What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
WiredThreatLevel.png 2020-01-28 01:35:16 Probe of the Kobe Bryant Crash Will Examine If Fog Played a Role (lien direct)

The helicopter was flying under “special visual flight rules” that allow pilots to fly through low-visibility conditions.

ZDNet.png 2020-01-28 01:02:37 DEF CON China conference put on hold due to coronavirus outbreak (lien direct)

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.

WiredThreatLevel.png 2020-01-27 23:51:59 An AI Virus Warning System, Mac Malware, and More News (lien direct)

Catch up on the most important news from today in two minutes or less.

WiredThreatLevel.png 2020-01-27 23:29:40 Kobe Bryant, an Unforgiving Innovator of the NBA (lien direct)

The basketball star, who died Sunday in a helicopter crash, was constantly eclipsing the game\'s limits.

WiredThreatLevel.png 2020-01-27 23:18:11 Defying Company Policy, Over 300 Amazon Employees Speak Out (lien direct)

Hundreds of Amazon workers banded together in protest following reports that the company threatened to fire their colleagues over climate change comments.

Blog.png 2020-01-27 23:09:00 Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable (lien direct)

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain un-patched and vulnerable to cyber attack, according to security experts.

The post Seven Years...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/617251000/0/thesecurityledger -->»

WiredThreatLevel.png 2020-01-27 22:41:17 One Small Fix Would Curb Stingray Surveillance (lien direct)

The technology needed to limit stingrays is clear-but good luck getting telecoms on board.

TechRepublic.png 2020-01-27 22:05:38 Risk managers: Here are the must-have skills for 2020 (lien direct)

The risk management field is growing more challenging as threats evolve. How will these changing threats affect your organization in 2020?

SecurityAffairs.png 2020-01-27 21:36:51 Did H&M spy on its German employees? Privacy watchdog opens an investigation (lien direct)

A German privacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. Hamburg\'s data protection commissioner has launched an investigation into Swedish clothing retailer H&M (Hennes & Mauritz) amid evidence that the company was spying on its customer service representatives in Germany. According to the […]

The post Did H&M spy on its German employees? Privacy watchdog opens an investigation appeared first on Security Affairs.

TechRepublic.png 2020-01-27 20:44:00 AI accurately predicts Billie Eilish \'bad guy\' Grammy win (lien direct)

Billie Eilish wasn\'t the only big winner at the 62nd Grammys this year. Artificial intelligence scored as well, both on the red carpet and by predicting the winner of Record of the Year.

TechRepublic.png 2020-01-27 20:38:39 Amazon breaks $200 billion mark: Named the world\'s most valuable brand for third consecutive year (lien direct)

The world\'s largest online marketplace retains title for the third consecutive year, while Nokia moves up the ranks.

bleepingcomputer.png 2020-01-27 20:16:47 OurMine Hackers Are Back, Hijack NFL Teams\' Social Accounts (lien direct)

It looks like the OurMine crew is back and they\'re on a hacking spree, taking brief control of the social media accounts of high-profile individuals. [...]

TechRepublic.png 2020-01-27 20:12:00 How to control Windows 10 like a pro by enabling developer settings (lien direct)

For many power users, the way Microsoft Windows 10 works, though effective, is just not good enough. Many powerful Windows tools can be accessed via developer settings.

TechRepublic.png 2020-01-27 20:06:14 New soft, stretchable battery can safely power wearables (lien direct)

The battery, developed at Stanford University, uses a special plastic to store power more safely than conventional batteries.

ZDNet.png 2020-01-27 19:58:10 Hackers hijack Twitter accounts for Chicago Bears and Green Bay Packers (lien direct)

OurMine hacking crew returns after two years of inactivity.

TechRepublic.png 2020-01-27 19:55:29 Software developers can create better programs with AI (lien direct)

Artificial intelligence is making the design, development, and deployment of software faster, better, and cheaper, according to Deloitte.

TechRepublic.png 2020-01-27 19:39:35 Top 5 ways to keep product managers happy (lien direct)

Product managers are valuable members of any product development team. Tom Merritt recommends five ways you can make sure you keep them happy.

