What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-09 19:48:01 | Two Windows Privilege Escalation Vulnerabilities Exploited in Attacks (lien direct) | Microsoft's July 2019 Patch Tuesday updates fix nearly 80 vulnerabilities, including two Windows zero-day flaws and six issues whose details were previously made public. | |||
|
2019-07-09 18:25:04 | Vulnerability Gives Attackers Remote Access to Zoom Users\' Cameras (lien direct) | A vulnerability in the Zoom Client for Mac allows a remote attacker to force a user into joining a video call with the video camera active, a security researcher has discovered. | Vulnerability | ||
|
2019-07-09 16:20:02 | UK Spy Agency Decrypts Some Secrets With New Exhibition (lien direct) | Historic gadgets used by British spies will be revealed for the first time later this week, as one of the country's intelligence agencies steps out the shadows to mark its centenary -- and to educate people about the risks of cyber-attacks. | |||
|
2019-07-09 15:55:05 | Adobe Fixes Low Priority Flaws With July 2019 Patch Tuesday Updates (lien direct) | Adobe's Patch Tuesday updates for July 2019 address vulnerabilities in the company's Bridge CC, Experience Manager and Dreamweaver products, but none of the security holes appear serious. | |||
|
2019-07-09 15:39:01 | Malware Isolation Firm Menlo Security Raises $75 Million (lien direct) | Menlo Security, a provider of zero-trust internet isolation services, has raised $75 million in a Series D funding round led by clients advised by JP Morgan Asset Management. Existing investors, including Sutter Hill Ventures, American Express Ventures, HSBC and JP Morgan Chase also participated in the funding. | Malware | ||
|
2019-07-09 15:32:03 | Fileless Attack Attempts to Run Astaroth Backdoor Directly in Memory (lien direct) | Microsoft says it recently detected and stopped a fileless campaign looking to deliver the Astaroth Trojan to unsuspecting victims. | |||
|
2019-07-09 13:24:00 | Several Siemens Devices Affected by Intel MDS Vulnerabilities (lien direct) | Siemens informed customers on Tuesday that several of its products are affected by the Microarchitectural Data Sampling (MDS) vulnerabilities impacting a majority of the Intel processors made in the last decade. | |||
|
2019-07-09 11:51:01 | Indiana County Disabled by Malware Attack (lien direct) | LaPorte County, Indiana, reported Sunday that it had been affected by a malware attack. County Commission President Dr. Vidya Kora announced that county employees and the public needing to access any county government email or website would be unable to do so because of a "malicious malware attack that occurred on Saturday morning, July 6, 2019, that has disabled our computer and email systems." | Malware | ||
|
2019-07-09 06:02:00 | U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels (lien direct) | 
The U.S. Coast Guard on Monday issued a safety alert advising commercial vessel owners and operators to ensure that effective cybersecurity measures are in place to protect the network and important control systems on their ships.
|
|||
|
2019-07-08 20:54:02 | Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky (lien direct) | Iran-linked malware uploaded to VirusTotal last week by United States Cyber Command (USCYBERCOM) was first observed in Dec 2016 and Jan 2017, according to security firm Kaspersky. | Malware | ||
|
2019-07-08 20:34:05 | Maryland Department of Labor Announces Data Breach (lien direct) | The Maryland Department of Labor has announced that databases containing personally identifiable information (PII) were accessed in a cyber-incident discovered earlier this year. | Data Breach | ||
|
2019-07-08 15:23:02 | Malicious Code Planted in \'strong_password\' Ruby Gem (lien direct) | A developer discovered that an update released for the 'strong_password' Ruby gem contained malicious code that allowed an attacker to remotely execute arbitrary code. | |||
|
2019-07-08 14:03:02 | British Airways Faces $230 Million Fine for 2018 Breach (lien direct) | UK ICO Shows its Teeth in Fining BA £183 Million for 2018 Breach | |||
|
2019-07-08 12:11:02 | Eurofins Scientific Paid Up in Response to Ransomware Attack: Report (lien direct) | Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers. | Ransomware | ||
|
2019-07-08 05:42:00 | Canonical GitHub Account Hijacked (lien direct) | 
Canonical, the company behind the Ubuntu operating system, confirmed over the weekend that one of its GitHub accounts was hacked.
|
|||
|
2019-07-08 04:41:02 | Mystery of NSA Leak Lingers as Stolen Document Case Winds Up (lien direct) | Federal agents descended on the suburban Maryland house with the flash and bang of a stun grenade, blocked off the street and spent hours questioning the homeowner about a theft of government documents that prosecutors would later describe as “breathtaking” in its scale. | |||
|
2019-07-05 13:42:05 | Cryptomining Campaign Targets Linux Servers with Go Malware (lien direct) | A recently uncovered cryptomining campaign is delivering a new Golang malware to target Linux-based servers, F5 Networks security researchers report. | Malware | ||
|
2019-07-05 13:02:00 | EFF, OTI Respond to UK\'s Online Harms Legislative Proposal (lien direct) | The Electronic Frontier Foundation (EFF) and New America's Open Technology Institute (OTI) have published their combined response to the UK government's Online Harms White Paper. The white paper, published in April 2019, with a public consultation period ending July 1, 2019, proposes legislation designed to increase the safety of users online. | |||
|
2019-07-04 12:28:00 | Hacker Who Disrupted Sony Gaming Firm Gets Federal Prison (lien direct) | A hacker who disrupted Sony Online Entertainment and other gaming companies has been sentenced to more than two years in federal prison. Twenty-three-year-old Austin Thompson of Utah received the 27-month sentence on Tuesday in San Diego. | |||
|
2019-07-04 05:25:03 | Magento Patches Flaws Leading to Site Takeover (lien direct) | Magento recently addressed vulnerabilities that could be exploited by unauthenticated attackers to hijack administrative sessions and then completely take over vulnerable web stores. | |||
|
2019-07-04 05:13:00 | Certificates Issued to Huawei Subsidiary Found in Cisco Switches (lien direct) | Researchers noticed that the firmware for some Cisco switches contains X.509 certificates and associated private keys issued to a US-based subsidiary of Huawei. An investigation by the networking giant revealed that it was an oversight related to the use of an open-source third-party component. | |||
|
2019-07-03 20:07:04 | Georgia Failed to Subpoena Image of Wiped Elections Server (lien direct) | The case of whether hackers may have tampered with elections in Georgia has taken another strange turn. | |||
|
2019-07-03 18:56:00 | Multiple Chinese Groups Share the Same RTF Weaponizer (lien direct) | During an investigation into a possibly shared RTF weaponizer by Indian and Chinese APT groups, researchers have discovered that multiple Chinese groups have updated the weaponizer to exploit the Microsoft Equation Editor (EE) vulnerability CVE-2018-0798. The same weaponizer had previously delivered exploits for EE vulnerabilities CVE-2017-11882 and CVE-2018-0802. | Vulnerability | ||
|
2019-07-03 15:35:04 | Dridex Operators Use New Trojan Downloader (lien direct) | The threat actor best known for operating the Dridex banking Trojan and the Locky ransomware has started using a new downloader in June, Proofpoint reports. | Ransomware Threat | ||
|
2019-07-03 15:09:05 | SIEM Provider Exabeam Acquires SkyFormation (lien direct) | Security information and event management (SIEM) solutions provider Exabeam this week announced the acquisition of cloud application security company SkyFormation. | |||
|
2019-07-03 14:50:00 | Broadcom in Talks to Acquire Symantec in $15 Billion Deal: Reports (lien direct) | Chipmaker Broadcom is in advanced talks to acquire cybersecurity giant Symantec in a deal that could exceed $15 billion, according to several news outlets. | |||
|
2019-07-03 14:00:01 | Eight Arrested Over Cyberattacks Against Hong Kong Police (lien direct) | Hong Kong police said Wednesday they have arrested eight people for stealing and disclosing personal information of officers online, as the city grapples with the aftermath of unprecedented anti-government protests that saw its parliament ransacked. | |||
|
2019-07-03 13:52:00 | FTC, D-Link Reach Agreement Over Device Security (lien direct) | Taiwan-based networking equipment manufacturer D-Link has agreed to implement a comprehensive security program to settle accusations by the U.S. Federal Trade Commission (FTC) claiming that the company failed to implement proper security mechanisms in its routers and IP cameras. | |||
|
2019-07-03 12:57:00 | Nexus Repository Flaws Expose Thousands of Private Artifacts (lien direct) | Two vulnerabilities in Nexus Repository exposed thousands of private artifacts across a broad range of industries, Twistlock's security researchers reveal. | |||
|
2019-07-03 12:11:04 | Many VMware Products Affected by SACK Linux Vulnerabilities (lien direct) | Over 30 VMware products are affected by SACK Panic and SACK Slowness, two recently disclosed Linux kernel vulnerabilities that can be exploited remotely without authentication for denial-of-service (DoS) attacks. | |||
|
2019-07-03 06:06:02 | U.S. Cyber Command Warns of Outlook Flaw Exploited by Iranian Hackers (lien direct) | The U.S. Cyber Command (USCYBERCOM) on Tuesday warned that it had spotted attacks exploiting a Microsoft Outlook vulnerability tracked as CVE-2017-11774 in an effort to deliver malware. | Vulnerability | ||
|
2019-07-02 19:07:01 | Huawei Remains Blocked From US 5G: White House Trade Advisor (lien direct) | China's telecoms giant Huawei remains barred from the development of 5G wireless networks in the United States, a senior White House trade advisor said Tuesday. "US policy on Huawei with respect to 5g in this country has not changed," Peter Navarro told CNBC. | |||
