What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-06-30 18:16:22 | Siemens Patches Critical Intel AMT Flaw in Industrial Products (lien direct) | Siemens patched a recently disclosed vulnerability pertaining to systems with specific Intel processors. If exploited, the flaw could let an attacker gain system privileges. | |||
|
2017-06-30 17:11:34 | Majority of Sites Fail Mozilla\'s Comprehensive Security Review (lien direct) | A thorough review of the top 1 million websites reveals 93 percent fail Mozilla's Observatory security review. | |||
|
2017-06-30 13:00:05 | Threatpost News Wrap, June 30, 2017 (lien direct) | Mike Mimoso and Chris Brook discuss this week's ExPetr global ransomware outbreak, how it was distributed, the wiper aspect, and similarities to 2016's Petya ransomware. | |||
|
2017-06-30 11:00:59 | This Retail Website Considers Password Security Optional (lien direct) | The glaring privacy issues tied to an online health and beauty retailer allows customers to log-in to their users accounts with just their email address - no password needed. | |||
|
2017-06-29 19:46:28 | ExPetr Called a Wiper Attack, Not Ransomware (lien direct) | The global outbreak of the Petya/ExPetr malware wasn't a ransomware attack, it was wiper malware aimed to sabotage, according to experts. | |||
|
2017-06-29 17:59:54 | Linux Systemd Bug Could Have Led to Crash, Code Execution (lien direct) | Ubuntu fixed a Linux bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload this week. | |||
|
2017-06-28 19:05:43 | \'Little Hope\' to Recover Data Lost to Petya Ransomware (lien direct) | Researchers at Kaspersky Lab have discovered an error in the ExPetr ransomware code that prevents recovery of lost data. | |||
|
2017-06-28 18:52:52 | Microsoft Issues \'Important\' Security Fix for Azure AD Connect (lien direct) | Microsoft is warning customers of an “important†update to its Azure AD Connect service that could allow for an elevation of privilege attack against affected systems. | |||
|
2017-06-28 16:26:28 | New Petya Distribution Vectors Bubbling to Surface (lien direct) | Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack. | ★★★★★ | ||
|
2017-06-27 20:06:00 | Complex Petya-Like Ransomware Outbreak Worse than WannaCry (lien direct) | Today's global ransomware attack is spreading via EternalBlue and through local networks using PSEXEC and WMIC. | Wannacry | ||
|
2017-06-27 19:50:55 | Google Hit With $2.7 Billion Antitrust Fine (lien direct) | Claiming the company abused its dominance as a search engine to push its shopping service, search giant Google was hit with a hefty $2.7 billion fine this week. | |||
|
2017-06-27 15:34:15 | Second Global Ransomware Outbreak Under Way (lien direct) | A massive ransomware outbreak is spreading globally and being compared to WannaCry. | Wannacry | ||
|
2017-06-27 13:05:48 | Major Hole Plugged in Secure File Transfer Tool (lien direct) | Biscom recently patched a stored cross-site scripting vulnerability in its secure file transfer product. | |||
|
2017-06-26 17:54:53 | Another RCE Vulnerability Patched in Microsoft Malware Protection Engine (lien direct) | Google Project Zero's Tavis Ormandy found another remote code execution vulnerability in the Microsoft Malware Protection Engine, the third since early May. | |||
|
2017-06-26 17:49:21 | Svpeng Behind a Spike in Mobile Ransomware (lien direct) | Mobile ransomware attacks spike in the first quarter of 2017, growing three and a half times compared to the previous year. | |||
|
2017-06-26 16:30:10 | Anthem Agrees to Settle 2015 Data Breach for $115 Million (lien direct) | Anthem agreed late Friday to pay $115 million to settle U.S. lawsuits around a data breach that hit the company in 2015. | |||
|
2017-06-26 13:00:20 | New EU Privacy Laws Will Complicate B2B Data Sharing (lien direct) | Exploring the legality of the international business-to-business sharing of IP addresses within the cyber threat intelligence community. | |||
|
