What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
SecurityWeek.webp 2019-08-12 08:33:03 Apple Offers Up to $1 Million in Public Bug Bounty Program (lien direct) Apple last week announced that it's making some significant changes to its bug bounty program, making it public and expanding the list of covered products.
SecurityWeek.webp 2019-08-12 04:29:01 \'Saefko\' Multi-Layered RAT Can Spread via USB Drives (lien direct) Security researchers from Zscaler have found a new remote access Trojan (RAT) for sale on the Dark Web that includes multiple functions and is able to spread via removable USB drives.
SecurityWeek.webp 2019-08-11 15:27:02 Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware (lien direct) Device driver vulnerabilities allow malware to infect firmware Malware
SecurityWeek.webp 2019-08-09 15:51:04 Vulnerability Has Been Lurking in Avaya Phones for 10 Years (lien direct) A security vulnerability discovered and patched 10 years ago has remained unaddressed in various Avaya phones until recently, McAfee security researchers have discovered.  Vulnerability
SecurityWeek.webp 2019-08-09 15:42:05 Hidden Injection Flaws Found in BIG-IP Load Balancers (lien direct) In May 2019 (updated in June), F5 issued a security advisory about a potential injection issue in the Tool Command Language (TCL) as used with its BIG-IP load balancers. Load balancers are essential to ensure consistent web services in high volume circumstances, and BIG-IP is popular with banks, governments and large corporations. Tool
SecurityWeek.webp 2019-08-09 15:01:01 Repurposing Mac Malware Not Difficult, Researcher Shows (lien direct) Repurposing Mac malware is not a difficult task for someone with reverse-engineering skills, and it's a far simpler approach compared to writing malware from scratch, a researcher has demonstrated. Malware
SecurityWeek.webp 2019-08-08 23:18:00 Broadcom to Buy Symantec Enterprise Unit for $10.7 Billion (lien direct) Broadcom announced plans Thursday to buy the enterprise unit of cybersecurity firm Symantec Corp. for $10.7 billion in a move to further diversify the US semiconductor maker.
SecurityWeek.webp 2019-08-08 19:00:01 Hackers Can Use Rogue Engineering Stations to Target Siemens PLCs (lien direct) Malicious actors could use rogue engineering workstations to take control of Siemens programmable logic controllers (PLCs), and they can hide the attack from the engineer monitoring the system, researchers from two universities in Israel have demonstrated.
SecurityWeek.webp 2019-08-08 18:50:04 New Windows Process Injection Can Be Useful for Stealthy Malware (lien direct) Process injection - Credits: Endgame.com Malware
SecurityWeek.webp 2019-08-08 18:10:00 Privacy Platform Provider Securiti.ai Emerges From Stealth With $31 Million Funding (lien direct) In the past, data protection regulation has largely been concerned with preventing the theft of personal data. Security and security products have focused on preventing breaches -- no breach effectively meant no failure of data protection compliance.
SecurityWeek.webp 2019-08-08 17:36:00 GM Cruise Releases Automated Firmware Security Analyzer to Open Source (lien direct) The growth of IoT devices has highlighted the difficulties in ensuring firmware security -- especially where the device and software are initially sourced from third parties, or developed under time pressures in-house. Now a new firmware analyzer has been released to open source on GitHub.
SecurityWeek.webp 2019-08-08 16:14:00 Researchers Find Vulnerabilities in Boeing 787 Firmware (lien direct) Researchers from security firm IOActive have discovered a series of vulnerabilities and attacks that they believe could be possible on Boeing's 787 Dreamliner.
SecurityWeek.webp 2019-08-08 04:43:01 Microsoft Says It \'Listens\' to Conversations Only With Permission (lien direct) Microsoft said Wednesday its contractors listen to conversations to hone voice translation features offered by Skype and its digital assistant Cortana, but only when obtaining user permission. ★★
SecurityWeek.webp 2019-08-07 20:44:05 US Formalizes Ban on Government Contracts to China\'s Huawei, Others (lien direct) The United States unveiled rules on Wednesday formally banning technology giant Huawei and other Chinese firms from government contracts in the latest move in the countries' escalating trade war.
SecurityWeek.webp 2019-08-07 19:36:03 Network Shares Are a Primary Target for Ransomware (lien direct) The evolution of ransomware from high volume, low return, spray and pray consumer attacks to lower volume, high value, targeted attacks against business is well documented. The intent now is not to simply encrypt local files, but to find and encrypt network shares in order to inflict the greatest harm in the shortest time. Ransomware
SecurityWeek.webp 2019-08-07 16:33:03 Cisco Patches Critical Flaws in Network Switches (lien direct) Cisco this week released patches to address several vulnerabilities in its Small Business 220 Series Smart Switches, including two bugs rated Critical severity.
SecurityWeek.webp 2019-08-07 14:53:00 Cyber Hygiene 101: Implementing Basics Can Go a Long Way (lien direct) With the number of data breaches skyrocketing in recent years, global cybercrime-related damages are expected to surge in the years ahead. In the last two months alone, we have seen a wave of ransomware attacks wreak havoc and another mega breach that impacted more than 100 million individuals at Capital One whose credit application information was stolen.  Ransomware
SecurityWeek.webp 2019-08-07 14:44:00 Twitter Again Admits Sharing User Data Without Permission (lien direct) Twitter admitted this week that it may have accidentally shared some users' data with third parties without permission.
