Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Security experts from ESET published a detailed analysis of a recently discovered threat actor tracked as GreyEnergy, its activity emerged in concurrence with BlackEnergy operations. ESET researchers have spotted a new strain of malware […]
Haythem Elmir
VestaCP compromis dans une nouvelle attaque de la chaîne de commande
Des consommateurs ont vu leurs informations d’accès Admin volés et leurs serveurs infectés par Linux/ChachaDDoS Au cours des derniers mois, de nombreux utilisateurs de VestaCP, une solution de panneau de contrôle d’hébergement, ont été avertis par leur fournisseur de services que leurs serveurs utilisaient une quantité anormale de bande passante. Nous […]
Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew
Security researchers from McAfee have recently uncovered a cyber espionage campaign, tracked as Operation Oceansalt, targeting South Korea, the United States, and Canada. The threat actors behind Operation Oceansalt are reusing malware previously associated with China-linked cyberespionage group APT1. “McAfee Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users.” reads […]
Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
Tumblr stressed that there is no evidence the security bug was being abused or that unprotected account data was accessed. Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any […]
Chaining three critical vulnerabilities allows takeover of D-Link routers
Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take over some D-Link routers. A group of researchers from the Silesian University of Technology in Poland has discovered three vulnerabilities in some models of D-Link routers that could be chained to take full […]
MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here). The victim was one of the most important leaders in the field […]
Brazil expert discovers Oracle flaw that allows massive DDoS attacks
Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks. The flaw was discovered by the Brazilian researcher Mauricio Corrêa, founder of Brazilian security company XLabs. The exploitation of this vulnerability could cause major problems on the […]
LibSSH Flaw Allows Hackers to Take Over Servers Without Password
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in Libssh […]
Windows 10 October 2018 Update Build 17763.104 Released to Insiders With Fixes
Windows 10 October 2018 Update Build 17763.104 is now rolling out to the Insiders in the Slow and Release Preview Ring with important fixes. This build fixes issues with the Task Manager, third-party Antivirus products, and addresses driver compatibility issues experienced by some users. The update has finally fixed a bug […]
GALLMAKER : UNE CAMPAGNE DE CYBERESPIONNAGE NOUVELLEMENT DÉCOUVERTE
Une nouvelle attaque de cyberespionnage cible des institutions gouvernementales et militaires comme les ambassades de l’Europe de l’Est ou encore les institutions de défense militaires du Moyen-Orient. Baptisée Gallmaker, cette campagne d’attaques exploite des vulnérabilités au sein du protocole DDE et utilise des outils de piratage publiquement disponibles. Le protocole […]