What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-04-08 15:55:46 | phoenixNAP Integrates Alert Logic MDR into its Secure Cloud Solution (lien direct) | phoenixNAP®, a global IT services provider offering security-focused cloud infrastructure, dedicated servers, colocation, and specialised Infrastructure-as-a-Service (IaaS) technology solutions, today announced a collaboration with Alert Logic, the industry's first SaaS-enabled managed detection and response provider. This partnership will expand phoenixNAP's Data Security Cloud (DSC) to include Alert Logic's market-defining managed detection and response solution, enabling […] | |||
|
2020-04-08 09:48:57 | (Déjà vu) NASA sees increasing malicious activity due to pandemic (lien direct) | NASA has seen “significantly increasing” malicious activity from both nation-state hackers and cybercriminals targeting the US space agency’s systems and personnel working from home during the COVID-19 pandemic. Mitigation tools and measures set in place by NASA's Security Operations Center (SOC) successfully blocked a wave of cyberattacks, the agency reporting double the number of phishing […] | ★★ | ||
|
2020-04-08 09:47:41 | Google addresses issue with Face Unlock (lien direct) | Google has addressed a security concern with the Face Unlock system on its Pixel 4 smartphones, more than five months after the devices went on sale. In October 2019, a BBC News test found the Face Unlock system allowed access to a person’s device even if they had their eyes closed. Security researchers criticised the […] | |||
|
2020-04-08 09:46:53 | US Stimulus Checks Targeted by Scammers (lien direct) | In the latest sorry COVID-19 scam, fraudsters are impersonating financial institutions to steal from Americans expecting stimulus checks from the US federal government. Following the outbreak of the novel coronavirus, many Americans have been furloughed, fired, or had their hours or workload reduced as businesses across the country closed and lockdown measures were implemented. To […] | |||
|
2020-04-08 09:45:39 | (Déjà vu) xHelper Malware Re-Installs After Factory Reset (lien direct) | A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices-making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected […] | Malware | ||
|
2020-04-08 09:44:52 | Malware Concealed Under SSL Certificates (lien direct) | Cybercriminals are increasingly relying on SSL certificates to lull people into a false sense of security when clicking malicious links. The assumption that HTTPS links and the accompanying lock icon protect employees from attack can threaten businesses without sufficient SSL inspection. Nearly 52% of the top 1 million websites were available over HTTPS in 2019, […] | Malware | ||
|
2020-04-07 16:43:38 | One Identity Offers Free Privileged Session Management Capability to Support Critical Infrastructure Providers (lien direct) | As emergency services, public health organisations, utilities and other critical organisations rush to enable as many remote workers as possible, best practices for keeping users secure have understandably become an ongoing challenge. Any organisation relies on privileged IT users to configure systems and perform vital functions so their enterprise stays up and running. If this […] | |||
|
2020-04-07 11:40:09 | Surveillance ramping up with UK Govt using mobile data to tackle COVID-19 (lien direct) | This week, the UK government was given the green light to collect mobile data of British citizens to try and bring a halt to the spread of the coronavirus. While many may see this as a breach of privacy, the independent privacy watchdog, the Information Commissioners Office (ICO) have granted permission for this to go […] | |||
|
2020-04-07 09:41:41 | Zoom Bombers threatened with jail time (lien direct) | The FBI is cracking down on the practice of Zoom bombing, saying the hijacking of web conferences can be punishable by jail time. As reports of “Zoom bombing” explode, the FBI is cracking down on the issue with a new warning that web conference hijackers could face jail time. Authorities say that anyone who […] | ★★★ | ||
|
2020-04-07 09:39:59 | New Facebook tools help track social distancing (lien direct) | Facebook has launched a set of tools that use anonymised location data collected from users in a bid to help researchers better understand where the coronavirus outbreak could spread next and the effectiveness of social distancing measures. The new tools, collectively called Disease Prevention Maps, are three separate aggregated datasets that provide information on […] | ★★★★ | ||
|
2020-04-07 09:37:46 | New code integrity feature for Linux announced by Microsoft (lien direct) | Microsoft published this week details about a new project the company has been working for the Linux kernel. Named Integrity Policy Enforcement — or IPE — the project is a Linux security module (LSM). LSMs are optional add-ons for the Linux kernel that enable additional security features. According to a documentation page published on Monday, […] | ★★★ | ||
|
2020-04-06 14:10:53 | iCyber-Security Rebrands to Become BlockAPT (lien direct) | iCyber-Security has announced that it has undergone a major rebrand to reflect the platform's evolution to become one of the most advanced and intelligent cyber defence technologies available. Developed as a toolkit through years of identifying and solving businesses' security issues globally, BlockAPT brings together automated threat intelligence, vulnerability management, device management and proactive incident response management all under the BlockAPT platform to help fight the war against cyber attackers. Marco Essomba, Founder and CTO of BlockAPT confirms that, “The time for single […] | Vulnerability | ||
|
2020-04-06 10:17:05 | Citizen Lab pokes holes in Zoom encryption (lien direct) | Citizen Lab, a research group within the University of Toronto, has been able to drive a proverbial truck through the encryption used by video conferencing app Zoom. In a report where the group said the video platform was not suitable for sharing secrets nor government or business use, Citizen Lab found Zoom has been rolling […] | |||
|
2020-04-06 10:14:28 | 425 GB of financial companies\' data exposed (lien direct) | Researchers at vpnMentor have shared news about a recent data leak which exposed 425 GB in sensitive financial documents. The research team, led by Noam Rotem, uncovered an open database on an app developed by Advantage Capital Funding and Argus Capital Funding. The app, which is now no longer available for download, stored […] | |||
|
2020-04-06 10:13:32 | Data breaches as files sent to wrong address in Ireland (lien direct) | Birth certificates being sent to strangers and missing marriage certificates were among almost 400 data breaches reported at the Department of Social Protection last year. The 371 data breaches represent an increase of more than 60 percent compared with the previous year, when 226 incidents were logged, according to records obtained under freedom of […] | |||
|
2020-04-06 10:11:36 | More ransomware attacks against healthcare sector, warns Interpol (lien direct) | The Interpol has warned of a significant increase in the number of attempted ransomware attacks against hospitals and other healthcare institutions on the front lines of the fight against the Covid-19 pandemic. At this point, the ransomware appears to be spreading primarily via emails – often falsely claiming to contain information or advice regarding the […] | Ransomware | ||
|
2020-04-06 10:10:40 | VPN zero-day used by DarkHotel hackers (lien direct) | Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak. Chinese security-firm Qihoo 360, which detected the intrusions, said the hackers used a zero-day vulnerability in Sangfor SSL VPN servers, […] | Vulnerability | ||
|
2020-04-03 12:39:51 | Onapsis Launches the Onapsis nCase Partner Program (lien direct) | In today's interconnected world, companies need to prioritize their digital transformation more than ever. One way of doing this is to open channels of communication for potential partnerships with other tech providers. This thinking is what lead Onapsis to launch the Onapsis nCase Partner Program, structured on a four-pillar strategy developed by Onapsis' Darren Gaeta […] | Guideline | ||
|
2020-04-03 09:11:00 | Alert Logic Launches Virtual Forums to Drive Industry Consensus on MDR (lien direct) | As part of an initiative to drive a universal industry standard for managed detection and response (MDR), this week Alert Logic announced the availability of its MDR Manifesto and the launch of a seven-part webcast series. Despite the cybersecurity industry's current division on what constitutes MDR, Alert Logic aims to create a standard set of […] | |||
|
2020-04-03 09:00:23 | (Déjà vu) CSS trick used in Office 365 Phishing Attack (lien direct) | A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware. The phishing emails delivered by the operators behind this series of attacks use the old trick of reversing some of the text elements in the source […] | |||
|
2020-04-03 08:59:40 | Hospitals warned by Microsoft on ransomware attacks (lien direct) | Microsoft has started notifying hospitals vulnerable to known threats, the company announced in a blog post earlier this week. Hospitals and other healthcare institutions around the world are being pushed to their limits thanks to the coronavirus outbreak, and hackers are using it as an opportunity to compromise their networks, steal money and data, and […] | Ransomware | ||
|
2020-04-03 08:59:00 | 14 million users exposed by digital wallet app Key Ring (lien direct) | Led by Noam Rotem and Ran Locar, vpnMentor's research team of ethical hackers, recently discovered a data leak by the popular app Key Ring, that compromised the privacy and security of their 14 million users. Key Ring allows users to upload scans and photos of membership and loyalty cards onto a digital folder on […] | |||
|
2020-04-03 08:58:08 | LinkedIn Data-Mining Feature Removed by Zoom (lien direct) | The feature, criticized for “undisclosed data-mining,” is only the latest privacy faux pas for Zoom this month. Zoom has nixed a feature that came under fire for “undisclosed data mining” of users' names and email addresses, used to match them with their LinkedIn profiles. The feature, the LinkedIn Sales Navigator, is a LinkedIn service […] | |||
|
2020-04-03 08:57:04 | OGUsers hacked for second time this year (lien direct) | OGUsers, one of the most popular hacking forums on the internet, disclosed today a security breach, the second such incident in the past year. “It appears that someone was able to breach the server through a shell in avatar uploading in the forum software and get access to our current database dating April 2, 2020,” […] | |||
|
2020-04-02 08:55:53 | Jamf researcher discovers Zoom vulnerabilities (lien direct) | The zero-day Zoom flaws could give local, unprivileged attackers root privileges, and allow them to access victims' microphone and camera. Two zero-day flaws have been uncovered in Zoom's macOS client version, according to researchers. The web conferencing platform vulnerabilities could give local, unprivileged attackers root privileges, and allow them to access victims' microphone and camera. […] | |||
|
2020-04-02 08:55:01 | VelvetSweatshop Excel encryption spreads LimeRAT malware (lien direct) | A new campaign is spreading the LimeRAT Remote Access Trojan by harnessing an old encryption technique in Excel files. LimeRAT is a simple Trojan designed for Windows machines. The malware is able to install backdoors on infected machines and encrypt files in the same way as typical ransomware strains, add PCs to botnets, and […] | Ransomware Malware | ||
|
2020-04-02 08:53:42 | Holy Water watering hole attacks with malware (lien direct) | With many malicious websites, a user typically needs to click on a link to set off a chain of events that could then lead to a malware infection. But in some cases, all you have to do is visit a particular site to trigger a possible malware attack. That’s true with a series of […] | Malware Guideline | ★★★★ | |
|
2020-04-02 08:52:49 | COVID-19 malware wipes PC and rewrites MBR (lien direct) | With the coronavirus (COVID-19) pandemic raging all over the globe, some malware authors have developed malware that destroys infected systems, either by wiping files or rewriting a computer’s master boot record (MBR). With help from the infosec community, ZDNet has identified at least five malware strains, some distributed in the wild, while others appear […] | Malware | ★★ | |
|
2020-04-02 08:51:56 | WordPress Plugin Bug Locks Admins Out (lien direct) | A second vulnerability could be used to prevent access to almost all of a site's existing content, by simply redirecting visitors. A pair of security vulnerabilities in the WordPress search engine optimization (SEO) plugin, known as Rank Math, could allow remote cybercriminals to elevate privileges and install malicious redirects onto a target site, according to […] | Vulnerability | ||
|
2020-04-01 16:03:51 | Nominations Open for the European Cybersecurity Blogger Awards 2020 (lien direct) | Nominations opened today for the seventh annual European Cybersecurity Blogger Awards sponsored by Qualys and powered by Eskenzi PR. Anyone can elect to nominate their favourite cybersecurity bloggers, podcasters, Tweeters, Instagrammers and vloggers; with the winners being announced through a live virtual event on Tuesday 2nd June ay 6pm GMT. After an initial round of […] | |||
|
2020-04-01 13:57:01 | Securing Your Remote Workforce (lien direct) | As mentioned in previous articles, Securonix, has devoted an entire taskforce to outlining key threats that are appearing under the guise of COVID-19 themed domain names or emails. The threat research team has been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors such as: Ransomware using weaponized COVID-19/coronavirus-related documents disrupting critical healthcare and […] | Ransomware Threat | ||
|
2020-04-01 11:16:14 | A technical risk assessment of COVID-19 (lien direct) | There's a lot of information and misinformation out there surrounding COVID-19, aka the Coronavirus. It dawned on me that writing risks is literally one of the fundamental skills of an information / IT / Cyber security professional. So why not try to make sense of the whole pandemic by thinking of it like malware. […] | |||
|
2020-04-01 09:49:36 | 135 Million Records Leaked by Backup Company (lien direct) | A company claiming to provide “the world's most secure online backup” leaked metadata and customer information in over 135 million records after misconfiguring an online database, Infosecurity has learned. The team at vpnMentor discovered the privacy snafu as part of its ongoing web mapping project that has already uncovered major cloud data leaks at brands […] | |||
|
2020-04-01 09:48:47 | 5.2 Million Guests Affected by Second Marriot Breach (lien direct) | Hotel chain Marriott International announced today that it has suffered a second data breach. According to an incident notification published on their website, the company spotted unusual activity occurring in an app that guests use to access services during their stay. An investigation into the activity revealed that the login credentials of two Marriott employees […] | |||
|
2020-04-01 09:47:47 | 42M Users\' Data leaked by Unofficial Telegram App (lien direct) | While Telegram isn't giving up its ongoing legal battle with United States regulators to launch its TON blockchain project, some online perpetrators are taking advantage of the messenger's popularity to expose millions of user records of third-party versions of Telegram app. Per an investigation by cybersecurity firm Comparitech and security researcher Bob Diachenko, at least […] | |||
|
2020-04-01 09:46:17 | Zoom hit by lawsuit, shares fall (lien direct) | Shares in Zoom Video Communications dipped 3.8 per cent on Tuesday following a lawsuit by a user who claims the videoconferencing service illegally disclosed personal information. While Zoom shares have fallen so far this week, the stock has more than doubled from the $62 closing price on its first day of trading in April last […] | |||
|
2020-04-01 09:44:39 | Hackers Attack Health Providers and Demand Ransom (lien direct) | When hackers broke into computers at Hammersmith Medicines Research, a London-based company that carries out clinical trials for new medicines, it was a nightmare scenario for managing director Malcolm Boyce. The coronavirus crisis was just beginning to take hold in the U.K., and the company was in talks with other firms about potentially testing a […] | |||
|
2020-03-31 13:19:02 | DomainTools supports the open-source security community and its customers with new TheHive and Cortex integration capabilities (lien direct) | The success of open source and collaborative projects depends on the community that supports them. The development model is driven solely by a common goal, and has consistently been an invaluable resource for the IT and IT security industries. Guided by the common goal of making the internet a little more secure and to help […] | |||
|
2020-03-31 12:07:28 | DomainTools\' Iris Helps L3Harris Technologies Investigate Advanced Persistent Threats And Cyber Espionage Attampts (lien direct) | As one of the largest global defense companies, L3Harris provides mission-critical solutions to connect and protect the world, serving customers in more than 130 countries. Given the nature of the company's industry, L3Harris faces numerous facets of cybersecurity threats from advanced adversaries and nation states. The company's 24×7 computer security incident response team (CSIRT) analysts […] | |||
|
2020-03-31 10:55:14 | According to Gurucul: Two in Three Cybersecurity Professionals Access Documents Unrelated to their Role (lien direct) | According to a report released today by Gurucul, a leader in unified security and risk analytics technology for on-premises and the cloud, 65 per cent of nearly 300 international cybersecurity professionals surveyed at RSA Conference 2020 admit to having accessed company documents that have nothing to do with their job role. The survey was conducted to gauge how […] | Guideline | ||
|
2020-03-31 09:44:43 | Houseparty deny breach in the face of hacking rumours (lien direct) | RUMOURS that popular video-calling app Houseparty has been “hacked” are spreading like wildfire online – but its creators deny a breach. The chat app has quickly become a viral hit in recent weeks, but terrified users are now deleting the app over fears Houseparty has been compromised. As the world goes into lockdown due to […] | |||
|
2020-03-31 09:43:18 | “You Are Infected” message sent by hackers during Coronavirus pandemic (lien direct) | Security researchers at KnowBe4 have identified a new phishing scam that involves phishers luring Internet users to download malicious documents attached to fake emails that appear to have been sent by a hospital. The fake emails sent by the phishers informed recipients that they recently came into contact with an acquaintance who had COVID-19, […] | |||
|
2020-03-31 09:42:30 | Coronavirus scammers face crackdown (lien direct) | Downing Street is working with social-media companies to counter fake news and misinformation on coronavirus, as well as take down fraud and phishing campaigns looking to exploit the outbreak. The misinformation ‘rapid-response unit’ – based across the Department for Digital, Culture, Media and Sport (DCMS), Cabinet Office and Number 10 – looks to take down […] | |||
|
2020-03-31 09:40:00 | Dharma ransomware for sale (lien direct) | An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian hacker forums, adding a formidable new competitor to an already crowded underground market. And while cybercriminals have met the offer with some healthy skepticism, the bargain-basement selling price of $2,000 may be alluring enough for […] | Ransomware | ||
|
2020-03-31 09:39:04 | Drop in Nation-State Attacks According to Google Analysis (lien direct) | Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products. Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost 40,000 warnings – which, while a large number, is […] | Malware | ||
|
2020-03-30 10:08:30 | Increase in RDP and VPN use since COVID-19 (lien direct) | The use of remote access technologies like RDP (Remote Desktop Protocol) and VPN (Virtual Private Network) has skyrocketed 41% and 33%, respectively, since the onset of the coronavirus (COVID-19) outbreak. The move comes as a large number of companies have asked staff to work from home, which usually entails connecting to internal intranets via remote […] | |||
|
2020-03-30 10:03:15 | Georgia voter records published (lien direct) | Voter information for more than 4.9 million Georgians, including deceased citizens, has been published on a hacking forum over the weekend, on Saturday. Personal information such as full names, home addresses, dates of birth, ID numbers, and mobile phone numbers were shared online in a 1.04 GB MDB (Microsoft Access database) file. The leaked […] | |||
|
2020-03-30 10:02:27 | Fraudsters target Westpac customers (lien direct) | Scammers have sent out a text message claiming all Westpac accounts have been frozen unless customers click on a link and provide their account details. They tried using the coronavirus chaos to fool unsuspecting Australians with the SMS caps lock title: ‘Important message from Westpac’. ‘For the safety of our customers due to the recent […] | |||
|
2020-03-30 10:00:37 | Fraudulent coronavirus sites removed (lien direct) | More than 180 fraudulent coronavirus websites targeting vulnerable people have been taken down in the UK since the start of the outbreak. Nominet, the national domain name registry, said it had seen a surge in fraudsters spoofing government websites in an attempt to trick Britons into handing over their bank details and private data. […] | |||
|
2020-03-30 10:00:01 | Facebook data collection removed from Zoom iOS app (lien direct) | Video conferencing app Zoom is enjoying a huge spike in users as a result of the COVID-19 pandemic, as massive swathes of the world’s workforce work from home at the same time. You would likely expect that such a rise to popularity might bring some road-bumps along the way, though, and Zoom has announced that […] |
To see everything:
Our RSS (filtrered)