SecurityWeek.webp 2019-08-07 14:09:04 The Fundamentals of Developing Effective DevSecOps (lien direct) DevSecOps: Building Security Into Design Bolting Security on to DevOps Without Full Integration is Little More Than Keeping Security in its Own Separate Silo
SecurityWeek.webp 2019-08-07 12:33:05 SQL Injection Vulnerability Exposed Starbucks Financial Records (lien direct) A critical SQL injection vulnerability exposed nearly one million financial records stored in a Starbucks enterprise database, a researcher revealed this week. Vulnerability
SecurityWeek.webp 2019-08-07 10:02:05 Millions of Devices With Intel CPUs Exposed to SWAPGS Attack (lien direct) SWAPGS attack Researchers have discovered yet another speculative execution vulnerability that can allow attackers to steal potentially sensitive information from devices with Intel processors. Vulnerability
SecurityWeek.webp 2019-08-06 18:47:04 Developer Bypasses Chrome\'s Anti-Incognito Detection (lien direct) Chrome 76 closed a loophole that allowed sites to detect when the Incognito Mode was being used, but a bypass for it has already been discovered.  The Incognito Mode, or private browsing, allows users to access websites without having unwanted cookies saved on disk and without being tracked by certain websites. 
SecurityWeek.webp 2019-08-06 18:20:05 Baldr Malware: A Short-Lived Star or Info Stealer That Will Return? (lien direct) The Baldr malware is a bit of an enigma. Appearing first in late 2018, researchers at Sophos have tracked it through four rapid revisions until suddenly, on May 31, 2019, the distributor (overdot) declared that further development and support had ceased. Users had been expecting the developer -- thought to be LordOdin by Malwarebytes -- to deliver a major upgrade to version 4.0. Malware
SecurityWeek.webp 2019-08-06 18:10:02 New \'Lord\' Exploit Kit Emerges (lien direct) A newly identified exploit kit is targeting vulnerable versions of Adobe's Flash Player, Malwarebytes security researchers say.
SecurityWeek.webp 2019-08-06 17:19:02 Slack Unveils New Enterprise Security Tools (lien direct) Slack on Tuesday unveiled several new security tools designed to provide administrators of its Enterprise Grid product better control over who can use the platform and how they do it.
SecurityWeek.webp 2019-08-06 15:08:00 Pakistani Man Bribed AT&T Employees to Unlock Phones, Plant Malware (lien direct) A Pakistani national has been charged by U.S. authorities for his role in a scheme that involved bribing employees of telecommunications giant AT&T to help unlock phones and plant malware on the company's network. Malware
SecurityWeek.webp 2019-08-06 14:29:00 Cloud Providers Improving Security, But Users Need to Up Their Game (lien direct) A new report from the Cloud Security Alliance (CSA) on the top threats to cloud computing suggests that service providers are improving their security. Many of today's threats now stem from organizational management decisions and implementation/configuration weaknesses.
SecurityWeek.webp 2019-08-06 14:00:01 Russian Hackers Leverage IoT Devices to Access Corporate Networks (lien direct) IoT Devices Used as Points of Ingress for Hackers to Establish a Presence on Corporate Network 
SecurityWeek.webp 2019-08-06 10:54:02 Microsoft Offers Up to $300,000 in New Azure Security Lab (lien direct) Microsoft makes changes to Azure bug bounty program
SecurityWeek.webp 2019-08-06 10:35:03 Cybereason Raises an Additional $200 Million in Funding (lien direct) Cybereason, a Boston, Mass.-based  EDR/EPP security firm heavily invested in machine learning and AI-based solutions, has raised a further $200 million in a Series E funding round to support its product innovation and strengthen its global reach through its partner program.
SecurityWeek.webp 2019-08-06 08:38:03 UN Report: North Korea Cyber Experts Raised Up to $2 Billion (lien direct) A panel monitoring U.N. sanctions says North Korean cyber experts have illegally raised money for the country's weapons of mass destruction programs “with total proceeds to date estimated at up to $2 billion.”
SecurityWeek.webp 2019-08-06 08:32:05 Privacy Watchdogs Warn Facebook Over Libra Currency (lien direct) Global privacy regulators joined forces Tuesday to demand guarantees from Facebook on how it will protect users' financial data when it launches its planned cryptocurrency, Libra.
SecurityWeek.webp 2019-08-06 08:25:01 Recovering Wi-Fi Password via Dragonblood Attack Costs $1 of Computing Power (lien direct) Some of the mitigations recommended by the Wi-Fi Alliance in response to Dragonblood, a set of WPA3 vulnerabilities that can be exploited to obtain a Wi-Fi network's password, are not efficient in preventing attacks, and launching an attack is much cheaper than initially estimated.
