What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-21 07:56:03 | Mozilla Patches Second Firefox Zero-Day Used in Cryptocurrency Attacks (lien direct) | Mozilla on Thursday patched a second zero-day vulnerability in Firefox that has been exploited by malicious actors to deliver Mac malware to cryptocurrency exchanges. | Malware Vulnerability | ||
|
2019-06-20 21:20:04 | Google Open-Sources Cryptographic Protocol (lien direct) | Google this week rolled out a new type of multi-party computation (MPC) to help organizations better collaborate with confidential data sets. | |||
|
2019-06-20 18:11:01 | Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group (lien direct) | Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group | Threat | APT 34 | |
|
2019-06-20 15:36:04 | Firefox Zero-Day Exploited to Deliver Malware to Cryptocurrency Exchanges (lien direct) | The recently patched Firefox vulnerability tracked as CVE-2019-11707 has been exploited to deliver Mac (and possibly Windows) malware to the employees of cryptocurrency exchanges. | Malware | ||
|
2019-06-20 14:06:05 | Indegy Launches Industrial Cybersecurity-as-a-Service Offering (lien direct) | Indegy on Thursday announced the general availability of CIRRUS, a new industrial cybersecurity-as-a-service (ICSaaS) offering. CIRRUS is designed to help organizations of all sizes monitor and protect their operational technology (OT) environments using cloud technologies and real-time threat intelligence sharing. | Threat | ||
|
2019-06-20 13:38:05 | Why Diversity of Thought in the Workplace Matters (lien direct) | Organizations Need Strong Leadership Backing in Order Train Managers on More Inclusive Management Styles | Guideline | ||
|
2019-06-20 13:19:04 | Critical Vulnerabilities Patched in Cisco SD-WAN, DNA Center Products (lien direct) | Cisco on Wednesday released patches for several critical and high-severity vulnerabilities affecting its SD-WAN, DNA Center, TelePresence, StarOS, RV router, Prime Service Catalog, and Meeting Server products. | |||
|
2019-06-20 11:00:04 | MongoDB Introduces Client-Side Field Level Encryption to Aid Compliance (lien direct) | MongoDB Inc, developer of the NoSQL MongoDB document-based database management product, has announced the latest version, 4.2. The primary new features are distributed transactions, an updated Kubernetes Operator, and client-side field level encryption. | Uber | ||
|
2019-06-20 07:39:01 | Senator Asks NIST to Propose Secure Data Sharing Methods (lien direct) | Senator Ron Wyden has asked the U.S. National Institute of Standards and Technology (NIST) to create and publish a guide for securely sharing sensitive data over the internet. | |||
|
2019-06-20 05:13:05 | Florida City Pays $600,000 Ransom to Save Computer Records (lien direct) | A Florida city agreed to pay $600,000 in ransom to hackers who took over its computer system, the latest in thousands of attacks worldwide aimed at extorting money from governments and businesses. | |||
|
2019-06-19 21:06:03 | Are Artificial Intelligence and Machine Learning Just a Temporary Advantage to Defenders? (lien direct) | Attackers Explore How to Defeat Machine Learning (ML)-Based Defenses and Use ML in Their Own Attacks | |||
|
2019-06-19 18:00:01 | Security Doesn\'t Have to be a Losing Battle (lien direct) | Hello world. While I have blogged pretty frequently in the past, this is my first official column for any sort of major publication, and I am so grateful for the opportunity from SecurityWeek. | |||
|
2019-06-19 17:26:03 | Cyberespionage Campaign Targets Android Users in Middle East (lien direct) | A recently uncovered cyberespionage campaign is targeting the users of Android devices in Middle Eastern countries, Trend Micro's security researchers reveal. | |||
|
2019-06-19 13:59:04 | (Déjà vu) Cloud Security Firm Valtix Emerges From Stealth With $14 Million in Funding (lien direct) | Santa Clara, California-based Valtix emerged from stealth mode on Wednesday with a cloud-native network security platform and $14 million in initial funding. | |||
|
2019-06-19 13:18:04 | Google Boosts Chrome Protection Against Deceptive Sites (lien direct) | Google is making web browsing with Chrome safer with a new option for reporting suspicious websites and a new warning mechanism for sites that use deceptive URLs. | |||
|
2019-06-19 12:55:04 | 645,000 Clients Affected in Oregon Department of Human Services Data Breach (lien direct) | Oregon Department of Human Services officials say they are notifying about 645,000 clients whose personal information is at risk from a January data breach. | Data Breach | ||
|
2019-06-19 12:40:00 | Facebook\'s Currency Libra Faces Financial, Privacy Pushback (lien direct) | Facebook is getting a taste of the regulatory pushback it will face as it creates a new digital currency with corporate partners. | |||
|
2019-06-19 11:55:01 | Accenture Acquires Research and Consulting Firm Deja vu Security (lien direct) | Professional services company Accenture this week announced the acquisition of Deja vu Security, a provider of security research and consulting to premier technology firms. | |||
|
2019-06-19 11:33:04 | AMCA Files for Bankruptcy Following Data Breach (lien direct) | Retrieval-Masters Creditors Bureau, the company that operates healthcare billing services provider American Medical Collection Agency (AMCA), has filed for Chapter 11 bankruptcy due to a recent data breach affecting millions of individuals. | Data Breach | ||
|
2019-06-19 08:54:04 | Oracle Patches Another Remote Code Execution Flaw in WebLogic (lien direct) | Oracle on Tuesday announced that it has released emergency patches for a critical remote code execution vulnerability affecting WebLogic Server, a Java EE application server that is part of the company's Fusion Middleware offering. | Vulnerability | ||
|
2019-06-19 05:54:01 | Firefox Zero-Day Vulnerability Exploited in Targeted Attacks (lien direct) | Updates released by Mozilla for its Firefox web browser on Tuesday patch a critical vulnerability that has been actively exploited in attacks. | Vulnerability | ||
|
2019-06-19 04:56:05 | Cloudflare Joins the League of Entropy (lien direct) | Internet security firm Cloudflare this week revealed its participation in “League of Entropy,” a worldwide effort of individuals and academic institutions to bring users a quorum of decentralized randomness beacons. | |||
|
2019-06-19 01:03:02 | Security Ratings Firm SecurityScorecard Raises $50 Million (lien direct) | SecurityScorecard, a provider of security ratings, said it has completed a $50 million Series D financing round led by Riverwood Capital, bringing the company's total funding to $110 million. | |||
|
2019-06-18 20:46:03 | France Seeks Hacker for Trial Over Death Following Prank (lien direct) | French prosecutors on Tuesday ordered infamous French-Israeli hacker Ulcan to stand trial over a telephone prank targeting the father of a French journalist who died soon after of a heart attack. | ★★★★ | ||
|
2019-06-18 20:36:02 | New Variant of the Houdini Worm Emerges (lien direct) | A new variant of the well-known Houdini Worm has been spotted in phishing attacks earlier this month, Cofense's security researchers report. | |||
|
2019-06-18 16:14:03 | London Gallery Chief Quits After Israel Spyware Report (lien direct) | The head of London's Serpentine Galleries, Yana Peel, resigned on Tuesday following a newspaper report about her links to a controversial Israeli spyware firm. The board of trustees of the contemporary art galleries announced "with a mix of gratitude and regret" that it has accepted Peel's resignation, adding that she would be "sorely missed". | |||
|
2019-06-18 15:54:01 | Free Cloudflare Tool Helps CAs Securely Issue Certificates (lien direct) | Internet performance and security firm Cloudflare on Tuesday announced the availability of a free API designed to help certificate authorities (CAs) securly issue certificates by ensuring that malicious actors cannot complete the domain control validation process via BGP hijacking and DNS spoofing attacks. | Tool | ||
|
2019-06-18 15:19:01 | Modular Backdoor Can Spread Over Local Network (lien direct) | A recently discovered backdoor can spread itself over a local network, in addition to allowing attackers to install additional malware onto compromised machines. | Malware | ||
|
2019-06-18 14:23:05 | Critical Flaw Exposes TP-Link Wi-Fi Extenders to Remote Attacks (lien direct) | A critical remote code execution vulnerability discovered by an IBM X-Force researcher allows an unauthenticated attacker to take complete control of some TP-Link Wi-Fi extenders. Firmware updates that should patch the flaw have been made available by the vendor. | Vulnerability | ||
|
2019-06-17 20:14:00 | Mirai Offspring "Echobot" Uses 26 Different Exploits (lien direct) | A recently discovered variant of the Mirai Internet of Things (IoT) malware uses a total of 26 different exploits for the infection phase, Akamai reports. | Malware | ||
|
2019-06-17 19:58:03 | Android Apps Target Bitcoin, By-Passing 2FA (lien direct) | Last week researchers reported on apps abusing the Android push notifications feature to deliver spam. Now other researchers have described apps using a similar but more advanced approach to by-pass two-factor authentication. | |||
|
2019-06-17 18:24:00 | Researcher Scrapes and Posts 7 Million Venmo Transactions (lien direct) | Venmo is a peer-to-peer mobile app designed to make it easy to send and receive payments from friends. It is owned by PayPal -- and it is no stranger to security issues. | |||
|
2019-06-17 18:07:04 | DHS Issues Alert for Windows \'BlueKeep\' Vulnerability (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and CVE-2019-0708. | Vulnerability | ||
|
2019-06-17 17:32:05 | (Déjà vu) Decryptor Released for Latest GandCrab Ransomware Variants (lien direct) | A free decryption tool is now available for the victims of the latest variants of the GandCrab ransomware. | Ransomware Tool | ||
