What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-08-14 15:24:00 | British Airways Criticized for Exposing Passenger Flight Details (lien direct) | British Airways (BA) has been criticized for allowing hackers easy access to customer flight information. The issue was exposed Tuesday by researchers who discovered "a vulnerability affecting British Airways' e-ticketing system that exposes passengers' personally identifiable information (PII)." | Vulnerability | ||
|
2019-08-14 13:41:03 | Myers-Briggs Study Examines Employee Personality Traits and Cyber Behaviors (lien direct) | Myers-Briggs is a firm that believes in self-development through self-awareness. To improve the level of self-awareness, it has developed a psychometric test to indicate to which of 16 personality types everybody belongs. This is the Myers-Briggs Type Indicator (MBTI), comprising 16 types based on the interaction of four basic personalities. | |||
|
2019-08-14 13:33:04 | Microsoft Warns of New BlueKeep-Like, Wormable RDS Vulnerabilities (lien direct) | Microsoft's latest security updates patch more wormable vulnerabilities related to Remote Desktop Services (RDS) and the company has published a blog post to warn users about the risk they pose. | |||
|
2019-08-14 11:57:04 | How to Find Success for IT in an OT World (lien direct) | The convergence of IT and operational technology (OT) is well underway, making IT's influence on OT environments - both at the technological and personnel levels - critical to the future success of businesses. While these teams have not typically worked together and often find themselves at odds when it comes to networking, maintenance and ownership, the time for playing nice is now. Here are some critical factors for success in managing the meeting of these two worlds. | |||
|
2019-08-14 11:48:02 | HTTP/2 Implementation Vulnerabilities Expose Servers to DoS Attacks (lien direct) | Researchers at Netflix and Google have discovered a total of eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations, including from major tech companies such as Amazon, Apple, Facebook and Microsoft. | |||
|
2019-08-14 11:34:03 | Collision Course: Keeping Up With Digital Complexity in an App-Enabled World (lien direct) | There's no question the world is getting more agile. These days even companies in traditional brick and mortar industries, those luddites and laggards from the old school, are transitioning their business logic to web sites and apps. | |||
|
2019-08-14 11:32:04 | Facebook Listened to Users\' Conversations: Report (lien direct) | Facebook has paid hundreds of contractors to listen to and transcribe snippets of users' conversations, US media reported on Tuesday, amid heightened scrutiny of the social network's data collection practices. | |||
|
2019-08-14 08:46:02 | Siemens SCALANCE X Switches Vulnerable to DoS Attacks (lien direct) | Siemens on Tuesday released several new advisories describing vulnerabilities in the company's products, including an unpatched denial-of-service (DoS) flaw affecting SCALANCE X industrial switches. | |||
|
2019-08-14 04:57:00 | BlueKeep Patching Efforts Sink: 750,000 Systems Still Vulnerable (lien direct) | More than 750,000 systems remain vulnerable to the BlueKeep vulnerability as patching rate has decreased by around 85%, a new report from security firm BitSight reveals. | Vulnerability Patching | ||
|
2019-08-14 04:45:01 | Czechs Blame Foreign State for Foreign Ministry Cyberattack (lien direct) | A parliamentary committee in the Czech Republic says a national security agency told its members that a foreign country state is believed to be behind a cyberattack on the Czech Foreign Ministry. | |||
|
2019-08-13 19:03:00 | Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates (lien direct) | Microsoft's August 2019 Patch Tuesday updates fix more than 90 vulnerabilities, but none of them have been exploited in attacks or disclosed publicly before the patches were released. | |||
|
2019-08-13 15:09:01 | Adobe Patches 118 Vulnerabilities Across Eight Products (lien direct) | Adobe's Patch Tuesday updates for August 2019 resolve 118 vulnerabilities across the company's After Effects, Character Animator, Premiere Pro, Prelude, Creative Cloud, Acrobat and Reader, Experience Manager, and Photoshop products. | |||
|
2019-08-13 13:11:02 | Free MANRS Tool Helps Improve Routing Security (lien direct) | The Mutually Agreed Norms for Routing Security (MANRS) initiative on Tuesday announced the availability of a free tool designed to help network operators identify potential issues and improve routing security. | Tool | ||
|
2019-08-13 11:52:02 | Industrial Defense In The Cloud (lien direct) | It was not that long ago when one of the measures of a company's maturity was whether it had its own data center or not. In some cases, the data center occupied one or two floors in the company's facility while in others, the data center may have sprawled across several locations for full redundancy. | |||
|
2019-08-13 07:45:00 | SQLite Vulnerabilities Demoed With Hacking of iPhone, Malware C&C (lien direct) | Researchers have uncovered some potentially serious SQLite vulnerabilities and they have demonstrated their findings by hacking an iPhone and a command and control (C&C) server used by malware. | Malware | ||
|
2019-08-13 07:28:03 | UN Probing 35 North Korean Cyberattacks in 17 Countries (lien direct) | U.N. | |||
|
2019-08-12 15:37:00 | \'Cloud Atlas\' Cyberspies Use Polymorphic Malware in Government Attacks (lien direct) | The Cloud Atlas threat group has continued conducting cyber espionage operations and its recent attacks have involved a new piece of polymorphic malware. | Malware Threat | ||
|
2019-08-12 13:39:02 | FBI, Facebook Could Clash Over Privacy vs. Monitoring (lien direct) | The FBI is looking for outside contractors to monitor social media for potential threats, setting up a possible conflict with Facebook and other companies over privacy. | |||
|
2019-08-12 13:21:00 | Researchers Demonstrate Ransomware Attack on DSLR Camera (lien direct) | 
Researchers at cybersecurity firm Check Point have demonstrated that malicious actors could hack a DSLR camera and infect it with a piece of ransomware.