2017-06-23 18:07:30 | Siemens Patches Vulnerabilities in SIMATIC CP, XHQ (lien direct) | Siemens patched two vulnerabilities in products, SIMATIC CP and XHQ, commonly found in industrial control system setups this week | |||
|
2017-06-23 17:34:30 | Few Victims Reporting Ransomware Attacks to FBI (lien direct) | The FBI's Internet Crime Complaint Center (IC3) identified ransomware as one of 2016's top threats, but a relatively small number of attacks were reported. | |||
|
2017-06-23 15:30:58 | Threatpost News Wrap, June 23, 2017 (lien direct) | Mike Mimoso and Chris Brook discuss the news of the week, including Citizen Lab's latest report, WannaCry hitting Honda, GhostHook, and Fireball. | Wannacry | ||
|
2017-06-23 14:04:58 | NSA Advocates Data Sharing Framework (lien direct) | Fighting attackers needs a new approach that leverages a public-private data sharing framework, enabling immediate and collective responses. | |||
|
2017-06-22 19:08:34 | Cisco Patches XXE, DOS, Code Execution Vulnerabilities (lien direct) | Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash and in some instances, arbitrary and remote code execution. | |||
|
2017-06-22 17:51:24 | Average Cost of Breach Goes Down For the First Time Ever (lien direct) | The good news is the cost of a data breach is down double-digits, the bad news the size and scope of breaches is creeping up. | |||
|
2017-06-22 17:11:40 | Microsoft Says Fireball Threat \'Overblown\' (lien direct) | Check Point has toned down its initial estimates on the number of Fireball malware infections from 250 million machines and 20 percent of corporate networks to 40 million computers. | |||
|
2017-06-22 15:25:39 | GhostHook Attack Bypasses Windows 10 PatchGuard (lien direct) | Researchers at CyberArk have developed a bypass for Windows PatchGuard that leverages Intel's Processor Trace (Intel PT) technology to execute code at the kernel. | |||
|
2017-06-22 10:00:58 | NSA-Backed OpenC2.org Aims to Defend Systems at Machine Speed (lien direct) | Security experts, vendors, business and the NSA are developing a standardized language that rather than autonomously understands threats, acts on them. | |||
|
2017-06-21 20:50:44 | Microsoft Extends Edge Bug Bounty Program Indefinitely (lien direct) | Microsoft said Wednesday it would extend its Edge bug bounty program indefinitely. | |||
|
2017-06-21 18:15:32 | Trump\'s Cybersecurity Executive Order Under Fire (lien direct) | Former AT&T CSO, Ed Amoroso, says government needs to shift from talk to action when it comes to cybersecurity. | ★★ | ||
|
2017-06-21 17:50:13 | Honda Shut Down Plant Impacted by WannaCry (lien direct) | Carmaker Honda announced Wednesday that it was forced to shut down production at one of its Japanese plants earlier this week after it was hit by the WannaCry ransomware. | Wannacry | ||
|
2017-06-21 15:14:36 | OpenVPN Patches Critical Remote Code Execution Vulnerability (lien direct) | OpenVPN patched four vulnerabilities privately disclosed by Dutch researcher Guido Vranken, including a critical issue that could lead to remote code execution. | Guideline | ||
|
2017-06-21 13:00:56 | Avaya Patches Remote Code Execution Flaw in Aura (lien direct) | Avaya released a patch last week for a remote code execution vulnerability in its Avaya Aura Application Enablement Services software. | |||
|
2017-06-20 20:19:26 | TP-Link Fixes Code Execution Vulnerability in End-of-Life Routers (lien direct) | Router manufacturer TP-Link recently fixed a vulnerability in a discontinued line of routers that if exploited could have been used to execute code on the device. | |||
|
2017-06-20 19:03:19 | Internet-Enabled Drill Demonstrates IoT Security Done Right (lien direct) | Researchers find flaws in an internet-connected drill, but say minimal, hard-to-find bugs indicate there is hope for IoT security. | |||
|
2017-06-20 18:27:43 | University College London Ransomware Linked to AdGholas Malvertising Group (lien direct) | Proofpoint has connected the University College London ransomware to Mole, spread by AdGholas malvertising campaigns and the Astrum Exploit Kit. | |||
