GitLab Doles Out Half a Million Bucks to White Hats

The DevOps lifecycle management said that response to its year-old bug-bounty program has been robust.

Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

Pairing Privacy and Security with Digital Identities in Retail

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

Elegant sLoad Carries Out Spying, Payload Delivery in BITS

The BITS file-transfer component of Windows as a key piece of sLoad’s attack methodology.

Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers

One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited.

Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

Google Chrome Introduces Improved Password & Phishing Protection

Google

In a recent update, Google has rolled-out Chrome 79 stable version for its users. This version of Chrome consists of two very important browser security features – Improved password protection and real-time phishing protection.

Malware attacks, data breaches, phishing attacks, are all real-world problems. Fake websites and URL hijacking scams are at their peak especially during the holiday season and convince users to enter their passwords and other sensitive information. With all due diligence, data security is now top priority for the platforms which provide them. Google Chrome has always stressed on built-in safety protections, and now they’re expanding those boundaries.

Compromised Password Warning

Google first introduced password breach warnings as a Password Checkup extension early in the year. Password Checkup compares passwords and usernames of users with Google’s very own database consisting of more than 4 billion compromised credentials known to Google.

According to Google this is how it works:

  • Whenever Google discovers a username and password exposed by another company’s data breach, a hashed and encrypted copy of this data is saved on its servers with a secret key known only to Google.
  • When a user signs into a website, Chrome sends a hashed copy of the entered username and password to Google, encrypted with a secret key only known to Chrome. Absolutely no one, including Google, can derive username or password from this encrypted copy.
  • In order to determine if the username and password has appeared in any breach, Google uses a technique called private set intersection. It involves multiple layers of encryption and compares the encrypted username and password (received from Chrome) with all the encrypted breached usernames and passwords (in Google’s database), without revealing the username and password. Chrome sends a 3-byte SHA256 hash prefix of username to reduce the scale of the data joined from 4 billion records down to 250 records, while still ensuring the anonymity of username.
  • If the username and password have been compromised, Chrome notifies this to the respective user only. Users are strongly recommended to change their password.

Real-time Phishing Protection

Google’s Safe Browsing keeps track of the malicious and potentially harmful sites on the web and shares this information with other browsers, to keep the internet more secure. The refresh rate of this list is 30 minutes. It protects close to 4 billion devices on a daily basis against all kinds of security threats, including phishing.

However, some phishing sites dodge the 30-minute window, either by continuous domain switching or by hiding from Google crawlers. But real-time phishing will now inspect the URLs of pages visited by users with Safe Browsing’s servers in real-time. On visiting a website, Chrome checks it against a list stored in the user’s computer that are known to be safe. If the website is not on this safe-list, Chrome then checks the same URL with Google’s database (after dropping any username or password embedded in the URL) to find out whether the site is malicious or not. Google’s analysis has shown that this results in a 30 percent increase in protections by warning users on malicious sites that are brand new.

Additionally, if this check determines that the site is indeed suspicious or malicious, Chrome immediately shows a warning to change your compromised password. In case the Google Account password was used for Google Chrome login and the same was phished, then Chrome also offers to notify Google as an added layer of protection to ensure user account isn’t compromised.


Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

FIN8 Targets Card Data at Fuel Pumps

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

TrapX Security Appoints Ori Bach as Chief Executive Officer

Cybersecurity firm TrapX Security recently announced that it has named Ori Bach as its new Chief Executive Officer.  Mr. Bach who previously served as TrapX’s Chief Product Officer and EMEA General Manager comes to his new role with more than two decades of senior cybersecurity and high-tech experience in companies such as IBM-Security, Trusteer and NICE-Actimize.

Founded in 2012, TrapX Security is the pioneer in Cyber Deception Technology. The company claims that its DeceptionGrid solution quickly detects, deceives, and defeats advanced cyber-attacks and human attackers in real-time.

Mr. Bach will lead TrapX’s executive management team in scaling the business, expanding its global footprint and accelerating technology innovation designed to help its customers stay ahead of an increasingly complex cyber threat landscape.

