What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-09-14 00:15:00 | Upcoming Windows 10 Will Show Popup Dialogs for Individual App Permissions (lien direct) | The next major update of the Windows 10 operating system — codenamed the Fall Creators Update (FCU) — will receive new privacy controls, including popup dialogs that warn users about features an app is about to use. [...] | |||
|
2017-09-13 18:00:00 | Windows 10 Insider Build 16362 for Skip Ahead Insiders Improves on the Boot Experience (lien direct) | Today Microsoft released Insider Preview Build 16362 for PC to only insiders on the fast ring who have opted to skip ahead. This build brings improvements to the boot experience, narrator, Edge, gaming, input, and the Windows Shell. [...] | |||
|
2017-09-13 16:42:52 | US Officially Bans Kaspersky Products From Government Systems (lien direct) | In a Binding Operational Directive published today by the Department of Homeland Security (DHS), the US government has banned the use of Kaspersky Lab security software on government computers. [...] | |||
|
2017-09-13 12:38:10 | Exploit Broker Zerodium Offers $1 Million for Tor Browser Zero-Days (lien direct) | Zerodium, a company that buys exploits to sell to government agencies, is offering up to $1 million for zero-days affecting the Tor Browser. [...] | |||
|
2017-09-13 10:45:27 | Backdoor Found in WordPress Plugin With More Than 200,000 Installations (lien direct) | For the past two and a half months, a WordPress plugin named Display Widgets has been used to install a backdoor on WordPress sites across the Internet. [...] | |||
|
2017-09-13 06:20:16 | Second Researcher Drops Router Exploit Code After D-Link Mishandles Bug Reports (lien direct) | Embedi, a hardware security firm, has published details about two vulnerabilities that have yet to be patched in the firmware of D-Link routers. This marks the second incident of this sort in the last five days. [...] | |||
|
2017-09-13 01:10:00 | RouteX Malware Uses Netgear Routers for Credential Stuffing Attacks (lien direct) | A Russian-speaking hacker has been infecting Netgear routers over the past months with a new strain of malware named RouteX that he uses to turn infected devices into SOCKS proxies and carry out credential stuffing attacks. [...] | |||
|
2017-09-12 20:00:00 | Over 4,000 ElasticSearch Servers Found Hosting PoS Malware Files (lien direct) | The Kromtech Security Center has identified over 4,000 instances of ElasticSearch servers that are hosting files specific to two strains of POS (Point of Sale) malware — AlinaPOS and JackPOS. [...] | |||
|
2017-09-12 16:30:08 | Apple iPhone X Unveiled: Goodbye Home Button. Hello Face ID (lien direct) | Today at Apple's annual press conference, Apple unveiled the iPhone X, iPhone 8, Apple Watch Series 3, and Apple TV 4k. Let's take a look at the new features unveiled in these products. [...] | |||
|
2017-09-12 14:25:10 | Microsoft September Patch Tuesday Fixes 82 Security Issues, Including a Zero-Day (lien direct) | Moments ago, Microsoft published the September 2017 Patch Tuesday, and this month the OS maker fixed 82 security bugs. Among the patches, there is one zero-day vulnerability exploited in the wild and three bugs whose details became public but have yet to be exploited in attacks. [...] | |||
|
2017-09-12 11:18:40 | Adobe Patches Security Bugs in Flash Player, ColdFusion, RoboHelp (lien direct) | Adobe just released its monthly security updates and this month the company patched vulnerabilities in three products — Adobe Flash Player, Adobe ColdFusion, and Adobe RoboHelp, the company's lesser known help authoring tool (HAT), used for the creation of online or offline documentation and help files. [...] | |||
|
2017-09-12 09:00:00 | BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices (lien direct) | Security researchers have discovered seven vulnerabilities — codenamed collectively as BlueBorne — in the Bluetooth implementations used by over 5.3 billion devices. [...] | |||
|
2017-09-12 08:33:57 | Over 1.65 Million Computers Infected With Cryptocurrency Miners in 2017 So Far (lien direct) | Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints. [...] | |||
|
2017-09-12 05:41:59 | Bashware: Malware Can Abuse Windows 10\'s Linux Shell to Bypass Security Software (lien direct) | Bashware is the name of a new technique that allows malware to use a new Windows 10 feature called Subsystem for Linux (WSL) to bypass security software installed on an endpoint. [...] | |||
|
2017-09-11 20:00:00 | Comodo Caught Breaking New CAA Standard One Day After It Went Into Effect (lien direct) | One day after the CAA (Certificate Authority Authorization) standard became obligatory on September 8, a German security researcher caught Comodo breaking the rules and issuing an SSL certificate it was not supposed to issue. [...] | ★★★★ | ||
|
2017-09-11 18:30:00 | Apache Struts Vulnerabilities May Affect Many of Cisco\'s Products (lien direct) | Cisco has initiated a mass security audit of all its products that incorporate a version of the Apache Struts framework, recently affected by a series of vulnerabilities, one of which is under active exploitation. [...] | |||
|
2017-09-11 17:34:54 | Paradise Ransomware Uses RSA Encryption to Encrypt Your Files (lien direct) | Today, a victim of a new ransomware called Paradise posted in our forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS), I thought I would provide a brief analysis of how this ransomware works. [...] | |||
