World Press - Úvod  Net-Security  EN  Story 

Last update in 25.11.2018 10:54:52


 

Datum

Název

Info

Categorie

Web

23.11.2018Rotexy Mobile Trojan Launches 70k+ Attacks in Three MonthsA mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months.Bleepingcomputer
23.11.2018Aurora / Zorro Ransomware Actively Being DistributedA ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past.Bleepingcomputer
23.11.2018US Postal Service Exposes Data of 60 Million Users for Over a YearThe US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service.Bleepingcomputer
23.11.2018PSA: Phishing Levels Rise Ahead of Black Friday and Cyber MondayWith the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts.Bleepingcomputer
22.11.2018US Postal Service Left 60 Million Users Data Exposed For Over a YearThe United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to...Thehackernews
22.11.2018How Just Opening A Site In Safari Could Have Hacked Your Apple macOSEarlier this week Dropbox team unveiled details of three critical vulnerabilities in Apple macOS operating system, which altogether coul...Thehackernews
22.11.2018Get paid up to $40,000 for finding ways to hack Facebook or Instagram accountsHere we have great news for all bug bounty hunters. Now you can get paid up to $40,000 for finding and responsibly reporting critical vu...Thehackernews
22.11.2018Split View Mode Is Now Available for Skype on Windows 10This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time.Bleepingcomputer
22.11.2018How a Security Test for DropBox Revealed 3 Apple Zero Day VulnerabilitiesWhen Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox.Bleepingcomputer
22.11.2018Microsoft Launcher Beta Gets a Big Update With New FeaturesToday, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements.Bleepingcomputer
22.11.2018German eID Authentication Flaw Lets You Change IdentityThe authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth.Bleepingcomputer
22.11.2018Mozilla Overhauls Content Blocking Settings in Firefox 65In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization.Bleepingcomputer
22.11.2018Amazon Data Leak Exposes Email Addresses Right Before Black FridayIf you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved. Bleepingcomputer
21.11.2018Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases RevealedThe real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn , DropBox and MySpace ...Thehackernews
21.11.20183 New Code Execution Flaws Discovered in Atlantis Word ProcessorThis is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurit...Thehackernews
21.11.2018Two TalkTalk hackers jailed for 2015 data breach that cost it £77 millionTwo hackers have been sent to prison for their roles in hacking TalkTalk , one of the biggest UK-based telecommunications company, in 201...Thehackernews
21.11.2018Adobe Flash Player Update Released for Remote Code Execution VulnerabilityAdobe released a security update yesterday that resolves a critical vulnerability in Flash Player that could allow malicious sites to execute code on your computer.Bleepingcomputer
21.11.2018MageCart Group Sabotages Rival to Ruin Data and ReputationCybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums.Bleepingcomputer
21.11.2018Emotet Returns with Thanksgiving Theme and Better Phishing TricksAfter a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.Bleepingcomputer
21.11.2018Active XSS Attacks Targeting Amp for WP WordPress PluginVulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site.  It has now been discovered that an active XSS attack is underway that targets these same vulnerabilities to install backdoors and create rogue admin accounts.Bleepingcomputer
21.11.2018Edge Browser Can Now Sign Into Microsoft Accounts With FIDO2 Security KeysIn April, Microsoft announced their support for the WebAuthn standard that would bring password-less online authentication to Microsoft Edge. Today Microsoft has enabled this feature & Windows 10 users can now use Edge to perform password-less logins to their Microsoft account with a FIDO2 compatible security key.Bleepingcomputer
21.11.2018Hackers, Rocky, and 97 Other Movies are Free on YouTubeJust in time for the holidays, if your looking to fill your time watching movies such as Hackers, the Rocky series, and Terminator, you can do so for free on YouTube.Bleepingcomputer
21.11.2018New Cannon Trojan Is the Latest Asset of Sofacy APT GroupAdvanced threat group Sofacy delivers a new malware sample dubbed Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former Soviet stateBleepingcomputer
20.11.2018Instagram Accidentally Exposed Some Users' Passwords In PlaintextInstagram has recently patched a security issue in its website that might have accidentally exposed some of its users' passwords in plain text.Thehackernews
20.11.2018Holding Down Any iOS Keyboard Button Turns It Into a MouseA new tip was spreading around Twitter today that blew my mind and a lot of others; simply pressing and holding any key on the keyboard allows you to easily move the text cursor around like a mouse.Bleepingcomputer
20.11.2018Fake Apps in Google Play Get over Half a Million InstallsAt least a dozen mobile apps with no legitimate functionality made it into Google Play and have been installed over half a million times. They would silently install another app and trick the user into approving its installation.