|
2019-06-17 17:25:03 | Push Technology Used in Mobile Attacks (lien direct) | Researchers have detected an Android trojan that abuses the web push technology. In its benign use, web push is used by legitimate websites -- such as news sites -- to send out new event notifications. The less benign use is to employ the technology to send out what amounts to phishing notifications. | |||
|
2019-06-17 14:19:00 | Federal Agencies Still Using Knowledge-Based Identity Verification (lien direct) | Some U.S. government agencies still rely on knowledge-based identity verification despite the fact that this system has been easy to beat following the massive data breaches suffered by the Office of Personnel Management (OPM) and Equifax | Equifax | ||
|
2019-06-17 13:05:02 | Investigation and Response is a Team Sport (lien direct) | I've talked before about how we have the tools and technologies to make the intelligent SOC a reality. It's a welcomed development given the global cybersecurity skills shortage of three million and growing. | |||
|
2019-06-17 08:54:04 | U.S. Planted Powerful Malware in Russia\'s Power Grid: Report (lien direct) | The New York Times reported over the weekend that the United States planted potentially destructive malware in Russia's electric power grid, but President Donald Trump has denied the claims. | Malware | ||
|
2019-06-15 04:54:02 | Hackers Target Recent Vulnerability in Exim Mail Server (lien direct) | Cybercriminals are already targeting a recently disclosed vulnerability in the open-source Exim mail server, Cybereason reports. | Vulnerability | ||
|
2019-06-14 15:05:02 | French Authorities Release Free Decryptor for PyLocky Ransomware (lien direct) | The French Ministry of Interior has released a free decryption tool for the PyLocky ransomware to help victims recover their data. | Ransomware Tool | ||
|
2019-06-14 14:16:02 | Vulnerabilities Expose BD Infusion Therapy Devices to Attacks (lien direct) | CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD. | |||
|
2019-06-14 13:47:01 | Vulnerabilities in Thunderbird Email Client Allow Code Execution (lien direct) | Security updates released by Mozilla this week for the Thunderbird email client address vulnerabilities that could be exploited to execute arbitrary code on impacted systems. | |||
|
2019-06-14 13:29:01 | Canadian City Loses $500,000 to Phishing Attack (lien direct) | The City of Burlington, Ontario, revealed Thursday that it fell prey to "a complex phishing email" that cost the City CAD $503,000 (around USD $375,000). Few details have yet been released. | |||
|
2019-06-14 11:43:02 | Hackers Behind \'Triton\' Malware Target Electric Utilities in US, APAC (lien direct) | Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting - in addition to oil and gas organizations - electric utilities in the United States and the Asia-Pacific (APAC) region. | Malware Threat | ||
|
2019-06-14 11:27:00 | Another World Password Day Has Passed and Little Has Changed (lien direct) | Six weeks ago, we celebrated World Password Day. Yet, unfortunately, not much has changed since last year. Cyber breaches are bigger and worse than ever. Hardly a week goes by without headlines about some new devastating cyber-attack. In fact, a CyberEdge report (PDF) found that a stunning 77 percent of surveyed organizations had suffered a breach over the past year. | |||
|
2019-06-14 10:41:00 | New API Changes How Ad Blockers Work in Chrome (lien direct) | Google this week announced the introduction of a new API that effectively changes the manner in which ad blockers work in Chrome. | |||
|
2019-06-14 08:41:00 | Amid Privacy Firestorm, Facebook Curbs Research Tool (lien direct) | Facebook has curbed access to a controversial feature allowing searches of the vast content within the social network -- a tool which raised privacy concerns but was also used for research and investigative journalism. | Tool | ||
|
2019-06-14 05:46:05 | Yubico Replacing YubiKey FIPS Devices Due to Security Issue (lien direct) | Yubico is in the process of replacing YubiKey FIPS (Federal Information Processing Standards) security keys following the discovery of a potentially serious cryptography-related issue that can cause RSA keys and ECDSA signatures generated on these devices to have reduced strength. | |||
|
2019-06-13 19:36:05 | New Malware Lays P2P Network on Top of IPFS\' (lien direct) | A newly discovered piece of malware uses a peer-to-peer (p2p) network on top of InterPlanetary File System's (IPFS) p2p network, Anomali's security researchers report. | Malware | ||
|
2019-06-13 19:17:00 | The Active Cyber Defense Bill is Back on the Table (lien direct) | Rep. Tom Graves, R-Ga., is reintroducing his Active Cyber Defense Bill today. He first floated the idea in March 2017, and published an updated version in May 2017. It was then, and is now, being described as the 'hacking back' bill. |
To see everything:
