What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-23 11:13:35 | The Invisible Risk (lien direct) | If you haven't seen this video on attention, please do so, it's just over a minute long. The video is by Christopher Chabris and Daniel Simons, both authors of the book, ”The Invisible Gorilla,” in which they reveal the numerous ways our intuitions can deceive us. In essence, much like we react to the video above, we […] | |||
|
2020-09-23 10:22:12 | Russian cybergang targeting Russian businesses (lien direct) | A newly identified cybercrime group has been repeatedly targeting Russian businesses with malware and ransomware as security firm Group-IB has found. Oleg Skulkin, Group-IB’s senior DFIR analyst states that “this is very unusual for Russian-speaking gangs who have this unspoken rule about not working within Russia and post-Soviet countries.” The group go by the name […] | Ransomware Malware | ||
|
2020-09-23 10:21:42 | Long Island hospital experiences data breach (lien direct) | Stony Brook University Hospital recently issued a warning to patients about a ransomware attacks which potentially exposed their personal data. Stony Brook University Hospital is the only tertiary care center and Regional Trauma Center in Long Island, and is just one of many recent hospitals to experience a data breach. The hospital contacted patients to […] | Ransomware Data Breach | ||
|
2020-09-23 10:05:39 | Two rogue employees cause Shopify breach (lien direct) | The Online e-commerce platform Shopify experienced a security breach caused by two rogue employees who accessed customer transaction details from merchants on the site. Shopify has estimated that under 200 of their one million online stores were affected by the breach. The breach is currently being investigated by the FBI and other law enforcement agencies […] | |||
|
2020-09-22 16:14:22 | Providing a duty of care in critical communications for business continuity (lien direct) | In a rapidly changing environment, an organisation needs to be able to anticipate, prepare for, respond and adapt to incremental change and sudden disruptions in order to survive and prosper. This organisational resilience is a strategic capability and goes beyond just crisis management. It involves learning from experiences and adopting best practices to deliver business […] | |||
|
2020-09-22 11:41:25 | FBI reveal Chinese data mining scheme (lien direct) | In a congressional hearing last week, FBI Director Christopher Wray stated that China has been involved in massive data mining scheme that has likely stolen the personal information of nearly half the countries population. Wray also gave new details on the scale of Chinese hacking efforts, outlining an attack back in 2017 when credit bureau […] | |||
|
2020-09-22 11:17:14 | Eyewear giant Luxottica hit with cyberattack (lien direct) | Luxottica, who owns popular eyewear brands Ray Ban, Oakley, Micheal Kors, Prada, Chanel and many more has faced severe technical issues resulting in the shutting down of their offices in Agordo and Sedico, Italy as well as their online portal system. Customers reported that the websites for some of Luxottica’s major retailers were not working, […] | |||
|
2020-09-22 11:01:51 | Cyber attacks have tripped in India in the last 2 months (lien direct) | Since Covid-19 and an increase of people working from home across the world, there has been an increase in cyberattacks in India. These cyberattacks typically focus on compromising digital systems of both public and private businesses. The Indian government has found that the country has experienced over 3.5 lakh cybersecurity incidents in July and August, […] | |||
|
2020-09-21 16:04:47 | Understanding PCI SSF compliance standards and its benefits (lien direct) | The PCI Security Standards Council (PCI SSC) released a new framework known as the PCI Software Security Framework (SSF) to secure modern payment software. The new framework is a collection of standards and programs that were built to secure the design and development of payment software. With the introduction of SSF, the existing standard – […] | |||
|
2020-09-21 14:04:35 | CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability- CVE-2020-1472-affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this vulnerability to compromise all Active Directory identity services. Earlier this month, exploit code for this vulnerability was publicly released. Given the nature […] | Vulnerability | ||
|