|
2017-09-11 14:45:19 | Google Accused of Trying to Patent Public Domain Technology (lien direct) | A Polish academic is accusing Google of trying to patent technology he invented and that he purposely released into the public domain so companies like Google couldn't trap it inside restrictive licenses. [...] | |||
|
2017-09-11 09:03:44 | Intra-Library Collusion Attacks Open the Door for a Whole New Kind of Android Malware (lien direct) | A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that could make identifying Android malware much harder in the upcoming future. [...] | |||
|
2017-09-11 06:56:50 | Admin Accounts With No Passwords at the Heart of Recent MongoDB Ransom Attacks (lien direct) | The recent wave of ransom attacks on MongoDB databases happened because database owners forgot to set passwords on their administrator accounts, according to Davi Ottenheimer, Senior Director of Product Security at MongoDB, Inc. [...] | |||
|
2017-09-11 04:22:03 | Bitcoin Price Takes a Tumble Amid Rumors of China Banning Cryptocurrency Trading (lien direct) | Bitcoin price took a huge fall on Friday after Caixin, a Chinese financial magazine, reported that Chinese Central Bank officials are working on rules to ban the trading of Bitcoin and all other cryptocurrencies on Chinese exchanges. [...] | |||
|
2017-09-10 02:05:41 | Google Chrome Will Soon Warn You of Software That Performs MitM Attacks (lien direct) | Google Chrome 63 will include a new security feature that will detect when third-party software is performing a Man-in-the-Middle (MitM) attack that hijacks the user's Internet connection. [...] | |||
|
2017-09-09 13:08:30 | Researcher Publishes Details on Unpatched D-Link Router Flaws (lien direct) | South Korean security researcher Pierre Kim has published details about ten vulnerabilities he discovered in the firmware of D-Link DIR 850L routers. [...] | |||
|
2017-09-09 05:10:23 | Malware Group Uses Facebook CDN to Bypass Security Solutions (lien direct) | A malware group is using Facebook's CDN servers to store malicious files that it later uses to infect users with banking trojans. [...] | |||
|
2017-09-08 17:30:40 | Firefox 57 Will Hide Search Bar and Use a Uni-Bar Approach, Like Chrome (lien direct) | Mozilla will hide an iconic section of its UI — the search bar — and will use one singular input bar atop the browser, similar to the approach of most Chromium browsers. [...] | |||
|
2017-09-08 16:08:03 | The Week in Ransomware - September 8th 2017 - Locky and Small Releases (lien direct) | We have good news for once, which is a really slow week when it comes to ransomware. While we still had our share of smaller ransomware variants being release, overall there was not a lot of activity. The biggest activity is the continued by Locky distributors to become more widespread through the use of a variety of SPAM campaigns. [...] | |||
|
2017-09-08 06:02:56 | Android Oreo Bug Bypasses WiFi to Use Mobile Data and Incur Extra Costs (lien direct) | A bug discovered in the recently launched Android 8.0 Oreo spends users' mobile data allowance, even when the phone's mobile WiFi connection is enabled. [...] | |||
|
2017-09-08 04:40:00 | Highly Sensitive Details of 143 Million Users Stolen in Equifax Hack (lien direct) | Equifax — one of the largest providers of consumer credit reporting and other financial services in the US — said last night it was the victim of a hack during which attackers made off with details on over 143 million of its customers. [...] | Equifax | ||
|
2017-09-08 00:10:00 | European Union Considering Intrusive Upload Filter as "Link Tax" Alternative (lien direct) | A document leaked at the end of August reveal that Estonia — currently holding the EU Presidency — is pushing fellow member states to adopt more intrusive Internet content filtering rules, similar to the ones implemented in China. [...] | |||
|
2017-09-07 19:15:00 | Researchers Reveal New Toast Overlay Attack on Android Devices (lien direct) | Mobile security experts from Palo Alto Networks have detailed a new attack on Android devices that uses "Toast" notifications to help malware in obtaining admin rights or access to Android's Accessibility service — often used to take over users' smartphones. [...] | |||
|
2017-09-07 14:31:32 | Researchers Hack Voting Machines Used in German Elections (lien direct) | Voting machines used to tally and aggregate votes in multiple German states are vulnerable to a wide array of vulnerabilities that researchers say can be exploited to alter election results without too much effort. [...] | |||
|
2017-09-07 07:00:08 | Hackers Can Use Ultrasounds to Take Control of Alexa, Siri, Cortana, Others (lien direct) | Six scientists from Zhejiang University in China have discovered that they could use ultrasound frequencies — inaudible to human ears — to send commands to speech recognition software and take over devices such as smartphones, smart home assistants, or even cars. [...] | |||
|
2017-09-07 05:01:00 | 13-Year-Old Detained for Selling "Prank" Screen Locker (lien direct) | On Tuesday, police in Japan detained a 13-year-old boy from Osaka on charges of advertising and selling a mobile virus that blocked smartphone screens and prevented users from using their device. [...] | |||