SecurityAffairs.png 2020-01-27 19:11:34 Aggah: How to run a botnet without renting a Server (for more than a year) (lien direct)

Experts from Yoroi-Cybaze ZLab have spotted new attack attempts directed to some Italian companies operating in the Retail sector linked to Aggah campaign. Introduction During the last year, we constantly kept track of the Aggah campaigns. We started deepening inside the Roma225 Campaign and went on with the RG Campaign, contributing to the joint effort to track the […]

The post Aggah: How to run a botnet without renting a Server (for more than a year) appeared first on Security Affairs.

bleepingcomputer.png 2020-01-27 18:35:06 FBI Releases Alert on Iranian Hackers\' Defacement Techniques (lien direct)

The FBI Cyber Division issued a flash security alert earlier this month with additional indicators of compromise from recent defacement attacks operated by Iranian threat actors and info on attackers\' TTPs to help administrators and users to protect their websites. [...]

Threat
TechRepublic.png 2020-01-27 18:32:59 China and open source geopolitical strategy: Simon Wardley weighs in (lien direct)

Commentary: China is increasingly playing the long game on open source, says strategist Simon Wardley.

Chercheur.png 2020-01-27 18:21:46 Russian Cybercrime Boss Burkov Pleads Guilty (lien direct)

Aleksei Burkov, an ultra-connected Russian hacker once described as "an asset of supreme importance" to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.

WiredThreatLevel.png 2020-01-27 18:00:00 Intel Is Patching the Patch for the Patch for Its \'Zombieload\' Flaw (lien direct)

Intel\'s made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third time\'s the charm?

Vulnerability,Patching
ESET.png 2020-01-27 17:34:48 Job hunting? Beware hiring scams using spoofed company websites (lien direct)

Cybercriminals are putting a new twist on an old trick

The post Job hunting? Beware hiring scams using spoofed company websites appeared first on WeLiveSecurity

Blog.png 2020-01-27 17:31:09 Hack the Box- Jarvis Walkthrough (lien direct)

This article is a walkthrough for the retired machine “Jarvis” on Hack the Box. This machine has a static IP address of 10.10.10.143. Hack the Box is a website to test your hands-on penetration testing on intentionally vulnerable machines. Level: Easy Task: find user.txt and root.txt in the victim\'s machine. Penetration Methodology Scanning Open ports... Continue reading

The post Hack the Box- Jarvis Walkthrough appeared first on Hacking Articles.

Hack
MalwarebytesLabs.png 2020-01-27 17:17:14 A week in security (January 20 – 26) (lien direct) A roundup of the previous week\'s most notable security stories and events, including tech support scams, deepfakes, and the latest ransomware attack in Florida.

Categories:

A week in security

Tags:

(Read more...)

The post A week in security (January 20 – 26) appeared first on Malwarebytes Labs.

Ransomware
TechRepublic.png 2020-01-27 16:16:15 What\'s your organization\'s cybersecurity strategy? (lien direct)

Take this quick, multiple choice survey and tell us about your company\'s cybersecurity strategies for the upcoming year.

grahamcluley.png 2020-01-27 16:11:16 A Magecart hacking gang may have been caught by police for the first ever time (lien direct)

Police in Indonesia, working alongside Interpol, have arrested three men suspected of being part of a gang engaged in Magecart attacks that skimmed payment card information from online shoppers.

bleepingcomputer.png 2020-01-27 16:05:00 Microsoft Asked to Unshackle Windows 7 From Proprietary Tyranny (lien direct)

The Free Software Foundation (FSF) is asking Microsoft to \'upcycle\' Windows 7 and allow the community to continue to improve it after its end of life. [...]

WiredThreatLevel.png 2020-01-27 16:00:00 Building High-Rises Out of Wood Can Help Save the Planet (lien direct)

Concrete and steel come with massive emissions. So let\'s ditch them and build towers out of wood. Yes, wood.

WiredThreatLevel.png 2020-01-27 15:57:20 Billie Eilish Cleaned Up at the Grammys (lien direct)

The 18-year-old won five of the six awards for which she was nominated. 

Pirate.png 2020-01-27 15:55:44 Journée de la protection des données (lien direct)
A l\'occasion de la Journée européenne de la protection des données qui se tiendra demain mardi 28 janvier, Proofpoint, spécialiste de la cybersécurité et de la mise en conformité, souligne l\'intérêt de mettre en place des cadres réglementaires, invitant surtout à se poser les bonnes questions et à viser les meilleures pratiques pour protéger efficacement les données personnelles.    
bleepingcomputer.png 2020-01-27 15:26:39 Google Chrome Gets Improved Tab Feature, Thanks to Microsoft (lien direct)

Microsoft announced late last year that Windows 10\'s default Edge browser would use open-source Chromium platform as a base. Since Edge is now built on Chromium, Microsoft has been actively contributing to the open-source platform and the under-the-hood improvements benefit both Edge and Chrome. [...]

zataz.png 2020-01-27 15:24:13 Paypal corrige une faille critique dans son système d\'authentification (lien direct)

Un chercheur en cybersécurité découvre un bug qui permettait d\'intercepter le mot de passe d\'un utilisateur Paypal. Faille corrigée en 5 jours....

