What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-12 21:05:05 | Federal Focus on Cyber Plays Out in President\'s Budget, IoT Legislation (lien direct) | Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts. | |||
|
2019-03-12 20:52:03 | (Déjà vu) Microsoft Patches Two Win32k Bugs Under Active Attack (lien direct) | Microsoft's March Patch Tuesday updates include 64 fixes, 17 of which are rated critical. | |||
|
2019-03-12 19:48:02 | ThreatList: Phishing Attacks Doubled in 2018 (lien direct) | Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report. | |||
|
2019-03-12 15:09:01 | Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes (lien direct) | Microsoft won't be patching the bug, but a proof of concept shows the potential for successful malware implantation. | Malware Patching | ||
|
2019-03-12 14:53:01 | (Déjà vu) Adobe Patches Critical Photoshop, Digital Edition Flaws (lien direct) | Adobe fixed two arbitrary code execution flaws in its Photoshop and Digital Edition products. | |||
|
2019-03-11 19:31:04 | Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix (lien direct) | IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity. | |||
|
2019-03-11 19:14:02 | Google Patches Critical Bluetooth RCE Bug (lien direct) | In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high. | |||
|
2019-03-11 17:44:02 | Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks (lien direct) | In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises. | Ransomware | ||
|
2019-03-11 14:51:01 | Facebook Alleges Two Ukrainians Scraped Data From 63K Profiles (lien direct) | Facebook is suing two Ukrainian men who were able to scrape data from 63,000 users' profiles by enticing users to download a malicious browser extension. | |||
|
2019-03-09 13:00:05 | RSA Conference 2019: The Expanding Automation Platform Attack Surface (lien direct) | Hacking into smart homes is becoming increasingly easy and a great way to steal victims' personal information, Trend Micro said at RSA 2019. | |||
|
2019-03-08 21:25:01 | RSA Conference 2019: Operational Technology Widens Supply Chain Attack Surfaces (lien direct) | Between operational technology and open source, the supply chain is rapidly expanding - and companies that can't keep up will be the next security targets, said experts at RSA Conference 2019. | |||
|
2019-03-08 20:10:02 | Citrix Falls Prey to Password-Spraying Attack (lien direct) | International cybercriminals likely exploited weak passwords on an internal network, the FBI said. | |||
|
2019-03-08 18:04:04 | RSA Conference 2019: Emotet Takes Aim at Latin America (lien direct) | RAT activity in Latin America and Asia ramped up at the end of 2018, indicating widespread coordinated targeting by threat actors. | Threat | ||
|
2019-03-08 15:30:05 | RSAC 2019: The Dark Side of Machine Learning (lien direct) | As smart devices permeate our lives, Google sends up a red flag and shows how the underlying systems can be attacked. | |||
|
2019-03-08 14:50:02 | RSA Conference 2019 Recap (lien direct) | From privacy to patches, Threatpost editors discuss the biggest infosec news and trends that they saw this week at RSA Conference 2019. | |||
|
2019-03-07 21:11:00 | RSA Conference 2019: Firms Continue to Fail at IoT Security (lien direct) | IoT is growing more popular in the home - and so too are the attacks that target these devices featuring valuable data, researchers said at RSA 2019. | |||
|
2019-03-07 21:01:05 | RSA Conference 2019: Ultrasound Hacked in Two Clicks (lien direct) | In a proof-of-concept hack, researchers penetrated an ultrasound and were able to download and manipulate patient files, then execute ransomware. | |||
|
2019-03-07 17:00:02 | RSAC 2019: For Domestic Abuse, IoT Devices Pose New Threat (lien direct) | When it comes to domestic abuse, smart products around the house are turning into new threats, a panel of experts said at RSA. | Threat | ||
|
2019-03-07 12:53:00 | RSA Conference 2019: NIST\'s Privacy Framework Starts to Take Shape (lien direct) | The Privacy Framework is being developed to be risk-based/outcome-based and non-prescriptive, unlike the GDPR. | |||
|
2019-03-06 21:30:04 | RSA Conference 2019: UniKey Patches BleedingBit Flaws Granting Access To Hotel Rooms, Cars (lien direct) | BleedingBit's impact continues to spread across various devices, researchers at RSA Conference 2019 said. | |||
|
2019-03-06 19:45:01 | RSA Conference 2019: The Sky\'s the Limit For Satellite Hacks (lien direct) | Satellites are spotted with vulnerabilities and design flaws - and hackers are taking note, researchers report at the RSA Conference. | |||
|
2019-03-06 19:42:00 | RSA Conference 2019: How to Defend Against an AI vs AI \'Flash War\' (lien direct) | Offensive cyber attack chains are accelerating rapidly thanks to a combination of artificial intelligence, machine learning and broadening threat landscape. | Threat | ||
|
2019-03-06 13:42:01 | RSA Conference 2019: Cryptographers\' Panel Decries Adi Shamir\'s Visa Issues (lien direct) | Panelists react to missing noted cryptographer Adi Shamir who was denied a visa to enter the US to attend RSA Conference 2019. | |||
|
2019-03-06 13:00:02 | RSAC 2019: Data-Wiping Cyberattacks Plague Financial Firms (lien direct) | A new report outlines the cyberattacks and threats that financial firms are facing. | |||
|
2019-03-06 11:00:01 | RSA Conference 2019: Microsoft, Google, Twitter on Federal Privacy Regs (lien direct) | Public policy honchos for the tech giants discussed what they would like to see in sweeping GDPR-like federal data privacy legislation. | |||
|
