A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Hacking Industrial Ethernet Switches to take over nuclear plants Microsoft Windows 10 spies on you by default Operation Potao – hackers used a trojanized version of TrueCrypt Mt Goxs […]
Carphone Warehouse has taken three days to disclose about a sophisticated attack that may have impacted more than 2.4 million customers. The British mobile phone retailer Carphone Warehouse has been hacked and nearly 2.4 million customers records could have been compromised. On 5 August 2015 the experts of the company discovered that the IT infrastructure […]
Mozilla released the version 39.0.3 Firefox to patch a critical 0-day vulnerability that has been exploited in the wild. A zero-day vulnerability in Mozilla FireFox was reported on Wednesday to the company. A user noticed that an ad displayed on a Russian news website was serving an a malicious code. The exploit discovered by the user […]
The ICANN has issued a warning to inform who registered with ICANN.org that their profile accounts were accessed by an “unauthorized person.” The Internet Corporation for Assigned Names and Numbers (ICANN) has issued another security warning after login credentials of the ICANN.org website have been compromised. A new incident occurred to the ICANN (Internet Corporation for […]
The Panda Emissary group extensively uses long-running strategic web compromises and relies on whitelists to syphon defence aerospace projects from victims. An alleged Chinese APT group dubbed Panda Emissary (also known as TG-3390) is targeting high-profile governments and organisations searching for defense aerospace projects. Researchers at Dell discovered that the Panda Emissary group used Watering hole […]
Popular cloud storage services such as Google Drive and Dropbox can be abused by hackers running Man-in-the-Cloud (MITC) attacks. The recently issued Imperva’s Hacker Intelligence Initiative report on Man-in-the-Cloud (MITC) attacks details how threat actors abuse popular cloud storage services for illegal activities. The experts have analyzed a number of cloud storage services including Dropbox, Google Drive, Box, and Microsoft OneDrive. […]
A Chinese-language Virtual Private Network service provider dubbed Terracotta VPN offers a network of compromised servers as a stealth hacking platform. According RSA Security, a China-based virtual private network (VPN) service provider offers hacking crews a network of compromised servers which can be used to carry out stealth cyber attacks. The attacks appear to be […]
The CTB-Locker Ransomware is Back with a Vengeance, the security experts noticed that bad actors Leveraging the Release of Windows 10 as an Attack Vector. A false sense of hope that the presence, or rather the active spread, of crypto-ransomware in-the-wild has begun to slowly die out has been quickly diminished thanks to the group behind the CTB-Locker ransomware. While […]
Police officers from dozen countries have just completed the first training program on Darknets, Tor hidden services and illegal marketplaces. Cybercrime becomes even more sophisticated and explores new technologies for its illegal activities. A growing problem for law enforcement agencies world worldwide is to track illegal activities in the Dark Web. Not only cyber criminals, but also groups […]
Recently we reported a new vulnerability affecting Bind, now experts at Sucuri confirmed that the flaw is being exploited in DNS server attacks. A few days ago we wrote about the BIND software flaws that were discovered, affecting important companies, and last week a patch was released for the denial-of-service flaw (CVE-2015-5477), which was affecting […]