WiredThreatLevel.png 2020-01-27 15:00:00 Defying Vertigo to Capture Aerial Photos From a Hang Glider (lien direct)

A photographer overcame her altitude anxieties to capture canvas-worthy aerials of the French countryside.

SecurityAffairs.png 2020-01-27 14:40:38 Which was the most common threat to macOS devices in 2019? Shlayer malware (lien direct)

Malware authors continue to show interest in macOS devices, Kaspersky experts confirmed that the Shlayer malware has been the most common threat to the macOS platform. Security experts from Kaspersky Lab revealed that the Shlayer malware was the most widespread macOS threat in 2019. In February, malware researchers at Carbon Black spotted a new strain […]

The post Which was the most common threat to macOS devices in 2019? Shlayer malware appeared first on Security Affairs.

Malware,Threat
no_ico.png 2020-01-27 14:10:22 Severe Vulnerabilities Discovered In GE Medical Devices (lien direct)

It has been reported that the US Cybersecurity and Infrastructure Agency (CISA) today issued an advisory for six high-severity security vulnerabilities in patient monitoring devices. These flaws could allow an attacker to make changes at the software level of a device and in doing so interfere with its functionality, render it unusable, change alarm settings, or expose personal …

The ISBuzz Post: This Post Severe Vulnerabilities Discovered In GE Medical Devices appeared first on Information Security Buzz.

TechRepublic.png 2020-01-27 14:00:10 Cisco study finds huge returns for companies investing in privacy (lien direct)

The report shows that enterprises with mature privacy policies saw millions in tangible returns from investments in protecting their data.

AlienVault.png 2020-01-27 14:00:00 How Smart Cards Work (lien direct)

An independent guest blogger wrote this blog.

In this modern age, there’s been a significant improvement in the digitization of traditional payment methods. We live in a technologically advanced era, and as such, advancements in payment infrastructures makes life easier, transactions faster, swifter, and smoother.

Almost all countries in the world are adopting the cashless economy policy. Smart cards are generally utilized by these countries to implement the cashless economy because they aid the seamless transaction of trade and settlement of other financial instruments.

What is a smart card?

A smart card is a type of pocket-sized device which looks like a credit card but has an embedded Integrated Circuit (IC) that can process data and allow the user to perform any transaction. The IC chip on the Smart card can be a microprocessor with memory capacity or a simple memory circuit that processes, manipulates exchange, and stores data.

Smart cards usually have up to 346 kilobytes of ROM, 8 kilobytes of RAM, a 16-bit microprocessor, and 256 kilobytes of programmable ROM. They are mainly plastic, and the microprocessor cards consist of volatile memory and microprocessor components.

How does the smart card work?

A smart card reader connected to a host computer, cloud computer, or any controlling terminal collects the information stored on the microprocessor chip of the smart card. Then, it sends such information received from the smart card back to the controlling terminal for immediate processing.

The smart card connects to the smart card reader using a unique Radio Frequency ID (RFID) or through a Carrier Sensing Collision Detection (CSCD) system protocol. RFID tags find use in a wide range of applications such as - tracking goods through the supply chain, tracking assets, controlling access into buildings, among other similar applications.

The CSCD protocols sense the carrier frequency of the smart card to match its speed. Two-way communication is used when collisions are detected, and the retransmission is based on a priority of detection.

Smart cards cannot provide locations using GPS services. This is because the smart card does not have a power source to support continuous operations. Tracking happens by conducting audit trails to pinpoint where an individual used their card.

The smart card chip comes in contact with the card reader either directly or indirectly and establishes an electronic interface. This then enables transactions such as payments via Point of Sale to take place. However, some smart cards do not need to come in contact with the reader. They connect using a wireless medium. These types of smart cards are called contactless cards, while those that need contact are known as contact smart cards. Contactless smart cards are increasing in demand due to their ease of use and flexibility.

What are the uses of smart cards?

  • Secured storage -  Smart card technology provides a secured means of storing data. Users' data is stored securely on the card and not on a central database, and is only accessible with the user giving full consent.
  • E-Commerce - Instead of filling out long forms, smart cards are useful for storing user shopping data and credit card details which are all accessible with a mouse click.
  • Personal finance - Users can use a smart card to conduct business transactions throughout the globe without hassle.
  • Encryption - Smart card technology provides a broad set of encryption capabilities which includes secure key storage, hashing and digital signing.

