Safari, Edge, and Firefox were the favorite targets that fell to white hat hackers at the world’s most well-known competitive hacking competition —Pwn2Own 2018— held over the past two days in Vancouver, Canada. Hackers took home $267,000 of the total $2 million prize pool, which is way less than the […]
Mossack Fonseca law firm shuts down operations 2 years after Panama Papers
News of the day is that the Mossack Fonseca law firm would shut down operations due to the reputational damage caused by the Panama Papers security breach. The Panama Papers is a huge trove of strictly confidential documents from the Panamanian law firm Mossack Fonseca that was leaked online on April 3, 2016. […]
Hackers Target PostgreSQL DBs With Coinminer Hidden in Scarlett Johannsson Image
A new type of attack has been discovered targeting PostgreSQL databases, in which malware authors are using an image of Hollywood actress Scarlett Johansson to hide a cryptocurrency miner they intend to run on the DB’s underlying server. The attack has been observed in a honeypot server ran by Imperva researchers. Experts […]
Multiples vulnérabilités dans le noyau Linux d’Ubuntu
RÉSUMÉ De multiples vulnérabilités ont été corrigées dans le noyau Linux d’Ubuntu. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données. RISQUE(S) Atteinte à la confidentialité des données SYSTÈMES AFFECTÉS Ubuntu 16.04 LTS Ubuntu 17.10 GESTION DU DOCUMENT Référence CERTFR-2018-AVI-134 Titre Multiples vulnérabilités dans le noyau […]
Sofacy Targets Government Agency with New Spear-Phishing Campaign
The Sofacy group, also known as APT28 and Fancy Bear, has carried out an attack on an unnamed European government agency using an updated variant of DealersChoice. Details of the attack, which have been published by Unit42 – part of Palo Alto Networks – describe the espionage group using doc.x […]
Are DDoS Attacks Increasing or Decreasing? Depends on Whom You Ask
Details on DDoS trends can vary, depending on the reporting source. Distributed denial-of-service (DDoS) attacks remain unpredictable and dangerous for enterprises, but actual details on how the threat is evolving can differ substantially by the reporting source. Two reports released this week, one by Verisign and the other from Nexusguard, are good examples. […]
Plugins for Popular Text Editors Could Help Hackers Gain Elevated Privileges
Whether you’re a developer, designer or a writer, a good text editor always help you save time and make you work more efficiently. For example, I use Sublime a lot while programming because it includes some useful tools like ‘syntax highlighting’ and ‘autocomplete’ that every advanced text editor should have. […]
FBI, DHS accuse Russia of critical infrastructure cyber attacks
Spear-phishing emails, watering-hole-domains, and credential gathering are just some of the TTPs said to be used during a long running cyber campaign. A report from the FBI and Department of Homeland Security has accused Russia of undertaking a critical infrastructure cyber attack. Already under the spotlight due to connections with […]
Tricks that cybercriminals use to hide in your phone
While analysts figure out new methodologies for analyzing malware and users begin to understand how all this works, cybercriminals are seeking new ways to hide in phones and compromise devices. The convoluted tricks used to increase the effectiveness of their attacks can be grouped into two distinct categories: First, Social […]
LENOVO WARNS CRITICAL WIFI VULNERABILITY IMPACTS DOZENS OF THINKPAD MODELS
Lenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Android devices. Lenovo has expanded that list to include […]