The researchers at CSE ZLab have spotted a new family of malware, tracked as Bandios malware spreading in the wild. The peculiarity of Bandios malware is the fact that this malware is in a rapid and constant evolution and development. Experts observed several versions of the malware stored on the same websites, […]
Haythem Elmir
MyEtherWallet piraté : les DNS de Google en cause
Le site Myetherwallet a été piraté ce 24 avril 2018 au niveau des serveurs DNS publics de Google (8.8.8.8, 8.8.4.4). L’attaquant a détourné le trafic du site web vers l’IP de son serveur de phishing basé en Russie, laissant la porte ouverte aux utilisateurs pour y déposer leurs clés privées… dans les […]
Researcher Discloses « Unpatchable » Nintendo Switch Exploit
A security researcher has released a proof-of-concept exploit affecting the Nvidia Tegra line of embedded processors that come with Nintendo Switch devices. Codenamed « Fusée Gelée, » the PoC is a cold-boot hack that lets a device owner to bypass device-lockdown and run custom code on the Switch. This exploit opens the […]
MikroTik Patches Zero-Day Flaw Under Attack in Record Time
BREAKING —MikroTik has released firmware patches for RouterOS, the operating system that ships with some of its routers. The patches fix a zero-day vulnerability exploited in the wild. A MikroTik engineer said yesterday that « the vulnerability allowed a special tool to connect to the [MikroTik] Winbox port, and request the system user […]
Atlanta’s Ransomware Cleanup Costs Hit $2.6 Million
On March 22, a ransomware outbreak hit Atlanta city government systems, freezing not just the city’s technology but also its ability to get work done. As a result of the outbreak, the city’s 8,000 employees were unable to use their PCs for several days (see Atlanta After Ransomware Attack: Please Restart Your […]
Gmail Spam Campaign Annoying, Not a Hack
When users take a look through their sent messages, they aren’t always searching for an email they sent. The security-minded user is looking for any messages that they did not send out. That’s how some Gmail users recently discovered a spam message campaign. Several users in a Gmail help forum reported that they […]
Ukrainian energy ministry website hit by ransomware attack
KIEV (Reuters) – Hackers took down the website of the Ukrainian energy and coal ministry on Tuesday, posting a message in English demanding a ransom paid in Bitcoin to recover encrypted files. The attack appeared to be an isolated incident with no other government websites or systems affected, cyber police […]
Ride sharing platform Careem says hit by cyber attack with data of up to 14 million users stolen
The personal data of up to 14 million people in the Middle East, North Africa, Pakistan and Turkey has been stolen by online criminals in a cyber-attack on the systems of Dubai ride sharing platform Careem. On January 14, the company detected the breach in the computer systems which hold the account data […]
Drupal to Release Second Drupalgeddon2 Patch as Attacks Continue
Drupal developers announced on Monday that versions 7.x, 8.4.x and 8.5.x of the content management system (CMS) will receive a new security update later this week. The Drupal core updates, scheduled for April 25 between 16:00 and 18:00 UTC, will deliver a follow-up patch for the highly critical vulnerability tracked […]
Yahoo mega-breach hacker faces nearly 8 years in prison
The US is looking to lock up one of the Yahoo mega-breach spearphishers for 94 months: nearly eight years. On Tuesday, Department of Justice (DOJ) prosecutors asked a San Francisco federal court judge to impose that sentence on Karim Baratov, a Canadian citizen born in Kazakhstan who was indicted in March 2017 […]