Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-04-15 15:14:01 |
Hackers could read non-corporate Outlook.com, Hotmail for six months (lien direct) |
Hackers and Microsoft seem to disagree on key details of the hack. |
|
|
|
|
2019-04-03 15:41:00 |
To catch a drug thief, hospital secretly recorded births, women\'s surgeries (lien direct) |
81 women claim their privacy was violated as hospital tried to trap a drug thief. |
|
|
|
|
2019-04-03 00:30:00 |
Woman from China, with malware in tow, illegally entered Trump\'s Mar-a-Lago (lien direct) |
Event raises serious questions about security practices of the US Secret Service. |
Malware
|
|
|
|
2019-03-26 19:03:00 |
How Microsoft found a Huawei driver that opened systems to attack (lien direct) |
Monitoring systems were looking for attacks using technique popularized by the NSA. |
|
|
|
|
2019-03-21 15:57:05 |
Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender (lien direct) |
Microsoft is expanding the reach of its device management services. |
|
|
|
|
2019-03-18 18:36:05 |
Google, Microsoft work together for a year to figure out new type of Windows flaw (lien direct) |
Researcher finds building blocks for privilege escalation: Can they be assembled to create a flaw? |
|
|
|
|
2019-03-15 16:43:01 |
Epic says its Game Store is not spying on you (lien direct) |
But Sweeney says it will stop accessing Steam friends lists without permission. |
|
|
|
|
2019-03-09 18:36:05 |
An email marketing company left 809 million records exposed online (lien direct) |
150GB database included mortgage amounts, info on credit ratings. |
|
|
|
|
2019-03-01 14:00:01 |
The rise of tech-worker activism (lien direct) |
Video: Leigh Honeywell created Never Again pledge and a company devoted to tech-worker safety. |
|
|
|
|
2019-02-28 17:21:02 |
Microsoft\'s latest security service uses human intelligence, not artificial (lien direct) |
Computers are good at processing vast amounts of data, but humans still have their uses. |
|
|
|
|
2019-02-23 17:30:01 |
Google: Software is never going to be able to fix Spectre-type bugs (lien direct) |
Researchers also devise a Spectre-like attack with no known mitigation. |
|
|
|
|
2019-02-19 17:10:02 |
Mandatory update coming to Windows 7, 2008 to kill off weak update hashes (lien direct) |
Microsoft is phasing out SHA-1 hashes on its patches. |
|
|
|
|
2019-02-12 20:54:03 |
Researchers use Intel SGX to put malware beyond the reach of antivirus software (lien direct) |
Processor protects malware from attempts to inspect and analyze it. |
Malware
|
|
|
|
2019-02-06 21:31:01 |
Windows 7 Extended Security Updates will double in price each year (lien direct) |
Three years of updates will be available. |
|
|
|
|
2019-01-17 18:38:05 |
Windows 10 October 2018 Update is at last being pushed automatically (lien direct) |
The update is still rolling out at a snail's pace. |
|
|
|
|
2019-01-14 18:50:00 |
Windows 7 enters its final year of free support (lien direct) |
Up to three years of paid support will be available after the cut-off. |
|
|
|
|
2019-01-04 21:43:04 |
Latest Windows 10 build makes setup quieter, passwords optional (lien direct) |
Though as ever, Home users are special. |
|
|
|
|
2019-01-03 18:08:02 |
Bay Area: Join us 1/9 to talk about personal data security in 2019 (lien direct) |
Researcher Ashkan Soltani will discuss what happens when companies sell your data. |
|
|
|
|
2018-12-10 17:03:04 |
Cryptography failure leads to easy hacking for PlayStation Classic (lien direct) |
Plug-and-play hardware lacks even basic functional security for crucial bootrom. |
|
|
|
|
2018-11-30 18:32:00 |
Marriott breach leaves 500 million exposed with passport, card numbers stolen (lien direct) |
Motivations of hackers are unclear, but proprietary Wi-Fi may have been a target. |
|
|
|
|
2018-11-20 17:19:03 |
Now it\'s Office\'s turn to have a load of patches pulled (lien direct) |
Two patches pulled altogether; another is known to cause crashes but should be used anyway. |
|
|
|
|
2018-11-14 01:50:05 |
Spectre, Meltdown researchers unveil 7 more speculative execution attacks (lien direct) |
Systemic analysis reveals a range of new issues, and a need for new mitigations. |
|
|
|
|
2018-11-13 18:21:00 |
Windows 10 October 2018 Update is back, this time without deleting your data (lien direct) |
Microsoft is opening up about some of its testing procedures, too. |
|
|
|
|
2018-10-24 15:50:02 |
Another Windows 0-day flaw has been published on Twitter (lien direct) |
And on GitHub there's a proof-of-concept that'll render your system unbootable. |
|
|
|
|
2018-10-24 13:10:03 |
How to make elections secure in the age of digital operatives (lien direct) |
Former Facebook CSO Alex Stamos tells us what he learned in 2016, and what comes next. |
|
