What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-08-20 09:42:01 | Harnessing Stunt Hacking for Enterprise Defense (lien direct) | Make Sure You Understand the Root Cause of the Vulnerabilities or Attack Vectors Behind the Next Over-Hyped Stunt Hack Every year, at least one mediocre security vulnerability surprisingly snatches global media attention, causing CISOs and security researchers to scratch their heads and sigh “who cares?” | Vulnerability | ||
|
2019-08-20 08:39:05 | GitHub Now Scans Commits for Atlassian, Dropbox, Discord Tokens (lien direct) | Microsoft-owned GitHub on Monday announced that its token scanning service will also check commits for Atlassian, Dropbox, Discord, Proctorio and Pulumi tokens that have been accidentally shared. | |||
|
2019-08-20 07:18:03 | Facebook Offers Rewards for Instagram Data Abuse Reports (lien direct) | 
|
|||
|
2019-08-19 17:45:00 | Webmin Backdoored for Over a Year (lien direct) | Webmin, the open source web-based interface for managing Linux and UNIX systems, contained a remote code execution vulnerability for more than a year and it's believed to be an intentional backdoor. | Vulnerability | ||
|
2019-08-19 14:17:03 | AWS: No Significant Issues at Other Alleged Targets of Capital One Hacker (lien direct) | 
|
|||
|
2019-08-19 14:09:05 | Data Protection and Privacy: Think 360, Demand 360 (lien direct) | When it Comes to Data Protection and Privacy, it is Important to Evaluate Where You Are, and Where You Need to Go | |||
|
2019-08-19 13:37:00 | UK Hacker Sentenced to 20 Months in Prison (lien direct) | Hacker Elliot Gunton has been sentenced to 20 months in prison by Norwich (UK) County Court, but released immediately because of time already served in custody. | |||
|
2019-08-19 11:55:00 | Organizations Expose Sensitive Data via Malware Analysis Sandboxes (lien direct) | Researchers at UK-based threat intelligence firm Cyjax have studied files submitted to three popular online malware analysis sandboxes and found that many of the publicly accessible files contain sensitive information. | Threat Malware | ||
|
2019-08-19 10:57:00 | Ransomware Hits Texas Local Governments (lien direct) | A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed. | Ransomware | ||
|
2019-08-19 04:56:00 | Uganda, Zambia Deny Huawei Helped Spy on Political Opponents (lien direct) | Uganda and Zambia on Friday denied a report that employees of Chinese telecom giant Huawei had helped them spy on political opponents. The Wall Street Journal (WSJ) reported this week that Huawei technicians helped the two African governments intercept communications and social media activity of their opponents, while also tracking their movements. | |||
|
2019-08-16 19:12:01 | Iowa Grocery Chain Investigating Possible Hack of Payment Processing Systems (lien direct) | A West Des Moines, Iowa-based grocery chain that also operates restaurants, fuel-pumps and drive-thru coffee shops is warning its customers about a security incident involving some of its payment card systems. | Hack | ||
|
2019-08-16 16:09:05 | Apple Sues Corellium Over Security Research Tool (lien direct) | Apple has filed a copyright infringement lawsuit against Florida-based virtualization company Corellium for creating “perfect replicas” of iOS that can be used for security research and other purposes. | Tool | ||
|
2019-08-16 13:34:04 | Uganda Slams Report Huawei Helped Spy on Opposition Leader (lien direct) | Uganda on Friday denied a report that employees of Chinese telecom giant Huawei had aided a domestic spying operation targeting pop star turned opposition icon Bobi Wine. The Wall Street Journal reported this week that Huawei technicians helped Ugandan authorities use spyware to intercept Wine's Skype and WhatsApp communications. | |||
|
2019-08-16 13:14:00 | Many Users Don\'t Change Unsafe Passwords After Being Warned: Google (lien direct) | Google has shared some interesting data collected by the company from users of its Password Checkup extension for Chrome. | |||
|
2019-08-16 11:45:01 | Sherlock in the SOC: Leveraging Security Knowledge in a Behavior-Based Approach (lien direct) | “There is a strong family resemblance about misdeeds, and if you have all the details of a thousand at your finger ends, it is odd if you can't unravel the thousand and first.” | |||
|
2019-08-16 10:58:03 | Cybersecurity Has Become a Political Issue for Americans, Survey Shows (lien direct) | Americans have a pragmatic view towards cybersecurity. For example, while 86% believe that paying ransoms merely encourages more attacks, 70% accept that when organizations do pay, it is because they had no choice. But politicians should consider: 87% believe that cybersecurity should be a top priority for government, but only 51% believe it is currently doing a good job. | |||
|
2019-08-16 05:41:00 | Many Apache Struts Security Advisories Updated Following Review (lien direct) | Two dozen security advisories for the Apache Struts open source development framework have been updated after researchers determined that they contained incorrect information regarding which versions of the software were impacted by a vulnerability. | |||
|
