Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-09-11 11:31:05 |
Exploit vendor Zerodium releases zero-day for old version of Tor (lien direct) |
Exploit vendor Zerodium, which made headlines in September last year by offering a million-dollar bounty for any zero-day exploits in the Tor browser running on Tails Linux or Windows, has itself released a zero-day exploit for the browser. View full story ORIGINAL SOURCE: IT Wire
|
|
|
|
|
2018-09-11 11:31:01 |
\'Web hackers held my data hostage,\' says Wiltshire police commissioner (lien direct) |
The revelation came as Wiltshire Police plans to this week shine a light on its digital investigations team. Angus Macpherson, who has acted as police and crime commissioner for Swindon and Wiltshire since 2012, said: “I was actually subject to a ransomware attack on my personal computer two years ago. The criminals demanded money and ...
|
Ransomware
|
|
|
|
2018-09-11 11:30:03 |
A group of researchers showed how a Tesla Model S can be hacked and stolen in seconds using only $600 worth of equipment (lien direct) |
A savvy car thief could drive off with a Tesla Model S by using just a few, relatively inexpensive pieces of computing hardware and some radios - at least, the thief could have until recently, when Tesla fixed an overlooked vulnerability in its cars’ security systems. View full story ORIGINAL SOURCE: Business Insider
|
Vulnerability
|
Tesla
|
|
|
2018-09-11 11:28:00 |
Ransomware campaign targets businesses with fake invoice message (lien direct) |
A concentrated spam campaign pushing ransomware is targeting businesses in Europe, encrypting files and demanding victims pay a ransom in order to retrieve them. View full story ORIGINAL SOURCE: ZDNet
|
Ransomware
Spam
|
|
|
|
2018-09-10 11:37:02 |
More speed less satisfaction – why faster is not always better in ecommerce delivery (lien direct) |
Written By Matthew Robertson, Co-CEO, NetDespatch In our non-stop lives, it often seems that everyone is competing to do things as quickly as possible. Nowhere is this more apparent than in the fast-paced world of online retail. There's an abiding assumption that, if customers want something, they want it as fast as humanly – or ...
|
|
|
|
|
2018-09-10 11:33:02 |
LuckyMouse Group is back and using a legitimate certificate to sign Malware (lien direct) |
The Kaspersky Lab Global Research and Analysis Team (GReAT) has discovered several infections from a previously unknown Trojan, which is most likely related to the infamous Chinese-speaking threat actor – LuckyMouse. The most peculiar trait of this malware is its hand-picked driver, signed with a legitimate digital certificate, which has been issued by a company ...
|
Malware
Threat
|
|
|
|
2018-09-10 11:30:04 |
All the voices at the table: The benefits of diversity (lien direct) |
By: Nicola Whiting, COO of Titania and a finalist in the Security Leader/Mentor category in the Security Serious Unsung Heroes Awards 2018 “If you are sitting in a decision room and everyone looks like you and thinks like you, you will come up with a less-than-good answer. We need all voices at the table to ...