2020-09-21 12:30:29 | Tweet Chat: Exploring the hidden world of Shadow Code (lien direct) | In the latest IT Security Guru Tweet chat, we were joined by PerimeterX, a leading voice in the world of application security, and a host of other voices from across the Infosec spectrum: Analysts, technical experts, members of the C-suite and professional bodies came together to discuss the emergence of shadow code, a new term […] | Guideline | ||
|
2020-09-21 10:58:55 | Head of NCSC steps down (lien direct) | After 23 years of being a civil servant and the head of the National Cyber Security Centre (NCSC), Ciaran Martin is stepping down and passing the reins onto Lindy Cameron. The NCSC, a band of GCHQ was created to help protect and prevent hackers, from the likes of Russia and China infiltrating our infrastructures. Martin […] | |||
|
2020-09-21 10:45:22 | Experian data breach is not contained, despite claims it has (lien direct) | Experian recently experienced a data breach, which they claim has been contained, but it appears that it has not been. The breach exposed the personal information of 24 million South Africans, 800,000 business, and the bank accounts of 25,000 firms. The credit information company claim to have seized and deleted all data, but it appears […] | Data Breach | ||
|
2020-09-21 10:19:31 | Email bungle exposed University of Tasmania students\' personal information (lien direct) | The University of Tasmania has realised an official apology after an email bugle released around 20,000 students personal details to the universities entire faculty. The information was made public from Microsoft Office365’s SharePoint platform, which was used by the institution to store, share and access files. The information was accessible to all users who had […] | |||
|
2020-09-18 14:00:22 | Shift Left Becomes Shift Everywhere, (lien direct) | Earlier this week, Synopsys Inc. published the eleventh version of the Building Security In Maturity Model (BSIMM) looking at the software security practices across 130 different organisations in a variety of industries including financial services, FinTech, independent software vendors, cloud, healthcare, Internet of Things, insurance and retail. BSIMM11 outlines the work of over 8,000 software security professionals who are guiding […] | |||
|
2020-09-18 13:18:10 | Indian government computers compromised (lien direct) | Back at the beginning of the month, computers containing highly sensitive information about government officials and national security were compromised due to a breach at the National Informatics Centre, according to Delhi Police. The computers contained data regarding Indian Prime Minister Narendra Modi. The National Informatics Centre (NIC) organises and supports government communications, technologies and […] | |||
|
2020-09-18 11:35:18 | HMRC COVID-19 tax relief scam targets business owners (lien direct) | Business owners in the UK have been targetted by a phishing scam which captured sensitive information, such as passwords and payment details. The scam impersonated Her Majesty's Revenue and Customs (HMRC), as reported by accountancy firm Lanop Outsourcing. Business owners were targetted through emails supposedly from HMRC which claimed that the recipient’s VAT deferral application […] | |||
|
2020-09-18 11:12:32 | Ransomware attack on Californian schools stops remote learning (lien direct) | An attack on the Newhall District in Valencia is one of the many ransomware attacks targeting the education sector in America. As children head back to school and learning moves online it seems that schools are becoming a major target for ransomware attacks. This most recent attack of Californian schools targetted 10 different elementary schools, […] | Ransomware | ||
|
2020-09-17 16:08:49 | Microsegmentation and why it is a key element of network defence (lien direct) | Everyone has had to become accustomed to the phrase “social distancing” - the practise of using distance from others to minimise health threats. Inevitably, people have started using the analogy “digital distancing” to talk about similar ideas in information security. It's not exactly new to use disease metaphors in infosec - we already talk about […] | |||
|
2020-09-17 15:57:02 | Now is the time for security leaders to build business resilience (lien direct) | COVID-19 has accelerated years of digital transformation into just a few months, weeks, and even days. Accenture recently moved 1.2 million NHS workers to Microsoft Teams in less than a week. And we are not alone – Satya Nadella recently said that Microsoft had seen two years' worth of digital transformation in 2 months. This […] | |||
|
2020-09-17 15:45:51 | Businesses are confident that they have bots under control. They\'re wrong. (lien direct) | Businesses can make better decisions if they have a good idea of who is using their website. Are they young or old? Male or female? It turns out they are very likely not even people. The majority of web traffic is made up of automated bots, and a great deal of these are malicious. The […] | |||
|
2020-09-17 15:35:58 | Staying ahead in the regulatory race (lien direct) | Governments are playing catch-up across the world. Data privacy breaches from large tech companies, such as Nintendo and Marriott, are becoming more commonplace-and as a result are putting pressure on authorities to introduce stricter compliance policies to safeguard the public. As such, IT pros who live in countries that have implemented policies, such as GDPR, […] | |||
|
2020-09-17 14:53:14 | How to prevent a flood of security hacks by avoiding code leaks (lien direct) | This week sees us celebrate National Coding Week, an event designed to promote the vital role of coding and other digital skills in today's connected world. Coding, and the languages it uses, provides the bedrock on which we've built our digital world – a world which has become even more integral to everyday life given […] | |||
|
2020-09-17 11:25:22 | The NCSC issue new advice to academia (lien direct) | After an increase of cyber attacks on the education sector, the National Cyber Security Centre (NCSC) has issued a new warning for schools, colleges and universities. Over the last few months, cybercriminals have attacked schools and universities with ransomware as they prepare to bring students back safely after the long pause due to the pandemic. […] | Ransomware | ||
|
2020-09-17 10:46:59 | Hacker finds former Prime Minister\'s passport number (lien direct) | A hacker has managed to gain access to former Australian Prime Minister Tony Abbott’s passport and phone number. The hacker, Alex Hope was able to find this information through a picture of Mr Abbotts’s boarding pass he posted on Instagram back in March 2020. Using the reference number on the boarding pass, Hope was able […] | |||
|
2020-09-17 10:38:41 | Google place \'formal\' ban on stalkerware apps (lien direct) | Google has ‘formally’ banned any stalkerware apps from their Play Store, but large loopholes have been left which allow stalkerware to be uploaded as child-tracking apps onto the Play Store. Stalkerware apps track a user’s movement, listen to calls, view messages and record other app’s activity on the user’s device. They are typically advertised as […] | |||
|
2020-09-16 14:20:03 | Securonix Adds C-Suite and Product Engineering Leadership (lien direct) | Securonix, Inc., has announced the appointment of Brett Bowman as Chief Financial Officer and Dilshan Ratnayake as Chief People Officer. The company also added product engineering leadership from companies including Amazon, Microsoft and IBM. The C-suite and technical leadership appointments will aim to continue encouraging growth and accommodate explosive demand for the Securonix Next-Gen SIEM […] | Guideline | ||
|
2020-09-16 13:28:03 | Facebook hacked by researchers exploiting MobileIron MDM flaw (lien direct) | The social networking site was hacked by a researcher who had identified a flaw on MobileIron's Mobile Device Management (MDM) used by an employee. In this case, the vulnerability was not entirely Facebook’s fault as the weakness in a third-party service created a ripple effect which negatively impacted users security. However, this highlights how important […] | Vulnerability | ||
|
2020-09-16 11:50:24 | Portland joins other cities in banning facial recognition (lien direct) | Announced last week, Portland City Council has banned both personal and public use of facial recognition software. This ban will come into effect at the start of 2021 and the council will fine anyone caught using such technologies $1,000 a day of use. Portland is the fourth city to pass such laws alongside San Fransisco, […] | |||
|
2020-09-16 11:10:05 | French law enforcement deploy malware to hack into organised crime networks (lien direct) | French law enforcement have deployed malware to Encrochat devices in the effort to infiltrate criminal networks. Encrochat is largely used on Andriod phones using an encrypted network for communication, hence its popularity within organised crime including drug trafficking. The malware deployed has the ability to harvest all the data sorted on the phone from messages […] | Malware Hack | ||
|
2020-09-15 14:39:03 | TikTok fixes flaws which compromised Android users (lien direct) | Researchers discovered four flaws in TikTok’s Android app which made users vulnerable to benign third-party Android apps. These flaws allowed attackers to possibly compromise a target’s TikTok account, along with access to their private messages and videos on the app. These flaws also allowed the attackers to override the app’s permission settings, allowing them to […] | |||
|
2020-09-15 11:50:22 | Study identifies gaps in corporate cybersecurity systems (lien direct) | A survey of 13,000 remote workers conducted by Trend Micro has discovered that almost 40% are accessing company data from their personal computers, tablets and phones. This could be potentially damaging to a company as such devices often don’t have the necessary security software to protect the device and the information on it. What’s more, […] | |||
|
2020-09-15 11:30:25 | Twitter to flag misinformation tweets (lien direct) | Social media giants are coming together to fight against misinformation in lieu of the US election in November. The most recent platform to join the likes of Facebook and Google is Twitter which will prohibit any information about presumed winners pre-election in an effort to fight the spread of misinformation. This is a new rule […] | |||
|
2020-09-15 07:00:26 | Physical/cybersecurity defence: Waking up to the reality of hybrid attack (lien direct) | For us to begin, do me a favour and google search “hybrid attacks”. Cybrary defines a Hybrid attack as “a blend of both a dictionary attack method as well as brute force attack. This means that while a dictionary attack method would include a wordlist of passwords, the brute-force attack would be applied to each […] | |||
|
2020-09-14 14:36:37 | Cyber security in the new Wild West (lien direct) | For millions, work used to be somewhere you go. Now it’s something you do. From an IT point of view, being unable to control the security of the remote working environment is a significant concern. The employee now sits at home on their laptop, connecting to business servers and applications through virtual private networks, remote […] | |||
|
2020-09-14 14:03:58 | A unified approach to cybersecurity will help fix your IT blind spots (lien direct) | Companies are under siege. With attackers growing ever more creative, many security vendors are assembling a laundry list of cybersecurity solutions in response. Businesses have at their fingertips a variety of vendors to choose from – each offering top-of-class solutions that should leave attackers ruing the day. But how do IT teams navigate the complex […] | |||
|
2020-09-14 11:30:32 | American public schools investigate ransomware attack (lien direct) | Fairfax County Public Schools are working alongside the FBI to investigate a ransomware attack on their technology system. The schools were targeted by a hacking group who admitted to stealing information from the school district. FCPS said “we are taking this matter very seriously and are working diligently to address the issue”, in a statement […] | Ransomware | ||
|
2020-09-14 11:16:56 | Increase in cyber attacks for healthcare providers (lien direct) | The use of online services as a result of the coronavirus has increased exponentially compared to this time last year. However, the risk of cyber-attacks has also increased along with it. This has particularly been the case within the healthcare industry as patients take their appointments online via video/phone calls, also known as telehealth. This […] | |||
|
2020-09-14 11:01:08 | The UK\'s contact-tracing app\'s launch date has been announced (lien direct) | The government has announced that their new contact-tracing app for coronavirus will be launched from 24th September across England and Wales. The app will allow people to scan QR codes to register their visits to hospitality venues, such as restaurants, libraries and leisure centres, and it will utilise Google and Apple’s methods of detecting other […] | ★★★★★ | ||
|
2020-09-11 13:53:40 | Cybersecurity experts comment on government\'s efforts to boost cybersecurity of healthcare suppliers (lien direct) | The UK governement will be offering hundreds of the country's vital healthcare firms benefits from government funding to boost their cyber security. The Digital Infrastructure Minister Matt Warman announced this yesterday, as part of London Tech Week. The move comes after the National Cyber Security Centre (NCSC) identified a heightened cyber threat to the UK health sector […] | Threat | ||
