What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
zataz.png 2019-06-18 20:54:00 Cybersécurité : Réserver pour les vacances via Internet (lien direct)

Réserver ses vacances à la dernière minute est facilité par Internet. Sites et bons plans pullulent. Prudence aux fausses promesses et locations. Dans ma chronique TV dédiée à la cybersécurité proposée le lundi à 18h45 sur Wéo Tv, je suis revenu cette semaine sur les réservations vacances. L’é...

Cet article Cybersécurité : Réserver pour les vacances via Internet est apparu en premier sur ZATAZ.

WiredThreatLevel.png 2019-06-18 20:49:04 Companies Don\'t Need Conventions Like E3. They Should Go Anyway (lien direct)

More and more companies are skipping E3 and other industry conventions. They might be missing out.

no_ico.png 2019-06-18 20:35:00 Hackers Behind \'Triton\' Malware Target Electric Utilities In US (lien direct)

It has been reported that Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting - in addition to oil and gas organizations - electric utilities in the United States and the Asia-Pacific (APAC) region. Xenotime initially appeared to target only the oil and gas sector in the Middle East, but Dragos reported in May 2018 …

The ISBuzz Post: This Post Hackers Behind ‘Triton’ Malware Target Electric Utilities In US appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-06-18 20:33:01 Weather Forecasts Will Soon Use Weird, Bendy GPS Signals (lien direct)

SpaceX will soon launch weather-prediction satellites that track how GPS signals bend as they travel through the atmosphere.

ESET.png 2019-06-18 20:16:00 Instagram tests new ways to recover hacked accounts (lien direct)

>Locked out and out of luck? The photo-sharing platform is trialing new methods to reunite you with your lost account

The post Instagram tests new ways to recover hacked accounts appeared first on WeLiveSecurity

ZDNet.png 2019-06-18 19:29:01 Mozilla patches Firefox zero-day abused in the wild (lien direct)

Mozilla releases Firefox 67.0.3 to fix actively exploited zero-day.

no_ico.png 2019-06-18 18:34:04 Okta Research Shows Workers Are Ready To Go Passwordless This Year (lien direct)

 Okta\'s Passwordless Future Report finds:  78% of all respondents admit to using insecure methods to help them remember passwords  69% of UK workers feel stressed or annoyed as a result of forgetting a password, a worrisome statistic considering the importance of mental health in the workplace  More than three in five workers say they would benefit from biometrics in the workplace, but 86% …

The ISBuzz Post: This Post Okta Research Shows Workers Are Ready To Go Passwordless This Year appeared first on Information Security Buzz.

ZDNet.png 2019-06-18 18:25:05 FBI warning: Foreign spies using social media to target government contractors (lien direct)

FBI warns security clearance holders to be careful when disclosing work information on social media profiles.

zataz.png 2019-06-18 18:14:01 Cloner une voix en temps réel, en moins de 5 secondes (lien direct)

Un ingénieur en informatique réalise un outil capable de cloner une voix et de produire un discours arbitraire en temps réel… en 5 secondes ! Cloner une voix, une image, un son … rien de plus simple avec l’informatique. Cloner une image et un son pour leur faire dire n’import...

Cet article Cloner une voix en temps réel, en moins de 5 secondes est apparu en premier sur ZATAZ.

Blog.png 2019-06-18 17:17:02 Happycorp:1 Vulnhub Walkthrough (lien direct)

This is another post on vulnhub CTF “named as “HAPPYCORP:1” by Zayotic. It is designed for VMware platform, and it is a boot to root challenge where you have to find flags to finish the task assigned by the author. You can download it from here: https://www.vulnhub.com/entry/happycorp-1,296/ Penetrating Methodologies Scanning Netdiscover Nmap Enumeration NFS-Share Mount... Continue reading

The post Happycorp:1 Vulnhub Walkthrough appeared first on Hacking Articles.

