What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-05 16:38:01 | Critical Vulnerabilities Lead to Account Takeover in Major IPTV Streamer (lien direct) | Critical vulnerabilities have been found in the Ukrainian IPTV video streaming platform Ministra, which uses Infomir-manufactured set top boxes (STBs) to transmit streaming content from the platform to end users' televisions. Infomir sells its products throughout the world, so impacted users are not confined to the Ukraine. | |||
|
2019-06-05 16:01:01 | Russia Effort in 2016 US Election Was \'Vast,\' \'Professional\' (lien direct) | Russia's efforts to sow misinformation on Twitter ahead of the 2016 US election was more extensive and professional than earlier believed, security researchers said Wednesday. | ★★★★ | ||
|
2019-06-05 15:29:00 | (Déjà vu) Unofficial Patch Available for Recent Windows 10 Task Scheduler Zero-Day (lien direct) | An unofficial patch has been released for a recently disclosed zero-day vulnerability in Windows 10's Task Scheduler. | Vulnerability | ||
|
2019-06-05 15:03:04 | Building a Successful OT SOC (lien direct) | OT Environments Need Security Monitoring that Provides Enhanced Visibility and Traceability Into OT Systems | |||
|
2019-06-05 14:45:01 | Ransomware Attack Costs Norsk Hydro Tens of Millions of Dollars (lien direct) | Norwegian aluminum giant Norsk Hydro lost $35-41 million in the first quarter of 2019 as a result of the ransomware attack and expects additional losses of $23-29 million in the second quarter. | Ransomware | ||
|
2019-06-05 14:30:00 | Vietnam Cyber Threat: Government-Linked Hackers Ramping Up Attacks (lien direct) | 
|
|||
|
2019-06-05 14:00:05 | Endpoint Security Firm SentinelOne Raises $120 Million (lien direct) | Endpoint security firm SentinelOne announced on Wednesday that it has raised $120 million through a Series D funding round led by Insight Partners. | |||
|
2019-06-05 12:54:05 | NSA Urges Windows Users to Patch \'BlueKeep\' Vulnerability (lien direct) | The U.S. National Security Agency (NSA) on Tuesday urged Windows users and administrators to immediately address the vulnerability tracked as BlueKeep and CVE-2019-0708. | Vulnerability | ||
|
2019-06-05 10:47:05 | How Deception Technology Can Defend Networks and Disrupt Attackers (lien direct) | 
|
|||
|
2019-06-05 06:19:02 | LabCorp Says 7.7 Million Patients Caught in AMCA Data Breach (lien direct) | One day after medical testing firm Quest Diagnostics revealed that nearly 12 million of its patients had their personal and financial information exposed as a result of a breach at the American Medical Collection Agency (AMCA), LabCorp has come forward to say that the incident has also impacted 7.7 million of its customers. | Data Breach | ||
|
2019-06-04 06:05:03 | Apple Unveils Privacy-Focused Authentication System (lien direct) | 
Apple announced on Monday at its 2019 Worldwide Developers Conference (WWDC) a new authentication system that should provide better privacy protections compared to similar products from Facebook and Google.
|
|||
|
2019-06-04 04:40:05 | Top Australian University Reports Vast, \'Sophisticated\' Hack (lien direct) | A top Australian university with close ties to the country's government and security services on Tuesday said it had been the victim of a vast hack by a "sophisticated operator" who gained access to 19 years of sensitive data. | Hack | ||
|
2019-06-03 17:58:05 | Beyond Biometrics: The Future of Authentication (lien direct) | As organizations become more and more digitally connected, concerns about secure access seem to loom larger than ever. With more users connecting to more resources, how can organizations ensure people requesting access are who they say they are? | |||
|
2019-06-03 17:35:03 | Inside GCHQ\'s Proposed Backdoor Into End-to-End Encryption (lien direct) | The Open Technology Institute (OTI) has responded to GCHQ/NCSC's article on 'Principles for a More Informed Exceptional Access Debate' with an 'Open Letter to GCHQ on the Threats Posed by the Ghost Proposal'. | |||
|
2019-06-03 17:14:05 | AMCA Breach Hits 12 Million Quest Diagnostics Patients (lien direct) | A data breach at billing collections service provider American Medical Collection Agency (AMCA) could impact many of the company's customers. One victim is medical testing firm Quest Diagnostics and roughly 12 million of its patients. | Data Breach | ||
|
2019-06-03 17:08:02 | GandCrab Ransomware Authors Announce Shut Down (lien direct) | The authors of the GandCrab ransomware have reportedly announced on underground forums that they are closing their operation after claiming that they have earned over $150 million a year. | Ransomware | ||
|
2019-06-03 16:48:04 | New Attack Targets the Touchscreen of Smartphones, Researchers Reveal (lien direct) | A group of researchers has devised a new proof-of-concept attack that targets the touchscreen of Near-Field Communication (NFC)-enabled mobile devices such as smartphones and allows remote control of the devices. | |||
|
