News hacks...

News hacks

  • Google VRP Teaser - Today I Learned
    par /u/TechbrunchFR le 25 septembre 2022 à 16h44

    submitted by /u/TechbrunchFR [link] [comments]

  • Attackers impersonate CircleCI platform to compromise GitHub accounts
    par Pierluigi Paganini le 25 septembre 2022 à 16h41

    Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The company learned of the attacks against its users on September 16, it pointed out that the phishing campaign has impacted many victim organizations except GitHub. Phishing messages claims that a user’s CircleCI session expired and attempt to trick recipients into logging in using GitHub credentials. “Clicking the link takes the user to a phishing site that looks like the GitHub login page but steals any credentials entered. For users with TOTP-based two-factor authentication (2FA) enabled, the phishing site also relays any TOTP codes to the threat actor and GitHub in real time, allowing the threat actor to break into accounts protected by TOTP-based 2FA. Accounts protected by hardware security keys are not vulnerable to this attack.” reads the advisory published by the Microsoft-owned company. Recipients are redirected to the phishing pages mimicking GitHub login page designed to steal in real-time the credentials and 2FA code entered by the users. The company pointed out that the accounts protected by hardware security keys are not vulnerable to this attack. Among the tactics used by the attackers, they may quickly create GitHub personal access tokens (PATs), authorize OAuth applications, or add SSH keys to the account in order to maintain access to the account in case the user changes their password. In other cases, the attackers were immediately downloading private repository contents accessible to the compromised user, including those owned by organization accounts and other collaborators. The attackers use VPN or proxy providers to download private repository data via compromised user accounts. If the case a compromised account has organization management permissions, the attackers may create new GitHub user accounts and add them to an organization in an effort to establish persistence. Below is a list of known phishing domains that were used as part of this campaign: circle-ci[.]comemails-circleci[.]comcircle-cl[.]comemail-circleci[.]com “Upon conducting our analysis, we reset passwords and removed threat actor-added credentials for impacted users, and we notified all of the known-affected users and organizations that we discovered through our analysis. If you did not receive an email notice from us, then we do not have evidence that your account and/or organization was accessed by the threat actor at this time.” concludes the advisory. “We suspended all identified threat actor accounts, and we will continue to monitor for malicious activity and notify new victim users and organizations as needed.” Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini (SecurityAffairs – hacking, phishing) The post Attackers impersonate CircleCI platform to compromise GitHub accounts appeared first on Security Affairs.

  • Cpplumber 0.1.0 - Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects.
    par /u/ergrelet le 25 septembre 2022 à 14h41

    submitted by /u/ergrelet [link] [comments]

  • OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death
    par Pierluigi Paganini le 25 septembre 2022 à 12h14

