What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-09-15 17:48:47 | Microsoft Shuts Down Zero Day Used in AdGholas Malvertising Campaigns (lien direct) | Microsoft this week patched a zero-day vulnerability in the Internet Explorer and Edge browsers being used in the AdGholas malvertising campaign. | |||
|
2016-09-15 17:04:18 | Cisco Patches Critical WebEx Meetings Server Vulnerability (lien direct) | Cisco warned customers of 12 vulnerabilities across its product line this week, including a critical vulnerability in the software that powers its conferencing solution WebEx Meetings Server. | |||
|
2016-09-15 15:15:22 | Bruce Schneier on Probing Attacks Testing Core Internet Infrastructure (lien direct) | Bruce Schneier talks to Mike Mimoso about information he was given regarding an increase in DDoS and probing attacks targeting companies running core internet infrastructure in an attempt to test their defenses. | |||
|
2016-09-14 19:59:42 | DualToy Windows Trojan Attacks Android, iOS Devices (lien direct) | Researchers have found a malware family called DualToy that infects Windows PCs and sideloads malware onto connected Android and iOS devices. | |||
|
2016-09-14 18:53:56 | Phony Pokémon GO Android App Gave Attackers Root Access (lien direct) | A rogue "Guide for Pokémon GO" app made it into Google Play's marketplace and gave attackers root access to any Android device it was installed on. | |||
|
2016-09-14 18:52:46 | Snowden Makes Case for a Presidential Pardon (lien direct) | The ACLU and Amnesty International kick off a campaign that seeks a presidential pardon for Edward Snowden. | |||
|
2016-09-14 13:00:13 | Google Project Zero Prize Pays $200,000 for Critical Vulnerability Chains (lien direct) | Google Project Zero announced a six-month Android bug bounty program that requires researchers to file bugs as they find them, rather than hoard the whole chain. | |||
|
2016-09-13 20:24:13 | Microsoft Patches 47 Vulnerabilities with September Patch Tuesday (lien direct) | Microsoft patched 47 vulnerabilities with 14 security bulletins, seven critical, with its monthly Patch Tuesday updates today. | |||
|
2016-09-13 19:21:43 | iOS 10 Security Updates Move to HTTPS (lien direct) | Today's release of iOS 10 also included patches for seven vulnerabilities and the news that security updates will now be delivered by HTTPS connections. | ★★★ | ||
|
2016-09-13 17:51:14 | Adobe Back With New Flash Player Security Update (lien direct) | After a month without Flash Player security patches, Adobe today updated the software addressing 29 vulnerabilities. | |||
|
2016-09-13 15:55:31 | Tor Joins Movement Against Expanding Hacking Powers (lien direct) | The Tor Project on Monday made a public plea for others to speak out against the proposed amendments to Rule 41 of the Federal Rules of Criminal Procedure. | |||
|
2016-09-13 15:18:28 | Judge Rules Use of FBI Malware Is A \'Search\' (lien direct) | Civil liberties advocates say a Texas judge got it right when he ruled on a controversial child porn case regarding the FBI's use of malware to search a computer. | |||
|
2016-09-13 13:14:54 | Generic OS X Malware Detection Method Explained (lien direct) | A researcher says the future of OS X malware detection may be rooted in patterns and heatmap visualization. | |||
|
2016-09-12 19:38:40 | New Windows Patch Policy At Odds With Acceptable Risk (lien direct) | Microsoft's switch to rollup patching for Windows 7/8.1 will have an impact on security, one expert says. | |||
|
2016-09-12 19:32:18 | FDA, DHS Investigating St. Jude Device Vulnerabilities (lien direct) | The FDA and DHS are jointly investigating cybersecurity vulnerabilities in St. Jude Medical devices. | |||
|
2016-09-12 15:00:58 | Critical MySQL Vulnerability Disclosed (lien direct) | A researcher has disclosed some details and a limited proof-of-concept for a critical MySQL vulnerability. The flaw has been patched in MariaDB and PerconaDB. | |||
|
2016-09-09 18:06:16 | Patched Android Libutils Vulnerability Harkens Back to Stagefright (lien direct) | Google Project Zero this week disclosed details on a critical vulnerability in Libutils in Android that is similar to the Stagefright flaws. | ★★★★ | ||
