News – April 2019


  • This malware campaign is targeting the military with phony emails from a defence contractor

    April 16, 2019

    The Ukrainian government and military is being targeted with spear-phishing attacks as part of a cyber-espionage operation based around dropping powerful malware. These phishing attacks have been detailed by researchers at cybersecurity firm FireEye, who identified malicious emails being sent to Ukrainian military departments in January this year. The malware is being sent, presumably, with the aim of monitoring ...

  • Major sponsor signs up for BIDEC 2019 – Bahrain’s only tri-service International Defence Exhibition

    April 16, 2019

    Preparations have begun for BIDEC 2019, one of the region’s key International defence exhibitions with key partners confirming participation. Following the outstanding success of the first Bahrain International Defence Exhibition & Conference (BIDEC) in 2017, keen interest for the next edition scheduled for 28-30 October 2019 has begun to build as major international defence and security ...

  • New zero-day vulnerability CVE-2019-0859 in win32k.sys

    April 15, 2019

    CVE-2019-0859 is a Use-After-Free vulnerability that is presented in the CreateWindowEx function. During execution CreateWindowEx sends the message WM_NCCREATE to the window when it’s first created. By using the SetWindowsHookEx function, it is possible to set a custom callback that can handle the WM_NCCREATE message right before calling the window procedure. In win32k.sys all windows are ...

  • A hacker has dumped nearly one billion user records over the past two months

    April 15, 2019

    A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. The hacker’s name is Gnosticplayers, and he’s responsible for the hacks ...

  • Outlook.com hack much worse than initially thought

    April 15, 2019

    A hack that Microsoft said affected “some” of its users’ email accounts is much worse than initially thought, according to reports. On Saturday, the company confirmed that some users of its email services had been targeted by hackers. But the issue is thought to be much worse than previously reported as the hackers were able to ...

  • Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts

    April 13, 2019

    If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft’s customer support portal and access information related to some email accounts registered with the ...

  • France Wins Cyber Defence Exercise Locked Shields 2019

    April 12, 2019

    The team from France wins the largest and most complex international live-fire cyber defence exercise Locked Shields 2019. Czech and Swedish team take second and third place respectively. “The winning team excelled in availability, usability and providing services for the customer,” said Lauri Luht, Head of Cyber Exercises at NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). “Every ...

  • Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

    April 10, 2019

    Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network. WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced ...

  • UK Government Publishes Social Media Regulation Plans

    April 8, 2019

    White paper calls for an independent regulator that would write a code of conduct covering illegal or dangerous content – and would have the power to impose huge fines The government has published plans for an independent regulator that would be capable of imposing huge fines on internet firms that propagate dangerous or illegal content. The Online Harms White Paper, ...

  • Dropbox uncovers 264 vulnerabilities in HackerOne Singapore bug hunt

    April 6, 2019

    Dropbox has uncovered 264 vulnerabilities, paying out $319,300 in bounties, after a one-day bug hunt in Singapore that brought together hackers from 10 nations around the world. Hosted by bug bounty platform HackerOne, the live event saw 45 of its members from countries such as Japan, India, Australia, Hong Kong, and Sweden, and some as ...

  • Exodus Spyware Found Targeting Apple iOS Users

    April 5, 2019

    The surveillance tool was signed with legitimate Apple developer certificates. The spyware that was recently found lurking in 25 different malicious apps on Google Play has been ported to the Apple iOS ecosystem. The surveillance package – dubbed Exodus – can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices. Earlier ...

  • Backdoor code found in popular Bootstrap-Sass Ruby library

    April 5, 2019

    Backdoor code was found added in a popular Ruby library used for frontend user interfaces inside Ruby and Ruby on Rails applications. The malicious code was removed via a library update. The library affected by this incident is Bootstrap-Sass, a Ruby package that provides developers with a Sass-version of Bootstrap, the most popular UI framework for developers today. The backdoor’s ...

  • FBI criticized for delaying breach notifications, including insufficient details

    April 5, 2019

    The Federal Bureau of Investigations does a poor job at notifying victims of a cyber-attack, a US government report released earlier this week concluded. FBI notifications arrive either too late or contain insufficient information for victims to take action, a report from the Department of Justice’s Office of the Inspector General (DOJ-OIG) has concluded. The report analyzed Cyber Guardian, ...

  • A dozen US web servers are spreading 10 malware families, Necurs link suspected

    April 4, 2019

    Researchers have uncovered over a dozen servers, unusually registered in the United States, which are hosting ten different malware families spread through phishing campaigns potentially tied to the Necurs botnet. On Thursday, researchers from Bromium said they have monitored scams connected to this infrastructure during the May 2018 to March 2019 time period. Five families of banking ...

  • Pharma Giant Bayer ‘Contains’ Cyber Attack

    April 4, 2019

    German firm detected hacker code and covertly monitored it for over a year, before clearing it from network Security officials at the German multinational pharmaceutical and life sciences giant Bayer AG seem to be on the ball after they detected and then contained a cyber attack. It is reported that the Winnti hacking group had gained access ...

  • This new malware is scanning the internet for systems info on valuable targets

    April 3, 2019

    A new form of malware is scanning the internet for exposed web services and default passwords in what’s thought to be a reconnaissance operation – one which might signal a larger cyberattack is to come. Researchers at AT&T Alien Labs first spotted the malware in March and have named it Xwo after its primary module name. It’s thought that Xwo ...

  • 540 Million Facebook User Records Found On Unprotected Amazon Servers

    April 3, 2019

    It’s been a bad week for Facebook users. First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now… …the bad week gets worse with a new privacy breach. More than half a billion records of millions of Facebook users have been found exposed on unprotected Amazon cloud ...

  • Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data

    April 2, 2019

    On March 30th, security researcher James Lee disclosed information on two zero-day vulnerabilities present in current versions of Microsoft Edge and Internet Explorer. These vulnerabilities make it possible for confidential information to be shared between websites. A flaw in the same-origin policy for these web browsers, called an Origin Validation Error (CWE-346), allows JavaScript embedded in a malicious ...

  • Hackers reveal how to trick a Tesla into steering towards oncoming traffic

    April 2, 2019

    A team of hackers has managed to trick the Tesla Autopilot feature into dive-bombing into the wrong lane remotely through root control and a few stickers. Researchers from Tencent Keen Security Lab published a report this week (.PDF) on their findings, which shows how the Tesla Autopilot system engine control unit (ECU) can be abused through root security ...

  • Mobile-First Phishing Kit Targets Verizon Customers

    April 2, 2019

    As people increasingly go mobile-first in their work and personal lives, cybercrime is keeping up: The latest is a phishing kit that specifically targets Verizon Wireless customers in the U.S. According to Jeremy Richards, a researcher at Lookout Security, the kit pushes phishing links to users via email, masquerading as messages from Verizon Customer Support. These ...