put on ice earlier this year. Mozilla launched it for Firefox users in the United States at the time and as a browser proxy only. The system works similarly to third-party VPN solutions for Firefox in that it …

    • Ghacks Deals: Zero to Hero Cyber Security Hacker Bundle (91% off) 3 décembre 2019
      Zero to Hero Cyber Security Hacker Bundle is a big eLearning bundle that includes basic, intermediate and advanced hacking courses. The bundle is available for a special discount currently. It is available for $29 but you can get another 60% off the price by using the coupon code CMSAVE60 during checkout. The following courses are included: Fundamentals of Computer Hacking Information Security Awa …

blackMORE Ops

    • Change IP address in packet capture file (faking IP) 7 octobre 2019
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

    • SamSam Ransomware 25 septembre 2019
      The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In a …

    • New Exploits for Unsecure SAP Systems 24 septembre 2019
      A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit …

    • Microsoft Operating Systems BlueKeep Vulnerability 22 septembre 2019
      The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions: The post Microsoft Operating Systems BlueKeep Vulnerability appeared first on blackMORE Ops. …

    • A .vimrc config file everyone should use 24 avril 2019
      Ever had that issue when you login to a Linux terminal, editing a file and the texts are just blue and you can’t read? I’ve had way too many cause default vim/vi config is just bad. I created a good .vimrc config file. Simply create a file with .vimrc name in home directory a paste … The post A .vimrc config file everyone should use appeared first on blackMORE Ops. …

    • Remove cloud-init from Ubuntu 19 avril 2019
      Cloud images are operating system templates and every instance starts out as an identical clone of every other instance. It is the user data that gives every cloud instance its personality and cloud-init is the tool that applies user data to your instances automatically. Cloud-init is the defacto multi-distribution package that handles early initialization of … The post Remove cloud-init fro …

    • How to Prevent DOM-based Cross-site Scripting 8 janvier 2019
      There’s no denying the role that JavaScript has played in making web applications the sleek, interactive, online experiences that we know and love today. This powerful scripting language brought interactivity and animation to the web. But with great power comes great responsibility. Cross-site-scripting (XSS) remains a persistent stalwart among the OWASP Top 10. Malicious JavaScript … The po …

    • Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown 28 décembre 2018
      On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware implementations are vulnerable to the …

    • How to access Dark Web? 27 décembre 2018
      The concept of the Dark Web isn’t vastly different from the Surface Web. There are message boards (e.g. 8chan, nntpchan), places you can buy things (e.g. Alphabay, Hansa), and blogs (e.g. OnionNews, Deep Web Radio). The rules, or rather a lack thereof, is what makes the Dark Web unique. Anything that is illegal to sell … The post How to access Dark Web? appeared first on blackMORE Ops. …

    • Inception Attackers Target Europe with Year-old Office Vulnerability 14 décembre 2018
      The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against European targets observed in October … The post Inception Attackers Target Eu …