2019-06-03 15:04:05 | Lab Testing Firm Eurofins Scientific Hit by Ransomware (lien direct) | Luxembourg-based laboratory testing services giant Eurofins Scientific on Monday revealed that some of its IT systems have been infected with a piece of ransomware. | Ransomware | ||
|
2019-06-03 13:14:05 | Serious Vulnerabilities Found in Kace K1000 Appliance (lien direct) | Several vulnerabilities have been found and patched in the Kace K1000 systems management appliance from Quest. | |||
|
2019-06-03 12:01:05 | Hackers Can Bypass macOS Security Features With Synthetic Clicks (lien direct) | Hackers can use synthetic clicks to bypass many of the privacy and security features implemented last year by Apple in its macOS operating system, a researcher has revealed. | |||
|
2019-06-02 13:06:03 | rkt Container Runtime Flaws Give Root Access to Host (lien direct) | Unpatched vulnerabilities found in the rkt container runtime can be exploited by an attacker to escape the container and gain root access to the host. | |||
|
2019-05-31 17:04:03 | Chrome Extensions Policy Hits Deceptive Installation Tactics (lien direct) | Google this week announced a new policy that aims at eliminating the use of deceptive installation tactics among Chrome browser extensions. | |||
|
2019-05-31 15:02:00 | Researchers Dissect PowerShell Scripts Used by Russia-Linked Hackers (lien direct) | Security researchers from ESET have analyzed several PowerShell scripts used by the Russia-linked Turla threat group in recent attacks. | Threat | ||
|
2019-05-31 14:13:02 | Microsoft Reminds Users to Patch Wormable \'BlueKeep\' Vulnerability (lien direct) | Microsoft has reminded users to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708 due to the high risk of exploitation. | Vulnerability | ||
|
2019-05-31 13:31:05 | Public Exposure of Sensitive Files on the Internet is Getting Worse (lien direct) | 2.3 billion files are currently exposed and accessible through misconfigured network-attached storage (NAS) devices, FTP and rsync servers, and Amazon S3 buckets to anyone on the internet. That's 750 million more than 12 months ago, and despite Amazon's largely successful attempts to limit the exposure of its S3 buckets. | |||
|
2019-05-31 13:04:05 | Facebook Loses Bid to Block Landmark ECJ Data Security Hearing (lien direct) | Ireland's supreme court on Friday dismissed a bid by Facebook to block a landmark data security case from progressing to the European Court of Justice. | |||
|
2019-05-31 09:40:02 | Cloud Data Protection Firm OwnBackup Raises $23 Million (lien direct) | Fort Lee, New Jersey-based cloud data protection company OwnBackup on Thursday announced that it raised $23.25 million in a Series C funding round. | |||
|
2019-05-31 04:22:01 | Amazon Digital Assistant Alexa Gets New Skill: Amnesia (lien direct) | Amazon on Wednesday added the ability to tell its Alexa digital assistant to forget what it has heard in a move that could assuage concerns about Echo devices remembering conversations. The command "Alexa, delete everything I said today" will get the virtual aide to do just that, the internet colossus said in an online post. | |||
|
2019-05-30 17:46:02 | macOS Gatekeeper Bypass Exploits Trust on Network Shares (lien direct) | Bypassing macOS' Gatekeeper by leveraging trust in network shares is a trivial operation, a security researcher has discovered. | |||
|
2019-05-30 17:16:03 | Sophisticated HiddenWasp Malware Targets Linux (lien direct) | A recently uncovered piece of sophisticated malware targeting Linux provides attackers with remote control of the infected systems, Intezer's security researchers have discovered. | Malware | ||
|
2019-05-30 17:10:04 | High-Risk Flaws Found in Process Control Systems From B&R Automation (lien direct) | Researchers from Positive Technologies have discovered several vulnerabilities in APROL industrial process control systems from Austria-based B&R Industrial Automation. According to the cybersecurity firm, the flaws impact 12 components of the APROL products, which are often used by oil and gas, energy, and mechanical engineering companies. | |||
|
2019-05-30 16:09:05 | Malware Found on PoS Systems at Checkers and Rally\'s Restaurants (lien direct) | Checkers Drive-In Restaurants, Inc. on Wednesday informed customers that malware had been found on point-of-sale (PoS) systems at some of its Checkers and Rally's restaurants. | Malware | ||
|
2019-05-30 15:36:01 | Industry is Not Prepared for the IIoT Attacks that Have Already Begun (lien direct) | Industrial Internet of Things (IIoT) is an essential part of business transformation and the Industry 4.0 revolution. Its use is burgeoning, with more than 7 billion devices in use worldwide. This is expected to grow to more 20 billion by 2025 -- and does not include phones, tablets or laptops. It is a journey just beginning, and nobody yet knows the destination or route. | |||
|
2019-05-30 15:29:01 | Analysis Shows Poor GDPR Compliance in European Websites (lien direct) | Marking the one-year anniversary of GDPR coming into force (May 25, 2018), a web-scanning service has analyzed the visible GDPR compliance of the 100 most popular websites in each of the 28 European member states. The scan is non-intrusive. As a result, it cannot say that an organization is compliant (non-compliance can occur deep in the system), but it can say if an organization is not compliant simply by examining the parts that are visible over the internet. | |||