|
Guideline
|
|
|
|
2018-09-10 11:22:00 |
A year after the Equifax hack exposed 145 million Americans\' personal information, the Trump administration hasn\'t announced any punishments (lien direct) |
A new report by congressional investigators details how hackers broke into Equifax last year in a breach that exposed the financial information of more than 145 million Americans. View full story ORIGINAL SOURCE: Business Insider
|
Hack
|
Equifax
|
|
|
2018-09-10 11:21:02 |
Putin hackers fake Defence Secretary Gavin Williamson\'s emails to swindle wealthy Tory donors (lien direct) |
Russian cyber crooks created a fake email for Williamson, contacting wealthy party donors, claiming the MoD needed assistance in paying a vast ransom View full story ORIGINAL SOURCE: The Sun
|
|
|
|
|
2018-09-10 11:19:05 |
Australia\'s anti-encryption law will merely relocate the backdoors: Expert (lien direct) |
The greatest threat posed by Australia’s planned new anti-encryption laws comes from the voluntary requests made to communication providers, not the compulsory notices to give technical assistance, according Dr Chris Culnane, because they have greater scope and less oversight. View full story ORIGINAL SOURCE: ZDNet
|
Threat
|
|
|
|
2018-09-10 11:18:05 |
Activists rattle tin to take UK\'s pr0n block to court (lien direct) |
ResistAV warns it’s ‘curtains for privacy’ if age checks approved View full story ORIGINAL SOURCE: The Register
|
|
|
|
|
2018-09-10 11:17:02 |
UK.gov went ahead with under-planned, under-funded IT upgrade? Sounds about right (lien direct) |
An “under-planned and underfunded” IT upgrade delayed national security vetting and is costing about £17m a year in inefficiencies, according to the UK government’s spending watchdog. View full story ORIGINAL SOURCE: The Register
|
|
|
|
|
2018-09-10 11:13:04 |
Russian Charged in JPMorgan Chase Hack Extradited to US (lien direct) |
A Russian national who’s been accused of hacking into JPMorgan Chase’s network in 2014 and stealing details for more than 83 million customers has been extradited to the United States to face hacking, wire fraud and other charges. View full story ORIGINAL SOURCE: Data Breach Today
|
Data Breach
Hack
|
|
|
|
2018-09-07 11:08:04 |
Uncertainty is widespread across companies over who takes the lead on cyber, says Willis Towers Watson (lien direct) |
A majority of executives around the world feel they face a “specialist-generalist” dilemma as to whom leads on cyber resiliency due to its critical nature across the company, but also the recognition that specialization is necessary. This is according to the results of a global survey conducted by The Economist Intelligence Unit (EIU) and sponsored ...
|
Guideline
|
|
|
|
2018-09-07 11:07:03 |
Managing the Customer Trust Crisis: New Research Insights (lien direct) |
New data privacy laws in Europe and California - not to mention the resulting flurry of updated privacy policy notifications landing in our inboxes - have put privacy matters in the spotlight. But the circumstances that have precipitated this highlight a worrying trend: customers are concerned about not just the vulnerability of their personal information, ...
|
Vulnerability
|
|
|
|
2018-09-07 11:06:01 |
Security risks curb the adoption of online banking (lien direct) |
While the days of the average person being distrustful of carrying out any kind of financial transaction online are long gone, there are still certain obstacles to overcome, despite ecommerce and online business continuing to grow. Digital transactions have become more sophisticated, more secure, but one kind of digital transaction is lagging behind: online banking. ...
|
|
|
|
|
2018-09-07 10:58:05 |
North Korean hacker charged with cyber attack on NHS (lien direct) |
The US justice department has charged an alleged North Korean spy for helping to perpetrate cyber-attacks against the National Health Service that saw operations cancelled, ambulances diverted and patient records made unavailable following a worldwide hack in 2017 which affected computers in more than 150 countries. View Full Story ORIGINAL SOURCE: The Guardian
|
Hack
|
|
|
|
2018-09-07 10:54:03 |
Researchers find Chainshot malware corrupting networks (lien direct) |
Security researchers exploited a threat actor’s poor choice for encryption and discovered a new piece of malware along with network infrastructure that links to various targeted attacks.The new piece of malware, which received the name Chainshot, is used in the early stages of an attack to activate a downloader for the final payload in a ...
|
Malware
Threat
|
|
|
|
2018-09-07 10:51:00 |
Hackers Replace MEGA Chrome Extension with Trojanized Version (lien direct) |
Users of the Mega.nz file hosting and sharing service were targeted through a supply chain attack in which hackers replaced the company's official Chrome extension with a malicious version. The attack happened Sept. 4 at 14:30 UTC (10:30 a.m. EST), when MEGA's Chrome extension was updated to version 3.39.4 on the Google Chrome Web Store. ...
|
|
|
|
|
2018-09-07 10:49:01 |
BA website and mobile app suffers data breach (lien direct) |
The chief executive of British Airways has apologised for what he has called a very sophisticated breach of the firm’s security systems. Alex Cruz told the BBC that hackers carried out a “sophisticated, malicious criminal attack” on its website.The airline said personal and financial details of customers making bookings had been compromised. About 380,000 transactions ...
|
Data Breach
|
|
|
|
2018-09-07 10:47:03 |
(Déjà vu) Windows Task Scheduler Zero Day hit by Malware attack (lien direct) |
Malware developers have started to use the zero-day exploit for Task Scheduler component in Windows, two days after proof-of-concept code for the vulnerability appeared online. A security researcher who uses the online name SandboxEscaper on August 27 released the source code for exploiting a security bug in the Advanced Local Procedure Call (ALPC) interface used by Windows ...