MalwarebytesLabs.png 2019-06-18 17:17:00 Smart cities, difficult choices: privacy and security on the grid (lien direct) We take a look at Google\'s Sidewalk Labs woes with a planned smart city build in Toronto, and explore some of the general concerns about making our living spaces 24/7 Internet wonderlands.

Categories:

Privacy

Tags:

(Read more...)

The post Smart cities, difficult choices: privacy and security on the grid appeared first on Malwarebytes Labs.

WiredThreatLevel.png 2019-06-18 17:03:04 The YouTubers Who Changed the Landscape for #NaturalHair (lien direct)

“It\'s just hair, but it\'s more than that. Every culture has held meaning in hair."

ZDNet.png 2019-06-18 17:00:00 Google launches Chrome extension for flagging bad URLs to the Safe Browsing team (lien direct)

Google launches new "Suspicious Site Reporter" Chrome extension.

WiredThreatLevel.png 2019-06-18 16:59:04 The Midwest\'s Farms Face an Intense, Crop-Killing Future (lien direct)

The flooding that struck the Midwest is just one way climate change is causing plants to fail, complicating life for the region\'s growers.

no_ico.png 2019-06-18 16:45:00 Expert Comment: Russia & US Power Grid Cyberwar (lien direct)

The US and Russia are currently locked in a series of escalating cyber-attacks, with the US reportedly attacking Russia\'s power grids and the Kremlin responding with a warning of potential cyberwar.  CHILD: "What started the cyber wars, daddy?" FATHER: "…..A New York Times article." https://t.co/4X9bIkDGoO — Greg Otto (@gregotto) June 17, 2019 Expert Comments:  Dr Darren Williams, …

The ISBuzz Post: This Post Expert Comment: Russia & US Power Grid Cyberwar appeared first on Information Security Buzz.

TechRepublic.png 2019-06-18 16:30:00 How to install the latest version of NGINX on Ubuntu Server 18.04 (lien direct)

You don\'t want an out-of-date web server serving up your sites. Get the latest version of NGINX installed with ease on Ubuntu Server 18.04.

datasecuritybreach.png 2019-06-18 16:28:03 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise   (lien direct)

Une étude en dit beaucoup sur la gestion des accès et des identités au sein des entreprises : les confessions de professionnels mais aussi les difficultés rencontrées pour mettre en place des solutions IAM (Identity and Access Management) et PAM (Privileged Access Management) adaptées. One Identity, une société spécialisée dans la gestion des identités et […]

L\'article 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise   est apparu en premier sur Data Security Breach.

WiredThreatLevel.png 2019-06-18 16:18:03 MTV\'s \'Most Meme-Able Moment\' Honors Internet Culture-Barely (lien direct)

Was *The Bachelor*\'s Colton Underwood jumping over a fence the biggest thing online in the last year? Uh, maybe?

Pirate.png 2019-06-18 16:00:00 L\'Industrie 4.0, cible privilégiée des pirates (lien direct)
La transformation numérique du secteur industriel permet une augmentation de la productivité, tout en réalisant des économies d\'échelle ; elle ouvre cependant la voie à de nouveaux défis en matière de sécurité.
bleepingcomputer.png 2019-06-18 15:58:02 Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day (lien direct)

Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions. [...]

zataz.png 2019-06-18 15:49:03 Atteintes à la protection des données des clients (lien direct)

Aux Etats-Unis, les fuites de données ont coûté 654 milliards de dollars en 2018, 2,8 milliards de dossiers de consommateurs exposés. Et France ? ZATAZ a déjà pu repérer plus de 460 millions de données volées/diffusées ! La société ForgeRock divulgue un rapport sur les atteintes à la protection des ...

Cet article Atteintes à la protection des données des clients est apparu en premier sur ZATAZ.

WiredThreatLevel.png 2019-06-18 15:30:02 How Not To Prevent a Cyberwar With Russia (lien direct)

Former cybersecurity officials warn against a path of aggression that could inflame cyberwar rather than deter it.

