What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-08-29 21:40:22 | FBI Warned State Election Board Systems of Hacks (lien direct) | The Federal Bureau of Investigation's Cyber Division warned election officials nationwide this month to fortify their systems in the wake of two breaches it was able to detect earlier this summer. | |||
|
2016-08-29 21:22:51 | 1.7 Million Opera Browser Users Told To Reset Passwords (lien direct) | Browser maker Opera warns 1.7 million Opera sync accounts possibly compromised and urges users to change passwords. | |||
|
2016-08-29 17:32:19 | RIPPER ATM Malware Uses Malicious EVM Chip (lien direct) | RIPPER malware forces ATMs to churn out cash for crooks via a malicious EVM bankcard attack. | |||
|
2016-08-29 13:58:22 | Dropbox Forces Password Reset for Older Users (lien direct) | Online storage service Dropbox began notifying users over the weekend that if they haven't updated their password since 2012, they'll be prompted to update it the next time they log in. | |||
|
2016-08-26 18:55:06 | Pacemaker Hacking Fears Rise With Critical Research Report (lien direct) | Researcher warn medical devices made by St. Jude Medical are at risk of attacks via SSH certificate reuse vulnerabilities and static credentials that can easily give hackers root access to key monitoring equipment. | |||
|
2016-08-25 21:33:16 | Emergency iOS Update Patches Zero Days Used by Government Spyware (lien direct) | Apple rushed an emergency iOS update that patches three zero days being exploited in spyware sold to oppressive governments to monitor human rights activists and journalists. | |||
|
2016-08-25 19:30:35 | France, Germany Call for European Decryption Law (lien direct) | France's and Germany's Interior Minister are urging the EU to consider implementing a law to get companies to decrypt encrypted communications. | |||
|
2016-08-25 18:19:25 | Keystroke Recognition Uses Wi-Fi Signals To Snoop (lien direct) | Researchers develop WiKey technology that can sniff out keystrokes with 97.5 percent accuracy using an off-the-shelf Wi-Fi router and a $200 laptop. | |||
|
2016-08-25 16:12:58 | VMware Patches Flaws in Identity and Cloud Products (lien direct) | VMware this week patched its Identity Manager and vRealize Automation products against privilege escalation and remote code execution vulnerabilities. | |||
|
2016-08-25 13:22:25 | Tor Update Fixes ReachableAddresses Problem (lien direct) | Tor updated its software to 0.2.8.7 and fixed a number of issues, including a bug in the ReachableAddresses option that possibly degrades anonymity. | Guideline | ||
|
2016-08-24 21:53:13 | Cisco Begins Patching Equation Group ASA Zero Day (lien direct) | Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump. | |||
|
2016-08-24 20:11:12 | GTAGaming Hack Blamed on Old vBulletin Software (lien direct) | A breach that exposed 200,000 Grand Theft Auto fan forum users' email addresses and private data is being blamed on an exploit of outdated and vulnerable vBulletin software. | ★★★ | ||
|
2016-08-24 17:04:23 | Leaked ShadowBrokers Attack Upgraded to Target Current Versions of Cisco ASA (lien direct) | Researchers at Silent Signal have ported the ShadowBrokers' Equation Group exploit for Cisco ASA firewalls to newer versions of the product. | |||
|
2016-08-24 16:57:35 | Wildfire Ransomware Campaign Disrupted (lien direct) | Victims of the mostly Dutch-leaning ransomware WildFire can now get their files back without paying attackers. | |||
|
2016-08-24 12:00:39 | New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption (lien direct) | Researchers have found a new way to recover and decrypt authentication cookies from 3DES and Blowfish protected traffic. In response, OpenSSL is expected to deprecate 3DES' designation from high to medium. | |||
|
2016-08-23 17:09:53 | Epic Games Forums Hacked, SQL Injection Vulnerability Blamed (lien direct) | A SQL injection vulnerability is being blamed in the hack of 800,000 users accounts for popular gaming forums run by Epic Games. | |||
|
2016-08-23 17:03:17 | GozNym Banking Trojan Targeting German Banks (lien direct) | Fresh from targeting banks in Poland, the banking Trojan GozNym has begun taking aim at banks in Germany. | |||