    OpIran: Anonymous launched Operation Iran against Teheran due to the ongoing crackdown on dissent after Mahsa Amini’s death. Anonymous launched OpIran against Iran due to the ongoing crackdown on dissent after Mahsa Amini’s death. The protests began after the death of Mahsa Amini from Saqqez in Kurdistan province after her arrest by Iran’s morality police for allegedly wearing her hijab too loosely. The authorities claimed Amini died of natural causes after suffering heart failure while it was at the police station, but citizens don’t believe this is the truth and moved the protests to the streets (September 2022 Iranian protests). Ms Amini was arrested for not wearing her hijab properly.(Reuters: IranWire) Source ABC Australia They said:We didn’t kill Mahsa Amini, she had natural death!Ok!!!!!How about this one?Is she sick like Mahsa?!#MahsaAmini #Mahsa_Amini #مهسا_امینی #OpIran— hadieh.poorhosseini (@hadiehp) September 25, 2022 Last week, network data from the Internet observatory NetBlocks detailed a near-total disruption to internet service in parts of Kurdistan in Iran from the evening of Monday 19 September 2022. During the week, the experts also observed the partial disruption to internet service in Tehran and other parts of the country while the protests were fueling a heated discussion on Instagram and WhatsApp. Then the Iranian government shut down the mobile networks in the country. Confirmed: Real-time network data show a near-total disruption to internet connectivity in #Sanandaj, the capital of Kurdistan Province in west #Iran; the incident comes amid widening protests over the death of #MahsaAmini after her arrest by morality police— NetBlocks (@netblocks) September 19, 2022 Confirmed: A significant internet outage has been registered in Tehran, #Iran with real time network data showing connectivity at 67% of ordinary levels; the incident comes amid protests over the death of Mahsa Amini and may affect coverage of events on the ground— NetBlocks (@netblocks) September 16, 2022 Anonymous declared war on the Iranian government and launched its #OpIran campaign against the government websites, including the ones belonging to the Iranian Intelligence and police. The group calls for action to launch DDoS attacks on Iranian websites, steal their data and leak them online. Hacktivists also invite Iranian citizens to bypass state censorship by using the Tor browser. Dear Iran, you shut down internet. We'll shut you down. #OpIran #MahsaAmini— Anonymous TV (@YourAnonTV) September 21, 2022 Anonymous also hacked the Forensic Research Center, the Iranian Assembly and leaked stolen data online, and also took down the Iran state-affiliated media Fars News Agency. #Anonymous #OpIran #MahsaAmini#IranProtests2022 #اشنویه #مهسا_اميني (Iranian Intelligence Agency) > DOWN (Iranian Police) > DOWN— Anonymous TV (@YourAnonTV) September 25, 2022 Iranian Assembly Hacked, Their data's leaked. Call them and ask why they support goverment.#OpIran #KromSec #Anonymous— Krom Security (@KromSec) September 25, 2022 In the case of Russia, as reported by, Anonymous managed to hack over 400 security cameras across the country while sending almost 10 million texts to Russian citizens to raise awareness about the conflict. Anonymous has claimed to have hacked hundreds of security cameras In Iran, in one of the messages members of the collective revealed to have exploited the CVE-2018-9999 vulnerability. 140 CCTV cameras hacked in Iran#Devil_Squad @Devil_squad1 #OpIran We are anonymous— D A R K G H O S T (@dark_ghostclan) September 22, 2022 While I was writing this post the news of another tragedy was circulating online. Hadis Najafi, 20 years old who is considered one of the symbols of the protest, was killed by the Iranian security forces last night during the protests in the city of Karaj, near Tehran. She had become one of the girls who symbolized the protests after facing the police, she was without a veil because she was against the mandatory hijab and the discriminatory laws of the Islamic Republic. Hadis Najafi, 20 Jahre alt, wurde bei Protesten in der Stadt Karaj im #Iran von Schergen des Mörder-Regimes erschossen.Fuck off Khamenei !Fuck off Raisi !#FreeIran !#Kopftuch #Islam #OpIran #MahsaAmini #Anonymous #IranProtests2022 #IranRevolution#مهسا_امینی— Anonymous Kollektiv Germany (@Anonymous9775) September 25, 2022 Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini (SecurityAffairs – hacking, OpIran) The post OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death appeared first on Security Affairs.

  • Sleep obfuscation technique leveraging waitable timers to evade memory scanners.
    par /u/Idov31 le 25 septembre 2022 à 11h36

    submitted by /u/Idov31 [link] [comments]

  • Security Affairs newsletter Round 385
    par Pierluigi Paganini le 25 septembre 2022 à 10h14