“Deception technology has become a cornerstone of achieving cyber-resiliency. TrapX is leading the Deception market with its patented emulation technology. I am looking forward to working with the amazing talent at TrapX as we revolutionize the way that security teams tackle advanced threats,” Bach said.

In July this year, TrapX completed US$ 18 million financing round led by Ibex Investors along with the participation from the existing investors, BRM, Opus Capital, Intel Capital, Liberty Technology Venture Capital, and Strategic Cyber Ventures. The San Jose-based company stated the new proceedings will help to expand the company’s reach globally.


Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Elementor and Beaver Addons

Attention WordPress users!

Your website could easily get hacked if you are using “Ultimate Addons for Beaver Builder,” or “Ultimate Addons for Elementor” and haven’t recently updated them to the latest available versions.

Security researchers have discovered a critical yet easy-to-exploit authentication bypass vulnerability in both widely-used premium WordPress plugins that could allow remote attackers to gain administrative access to sites without requiring any password.

What’s more worrisome is that opportunistic attackers have already started exploiting this vulnerability in the wild within 2 days of its discovery in order to compromise vulnerable WordPress websites and install a malicious backdoor for later access.

Both vulnerable plugins, made by software development company Brainstorm Force, are currently powering over hundreds of thousands of WordPress websites using Elementor and Beaver Builder frameworks, helping website admins and designers extend the functionality of their websites with more widgets, modules, page templates.

Discovered by researchers at web security service MalCare, the vulnerability resides in the way both plugins let WordPress account holders, including administrators, authenticate via Facebook and Google login mechanisms.

wordpress website login protection

According to the vulnerability’s advisory, due to lack of checks in the authentication method when a user login via Facebook or Google, vulnerable plugins can be tricked into allowing malicious users to login as any other targeted user without requiring any password.

“However, the Facebook and Google authentication methods did not verify the token returned by Facebook and Google, and since they don’t require a password, there was no password check,” explained WebARX researchers, who also analysed the flaw and confirmed its active exploitation.

“To exploit the vulnerability, the hacker needs to use the email ID of an admin user of the site. In most cases, this information can be retrieved fairly easily,” MalCare said.

In an email to The Hacker News, WebARX confirmed that attackers are abusing this flaw to install a fake SEO stats plugin after uploading a tmp.zip file on the targeted WordPress server, which eventually drops a wp-xmlrpc.php backdoor file to the root directory of the vulnerable site.

Web Application Firewall

MalCare discovered this vulnerability on Wednesday that affects below-listed versions of the plugins and reported it to the developers on the same day, who then quickly addressed the issue and released patched versions of both within just 7 hours.

  • Ultimate Addons for Elementor <= 1.20.0
  • Ultimate Addons for Beaver Builder <= 1.24.0

The authentication bypass vulnerability has been patched with the release of “Ultimate Addons for Elementor version 1.20.1” and “Ultimate Addons for Beaver Builder version 1.24.1,” which affected websites are highly recommended to install as soon as possible.


Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

These are the Intelligent Phishing Techniques of 2019

Phishing Attacks

Security experts said cybercriminals are customizing their Phishing attack methods to trick companies and their users. According to Microsoft, phishing campaigns grew from 0.2 percent in January 2018 to 0.6 percent in October 2019.

In its recently released 2019 Cybersecurity Trends report, Microsoft highlighted that phishing was one of the attack vectors that was rising over the past two years. “In 2019, we saw phishing attacks reach new levels of creativity and sophistication,” Microsoft said.

The tech giant reviewed three of the intelligent phishing attacks it had seen in 2019, which include:

Hijacking Search Results

In this technique, attackers make use of URLs that point to a legitimate source but route to compromised websites that eventually lead to phishing.

How it works

  • Attackers redirect web traffic that was hijacked from legitimate sites to their websites
  • Once the domains became the top Google search result, they send emails to victims linking the Google search result
  • If the victim clicks the Google link, they’ll be taken to an attacker-controlled website, which eventually redirects the user to a phishing site

“Using this technique, phishers were able to send phishing emails that contained only legitimate URLs (i.e., link to search results), and a trusted domain,” Microsoft stated.

Customized 404 Not Found Pages

In this technique, attackers use a custom 404 NOT Found page that’s designed to look like a legitimate Microsoft account sign-in page.

Phishers include URL links that pointed to non-existent pages. When a user accessed the URL, the phishing site redirects them to a phishing page instead of the server’s standard 404 error page.

Detailing the technique, Microsoft said, “A phishing campaign targeting Microsoft uses such a technique, giving phishers virtually unlimited phishing URLs. When Microsoft’s security systems would scan the link, they’d receive a 404-error back (because the link didn’t exist), and Microsoft would deem the link safe.”

Man-in-the-Middle Phishing

 In the Man-in-the-Middle (MitM) technique, users could be tricked by a legitimately looking login page.

“One particular phishing campaign in 2019 took impersonation to the next level. Instead of attackers copying elements from the spoofed legitimate website, a man-in-the-middle component captured company-specific information like logos, banners, text, and background images from Microsoft’s rendering site. The result was the exact same experience as the legitimate sign-page, which could significantly reduce suspicion,” Microsoft explained.

Also, a recent investigation by the Microsoft threat research team revealed that 44 million users were reusing their usernames and passwords. The tech-giant stated it scanned all the company’s user accounts between January 2019, and March 2019. The scanning was performed on a database of around 3 billion leaked credentials, which was obtained from multiple sources like public databases and law enforcement, Microsoft said.


Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.

New Ransomware “Zeppelin” Targets High Profiles in Canada and Europe

Zeppelin Ransomware

Security researchers stated that cybercriminals have created a new ransomware variant titled “Zeppelin” to target healthcare and IT companies in the U.S., Canada, and Europe. It’s said that Zeppelin ransomware is reportedly a new variant of the VegaLocker/Buran ransomware.

Background of the Ransomware

According to the BlackBerry Cylance Threat Research team, Zeppelin is the newest member of the Delphi-based Ransomware-as-a-Service (RaaS) family based on the same code and features with its predecessors VegaLocker.

Beginning its journey as VegaLocker, the ransomware was developed on Russian hacker forums under the name Buran, in May 2019. VegaLocker samples were first discovered in a malvertising operation on Yandex.Direct, a Russian online advertising network.

The campaign was aimed at Russian speaking users. Several new versions of VegaLocker ransomware appeared during this year, carrying a different name: Jamper, Storm, and Buran, etc. The latest variant of this ransomware is Zeppelin.

Zeppelin Ransomware

BlackBerry Cylance research team stated that Zeppelin was being used in targeted attacks against healthcare and other IT companies in the U.S., Canada, and Europe. The researchers also said the ransomware also targeted Managed Service Providers (MSPs) to infect customers via management software.

Researchers believed that threat actors have dropped the ransomware through Remote Desktop servers that are online.

“The recent campaign that utilizes the newest variant, Zeppelin, is visibly distinct. The first samples of Zeppelin–with compilation timestamps no earlier than November 6, 2019–were discovered targeting a handful of carefully chosen tech and healthcare companies in Europe and the U.S.,” researchers said.

Injection Process

Once installed, Zeppelin will check the victim’s country code to make sure it’s not running in countries like the Russian Federation, Ukraine, Belorussia, and Kazakhstan.

Depending on the options set during the building process, it will either check the machine’s default language and default country calling code or use an online service to obtain the victim’s external IP address.

The ransomware then starts terminating various processes including ones associated with the database, backup, and mail servers.

While encrypting files, Zeppelin creates ransom notes as “!!! ALL YOUR FILES ARE ENCRYPTED !!!.TXT — You are not able to decrypt it by yourself! The only method of recovering files is to purchase a unique private key. Only we can give you this key and only we can recover your files.”

The notes contain other information about what happened to the victim’s files, and how they could contact hackers for payment methods.


Try tempemail.co and you can view content, post comments or download something anonymously on Internet to discover the whole new world. 10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/ – is most advanced throwaway email service that helps you avoid spam and stay safe.