2019-03-06 08:01:02 | RSAC 2019: TLS Markets Flourish on the Dark Web (lien direct) | The certificates are often paired with ancillary products, like Google-indexed “aged” domains, after-sale support, web design services and even integration with a range of payment processors. | |||
|
2019-03-05 20:56:05 | RSA Conference 2019: How to Be Better, on Trust, AI and IoT (lien direct) | Tuesday's keynotes kicking off RSA tackled both light and dark visions of the future, the imperative to become obsessed with trust, IoT and AI, and they even featured Helen Mirren and a flash mob. | |||
|
2019-03-05 19:00:01 | RSA Conference: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts (lien direct) | A scammer ring dubbed Scarlet Widow has targeted nonprofits, schools and universities with an array of business email compromise (BEC) attacks over the past few months. | |||
|
2019-03-05 14:00:01 | RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure (lien direct) | The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module. | Vulnerability | ||
|
2019-03-05 13:00:03 | RSAC 2019: Most Consumers Say \'No\' to Cumbersome Data Privacy Practices (lien direct) | Consumer confidence in companies keeping their data safe is at an all-time low, but password hygiene and not reading EULAs and app permissions remain big problems. | |||
|
2019-03-05 11:40:00 | RSAC 2019: Picking Apart the Foreshadow Attack (lien direct) | Raoul Strackx, one of the researchers who discovered the Foreshadow speculative execution vulnerability, talks at RSA about the Catch-22 issue when it comes to fixing speculative execution flaws. | |||
|
2019-03-05 11:00:01 | RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase (lien direct) | At least 463,546 malicious URLs contained in the 28.4 million analyzed emails made it through to corporate in-boxes in Q4 of 2018. | |||
|
2019-03-05 11:00:00 | RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes (lien direct) | Researchers say that Microsoft won't issue a patch for the issue. | |||
|
2019-03-05 05:02:02 | BSides SF 2019: Remote-Root Bug in Logitech Harmony Hub Patched and Explained (lien direct) | Users of Logitech's Harmony Hub get long-awaited answers about the critical bugs that left their home networks wide open to attack. | |||
|
2019-03-04 23:36:00 | Teen Becomes First to Earn $1M in Bug Bounties with HackerOne (lien direct) | He is also the all-time top-ranked hacker on HackerOne's leaderboard, out of more than 330,000 hackers competing for the top spot. | Guideline | ||
|
2019-03-04 19:41:03 | Smart Ski Helmet Headphone Flaws Leak Personal, GPS Data (lien direct) | A rash of security flaws in the Outdoor Tech CHIPS smart headphones, which fit in ski helmets, allow bad actors to collect data like emails, passwords, GPS location - and even listen to conversations in real time. | |||
|
2019-03-04 16:29:03 | Project Zero Discloses High-Severity Apple macOS Flaw (lien direct) | Google Project Zero researchers detailed a new high-severity macOS flaw after Apple failed to patch it by the 90-day disclosure deadline. | |||
|
2019-03-04 14:00:01 | RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions (lien direct) | The workforce and skills gap in cybersecurity continues to plague organizations. | |||
|
2019-03-04 13:30:01 | Container Escape Hack Targets Vulnerable Linux Kernel (lien direct) | A proof-of-concept hack allows adversaries to tweak old exploits, have code jump containers and attack underlying infrastructure. | Hack | ||
|
2019-03-04 11:00:03 | RSAC 2019: An Antidote for Tech Gone Wrong (lien direct) | As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution. | |||
|
2019-03-04 11:00:03 | Visitor Kiosk Access Systems Riddled with Bugs (lien direct) | Student researchers working with IBM X-Force Red team find security holes in five leading visitor management systems. | Guideline | ||
|
2019-03-04 02:00:02 | RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope (lien direct) | New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers' expectations in complexity, scope and breadth. | |||
|
2019-03-03 15:26:05 | How the Dark Web Data Bazaar Fuels Enterprise Attacks (lien direct) | What does the age of near-ubiquitous data breaches, deep fakes, and fallible biometric authentication mean for enterprise security? | |||
|
2019-03-01 20:22:04 | Adobe Patches Critical ColdFusion Vulnerability With Active Exploit (lien direct) | Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product. | Vulnerability | ||
|
2019-03-01 18:11:00 | Podcast: RSA Conference 2019 Preview (lien direct) | The Threatpost team talks about the biggest cybersecurity stories, trends and research we'll see at RSA this year. | |||
|
2019-03-01 15:41:00 | Necurs Botnet Evolves to Hide in the Shadows, with New Payloads (lien direct) | Using an on-again, off-again strategy of C2 communication helps it hide from researchers. | ★★★ | ||
|
2019-02-28 16:11:05 | Coinhive to Mine Its Last Monero in March (lien direct) | The controversial cryptomining service is shutting down. | |||
|
2019-02-28 14:27:01 | Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers (lien direct) | Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code. | |||
|
2019-02-27 17:24:02 | Card-Skimming Scripts Hide Behind Google Analytics, Angular (lien direct) | The campaign is marked by a significant level of customization, with an “individualized yet very consistent approach to every compromise. | |||
|
2019-02-27 17:19:04 | Ring Doorbell Flaw Opens Door to Spying (lien direct) | Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns. |
To see everything:
Our RSS (filtrered)
