Dell data breach – Dell forces password reset after the incident Dell data breach – IT giant Dell disclosed a data breach, the company confirmed it has detected an intrusion in its systems on November 9th 2018. Attackers were trying to exfiltrate customer data (i.e. names, email addresses, and hashed passwords) […]
Hacking
Malicious developer distributed tainted version of Event-Stream NodeJS Module to steal Bitcoins
Malicious developer distributed tainted version of Event-Stream NodeJS Module to steal Bitcoins
Chaining 3 zero-days allowed pen testers to hack Apple macOS computers
Dropbox team disclosed three critical zero-day vulnerabilities in Apple macOS, chaining them it is possible to take over a Mac computer. Dropbox team disclosed three critical zero-day vulnerabilities (CVE-2017-13890, CVE-2018-4176, CVE-2018-4175) affecting the Apple macOS operating system, an attacker could chain them to remotely execute arbitrary code on a targeted Mac computer. The attacker […]
Flaw allowing identity spoofing affects authentication based on German eID cards
Flaw allowing identity spoofing affects authentication based on German eID cards The authentication process via German eID cards with RFID chips is flawed, an attacker could impersonate any other citizen. The nightmare comes true, the authentication process via German eID cards with RFID chips is flawed and a flaw could […]
Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw Security experts from Netscout Asert discovered more than ten Mirai bot variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers. These Mirai variants are the first one that doesn’t target Internet of Things devices, […]
Sofacy APT group used a new tool in latest attacks, the Cannon.
Sofacy APT group (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) has a new weapon in its arsenal dubbed Cannon. The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Experts at Palo Alto Networks spotted a new campaign in late October and early […]
Security bug exposes password of Instagram users
A security bug inside Instagram’s “Download Your Data” tool that could have been exploited to expose password of thousands of users around the world. The feature « Download Your Data » was introduced in April this year after the change in the European Union’s General Data Protection Regulation (GDPR). It allows users […]
اختراق موقع الاهلي المصري قبل يوم من مباراة النهائي
تم اليوم اختراق الموقع الرسمي للاهلي المصري قبل ساعات من مباراة الدور النهائي اياب لكأس رابطة الابطال الافريقية، وقد تم وضع صورة لفريق الترجي الرياضي التونسي مرفوقة بعنوان » الترجي ينتصر على الاهلي المصري بنتيجة 5 اهداف مقابل صفر. ونجح الهاكر في حذف أخر الأخبار على الصفحة الرئيسية للنادي الاهلي […]
BCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers
Since September 2018, 360Netlab Scanmon has detected multiple scan spikes on TCP port 5431, each time the system logged more than 100k scan sources, a pretty large number compared with most other botnets we have covered before. The interaction between the botnet and the potential target takes multiple steps, it starts with tcp port […]
New attack by Anonymous Italy: personal data from ministries and police have been released online
New attack by Anonymous Italy: personal data from ministries and police have been released online. The site of Fratelli d’Italia, a post-fascist party, has been defaced The iconoclastic fury of Italian Anonymous does not stop. As announced, the three groups that coordinate the operation “Black Week” have released also today new […]