|
2019-07-02 18:59:05 | Adware Gathers 9 Million Downloads in Google Play (lien direct) | A recently identified adware campaign has gathered over 9 million downloads via 111 infected applications distributed through Google Play, Trend Micro's security researchers reveal. | |||
|
2019-07-02 18:40:02 | Americans Want to Protect Their Information, but Don\'t Know How: Survey (lien direct) | Americans are keen on security, but do not necessarily understand it. This is the conclusion of a new survey of 1,300 Americans undertaken by YouGov, which basically suggests that attitudes towards cybersecurity exceed actions taken to ensure cybersecurity. | |||
|
2019-07-02 16:54:00 | Threat Actor Targets Libyans with Malware via Facebook (lien direct) | A threat group has been targeting mobile and desktop users in Libya with malware through Facebook pages, Check Point has discovered. | Malware Threat | ||
|
2019-07-02 16:36:00 | Bruce Schneier Moves on from IBM (lien direct) | Bruce Schneier announced in a brief blog post, "I'm leaving IBM." His three-year stint with what he calls "the nicely ambiguous title of 'Special Advisor'" ended at the end of June 2019. He gives no specific future plans beyond saying that he will continue to write, speak, teach and occasionally consult. | |||
|
2019-07-02 16:35:02 | Defending Downwind as the Cyberwar Heats up (lien direct) | 
|
|||
|
2019-07-02 14:44:04 | Google Patches Critical Code Execution Bugs in Android Media Framework (lien direct) | This week, Google released the July 2019 set of patches for the Android operating system, to address a total of 33 vulnerabilities, including 9 rated Critical. | |||
|
2019-07-02 14:24:02 | (Déjà vu) Cyberattack Forces Georgia Agency to Shut Down Websites (lien direct) | A Georgia state agency says a cyberattack has forced it to shut down some court websites. News outlets report hackers demanding a ransom infected computers with malware at the Georgia Administrative Office of the Courts. Agency spokesman Bruce Shaw said Monday that officials have “quarantined our servers and shut off our network to the outside.” | Malware | ||
|
2019-07-02 13:02:02 | Many Phoenix Contact PLCs Still Vulnerable Months After Researcher Issues Warning (lien direct) | Several months after a researcher issued a warning about over 1,200 Phoenix Contact programmable logic controllers (PLCs) being exposed to remote attacks from the internet, many organizations still haven't taken any measures to secure their systems. | |||
|
2019-07-02 05:57:04 | Firefox Update to Address Antivirus TLS Errors (lien direct) | Mozilla revealed on Monday that the upcoming Firefox 68 will address TLS issues caused by antiviruses by automatically making changes to the browser's configuration when a man-in-the-middle (MitM) error is detected. | |||
|
2019-07-02 04:54:05 | Researchers Analyze Vietnamese Hackers\' Suite of RATs (lien direct) | BlackBerry Cylance security researchers have analyzed a suite of remote access Trojans (RATs) that the Vietnam-linked threat actor OceanLotus has been using in attacks for the past three years. | Threat | APT 32 | |
|
2019-07-02 04:30:00 | Trump Move to Ease Huawei Sanctions Sparks Anger, Confusion (lien direct) | The US trade war truce with China which could ease sanctions on Huawei has prompted a backlash from lawmakers over national security concerns amid confusion over how the deal may impact the Chinese tech giant. | |||
|
2019-07-01 19:28:02 | Hardcoded Credentials Expose SICK Controllers to Remote Attacks (lien direct) | A researcher has discovered that remote hackers could reconfigure or disrupt MSC800 modular system controllers from Germany-based sensor maker SICK due to the existence of hardcoded credentials. | |||
|
2019-07-01 18:20:03 | Smart Home Hacked via Vulnerabilities, Social Engineering (lien direct) | Hacking Smart Homes - the Stuff of Horror Movies | |||
|
2019-07-01 17:22:00 | Risk-Based Vulnerability Management is a Must for Security & Compliance (lien direct) | Vulnerability management and compliance go hand-in-hand. Just as adhering to certain regulatory standards can help an organization manage vulnerabilities more effectively, managing vulnerabilities effectively can make an organization less susceptible to the sorts of security incidents that could render it noncompliant. | Vulnerability | ||
|
2019-07-01 17:15:00 | European Legislation and the American Tech Industry (lien direct) | It may sound far-fetched, but American tech firms could be excused for wondering if the European Union is using consumer-oriented legislation as a form of protectionism for its smaller industry against foreign giants. | |||
|
2019-07-01 15:30:00 | Threat Actor Poisons OpenPGP Certificates (lien direct) | Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. | Threat | ||
|
2019-07-01 14:59:02 | Cyber Deception Company TrapX Raises $18 Million (lien direct) | TrapX Security, a Silicon Valley-based company that provides cyber defense solutions powered by deception technology, on Monday announced that it raised $18 million in a Series C funding round. | |||
|
2019-07-01 13:44:05 | \'Good Chance\' for More US Exports to Huawei: Trump Aide (lien direct) | As the United States and China pursue trade talks, there is a "good chance" that more US firms will be granted licenses to sell products to controversial Chinese telecoms giant Huawei, White House economic advisor Larry Kudlow said Sunday. |
To see everything:
Our RSS (filtrered)
