The private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. Oops … another data breach made the headlines and once again it was discovered by data leak hunters at Upguard. The private intelligence agency LocalBlox has […]
Haythem Elmir
Une trentaine de sites web tunisiens sous une vague d’attaques de type »Web defacement »
Le 19 Avril 2018, une trentaine de sites web tunisiens ont été attaqué par le groupe de pirate VirutaL L’attaque a visé des sites web de municipalités Tunisienne qui sont hébergés sur le même serveur en Tunisie. Les sites sont : L’attaque est de type Web defacement de site internet qui est […]
Hacking Cisco WebEx with a malicious Flash file. Patch it now!
Cisco issues a critical patch to address a remote code execution vulnerability in the Cisco WebEx software, hurry up apply it now! Cisco has issued a critical patch to fix a serious vulnerability (CVE-2018-0112) in its WebEx software that could be exploited by remote attackers to execute arbitrary code on target machines via […]
Denial-of-Spending and Inflation Bugs Found in Several Cryptocurrencies
A team of academics has identified an issue with the Zerocoin protocol, along with two security flaws in libzerocoin, the software library used for building actual cryptocurrencies around protocol. Researchers said they found these three issues to affect at least five cryptocurrencies based on Zerocoin, each in varying degrees. The five […]
ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS
Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in […]
Faille Cisco Smart Install: somme-nous concernés en Tunisie?
Il y a quelques semaines, un nouveau groupe de hackers qui porte le nom de « JHT » ont réussi à pirater un grand nombre d’équipements Cisco situés principalement en Russie et Iran. Ce groupe de ‘Hacktiviste’, d’origine apparemment américaine, a laissé sur les équipements affectés un message en « ASCII art » montrant […]
Probably you ignore that Facebook also tracks non-users across the web
Facebook explained how it is tracking Non-Users across the Internet and for which purposes it is using their metadata. Facebook is still in the middle of a storm for its conduct and the way it approached the privacy of its users after the Cambridge Analytica case. Now Facebook is under scrutiny after Zuckerberg […]
XiaoBa Ransomware Retooled as Coinminer But Manages to Ruin Your Files Anyway
The authors of the XiaoBa ransomware have retooled their malware’s code into a cryptocurrency miner (coinminer). Unfortunately, despite not encrypting files anymore, the XiaoBa coinminer still destroys users’ data thanks to a series of bugs that primarily corrupt a user’s executable files. History of the XiaoBa ransomware The XiaoBa ransomware […]
Oracle Critical Patch Update Advisory – April 2018
Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier […]
Cisco Smart Install Protocol Misuse
Cisco is aware of a significant increase in Internet scans attempting to detect devices where, after completing setup, the Smart Install feature remains enabled and without proper security controls. This could leave the involved devices susceptible to misuse of the feature. Customers who have not done so are encouraged to […]