Hackers

Retour à Sécurité

Security Affairs

    • AMCA files for bankruptcy following the recently disclosed security breach 19 juin 2019
      Retrieval-Masters Creditors Bureau, the company that operates healthcare billing services provider AMCA, has filed for Chapter 11 bankruptcy due to a recent data breach. Retrieval-Masters Creditors Bureau, the company that operates the recovery agency for patient collections American Medical Collection Agency (AMCA), has filed for Chapter 11 bankruptcy due to a recent security breach that affected …

    • Another Remote Code Execution flaw in WebLogic exploited in the wild 19 juin 2019
      Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server. On Tuesday, Oracle released emergency patches for another critical remote code execution vulnerability affecting the WebLogic Server. The vulnerability, tracked as CVE-2019-2729, affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The vulnerability is a remotely exploi …

    • Mozilla fixed a Firefox Zero-Day flaw exploited in targeted attacks 19 juin 2019
      Mozilla released security updates for Firefox that addressed a critical zero-day vulnerability exploited in targeted attacks in the wild. Mozilla released security updates for its Firefox web browser that address a critical vulnerability that has been actively exploited in the wild. The zero-day vulnerability, tracked as CVE-2019-11707, is a type confusion flaw in Array.pop. Mozilla has addressed …

    • Eatstreet, the online food ordering service disclosed a security breach 19 juin 2019
      Eatstreet, the online food ordering service, disclosed a security breach that exposed customer payment card data and details of partners EatStreet, an online and mobile food ordering service, disclosed a security breach that exposed customer payment card data and details of delivery and restaurant partners Attackers breached the company network on May 3 stole data from its database. On May 17, the …

    • Modular Plurox backdoor can spread over local network 19 juin 2019
      Kaspersky experts recently discovered a backdoor dubbed Plurox that can spread itself over a local network and can allow installing additional malware.  Kaspersky experts discovered the Plurox backdoor in February, it can spread itself over a local network and could be used by attackers to install additional malware.  The Plurox backdoor is written in C and compiled with Mingw GCC, it communicates …

    • Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin 18 juin 2019
      Expert discovered a new technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions The popular security expert Lukas Stefanko from ESET discovered some apps (namedBTCTurk Pro Beta and BtcTurk Pro Beta) impersonating the Turkish cryptocurrency exchange, BtcTurk, in the attempt of stealing login credentials. In order to steal the 2FA OTPs …

    • Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders 18 juin 2019
      A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where the signal is weak. The vulnerability d …

    • Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API 18 juin 2019
      Researcher leaked online a dataset containing over 7,000,000 transactions scraped from the Venmo public API Venmo is a digital wallet app owned by PayPal that lets you make and share payments with friends. In August 2016, security expert Martin Vigo devised a method to abuse an optional SMS-based feature that allowed users to authorize payments by replying to an SMS message with a provided 6-digit …

    • DHS also issued an alert for the Windows BlueKeep flaw 18 juin 2019
      The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). After Microsoft and the US NSA, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). Experts at the CISA Agency successfully exploited the BlueKeep flaw on …

The Hackers News

    • Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks 19 juin 2019
      If you use the Firefox web browser, you need to update it right now. Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild. Discovered and reported by Samuel Groß, a cybersecurity researcher at Google Project Zero, the vulnerability could allow …

    • 5 Keys to Improve Your Cybersecurity 18 juin 2019
      Cybersecurity isn’t easy. If there was a product or service you could buy that would just magically solve all of your cybersecurity problems, everyone would buy that thing, and we could all rest easy. However, that is not the way it works. Technology continues to evolve. Cyber attackers adapt and develop new malicious tools and techniques, and cybersecurity vendors design creative new ways to …

    • GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free 18 juin 2019
      Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. GandCrab is one of the most prolific families of ransomware to date that has infected over 1.5 million computers since it first emerged in January 2018. Created by …

    • Critical Flaw Reported in Popular Evernote Extension for Chrome Users 13 juin 2019
      Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed. Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper Extension for Chrome …

    • Telegram Suffers 'Powerful DDoS Attack' From China During Hong Kong Protests 13 juin 2019
      Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers. Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind it to sabotage …

    • Cynet Free Visibility Experience – Unmatched Insight into IT Assets and Activities 12 juin 2019
      Real-time visibility into IT assets and activities introduces speed and efficiency to many critical productivity and security tasks organizations are struggling with—from conventional asset inventory reporting to proactive elimination of exposed attack surfaces. However, gaining such visibility is often highly resource consuming and entails manual integration of various feeds. Cynet is now …

    • Android's Built-in Security Key Now Works With iOS Devices For Secure Login 12 juin 2019
      In April this year, a software update from Google overnight turned all Android phones, running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification. The feature made it possible for users to confirm their identity when logging into a Google account more effortless and secure, without separately managing and plugging-in a …

