What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-19 18:21:01 | Cloudflare Launches New HTTPS Interception Detection Tools (lien direct) | Security services provider Cloudflare on Monday announced the release of two new tools related to HTTPS interception detection. | |||
|
2019-03-19 17:53:01 | (Déjà vu) Mobile App Security Firm Blue Cedar Raises $17 Million (lien direct) | Blue Cedar, a San Francisco-based company that specializes in securing mobile applications, on Tuesday announced that it raised $17 million in a Series B funding round. | |||
|
2019-03-19 16:26:00 | Microsoft Dominates 2018\'s Most Exploited Vulnerabilities (lien direct) | Eight of the top ten most exploited vulnerabilities in 2018 affected Microsoft products. Only one -- but the second most exploited -- was an Adobe vulnerability. The last one, ranking at the ninth most exploited vulnerability of 2018, was an Android vulnerability. | Vulnerability | ||
|
2019-03-19 16:11:00 | Researcher Finds Novel Bug Class in Windows Kernel (lien direct) | A security researcher working with Google Project Zero has discovered a novel bug class that impacts Windows and some of its drivers. | |||
|
2019-03-19 15:53:05 | Aluminum Giant Norsk Hydro Hit by Ransomware (lien direct) | Norwegian metals and energy giant Norsk Hydro, one of the world's biggest aluminum producers, has been hit by a ransomware attack that has impacted operations, forcing the company to resort to manual processes. | Ransomware | ★★ | |
|
2019-03-19 12:22:04 | Norway\'s Norsk Hydro Hit by \'Extensive\' Cyberattack (lien direct) | One of the world's biggest aluminium producers, Norway's Norsk Hydro, said Tuesday it had been hit by a cyber-attack of unknown origin. "Hydro became victim of an extensive cyberattack in the early hours of Tuesday, impacting operations in several of the company's business areas," the energy group said in a statement. | |||
|
2019-03-19 10:40:03 | From Traffic Cop to Fleet Manager, DLP Evolves Beyond the Perimeter (lien direct) | Perimeter-based DLP Enforcement Has Increasingly Taken a Backseat to Host-based Implementations | |||
|
2019-03-15 18:55:02 | Google Took Down 2.3 Billion Bad Ads in 2018 (lien direct) | Google this week revealed that it took down 2.3 billion bad ads last year, including 58.8 million phishing ads. The ads were taken down for violations of both new and existing policies, and the Internet company said it faced challenges in areas where online advertising was used to scam or defraud users offline. | |||
|
2019-03-15 18:42:04 | E-Commerce Company Gearbest Leaked User Information (lien direct) | Chinese e-commerce company Gearbest has failed to properly secure some of its databases, thus leaking users' personally identifiable information (PII), VPNMentor's researchers have discovered. Gearbest has downplayed the impact of the incident, which it has blamed on an error made by a member of its security team. | |||
|
2019-03-15 17:35:04 | China Does Not Ask Firms to Spy on Others: Premier (lien direct) | China will "never" ask its firms to spy on other nations, Premier Li Keqiang said Friday, amid US warnings that Chinese telecommunications behemoth Huawei poses security risks. | |||
|
2019-03-15 15:50:03 | Hackers Bypass MFA on Cloud Accounts via IMAP Protocol (lien direct) | Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports. | Threat | ||
|
2019-03-15 15:48:00 | Uncovering the Data Security Triad (lien direct) | Data Must be Protected as it Exists at All Points in the Processing Lifecycle | |||
|
2019-03-15 15:18:04 | Recently Patched WinRAR Flaw Exploited in APT Attacks (lien direct) | A recently patched WinRAR vulnerability has been exploited by several threat groups, including advanced persistent threat (APT) actors. | Threat | ||
|
2019-03-15 13:35:05 | G Suite Admins Can Now Disable Phone 2-SV (lien direct) | Google is making G Suite accounts more secure by allowing administrators to remove phone-based 2-step verification (2-SV) from the available multi-factor verification options. | |||
|
2019-03-15 12:46:00 | Leading Israeli Candidate for PM Targeted by Iranian Hackers (lien direct) | 
|
|||
|
2019-03-15 07:05:05 | Details of Actively Exploited Windows Flaw Made Public (lien direct) | Researchers from Chinese cybersecurity firm Qihoo 360 have made public technical details that can be used to construct a proof-of-concept (PoC) exploit for CVE-2019-0808, a recently patched Windows vulnerability that has been involved in targeted attacks. | Vulnerability | ||
|
2019-03-15 06:06:04 | NATO Takes Huawei Security Concerns Seriously: Stoltenberg (lien direct) | Security concerns about the role of Huawei in Western 5G telecom infrastructure are to be taken seriously, the head of NATO said Thursday, as Washington steps up pressure on Europe not to use the Chinese firm. | |||
|
2019-03-14 16:49:04 | WordPress 5.1.1 Patches Remote Code Execution Vulnerability (lien direct) | WordPress this week addressed a vulnerability that could allow an unauthenticated attacker to execute code remotely and take over vulnerable websites. | Vulnerability | ||
