Dans le cadre de notre partenariat avec Intel, nous avons été informés de la découverte d’un vecteur exploitant les failles de type « attaques par canal auxiliaire d’exécution spéculative » (speculative execution side-channel attaks). Cette nouvelle vulnérabilité, L1 Terminal Fault (L1TF), ou Foreshadow, est donc apparentée aux failles Spectre et Meltdown dévoilées […]
Haythem Elmir
Btlejacking Attack Could Allow a Hacker to Jam and Takeover the Bluetooth Connection
The Btlejacking Attack allows taking control over any Bluetooth Low Energy device, the attack abuses supervision timeout between two connected devices. The supervision timeout defines the time after which the connection is if no valid packets have been received. Security researcher Damien Cauquil reveal the attack on Aug. 11 Defcon hacker conference […]
World’s Largest Web Hoster GoDaddy Exposed Massive Amount Of Sensitive Data Online
GoDaddy data leaked from an unsecured S3 bucket, exposed the data contains configuration information such as hostname, operating system, workload, AWS region, memory and CPU specs, and more. Godaddy is the world’s leading domain registrar with over 18 million customers with over 76M domain names. Upguard noticed the publically readable […]
Vulnerabilities in Fax Protocol Let Hackers Infiltrate Networks via Fax Machines
Two recently discovered vulnerabilities in the fax protocol can transform fax machines into entry points for hackers into corporate networks, two Check Point researchers revealed last week in a talk given at the DEF CON 26 security conference held in Las Vegas. Named « Faxploit, » this attack targets the ITU T.30 […]
Infamous Belarusian Hacker « Ar3s » behind Massive Andromeda Botnet Released
Sergei Yaretz, 35-year-old, one of the most wanted hackers from Belarus who was arrested in last December has been released. It is reported that this is the first time in Belarus there was a process of cyber crime. In December 2017, Sergei also known as ‘Ar3s'( ‘Арес’ in Russian/Ares – The […]
Hacker leaks Snapchat’s source code on Github
Pakistani Hacker Posted Authentic Snapchat Source Code on GitHub – Snapchat’s source code is stolen…can there be a bigger news than that? Perhaps there is! Not only that the source code has been stolen but also posted on Microsoft-owned GitHub of all the platforms. Reportedly, the hacker hails from a small village […]
Campagne de messages électroniques non sollicités de type Locky Locker
Depuis la fin juillet 2018, le CERT-Fr constate une nouvelle campagne de courriels distribuant le rançongiciel Locky touchant actuellement la France. Les messages sont accompagnés d’un lien hypertexte encourageant à télécharger la facture d’une commande. Le taux de blocage par les passerelles anti-pourriel est relativement faible. Un rançongiciel est un […]
Researchers find vulnerabilities in WhatsApp that allow to spread Fake News via group chats
WhatsApp has been found vulnerable to multiple security flaws that could allow malicious users to spread fake news through group chats. WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security flaws that could allow malicious users to intercept and modify the content of […]
Mozilla Released Security Updates for Thunderbird & Fixed Critical Security Flaws
Mozilla Released Security Updates for critical vulnerabilities that affected Thunderbird Mail client along with newly released Thunderbird 60. Mozilla Thunderbird is a free and open-source cross-platform email client, RSS and chat client developed by the Mozilla Foundation and it is installed by default on Ubuntu desktop systems. Mozilla changed various improvement and new […]
Fake Android Banking Apps Leak Credit Card Details Online
Three fake Android banking apps phished for users’ credit card details and then leaked them online by transferring them to an exposed server. On July 26, 2018, Slovakian security firm ESET reported that it notified Google about the three fake banking apps that were uploaded to the Google Play Store […]