SecurityWeek.webp 2019-08-05 16:25:04 ID Theft Stings, But it\'s Hard to Pin on Specific Data Hacks (lien direct) Equifax 2017. Marriott 2018. Capital One 2019. Data Breach Equifax
SecurityWeek.webp 2019-08-05 16:02:01 Industrial Giants Respond to \'Urgent/11\' Vulnerabilities (lien direct) Several major industrial and automation solutions providers have issued advisories in response to the recently disclosed Wind River VxWorks vulnerabilities dubbed Urgent/11.
SecurityWeek.webp 2019-08-05 15:59:01 JIRA Misconfiguration Leaks Data of Fortune 500 Companies (lien direct) A misconfiguration in the popular JIRA project management software exposed a great deal of data on hundreds of companies, security researcher Avinash Jain reveals.
SecurityWeek.webp 2019-08-02 16:34:01 New Mirai Variant Hides C&C Server on Tor Network (lien direct) A recently discovered variant of the Mirai Internet of Things (IoT) malware is using a command and control (C&C) server on the Tor network, Trend Micro's security researchers have discovered.  Malware
SecurityWeek.webp 2019-08-02 15:13:03 Nine Distinct Threat Groups Targeting Industrial Systems: Dragos (lien direct) The number of tracked threat groups targeting industrial control systems (ICS) environments has risen to nine, industrial cybersecurity firm Dragos reveals in a new report.  Threat
SecurityWeek.webp 2019-08-02 14:39:05 New "LookBack" Malware Used in Attacks Against U.S. Utilities Sector (lien direct) A series of phishing attacks have been targeting U.S. companies in the utilities sector in an effort to infect systems with a new remote access Trojan (RAT), Proofpoint reports. Malware
SecurityWeek.webp 2019-08-02 13:01:05 Unprotected Database Exposes Details of Honda\'s Internal Network (lien direct) An unprotected, internet accessible ElasticSearch database exposed 134 million rows of sensitive data from Honda Motor Company, containing technical details on employee computers, including its CEO, Cloudflare security researcher Justin Paine reveals. 
SecurityWeek.webp 2019-08-02 10:17:04 Congress Wants Capital One, Amazon to Explain Data Breach (lien direct) Leaders of House and Senate committees want Capital One and Amazon to explain to Congress how a hacker accessed personal information from more than 100 million Capital One credit card customers and applicants. Data Breach Guideline
SecurityWeek.webp 2019-08-01 18:52:04 Economics of Ransomware - To Pay Or Not To Pay? (lien direct) Ransomware Ransomware
SecurityWeek.webp 2019-08-01 18:29:00 Faked Facebook Accounts Linked to Saudi Arabia, Mideast Region (lien direct) Facebook on Thursday said it derailed a pair of shady online influence campaigns in the Arabic-speaking world including one linked to the Saudi Arabian government.
SecurityWeek.webp 2019-08-01 16:21:02 Scammers Grab $2.5 Million From North Carolina County in BEC Scam (lien direct) Cybercriminals managed to divert $2.5 million in a business email compromise (BEC) scam targeting Cabarrus County, North Carolina. $1.7 million of that has not been recovered and remains missing.
SecurityWeek.webp 2019-08-01 16:09:03 Google Releases Beta of Anomaly Detection for G Suite Customers (lien direct) Google on Wednesday announced the beta availability of Advanced Protection Program for G Suite customers and anomaly detection in the G Suite alert center.
SecurityWeek.webp 2019-08-01 15:20:05 FTC Warns Cash Option May be Small for Equifax Settlement (lien direct) The Federal Trade Commission on Wednesday told consumers affected by the Equifax data breach that they are unlikely to get the full $125 cash payment that many sought. Data Breach Equifax
SecurityWeek.webp 2019-08-01 14:41:05 Former NSA Contractor Edward Snowden Publishing Memoir (lien direct) Edward Snowden, the former National Security Agency contractor who fled to Russia after leaking information about the US government's mass surveillance program, is publishing a memoir. The book, "Permanent Record," will go on sale on September 17. It is being published globally by Macmillan Publishers.
SecurityWeek.webp 2019-08-01 12:24:02 How to Prep Your Security Strategy for Today\'s Cyber Risks (lien direct) There is no shortage of breaking news on data breaches and vulnerabilities that have very real financial and reputational consequences for enterprises. It seems impossible for business leaders and board members to escape the barrage of forewarning headlines and resulting bombardment of experts who line up to share cybersecurity advice on how to avoid such devastation.  Guideline
SecurityWeek.webp 2019-08-01 11:01:02 \'Hexane\' Threat Actor Targeting Industrial Organizations (lien direct) Security researchers from industrial cybersecurity firm Dragos say they have identified a new threat actor targeting industrial control systems (ICS) related entities in the oil and gas and telecommunications sectors.  Threat
SecurityWeek.webp 2019-08-01 10:50:00 Alleged Capital One Hacker Barely Bothered to Hide (lien direct) The 33-year-old former Amazon software engineer accused of hacking Capital One made little attempt to hide her attack. In fact, she effectively publicized it.
Last update at: 2024-08-07 04:19:09
See our sources.
My email:

To see everything: RSS Twitter