What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-09-20 18:56:04 | Embrace RPKI to Secure BGP Routing, Cloudflare Says (lien direct) | BGP (Border Gateway Protocol) routing isn't secure and organizations should embrace Resource Public Key Infrastructure (RPKI) to improve security, Cloudflare says. | |||
|
2018-09-20 18:46:00 | Cisco Patches Code Execution in Webex Player (lien direct) | Cisco this week addressed vulnerabilities in the Webex Network Recording Player for Advanced Recording Format (ARF) that could allow a remote attacker to execute arbitrary code on a targeted system. | |||
|
2018-09-20 16:38:04 | Rapid7 Adds Automation, Orchestration Capabilities to Insight Platform (lien direct) | Rapid7 announced on Thursday that its Insight Platform now features automation and orchestration capabilities through a new tool called InsightConnect. | Tool | ||
|
2018-09-20 13:16:02 | Mitigate Risk From Malicious and Accidental Insiders (lien direct) | When we hear the term “insider trading” most people think of the illegal practice of trading a public company's stock based on material, non‐public information. The image of Michael Milken, Ivan Boesky or Martha Stewart may come to mind. Yet there's a second face to insider trading: insiders that sell valuable data or privileged access via online forums and marketplaces to cybercriminals. | |||
|
2018-09-20 11:57:01 | FBI Warns of Cyber-Thieves Targeting Payroll Accounts (lien direct) | Cybercriminals are targeting the online payroll accounts of employees in a variety of industries to divert funds, the Federal Bureau of Investigation (FBI) warns. | |||
|
2018-09-20 10:40:01 | Japan Digital Currency Exchange Hacked, Losing $60 Million (lien direct) | TOKYO (AP) - Hackers have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies from a Japanese digital currency exchange, the operators said Thursday. | |||
|
2018-09-20 10:19:00 | China Arrests Suspect for Customer Data Leak at Accor Partner (lien direct) | Shanghai police have arrested a man in connection with a data leak at NASDAQ-listed Chinese hotelier Huazhu Group after the suspect failed to sell the information online. | |||
|
2018-09-20 07:47:05 | Department of Defense Releases New Cyber Strategy (lien direct) | The U.S. Department of Defense this week released its 2018 cyber strategy, which outlines how the organization plans on implementing the country's national security and defense strategies in cyberspace. | |||
|
2018-09-20 07:05:00 | Facebook Boosts Protections for Political Candidates (lien direct) | Facebook this week revealed new tools that are aimed to defend users associated with US political campaigns ahead of the 2018 midterm elections. | |||
|
2018-09-20 05:36:04 | Report Reveals Widespread Use of Pegasus Spyware (lien direct) | As part of a 2-year investigation into NSO Group's sophisticated Pegasus spyware, Citizen Lab has identified 45 countries where operators might be leveraging the malware to conduct surveillance operations. | Malware | ||
|
2018-09-20 04:25:00 | Card Data-Scraping Magecart Code Found on Newegg (lien direct) | North American tech-focused e-retailer Newegg appears to be the latest e-commerce website to have been found infected with the Magecart credit card data-scraping code. | ★★★★★ | ||
|
2018-09-20 03:59:01 | Lawmaker: US Senate, Staff Targeted by State-Backed Hackers (lien direct) | Foreign government hackers continue to target the personal email accounts of U.S. senators and their aides - and the Senate's security office has refused to defend them, a lawmaker says. | |||
|
2018-09-19 17:17:02 | Adobe Patches Code Execution, Other Flaws in Acrobat and Reader (lien direct) | Updates released on Wednesday by Adobe for the Windows and macOS versions of Acrobat and Reader address a total of 7 vulnerabilities, including a critical flaw that can allow arbitrary code execution. | ★★★ | ||
|
2018-09-19 16:29:01 | Patching Not Enough; Organizations Must Adopt Zero-Trust Practices: Report (lien direct) | Hackers Can Gain Network Access Via Social Engineering and Wait for New Zero-Day Exploits to Elevate Their Privilege | Patching | ||
|
2018-09-19 15:40:01 | NSA Leak Fuels Rise in Hacking for Crypto Mining: Report (lien direct) | Illicit cryptocurrency mining has been surging over the past year, in part due to a leaked software tool from the US National Security Agency, researchers said Wednesday. | Tool | ||
|
2018-09-19 15:13:00 | Click2Gov Attacks on U.S. Cities Attributed to Previously Unknown Group (lien direct) | A previously unknown financially motivated threat group is believed to be behind a series of attacks whose goal was to obtain payment card data from U.S. cities relying on Click2Gov software for utility bill payments. | Threat | ||
|
2018-09-19 13:22:04 | New Tool Helps G Suite Admins Uncover Security Threats (lien direct) | Google on Tuesday announced the general availability of a tool that helps G Suite customers identify security issues within their domains, and take action. | Tool | ||
|
