Though only two members strong, hackers pose a credible threat to banks in Russia and multiple countries. A pair of Russian-speaking hackers, likely working in legitimate information security roles, has quietly emerged as a major threat to banks in Russia and numerous other former Soviet republics in recent months. The […]
Hacking
Cisco Releases 16 Security Alerts Rated Critical and High
Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs. Only three alerts refer to security problems with critical impact; among them is the recently disclosed remote code execution vulnerability in Apache Struts, for which several proof-of-concept exploits exist. Cisco notes that not […]
PowerPool malware exploits ALPC LPE zero-day vulnerability
Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. Source: Twitter It seems obvious that this was not part of a […]
FIN6 returns to attack retailer point of sale systems in US, Europe
A new malware campaign has been detected which is targeting point-of-sale (PoS) systems across the United States and Europe. On Wednesday, researchers from IBM X-Force IRIS said the attacks have been attributed to the FIN6 cybercriminal group. This is only the second time that a campaign has been documented which appears to […]
New OilRig APT campaign leverages a new variant of the OopsIE Trojan
The Iran-linked APT group OilRig was recently observed using a new variant of the OopsIE Trojan that implements news evasion capabilities. Experts at Palo Alto observed a new campaign carried out by the Iran-linked APT group OilRig that was leveraging on a new variant of the OopsIE Trojan. The OilRig hacker group is an Iran-linked APT that has […]
DES MILLIERS DE ROUTEURS MIKROTIK PIRATÉS DANS LE TRAFIC RÉSEAU
Le mois dernier, nous avons signalé une vaste campagne de cryptage de logiciels malveillants qui avait détourné plus de 200 000 routeurs MikroTik. En utilisant une vulnérabilité révélée précédemment dans les fuites de CIA Vault 7 . Les chercheurs en sécurité de Qihoo 360 Netlab ont découvert que sur 370 000 routeurs MikroTik potentiellement vulnérables, […]
Group-IB UncoversAPT- attacks on Banks: The Sound of Silence
Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group. While the gang had previously targeted Russian banks, Group-IB experts also have discovered evidence of the group’s activity in […]
New BondPath Android Spyware Retrieves Chat Data From Messaging Apps
Researchers uncovered an Android spyware family called BondPath that is capable of retrieving chats from several mobile messaging apps while spying on other types of information. BondPath has been around since May 2016, but in July 2018, researchers at Fortinet observed that some samples were still in the wild. Those […]
MEGA.nz, l’extension Chrome devenue pirate malgré elle
Une extension corrompue a volé des mots de passe pour les comptes Google, Microsoft, GitHub et Amazon, mais aussi des clés privées Monero et Ethereum. L’extension Chrome officielle du service de partage de fichiers MEGA.nz a été compromise avec un code malveillant. Conséquence : elle vole les noms d’utilisateur et les […]
Hackers can easily access 3D printers exposed online for sabotage and espionage
Security researchers at the SANS Internet Storm Center discovered that thousands of 3D printers are exposed online without proper defense. The news is worrisome, thousands of 3D printers are exposed online to remote cyber attacks. According to the experts at SANS Internet Storm Center that scanned the internet for vulnerable 3D printers, […]