|
2016-08-23 15:32:04 | Timing of Browser-Based Security Alerts Could Be Better (lien direct) | New academic research shows that security warnings should be better timed to pop up when computers users are less likely to be multitasking. | ★★★ | ||
|
2016-08-22 17:52:46 | Juniper Acknowledges Equation Group Exploits Target ScreenOS (lien direct) | Juniper Networks on Friday acknowledged that exploits contained in the ShadowBrokers data dump target NetScreen firewalls running ScreenOS. | |||
|
2016-08-19 17:00:00 | New Brazilian Banking Trojan Uses Windows PowerShell Utility (lien direct) | A new sophisticated banking Trojan targeting Brazilians via a malicious .PIF file that changes browser proxy settings. | |||
|
2016-08-19 16:57:01 | Multiple Vulnerabilities Identified in \'Utterly Broken\' BHU Routers (lien direct) | Researchers have identified a router so fraught with vulnerabilities and so “utterly broken†that it can be exploited to do pretty much anything. | |||
|
2016-08-18 20:38:30 | EFF Blasts Microsoft Over \'Malicious\' Windows 10 Rollout Tactics (lien direct) | EFF holds nothing back when it comes to criticism over Microsoft's Get Windows 10 app along with new Windows 10 privacy policies. | |||
|
2016-08-18 15:34:13 | Locky Targets Hospitals In Massive Wave Of Ransomware Attacks (lien direct) | A massive wave of Locky ransomware delivered via DOCM attachments is targeting the healthcare sector this month. | |||
|
2016-08-17 20:06:39 | Cisco Patches ASA Zero Days Exposed by ShadowBrokers (lien direct) | Cisco today patched two vulnerabilities in its Adaptive Security Appliance that were leaked in the ShadowBrokers data dump of Equation Group exploits. | |||
|
2016-08-17 11:30:46 | ShadowBrokers\' Leak Has \'Strong Connection\' to Equation Group (lien direct) | Researchers at Kaspersky Lab said there is a strong connection between the ShadowBrokers cache of exploits and those belonging to the Equation Group. | |||
|
2016-08-16 18:27:45 | VeraCrypt Audit Under Way; Email Mystery Cleared Up (lien direct) | Missing emails between the parties involved in an audit of VeraCrypt, which began today, are now being blamed on errors in mail.app and GPGMail. | |||
|
2016-08-15 21:10:00 | TCP Flaw in Linux Extends to 80 Percent of Android Devices (lien direct) | Researchers at Lookout said that 80 percent of Android devices remain vulnerable to a critical Linux vulnerability disclosed last week. | |||
|
2016-08-15 16:57:44 | Westin, Marriott, Sheraton Hotels Hit By Payment Card Malware (lien direct) | Twenty hotels belonging to HEI Hotels and Resorts have been implicated in a data breach that may have leaked payment data from tens of thousands point of sale purchases. | ★★★★★ | ||
|
2016-08-12 17:00:13 | Undocumented SNMP String Exposes Rockwell PLCs to Remote Attacks (lien direct) | Industrial control system operators running Rockwell MicroLogix 1400 PLCs have been warned about a vulnerability that exposes these devices in critical industries to attack. | |||
|
2016-08-12 13:00:25 | Key Fob Hack Allows Attackers To Unlock Millions Of Cars (lien direct) | Researchers claim a hack of Volkswagen's keyless entry systems leave millions of cars vulnerable to attack by and “unskilled adversary.†| |||
|
2016-08-11 18:10:06 | New Gmail Alerts Warn of Unauthenticated Senders (lien direct) | Google is rolling out new Gmail security features that warn users if the system could not authenticate the sender of a message. | |||
|
2016-08-11 15:31:39 | Microsoft Mistakenly Leaks Secure Boot Key (lien direct) | Microsoft inadvertently published a Secure Boot "golden key" policy that allows for self-signed or unsigned binaries to be loaded on Windows devices. | |||
|
2016-08-11 15:27:47 | Bluetooth Hack Leaves Many Smart Locks, IoT Devices Vulnerable (lien direct) | Researchers are sounding an alarm over the growing number of Bluetooth devices used for keyless entry and mobile point-of-sales systems that are vulnerable to man-in-the-middle attacks. | |||
|
2016-08-10 19:25:19 | vBulletin Patches Serious Flaw in Forum Software (lien direct) | A serious vulnerability has been patched in forum software made by vBulletin that could allow attackers to scan servers hosting the package and possibly execute arbitrary code. | |||
|
2016-08-10 16:55:01 | Serious TCP Bug in Linux Systems Allows Traffic Hijacking (lien direct) | A serious vulnerability in the TCP implementation in Linux systems can be used identify hosts communicating over the protocol and attack that traffic. | |||
|
2016-08-10 14:00:35 | Windows 10 Attack Surface Grows with Linux Support in Anniversary Update (lien direct) | Support for Linux binaries in a new Windows 10 Anniversary Update feature expands the OS' attack surface, experts said. | |||
|
2016-08-09 16:50:48 | A Month Without Adobe Flash Player Patches (lien direct) | Adobe rolled out patches for four vulnerabilities in Adobe Experience Manager, the first time since January its monthly patch release cycle has not included a Flash Player security update. | |||
|
2016-08-09 13:00:40 | Misuse of Language: ‘Cyber’; When War is Not a War, and a Weapon is Not a Weapon (lien direct) | In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter discuss the imprecision in language surrounding “cyber war” and “cyber weapons,” and explain how this may contribute to bad law and policy. | |||
|
2016-08-08 21:21:59 | Breach Forces Password Change on Oracle MICROS PoS Customers (lien direct) | Oracle warns its MICROS point-of-sale system customers to change account passwords after malware was discovered on a support site that was infecting users. | |||
|
2016-08-08 15:11:36 | Quadrooter Flaw in Qualcomm Chips Puts 900M Android Devices At Risk (lien direct) | Researchers at Check Point said the Quadrooter flaw that leaves 900 million devices open to attack will not be fixed until September. | |||
|
2016-08-08 13:00:38 | iOS 9.3.4 Patches Critical Code Execution Flaw (lien direct) | Apple patched a critical iOS memory corruption vulnerability privately disclosed by jailbreak specialists Pangu Team. | |||
|
2016-08-05 20:49:27 | PLC-Blaster Worm Targets Industrial Control Systems (lien direct) | Researchers create a self-propagating worm that can infect a Siemens' PLC and can be programmed to bring an industrial control platform to its knees. | ★★★ | ||
|
2016-08-05 16:00:27 | Gunter Ollmann on the Future of Ransomware, Exploit Kits, and IoT (lien direct) | Gunter Ollmann, CSO at Vectra networks, talks to Mike Mimoso about ransomware as a prototype for malware going forward, as well as the long-term future of exploit kits and whether IoT is something that can be secured sooner rather than later. | |||
|
2016-08-05 00:30:40 | Apple Launches Bug Bounty with Maximum $200,000 Reward (lien direct) | Apple closed out Black Hat today with a long-awaited announcement that next month it will launch a bug bounty. | |||
|
2016-08-04 22:05:43 | How Bugs Lead to a Better Android (lien direct) | Google explained during a Black Hat talk its approach to patching Android vulnerabilities and lessons learned post-Stagefright. | |||
|
2016-08-04 19:26:54 | Miller, Valasek Deliver Final Car Hacking Talk (lien direct) | Charlie Miller and Chris Valasek explained at Black Hat today how they were able to control steering and the parking brake on a Jeep Cherokee at speed. The two said the talk would be their last on car hacking. | |||
|
2016-08-04 14:00:28 | Researchers Go Inside a Business Email Compromise Scam (lien direct) | Dell SecureWorks today published a report at Black Hat USA 2016 on a Nigerian Business Email Compromise scam called "wire-wire", or “waya-waya.” | |||
|
2016-08-04 02:29:38 | Researchers Bypass Chip-and-Pin Protections at Black Hat (lien direct) | Researchers demonstrated how they can capture both Track 2 data and bypass chip and pin protections with a Raspberry Pi and infected pin pads at Black Hat. | |||
|
2016-08-04 02:14:43 | Oracle EBusiness Suite ‘Massive’ Attack Surface Assessed (lien direct) | Oracle bug hunter David Litchfield scoured Oracle EBusiness Suite looking for vulnerabilities and shared what he found during a Black Hat talk. | |||
|
2016-08-03 20:47:32 | Fixing ‘This Internet’ Before It Breaks Again (lien direct) | Dan Kaminsky advocates fixing today's internet before it breaks the same way it did in the 1990s. |
To see everything:
Our RSS (filtrered)