|
2017-09-07 03:40:08 | Apple and Google Fix Browser Bug. Microsoft Does Not. (lien direct) | Microsoft has declined to patch a security bug Cisco Talos researchers discovered in the Edge browser, claiming the reported issue is by design. Apple and Google patched a similar flaw in Safari (CVE-2017-2419) and Chrome (CVE-2017-5033), respectively. [...] | |||
|
2017-09-07 02:25:00 | Bug in Windows Kernel Could Prevent Security Software From Identifying Malware (lien direct) | Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime. [...] | |||
|
2017-09-07 00:35:00 | CodeFork Group Uses Fileless Malware to Deploy Monero Miners (lien direct) | A group of experienced hackers — tracked under the name of CodeFork — have launched a new malware distribution campaign that uses advanced tools and new techniques to go undetected by security solutions. [...] | |||
|
2017-09-06 11:17:05 | Malware Author Uses Same Skype ID to Run IoT Botnet and Apply for Jobs (lien direct) | In one of the most epic fails of epic fails, a malware dev used the same Skype ID to advertise his IoT botnet, but also to apply for jobs on freelancing portals. [...] | |||
|
2017-09-06 07:43:54 | Sabotage Warning Issued on Hackers Hiding Deep Inside Energy Sector (lien direct) | US cyber-security firm Symantec has issued a warning today against a group of nation-state hackers that have managed to infiltrate several US and European energy firms, and are now in the dangerous position of sabotaging critical infrastructure if they wished to. [...] | |||
|
2017-09-06 06:09:01 | UK\'s Facial Recognition System Dumber Than a Box of Rocks, Privacy Group Argues (lien direct) | A real-time facial recognition software tested by London Metropolitan Police at this year's Notting Hill Carnival was labeled as a "resounding success" by police officers, but privacy groups members who were invited to view it in action called it "inaccurate and painfully crude." [...] | |||
|
2017-09-06 03:13:17 | Lenovo Gets a Slap on the Wrist for Superfish Adware Scandal (lien direct) | Lenovo has settled charges with the FTC and 32 state attorneys for shipping laptops preinstalled with the Superfish adware back in 2014 and 2015. [...] | |||
|
2017-09-05 19:02:00 | Last Windows Server Insider Build Released Before Ignite Conference (lien direct) | Today Microsoft released Windows Server Insider Preview Build 16278 to Windows Insiders. This build is the last Server build that will be released before the Ignite conference at the end of September, where the official Windows Server Version 1709 will be released. While there are no new features released as part of this build. [...] | |||
|
2017-09-05 17:30:00 | Google Chrome 61 Released for Linux, Mac, and Windows (lien direct) | Today Google launched version 61 of the Chrome browser for Windows, Mac, and Linux. With this release, we have 21 security updates, numerous improvements and bug fixes, and three APIs that allow developers to further enhance their sites and apps. [...] | |||
|
2017-09-05 16:00:35 | SynAck Ransomware Sees Huge Spike in Activity (lien direct) | Over the past two days, there was an increase in activity from a relatively unknown ransomware strain named SynAck, according to submissions to the ID-Ransomware service and users who complained on the Bleeping Computer ransomware support forums. [...] | |||
|
2017-09-05 10:56:20 | Companies Must Tell Employees When Monitoring Their PC Activity, EU Court Rules (lien direct) | EU companies must notify employees in advance if they plan to monitor work accounts, the European Court of Human Rights ruled this week. [...] | |||
|
2017-09-05 08:40:29 | TrustZone Downgrade Attack Opens Android Devices to Old Vulnerabilities (lien direct) | An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system. [...] | |||
|
2017-09-05 02:35:35 | Opera and Vivaldi Founder Believes Google Should Be Regulated (lien direct) | Jon von Tetzchner, the founder of both Opera and Vivaldi, believes that Google has gotten too big and "is now in a position where regulation is needed." [...] | |||
|
2017-09-05 00:30:00 | Chinese Man Sentenced to Nine Months in Prison for Selling VPN Software (lien direct) | Chinese authorities have sentenced a young man to nine months in prison for setting up a website for selling VPN software to Chinese users. [...] | |||
|
2017-09-04 15:57:02 | YouTube-MP3.Org Will Shut Down Following RIAA Lawsuit (lien direct) | YouTube-MP3.org — the largest YouTube ripping service on the Internet — has agreed to shut down permanently as part of a settlement it reached with the Recording Industry Association of America (RIAA) in a lawsuit the organization filed last year. [...] | |||
|
2017-09-04 13:30:10 | Six-Year-Old "Loop Bug" Re-Discovered to Affect Almost All Major PDF Viewers (lien direct) | A bug discovered in an obscure PDF parsing library back in 2011 is also present in most of today's top PDF viewers, according to German software developer Hanno Böck. [...] | |||
|
2017-09-04 06:34:04 | Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims (lien direct) | Ransom attacks on MongoDB databases rekindled last week and over the weekend with the emergence of three new groups that hijacked over 26,000 servers, with one group hijacking 22,000. [...] |
To see everything:
Our RSS (filtrered)