TechRepublic.png 2019-06-18 15:30:00 How HackerOne open sources security--one hacker at a time (lien direct)

Mårten Mickos says hacker-powered security is where open source was 15 years ago, but it\'s moving much faster than open source did.

zataz.png 2019-06-18 15:18:01 Santé – Une faille critique dans des pompes à perfusion médicales (lien direct)

Santé – Une vulnérabilité considérée comme critique découverte dans des pompes dédiées aux perfusions médicales. Un pirate pourrait modifier le fonctionnement du matériel, à distance ! Cyber sécurité et santé ! Des chercheurs de la société CyberMDX ont identifié deux vulnérabilités dans des st...

Cet article Santé – Une faille critique dans des pompes à perfusion médicales est apparu en premier sur ZATAZ.

TechRepublic.png 2019-06-18 15:16:01 How to back up to your Google Drive cloud account with Déjà Dup (lien direct)

If you\'re looking for a simple way to back up folders on Linux to your Google Drive account, look no further than Déjà Dup.

TechRepublic.png 2019-06-18 15:08:04 How small businesses can deal with getting regulated (lien direct)

Even SMBs have to deal with big regulations thanks to GDPR and more. One startup has an answer for how to manage compliance and security.

WiredThreatLevel.png 2019-06-18 15:00:00 YouTube\'s \'Shitty Robot\' Queen Made Her Own Tesla Pickup Truck (lien direct)

Simone Giertz hacked her Model 3 into a ride she calls the "Truckla," and it does donuts.

TechRepublic.png 2019-06-18 14:59:01 Security breaches: 4 business impacts (lien direct)

The average cost of a cyberattack is approximately $4.6 million, according to a Radware report.

bleepingcomputer.png 2019-06-18 14:35:05 Open Source Clones Unofficially Sold on the Microsoft Store (lien direct)

Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases. [...]

SecurityAffairs.png 2019-06-18 14:29:03 Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin (lien direct)

Expert discovered a new technique bypassing SMS-based two-factor authentication while circumventing Google\'s recent SMS permissions restrictions The popular security expert Lukas Stefanko from ESET discovered some apps (namedBTCTurk Pro Beta and BtcTurk Pro Beta) impersonating the Turkish cryptocurrency exchange, BtcTurk, in the attempt of stealing login credentials. In order to steal the 2FA OTPs the […]

The post Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin appeared first on Security Affairs.

datasecuritybreach.png 2019-06-18 14:27:05 Le coût moyen des attaques DNS a augmenté de 49% en 2018 et s\'élève à près d\'un million d\'Euros (lien direct)

Une étude d\'EfficientIP, en partenariat avec IDC, pointe que le nombre d\'attaques – au niveau mondial – a augmenté de 34 % en 2018. En France, elles augmentent également pour un montant estimé à 937 000 euros par attaque. EfficientIP, pépite française leader dans l\'automatisation et la sécurité réseau qui assurent la continuité du service, […]

L\'article Le coût moyen des attaques DNS a augmenté de 49% en 2018 et s\'élève à près d\'un million d\'Euros est apparu en premier sur Data Security Breach.

itsecurityguru.png 2019-06-18 14:24:04 89% Of UK Organisational Cybersecurity Risks Are Internal. (lien direct)

The biggest risk to a British company\'s cybersecurity is not, as often believed, external hackers and overseas-based virus attacks, but an organisation\'s own employees. Whether unknowingly or intentional, the actions of those within an organisation have been shown to be the biggest threat to the digital security of a company, according to new research by […]

The post 89% Of UK Organisational Cybersecurity Risks Are Internal. appeared first on IT Security Guru.

TechRepublic.png 2019-06-18 14:09:05 Is unlimited PTO good for employees? (lien direct)

Job positions offering this perk have risen by 178% in the past four years, according to an Indeed report.

Korben.png 2019-06-18 14:07:04 Webosaures spécial récupération de données (lien direct)

Avec Remouk de DansTonChat, nous avons abordé cette semaine le sujet de la récupération de données. J’ai donc étalé la science que j’avais sur le sujet durant cette petite heure et j’espère que cela vous plaira. On y parle donc des nombreuses méthodes existantes pour perdre ses données, des pannes … Suite

Checkpoint.png 2019-06-18 14:00:04 Introducing Malware DNA: Gaining Deep Insights into Malware Ancestry (lien direct)

A single drop of blood contains billions of strands of DNA, carrying genetic instructions for the development, functioning, growth, and reproduction of all known organisms. DNA holds the building blocks of life.   Similarly, the lines of malware code make up the building blocks of cyber threats. Sophisticated cyberattacks threaten enterprises constantly putting sensitive data, privacy, and business operations at…

The post Introducing Malware DNA: Gaining Deep Insights into Malware Ancestry appeared first on Check Point Software.

bleepingcomputer.png 2019-06-18 13:49:01 Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on (lien direct)

Google announced the addition of a new feature which warns users of sites that try to pose as recently visited pages and a Google Chrome extension designed to allow them to report suspicious sites to Google\'s Safe Browsing team. [...]

TechRepublic.png 2019-06-18 13:48:03 Top 5 cities in the world for innovation (lien direct)

Tom Merritt breaks down the top five cities from 2thinknow\'s Innovation Cities Program list.

TechRepublic.png 2019-06-18 13:40:04 6 AI technologies changing project management (lien direct)

Some 81% of project managers said their organization is already being impacted by AI, according to PMI.

datasecuritybreach.png 2019-06-18 13:34:05 Amende CNIL pour vidéosurveillance excessive (lien direct)

Mardi 18 juin 2019, la CNIL annonce une amende à l’encontre d’une entreprise. Motif : vidéosurveillance excessive des salariés. La formation restreinte de la CNIL a prononcé en ce mois de juin 2019 une sanction de 20 000 euros à l\'encontre de la société UNIONTRAD COMPANY. Motif ? L’entreprise a mis en place un dispositif […]

L\'article Amende CNIL pour vidéosurveillance excessive est apparu en premier sur Data Security Breach.

zataz.png 2019-06-18 13:22:02 Cybersécurité – Nom de domaine et commerce en ligne (lien direct)

L’enregistrement d’un nom de domaine est d\'une facilité déconcertante : une simple connexion Internet suffit. Je vous racontais, il y a peu, des différentes possibilités permettant de prendre la main sur un nom de domaine par un malveillant. Retour sur l’étude de Proofpoint qui dém...

Cet article Cybersécurité – Nom de domaine et commerce en ligne est apparu en premier sur ZATAZ.

Pirate.png 2019-06-18 13:08:05 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise (lien direct)
L\'étude réalisée par One Identity de manière anonyme en dit beaucoup sur la gestion des accès et des identités au sein des entreprises : les confessions de professionnels mais aussi les difficultés rencontrées pour mettre en place des solutions IAM (Identity and Access Management) et PAM (Privileged Access Management) adaptées.
TechRepublic.png 2019-06-18 13:07:01 How Salesforce builds loyalty by investing in the success of its developers, admins, and customers (lien direct)

At Salesforce TrailheaDX 2019, Sarah Franklin spoke with TechRepublic about what makes the company\'s relationship with developers, admins, and customers.

Pirate.png 2019-06-18 13:05:00 IoT et cybersécurité : 40 % des ménages dans le monde possèdent au moins un objet connecté (lien direct)
Le spécialiste de la cybersécurité et la prestigieuse université américaine dévoilent les résultats de la plus grande étude jamais menée sur l\'état des appareils IoT dans le monde.
SecurityAffairs.png 2019-06-18 13:02:04 Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders (lien direct)

A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where […]

The post Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders appeared first on Security Affairs.

TechRepublic.png 2019-06-18 13:00:01 How organizations can better defend against DNS attacks (lien direct)

DNS has become a primary target for cyberattacks, causing downtime and financial loss for many businesses, according to a new report from EfficientIP.