|
Malware
Vulnerability
|
|
|
|
2018-09-06 11:27:01 |
Trend Micro Survey Finds IoT Deployment Decisions Made Without Consulting Security Teams (lien direct) |
Trend Micro Incorporated, a global leader in cybersecurity solutions, today revealed that organizations around the world are exposing themselves to unnecessary cyber risk by failing to give IT security teams a voice when planning Internet of Things (IoT) project deployments in enterprise environments. A survey of 1,150 IT and security decision makers in Germany, France, ...
|
Guideline
|
|
|
|
2018-09-06 11:24:05 |
Top 3 Issues at Gartner Security & Risk Management Summit 2018 (lien direct) |
By Ronald Sens, EMEA Director for A10 Networks As the number of connected devices and systems grow, so does the number of threats we have to defend against. At the 2018 US Gartner Security & Risk Management Summit held in June, many security professionals visited our stand, and we heard their concerns around the current ...
|
|
|
|
|
2018-09-06 11:22:05 |
Growing focus on compliance could leave businesses vulnerable to fraud (lien direct) |
An increased focus on compliance risks detracting businesses from making investments to protect their organisation against fraud, according to new research by TransUnion (formerly Callcredit). The research, part of which forms the Fraud Fortress report, revealed that compliance is the area most commonly expected to drive increased expenditure (64%), potentially at the expense of prevention ...
|
|
|
|
|
2018-09-06 11:21:01 |
F5 Labs analysis reveals growing global phishing menace and application security vulnerabilities (lien direct) |
Findings from F5 Labs' Lessons Learned from a Decade of Data Breaches report has shed light on the global proliferation of phishing, providing clear insights on why the technique is fast becoming cybercriminals' easiest and most productive attack vector. The threat intelligence reveals that phishing is responsible for almost half of breached records by root ...
|
Threat
|
|
|
|
2018-09-06 09:38:03 |
(Déjà vu) Vodafone Tells Hacked Customers with “1234” Password to Pay Back Money (lien direct) |
A Czech court recently sentenced two hackers to three years in prison for accessing Vodafone customer’s mobile accounts and using them to purchase 600,000 Czech Koruna worth of gambling services. Vodafone reportedly wants the hacked victim’s to pay for these charges as they were using an easy password of “1234”. According to reporting from Czech news site idnes.cz, the hackers accessed ...
|
|
|
|
|
2018-09-06 09:35:01 |
CroniX CryptoMiner Kills Rivals to Reign Supreme (lien direct) |
The operator of a new cryptomining campaign takes aggressive actions against its competition and halts other cryptojacking activity on the machines it claims. Cybercriminals are quick to take advantage of any proof-of-concept (PoC) exploit code that falls into their hands. For the recently disclosed Apache Struts vulnerability (CVE-2018-11776) there are multiple PoCs available, so news ...
|
Vulnerability
|
|
|
|
2018-09-06 09:33:04 |
Silence hacking group suspected of having links to cyber-security industry (lien direct) |
At least one member of a newly uncovered cybercrime hacking group appears to be a former or current employee of a cyber-security company, according to a new report released today. The report, published by Moscow-based cyber-security firm Group-IB, breaks down the activity of a previously unreported cyber-criminal group named Silence. According to Group-IB, the group has ...
|
|
|
|
|
2018-09-06 09:32:00 |
This Engineer Hacked a Retro Knitting Machine to Create a Giant Stellar Map (lien direct) |
An Australian software engineer has spent years hacking a 1980's knitting machine to create a spectacular work of art and simultaneously both advance knitting and science education. Sarah Spencer has toyed around with hacking and programming a 1980's knitting machine for a while before seriously turning her attention to a mammoth task: creating gigantic equatorial star map ...
|
|
|
|
|
2018-09-06 09:28:00 |
Millions of home Wi-Fi networks at risk of hacking, cybersecurity firm claims (lien direct) |
Millions of home Wi-Fi networks are currently at risk of being hacked, a British security company claimed on Wednesday. But not everyone is convinced it's an issue. Weaknesses exist in how saved passwords in the browsers Google Chrome and Opera interact with Wi-Fi over unencrypted connections. That’s according to SureCloud researcher Elliott Thompson, who discovered the ...