|
2016-09-09 16:43:58 | (Déjà vu) White House Hires First Federal CISO (lien direct) | The White House hired retired Brigadier General Gregory J. Touhill as the first federal CISO. | |||
|
2016-09-09 13:00:28 | Fallout Over OPM Breach Report Begins (lien direct) | A report on the U.S. Office of Personnel Management breaches that exposed sensitive data belonging to more than 22 million people has sparked a cavalcade of finger pointing, politicking and squabbling over who knew what first. | |||
|
2016-09-08 19:43:47 | Chrome to Label Some HTTP Sites \'Not Secure\' in 2017 (lien direct) | Google Chrome will begin marking some HTTP sites as non-secure in 2017. | |||
|
2016-09-08 16:23:25 | WordPress Update Resolves XSS, Path Traversal Vulnerabilities (lien direct) | Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday. | |||
|
2016-09-08 15:09:20 | DHS Urges Vigilance in Protecting Networking Gear (lien direct) | A Homeland Security alert warns network operators that the security of routers and firewalls must be revisited in the wake of the ShadowBrokers dump and other attacks on enterprise networking equipment. | |||
|
2016-09-08 13:00:44 | FTC Panel Encourages Basic Security Hygiene to Counter Ransomware (lien direct) | Panelists at a FTC workshop on Wednesday agreed that better basic cyber hygiene can do a lot to help eliminate the threat of ransomware up front. | |||
|
2016-09-08 10:00:07 | Google Shares Android Nougat, Safe Browsing Security Enhancements (lien direct) | Google stepped up efforts this week to bolster its security strategy with news from both its Android Security Team and its Safe Browsing Team. | |||
|
2016-09-07 17:57:23 | Critical Flaws Found in Network Management Systems (lien direct) | Four leading network management system providers patched nearly a dozen critical cross-site scripting vulnerabilities disclosed Wednesday by Rapid7. | Guideline | ||
|
2016-09-07 16:55:15 | Data-Stealing Mac OS X Backdoor Uncovered (lien direct) | Researchers at Kaspersky Lab on Wednesday confirmed that an OS X variant of a recently discovered family of cross-platform backdoors exists. | |||
|
2016-09-07 16:53:51 | St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters (lien direct) | St. Jude Medical yesterday filed a lawsuit alleging that Muddy Waters and Med Sec made false claims and attempted to manipulate St. Jude stock. | |||
|
2016-09-07 13:00:53 | Google Shuts Down Potentially Massive Android Bug (lien direct) | Google patched another critical vulnerability that affects potentially every Android device that is exploitable just with a specially crafted jpeg file. | |||
|
2016-09-06 18:40:33 | Cry Ransomware Uses UDP, Imgur, Google Maps (lien direct) | Ransomware purporting to come from a phony government agency, the Central Security Treatment Organization, has been making the rounds and using Google Maps and Imgur, researchers claim. | |||
|
2016-09-06 18:00:01 | Google Patches Quadrooter Vulnerabilities in Android (lien direct) | Today's monthly Android Security Bulletin includes patches for the remaining Quadrooter vulnerabilities in Qualcomm chipsets. | |||
|
2016-09-06 17:11:23 | Number of Devices Sharing Private Crypto Keys Up Sharply (lien direct) | Risks of man-in-the-middle attacks tied to embedded devices that share cryptographic keys and certificates went up sharply over the past nine months. | |||
|
2016-09-06 15:00:51 | Yelp Launches Public Bug Bounty (lien direct) | Yelp today announced a public bug bounty, which will pay up to $15,000 for critical vulnerabilities found on its mobile and desktop sites, public API and other areas of its infrastructure. | |||
|
2016-09-06 14:30:02 | Adding CIA to DNA (lien direct) | In this Threatpost op-ed, computer engineer Alexandrea Mellen explores the need for information security concepts in genetic engineering, and how concepts such as the security triad of confidentiality, integrity and availability apply. | |||
|
2016-09-02 20:23:32 | Microsoft Adds .NET Core, ASP.NET to Bug Bounty Program (lien direct) | Microsoft adds .NET Core and ASP.NET to its bug bounty program offering bug hunters payouts that range from $500 to $15,000. | |||