|
|
|
2018-10-17 17:52:02 |
Meet Helm, the startup taking on Gmail with a server that runs in your home (lien direct) |
Fee-based service couples the security of a private server with the reliability of the cloud. |
|
|
|
|
2018-10-16 22:00:03 |
Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0 (lien direct) |
Almost everyone has now migrated to TLS 1.2, and a few have moved to TLS 1.3. |
|
|
|
|
2018-10-16 00:42:03 |
Already facing an uphill misinformation fight, Facebook loses to scammers, too (lien direct) |
Facebook's focus on misinformation is leaving an opening for another type of scam. |
|
|
|
|
2018-10-08 18:25:01 |
Apple to Congress: Chinese spy-chip story is “simply wrong” (lien direct) |
"Our internal investigations directly contradict every consequential assertion." |
|
|
|
|
2018-10-04 16:08:05 |
Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips (lien direct) |
Super Micro, Amazon, and Apple deny everything in the report. |
|
|
|
|
2018-10-02 17:10:04 |
Google taking new steps to prevent malicious Chrome extensions (lien direct) |
Company plans stricter rules for developers, and greater control for users. |
|
|
|
|
2018-09-27 21:26:01 |
Google backtracks-a bit-on controversial Chrome sign-in feature (lien direct) |
Privacy-conscious users were unhappy at being signed in to browser without consent. |
|
|
★★★★
|
|
2018-09-24 13:00:00 |
Microsoft offers completely passwordless authentication for online apps (lien direct) |
Phone-based authentication is the way forward instead. |
|
|
|
|
2018-09-13 20:26:00 |
New modification of the old cold boot attack leaves most systems vulnerable (lien direct) |
The defenses put in place to thwart the 2008 attack turn out to be very weak. |
|
|
|
|
2018-09-12 08:30:03 |
Georgia says switching back to all-paper voting is logistically impossible (lien direct) |
In Curling v. Kemp, both sides are set to duke it out in court on Wednesday. |
|
|
|
|
2018-09-06 15:55:00 |
Windows 10 support extended again: September releases now get 30 months (lien direct) |
And Microsoft is offering enterprises dedicated app compatibility support. |
|
|
|
|
2018-09-05 14:04:00 |
Google wants to get rid of URLs but doesn\'t know what to use instead (lien direct) |
Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible. |
|
|
|
|
2018-08-29 16:18:03 |
Microsoft obliquely acknowledges Windows 0-day bug published on Twitter (lien direct) |
Flaw allows a local user to obtain System privileges. |
|
|
|
|
2018-08-27 13:00:05 |
The adventures of lab ED011-“Nobody would be able to duplicate what happened there” (lien direct) |
One Romanian campus computer lab both pentested the world and eventually helped protect it. |
|
|
|
|
2018-08-21 17:26:00 |
Chrome 69 will take the next step to killing Flash, roll out new design (lien direct) |
Flash will have to be enabled every time a site tries to use it. |
|
|
|
|
2018-08-14 19:18:03 |
Intel\'s SGX blown wide open by, you guessed it, a speculative execution attack (lien direct) |
Speculative execution attacks truly are the gift that keeps on giving. |
|
|
|
|
2018-08-09 17:08:00 |
Windows 10 to get disposable sandboxes for dodgy apps (lien direct) |
Apps will be run in a virtual machine that's discarded after use. |
|
|
|
|
2018-08-02 22:08:02 |
Heads-up: 2FA provider Duo Security to be acquired by Cisco (ugh) (lien direct) |
Both companies insist nothing will change, but this former Cisco customer has doubts. |
|
|
|
|
2018-07-26 21:40:03 |
New Spectre attack enables secrets to be leaked over a network (lien direct) |
It's no longer necessary to run attacker code on the victim system. |
|
|
|
|
2018-07-12 22:06:00 |
Microsoft offers extended support for Windows, SQL 2008-but with a catch (lien direct) |
An extra three years of patches are being offered to in-cloud users. |
|
|
|
|
2018-07-10 21:00:01 |
New Spectre-like attack uses speculative execution to overflow buffers (lien direct) |
Research is continuing to find new attack vectors. |
|
|
|
|
2018-06-25 22:18:00 |
Hyperthreading under scrutiny with new TLBleed crypto key leak (lien direct) |
A new attack prompted OpenBSD's developers to disable hyperthreading by default. |
|
|
|
|
2018-06-05 00:10:00 |
A host of new security enhancements is coming to iOS and macOS (lien direct) |
Coming: FaceTime encryption, protected cam access, and, possibly, USB Restricted Mode. |
|
|
|
|
2018-05-22 16:24:00 |
New speculative-execution vulnerability strikes AMD, ARM, and Intel (lien direct) |
Fortunately, existing fixes should provide the protection we need. |
|
|
|
|
2018-05-17 18:46:04 |
As the Web moves toward HTTPS by default, Chrome will remove “secure” indicator (lien direct) |
The browser is changing to flag the things that are dangerous, not the ones that are safe. |
|
|
|