|
|
|
★★★
|
|
2018-09-06 09:26:01 |
(Déjà vu) 16 Security Alerts Rated Critical and High Released by Cisco (lien direct) |
Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs. Only three alerts refer to security problems with critical impact; among them is the recently disclosed remote code execution vulnerability in Apache Struts, for which several proof-of-concept exploits exist. Cisco notes that not all of its products that ...
|
Vulnerability
|
|
★★
|
|
2018-09-03 16:04:03 |
DATA BREACH REPORTS TO INFORMATION COMMISSIONER INCREASE BY 75% (lien direct) |
The number of reports of data security incidents received by the Information Commissioner (“ICO”) has increased by 75 per cent over the past two years, according to new analysis1 by Kroll, a global leader in risk mitigation and investigative services. The findings, obtained from a request made under the Freedom of Information Act and ...
|
Data Breach
Guideline
|
|
|
|
2018-09-03 13:15:03 |
(Déjà vu) Ransomware using Barack Obama\'s face discovered (lien direct) |
Every once in a while you come across a really strange malware and such is the case with a new ransomware that only encrypts .EXE files on a computer. It then displays a screen with a picture of President Obama that asks for a “tip” to decrypt the files. View Full Story ORIGINAL SOURCE: Bleeping Computer
|
Ransomware
Malware
|
|
|
|
2018-09-03 13:13:03 |
Human Error the prime reason data breaches happen (lien direct) |
The number of reports of data security incidents received by the UK's Information Commissioner (ICO) has surged 75 percent over the past two years, according to new analysis by Kroll, the risk mitigation and investigative services company– with the overwhelming majority down to human error, rather than malicious cyber incidents. View Full Story ORIGINAL SOURCE: ...
|
|
|
|
|
2018-09-03 13:12:03 |
Government from the \'Five Eyes\' nations give encryption ultimatum (lien direct) |
The ‘Five Eyes’ governments of the UK, US, Canada, Australia, and New Zealand have challenged tech companies to voluntarily create backdoor access to their systems, or be compelled to by law. View Full Story ORIGINAL SOURCE: IT Pro
|
|
|
|
|
2018-09-03 13:10:04 |
Small businesses in the UK suffer at least five cyberattacks each year (lien direct) |
New research has shed light on the growing threats faced by small businesses in the UK that faced an average of five cyber attacks over the course of the last 12 months. According to Appstractor’s new independent report titled “Under Attack: Assessing the struggle of UK SMBs against cyber criminals”, some businesses (19%) faced as many as ...
|
|
|
|
|
2018-09-03 13:09:00 |
Zombie malware hits e-commerce websites (lien direct) |
An analysis of e-commerce stores around the world has revealed thousands of them are unwittingly running a dangerous payment skimming malware stealing thousands from users, with 50 new stores being infected each day. View Full Story ORIGINAL SOURCE: Smart Company
|
Malware
|
|
|
|
2018-09-03 13:07:03 |
HALF A MILLION BUSINESSES IMPACTED BY “FAKE BOSS” SCAMS: LEGAL SECTOR MOST AT RISK (lien direct) |
With one in twelve (eight per cent) of respondents having fallen victim to impersonation fraud, it is likely that nearly half a million (454,9603) SME businesses in the UK have been impacted by these scams. According to data from Lloyds Bank there has been a 58 per cent rise in this type of crime ...
|
|
|
|
|
2018-08-31 14:08:00 |
Monero (XMR) Price Surges as Ransom DDoS Attack News Hit Headlines (lien direct) |
The last few months have seen Monero (XMR) presence in the news take a low profile only to surface as one of the best performing privacy coin in a bearish market. The coin has once again become the center on a scandal involving the comic site Oatmeal ransom DDOs attack. View Full Story ORIGINAL SOURCE: ...