AlienVault.png 2019-06-18 13:00:00 SOAR with AT&T Cybersecurity and Dark Reading (lien direct)

SOAR - security orchestration automation

Watch the full video on our site. If you prefer reading, here’s the full transcript 😊

Terry Sweeney - Contributing Editor, Dark Reading

Sanjay Ramnath - Associate Vice President, Product Marketing, AT&T Cybersecurity

Terry Sweeney: Welcome back to the Dark Reading News Desk. We’re here at the RSA Conference in San Francisco. I’m Terry Sweeney, contributing editor at Dark Reading and I’m delighted today to be joined by Sanjay Ramnath, vice president of product marketing at AT&T Cybersecurity. Sanjay, thanks so much for joining us today.

Sanjay Ramnath: Thanks so much for having me.

Terry Sweeney: This trend of SOAR, security orchestration automation and response is generating lots of buzz both here at RSA and among InfoSec professionals as well. Kick us off by explaining what SOAR is and how the companies that use it benefit from it.

Sanjay Ramnath: SOAR is a term that was coined by Gartner. SOAR is really a collection of technologies and processes that aim to solve three problems.

I think the first problem that the SOAR framework aims to solve is: How do you stay ahead of this constantly evolving threat landscape? How do you stay ahead of a rapidly changing network while the modern attack surface continues to expand and network parameters vanish? You have hybrid environments with on-premises and cloud assets. So one of the core tenants of SOAR is aggregating data, aggregating both threat data and intelligence and network visibility on a single platform so all the downstream operational decisions around security can be fed with this stream of intelligence and data.

The second problem that SOAR addresses is complexity in the security ecosystem and infrastructure itself. When you have a really large number of point solutions and products that protect specific threat vectors you have two issues. One is you have a management problem: how do you constantly switch contexts across these different solutions? You also have a problem of too much data and what is called alert fatigue. The SOAR approach attempts to solve this by automating some of the more mundane resource intensive, human intensive, tasks like data analysis and correlation so the security operations teams can be a lot more effective and they don’t get distracted by the noise. They actually focus on what’s important.

The third thing that SOAR addresses is incident response. What do you do when an incident happens? What do you do when your network is intruded upon? Do you have the right processes? Do you have the right workflows in place? Do you have the right data for investigations? SOAR brings all of these together. So SOAR is not a single technology or a single product, it’s really a concept or a framework that brings detection, automation, response, orchestration, intelligence and all of that all together under a common set of terminologies.  

Terry Sweeney: That’s really helpful and I’m glad you mention automation. It seems like given the volumes of information that have to be analyzed; this is an essential piece of SOAR. Talk a bit more about why it’s critical to have in combating today’s security issues.

Sanjay Ramnath: You’re never going to have enough resources, bandwidth, and skills in security to stay ahead of the cyber criminals and threat landscape. So I think applying automation where it makes sense really helps streamline security operation. As I mentioned earlier, applying automation in terms of taking this really vast amount of data, threat data and converting that into actionable, tactical threat intell

WiredThreatLevel.png 2019-06-18 13:00:00 Are E-Bikes and Scooters Doomed? (lien direct)

Opinion: China\'s e-biking masses offer a model for our struggling scoot-scape

WiredThreatLevel.png 2019-06-18 13:00:00 A Plan to Stop Breaches With Dead Simple Database Encryption (lien direct)

Database giant MongoDB has a new encryption scheme that should help slow the scourge of breaches.

bleepingcomputer.png 2019-06-18 12:44:05 Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal (lien direct)

Microsoft announced the preview of Azure Bastion, a managed PaaS service designed to provide RDP and SSH access via a web browser to VMs on an Azure Virtual Network (VNet) without having to assign public IP addresses. [...]

TechRepublic.png 2019-06-18 12:43:01 7 tech companies that hire the most data scientists (lien direct)

IBM, Amazon, and Microsoft are among the tech giants that employ large numbers of data scientists, engineers, architects, and database administrators, according to Diffbot.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-06-18 23:02:03
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Flux RSS Twitter