2019-08-15 18:13:03 | ECB Uncovers Data Breach in Bank Newsletter (lien direct) | Hackers had access for months to the contact information of hundreds of financial industry subscribers to a European Central Bank newsletter, the Frankfurt institution said Thursday. "Unauthorised parties... breached the security measures protecting (the ECB's) Banks' Integrated Reporting Dictionary (BIRD) website," the bank said in a statement. | Data Breach | ||
|
2019-08-15 18:04:01 | Vulnerability Patched in Firefox Password Manager (lien direct) | The latest update released by Mozilla for Firefox patches a vulnerability that can be exploited to bypass the master password of the built-in password manager and obtain stored passwords. | Vulnerability | ||
|
2019-08-15 16:09:05 | Intel Patches High-Severity Flaws in Tools, NUC Firmware (lien direct) | Some of the updates released by Intel as part of the August 2019 Patch Tuesday fix high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. | |||
|
2019-08-15 14:41:00 | Know Your Options When Dealing With Alert Overload (lien direct) | Talent, Technology and Process Can Deliver Relief From Security Alert Overload | |||
|
2019-08-15 14:01:01 | Millions of Unencrypted Fingerprint and Facial Biometrics Found on Unsecured Database (lien direct) | Yet another database of personal information has been found on an unsecured server. This one stands out for its size, the range of unencrypted PII it contains, and the inclusion of vast numbers of biometric records. | |||
|
2019-08-15 13:43:03 | Kaspersky Makes Changes After Products Raise Privacy Concerns (lien direct) | Kaspersky has made some changes to the way its products check web pages for malicious activity after a researcher discovered an issue that could have been exploited to track users online. | |||
|
2019-08-15 12:46:04 | DLL Hijacking Flaws Patched in Trend Micro Password Manager (lien direct) | Trend Micro recently patched a couple of DLL hijacking vulnerabilities in Password Manager that could allow malicious actors to escalate privileges, make their malware persistent, and to load and execute their payloads via a signed service. | Malware | ||
|
2019-08-15 11:08:05 | Focus on Use Cases to Improve Security Operations (lien direct) | There was a time when the term “use case” was confined to product development meetings where software and systems engineers worked through defining why and how a product would be used in order to create requirements. Use cases remain a critical tool to ensure teams are building products their customers need and can use. | Tool | ||
|
2019-08-15 09:54:03 | Owners of Fake Tech Company Plead Guilty to Fraud Charges (lien direct) | Two Florida men have pleaded guilty to wire fraud charges filed in southern Illinois, where they targeted people with fake technical support services. Michael Austin Seward of Deerfield Beach and Kevin James McCormick of Delray Beach admitted Wednesday they operated a scam called Client Care Experts. | Guideline | ||
|
2019-08-15 03:20:01 | Feds: Capital One Suspect May Have Hacked 30-Plus Companies (lien direct) | Federal prosecutors say a woman charged in a massive data breach at Capital One may have hacked more than 30 other organizations. | Data Breach | ||
|
2019-08-14 17:51:01 | New Bluetooth Vulnerability Allows Attackers to Intercept Traffic (lien direct) | A KNOB (key negotiation of Bluetooth) attack against the basic rate/enhanced data rate (BR/EDR, or Bluetooth Classic) configuration can result in information disclosure and/or escalation of privileges. | Vulnerability | ||
|
2019-08-14 15:37:05 | SAP Patches Highest Number of Critical Flaws Since 2014 (lien direct) | SAP's Security Patch Day updates for August 2019 address three new critical vulnerabilities affecting the company's products. This is the highest number of critical flaws fixed on the same day since 2014. | |||
|
2019-08-14 15:24:00 | British Airways Criticized for Exposing Passenger Flight Details (lien direct) | British Airways (BA) has been criticized for allowing hackers easy access to customer flight information. The issue was exposed Tuesday by researchers who discovered "a vulnerability affecting British Airways' e-ticketing system that exposes passengers' personally identifiable information (PII)." | Vulnerability | ||
|
2019-08-14 13:41:03 | Myers-Briggs Study Examines Employee Personality Traits and Cyber Behaviors (lien direct) | Myers-Briggs is a firm that believes in self-development through self-awareness. To improve the level of self-awareness, it has developed a psychometric test to indicate to which of 16 personality types everybody belongs. This is the Myers-Briggs Type Indicator (MBTI), comprising 16 types based on the interaction of four basic personalities. | |||
|
2019-08-14 13:33:04 | Microsoft Warns of New BlueKeep-Like, Wormable RDS Vulnerabilities (lien direct) | Microsoft's latest security updates patch more wormable vulnerabilities related to Remote Desktop Services (RDS) and the company has published a blog post to warn users about the risk they pose. | |||
|
2019-08-14 11:57:04 | How to Find Success for IT in an OT World (lien direct) | The convergence of IT and operational technology (OT) is well underway, making IT's influence on OT environments - both at the technological and personnel levels - critical to the future success of businesses. While these teams have not typically worked together and often find themselves at odds when it comes to networking, maintenance and ownership, the time for playing nice is now. Here are some critical factors for success in managing the meeting of these two worlds. | |||
|
2019-08-14 11:48:02 | HTTP/2 Implementation Vulnerabilities Expose Servers to DoS Attacks (lien direct) | Researchers at Netflix and Google have discovered a total of eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations, including from major tech companies such as Amazon, Apple, Facebook and Microsoft. | |||
|
2019-08-14 11:34:03 | Collision Course: Keeping Up With Digital Complexity in an App-Enabled World (lien direct) | There's no question the world is getting more agile. These days even companies in traditional brick and mortar industries, those luddites and laggards from the old school, are transitioning their business logic to web sites and apps. | |||
|
2019-08-14 11:32:04 | Facebook Listened to Users\' Conversations: Report (lien direct) | Facebook has paid hundreds of contractors to listen to and transcribe snippets of users' conversations, US media reported on Tuesday, amid heightened scrutiny of the social network's data collection practices. | |||
|
2019-08-14 08:46:02 | Siemens SCALANCE X Switches Vulnerable to DoS Attacks (lien direct) | Siemens on Tuesday released several new advisories describing vulnerabilities in the company's products, including an unpatched denial-of-service (DoS) flaw affecting SCALANCE X industrial switches. | |||
|
2019-08-14 04:57:00 | BlueKeep Patching Efforts Sink: 750,000 Systems Still Vulnerable (lien direct) | More than 750,000 systems remain vulnerable to the BlueKeep vulnerability as patching rate has decreased by around 85%, a new report from security firm BitSight reveals. | Patching Vulnerability | ||
|
2019-08-14 04:45:01 | Czechs Blame Foreign State for Foreign Ministry Cyberattack (lien direct) | A parliamentary committee in the Czech Republic says a national security agency told its members that a foreign country state is believed to be behind a cyberattack on the Czech Foreign Ministry. | |||
|
2019-08-13 19:03:00 | Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates (lien direct) | Microsoft's August 2019 Patch Tuesday updates fix more than 90 vulnerabilities, but none of them have been exploited in attacks or disclosed publicly before the patches were released. | |||
|
2019-08-13 15:09:01 | Adobe Patches 118 Vulnerabilities Across Eight Products (lien direct) | Adobe's Patch Tuesday updates for August 2019 resolve 118 vulnerabilities across the company's After Effects, Character Animator, Premiere Pro, Prelude, Creative Cloud, Acrobat and Reader, Experience Manager, and Photoshop products. | |||
|
2019-08-13 13:11:02 | Free MANRS Tool Helps Improve Routing Security (lien direct) | The Mutually Agreed Norms for Routing Security (MANRS) initiative on Tuesday announced the availability of a free tool designed to help network operators identify potential issues and improve routing security. | Tool | ||
|
2019-08-13 11:52:02 | Industrial Defense In The Cloud (lien direct) | It was not that long ago when one of the measures of a company's maturity was whether it had its own data center or not. In some cases, the data center occupied one or two floors in the company's facility while in others, the data center may have sprawled across several locations for full redundancy. | |||
|
2019-08-13 07:45:00 | SQLite Vulnerabilities Demoed With Hacking of iPhone, Malware C&C (lien direct) | Researchers have uncovered some potentially serious SQLite vulnerabilities and they have demonstrated their findings by hacking an iPhone and a command and control (C&C) server used by malware. | Malware | ||
|
2019-08-13 07:28:03 | UN Probing 35 North Korean Cyberattacks in 17 Countries (lien direct) | U.N. | |||
|
2019-08-12 15:37:00 | \'Cloud Atlas\' Cyberspies Use Polymorphic Malware in Government Attacks (lien direct) | The Cloud Atlas threat group has continued conducting cyber espionage operations and its recent attacks have involved a new piece of polymorphic malware. | Threat Malware | ||
|
2019-08-12 13:39:02 | FBI, Facebook Could Clash Over Privacy vs. Monitoring (lien direct) | The FBI is looking for outside contractors to monitor social media for potential threats, setting up a possible conflict with Facebook and other companies over privacy. | |||
|
2019-08-12 13:21:00 | Researchers Demonstrate Ransomware Attack on DSLR Camera (lien direct) | 
Researchers at cybersecurity firm Check Point have demonstrated that malicious actors could hack a DSLR camera and infect it with a piece of ransomware.
|
Ransomware Hack | ||
|
2019-08-12 11:56:00 | Tips for Bridging the Gap Between Cyber Risk & Business Risk (lien direct) | Misalignment between cyber risk and business risk is one of the biggest causes and symptoms, of misalignment between the CISO, the C-suite, and the board. Part of the issue is that many of the processes and tools currently used to measure and manage business risk were established long before cyber risk (or cyber anything) entered the picture. | |||
|
2019-08-12 10:49:04 | McAfee Strengthens Container Security Capabilities With NanoSec Acquisition (lien direct) | McAfee last week announced the acquisition of NanoSec, a California-based company that specializes in security solutions designed to help organizations protect data center and cloud traffic. |
To see everything:
Our RSS (filtrered)