Bleepingcomputer

20.11.2018Emotet Banking Trojan Loves U.S.A Internet ProvidersAccording to new data by TrendMicro, attackers utilizing the Emotet banking Trojan predominantly used internet provides in the U.S.A. to host their Command & Control infrastructure.

Bleepingcomputer

20.11.2018VisionDirect Data Breach Caused by MageCart AttackVisionDirect, a popular contact lens online merchant in Europe, has posted an advisory stating that their web site had a data breach that led to the theft of credit card and account information.Bleepingcomputer
20.11.2018Hands-Free Skype Calling Now Available using Amazon AlexMicrosoft today confirmed that Skype calling is coming to Amazon Echo devices but the feature doesn't appear to be available just yet. You will need to install the Skype integration to access Microsoft's calling functionality.

Bleepingcomputer

19.11.2018Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPressA vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations was discovered that allows any registered users to escalate their privileges to gain administrative access to the site.Bleepingcomputer
19.11.2018New Gmail Bug Allows Sending Messages AnonymouslyA new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse.

Bleepingcomputer

19.11.2018Make-A-Wish Website Compromised for Cryptojacking OperationCrooks have no scruples when it comes to making money. Any high-traffic website is a good target for setting up a cryptocurrency mining operation, and the Make-A-Wish charitable organization makes no exception.

Bleepingcomputer

18.11.2018

TrickBot Banking Trojan Starts Stealing Windows Problem HistoryA version of TrickBot spotted recently shows interest in data that is peculiar for the normal scope of banking trojans: the Windows system reliability and performance information.Bleepingcomputer

17.11.2018

Speech Synthesis API Being Restricted in Chrome 71 Due to AbuseWeb developers can use the SpeechSynthesis API to convert text on a web page into synthesized audio speech. While this feature is great for accessibility and audio queues, it is being abused by advertisements and low quality/scammy web sites.

Bleepingcomputer

17.11.2018Microsoft Turns Off Ads in Windows 10 Mail App After OutrageMicrosoft was experimenting with ads Mail app ads in Brazil, Canada, Australia, and India to get user feedback on ads in Mail. Microsoft confirmed on Twitter that this is an experimental feature that was never intended to be tested broadly and is now being turned off.

Bleepingcomputer

17.11.2018Scammers Use Facebook Sharer Page to Push Tech Support ScamsA new tech support scam trick is underway that utilizes Facebook's Sharer dialog to scare a user into thinking that their Facebook account has an issue. The scammers then hope that the user will be scared into calling the listed phone number.

Bleepingcomputer

17.11.2018Hacker Say They Compromised ProtonMail. ProtonMail Says It's BS.A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.

Bleepingcomputer

16.11.2018

Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error

Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United St

Thehackernews

16.11.2018

Russian Banks Under Phishing Attack

Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers believed to have a background in legitimate infosec activities.

Bleepingcomputer

16.11.2018

Gmail Bugs Allow Changing From: Field and Spoofing Recipient's Address


A bug in the way Gmail handles the structure of the 'from:' header allows placing of an arbitrary email address in the sender field.

Bleepingcomputer

16.11.2018

YouTube Now Lets You Scroll Down to View Comments When in Full Screen

Watching a video on YouTube in full screen is the optimal way to use the site, but it prevents you from using other features such as comments and the rest of the site A new feature has been released today by YouTube that allows you to watch a video in full screen, but at the same time, scroll down and view the site.

Bleepingcomputer

16.11.2018

Firefox Now Shows Warnings On Sites with Data Breaches

Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach.

Bleepingcomputer

16.11.2018

Misconfigured Docker Services Actively Exploited in Cryptojacking Operation

Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them.

Bleepingcomputer

16.11.2018

Windows 10 Build 18282 Released To Insiders With New Light Theme

Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements.

Bleepingcomputer

16.11.2018

iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo

iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device.

Bleepingcomputer

16.11.2018

Infowars Store Affected by Magecart Credit Card Stealing Hack

A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania.

Bleepingcomputer

16.11.2018

State-Sponsored Actors Focus Attacks on Asia

Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe."

Bleepingcomputer

16.11.2018

Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks

A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates.

Bleepingcomputer

15.11.2018

Why you need to know about Penetration Testing and Compliance Audits?

We live in an age where data flows like water, becoming the new life source of our everyday ventures. As such, you can just imagine what a

Thehackernews

15.11.2018

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress th..

Thehackernews

15.11.2018

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully pa...

Thehackernews

15.11.2018

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processor...

Thehackernews

14.11.2018

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft product..

Thehackernews

14.11.2018

Another Facebook Bug Could Have Exposed Your Private Information

Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information abo.