|
2019-03-14 16:41:05 | Code Execution Flaw Found in Sonatype Nexus Repository Manager (lien direct) | A critical remote code execution vulnerability has been found and patched in Sonatype's Nexus Repository Manager (NXRM), a popular open-source tool that allows developers to manage software components. | Tool Vulnerability | ||
|
2019-03-14 15:00:04 | U.S. Senators Want Transparency on Senate Cyberattacks (lien direct) | U.S. Senators Ron Wyden and Tom Cotton believe all senators should receive information on successful cyberattacks aimed at the Senate. | |||
|
2019-03-14 13:50:02 | US Warns of Sophisticated Cyberattacks From Russia, China (lien direct) | Cyberattacks from Russia, China, North Korea and Iran are increasingly sophisticated and, until recently, were done with little concern for the consequences, the top Pentagon cyber leaders told a congressional committee on Wednesday. | Guideline | ||
|
2019-03-14 13:14:02 | Default Account in Cisco CSPC Allows Unauthorized Access (lien direct) | Cisco on Wednesday informed customers that updates released for its Cisco Common Services Platform Collector (CSPC) software address a critical vulnerability. | |||
|
2019-03-14 09:05:01 | Many Security Apps on Google Play Inefficient, Fake: Study (lien direct) | Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake. | |||
|
2019-03-14 01:08:01 | Facebook Faces Criminal Probe of Data Deals: Report (lien direct) | US prosecutors have launched a criminal investigation into Facebook's practice of sharing users' data with companies without letting the social network's members know, The New York Times reported on Wednesday. | |||
|
2019-03-14 00:16:05 | Multiple Security Flaws Discovered in Visitor Management Systems (lien direct) | Vulnerabilities discovered by IBM security researchers in five different visitor management systems could be abused for data exfiltration or for access to the underlying machines. | |||
|
2019-03-13 17:13:02 | Serious Crypto Flaw Affects Swiss, Australian E-Voting Systems (lien direct) | 
|
|||
|
2019-03-13 13:55:00 | GDPR - Improving Data Privacy and Cyber Resilience? (lien direct) | GDPR's Policy Enforcement Will Likely be Tested on a Broad Scale in 2019 | |||
|
2019-03-13 13:35:03 | IoT Security Meets Healthcare: What You Need to Know (lien direct) | Much like smart devices have infiltrated and helped spaces like industrial operations and the enterprise, IoT has taken hold in healthcare. The Internet of Medical Things (IoMT) - networked medical devices and applications in healthcare IT - has forever changed the future strategies for healthcare organizations and the space as a whole. It's added an entirely new layer of possible benefits affecting diagnostics, treatments and general patient health management while lowering cost in the process. | |||
|
2019-03-13 12:41:03 | Trust and Reputation in the Digital Era (lien direct) | As it's been said, we're trying to have a civilization here. So, what is the foundation of a society? Is it the economy? Personal relationships? Employment? Institutions like a legal system or a free press? | |||
|
2019-03-13 10:05:04 | Windows Zero-Day Exploited by FruityArmor, SandCat Threat Groups (lien direct) | One of the zero-day vulnerabilities patched this week by Microsoft has been exploited in targeted attacks by several threats groups, including the ones known as FruityArmor and SandCat, Kaspersky Lab revealed on Wednesday. | Threat | ||
|
2019-03-13 06:21:01 | Venezuelan \'Cyber-Attack\' Possible But Unlikely, Experts Say (lien direct) | Venezuelan President Nicolas Maduro's government has accused the United States of "cyber sabotage" to knock out the country's central hydroelectric complex and leave the nation largely without electricity since Thursday afternoon. | |||
|
2019-03-13 06:12:05 | Cloudflare Raises $150 Million (lien direct) | California-based internet performance and security firm Cloudflare on Tuesday announced that it raised $150 million in a new funding round led by Franklin Templeton. | |||
|
2019-03-13 01:24:01 | New Variant of Ursnif Targeting Japan (lien direct) | A new variant of the Ursnif trojan has been discovered targeting Japan since the beginning of 2019. Japan is a common target for Ursnif, but the latest version, delivered by Bebloh, goes to increased lengths to ensure that the victim is indeed Japanese. | |||
|
2019-03-12 19:20:02 | Microsoft Patches Two Windows Flaws Exploited in Targeted Attacks (lien direct) | Microsoft's Patch Tuesday updates for March 2019 address over 60 vulnerabilities, including two Windows zero-day flaws that have been exploited in targeted attacks. | |||
|
2019-03-12 18:44:03 | F5 Networks to Acquire NGINX for $670 Million (lien direct) | Cloud and application security provider F5 Networks is acquiring NGINX, a provider of technologies for application development and delivery, for approximately $670 million. | |||
|
