Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-19 17:12:29 |
Adult FriendFinder Vulnerability Leaves Millions Exposed (lien direct) |
Security experts are reporting popular adult website Adult FriendFinder has been compromised by hackers who have gained access to the site's backend servers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-19 13:00:32 |
Mirai Bots More Than Double Since Source Code Release (lien direct) |
Level 3 Communications said the Mirai botnet has recruited close to 500,000 IoT devices since the malware's source code was released. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-18 20:58:06 |
Experts \'Outraged\' by Warrant Demanding Fingerprints to Unlock Smartphones (lien direct) |
Legal scholars say the government is testing the limits of the Fifth Amendment in a landmark search warrant case. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-18 20:14:32 |
Attackers Hiding Stolen Credit Card Numbers in Images (lien direct) |
Researchers say attackers are embedding malicious code in poorly configured Magento sites that hides stolen payment card data in images. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-18 17:42:22 |
VeraCrypt Patches Critical Vulnerabilities Uncovered in Audit (lien direct) |
An audit of open source file and disk encryption software VeraCrypt wrapped up and a number of critical vulnerabilities uncovered in the assessment were patched. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-17 20:30:19 |
TrickBot Banking Trojan Could Be Dyre Rewrite (lien direct) |
Researchers at Fidelis report there are similarities in coding and behavior between a new banking Trojan called TrickBot and the notorious Dyre malware. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-17 19:25:15 |
Free SSL Providers Spark Unprecedented Growth in Encrypted Traffic (lien direct) |
For the first time, more than half of traffic on the Internet is encrypted, and experts say free SSL certificate providers are playing a big role. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-17 16:49:36 |
US Reps Requesting Further Intel Around Yahoo Surveillance Story (lien direct) |
U.S. representatives are asking Yahoo for clarity around a surveillance program mentioned in reports earlier this month. |
|
Yahoo
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-15 13:00:45 |
Sierra Wireless Warns Cellular Data Gear Targeted by Mirai Malware (lien direct) |
Sierra Wireless warns that its AirLink gateways are being infected by the Mirai malware, and urges customers to change default passwords on devices. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-14 21:24:21 |
Ghost Push Trojan Flourishing Via Malicious Links (lien direct) |
Cheetah Mobile reports the origins of mobile Trojans are still coming from Ghost Push, which can root devices, show ads and install unwanted apps. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-14 14:38:40 |
Threatpost News Wrap, October 14, 2016 (lien direct) |
Mike Mimoso and Chris Brook discuss the news of the week, including the nuclear power plant 'disruption,' the StrongPity APT group, and the proliferation of IoT botnets.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-14 13:00:36 |
Leftover Factory Debugger Doubles as Android Backdoor (lien direct) |
A researcher has found a backdoor, which he calls Pork Explosion, in an Android bootloader built by Foxconn. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-14 12:00:37 |
Popular Android App Leaks Microsoft Exchange User Credentials (lien direct) |
A popular Android app called Nine leaks Microsoft Exchange user credentials when users are tricked into connecting to rogue wireless access points. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 18:54:38 |
Google Plugs 21 Security Holes in Chrome (lien direct) |
Bug hunters earned $30,000 in rewards for reporting 21 security flaws that were fixed in Chrome 54. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 17:43:39 |
Google Handles Record Number of Government Requests for Data (lien direct) |
Google updated its Transparency Report, reporting a record number of government requests for data, and that it received at least one National Security Letter during the second half of 2015. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 16:56:19 |
Facebook Bug Bounty Program Pays Out $5 Million in Five Years (lien direct) |
Facebook announced this week that its paid out more than $5 million to 900 researchers in the five years since it implemented its bug bounty program. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 15:56:30 |
Cisco Patches Critical Bug In Video Conferencing Server Hardware (lien direct) |
A vulnerability in Cisco's meeting server software allows a remote attacker to masquerade as legit user. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 15:27:58 |
Old SSH Vulnerability at Center of Credential-Stuffing Attacks (lien direct) |
Akamai warns that attackers are compromising IOT devices and using them as proxies to test stolen credentials against web-based applications. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-13 14:38:22 |
Android Fragmentation Sinks Patching Gains (lien direct) |
One year after kicking off monthly Android security updates and Google still is way behind Apple when it comes to patching. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-12 21:25:26 |
Vera Bradley Retail Chain Breached (lien direct) |
Women's accessories giant Vera Bradley is reporting a breach of its retail store point-of-sale system. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-12 17:05:48 |
Disappearing Messages Added to Signal App (lien direct) |
Open Whisper Systems announced that it has added the disappearing messages feature to the Signal encrypted messaging app. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-12 15:45:33 |
Gary McGraw on BSIMM7 and Secure Software Development (lien direct) |
Mike Mimoso talks to Cigital CTO and software security pioneer Gary McGraw about the latest results pulled from the Building Security In Maturity Model (BSIMM). |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-11 21:08:15 |
Nuclear Power Plant Disrupted by Cyber Attack (lien direct) |
The head of an international nuclear energy consortium said this week that a cyber attack caused a 'disruption' at a nuclear power plant in the last several years.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-11 19:18:35 |
Microsoft Patches Five Zero Days Under Attack (lien direct) |
Microsoft released 10 security bulletins on Patch Tuesday that included patches for five zero day vulnerabilities under attack that had not been publicly disclosed until today. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-11 18:02:38 |
Adobe Fixes 81 Vulnerabilities in Acrobat, Reader, Flash (lien direct) |
Adobe patched 81 vulnerabilities, including a handful of critical bugs, in Acrobat, Reader, and Flash on Tuesday. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-11 15:52:07 |
IoT Botnet Uses HTTP Traffic to DDoS Targets (lien direct) |