|
Ransomware Hack | ||
|
2019-08-12 11:56:00 | Tips for Bridging the Gap Between Cyber Risk & Business Risk (lien direct) | Misalignment between cyber risk and business risk is one of the biggest causes and symptoms, of misalignment between the CISO, the C-suite, and the board. Part of the issue is that many of the processes and tools currently used to measure and manage business risk were established long before cyber risk (or cyber anything) entered the picture. | |||
|
2019-08-12 10:49:04 | McAfee Strengthens Container Security Capabilities With NanoSec Acquisition (lien direct) | McAfee last week announced the acquisition of NanoSec, a California-based company that specializes in security solutions designed to help organizations protect data center and cloud traffic. | |||
|
2019-08-12 08:33:03 | Apple Offers Up to $1 Million in Public Bug Bounty Program (lien direct) | Apple last week announced that it's making some significant changes to its bug bounty program, making it public and expanding the list of covered products. | |||
|
2019-08-12 04:29:01 | \'Saefko\' Multi-Layered RAT Can Spread via USB Drives (lien direct) | Security researchers from Zscaler have found a new remote access Trojan (RAT) for sale on the Dark Web that includes multiple functions and is able to spread via removable USB drives. | |||
|
2019-08-11 15:27:02 | Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware (lien direct) | 
|
Malware | ||
|
2019-08-09 15:51:04 | Vulnerability Has Been Lurking in Avaya Phones for 10 Years (lien direct) | A security vulnerability discovered and patched 10 years ago has remained unaddressed in various Avaya phones until recently, McAfee security researchers have discovered. | Vulnerability | ||
|
2019-08-09 15:42:05 | Hidden Injection Flaws Found in BIG-IP Load Balancers (lien direct) | In May 2019 (updated in June), F5 issued a security advisory about a potential injection issue in the Tool Command Language (TCL) as used with its BIG-IP load balancers. Load balancers are essential to ensure consistent web services in high volume circumstances, and BIG-IP is popular with banks, governments and large corporations. | Tool | ||
|
2019-08-09 15:01:01 | Repurposing Mac Malware Not Difficult, Researcher Shows (lien direct) | Repurposing Mac malware is not a difficult task for someone with reverse-engineering skills, and it's a far simpler approach compared to writing malware from scratch, a researcher has demonstrated. | Malware | ||
|
2019-08-08 23:18:00 | Broadcom to Buy Symantec Enterprise Unit for $10.7 Billion (lien direct) | Broadcom announced plans Thursday to buy the enterprise unit of cybersecurity firm Symantec Corp. for $10.7 billion in a move to further diversify the US semiconductor maker. | |||
|
2019-08-08 19:00:01 | Hackers Can Use Rogue Engineering Stations to Target Siemens PLCs (lien direct) | Malicious actors could use rogue engineering workstations to take control of Siemens programmable logic controllers (PLCs), and they can hide the attack from the engineer monitoring the system, researchers from two universities in Israel have demonstrated. | |||
|
2019-08-08 18:50:04 | New Windows Process Injection Can Be Useful for Stealthy Malware (lien direct) | 
|
Malware | ||
|
2019-08-08 18:10:00 | Privacy Platform Provider Securiti.ai Emerges From Stealth With $31 Million Funding (lien direct) | In the past, data protection regulation has largely been concerned with preventing the theft of personal data. Security and security products have focused on preventing breaches -- no breach effectively meant no failure of data protection compliance. | |||
|
2019-08-08 17:36:00 | GM Cruise Releases Automated Firmware Security Analyzer to Open Source (lien direct) | The growth of IoT devices has highlighted the difficulties in ensuring firmware security -- especially where the device and software are initially sourced from third parties, or developed under time pressures in-house. Now a new firmware analyzer has been released to open source on GitHub. | |||
|
2019-08-08 16:14:00 | Researchers Find Vulnerabilities in Boeing 787 Firmware (lien direct) | Researchers from security firm IOActive have discovered a series of vulnerabilities and attacks that they believe could be possible on Boeing's 787 Dreamliner. | |||
|
2019-08-08 04:43:01 | Microsoft Says It \'Listens\' to Conversations Only With Permission (lien direct) | Microsoft said Wednesday its contractors listen to conversations to hone voice translation features offered by Skype and its digital assistant Cortana, but only when obtaining user permission. | ★★ | ||
|
2019-08-07 20:44:05 | US Formalizes Ban on Government Contracts to China\'s Huawei, Others (lien direct) | The United States unveiled rules on Wednesday formally banning technology giant Huawei and other Chinese firms from government contracts in the latest move in the countries' escalating trade war. | |||