2019-03-12 16:45:00 | Senators Reintroduce IoT Cybersecurity Improvement Bill (lien direct) | Four U.S. senators backed by two House representatives and several major tech companies this week reintroduced a bill whose goal is to improve the security of Internet of Things (IoT) devices. | |||
|
2019-03-12 15:33:05 | Germany to Consult US Over Huawei Security Fears: Merkel (lien direct) | German Chancellor Angela Merkel said Tuesday Berlin would consult Washington over using technology made by China's Huawei in future mobile phone networks, following reports of US threats to reduce intelligence cooperation. | |||
|
2019-03-12 14:31:01 | Box Enterprise Shared Links Leak Sensitive Information (lien direct) | Box enterprise shared links can leak sensitive information if access to them hasn't been restricted to relevant users only, Adversis security researchers warn. | |||
|
2019-03-12 14:20:05 | Ten Principles for a New Approach to Regulating the Internet (lien direct) | Elizabeth Warren wants to be the Democrat nominee in the 2020 presidential election. Last week she added a new promise to her manifesto: "It's time to break up Amazon, Google and Facebook," she announced. | |||
|
2019-03-12 13:36:02 | Pro-Brexit Twitter Manipulation Continues (lien direct) | The UK is in a momentous political week. Three separate parliamentary votes will decide the future of the UK and the EU for many years to come. They will decide between a hard Brexit (no deals, just leave), a delayed Brexit, and possibly no Brexit. Unusually in British politics, members of parliament have been very conscious of their electorate's opinion rather than just 'the party line'. In the run up t`o these three votes, public opinion still matters. | |||
|
2019-03-12 13:17:05 | Adobe Patches Flaws in Sandbox, Photoshop, Digital Editions (lien direct) | Adobe's Patch Tuesday updates for March 2019 address critical vulnerabilities discovered by researchers in the company's Photoshop CC and Digital Editions products. | |||
|
2019-03-12 10:06:03 | NASA\'s Cybersecurity Program Gets Failing Grade (lien direct) | The U.S. National Aeronautics and Space Administration (NASA) has again failed to implement an efficient cybersecurity program, according to a review by the NASA Office of Inspector General (OIG) for the fiscal year 2018. | |||
|
2019-03-11 20:38:02 | Georgia County Criticized Over $400K Ransomware Payment (lien direct) | Jackson County, Georgia is just a little over 60 miles from the City of Atlanta. In March 2018, Atlanta was struck by a major ransomware attack. In March 2019, Jackson County suffered its own ransomware attack. Both attacks were successful targeted attacks -- but that's about all they have in common. | Ransomware | ||
|
2019-03-11 16:31:00 | Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says (lien direct) | The massive Equifax data breach that impacted 148 million Americans in 2017 was the result of years of poor cybersecurity practices, a new Staff Report from the United States Senate's Permanent Subcommittee on Investigations reveals. | Data Breach | Equifax | |
|
2019-03-11 16:21:00 | GIF Attack on Facebook Messenger Earned Hacker $10,000 (lien direct) | A white hat hacker earned $10,000 from Facebook last year for finding a Messenger vulnerability that apparently could have been exploited to randomly obtain other users' images. | Vulnerability | ||
|
2019-03-11 16:14:05 | Research Firm Offers $3 Million for iOS, Android 0-Days (lien direct) | Vulnerability research firm Crowdfense has launched a new 0-day acquisition program and is promising payouts of up to $3 million for full-chain, previously unreported exploits. | |||
|
2019-03-11 15:29:03 | Mark Zuckerberg Describes a New Privacy-Centric Facebook (lien direct) | 2001 was not a good year for Microsoft. Its servers were ravaged by the Code Red and Nimda worms. In 2002, Bill Gates responded with his seminal 'security memo' to staff. He talked about security and trust -- that customers should be able to trust the security of Microsoft. Since then, Microsoft has made great strides on delivering this new secure model. | |||
|
2019-03-11 15:14:05 | Google Launches New Cloud Security Services (lien direct) | Google has introduced a new set of services to provide cloud customers with improved protection from unsafe websites, distributed denial of service (DDoS) attacks, and other threats. | |||
|
2019-03-11 14:10:04 | Many Vulnerabilities Discovered in Moxa Industrial Switches (lien direct) | Over a dozen vulnerabilities, including ones classified as critical, have been found by Positive Technologies researchers in EDS and IKS switches made by industrial networking solutions provider Moxa. The vendor has released patches and mitigations that should address the flaws. | |||
|
2019-03-11 07:13:05 | Attack on Software Giant Citrix Attributed to Iranian Hackers (lien direct) | Software giant Citrix on Friday revealed that its internal network had been breached and the attackers may have stolen business documents. |
To see everything:
