Hacking

A new variant of the NRSMiner is infecting users in the southern region of Asia, most of the victims are in Vietnam (54%), Iran (16%) and Malaysia (12%). The new version leverages the EternalBlue exploit to spread, experts observed that the threat also updates existing NRSMiner installs. ETERNALBLUE is an NSA exploit that […]

Je vous révélais, il y a quelques jours, la diffusion de documents étonnants émanant d’un piratage informatique signé par le groupe The Dark Overlord. Les hackers noirs ont mis en ligne plusieurs centaines de documents sensibles, volés à des cabinets d’avocats, concernant les attentats du 11 septembre. The Dark Overlord semble […]

Un ransomware ? Une attaque par mawlare a impacté l’impression et la distribution de plusieurs grands journaux américains. Ce n’est pas une panne serveur, mais bel et bien une attaque par malware qui a perturbé ce week-end la distribution de journaux américains. Parmi les journaux concernés, le Los Angeles Times, le […]

Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. Threat actors in the wild are attempting to exploit a vulnerability in LiveBox ADSL modems from Orange, the issue could be triggered to retrieve their SSID and WiFi […]

Some models of Huawei routers are affected by a flaw that could be exploited by attackers to determine whether the devices have default credentials or not. Ankit Anubhav, a principal researcher at NewSky Security, discovered a vulnerability in some models of Huawei routers that could be exploited by attackers to determine whether […]

Cisco ASA is affacted by a privilege escalation flaw. Patch it now! Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device.  A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco […]

Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to […]

New Malware Takes Commands From Memes Posted On Twitter Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services. Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter account controlled […]

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched […]