Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its ‘Sign in with Apple’ system. The now-patched vulnerability could have allowed remote attackers to bypass authentication and take over targeted users’ accounts on third-party services and apps that have been registered using ‘Sign in with Apple’
Source de l’article sur The Hacker News
Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. The findings are from a paper « DABANGG: Time for Fearless Flush based Cache Attacks » published by a pair of researchers, Biswabandan Panda and Anish Saxena, from the Indian
Source de l’article sur The Hacker News
Des fraudeurs diffusent un Trojan dissimulé derrière de fausses versions mobiles de Valorant, le jeu tant attendu.
Source de l’article sur UNDERNEWS
L’équipe d’évaluation de l’expérience client et de test de pénétration (CX APT) de Cisco a dévoilé avoir découvert une vulnérabilité permettant de corrompre la mémoire dans la libc de GNU pour ARMv7.
Source de l’article sur UNDERNEWS
Last week, application security company ImmuniWeb released a new free tool to monitor and measure an organization’s exposure on the Dark Web. To improve the decision-making process for cybersecurity professionals, the free tool crawls Dark Web marketplaces, hacking forums, and Surface Web resources such as Pastebin or GitHub to provide you with a classified schema of your data being offered
Source de l’article sur The Hacker News
It’s one thing for hackers to target websites and proudly announce it on social media platforms for all to see. It’s, however, an entirely different thing to leave a digital trail that leads cybersecurity researchers right to their doorsteps. That’s exactly what happened in the case of a hacktivist under the name of VandaTheGod, who has been attributed to a series of attacks on government
Source de l’article sur The Hacker News
Quasar is a fast and light-weight Windows remote administration tool coded in C#. The usage ranges from user support through day-to-day administrative work to employee monitoring.
It aims to provide high stability and an easy-to-use user interface and is a free, open source tool.
Features of Quasar RAT Windows Remote Administration Tool
The main features that can be found in Quasar are:
Using Quasar Windows Remote Administration Tool
1.
Read the rest of Quasar RAT – Windows Remote Administration Tool now! Only available at Darknet.
La première plateforme mondiale de sécurité collaborative révèle que le travail de sa communauté de hackers a permis la découverte de 170 000 vulnérabilités, transformant l’approche de la sécurité informatique par les entreprises et les organisations.
Source de l’article sur UNDERNEWS
Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at compromising Windows computers with MBR and VBR bootkits, and installing malicious drivers for
Source de l’article sur The Hacker News
Remember Strandhogg? A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. Late last year, at the time of its public disclosure, researchers also confirmed that some attackers were already exploiting the flaw in the
Source de l’article sur The Hacker News