|
2017-06-20 16:55:57 | ProtonMail Launches Free VPN Service (lien direct) | Encrypted email service ProtonMail announced it was launching its own VPN, ProtonVPN, on Tuesday. | |||
|
2017-06-20 13:26:52 | Google Removes Two Ztorg Trojans from Play Marketplace (lien direct) | Google removed two apps, Magic Browser, and Noise Detector, that were vehicles for the Ztorg Trojan, Kaspersky Lab said. | |||
|
2017-06-20 12:41:13 | Say Goodbye to SMBv1 in Windows Fall Creators Update (lien direct) | The SMBv1 file-sharing protocol abused by the NSA's EternalBlue exploit to spread WannaCry ransomware is being disabled in the upcoming Windows Fall Creators Update, or Redstone 3. | Wannacry | ||
|
2017-06-20 10:00:56 | FIN10 Extorting Canadian Mining Companies, Casinos (lien direct) | A string of data thefts targeting North American mining companies and casinos are extorting as much as $620,000 from victims. | |||
|
2017-06-19 18:51:59 | Mexican Journalists, Lawyers Focus of Government Spyware (lien direct) | Dozens of Mexican journalists, lawyers, and even a child, were hit with Pegasus, commercially-produced spyware, as part of a campaign believed to be carried out by the nation's government. | |||
|
2017-06-19 17:59:04 | Republican Data Broker Exposes 198M Voter Records (lien direct) | Almost 200 million voter profiles culled by Republican data broker Deep Root Analytics were left exposed on an Amazon S3 server. | |||
|
2017-06-19 17:05:16 | Stack Clash Vulnerability in Linux, BSD Systems Enables Root Access (lien direct) | Patches are available for a newly discovered Linux, BSD and Solaris vulnerability called Stack Clash that bypasses stack guard-page mitigations and enables root access. | |||
|
2017-06-19 14:28:25 | IoT Malware Activity Already More Than Doubled 2016 Numbers (lien direct) | The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year's total. | |||
|
2017-06-16 19:36:23 | Wikileaks Alleges Years of CIA D-Link and Linksys Router Hacking Via \'Cherry Blossom\' Program (lien direct) | The latest dump from Wikileaks alleges the CIA installed custom router firmware on unsuspecting targets in order to spy on internet activity. | |||
|
2017-06-16 17:45:45 | Someone Failed to Contain WannaCry (lien direct) | As reports of the NSA officially connecting WannaCry to North Korea surface, experts are saying developers failed to contain the ransomware before it was ready for deployment. | Wannacry | ||
|
2017-06-16 16:00:31 | Threatpost News Wrap, June 16, 2017 (lien direct) | Mike Mimoso and Chris Brook discuss the news of the week, including Microsoft's XP patches, Hidden Cobra, a Nigerian BEC campaign, MacRansom, and more. | Medical | APT 38 | |
|
2017-06-16 12:30:46 | Erosion of ISP Privacy Rules Sparks New Anti-Snooping Efforts (lien direct) | After lawmakers struck down ISP privacy protections earlier this year, new efforts are underway to help consumers win back control of their personal information from their service providers. | |||
|
2017-06-15 18:28:19 | Nigerian BEC Scams Hit 500 Companies in 50 Countries (lien direct) | A Kaspersky Lab report on Thursday said an especially potent Nigerian Business Email Compromise campaign has stolen sensitive data from over 500 companies in 50 countries. | |||
|
2017-06-15 18:09:21 | Ransomware Attack Hobbles Prestigious University College London (lien direct) | University officials said users likely kicked off a ransomware attack that infected a dozen personal and shared drives by visiting a compromised website. | |||
|
2017-06-15 14:34:21 | Metadata Analysis Draws its Own Conclusions on WannaCry Authors (lien direct) | Researchers at Telefonica's cybersecurity unit ElevenPaths conducted an analysis of WannaCry metadata. | Wannacry | ||
|
2017-06-14 19:31:08 | Mozilla Fixes 32 Vulnerabilities in Firefox 54 (lien direct) | Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser. |
To see everything:
Our RSS (filtrered)