    • When Time is of the Essence – Testing Controls Against the Latest Threats Faster 13 juin 2019
      A new threat has hit head the headlines (Robinhood anyone?), and you need to know if you’re protected right now. What do you do? Traditionally, you would have to go with one of the options below. Option 1 – Manually check that IoCs have been updated across your security controls. This would require checking that security controls such as your email gateway, web gateway, and endpoint …

    • RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory 12 juin 2019
      A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware. Dubbed RAMBleed and identified as CVE-2019-0174, the new attack is based on a well-known class of DRAM side channel …

    • Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities 11 juin 2019
      After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. This month’s security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. The …

    • Adobe Issues Critical Patches for ColdFusion, Flash Player, Campaign 11 juin 2019
      It’s Patch Tuesday week! Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign. Out of these, three vulnerabilities affect Adobe ColdFusion, a commercial rapid web application development platform—all critical in severity—that could lead to arbitrary …

    • New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions 11 juin 2019
      Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498, resides in the « WP Live Chat Support » that is currently being used by over 50,000 businesses to …

    • Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor 10 juin 2019
      Linux users, beware! If you haven’t recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful command-line …

    • Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw 7 juin 2019
      An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half …

    • New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide 7 juin 2019
      Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet. Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new cracked system to its network, forcing them to further find new available RDP servers and then brute …

    • CompTIA Certification Training — Get Online Courses @ 95% OFF 6 juin 2019
      The Information Technology industry has seen exponential growth over the years. It is essential for everyone to earn cybersecurity certification if you want to be a part of this growing industry. Organizations always prefer employees with strong internationally-recognized professional certifications. It proofs your skills, knowledge, and gives more credibility to advance your career. IT …

    • Cryptocurrency Firm Itself Hacked Its Customers to Protect Their Funds From Hackers 6 juin 2019
      Are you using Komodo’s Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also unauthorisedly transferred overnight to a new address? If yes, don’t worry, it’s probably safe, and if you are lucky, you will get your funds back. Here’s what exactly happened… Komodo, a cryptocurrency project and developer of Agama wallet, adopted a surprisingly unique way to protect its …

    • Critical Flaws Found in Widely Used IPTV Software for Online Streaming Services 6 juin 2019
      Security researchers have discovered multiple critical vulnerabilities in a popular IPTV middleware platform that is currently being used by more than a thousand regional and international online media streaming services to manage their millions of subscribers. Discovered by security researchers at CheckPoint, the vulnerabilities reside in the administrative panel of Ministra TV platform, …

    • Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions 5 juin 2019
      A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP). Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions. Discovered by Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), the flaw exists …

    • Firefox Web Browser Now Blocks Third-Party Tracking Cookies By Default 4 juin 2019
      As promised, Mozilla has finally enabled « Enhanced Tracking Protection » feature on its Firefox browser by default, which from now onwards would automatically block all third-party tracking cookies that allow advertisers and websites to track you across the web. Tracking cookies, also known as third-party cookies, allows advertisers to monitor your online behavior and interests, using which …

Dark Reading

gHacks

    • KB4501371 and KB4503288 for Windows 10 version 1809 and 1803 released 19 juin 2019
      Microsoft released cumulative updates for several supported versions of the company’s Windows 10 operating system on June 18, 2019. The two notable updates KB4501371 and KB4503288 are for Windows 10 version 1809 and 1803, two of the three supported « Home » versions of the Windows 10 operating system. Microsoft did released updates for earlier versions of Windows 10 as well that are still supported …

    • Microsoft to enforce updates for devices running Windows 10 version 1803 19 juin 2019
      Microsoft plans to start enforcing updates on devices running Windows 10 version 1803 to make sure that the systems continue to receive updates released by the company. Microsoft revealed plans to enforce updates on May 31, 2019 but did not provide details at the time. The company changed the feature update delivery system recently by moving it from a mandatory system to a user-controlled system. …

    • Firefox 68 features a new Add-ons Manager 19 juin 2019
      Firefox’s Add-ons Manager is one of the core components of the web browser, at least for Firefox users who install browser extensions, themes, or language packs. Mozilla plans to launch a redesigned Add-ons Manager in Firefox 68 that does away with older technologies that Mozilla used in the past in Firefox. Mozilla implemented some changes to Firefox’s Add-ons Manager in Firefox 64; it was clear …

    • Firefox 67.0.3 fixes 0-day vulnerability 19 juin 2019
      Mozilla released a new update for the Firefox web browser, Firefox 67.0.3, on June 19, 2019 to address a 0-day vulnerability in the browser. A new Firefox ESR, Extended Support Release, version is also available that brings it to Firefox ESR 60.7.1. Firefox 67.0.3 is a security release for the Stable channel of the web browser. Firefox users may run a manual check for updates to update the browser …

    • Firefox 69 gets a password generator 18 juin 2019
      Mozilla is working on a new feature for the Firefox web browser that helps users generate random secure passwords when they create new accounts on the Internet. The feature is part of a concentrated effort to make the password manager of the Firefox browser more useful. Mozilla launched a first batch of improvements in Firefox 67 which it released on May 21, 2019 to the public. Among the new featu …

