What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-28 15:53:05 | Two critical vulnerabilities fixed in Mozilla Thunderbird. (lien direct) | The Mozilla Foundation yesterday issued a security update for its Thunderbird open-source email client, fixing two critical vulnerabilities involving its IonMonkey JavaScript JIT (just-in-time) compiler. The first of the two flaws, CVE-2019-9810, consists of incorrect alias information when using the Array.prototype.slice method, which could result in a missing bound check and buffer overflow. The second issue, CVE-2019-9813, […] | |||
|
2019-03-28 15:53:00 | (Déjà vu) New Ransomware UNNAM3D moves files into protected RAR archives. (lien direct) | A new ransomware called Unnam3d R@nsomware is being distributed via email that will move a victim’s files into password protected RAR archives. The ransomware then demands a $50 Amazon gift card code in order to get the archive password. Source: BleepingComputer | Ransomware | ||
|
2019-03-27 15:05:00 | AI advisory panel set up by Google. (lien direct) | Google has set up an advisory council to advise it on ethical issues surrounding artificial intelligence (AI), automation and other emerging technologies. The so-called Advanced Technology External Advisory Council (ATEAC) consists of eight members and includes technology experts and ‘digital ethicists’. Source: Computing | |||
|
2019-03-27 15:04:01 | (Déjà vu) Increased risk of unauthorised access of US Federal Reverse System. (lien direct) | Federal Reserve Bank (FRB) systems are exposed to an increased risk of unauthorized access because of security weaknesses found in the U.S. Treasury Department’s computing systems according to a management report issued by the U.S. Government Accountability Office (GAO). Source: Bleeping Computer | |||
|
2019-03-27 15:03:04 | Fix released for ASUS live update tool. (lien direct) | ASUS released today a new version of the Live Update tool that contains fixes for vulnerabilities that were exploited by a nation-state group to deploy the ShadowHammer backdoor on up to one million Windows PCs. Source: ZDNet | Tool | ||
|
2019-03-27 15:03:00 | New Controversial EU Copyright Law. (lien direct) | The European Parliament has backed controversial copyright laws critics say could change the nature of the net. The new rules include holding technology companies responsible for material posted without proper copyright permission. Many musicians and creators say the new rules will compensate artists fairly – but others say they will destroy user-generated content. Source: BBC | |||
|
2019-03-27 15:02:02 | (Déjà vu) Thousands of pages, groups and accounts disabled in Facebooks war on fake news. (lien direct) | Facebook has removed over 2,600 fake pages, groups, and accounts from the social network and Instagram which have been involved in “inauthentic” behaviour designed to stir up political tension worldwide. Source: ZD Net | |||
|
2019-03-26 20:15:05 | Threat Intelligence Group Completes Global Expansion. (lien direct) | Cyber security company Foregenix has expanded its Threat Intelligence Group (TIG) in the Asia-Pacific region with the establishment of a new base in Melbourne, Australia. The move will enable the Wiltshire headquartered firm, which has offices in Europe, Africa, SE Asia and North and South America as well as an established base in Sydney, to […] | Threat | ★★★ | |
|
2019-03-26 20:15:01 | Lack Of Skills Is Leading Cause Of The Information Security \'Talent Gap\', According To Latest Infosecurity Europe Poll. (lien direct) | A lack of skills is cited as the biggest challenge to recruiting cyber and information security talent by almost a third (30 per cent) of respondents to a social media poll conducted by Infosecurity Europe 2019 – Europe's number one information security event. This is followed by lack of recruitment budget (27 per cent) and […] | ★★★★ | ||
|
2019-03-26 20:14:04 | GlobalPlatform And The Trusted Platform Association Collaborate On Trusted IoT. (lien direct) | GlobalPlatform, the standard for secure digital services and devices, has signed a memorandum of understanding (MoU) with the Trusted Platform Association, an organization which brings together Russian cybersecurity companies to create a collaborative internet of things (IoT) ecosystem that meets diverse market needs with flexible security. The joint work initiative will focus on aligning GlobalPlatform's […] | ★★★ | ||
|
2019-03-26 20:14:01 | Netscout Releases 14th Annual Worldwide Infrastructure Security Report. (lien direct) | NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of service assurance, security, and business analytics, today released its 14th annual Worldwide Infrastructure Security Report (WISR), offering direct insights into a wide range of security and operational challenges facing service provider and enterprise network operators around the world, and the strategies adopted to address and mitigate […] | Guideline | ||
|
2019-03-26 20:13:04 | Digital Identity App Yoti Announces Partnership With Biometric Software Company FaceTec. (lien direct) | Yoti, the digital identity app with over 3.7 million downloads across the UK, US and India, announces a new partnership with FaceTec, the world leader in biometric face solutions. Yoti has introduced FaceTec's ZoOm 3D Authentication with TrueLiveness™ to its products for increased security. Initially, Yoti will integrate ZoOm into the online browser version of […] | Guideline | ||
|
2019-03-26 20:07:00 | (Déjà vu) Stegongraphy: Revival of Malware hiding in images. (lien direct) | Low-key but effective, steganography is an old-school trick of hiding code within a normal-looking image, where many cybersecurity pros may not think to look. A recent Fortinet report found that one of these threats in need of monitoring is the recent revival of the “old school” trick of steganography. Source: Threatpost | Malware | ★★★ | |
|
2019-03-26 20:06:02 | (Déjà vu) US Chemical firm hit by cyberattacks. (lien direct) | Operations at two major US-based chemical companies, Hexion and Momentive, were disrupted recently by a cyberattack reportedly involving LockerGoga, the ransomware that recently hit Norwegian aluminum giant Norsk Hydro. Source: TechBizWeb | Ransomware | ★★ | |
|
2019-03-26 20:04:05 | Over 50 security vulnerabilities patched in iOS 12.2. (lien direct) | Apple released today security updates for iOS, fixing 51 vulnerabilities in version 12.2 of the operating system. The list of patches covers a wide variety of bugs an adversary could potentially manipulate to obtain effects like denial-of-service, privilege escalation, and information disclosure to gaining root privileges, overwriting arbitrary files, or executing code of the attacker’s […] | ★★ | ||
|
2019-03-26 20:04:00 | Supply chain attack against ASUS live update. (lien direct) | For nearly half a year, computer maker ASUS was unwittingly pushing malware that gave hackers backdoor access to thousands of computers, according to Kaspersky Lab. Hackers managed to compromise one of the company’s servers used to provide software updates to ASUS machines. The attack, which has been given the name ShadowHammer was discovered late last year […] | Malware | ||
|
2019-03-25 14:18:03 | Family Locator, a family tracking app, leaked real-time location data. (lien direct) | A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. Source: Tech Crunch | ★★★ | ||
|
2019-03-25 14:17:05 | FEMA, US Disaster Relief organisation, exposes 2.3 million survivors\' personal details. (lien direct) | Disaster relief org FEMA has admitted, conveniently on a Friday night, to accidentally leaking banking details and other personal information of 2.3 million hurricane and wildfire survivors. Source: The Register | ★★ | ||
|
2019-03-25 14:15:03 | (Déjà vu) Security Researchers hack Telsa Car at Pwn2Own contest. (lien direct) | A team of security researchers has hacked a Tesla Model 3 car on the last day of the Pwn2Own 2019 hacking contest that was held this week in Vancouver, Canada. Team Fluoroacetate –made up of Amat Cama and Richard Zhu– hacked the Tesla car via its browser. They used a JIT bug in the browser renderer process […] | Hack | Tesla | |
|
2019-03-21 17:53:05 | $100 million BEC scammer pleads guilty. (lien direct) | Business email compromise (BEC) operation resulted in $100 million in losses to a multinational technology company and a social media firm, according to the US Attorney’s Office. Source: Dark Reading | ★★★ | ||
|
2019-03-21 17:53:02 | (Déjà vu) Two new Fin7 malware samples discovered. (lien direct) | Despite the 2018 crackdown on Fin7, the cybercrime group has been ramping up its efforts with two new malware samples and an attack panel. Source: Threatpost | Malware | ★★ | |
|
2019-03-21 17:52:03 | Your data on health apps is no longer safe, study shows. (lien direct) | A study tested two dozen medicine apps to find out how and where they’re sharing your personal data. Source: Motherboard | ★★ | ||
|
2019-03-21 17:51:01 | Russia takes aim at EU elections. (lien direct) | Russian hackers have targeted European government systems ahead of the EU parliament election, cybersecurity firm FireEye said Thursday. Source: CNBC | ★★★★★ | ||
|
2019-03-20 11:29:05 | Microsoft remains threat actors favourite. (lien direct) | It should come as no surprise that cybercriminals favored Microsoft Office vulnerabilities in their cyberattacks last year, given the rise in phishing attacks that included rigged Word and Excel Office file attachments. Source: ZDNet | Threat | ||
|
2019-03-20 11:29:00 | Leave campaign in hot water over spam texts. (lien direct) | The Information Commissioner’s Office (ICO) has fined Brexit Campaign group Vote Leave £40,000 ($53,000) for sending out nearly 200,000 unsolicited text messages. Source: BBC News | Spam | ★★★ | |
|
2019-03-20 11:28:01 | Government needs to do better at email security says NCSC. (lien direct) | Email security in UK government organisations is lagging far behind that of central government, analysis reveals, with less than a third implementing standard protection Source: Computer Weekly | ★★ | ||
|
2019-03-20 11:27:01 | (Déjà vu) Google aiding tech support scams via fake eBay Ads. (lien direct) | A fake advertisement in the Google search results has been running for the past week that looked just like a legitimate ad for eBay. When you clicked on it, though, instead of being brought to the auction site you would be shown an incredibly annoying tech support scam that would try to lock up your […] | ★★ | ||
|
2019-03-20 11:26:01 | DDoS falls out of fashion. (lien direct) | The average distributed denial-of-service (DDoS) attack size shrunk 85% in the fourth quarter of 2018 following an FBI takedown of “booter,” or DDoS-for-hire, websites, in December 2018, researchers report. Source: Dark Reading | ★★★★★ | ||
|
2019-03-19 22:58:04 | 99% Of SMEs Do Not Have Sufficient Skills To Prevent Cyberattacks. (lien direct) | An alarming cybersecurity skills shortage has been exposed with just one in five companies revealed to have sufficient in-house capability to protect critical assets from attack, a study has found. 96% of those hit by a data breach in the last year report that inadequate security testing was at least somewhat responsible for the issue. […] | Data Breach | ||
|
2019-03-19 22:53:03 | (Déjà vu) Proofpoint Research Reveals 65% Increase In Cloud Application Attacks In Q1 2019; 40% Of Attacks Originating From Nigeria. (lien direct) | Proofpoint, Inc., a leading cybersecurity and compliance company, today released its Cloud Application Attack Snapshot: Q1 2019 research, which examined over one hundred thousand cloud application attacks aimed at global organizations between September 2018 and February 2019. Overall, targeting attempts increased by 65 percent during that time period with 40 percent originating in Nigeria. China […] | Guideline | ||
|
2019-03-19 22:51:05 | Neustar Named A Leader In IDC MarketScape Worldwide DDoS Prevention Report. (lien direct) | Neustar®, Inc., a trusted, neutral provider of real-time information services, announced today that it has been named a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2018- 2019 Vendor Assessment (DOC # US43699318 March 2019). In the published excerpt, Neustar's advanced features, functionality, detection and mitigation techniques were all cited as strengths within the […] | Guideline | ||
|
2019-03-19 22:50:02 | (Déjà vu) The Biometric Smart Card: Connecting The Digitally Excluded. (lien direct) | By Stan Swearingen, CEO of IDEX Biometrics Digital inclusion is the ability of individuals to access and use information and communication technologies (ICT). Even in today's hyper-connected and technologically advanced world, there are still those who struggle to access basic IT and are being excluded as a result. In fact, according to recent research, 11.5m […] | |||
|
2019-03-19 22:48:01 | Over Half Of European Organisations Have Suffered Consequences Caused By At Least One Cyberattack In The Last Two Years. (lien direct) | With the complexity of IT business infrastructure on the rise and the continuously evolving threat landscape, IT decision makers find it increasingly challenging to safeguard their organisations from cyberattacks – more than half of European businesses (54%) have faced at least one cyberattack in the last 24 months which resulted in some sort of disruption […] | Threat | ||
|
2019-03-15 12:04:04 | Cyberfort Group Acquires Defensive Cyber Specialist Auriga Consulting. (lien direct) | The Cyberfort Group has strengthened its end-to-end data security proposition with the acquisition of Auriga Consulting for an undisclosed sum. As a centre of excellence in cyber security, assurance and monitoring services, Auriga offers bespoke solutions in risk and compliance management, cyber design and implementation and cyber monitoring and intelligence. With a track record of […] | |||
|
2019-03-15 12:04:01 | New Kaspersky Endpoint Security For Business Provides Security Teams With Greater Control And Automatic Anomaly Detection. (lien direct) | Kaspersky Lab has unveiled the next generation of its endpoint protection with new Kaspersky Endpoint Security for Business. The product features Adaptive Anomaly Control, which intelligently perceives and blocks anomalous applications and user behavior, and offers improved protection from miners and network threats. Kaspersky Endpoint Security for Business now also provides users with a web-based […] | |||
|
2019-03-15 12:03:04 | Media Alert: Proofpoint Research Reveals 65% Increase In Cloud Application Attacks In Q1 2019; 40% Of Attacks Originating From Nigeria. (lien direct) | Proofpoint, Inc., a leading cybersecurity and compliance company, today released its Cloud Application Attack Snapshot: Q1 2019 research, which examined over one hundred thousand cloud application attacks aimed at global organizations between September 2018 and February 2019. Overall, targeting attempts increased by 65 percent during that time period with 40 percent originating in Nigeria. China […] | Guideline | ||
|
2019-03-15 11:20:00 | Collaborative Work Management Platform Wrike Bolsters Security Offering. (lien direct) | Collaborative work management (CWM) platform Wrike has announced seven new security features, including encryption key management, customized access management and cloud access security broker (CASB) integration support. The company has also earned the ISO/IEC 27001:2013 certification from the British Standards Institution, which ensures that Wrike has an end-to-end security framework and a risk-based approach to […] | |||
|
2019-03-15 11:12:05 | Database of around 33 million job profiles in China is accessible online. (lien direct) | A large database with approximately 33 million profiles for people seeking jobs in China has been fully accessible and unprotected online. This information included sensitive information that could have been used for scammers and identity theft. The database was discovered by Sanyam Jain, a security researcher and member of GDI.Foundation, who found the database using the Shodan […] | |||
|
2019-03-15 11:12:01 | (Déjà vu) Majority of businesses exploring AI and machine learning. (lien direct) | The use of more artificial intelligence to improve security has been touted for a while. New research from Webroot reveals that a majority of business are now actively exploring the technology. It finds 71 percent of businesses surveyed in the United States plan to use more artificial intelligence and machine learning in their cybersecurity tools this year. […] | |||
|
2019-03-15 11:11:03 | Iranian hackers hit personal phone of Benny Gantz. (lien direct) | Iranian hackers in recent months broke into the personal phone of Benny Gantz, a leading candidate in next month's elections, and obtained its entire contents, according to a report Thursday. Two senior Shin Bet security service officials approached the Blue and White party chairman last month to inform him that his cellular phone had been […] | Guideline | ||
|
2019-03-15 11:10:01 | New malware affects e-commerce sites to steal payment data. (lien direct) | The rash of e-commerce sites infected with card-skimming malware is showing no signs of abating. Researchers on Thursday revealed that seven sites-each with more than 500,000 collective visitors per month-have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as soon as visitors make […] | Malware | ||
|
2019-03-15 11:08:04 | Chinese online shopping giant exposes millions of user profiles and shopping orders. (lien direct) | Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders and payment records. The server wasn't protected with a password, allowing anyone to search the data. Gearbest ranks as […] | |||
|
2019-03-15 10:59:05 | Ransomware attack causes students to lose GCSE coursework. (lien direct) | Hackers have used ransomware to encrypt files at a school, causing it to lose some students’ GCSE coursework. The Sir John Colfox Academy in Bridport, Dorset, said a member of staff mistakenly opened an email containing a virus. The email claimed to be from a colleague at another Dorset school and infected the computer network. […] | Ransomware | ||
|
2019-03-14 11:04:03 | Over 6,000 patients in Massachusetts notified of data breach. (lien direct) | Concord, Mass.-based Emerson Hospital sent letters to 6,314 patients alerting them of a May2018 cybersecurity attack that may have affected their information, according to the HIPAA Journal. The security incident, which happened between May 9-17, was the result of a former MiraMed Global Services, a company that helps hospitals collect payments, who sent patient files to […] | |||
|
2019-03-14 11:01:02 | Outdoor retailer Kathmandu hit by data breach. (lien direct) | Kathmandu, an outdoor wear and equipment retailer, revealed that it suffered a data breach that disclosed its customers' credit card and personal information. The New Zealand-based company stated that unknown intruders allegedly gained access to its online trading website for over a month between January 8, 2019, and February 12, 2019. Kathmandu stated the hackers […] | Data Breach | ||
|
2019-03-14 11:01:01 | Australian man arrested after selling account details for Netflix, Hulu and Spotify. (lien direct) | A Sydney man has been arrested after allegedly selling hundreds of thousands of compromised account details for subscription streaming services, including for Netflix, Hulu and music streaming service Spotify – raking in about $212,000 ($300,000 AUD) in profit in the process. The Australian Federal Police (AFP) were tipped off to the 21-year-old malefactor's alleged activities […] | |||
|
2019-03-14 10:57:04 | Facebook says its outage was not caused by DDoS attack. (lien direct) | A slew of Facebook-owned sites are experiencing a worldwide outage, leaving thousands of users unable to connect to social media for several hours. Facebook, Messenger, and Instagram have all been having issues since around noon (ET), in some cases resulting in a 'total blackout.' The three apps crashed primarily in major urban areas across the United States and […] | |||
|
2019-03-13 12:06:01 | March edition of Microsoft Patch Tuesday lists fixes for 64 vulnerabilities. (lien direct) | The March edition of Patch Tuesday includes fixes for 64 CVE-listed vulnerabilities, while Adobe addressed a pair of bugs in Photoshop and Digital Editions. Even SAP has got in on the game. DHCP flaws headline Patch Tuesday priorities. Of the 64 bugs squashed in Redmond’s March update, researchers are pointing to five particular bugs as […] | |||
|
2019-03-13 12:05:00 | New variant of Ursnif banking Trojan discovered by Cybereason. (lien direct) | A new variant of an infamous banking Trojan malware with a history going back over ten years has emerged with new tactics to ensure it’s harder to detect. The malware aims to hunt out financial information, usernames, passwords and other sensitive data. The Ursnif banking Trojan is one of the most popular forms of information-stealing malwaretargeting […] | Malware | ||
|
2019-03-13 12:04:00 | Phishing scams impact students of Central Michigan University. (lien direct) | Many students of the Central Michigan University were hacked after they opened emails having the bright blue button which says “click here to read message”, and then inevitably clicks them. The emails look like being sent by somebody already known to the student, as the subject line was already exchanged previously with that person. “One […] |
To see everything:
Our RSS (filtrered)