Thehackernews

14.11.2018

The US Office of Personnel Management Systems Are Still Insecure

The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019.

Bleepingcomputer

14.11.2018

Adobe Releases Security Update for Acrobat Vulnerability with Public PoC

Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC.

Bleepingcomputer

14.11.2018

Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697

After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes. 

Bleepingcomputer

14.11.2018

Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible.

Bleepingcomputer

14.11.2018

Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released

Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues.

Bleepingcomputer

14.11.2018

Microsoft Resumes Rollout of Windows 10 October 2018 Update

Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates.

Bleepingcomputer

14.11.2018

Google Services Unreachable After Traffic Hijacking

Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China.

Bleepingcomputer

13.11.18

Cynet Review: Simplify Security with a True Security Platform

In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago (!) and since then, cyber sec.

Thehackernews

13.11.18

HookAds Malvertising Installing Malware via the Fallout Exploit Kit

The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.

Bleepingcomputer

13.11.18

The Intel Microcode Boot Loader Protects Older CPUs From Spectre

The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.

Bleepingcomputer

13.11.18

iSH - An iOS Linux Shell for Your iPhone or iPad

Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files?  Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices.

Bleepingcomputer

12.11.18

New APIs Suggest WPA3 Wi-Fi Security Support Coming Soon to Windows 10

Windows 10 users don't have to wait much longer for the support of latest WPA3 Wi-Fi security standard , a new blog post from Microsof..

Thehackernews

11.11.18

Cloudflare Brings its 1.1.1.1 DNS Service to Android & iOS Mobile Devices

This past April, Cloudflare and APNIC released a new 1.1.1.1 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 1.1.1.1 app for Android and iOS to easily bring these same features to your mobile devices.

Bleepingcomputer

11.11.18

Internal Chrome Page Shows All Google Interstitial Warnings

An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome.

Bleepingcomputer

9.11.18

Hacker Who DDoSed Sony, EA and Steam Gaming Servers Pleads Guilty

A 23-year-old hacker from Utah pleaded guilty this week to launching a series of denial-of-service (DoS) attacks against multiple online.

Thehackernews

8.11.18

Here's How Hackers Could Have Spied On Your DJI Drone Account

Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could ha...

Thehackernews

8.11.18

New Android API Lets Developers Push Updates Within their Apps

You might have read somewhere online today that Google is granting Android app developers powers to forcefully install app updates…but it

Thehackernews

8.11.18

StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by c...

Thehackernews

8.11.18

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox —a popular op...

Thehackernews

7.11.18

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could comp...

Thehackernews

5.11.18

Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data

We all have something to hide, something to protect. But if you are also relying on self-encrypting drives for that, then you should read.

Thehackernews

3.11.18

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff.

Thehackernews

1.11.18

Accused CIA Leaker Faces New Charges of Leaking Information From Prison

Joshua Adam Schulte , a 30-year-old former CIA computer programmer who was indicted over four months ago  for masterminding the largest leak.

Thehackernews

1.11.18

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of ac.

Thehackernews

31.10.18

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple introduces a new privacy feature for all new MacBooks that "at some extent" will prevent hackers and malicious applications.

Thehackernews

30.10.18

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1

It's only been a few hours since Apple releases iOS 12.1 and an iPhone enthusiast has managed to find a passcode bypass hack, once a.

Thehackernews

30.10.18

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft S.

Thehackernews

29.10.18

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker t.

Thehackernews

29.10.18

Signal Secure Messaging App Now Encrypts Sender's Identity As Well

Signal, the popular end-to-end encrypted messaging app, is planning to roll out a new feature that aims to hide the sender's identity.

Thehackernews

29.10.18

Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON

Microsoft Windows built-in anti-malware tool, Windows Defender, has become the very first antivirus software to have the ability to run in.

Thehackernews

28.10.18

IBM Buys "Red Hat" Open-Source Software Company for $34 Billion

It's been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service...

Thehackernews

26.10.18

New Privilege Escalation Flaw Affects Most Linux Distributions

An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributi...

Thehackernews

25.10.18

Facebook Fined £500,000 for Cambridge Analytica Data Scandal

Facebook has finally been slapped with its first fine of £500,000 for allowing political consultancy firm Cambridge Analytica to improper...

Thehackernews

24.10.18

Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

When it comes to security updates, Android is a real mess. Even after Google timely rolls out security patches for its Android platform...

Thehackernews

24.10.18

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the de...

Thehackernews

23.10.18

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Tas...

Thehackernews

19.10.18

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by...

Thehackernews

18.10.18

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—cal...

Thehackernews

17.10.18

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to st...

Thehackernews