    • Microsoft Edge (Chromium) may also block media keys on Windows 10 18 juin 2019
      The most recent development versions of the Chromium-based Microsoft Edge web browser comes with a new feature that uses media controls on Windows 10 devices. Google started to enable a feature in Chrome in 2019 that would react to media key activations on the keyboard. While that meant that Chrome users can control media playback using these keys, it had the negative effect that it blocked other …

    • Ghacks Deals: The Complete Ethical Hacking Certification Course (93% off) 18 juin 2019
      The Complete Ethical Hacking Certification Course teaches key ethical hacking concepts and preps you for the Ethical Hacker exam 312-50 by the EC-Council. The course is designed for users of all experience levels, it includes a certification of completion, and it can be accessed for lifetime.  It is available for just $12.99 at the time of writing. Here is a list of key features and topics of the …

    • Windows 10 black screen startup issue after installing latest patches 18 juin 2019
      Some Windows 10 devices may boot to a black screen when they are started for the first time after installing the latest updates for the systems. Microsoft acknowledged the issue on June 14, 2019. Client and server editions of Windows 10 are affected by the issue according to Microsoft’s post on the official release information website. The company lists Windows 10 version 1809, Windows 10 version …

    • Block autoplaying video and audio in Firefox 69+ natively 18 juin 2019
      Most modern web browsers mute audio content that plays automatically on websites that users visit on the Internet. Firefox started to block autoplaying audio automatically with the release of Firefox 66 which Mozilla started to test in mid-2018 already in development versions of the web browser. Google Chrome, and most Chromium-based browsers, block audio from playing automatically as well on site …

    • Important Changes coming to Google Photos and Google Drive 17 juin 2019
      Google revealed on June 12, 2019 that it plans to « simplify the experience across Drive and Photos » by disabling the automatic synchronization of photos and videos between Google Drive and Google Photos. Photos and videos that users take using Google Photos are automatically synced to Google Drive currently, a useful option for Google customers who like to push media to their desktop devices using …

blackMORE Ops

    • A .vimrc config file everyone should use 24 avril 2019
      Ever had that issue when you login to a Linux terminal, editing a file and the texts are just blue and you can’t read? I’ve had way too many cause default vim/vi config is just bad. I created a good .vimrc config file. Simply create a file with .vimrc name in home directory a paste … The post A .vimrc config file everyone should use appeared first on blackMORE Ops. …

    • Remove cloud-init from Ubuntu 19 avril 2019
      Cloud images are operating system templates and every instance starts out as an identical clone of every other instance. It is the user data that gives every cloud instance its personality and cloud-init is the tool that applies user data to your instances automatically. Cloud-init is the defacto multi-distribution package that handles early initialization of … The post Remove cloud-init fro …

    • How to Prevent DOM-based Cross-site Scripting 8 janvier 2019
      There’s no denying the role that JavaScript has played in making web applications the sleek, interactive, online experiences that we know and love today. This powerful scripting language brought interactivity and animation to the web. But with great power comes great responsibility. Cross-site-scripting (XSS) remains a persistent stalwart among the OWASP Top 10. Malicious JavaScript … The po …

    • Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown 28 décembre 2018
      On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware implementations are vulnerable to the …

    • How to access Dark Web? 27 décembre 2018
      The concept of the Dark Web isn’t vastly different from the Surface Web. There are message boards (e.g. 8chan, nntpchan), places you can buy things (e.g. Alphabay, Hansa), and blogs (e.g. OnionNews, Deep Web Radio). The rules, or rather a lack thereof, is what makes the Dark Web unique. Anything that is illegal to sell … The post How to access Dark Web? appeared first on blackMORE Ops. …

    • Inception Attackers Target Europe with Year-old Office Vulnerability 14 décembre 2018
      The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against European targets observed in October … The post Inception Attackers Target Eu …

    • Brute Force Attacks Conducted by Cyber Actors 13 décembre 2018
      In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a password-spray attack (also known as … The post Brute Force Attacks Conducted …

    • Avoiding Web Application Firewall using Python 21 novembre 2018
      Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you arehired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess. The figure below depicts … The post Avoiding Web Application Firewall using Python appeared first …

    • Targeting websites with Password Reset Poisoning 20 novembre 2018
      Most of web application security vulnerabilities, leverage user input in ways that were not initially intended by their developer(s). Password Reset Poisoning is one such vulnerability, that leverages commonly unthought of headers, such as the Host header seen in an HTTP request: GET https://example.com/reset.php?email=foo@bar.com HTTP/1.1 Host: evilhost.com Notice the difference where we specify …

    • Cyber Actors Target Home and Office Routers and Networked Devices Worldwide 19 novembre 2018
      DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded to the latest available versions … Th …