2018-09-19 13:01:02 | Cloudflare Helps Boost DNSSEC Adoption as Key Rollover Nears (lien direct) | Cloudflare announced on Monday the introduction of a new feature that will allow some users to enable the Domain Name System Security Extensions (DNSSEC) protocol with the click of a button. | |||
|
2018-09-19 12:56:02 | Privacy Protection Means Encryption at the Application Layer (lien direct) | Comprehensive Data Security Measures Should Include a Formal Process for Application Security and Vulnerability Assessment | Vulnerability | ||
|
2018-09-19 10:39:05 | Nation State Cyber Attacks on Rise, Says Europol (lien direct) | Global ransomware attacks are increasingly linked to nation states, with the lines between politics and crime often blurring, Europe's police agency said on Tuesday. | Ransomware | ||
|
2018-09-19 07:29:03 | Mirai Authors Avoid Prison After Working With FBI (lien direct) | Three individuals who last year admitted creating and using the notorious Mirai botnet have avoided prison after helping the FBI in other cybercrime investigations, the U.S. Department of Justice announced on Tuesday. | |||
|
2018-09-18 19:55:04 | Fidelis Cybersecurity Raises $25 Million (lien direct) | Fidelis Cybersecurity, a Bethesda, MD-based company that provides automated threat detection and response solutions, on Tuesday announced that it secured a $25 million growth capital investment. | Threat | ||
|
2018-09-18 17:07:02 | Destructive Xbash Linux Malware Targets Enterprise Intranets (lien direct) | A newly discovered piece of Linux malware that features both ransomware and crypto-currency mining capabilities appears designed to target enterprise intranets, Palo Alto Networks security researchers say. | Ransomware Malware | ||
|
2018-09-18 14:42:03 | Critical Vulnerability Impacts Hundreds of Thousands of IoT Cameras (lien direct) | A critical vulnerability in NUUO software could allow attackers to remotely view video feeds and tamper with the recordings of hundreds of thousands of surveillance cameras, Tenable reveals. | Vulnerability | ||
|
2018-09-18 14:26:04 | iOS 12 Brings Patches for 16 Security Vulnerabilities (lien direct) | Apple this week officially released iOS 12, which patches various vulnerabilities in the mobile operating system (OS) and brings improved performance and other enhancements. | ★★ | ||
|
2018-09-18 14:24:01 | Swiss, Russian FMs to Meet Next Week on Spy Row (lien direct) | Switzerland's foreign minister said Monday that he will meet his Russian counterpart next week after details emerged of alleged attempts by two Russian spies to hack sensitive Swiss targets. | Hack | ||
|
2018-09-18 14:13:04 | Georgia\'s Use of Electronic Voting Machines Allowed for Midterms (lien direct) | Judge Amy Totenberg ruled Monday that the state of Georgia's existing plans for the midterm elections to be conducted via some 27,000 Diebold AccuVote DRE touchscreen voting machines must stand. Her remarks, however, suggest that this should be the last time. | |||
|
2018-09-18 14:04:04 | Building an Integrated IT/OT Security Program: Notes From the Field (lien direct) | Let's start this column with some good news. | |||
|
2018-09-18 13:28:01 | Symantec Launches Free Election Security Service (lien direct) | Symantec on Tuesday announced the launch of a new service that aims to make elections more secure by helping candidates and political organizations improve their security posture and detect fake websites. | ★★★★★ | ||
|
2018-09-18 09:43:02 | Facebook Offers Rewards for Access Token Exposure Flaws (lien direct) | Facebook announced on Monday that it has expanded its bug bounty program to introduce rewards for reports describing vulnerabilities that involve the exposure of user access tokens. | |||
|
2018-09-18 05:08:03 | Altaba Settles Yahoo Breach Lawsuits for $47 Million (lien direct) | Altaba, the investment company that resulted from Verizon's $4.5 billion acquisition of Yahoo's Internet business last year, has agreed to settle consumer class action lawsuits triggered by the massive data breaches suffered by Yahoo in the past years. | Yahoo | ||
|
2018-09-18 00:33:02 | Code Execution in Alpine Linux Impacts Containers (lien direct) | A security researcher discovered several vulnerabilities in Alpine Linux, a distribution commonly used with Docker, including one that could allow for arbitrary code execution. Based on musl and BusyBox, the Alpine Linux distribution has a small size and is heavily used in containers, including Docker, as it provides fast boot times. | |||
|
2018-09-17 17:46:05 | Expectations for CISOs Have Changed (lien direct) | There was a time once when CISOs could dazzle or dominate every conversation with the board or senior management – they were the high priests of a technology that no one outside the cubicles of the IT group could understand. The inside joke was that all it took was FUD – Fear, Uncertainty and Doubt – to win budget. A heat map with some angry red zones was a good visual aid. | |||
|
2018-09-17 17:05:00 | EternalBlue-Vulnerable Systems Serially Infected (lien direct) | Windows machines that haven't been patched against the National Security Agency-linked EternalBlue exploit are stuck in an endless loop of infection, Avira warns. | |||