Types of smart cards

We can classify the smart cards based on:

  1. Their Connection to the Smart card reader
  2. Their configuration

Types of smart cards base

no_ico.png 2020-01-27 13:31:43 Experts On Report: Cofense Malware Trends Report Shows Heavy Use Of Macro-enabled Documents For Malware Delivery (lien direct)

Cofense has released release its Q4 2019 Malware Trends report, shedding light on the malware families, delivery methods and campaigns that dominated the past quarter. Q4 2019 demonstrated an overall decrease in malware volume, as Emotet (also known as Geodo) overtook the limelight and threat actors scaled down for the holidays. The information stealer Loki …

The ISBuzz Post: This Post Experts On Report: Cofense Malware Trends Report Shows Heavy Use Of Macro-enabled Documents For Malware Delivery appeared first on Information Security Buzz.

Malware,Threat
CSO.png 2020-01-27 13:16:00 Magecart-related arrests made in Indonesia (lien direct)

Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger multi-national law enforcement investigation that continues in other countries from the Southeast Asia region.

Malware
ZDNet.png 2020-01-27 13:14:26 Fortinet removes SSH and database backdoors from its SIEM product (lien direct)

Patches have been released for CVE-2019-17659 and CVE-2019-16153.

securityintelligence.png 2020-01-27 13:01:01 Gaining Insight Into the Ponemon Institute\'s 2020 Cost of Insider Threats Report (lien direct)

In our release of the 2020 Cost of Insider Threats report, we cover details on the cost of insider threats by industry and the tools and activities that can help reduce the risk of insider threats.

The post Gaining Insight Into the Ponemon Institute’s 2020 Cost of Insider Threats Report appeared first on Security Intelligence.

WiredThreatLevel.png 2020-01-27 13:00:00 Tinder Swipes Right on AI to Help Stop Harassment (lien direct)

The dating app says its new machine learning tool can help flag potentially offensive messages and encourage more users to report inappropriate behavior. 

Tool
WiredThreatLevel.png 2020-01-27 13:00:00 The Best Dyson Vacuums (2020): V11, V7 Trigger, and More (lien direct)

It\'s easy to get sucked into the brand\'s vast catalog. Here are the ones that floored us.

WiredThreatLevel.png 2020-01-27 13:00:00 AI License Plate Readers Are Cheaper-So Drive Carefully (lien direct)

Police can add computer-vision software to ordinary security cameras for as little as $50 a month.

grahamcluley.png 2020-01-27 12:56:58 Microsoft\'s Internet Explorer zero-day workaround is breaking printers (lien direct)

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be breaking printers.

Vulnerability
ZDNet.png 2020-01-27 12:47:21 Cybersecurity: A guide for parents to keep kids safe online (lien direct)

Cybersecurity, cyberbullying, and mobile devices can be a minefield -- so here is a guide to take the stress out of cyberspace for parents.

bleepingcomputer.png 2020-01-27 12:47:19 Windows 7 To Get Post End of Life Update to Fix Wallpaper Bug (lien direct)

Microsoft plans to release an additional update for all users of Windows 7 that fixes a wallpaper bug even though the operating system has reached the end of support. [...]

no_ico.png 2020-01-27 12:32:39 (Déjà vu) U.S. Govt Agency Hit With New CARROTBALL Malware Dropper (lien direct)

A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea. CARROTBALL came in a Microsoft Word document acting as a lure for the target, from a Russian email …

The ISBuzz Post: This Post U.S. Govt Agency Hit With New CARROTBALL Malware Dropper appeared first on Information Security Buzz.

Malware
no_ico.png 2020-01-27 12:28:52 Industry Comment – Nick Clegg Ignorance Shines Light On Poor Software Security Hygiene (lien direct)

Following widespread criticism of Nick Clegg\'s suggestion that end-to-end encrypted messages could not be hacked, please find the comments below from security experts Derek believes companies such as Facebook risk opening the door to hackers by neglecting software hygiene. Clegg\'s lack of understanding of the problem is typical of board-level ignorance of application security, and the need …

The ISBuzz Post: This Post Industry Comment – Nick Clegg Ignorance Shines Light On Poor Software Security Hygiene appeared first on Information Security Buzz.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2020-01-28 03:02:18
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Flux RSS Twitter