World Press - Úvod Net-Security EN Story
Last update in 25.11.2018 10:54:52
|23.11.2018||Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months||A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months.||Bleepingcomputer|
|23.11.2018||Aurora / Zorro Ransomware Actively Being Distributed||A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past.||Bleepingcomputer|
|23.11.2018||US Postal Service Exposes Data of 60 Million Users for Over a Year||The US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service.||Bleepingcomputer|
|23.11.2018||PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday||With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts.||Bleepingcomputer|
|22.11.2018||US Postal Service Left 60 Million Users Data Exposed For Over a Year||The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to...||Thehackernews|
|22.11.2018||How Just Opening A Site In Safari Could Have Hacked Your Apple macOS||Earlier this week Dropbox team unveiled details of three critical vulnerabilities in Apple macOS operating system, which altogether coul...||Thehackernews|
|22.11.2018||Get paid up to $40,000 for finding ways to hack Facebook or Instagram accounts||Here we have great news for all bug bounty hunters. Now you can get paid up to $40,000 for finding and responsibly reporting critical vu...||Thehackernews|
|22.11.2018||Split View Mode Is Now Available for Skype on Windows 10||This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time.||Bleepingcomputer|
|22.11.2018||How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities||When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox.||Bleepingcomputer|
|22.11.2018||Microsoft Launcher Beta Gets a Big Update With New Features||Today, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements.||Bleepingcomputer|
|22.11.2018||German eID Authentication Flaw Lets You Change Identity||The authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth.||Bleepingcomputer|
|22.11.2018||Mozilla Overhauls Content Blocking Settings in Firefox 65||In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization.||Bleepingcomputer|
|22.11.2018||Amazon Data Leak Exposes Email Addresses Right Before Black Friday||If you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved.||Bleepingcomputer|
|21.11.2018||Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed||The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn , DropBox and MySpace ...||Thehackernews|
|21.11.2018||3 New Code Execution Flaws Discovered in Atlantis Word Processor||This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurit...||Thehackernews|
|21.11.2018||Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million||Two hackers have been sent to prison for their roles in hacking TalkTalk , one of the biggest UK-based telecommunications company, in 201...||Thehackernews|
|21.11.2018||Adobe Flash Player Update Released for Remote Code Execution Vulnerability||Adobe released a security update yesterday that resolves a critical vulnerability in Flash Player that could allow malicious sites to execute code on your computer.||Bleepingcomputer|
|21.11.2018||MageCart Group Sabotages Rival to Ruin Data and Reputation||Cybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums.||Bleepingcomputer|
|21.11.2018||Emotet Returns with Thanksgiving Theme and Better Phishing Tricks||After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.||Bleepingcomputer|
|21.11.2018||Active XSS Attacks Targeting Amp for WP WordPress Plugin||Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an active XSS attack is underway that targets these same vulnerabilities to install backdoors and create rogue admin accounts.||Bleepingcomputer|
|21.11.2018||Edge Browser Can Now Sign Into Microsoft Accounts With FIDO2 Security Keys||In April, Microsoft announced their support for the WebAuthn standard that would bring password-less online authentication to Microsoft Edge. Today Microsoft has enabled this feature & Windows 10 users can now use Edge to perform password-less logins to their Microsoft account with a FIDO2 compatible security key.||Bleepingcomputer|
|21.11.2018||Hackers, Rocky, and 97 Other Movies are Free on YouTube||Just in time for the holidays, if your looking to fill your time watching movies such as Hackers, the Rocky series, and Terminator, you can do so for free on YouTube.||Bleepingcomputer|
|21.11.2018||New Cannon Trojan Is the Latest Asset of Sofacy APT Group||Advanced threat group Sofacy delivers a new malware sample dubbed Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former Soviet state||Bleepingcomputer|
|20.11.2018||Instagram Accidentally Exposed Some Users' Passwords In Plaintext||Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users' passwords in plain text.||Thehackernews|
|20.11.2018||Holding Down Any iOS Keyboard Button Turns It Into a Mouse||A new tip was spreading around Twitter today that blew my mind and a lot of others; simply pressing and holding any key on the keyboard allows you to easily move the text cursor around like a mouse.||Bleepingcomputer|