|
2019-08-07 19:36:03 | Network Shares Are a Primary Target for Ransomware (lien direct) | The evolution of ransomware from high volume, low return, spray and pray consumer attacks to lower volume, high value, targeted attacks against business is well documented. The intent now is not to simply encrypt local files, but to find and encrypt network shares in order to inflict the greatest harm in the shortest time. | Ransomware | ||
|
2019-08-07 16:33:03 | Cisco Patches Critical Flaws in Network Switches (lien direct) | Cisco this week released patches to address several vulnerabilities in its Small Business 220 Series Smart Switches, including two bugs rated Critical severity. | |||
|
2019-08-07 14:53:00 | Cyber Hygiene 101: Implementing Basics Can Go a Long Way (lien direct) | With the number of data breaches skyrocketing in recent years, global cybercrime-related damages are expected to surge in the years ahead. In the last two months alone, we have seen a wave of ransomware attacks wreak havoc and another mega breach that impacted more than 100 million individuals at Capital One whose credit application information was stolen. | Ransomware | ||
|
2019-08-07 14:44:00 | Twitter Again Admits Sharing User Data Without Permission (lien direct) | Twitter admitted this week that it may have accidentally shared some users' data with third parties without permission. | |||
|
2019-08-07 14:09:04 | The Fundamentals of Developing Effective DevSecOps (lien direct) | 
Bolting Security on to DevOps Without Full Integration is Little More Than Keeping Security in its Own Separate Silo
|
|||
|
2019-08-07 12:33:05 | SQL Injection Vulnerability Exposed Starbucks Financial Records (lien direct) | A critical SQL injection vulnerability exposed nearly one million financial records stored in a Starbucks enterprise database, a researcher revealed this week. | Vulnerability | ||
|
2019-08-07 10:02:05 | Millions of Devices With Intel CPUs Exposed to SWAPGS Attack (lien direct) | 
Researchers have discovered yet another speculative execution vulnerability that can allow attackers to steal potentially sensitive information from devices with Intel processors.
|
Vulnerability | ||
|
2019-08-06 18:47:04 | Developer Bypasses Chrome\'s Anti-Incognito Detection (lien direct) | Chrome 76 closed a loophole that allowed sites to detect when the Incognito Mode was being used, but a bypass for it has already been discovered. The Incognito Mode, or private browsing, allows users to access websites without having unwanted cookies saved on disk and without being tracked by certain websites. | |||
|
2019-08-06 18:20:05 | Baldr Malware: A Short-Lived Star or Info Stealer That Will Return? (lien direct) | The Baldr malware is a bit of an enigma. Appearing first in late 2018, researchers at Sophos have tracked it through four rapid revisions until suddenly, on May 31, 2019, the distributor (overdot) declared that further development and support had ceased. Users had been expecting the developer -- thought to be LordOdin by Malwarebytes -- to deliver a major upgrade to version 4.0. | Malware | ||
|
2019-08-06 18:10:02 | New \'Lord\' Exploit Kit Emerges (lien direct) | A newly identified exploit kit is targeting vulnerable versions of Adobe's Flash Player, Malwarebytes security researchers say. | |||
|
2019-08-06 17:19:02 | Slack Unveils New Enterprise Security Tools (lien direct) | Slack on Tuesday unveiled several new security tools designed to provide administrators of its Enterprise Grid product better control over who can use the platform and how they do it. | |||
|
2019-08-06 15:08:00 | Pakistani Man Bribed AT&T Employees to Unlock Phones, Plant Malware (lien direct) | A Pakistani national has been charged by U.S. authorities for his role in a scheme that involved bribing employees of telecommunications giant AT&T to help unlock phones and plant malware on the company's network. | Malware | ||
|
2019-08-06 14:29:00 | Cloud Providers Improving Security, But Users Need to Up Their Game (lien direct) | A new report from the Cloud Security Alliance (CSA) on the top threats to cloud computing suggests that service providers are improving their security. Many of today's threats now stem from organizational management decisions and implementation/configuration weaknesses. | |||
|
2019-08-06 14:00:01 | Russian Hackers Leverage IoT Devices to Access Corporate Networks (lien direct) | IoT Devices Used as Points of Ingress for Hackers to Establish a Presence on Corporate Network | |||
|
2019-08-06 10:54:02 | Microsoft Offers Up to $300,000 in New Azure Security Lab (lien direct) | 
|
To see everything:
Our RSS (filtrered)
