Now use Internet anonymously through Tor-enabled SIM card Onion3G Privacy concerns are rising with the advancement of technology. Today, we need to be a lot more careful about online browsing than we needed to a few years back despite that we have come far ahead with technology. Tor browser and VPNs are generally […]
Hacking
Cisco Warns of Zero-Day Vulnerability in Security Appliances
Cisco informed customers on Wednesday that some of its security appliances are affected by a serious vulnerability that has been actively exploited. The zero-day flaw, tracked as CVE-2018-15454, is related to the Session Initiation Protocol (SIP) inspection engine used in the company’s Adaptive Security Appliance (ASA) and Firepower Threat Defense […]
Cyber Criminals attacked the system of Russian Railways and S7 airlines and killed the investigator
The court of Moscow began consideration of the case of fraud in the purchase of tickets. A group of hackers, consisting of 29 people, earned $ 258,000 on fictitious refunds of tickets of Russian Railways and S7 airlines in 2013-2014. This case was conducted by Evgenija Shishkina, the senior investigator […]
Kraken Ransomware Upgrades Distribution with RaaS Model
Affiliates pocket 80 percent of every ransom payment. The Kraken ransomware author has released a second version of the malicious code, along with a unique affiliate program on the Dark Web. According to research into Kraken v.2 the new version is being promoted in a ransomware-as-a-service (RaaS) model to underground […]
Many CMS plugins are disabling TLS certificate validation… and that’s very bad
An absurd number of CMS plugins and PHP libraries are disabling SSL/TLS certificate validation on purpose, and by doing so, they’re putting millions of internet users at great risk. To make matters worse, many of these plugins and libraries are used to establish connections to payment provider servers, connections through […]
IBM CORRIGE PLUSIEURS VULNÉRABILITÉS CRITIQUES DANS DIVERS PRODUITS
IBM a publié 35 bulletins de sécurité sur ses produits, entre le 19 et le 26 octobre. Parmi ceux-ci, 18 sont jugées élevées, 16 modérées et 1 faible. Parmi les vulnérabilités corrigées les plus critiques, aucune n’est spécifique aux produits IBM. Celles-ci sont référencées de la manière suivante : CVE-2018-16741 [CVSS 9.8] : Une vulnérabilité dans […]
UNE VULNÉRABILITÉ CRITIQUE CORRIGÉE SUR SOPHOS HITMANPRO
Des chercheurs de Talos ont découvert deux vulnérabilités, dont une critique dans Sophos HitmanPro, un outil de détection et de suppression des malwares. Un attaquant pourrait l’exploiter pour exécuter du code à distance ou élever ses privilèges. L’attaque est peu complexe à réaliser, ne peut être effectuée qu’en local, ne nécessite ni privilèges ni […]
New malware turning smartphones into hidden proxies
Cybercriminals are distributing new Android malware via Phishing email campaign that turns infected smartphones into hidden mobile proxies. The proxies can be used to circumvent internal network security controls. The McAfee Mobile Research team has identified the active phishing campaign that traps users by sending an SMS to influence them […]
SamSam: Targeted Ransomware Attacks Continue
Ransomware group remains highly active in 2018, focussing mainly on organizations in the U.S. The group behind the SamSam ransomware (Ransom.SamSam) has continued to mount attacks against entire organizations during 2018, with fresh attacks seen against 67 different targets, mostly located in the U.S. SamSam specializes in targeted ransomware attacks, […]
Windows 10 UWP bug could give malicious devs access to all your files
Microsoft has quietly fixed a bug in the on-hold Windows 10 October 2018 Update that in earlier versions wasn’t telling users when apps requested permission to access all a user’s files. The bug in the Windows ‘broadFileSystemAccess’ API could have given a malicious developer of Universal Windows Platform (UWP) apps […]