ne entreprise de cyber-sécurité a publié des détails et un code de preuve de concept (PoC) sur une vulnérabilité du noyau Linux qui n’a d’impact que sur les distributions CentOS et Red Hat Enterprise Linux (RHEL). Le nom de vulnérabilité est Mutagen Astronomy et est suivi par CVE-2018-14634. Découvert par l’équipe […]
Haythem Elmir
New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions
Security researchers have published the details and proof-of-concept (PoC) exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed « Mutagen Astronomy, » […]
Hide and Seek Botnet Adds Infection Vector for Android Devices
Since its discovery early this year, the Hide and Seek IoT botnet has been increasing its infection capabilities with new vectors. The latest samples look for Android devices with the wireless debugging feature enabled. While IoT botnets appear and go away on a daily basis, Hide and Seek first attracted attention […]
Banking Trojan found on Google Play stole 10,000 Euros from victims
Recently was discovered Android banking Trojan available on Google Play with more than 10,000 installs. This infiltration was capable of luring user’s banking credentials and send them to the attacker. Trojan was also capable of bypassing SMS two factor authentication. Based on analysis, app targeted German, Polish and Czech banks. […]
25 Malicious apps that Downloaded More Than 120,000 Times Contains Hidden Cryptomining Script
Malware authors continue to upload malicious apps contains hidden Cryptomining Script to Google play, even though it was entirely banned. Attackers uploaded apps poses as games, utilities, and educational apps contain hidden cryptomining scripts. SophosLabs spotted more than 25 malicious apps that contain hidden coinhive cryptomining scripts turning victims device into […]
New Adwind RAT Attack Linux, Windows and Mac via DDE Code Injection Technique by Evading Antivirus Software
New Adwind 3.0 RAT (Remote access Trojan) Evolving with new sophisticated capabilities, unlike old version it mainly attacks desktop version of Linux, Windows and Mac OSX using DDE code injection technique. Attackers are using weaponized Microsoft Office documents to compromise the targeted victims and also new capabilities that able to avoid detection […]
Mac Mojave Zero-Day Allows Malicious Apps to Access Sensitive Info
Malicious apps can trivially thwart Mojave 10.14’s new privacy protections. A zero-day vulnerability in the brand-new version of the Apple Mojave macOS has been uncovered, which would allow an attacker to access private and confidential information by using an unprivileged app. The flaw was uncovered by Patrick Wardle, co-founder of […]
New Version of GandCrab Ransomware Appends 5 Character Extension To Encrypted Files
A new version of GandCrab Ransomware released, as like the previous version it was not distributed through exploit kits. The distribution method of GandCrab v5 is currently unknown, the new version appends a random 5 character extension on the encrypted files and creates HTML ransom note. Gandcrab Ransomware is a […]
SHEIN Data breach affected 6.42 million users
Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 million customers. The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. SHEIN is now notifying affected users and it is urging them […]
La Tunisie affine sa stratégie nationale sur la cyberdéfense
“La Tunisie est en train de renforcer ses capacités de cyberdéfense et de préparer une stratégie nationale complète de cyberdéfense”. C’est ce qu’a déclaré Kamel Akrout, conseiller principal pour la sécurité nationale auprès du président de la République, qui s’exprimait lundi 24 septembre à l’ouverture des travaux d’un atelier sur […]