    A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. ISC fixed high-severity flaws in the BIND DNS softwareUkraine: SSU dismantled cyber gang that stole 30 million accountsLondon Police arrested a teen suspected to be behind Uber, Rockstar Games breachesSophos warns of a new actively exploited flaw in Firewall productAnonymous claims to have hacked the website of the Russian Ministry of DefenseCISA adds Zoho ManageEngine flaw to its Known Exploited Vulnerabilities CatalogSurge in Magento 2 template attacks exploiting the CVE-2022-24086 flawAustralian Telecoms company Optus discloses security breachAttachMe: a critical flaw affects Oracle Cloud Infrastructure (OCI)A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projectsAtlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaignA disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builderOver 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaignHackers stole $160 Million from Crypto market maker WintermuteU.S. gov adds more Chinese Telecom firms to the Covered ListImperva blocked a record DDoS attack with 25.3 billion requestsRussian Sandworm APT impersonates Ukrainian telcos to deliver malwareUber believes that the LAPSUS$ gang is behind the recent attackAnalyzing IP Addresses to Prevent Fraud for EnterprisesAmerican Airlines disclosed a data breachIT giants warn of ongoing Chromeloader malware campaignsRevolut security breach: data of +50,000 users exposedAlleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked onlineTeamTNT is back and targets servers to run Bitcoin encryption solversExperts warn of critical flaws in Flexlan devices that provide WiFi on airplanesNetgear Routers impacted by FunJSQ Game Acceleration Module flawUber says there is no evidence that users’ private information was compromised Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini (SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 385 appeared first on Security Affairs.

  • UK Police Arrests 17-Yr-Old Teen Hacker Believed to be Behind Uber & Rockstar Hacks
    par BALAJI N le 25 septembre 2022 à 7h14

    A British 17-year-old teen has been detained recently (Thursday 22 September 2022) by the City of London Police in connection with recent cyberattacks that have been reported by authorities. While this arrest was officially announced by London Police on Twitter. The National Crime Agency of the UK supported the hacking investigation that led to the The post UK Police Arrests 17-Yr-Old Teen Hacker Believed to be Behind Uber & Rockstar Hacks appeared first on GBHackers On Security.

  • Sauvez des vies grâce à l’application SAUV Life
    par Korben le 25 septembre 2022 à 7h11

    Comme Liam Neeson, on a tous des compétences particulières. Certains savent tenir sur des skis, d’autres peuvent écrire parfaitement en miroir et enfin, certains échappent à la justice depuis des années. Mais tout cela n’est rien comparé à des compétences en secourisme qui permettent de sauver des vies. C’est encore mieux que d’être un membre des Avengers. Sauf que voilà, en bon geek, vous passez plus de temps chez vous que dehors à guetter les accidents pour sauver des gens. Et la vie de pompier, mis à part pour pécho le 14 juillet, ça ne vous tente pas plus que ça. Alors que pouvez-vous faire ? Et bien il existe une app pour Android et iOS qui s’appelle Sauv Life et qui vous permet d’être alerté si à côté de chez vous, quelqu’un a besoin d’aide vitale. Ainsi, une fois inscrit, le SAMU peut à tout moment vous contacter en cas d’arrêt cardiaque ou d’hémorragie. Alors bien sûr si vous avez votre formation de secouriste c’est bien, mais si vous n’avez pas les compétences, vous pouvez également vous inscrire et vous serez guidé au téléphone par un médecin pour pratiquer les gestes de premier secours. C’est super important, car il y a plus de 40 000 arrêts cardiaques en France par an, et sans massage cardiaque, les victimes n’ont que 4% de chances d’y survivre. Seulement, voilà, le secours mettant en moyenne 13 minutes à arriver sur place, et les chances de survie diminuant de 10% chaque minute, autant dire que sans un citoyen volontaire, c’est mal barré. Et grâce à cette application, ce citoyen, ça peut être vous ! L’application peut également être utilisée comme un moyen rapide de prévenir le SAMU ou d’autres citoyens aidant tout en étant géolocalisé. Bref, que vous soyez formé ou non aux gestes de premiers secours, n’hésitez pas à installer Sauv Life, car vous ferez certainement la différence.

  • Covid antigen test results of 1.7m Indian and foreign nationals leaked online
    par Waqas le 25 septembre 2022 à 2h39

    By Waqas The exposed Elasticsearch server belongs to an Indian healthcare software company that has not secured the database despite being alerted. This is a post from Read the original post: Covid antigen test results of 1.7m Indian and foreign nationals leaked online

  • Zero Trust - From Zero to One Hundred
    par /u/Khryse le 24 septembre 2022 à 22h12

    submitted by /u/Khryse [link] [comments]