|20.11.2018||Fake Apps in Google Play Get over Half a Million Installs||At least a dozen mobile apps with no legitimate functionality made it into Google Play and have been installed over half a million times. They would silently install another app and trick the user into approving its installation.|
|20.11.2018||Emotet Banking Trojan Loves U.S.A Internet Providers||According to new data by TrendMicro, attackers utilizing the Emotet banking Trojan predominantly used internet provides in the U.S.A. to host their Command & Control infrastructure.|
|20.11.2018||VisionDirect Data Breach Caused by MageCart Attack||VisionDirect, a popular contact lens online merchant in Europe, has posted an advisory stating that their web site had a data breach that led to the theft of credit card and account information.||Bleepingcomputer|
|20.11.2018||Hands-Free Skype Calling Now Available using Amazon Alex||Microsoft today confirmed that Skype calling is coming to Amazon Echo devices but the feature doesn't appear to be available just yet. You will need to install the Skype integration to access Microsoft's calling functionality.|
|19.11.2018||Vulnerability in AMP for WP Plugin Allowed Admin Access to WordPress||A vulnerability for the very popular AMP for WP WordPress plugin with a 100 thousand active installations was discovered that allows any registered users to escalate their privileges to gain administrative access to the site.||Bleepingcomputer|
|19.11.2018||New Gmail Bug Allows Sending Messages Anonymously||A new bug discovered in Gmail affects the web app's user experience by hiding the source address of an email, a situation that comes with an obvious potential for abuse.|
|19.11.2018||Make-A-Wish Website Compromised for Cryptojacking Operation||Crooks have no scruples when it comes to making money. Any high-traffic website is a good target for setting up a cryptocurrency mining operation, and the Make-A-Wish charitable organization makes no exception.|
|TrickBot Banking Trojan Starts Stealing Windows Problem History||A version of TrickBot spotted recently shows interest in data that is peculiar for the normal scope of banking trojans: the Windows system reliability and performance information.||Bleepingcomputer|
|Speech Synthesis API Being Restricted in Chrome 71 Due to Abuse||Web developers can use the SpeechSynthesis API to convert text on a web page into synthesized audio speech. While this feature is great for accessibility and audio queues, it is being abused by advertisements and low quality/scammy web sites.|
|17.11.2018||Microsoft Turns Off Ads in Windows 10 Mail App After Outrage||Microsoft was experimenting with ads Mail app ads in Brazil, Canada, Australia, and India to get user feedback on ads in Mail. Microsoft confirmed on Twitter that this is an experimental feature that was never intended to be tested broadly and is now being turned off.|
|17.11.2018||Scammers Use Facebook Sharer Page to Push Tech Support Scams||A new tech support scam trick is underway that utilizes Facebook's Sharer dialog to scare a user into thinking that their Facebook account has an issue. The scammers then hope that the user will be scared into calling the listed phone number.|
|17.11.2018||Hacker Say They Compromised ProtonMail. ProtonMail Says It's BS.||A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.|
Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers believed to have a background in legitimate infosec activities.
Watching a video on YouTube in full screen is the optimal way to use the site, but it prevents you from using other features such as comments and the rest of the site A new feature has been released today by YouTube that allows you to watch a video in full screen, but at the same time, scroll down and view the site.
Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach.
Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them.
Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements.
iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device.
A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania.
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe."
A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates.
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019.
Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC.
After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes.
Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible.
Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues.
Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates.
Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China.
The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.
The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.
Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files? Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices.
This past April, Cloudflare and APNIC released a new 188.8.131.52 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 184.108.40.206 app for Android and iOS to easily bring these same features to your mobile devices.
An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome.