What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-05-03 12:29:03 | Authentication is imperfect, but passwords are not going away (lien direct) | As a hacker, I found vulnerabilities like easy-to-guess passwords made my work much easier. If that attack vector didn’t pan out, I could usually get around the authentication flow, or gain basic privileges and escalate them for admin access. We must accept that these vulnerabilities – imperfect authentication and passwords – are not going away ... | |||
|
2018-05-03 12:26:03 | The Software Economy\'s unquenchable thirst for data (lien direct) | We live in a world where software is everywhere. It underlies almost every aspect of our personal and professional lives. Cloud connectivity, omnipresent networks and connected devices have transformed how we do mundane tasks. What used to take weeks and days, now takes minutes and seconds. As the pace of change has accelerated, it's placed ... | |||
|
2018-05-03 12:15:04 | How to Pursue a Career in Ethical Hacking (lien direct) | Ethical hacking is a new way of looking at hacking which is used to finding weak spots in the program or system for the purpose of testing and fixing those weak points. It is normally performed by skilled developers or by a system knowledgeable person. Few people think that ethical hacking is illegal. Over the ... | |||
|
2018-05-01 11:53:00 | UNICEF setup new initiative with cryptocurrency helping children in Bangladesh (lien direct) | UNICEF Australia wants you to fund its charitable missions using your computer's processing power. The UN program that provides humanitarian and developmental assistance to children and mothers in developing nations has now launched The Hope Page, which allows the users to donate to its cause by mining cryptocurrency. View Full Story ORIGINAL SOURCE: The Next Web | |||
|
2018-05-01 11:51:00 | City of London Police taking proactive step to counter cyber threat (lien direct) | The City of London Police is launching a drive to make the Square Mile more resilient to cyber attacks, as the financial services sector sharpens its focus on defending against online criminals. View Full Story ORIGINAL SOURCE: FN London | |||
|
2018-05-01 11:48:02 | New malware checks your system temperature to bypass sandboxing (lien direct) | GravityRAT is a Trojan which checks the temperature of a system to detect the presence of virtual machines (VMs) and prevent efforts at analysis by researchers. By taking thermal readings, the Remote Access Trojan (RAT), which has become a recent menace in India, attempts to find out whether or not VMs are being employed for ... | |||
|
2018-05-01 11:45:04 | (Déjà vu) Certain German Car Manufacturers Vulnerable to Remote Hacking (lien direct) | A Dutch cyber-security firm has discovered that in-vehicle infotainment (IVI) systems deployed with some car models from the Volkswagen Group are vulnerable to remote hacking. Daan Keuper and Thijs Alkemade, security researchers with Computest, said they successfully tested their findings and exploit chains on Volkswagen Golf GTE and Audi A3 Sportback e-tron models (Audi is ... | |||
|
2018-05-01 11:43:04 | Bitcoin hijackers found at least one sucker for scam Chrome extension (lien direct) | Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Trend Micro researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. View Full Story ORIGINAL SOURCE: The Register | |||
|
2018-05-01 11:39:03 | From underdog to influencer: the dramatic transformation of the IT team (lien direct) | IT has emerged as a business enabler in the UK; recent research from ManageEngine reveals that UK companies are excelling at aligning their overall business with IT. While business professionals working outside of the IT department are reportedly exhibiting strong IT knowledge, IT managers are also showing a greater understanding of their business as a ... | |||
|
2018-04-30 12:39:00 | The Evolving Role of the CISO: Handling a Crisis When You Aren\'t Under Attack (lien direct) | By Anthony Perridge, International Vice President, ThreatQuotient Traditionally, the mission of the CISO has been to convince the CEO of the capabilities the organisation must put in place to prevent and follow-up on threats and manage crises. At the helm of IT security, CISOs are in their element overseeing the security operations centre (SOC), incident ... | |||
|
2018-04-30 12:28:05 | “Rubella Macro Builder” Crimeware Kit Emerges on Underground (lien direct) | By Flashpoint Analysts Vitali Kremez, Paul Burbage, & Amina Bashir A crimeware kit dubbed the Rubella Macro Builder has recently been gaining popularity among members of a top-tier Russian hacking forum. Despite being relatively new and unsophisticated, the kit has a clear appeal for cybercriminals: it's cheap, fast, and can defeat basic static antivirus detection. ... | ★★ | ||
|
2018-04-30 12:25:04 | Thailand seizes server linked to North Korean attack gang (lien direct) | A server hidden in a Thai university and allegedly used as part of a North Korean hacking operation has been seized by ThaiCERT. Thailand’s infosec organisation announced last Wednesday that the box was operated by the Norks-linked Hidden Cobra APT group, and was part of the command-and-control rig for a campaign called GhostSecret. View full ... | Medical | APT 38 | ★★ |
|
2018-04-30 12:24:05 | Fake five-star reviews being bought and sold online (lien direct) | BBC 5 live Investigates was able to buy a false, five-star recommendation placed on one of the world’s leading review websites, Trustpilot. It also uncovered online forums where Amazon shoppers are offered full refunds in exchange for product reviews. Both companies said they do not tolerate false reviews. View full story ORIGINAL SOURCE: BBC | Guideline | ★★★★ | |
|
2018-04-30 12:24:00 | NHS to be upgraded to Windows 10 as government agree to Microsoft deal (lien direct) | The Department of Health and Social Care has agreed a deal with Microsoft that will enable all NHS organisations to use Windows 10 in a bid to improve defences against future cyber attacks. View full story ORIGINAL SOURCE: Digital Health | ★★★★ | ||
|
2018-04-30 12:22:02 | FCA awards £40m contract to strengthen cyber security (lien direct) | The Financial Conduct Authority (FCA) has awarded a £40m contract to 17 companies to monitor its cyber defences as it seeks to strengthen its online security in the wake of a series of high-profile attacks. View full story ORIGINAL SOURCE: The Daily Telegraph | |||
|
2018-04-30 12:21:04 | Degrees alone aren\'t enough to keep cybersecurity defences effective for the long term (lien direct) | University qualifications in cybersecurity are important but are only a start to keeping up with the changing cybersecurity threat, according to a corporate cybersecurity executive and educator who is currently leading nearly 3500 attendees through an online cybersecurity skills course focused on phishing countermeasures. View full story ORIGINAL SOURCE: CSO | Guideline | ||
|
2018-04-27 11:23:00 | Amplification attacks and old botnets make a comeback (lien direct) | Kaspersky Lab has published its report looking at botnet-assisted DDoS attacks for the first quarter of 2018. The company's experts note an increase in activity by both old and new botnets, growth in the popularity of amplification DDoS attacks and the return of long-lasting (multi-day) DDoS attacks. In the first quarter of 2018, DDoS botnets ... | |||
|
2018-04-27 11:20:04 | Department for work and pensions spending nearly £15m on GDPR (lien direct) | The Department for Work and Pensions is set to spend £14.73million to prepare for the EU's incoming General Data Protection Regulation (GDPR). The spending will cover a programme of education and awareness activity for all staff, system remediation and a review of the existing records storage arrangements. The findings are contained in a new report ... | ★★★★★ | ||
|
2018-04-27 11:17:03 | Cybersecurity strategies neglected in wake of the boardroom\'s quest for digital (lien direct) | A new report by Cognizant's Center for the Future of Work, Securing the Digital Future, reveals that, in the pursuit of digital transformation, organisations have overlooked one critical factor that could put all their transformation efforts – and even share prices- into jeopardy: cybersecurity. The research, which surveyed over 1,000 senior IT executives in 18 ... | |||
|
2018-04-27 11:15:02 | The cyber intelligence landscape is evolving (lien direct) | Written by Kristofer Mansson, CEO, Silobreaker Driven by digital innovation, business operations have undergone a fundamental transformation over the past decade. And as businesses have moved forward, the fundamentals of cybersecurity have followed behind: What are the weak points in my security strategy? Who are the main threats to my operations? Where am I at ... | |||
|
2018-04-27 11:10:03 | Department for Work and Pensions to spend £15m on GDPR (lien direct) | The Department for Work and Pensions (DWP) has allocated £14.7 million towards GDPR compliance, new research has found, with less than a month to go until the new data regulations come into force. The DWP is forecast to spend that sum over the course of 2018, with this money predominately being used for a programme ... | |||
|
2018-04-27 11:08:01 | Cheap crimeware kits help wannabe hackers get into the malware business (lien direct) | A new crimeware kit for sale on a hacking forum is offering aspiring cybercriminals a cheap way to launch malware spam campaigns. Uncovered by researchers at Flashpoint, the kit was first offered for sale in February for $500; two months later, the price has already been reduced to just $120 for a three-month license. It’s available ... | ★★★★ | ||
|
2018-04-27 11:07:01 | Ransomware warning: This phishing campaign delivers new malware variants (lien direct) | A new spam campaign designed to infect victims with GandCrab ransomware has surged over the past few days, as the criminals behind the scheme look to infect as many victims as possible. Analysis by researchers at security company Fortinet found that three new samples of GandCrab 2.1 are being distributed as the payload in a single mass ... | |||
|
2018-04-27 11:05:03 | Watchdog faces probe over data gaffe (lien direct) | The UK’s election watchdog has apologised after mistakenly releasing details of donors to a pro-Union campaign group. The Electoral Commission tried to redact details of 168 individuals who had donated to Scotland in Union, after a Freedom of Information request. But a “technical issue” meant the full names could be seen simply by cutting and ... | |||
|
2018-04-27 11:01:02 | (Déjà vu) World\'s Largest Spam Botnet Finds a New Way to Avoid Detection… For Now (lien direct) | Necurs, the world’s largest spam botnet, with millions of infected computers under its control, has updated its arsenal and is currently utilizing a new technique to infect victims. This new technique consists of sending an email to a potential victim containing an archive file, which unzips to a file with the extension of .URL. This ... | |||
|
2018-04-27 11:00:02 | Apple Is Struggling To Stop A \'Skeleton Key\' Hack On Home Wi-Fi (lien direct) | Even with all Apple’s expertise and investment in cybersecurity, there are some security problems that are so intractable the tech titan will require a whole lot more time and money to come up with a fix. Such an issue has been uncovered by Don A. Bailey, founder of Lab Mouse Security, who described to Forbes a hack that, whilst not ... | |||
|
2018-04-26 14:07:05 | What does a DDoS attack sound like? (lien direct) | Ever wondered what a DDoS attack sounds like? Well now is your chance to find out. In a new blog post, researchers from Imperva showcase of a recent project around the sonification of DDoS attacks. In the project, Imperva researchers turned web traffic into sound and transmitted the whole thing over internet radio, which to ... | ★★★ | ||
|
2018-04-26 11:50:05 | Synopsys Survey Reveals Only Half of CI/CD Workflows Include Application Security Testing Elements (lien direct) | While many organisations are still in the early days of tearing down organisational silos to build DevOps teams and implementing continuous integration and continuous delivery (CI/CD) workflows, the benefits of streamlined, collaborative development approaches are clear: they enable organisations to bring more features and improvements to market faster. What is not so well understood is ... | |||
|
2018-04-26 11:26:01 | Ever wondered how to make malware visual…Enter Maltoons! (lien direct) | If you’re a security professional who has pondered the question of how to visually demonstrate the nastiness of malware, then wonder no more! Lastline, a leading advanced network based malware protection company announced today the launch of Maltoons™, malware cartoons designed to help media and security professionals visualize and raise awareness of malware, cybercrime tactics, and ... | Guideline | ||
|
2018-04-26 10:06:01 | Cybersecurity – now a top boardroom priority (lien direct) | By Martin Ewings, Director of Specialist Markets, Experis UK businesses are facing a series of regulatory demands, including the much talked about GDPR, which is now fewer than 65 days away. Compliance has become a key boardroom issue – with fines for GDPR breaches set at 4% of annual turnover or €20m, whichever is greater. But ... | |||
|
2018-04-26 10:00:01 | Gartner Says Global Artificial Intelligence Business Value to Reach $1.2 Trillion in 2018 (lien direct) | Global business value derived from artificial intelligence (AI) is projected to total $1.2 trillion in 2018, an increase of 70 per cent from 2017, according to Gartner, Inc. AI-derived business value is forecast to reach $3.9 trillion in 2022. The Gartner AI-derived business value forecast assesses the total business value of AI across all the ... | ★★★★ | ||
|
2018-04-26 09:57:04 | New malware strain strikes X-ray and MRI systems – how can we cure the security sickness? (lien direct) | Jalal Bouhdada, Founder and Principal ICS Security Consultant for Applied Risk It is perhaps no surprise that a new attack group, dubbed Orangeworm, has been discovered targeting the healthcare industry. There have been repeated warnings that healthcare systems are easy pickings for cybercriminals, and although there has been an understandable desire within the industry to ... | ★★ | ||
|
2018-04-26 09:53:00 | Only 7 per cent of businesses GDPR-compliant as deadline looms, data privacy gains prominence (lien direct) | In the wake of the Facebook and Cambridge Analytica data misuse, public attention around the importance of data privacy has been heightened. Yet, with only a month until the General Data Protection Regulation (GDPR) deadline comes into effect, 93 per cent of respondents to a new survey from business analytics leader SAS say they are not yet fully ... | Guideline | ★★ | |
|
2018-04-26 09:50:05 | John McAfee-Backed Cryptocurrency\'s Thousands of Investors Exposed in Data Breach (lien direct) | A leaky database discovered online contains a wealth of sensitive data belonging to thousands of investors in Bezop cryptocurrency, including photocopies their driver's licenses and passports, according to a report from Kromtech Security. Kromtech announced on Wednesday that Bezop, which offers its own cryptocurrency “tokens” in addition to… some sort of blockchain-based e-commerce app, left a MongoDB database ... | ★★★★ | ||
|
2018-04-26 09:50:00 | Study finds children hit worst by data breaches (lien direct) | While data breaches put millions at risk each year, it’s easy to forget about some of the most vulnerable victims – children – who often don’t have the resources to protect their identities when their sensitive information is stolen. A recent Javelin Strategies study found that more than a million children were affected by identity fraud which ... | ★★★★★ | ||
|
2018-04-26 09:49:02 | Equifax has spent $242.7 million on its data breach so far (lien direct) | Equifax’s first quarter earnings report highlighted expenses due to its September 2017 data breach and how the spending is shifting more toward IT and security. In its first quarter earnings report, Equifax outlined that it spent $45.7 million for the three months ended March 31 on IT and data security. The company has been staffing ... | Equifax | ||
|
2018-04-26 09:48:03 | At least 432 UK businesses to be affected by NIS cyber-security regulation (lien direct) | At least 432 businesses in the UK are likely to be affect by the Network and Information Systems (NIS) Regulations 2018, according to an impact assessment carried out by the UK government. The act is to come into force next month in line with the EU Network and Information Services Directive. The regulations are aimed ... | ★★★ | ||
|
2018-04-26 09:47:01 | Cyber-attack website Webstresser taken down (lien direct) | A website blamed for launching more than four million cyber-attacks around the world, including attempts to crash banks in the UK, has been taken down in a major international investigation. The operation, which involved the UK’s National Crime Agency, blocked Webstresser.org – which allows criminals to buy attacks on businesses. The site was used by ... | |||
|
2018-04-26 09:46:02 | Almost half UK businesses suffered cyberattack or security breach last year, figures show (lien direct) | Nearly half the businesses in the UK have fallen victim to cyberattacks or security breaches in the last year, costing them each thousands of pounds, new data shows. The government report also found a fifth of charities had been affected, in a detailed look at how organisations of all sizes are at risk of being targeted. The 2018 Cyber Security Breaches ... | |||
|
2018-04-26 09:43:01 | A faked master key gives hackers access to millions of hotel rooms (lien direct) | Finnish cybersecurity firm F-Secure has revealed it found a flaw in the digital lock system that may be used in millions of hotel rooms worldwide. It managed to spoof hotel master keys that would be able to unlock any door. After “several thousand hours of work”, F-Secure researchers created a master key that could be used to ... | |||
|
2018-04-25 14:43:04 | Traditional security defences may prove inadequate for effective GDPR strategies, warns Aruba (lien direct) | Companies risk falling foul of incoming GDPR regulations by relying on existing, piecemeal security measures, according to a new whitepaper published today by Aruba, a Hewlett Packard Enterprise company. The majority of existing defences, which use pattern matching techniques to find threats, are unable to detect new attacks that use legitimate user credentials to ... | |||
|
2018-04-25 14:42:02 | Take back the initiative on DDoS protection – it\'s time to be proactive (lien direct) | Since Mirai and its subsequent variants let the genie out of the bottle, DDoS attacks powered by the Internet of Things have become ubiquitous. As more and more IoT devices join the world's networks – predicted by Gartner to be 24 billion by 2020 – so the potential for cybercriminals to recruit unsecured devices to ... | |||
|
2018-04-25 14:40:02 | (Déjà vu) With Deadline One Month Out, Many US Companies Not Ready for GDPR, CompTIA Survey Reveals (lien direct) | A significant percentage of U.S. companies are uncertain about or unprepared for the European Union's General Data Protection Regulation (GDPR) that takes effect one month from today, according to a new survey by CompTIA, the world's leading technology association. “Confusion about the regulations remains a significant problem for many companies,” said Todd Thibodeaux, CompTIA president ... | Guideline | ||
|
2018-04-24 12:08:01 | Nintendo Switch found with unpatchable exploit (lien direct) | A newly published “exploit chain” for Nvidia Tegra X1-based systems seems to describe an apparently unpatchable method for running arbitrary code on all currently available Nintendo Switch consoles. Hardware hacker Katherine Temkin and the hacking team at ReSwitchedreleased an extensive outline of what they’re calling the Fusée Gelée coldboot vulnerability earlier today, alongside a proof-of-concept payload that can ... | ★★★★ | ||
|
2018-04-24 12:03:05 | Cyber Worms found in X-ray machines (lien direct) | A newly discovered cybercriminal group is installing custom malware onto the systems of organisations in healthcare and related sectors in order to conduct corporate espionage. These targeted attacks are carried out against a small number of selected organisations as well as the supply chains which serve them, with the tactics and use of custom malware suggesting ... | |||
|
2018-04-24 12:01:00 | Cyber attacks targeting fictional country \'Berylia\' (lien direct) | NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attacks. The virtual country will suffer its virtual attack under NATO’s Cooperative Cyber Defence Centre of Excellence’s (CCDCOE) Locked Shields 2018, which CCDCOE described as the world’s “largest and most ... | |||
|
2018-04-24 10:08:04 | (Déjà vu) Kaspersky Lab identifies infrastructure of Crouching Yeti known for attacks on industrial companies (lien direct) | Kaspersky Lab has uncovered infrastructure used by the well-known Russian-speaking APT group Crouching Yeti, also known as Energetic Bear, which includes compromised servers across the world. According to the research, numerous servers in different countries were hit since 2016, sometimes in order to gain access to other resources. Others, including those hosting Russian websites, were ... | |||
|
2018-04-24 10:06:01 | Connectivity is driving the manufacturing boom, but beware of unwanted attention (lien direct) | The manufacturing industry is among the most advanced in the world for its adoption of digital platforms. Robotic and connected sensor technology are now mainstream throughout most factories, allowing manufacturers to gather insights in real time. The use of digital technology in manufacturing is nothing new, it has been embedded within processes for decades, and ... | |||
|
2018-04-24 10:04:03 | What exactly is \'cryptojacking\', and how can businesses respond to the spiralling cyber threat? (lien direct) | Earlier this month, the National Cyber Security Centre (NCSC) published a report listing 'cryptojacking' as one of the biggest cyber threats facing UK businesses. The report warned that up to 55% of businesses globally are already affected by these types of attacks, and that this figure is set to only rise as attackers exploit new ... | |||
|
2018-04-23 09:49:03 | (Déjà vu) SunTrust Bank employee steals data of 1.5 million customers (lien direct) | US-based SunTrust Bank said it is working with law enforcement after it discovered that a former employee had stolen private information belonging to nearly 1.5 million customers. “In conjunction with law enforcement, we discovered that a former employee while employed at SunTrust may have attempted to print information on approximately 1.5 million clients and share ... | ★★ |
To see everything:
Our RSS (filtrered)