|
2016-09-02 16:49:40 | Android Patch Fixes Nexus 5X Critical Vulnerability (lien direct) | Google patched an undocumented vulnerability that allowed attackers to bypass Nexus 5X device's lock screen via a forced memory dump that exposed the device owner's password. | |||
|
2016-09-02 14:00:29 | Apple Patches Trident Vulnerabilities in OS X, Safari (lien direct) | Apple has patched the Trident vulnerabilities in OS X and Safari. The flaws were originally disclosed in iOS and used to spy on a UAE human rights activist. | |||
|
2016-09-02 13:00:08 | Threatpost News Wrap, September 2, 2016 (lien direct) | Mike Mimoso, Tom Spring, and Chris Brook discuss the news of the week, including the MedSec/Muddy Waters story, how the Angler EK was traced back to the Lurk Gang, Fairware hitting Linux servers, and the Bashlite IoT malware. | |||
|
2016-09-01 18:46:51 | Malvertising Campaign Pushing Neutrino Exploit Kit Shut Down (lien direct) | Researchers uncovered a global malvertising campaign exposing potentially millions of users to the risk of being hit with CrypMIC ransomware delivered via the Neutrino Exploit Kit. | |||
|
2016-09-01 17:08:20 | Insecure Redis Instances at Core of Attacks Against Linux Servers (lien direct) | Attackers are targeting insecure Redis instances, exposed to the internet, to access Linux servers and delete web files and folders in exchange for ransom. | |||
|
2016-09-01 15:52:59 | Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs (lien direct) | Google patched 33 bugs in total in Chrome 53, almost half of which are branded high severity by the company. | |||
|
2016-09-01 13:15:50 | Patched ColdFusion Flaw Exposes Applications to Attack (lien direct) | Adobe pushed hotfixes to ColdFusion 11 and 10 installations addressing a XXE vulnerability that can be exploited processing OOXML documents. | |||
|
2016-09-01 11:00:50 | SWIFT Warns Banks Of More Cyberattacks (lien direct) | Banks face persistent, sophisticated and sustained cyberattacks from hackers looking to exploit the SWIFT messaging network, according to reports. | |||
|
2016-08-31 19:04:09 | OneLogin SecureNotes Breach Exposed Data in Cleartext (lien direct) | OneLogin confirmed this week an attacker took advantage of a bug in its system and was able to view sensitive notes, thought to be secure, posted by users. | |||
|
2016-08-31 16:01:51 | Researchers: MedSec, Muddy Waters Set Bad Precedent With St. Jude Medical Short (lien direct) | Security researchers caution mixing vulnerability disclosure with stock market bets set a troubling precedent. | |||
|
2016-08-31 14:42:39 | 68 Million Credentials Spilled in 2012 Dropbox Hack (lien direct) | When hackers infiltrated Dropbox in 2012 they made off with credentials for roughly 68 million users. | |||
|
2016-08-31 14:21:48 | Fairware Attacks Targeting Linux Servers (lien direct) | Linux admins are reporting attacks against webservers resulting in the deletion of web folders, reportedly by attackers using a ransomware variant called Fairware. | |||
|
2016-08-30 19:29:57 | BASHLITE Family Of Malware Infects 1 Million IoT Devices (lien direct) | Over 1 million consumer web-connected video cameras and DVRs have have become the slaves to botnet herders that use the devices for DDoS and phishing attacks. | |||
|
2016-08-30 18:30:40 | How to Leak Data From Air-Gapped Computers With a USB Device (lien direct) | Researchers at Ben-Gurion University of Negev have found a way to take a run of the mill USB device and use it to leak data from an air gapped computers via RF signals. | |||
|
2016-08-30 18:25:53 | Inside the Demise of the Angler Exploit Kit (lien direct) | Researchers at Kaspersky Lab today confirmed that the cybercriminals behind the Lurk Trojan were also responsible for the development and distribution of the Angler Exploit Kit | ★★★★ | ||
|
2016-08-30 16:23:10 | Privacy Groups File FTC Complaint over WhatsApp Data Sharing with Facebook (lien direct) | A complaint filed with the FTC alleges unfair and deceptive practices on the part of WhatsApp, which has decided to share phone numbers and data with Facebook. |
To see everything:
Our RSS (filtrered)