|
2019-05-30 14:57:04 | Nation-State Security: Private Sector Necessity (lien direct) | Attackers With the Backing and Sophistication of Nation-States Are Increasingly Targeting Commercial Entities | |||
|
2019-05-30 14:46:00 | Apple Patches SQLite, WebKit Bugs in iTunes and iCloud for Windows (lien direct) | Apple this week released updates for iTunes and iCloud for Windows applications, to address recently disclosed SQLite and WebKit security flaws in them. iTunes for Windows 12.9.5 was released with patches for a total of 25 vulnerabilities. Of these, four impact SQLite, while the remaining 21 were addressed in WebKit. | |||
|
2019-05-30 13:56:02 | ProtonMail Accused of Voluntarily Helping Police Spy on Users (lien direct) | Privacy-focused email service ProtonMail has been accused of voluntarily helping law enforcement spy on users. The company has denied the accusations. | |||
|
2019-05-30 11:49:01 | Threat Intelligence Firm Recorded Future Acquired for $780 Million (lien direct) | Threat intelligence provider Recorded Future announced on Thursday that Insight Partners has agreed to acquire a controlling interest in the company, in addition to the minority stake previously owned by Insight. The all-cash transaction values Recorded Future at more than $780 million. | Threat | ||
|
2019-05-30 09:54:01 | Technology is Not Our Problem (lien direct) | The Security Vendor Space is Extremely Noisy and Increasingly Out of Touch With the Needs of the Enterprise | |||
|
2019-05-30 09:30:02 | (Déjà vu) New Zealand Says Budget Leak Was Bungled, Not Hacked (lien direct) | A security breach that led to the premature release of New Zealand's budget resulted from an online bungle, not a sophisticated cyberattack as originally claimed, red-faced officials admitted Thursday. | |||
|
2019-05-30 02:24:02 | Palo Alto Networks Acquires Cloud Security Startups Twistlock and PureSec (lien direct) | Network security giant Palo Alto Networks (NYSE: PANW) announced on Wednesday that it has agreed to acquire two security startups that it says will help extend its cloud security capabilities. | |||
|
2019-05-30 00:22:00 | Cyberattack Hits New Zealand Budget (lien direct) | [UPDATE 5.30.19 - New Zealand Says Budget Leak Was Bungled, Not Hacked] | |||
|
2019-05-29 18:10:03 | Docker Vulnerability Gives Arbitrary File Access to Host (lien direct) | A newly disclosed vulnerability in Docker could be exploited by a malicious attacker to escape the container and gain arbitrary read/write file access on the host with root privileges. | Vulnerability | ||
|
2019-05-29 15:35:02 | Get Cross-Functional: Learn to Let Go and Embrace DevSecOps (lien direct) | In many organizations, building and securing apps has typically been a siloed affair. The product owner, the network engineer, the developer and the security engineer all come from different teams. And all too often, these teams become fiefdoms that believe their focus is the company's primary objective. | |||
|
2019-05-29 15:23:01 | Chinese Cyber-Spies Target Government Organizations in Middle East (lien direct) | Chinese cyber-espionage group Emissary Panda has been targeting government organizations in two different countries in the Middle East, Palo Alto Networks security researchers say. | APT 27 | ||
|
2019-05-29 14:16:05 | Google Researcher Finds Code Execution Vulnerability in Notepad (lien direct) | Google Project Zero researcher Tavis Ormandy revealed on Tuesday that he identified a code execution vulnerability in Microsoft's Notepad text editor. | Vulnerability | ||
|
2019-05-29 13:06:02 | (Déjà vu) AttackIQ Raises $17.6 Million in Series B Funding Round (lien direct) | AttackIQ, a California-based company that specializes in continuous security validation, on Wednesday announced that it raised $17.6 million in a Series B funding round, which brings the total raised by the firm to roughly $35 million. | |||
|
2019-05-29 12:50:03 | Iran-based Social Media Scheme Impersonated Press (lien direct) | Facebook and Twitter said Tuesday they shuttered accounts used in an Iran-based social media campaign to sway public opinion by impersonating reporters, politicians and others. | |||
|
2019-05-29 05:42:00 | Flipboard Resets User Passwords in Response to Data Breach (lien direct) | News and social media aggregator Flipboard revealed on Tuesday that it suffered a serious breach involving unauthorized access to some databases storing user account information. | Data Breach | ||
|
2019-05-29 04:23:02 | FireEye Acquires Security Effectiveness Testing Firm Verodin for $250 Million (lien direct) | FireEye (NASDAQ: FEYE) announced on Tuesday that it has acquired Verodin, a provider of tools that help test the effectiveness of cyber security controls, in a deal valued at roughly $250 million in cash and stock. |
To see everything:
Our RSS (filtrered)