|
2020-09-11 11:43:36 | Companies based in India report more cyberattacks than any other country (lien direct) | Since the COVID-19 pandemic, Indian companies have reported more cyberattacks than any other country, with 56% reporting a rise in their IT costs in recent months. This is two times the global average, according to the Acronis Cyber Readiness Report 2020. The report also provides some key findings which highlight that 92% of companies globally […] | |||
|
2020-09-11 11:33:30 | Small businesses being scammed on Instagram (lien direct) | Emma Heathcote-James who owns and runs “The Little Soap Co.’ on Instagram was made aware of a clone account selling the same products and acting as her when she was mistakably tagged in images on the fake account. Alarmingly the page looked exactly the same with the only difference being an extra ‘o’ added to […] | |||
|
2020-09-11 11:31:24 | Zoom takes new measures to keep its users safe (lien direct) | The video communications company have added an extra layer added to their user’s authentication process, requiring a one-time code received via text or phone call, as well as the account’s password, before allowing you to sign in to the Zoom site. This safety measure will make it much more difficult for hackers to take over […] | |||
|
2020-09-10 15:36:01 | Joining the dots: phishing and ransomware (lien direct) | Phishing and ransomware are inextricably linked. Phishing is the number one delivery mechanism for getting malicious exploits, including ransomware, into mobile devices. According to MobileIron's latest research, 60% of IT decision makers agree that phishing is the most significant threat faced by their organisation. Advanced persistent threat actors are now chaining sophisticated exploits to not […] | Ransomware Threat | ||
|
2020-09-10 09:26:14 | Russian hackers are trying to infiltrate presidential campaigns… again (lien direct) | For the last two months, Joe Biden’s campaign has been under attack by Russian state hackers. These attackers have been trying to infiltrate the firm that is behind Biden’s and other Democrate’s campaigns – SKDKnickerbocker. Luckily, these hackers have not been successful in gaining access to the system. | |||
|
2020-09-10 09:26:10 | Videoconferencing attacks have impacted 39% of companies (lien direct) | As the Coronavirus pandemic has normalized remote working and more meetings have had to take place on sites like Zoom and Microsoft team, attacks of this kind have worsened. Not only is this affecting companies, the attacks have also been targeted towards schools, with teachers in Singapore having to delete Zoom after pornographic images appeared […] | |||
|
2020-09-10 09:10:21 | Cybercriminals opt for \'Old School\' money laundering methods (lien direct) | A report from https://www.swift.com/sites/default/files/files/swift_bae_report_Follow-The%20Money.pdf, who handles infra-bank financial transactions, found that criminals prefer to use established methods like “money mules” and drug trafficking when laundering money from bank hacks instead of more modern options like cryptocurrency transactions. | |||
|
2020-09-09 16:08:08 | Future-proof your communication security to comply with evolving data privacy regulations (lien direct) | With data protection regulations evolving worldwide and the Brexit transition period ending in less than five months – impacting both the GDPR and DPA – now is the time for organisations to future-proof their communication security. Doing so will not only ensure continuous data privacy compliance, it will also help to avoid financial penalties through […] | ★★★★ | ||
|
2020-09-09 15:58:20 | DLP has failed you – and here\'s what you need to do now (lien direct) | Data loss prevention (DLP) solutions have failed – but it's an important truth that we need to accept. Legacy DLP solutions have failed to stop data breaches from happening. Why? Because they simply can't cater to the changes that have happened over the last decade to the way sensitive data is created, stored and (most importantly) […] | |||
|
2020-09-09 15:31:28 | Massive rise in DDoS attacks post-COVID-19 (lien direct) | As people found solace within the safe boundaries of their homes after Coronavirus caused havoc worldwide, it was a time for hackers to be active. According to a report by NexusGuard, a whopping 542 percent jump in DDoS attacks was reported in the first quarter of 2020 over the previous quarter. People were forced to […] |
To see everything:
Our RSS (filtrered)