The IoT botnet behind the some of the largest publicly recorded DDoS attacks is flooding its targets with HTTP traffic in Layer 7 attacks. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-10 13:54:49 |
StrongPity APT Covets Secrets of Crypto Users (lien direct) |
Kaspersky Lab researchers have uncovered the StrongPity APT, a group that uses watering hole attacks to infect machines of users seeking encryption technologies such as WinRAR and TrueCrypt. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-10 13:00:50 |
When DVRs Attack: A Post IoT Attack Analysis (lien direct) |
Researchers sort out what went wrong when an estimated 500,000 DVRs and IP-based cameras were used in a series of massive DDoS attacks in September. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-07 15:30:30 |
Threatpost News Wrap, October 7, 2016 (lien direct) |
Mike Mimoso and Chris Brook discuss this week's Virus Bulletin conference in Denver and CNBC's Cambridge Cyber Summit at MIT, the NSA contractor arrest, APT false flags, and more. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-07 15:00:11 |
The Ethics and Morality Behind APT Reports (lien direct) |
Investigating state-sponsored espionage and counterterrorism is one thing. Writing public reports about these activities is another. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-07 14:55:27 |
Cisco Warns of Critical Flaws in Nexus Switches (lien direct) |
Networking giant Cisco issued five security bulletins this week with two critical bugs allowing remote execute code. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-07 11:00:37 |
Free Tool Protects Mac Users from Webcam Surveillance (lien direct) |
Mac security researcher Patrick Wardle released a tool called OverSight that monitors when malware may be recording a webcam or audio session on a macOS machine. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-06 20:26:19 |
Web-Based Keylogger Used to Steal Credit Card Data from Popular Sites (lien direct) |
Researchers estimate thousands of ecommerce sites are under attack by a single threat actor that has infected servers with a web-based keylogger. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-06 17:49:28 |
EFF: NSA\'s Support of Encryption \'Disingenuous\' (lien direct) |
Cindy Cohn, the EFF's Executive Director, called the NSA's support of strong encryption disingenuous during a cybersecurity conference panel Wednesday. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-06 14:00:25 |
Mobile App Collusion Can Bypass Native Android Security (lien direct) |
At Virus Bulletin, researchers explain how Android mobile applications can collude to share data and synchronize payload execution. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-06 13:00:58 |
Juan Andres Guerrero-Saade and Brian Bartholomew on APT False Flags and Attribution (lien direct) |
Mike Mimoso talks to Kaspersky Lab Global Research and Analysis Team researchers Juan Andres Guerrero-Saade and Brian Bartholomew about a paper released at Virus Bulletin on deception tactics and false flags flown by APT groups to frustrate analysis.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-06 12:00:44 |
Abandoned Mobile C&C Servers Present Opportunity to Attackers (lien direct) |
At Virus Bulletin, researchers explained the risks associated with abandoned SDK master servers that present attackers with an opportunity to assume control of these communication channels. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-05 22:31:08 |
NSA Contractor Charged With Stealing Classified Hacking Secrets (lien direct) |
A NSA contractor working for Booz Allen Hamilton was arrested and charged with stealing secret documents from the U.S. spy agency. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-05 16:30:51 |
Yahoo Slams Email Surveillance Story: Experts Demand Details (lien direct) |
Yahoo calls a bombshell email surveillance story “misleading†as legal, civil liberties and security experts demand answers. |
Guideline
|
Yahoo
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-05 12:51:57 |
IoT Botnets Are The New Normal of DDoS Attacks (lien direct) |
DVR's, IP-enabled cameras, home cable equipment and many other IOT connected devices are that latest in potent DDoS tools available to attackers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-05 10:00:00 |
Subpoena for Signal Messaging Data Renders Little (lien direct) |
Open Whisper Systems, the group behind Signal, was served with a subpoena earlier this year but was unable to produce most of the data it was asked for.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-04 18:32:09 |
Cloud, IoT Big Factors in Annual BSIMM 7 Report (lien direct) |
In Cigital's seventh annual Building Security in Maturity Model report cloud, agile software development and IoT factor into maturing secure software movement. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-04 17:16:58 |
Vulnerabilities in Insulin Pumps Can Lead to Overdose (lien direct) |
Researchers are warning patients who use insulin pumps made by Johnson & Johnson this week that vulnerabilities in the devices could be exploited to trigger an overdose.
|
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-03 21:06:16 |
Hack Crashes Linux Distros with 48 Characters of Code (lien direct) |
A Linux admin and open source developer has come up with a 48-character attack that crashes Linux servers, but experts argue the security implications of the bug. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-03 16:06:44 |
Apple To Block WoSign Intermediate Certificates (lien direct) |
Apple said over the weekend it would soon distrust certificates issued by WoSign's Free SSL Certificate G2 intermediate CA on macOS. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-03 14:58:25 |
Source Code Released for Mirai DDoS Malware (lien direct) |
An attacker known as Anna-senpai released source code for the Mirai malware, which was used in a 620 Gbps DDoS attack against Krebs on Security. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-03 12:45:20 |
Mozilla Reduces Threat of Export-Grade Crypto to Firefox (lien direct) |
The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-10-03 09:00:56 |
Researchers Break MarsJoke Ransomware Encryption (lien direct) |
Victims infected with the MarsJoke ransomware can now decrypt their files; researchers cracked the encryption in the CTB-Locker lookalike last week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-09-30 19:45:00 |
Academics Put Another Dent in Online Anonymity (lien direct) |
Academics from Stanford and Princeton release an online tool called Footprints that correlates browsing history with Twitter feeds to reveal a users identity. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-09-30 16:23:06 |
Report a Grim Reminder of State of Critical Infrastructure Security (lien direct) |
Government ICS report reveals access control a major issue for sector along with nagging issues around poor code quality and cryptography. |
|
|
|