|
|
|
|
|
2018-08-31 14:05:00 |
ThreatList: Ransomware Attacks Down, Fileless Malware Up in 2018 (lien direct) |
The first half of 2018 saw an uptick in fileless malware attacks and a downturn in ransomware attacks, for now. View Full Story ORIGINAL SOURCE: Threatpost
|
Ransomware
Malware
|
|
|
|
2018-08-31 14:03:03 |
Robot copywriters set to shake up ad industry as UK AI start-up targets US market (lien direct) |
A UK start-up that uses Artificial Intelligence to produce creative marketing copy is planning an expansion into the US market. View Full Story ORIGINAL SOURCE: Telegraph
|
|
|
|
|
2018-08-31 14:02:00 |
BEC fraud burgeoning despite training (lien direct) |
Business email compromises (BEC) - commonly referred to as CEO Fraud because the CEO’s identity is being impersonated - continues to grow and, more significantly, succeed due to the simplicity and urgency of the attacks, according to recent study from Barracuda of some 3,000 attacks. View Full Story ORIGINAL SOURCE: SC Magazine
|
|
|
|
|
2018-08-30 11:00:01 |
Banks facing rising bill as Financial Ombudsman weighs in on sophisticated fraud attacks (lien direct) |
Banking customers transferred £240m to fraudsters last year as the sophistication of attacks increases. Banks, which are currently refunding a quarter of this figure to customers, are facing a bigger hit as the Financial Ombudsman has told them not to assume this fraud is due to customer negligence. To avoid an increasing bill, fraud experts ...
|
|
|
|
|
2018-08-30 10:56:00 |
Industry 4.0 and the Regulation of Artificial Intelligence (lien direct) |
“Everything is true… everything anybody has ever thought.” Philip K. Dick – Do Androids Dream of Electric Sheep It is impossible to escape from the fact that technology, and increasingly artificial intelligence (AI), has transformed everyday life. It all started with how we play our music, but Apple’s Siri and Amazon’s Alexa (along with other ...
|
|
|
|
|
2018-08-30 10:53:01 |
Why everyone\'s thinking about ransomware the wrong way (lien direct) |
It's become a fact of life that hackers might lock down your computer, blocking access to your most valuable data, and vowing to free it only if you pay up. Ransomware is nothing new, but it's profitable, and hackers are deploying it left and right. Mitigating ransomware is actually fairly straightforward. If you have backups, ...
|
Ransomware
|
|
|
|
2018-08-30 10:41:03 |
Flash mob brings UK industry together to show it\'s serious about security (lien direct) |
Security Serious Week, as part of European Cyber Security Awareness month in October, has gathered IT security professionals to work together non-gratis to help make the UK safer place to do business online. On the 1st October, the first day of Security Serious Week, representatives from industry and government will come together in London to ...
|
|
|
|
|
2018-08-30 10:21:01 |
Misfortune Cookie vulnerability continues to do damage (lien direct) |
Four years after its public disclosure, the Misfortune Cookie vulnerability continues to be a threat, this time affecting medical equipment that connects bedside devices to the hospital’s network infrastructure. View Full Story ORIGINAL SOURCE: Bleeping Computer
|
Vulnerability
|
|
|
|
2018-08-30 10:19:01 |
Prominent comic book website hit by crypto ransom attack (lien direct) |
In yet another sign that the world of crypto is spilling over into the mainstream internet, comic website The Oatmeal was asked for a ransom in Monero (XMR). The Oatmeal was under a DDOS attack for a few hours, with founder Matthew Inman later receiving an email demanding a payment. View Full Story ORIGINAL SOURCE: Investing
|
|
|
|
|
2018-08-30 10:16:03 |
(Déjà vu) Two New Attacks on TPM Chips uncovered (lien direct) |
Some PC owners may need to apply motherboard firmware updates in the near future to address two attacks on TPM chips detailed earlier this month by four researchers from the National Security Research Institute of South Korea. View Full Story ORIGINAL SOURCE: Bleeping Computer
|
|
|
|
|
2018-08-30 10:13:03 |
The most likely reason why data leaks occur are… (lien direct) |
As an ITAD and data center migration company, Exit Technologies has a vested interest in data security. In this regard, we consulted with several CISOs on the topic of cybersecurity. Specifically, what challenges currently affect data security, and what they view as the largest culprits responsible for data leaks in recent times. View Full Story ORIGINAL SOURCE: ...
|
|
|
|