|
2018-09-17 15:51:03 | Ransomware Disrupts Flight Boards at U.K. Airport (lien direct) | Bristol Airport in the United Kingdom was hit recently by a ransomware incident that caused disruption to flight information display systems, forcing staff to resort to whiteboards and markers. | Ransomware | ||
|
2018-09-17 15:48:03 | The Art of (Cyber) War: How Adversarial Thinking Strengthens Cybersecurity (lien direct) | Cybersecurity is unique compared to most other business operations, even most IT operations. Unlike marketing or network management-both of which tackle difficult and ever-changing challenges in the business operating environment-cybersecurity pits defenders against intelligent, creative and deliberate opponents. | |||
|
2018-09-17 14:46:04 | CISOs and the Quest for Cybersecurity Metrics Fit for Business (lien direct) | 
|
|||
|
2018-09-17 14:02:03 | Wisconsin Officials Prepare for Potential Election Hackers (lien direct) | A private vendor inadvertently introduces malware into voting machines he is servicing. A hacker hijacks the cellular modem used to transmit unofficial Election Day results. An email address is compromised, giving bad actors the same access to voting software as a local elections official. | Malware | ||
|
2018-09-17 13:19:01 | Amazon Probing Staff Data Leaks (lien direct) | Amazon is investigating allegations that some of its staff sold confidential customer data to third party companies particularly in China, the online giant confirmed on Sunday. | |||
|
2018-09-17 11:10:04 | New Bill Aims to Address Cybersecurity Workforce Shortage (lien direct) | A bill introduced last week by U.S. Rep. Jacky Rosen (D-Nev.) aims to address the cybersecurity workforce shortage through a grant for apprenticeship programs. | |||
|
2018-09-17 06:27:02 | Google\'s Android Team Finds Serious Flaw in Honeywell Devices (lien direct) | Members of Google's Android team discovered that some of Honeywell's Android-based handheld computers are affected by a high severity privilege escalation vulnerability. The vendor has released software updates that should address the flaw. | |||
|
2018-09-15 15:41:03 | MageCart Attackers Compromise Cloud Service Firm Feedify (lien direct) | Hundreds of e-commerce Sites Impacted by MageCart Compromise of Cloud Service Provider | |||
|
2018-09-14 20:26:00 | German Troops Face Russian \'Hybrid War\' in Lithuania: Merkel (lien direct) | German Chancellor Angela Merkel said Friday Berlin was boosting military cyber capabilities to respond to Russian hybrid warfare that is targeting its troops deployed on NATO's eastern flank. | |||
|
2018-09-14 20:22:01 | (Déjà vu) Nigerian Fraudster Who Stole Millions Heads to U.S. Prison (lien direct) | A Nigerian man was sentenced in Manhattan federal court to 60 months in prison for his role in fraudulent business email compromise (BEC) scams, the United States Department of Justice announced this week. | |||
|
2018-09-14 20:07:05 | Russian Spies Arrested on Suspicion of Plans to Hack Swiss Laboratory (lien direct) | Dutch 'Expelled Two Russian Spies Over Novichok Lab Plot' | Hack | ||
|
2018-09-14 17:23:01 | China-linked APT10 Hackers Update Attack Techniques (lien direct) | Recently attacks launched by the China-linked threat actor APT10 against the Japanese media sector revealed the use of updated tactics, techniques and procedures (TTPs), FireEye says. | Threat | APT 10 | |
|
2018-09-14 17:07:02 | Secureworks Launches New Security Maturity Model (lien direct) | Secureworks has launched the Secureworks Security Maturity Model. It is released, announces Secureworks, in response to "research which shows that more than one-third of US organizations (37%) face security risks that exceed their overall security maturity. Within that group, 10% face a significant deficiency when it comes to protecting themselves from the threats in their environment." | |||
|
2018-09-14 16:54:05 | How Apple\'s Safari Browser Will Try to Thwart Data Tracking (lien direct) | New privacy features in Apple's Safari browser seek to make it tougher for companies such as Facebook to track you. Companies have long used cookies to remember your past visits. This can be helpful for saving sign-in details and preferences. But now they're also being used to profile you in order to fine-tune advertising to your tastes and interests. | |||
|
2018-09-14 02:11:00 | Report: Kansas Plans to Spend $4.6M on Election Security (lien direct) | Kansas plans to spend more than $4.6 million on election security grants over the next five years as it aims to tighten cyber security, modernize voting equipment, audit election results and safeguard voter rolls, according to a report released Thursday. | |||
|
2018-09-13 17:48:04 | Bomgar to Acquire BeyondTrust (lien direct) | Atlanta-based Privileged Access Management (PAM) solutions provider Bomgar today announced a definitive agreement to acquire BeyondTrust, from an affiliate of Veritas Capital. |
To see everything:
