What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-01 12:33:01 | (Déjà vu) Basecamp Diverts Credential Stuffing Attack. (lien direct) | Basecamp successfully blocked an hour-long credential stuffing attack targeting its platform on January 29, with only around 100 out of the company’s advertised user base of approximately 3 million accounts being affected. CTO David Heinemeier Hansson announced in a blog post on the company’s website that the attack was detected at 12:45 PM central when […] | |||
|
2019-02-01 12:32:04 | Kwik-FIT Delays Customer Repairs Due to Malware Attack. (lien direct) | Car servicing chain Kwik-Fit has suffered a malware attack that has caused delays in customers’ car repairs.The company initially would only confess to El Reg that it had been infected by an unspecified “virus” in its “IT network” over the weekend, and the BBC later reported “malware” was to blame. From the scant facts publicly […] | Malware | ||
|
2019-02-01 12:31:04 | 23,000 Phishing Attempts Reported Annually Cost $4.3 to Investigate. (lien direct) | Brand impersonation remains the most common attack vector, used in 50 percent of advanced email attacks in the fourth quarter of 2018-with Microsoft impersonated in 70 percent of these instances. For executive targets, one-third (33 percent) of advanced email attacks use display name deception that impersonates an individual-a common tactic for business email compromise (BEC) […] | |||
|
2019-02-01 12:30:05 | Orange Acquires UK\'s SecureData to Establish Its Position in the Cybersecurity Landscape. (lien direct) | French telecommunications multinational Orange has bought the UK's independent cybersecurity provider, Maidstone-headquartered SecureData, from its private equity and management team owners for an undisclosed sum. The deal includes its penetration testing and consulting arm, SensePost. The acquisition, announced this morning, was described by Orange, which has revenues of circa €41 billion annually and over 261 […] | |||
|
2019-02-01 12:30:01 | 2.2Bn Records Available Online: Collection #2-5 is Three Times Larger Than Collection #1. (lien direct) | Researcher Troy Hunt had brought attention to the largest data dump containing 12,000 files, 773m unique email addresses and 22m unique passwords. He called the database available online Collection #1. It has now been discovered that Collection #2-5 is also available online for the mere price of $45, and contains 2.2bn emails, usernames and passwords, […] | |||
|
2019-02-01 12:29:02 | Security Standards Raised to Protect Customers from Credit Card Theft. (lien direct) | The Payment Card Security Standards Council (PCI SSC) has published earlier this month an overhaul of its software security standards – the first one in more than a decade. The changes are aimed at reducing the rampant trend of credit card theft, which had dramatically increased as the “ecosystem” of credit data has become more […] | |||
|
2019-02-01 12:28:03 | Twitter Removes Thousands of Fake News Accounts Based in Russia, Iran and Venezuela. (lien direct) | Twitter revealed Thursday that it had removed thousands of malicious accounts thought to have originated in Iran, Russia and Venezuela for spreading disinformation online, including previously undisclosed efforts to target the 2018 U.S. midterm election. Twitter said that the takedowns illustrate its progress two years after Russia's 2016 disinformation campaign reached hundreds of millions of […] | |||
|
2019-01-31 10:58:02 | IP EXPO Manchester Returns For 2019 With A Look At The Dark Side Of Technology. (lien direct) | Imago Techmedia today announces the launch of IP EXPO Manchester 2019, co- located at Digital Transformation EXPO. The event will showcase industry leaders and those at the forefront of technology, to encourage debate and inform attendees on the critical technological issues affecting modern business. Returning to Manchester Central on 3-4th April, this year's event will […] | Guideline | ||
|
2019-01-31 10:31:03 | Yahoo\'s Settlement Proposal on Data Breach Case Rejected by Court. (lien direct) | Yahoo's proposed a $50 million pay-out, plus two years of free credit monitoring for about 200 million people in the United States and Israel was rebuffed by U.S. District Judge Lucy Koh, who said she couldn't declare the settlement “fundamentally fair, adequate and reasonable” because it did not say how much victims could expect to […] | Data Breach | Yahoo | |
|
2019-01-31 10:30:05 | Clumsy YouTube Scammers Lack OpsSec Skills. (lien direct) | YouTube survey scams have gained popularity, but the criminals behind it seem to be more versed in social engineering than in operational security. The pattern of the scam is similar to campaigns observed on Facebook, where victims are lured into clicking on a link – usually with the promise of a substantial prize – that […] | |||
|
2019-01-31 10:30:00 | Firefox Increases Users\' Data Privacy. (lien direct) | Forefox 65, the last update to Mozzilla's browser, features easier controls for users to control who is tracking them online. The new version of the privacy conscious browser allows users to use the Content Blocking service to remove trackers both in standard and private mode.“In the future, this setting will also block third party tracking […] | |||
|
2019-01-31 10:29:01 | (Déjà vu) FBI Maps and Further Disrupts North Korean Jonap Botnet. (lien direct) | The United States Department of Justice (DoJ) announced its effort to “map and further disrupt” a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade.Dubbed Joanap, the botnet is believed to be part of “Hidden Cobra”-an Advanced Persistent Threat (APT) actors’ group often known as […] | Threat Medical | APT 38 | |
|
2019-01-31 10:27:05 | South Korean Delivery Apps Accidentally Leaks 26m Documents. (lien direct) | The Korean Android Apps Zcall Delivery Agent and Zcall Delivery Account Manager, which are used to schedule and report package pickups and deliveries, have accidentally leaked personal information about their users. The leaked data includes not only names, addresses, phone numbers, and delivery times, but also plaintext passwords for shop and staff logins, as well as […] | |||
|
2019-01-31 10:26:05 | Android Camera Application Collects Selfies and Pushes Fraudulent Ads. (lien direct) | Dozens of Android camera applications, some of them with over 1 million installs on the Google Play Store, were serving malicious ads and fake update prompts.After installation, the apps would automatically hide from the application list to make sure the victim would not be able to remove them and start displaying adult content and fraudulent […] | |||
|
2019-01-31 10:26:00 | High Level” Cybercrime Gang Arrested in Birmingham. (lien direct) | A group of five individuals, aged between 29 and 53, has been arrested by the Met Police's Cyber Crime Unit (MPCCU) in relation to a range of offences, including conspiracy to defraud and money laundering.Their criminal network involved in the deployment of malware and associated fraudulent methods targeting businesses and organisations across the UK. Officers […] | Malware | ||
|
2019-01-31 10:25:00 | Love Letter Malspam Revived: Tens of Thousands of Malicious Emails Delivered in Japan. (lien direct) | The “Love Letter” malspam campaign has reappeared – this time in Japan – where tens of thousands of malicious emails were delivered. The content of the emails seemed specifically tailored to entice Japanese victims.According to ESET’s Juraj Jánošík, the emails bundled attachments containing zipped JavaScript (.js) files. This led to the JavaScript-fueled campaign becoming the […] | |||
|
2019-01-30 11:20:03 | UK taxman told to delete voice IDs by public. (lien direct) | In June 2018, a British privacy campaign group called Big Brother Watch accused the country's tax authority of amassing the voiceprints of millions of people without asking for their explicit consent. Source: We Live Security by ESET | |||
|
2019-01-30 11:19:02 | HIV positive Singaporeans exposed in data breach. (lien direct) | Health records in Singapore have been finding their way out of their “secure” storage and into the public domain of late. First, it was 1.5 million records from the Ministry of Health in July 2018, and now we learn that the city-country's database of HIV-positive individuals (5,400 Singaporeans, 8,800 foreigners and 2,400 individuals identified through […] | |||
|
2019-01-30 11:18:03 | Netflix once again in the phishing firing line. (lien direct) | The campaign has been targeting Netflix users across Australia, with users reporting having been sent an email from an address posing as the legitimate support team for the streaming service, with styling and a logo that matches a typical Netflix communication. Source: Tech Radar | |||
|
2019-01-30 11:17:04 | Ransomware could leading to crippling of global business, says Cambridge study. (lien direct) | According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers. Source: Bleeping Computer | Ransomware Guideline | ||
|
2019-01-30 11:16:05 | Facebook in fresh data mining controversy. (lien direct) | Facebook is halting a scheme that gathered highly personal data from paid volunteers, after it was exposed. TechCrunch said participants – including those aged 13-17 – had been paid up to $20 (£15.30) a month to open up their phones to deep analysis. The news site said the app involved appeared to breach Apple’s privacy protection […] | |||
|
2019-01-29 15:18:04 | Mimecast Expands Data Migration Services With Acquisition Of Simply Migrate. (lien direct) | Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced it has acquired Simply Migrate Ltd., an innovative provider of archive data migration technology. With this acquisition, Mimecast expands its migration services with a rich portfolio of connectors, combined with a deeper experience in helping organizations get out of the business of […] | Guideline | ||
|
2019-01-29 15:17:01 | Trend Micro Finds One Third Of Cybersecurity Staff Feel Isolated From The Business. (lien direct) | Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today revealed that IT executives responsible for cybersecurity feel a lack of support from company leaders, and 33 percent feel completely isolated in their role. IT teams are under significant pressure, with some of the challenges cited including prioritising emerging threats (47 […] | Guideline | ||
|
2019-01-29 13:39:04 | Video sharing platform plagued by credential stuffing. (lien direct) | Dailymotion, the video-sharing platform, said Friday that it had fallen victim to a “large-scale” and ongoing credential-stuffing assault by attackers looking to harvest user data. The French YouTube competitor said in an alert that it has “successfully contained [the attacks] following the implementation of measures to limit its scope, even though perpetrators are continuing to mount efforts […] | ★★★★★ | ||
|
2019-01-29 13:31:01 | DDoS-for-service customers come under fire from global law enforcement. (lien direct) | Europol has detailed how law enforcers across the globe are tracking down customers of notorious DDoS-as-a-service site webstresser.org. The site was taken down in April 2018 as part of Operation Power OFF, but that gave police a trove of information on its 151,000 registered users. It's claimed the marketplace helped customers launch over four million attacks […] | |||
|
2019-01-29 13:30:02 | Japan engages in huge Internet of Things audit. (lien direct) | Japan is preparing a national sweep of some 200 million network-connected gadgets for cybersecurity lapses ahead of the 2020 Tokyo Olympic Games, an official said on Tuesday. The government-backed National Institute of Information and Communications Technology will start the survey from February to check potential vulnerabilities in items such as routers, webcams and Web-connected home […] | |||
|
2019-01-29 13:28:05 | Facetime allows for snooping even when you haven\'t answered the call. (lien direct) | A serious Apple iOS bug has been discovered that allows FaceTime users to access the microphone and front facing camera of who they are calling even if the person does not answer the call. To use this bug, a caller would FaceTime another person who has an iOS device and before the recipient answers, add themselves as […] | |||
|
2019-01-28 09:35:01 | Data Protection Day – New Year, Same Passwords? (lien direct) | By Sandor Palfy, Chief Technology Officer of Identity and Access Management at LogMeIn The number of data breaches we saw in 2018 – let alone those we saw in the last couple of weeks – certainly brings a somber mood to this year's Data Protection Day. Big names, including the likes of British Airways, Cathay […] | |||
|
2019-01-28 09:27:04 | Vulnerabilities in IoT applications make attacks more likely. (lien direct) | A study by researchers at Barracuda Networks gas illustrated the growing threat posed by IoT credential compromise. Vulnerabilities can be exploited to steal user credentials and compromise devices. The Barracuda research team identified multiple vulnerabilities in camera's web and mobile applications. The research team recommended that IoT products are scored based on their security level. […] | Threat | ||
|
2019-01-28 09:25:05 | (Déjà vu) Data breach notification law amended in Massachusetts. (lien direct) | The Massachusetts data breach notification law has been amended. The amendments include providing victims who fall victim to a data breach a free credit freeze and 18 months of free credit monitoring. Furthermore, companies can no longer delay notifying authorities and victims of a breach on the basis that they do not know the number […] | Data Breach | ||
|
2019-01-28 09:24:01 | Google to appeal €50m GDPR fine. (lien direct) | Google is set to appeal the €50m GDPR fine given to them by the French Data Protection agency. Google have stated that they have created a transparent and straightforward GDPR consent process. The company expressed concern on the impact the ruling would have on publishers, tech companies and original content creators. Source: The Register | |||
|
2019-01-28 09:21:04 | (Déjà vu) New \'White Screen of Death\' protection feature in WordPress raises concerns. (lien direct) | WordPress is introducing WSOD (White-screen-of-death) Protection, the equivalent of a WordPress Safe Mode. The feature will allow WordPress to recognise when a fatal PHP error occurs and can identify what and where the error originated from. The feature has raised concern among researchers who warn that the new feature could be used to disable security […] | |||
|
2019-01-28 09:17:04 | State Of Utah Projected To Save Millions Of Dollars With Forescout\'s Integrated ServiceNow Solution. (lien direct) | Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, today announced it has created an integrated solution with ServiceNow (NYSE: NOW) to deliver an asset intelligence solution for customers, such as the State of Utah. To protect approximately 60,000 network-connected devices across state agencies that serve 3.1 million inhabitants, the State of […] | Guideline | ||
|
2019-01-24 20:43:04 | Mac Users targeted by Malware in Ad-Based images. (lien direct) | 191, 970 bad ads and an estimated 1 million users have been impacted by a Malware in Ad-based images, researchers have discovered. A massive adware campaign that hides malware in image files using steganography techniques has impacted up to a million Mac users. When a user clicks on an infected image, the malicious ad infects […] | Malware | ||
|
2019-01-24 20:42:05 | Bitcoin mining rigs in China being locked up by new ransomware. (lien direct) | Named hAnt, this ransomware strain was first identified in August 2018, but new infections have been reported this month. The ransomware targets Bitcoin mining rigs with most infections located in China. hAnt infects a mining rig, locking up the device and requesting that 10 Bitcoin ($36,000) ransom is paid or the victim must infect at […] | Ransomware | ||
|
2019-01-24 20:41:05 | Anatova Ransomware poses as game and software to tricks users into downloading. (lien direct) | Anatova ransomware emerged on 1st January 2019 and was discovered by security researchers at McAfee. The software is infecting users around the world by posing as an application or game. Users are tricked into downloading and launching these malicious files onto their computer. The largest number of victims are in the US but the ransomware […] | Ransomware | ||
|
2019-01-24 20:40:05 | Millions of Bank loans and mortgage documents have been leaked online. (lien direct) | 24 million financial and banking documents have been found on an unprotected server, running an Elasticsearch database. The server had decade's worth of data, including highly sensitive financial data, social security numbers, names, loan and mortgage agreements, and repayment schedules. The leak was traced to Ascension, a data analytics company, that converts paper documents into […] | |||
|
2019-01-24 20:33:03 | Ransomware attacks on cloud infrastructure exposed. (lien direct) | Threat Researchers at Securonix have reported a rise in attacks that target vulnerabilities in Hadoop components, such as Hadoop YARN, Redis and ActiveMQ. The researchers warned of an increase in the number of multi-vector and multi-platform automated attacks against cloud infrastructure over the past few months. These attacks frequently include crypto mining, ransomware and botnet […] | Ransomware | ||
|
2019-01-24 15:03:00 | Threat Spotlight: IoT Application Vulnerabilities Leave IOT Devices Open To Attack. (lien direct) | IoT devices were popular gifts again this holiday season. An acronym for Internet of Things, IoT is more than a buzzword. The trend represents a huge shift in how products are made and used, as network connectivity is added to products that were not previously intended to have this functionality. So, your refrigerator that sends […] | Threat | ||
|
2019-01-24 14:59:00 | CrowdStrike Recognized As The Highest-Ranking Vendor In The January 2019 Gartner Peer Insights Customers\' Choice For Endpoint Detection And Response Solutions. (lien direct) | CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that as of January 21, 2019, it has an overall rating of 4.8 out of 5 stars – the highest overall score of all vendors named to the January 2019 Gartner Peer Insights Customers' Choice for Endpoint Detection and Response Solutions. This distinction is based […] | Guideline | ||
|
2019-01-24 14:56:03 | Something In Common: Two Notorious Russian Speaking Hacking Groups Found Sharing Infrastructure With Each Other. (lien direct) | Kaspersky Lab experts have identified an overlap in cyberattacks between two infamous threat actors, GreyEnergy – which is believed to be a successor of BlackEnergy – and the Sofacy cyberespionage group. Both actors used the same servers at the same time, with, however, a different purpose. BlackEnergy and Sofacy hacking groups are considered to be […] | Threat | ||
|
2019-01-24 11:31:04 | Internet Service Providers targeted by new DDoS attack tactics. (lien direct) | New stealthy tactics have allowed DDoS attacks to past detection mechanisms, with attacks against Internet services providers increasing in the 3rd quarter of 2018, new research by Nexusguard has revealed. DDoS attackers are spreading attack traffic across many IP prefixes in attempts to overwhelm targeted sites and ISPs. The attack traffic within each IP is […] | |||
|
2019-01-24 11:30:00 | 100,000 Malware distribution websites taken down. (lien direct) | 265 researchers from around the world have taken down 100,000 Malware distribution websites as part of a campaign known as URLhaus, a project started by abuse.ch, a non-profit cybersecurity organisation in Switzerland. The project started in March and has a recorded daily average 300 submissions. However, web hosting providers are still slow to respond to […] | Malware | ||
|
2019-01-24 11:29:01 | Over 50% of PC applications installed worldwide are not up to date. (lien direct) | Avast, a digital security company, has discovered that 55% of PC applications are out of date, a 7% rise since 2017. If applications are not updated, then users can be targeted by hackers and malicious software because security updates which fix exploits and vulnerabilities will not have been installed. PC users are recommended to regularly […] | |||
|
2019-01-24 11:27:03 | US consumers want more to be done to protect their data. (lien direct) | A survey carried out by SAS, a software analytics company, has revealed that two thirds of US consumers want the government to do more to protect their data privacy. 73% of respondents said they are more concerned about their data privacy now then they were a few years ago. 83% of people who thought the […] | |||
|
2019-01-24 11:24:00 | DHS urges Govt departments to lock down their domain name settings. (lien direct) | Amid domain hijackings, the DHS has issued a directive urging US government departments to lock down their domain name settings for official web addresses. The directive was issued after Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) were alerted to hackers successfully tampering with the Domain Name System (DNS) infrastructure. Government employees have been urged […] | |||
|
2019-01-22 15:11:05 | Why Executive-Protection Teams Need Finished Intelligence. (lien direct) | By Glenn Lemons, Senior Director of Customer Success, Flashpoint For executive protection teams tasked with safeguarding business leaders in an increasingly complex threat landscape, having rapid access to relevant information is essential. But as more threat actors shift operations online-and often to illicit, exclusive communities and platforms-many of the insights most useful to executive protection […] | Threat Guideline | ||
|
2019-01-22 15:11:05 | HGH Infrared Systems\' Unprecedented Showcase Of SPYNEL Thermal Imager At Africa\'s Biggest Security And Defence Exhibition. (lien direct) | Intersec Dubai, 20 – 22 January 2019, Dubai International Convention & Exhibition Centre, Hall S1, Booth K34. MOBOTIX is exhibiting for the 12th time at intersec Dubai 2019. They are showcasing their solutions to this worldwide event which has shown a continuous growing and evolving trend over the past years. Along with the latest product […] | |||
|
2019-01-22 15:11:05 | Wiltshire Payments Security Specialist Selected Again For Top Industry Body In Brazil. (lien direct) | A leading UK payments and cyber security company has been selected for the second year running by the PCI Security Standards Council (PCI SSC) to shape the payments industry in Brazil. Wiltshire based Foregenix, which opened its São Paulo office in early 2018, is one of 20 companies to be selected by the PCI SSC […] | Guideline | ||
|
2019-01-22 15:11:05 | Getting Your IT Security Budget Right. (lien direct) | By Alastair Hartrup, Global CEO of Network Critical Every year for many technology organisations, seeing headlines on a daily basis with reports of data breaches and cyberattacks from all corners of the globe is highlighting the need to ensure they are protected. Board rooms and executive management are more aware of the need for effective […] |
To see everything:
Our RSS (filtrered)
