What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-01 12:10:00 | China\'s APT27 Hackers Use Array of Tools in Recent Attacks (lien direct) | Over the past two years, China-linked cyber-espionage group Emissary Panda has used an array of tools and intrusion methods in attacks on political, technology, manufacturing, and humanitarian organizations, Secureworks reports. | APT 27 | ||
|
2019-03-01 11:57:01 | How to Shop Like a Pro at RSA Conference (lien direct) | For the last few months, it's been hard to avoid Marie Kondo. Author of The Life-Changing Magic of Tidying Up, and star of the Netflix series Tidying Up With Marie Kondo. Her advice is everywhere today, but did you know that her advice also applies to visiting the RSA Conference? | |||
|
2019-03-01 11:43:04 | Ireland\'s Data Protection Commission Reports Multiple GDPR Investigations on Tech Giants (lien direct) | Ireland's Data Protection Commission (DPC), headed by the Commissioner for Data Protection, Helen Dixon, has published its first annual report since the General Data Protection Regulation (GDPR) came into force in May 2018. It shows that Europeans are taking their new privacy rights very seriously. In the five months of 2018 pre-GDPR, the DPC received 1,249 privacy complaints. In the seven months post-GDPR, it received a further 2,864. | |||
|
2019-02-28 16:24:02 | UN Aviation Agency Concealed Serious Hack: Media (lien direct) | The Montreal-based United Nations aviation agency concealed for months a hack of its computers and allowed malware to spread throughout the airline industry, Canada's public broadcaster reported Wednesday. | Malware Hack | ||
|
2019-02-28 16:18:05 | Cequence Security Secures $17 Million in Series B Funding (lien direct) | Application security solutions provider Cequence Security has raised $17 million in Series B funding round. To date, the company has secured $30 million in funding. | |||
|
2019-02-28 16:02:00 | Lawyer: Russian Cybercrime Suspect on Hunger Strike (lien direct) | The lawyers for a Russian suspected of bitcoin fraud and wanted by three countries said Thursday that the man's health is deteriorating due to a hunger strike, and criticized the Greek courts for detaining him for more than the maximum 18 months allowed. | |||
|
2019-02-28 15:35:01 | (Déjà vu) Application Security Firm Contrast Security Raises $65 Million (lien direct) | California-based application security company Contrast Security on Thursday announced that it raised $65 million in a Series D funding round, which brings the total raised by the firm to $122 million. | |||
|
2019-02-28 14:13:02 | Break the Daily Routine with Prioritization and Focus (lien direct) | With Context to Understand and Prioritize Security Data and Alerts You Can Stay Focused on What Matters Most | |||
|
2019-02-28 14:05:03 | Microsoft Unveils New Azure, Windows Defender ATP Tools (lien direct) | Microsoft on Thursday unveiled two new cloud-based security products and services - Microsoft Azure Sentinel and Microsoft Threat Experts - designed to make it easier for security teams to do their job. | Threat | ||
|
2019-02-28 13:52:05 | Dow Jones Watchlist Found Exposed to Open Internet (lien direct) | The Dow Jones Watchlist, a dataset of 4.4 Gigabytes, was found exposed in an unprotected Elasticsearch database on an AWS server. The Watchlist is used by many of the world's largest organizations as part of their due diligence for both large and small contracts and transactions. While it contains the financial status of companies, it also includes sensitive information about individuals. | |||
|
2019-02-28 12:50:00 | Market Trends and What to Watch for at RSA Conference 2019 (lien direct) | RSA Conference 2019 (RSAC) is just a few days away and the theme this year is “Better”. Better solutions and better connections for a better, safer world. Last year, more than 600 exhibitors packed the show floor and the level of innovation was impressive. I expect to be similarly impressed next week. | |||
|
2019-02-28 12:34:04 | Securing Digital Convergence (lien direct) | Hyperconnected Digital Environments Are Raising the Stakes for Security Teams Even Higher | |||
|
2019-02-28 06:47:00 | Intel SGX Card Extends Memory Protections to Existing Cloud Servers (lien direct) | Intel and its partners this week made several cybersecurity-related announcements, including the launch of new silicon-enabled products and tools. | |||
|
2019-02-27 17:39:00 | Facebook Says \'Clear History\' Feature Ready This Year (lien direct) | Facebook's feature allowing users to erase all their data is set to be released this year, many months after it was announced by the leading social network. | Guideline | ||
|
2019-02-27 16:33:05 | (Déjà vu) Identity Protection Firm Obsidian Security Raises $20 Million (lien direct) | Obsidian Security, a California-based provider of identity protection solutions, on Wednesday announced that it raised $20 million in a Series B funding round, which brings the total raised by the company to $30 million. | |||
|
2019-02-27 16:11:00 | Swedish Police Arrest Russia Spy Suspect (lien direct) | A technology worker suspected of spying for Russia has been arrested in Stockholm, the Swedish authorities said Wednesday. The person was believed to have been "recruited as an agent by a Russian intelligence officer posing as a diplomat in Sweden", head of counter intelligence at Sweden's security service Daniel Stenling said. | |||
|
2019-02-27 16:01:05 | Elasticsearch Clusters Under Attack From Multiple Hacking Groups (lien direct) | Cisco Talos' security researchers warn of a spike in attacks on unsecured Elasticsearch clusters, coming from six distinct actors. | |||
|
2019-02-27 15:45:05 | US Lawmakers Kick Off Debate Over Online Privacy (lien direct) | US lawmakers opened a debate Tuesday over privacy legislation in the first step by Congress toward regulation addressing a series of troublesome data protection abuses by tech firms. | |||
|
2019-02-27 15:37:05 | Chrome Zero-Day Exploited to Harvest User Data via PDF Files (lien direct) | Exploit detection service EdgeSpot says it has spotted several PDF documents that exploit a zero-day vulnerability in Chrome to collect information on users who open the files through Google's web browser. | Vulnerability | ||
|
2019-02-27 15:22:05 | \'Farseer\' Backdoor Targets Users in South East Asia (lien direct) | A recently discovered backdoor is used in attacks targeting victims in and around the South East Asia region, Palo Alto Networks security researchers warn. | |||
|
2019-02-27 15:04:01 | The Time is Now to Secure for 5G (lien direct) | 5G wireless networks are coming, and so are the security threats. By now you've undoubtedly heard about, talked about and thought about what the World Economic Forum has coined the “Fourth Industrial Revolution” that will take our industry by storm, transforming business models and network infrastructures, and enabling technologies and applications that just a few years ago were solely those of science fiction films. | |||
|
2019-02-27 07:20:05 | \'Thunderclap\' Flaws Expose Computers to Attacks via Peripheral Devices (lien direct) | Researchers have disclosed the details of an attack method that can allow a malicious actor to take control of a computer and gain access to sensitive data by connecting a specially crafted device to its Thunderbolt port. | |||
|
2019-02-27 03:07:03 | Neverquest Trojan Operator Pleads Guilty (lien direct) | A Russian national has admitted in court to using the Neverquest Trojan to infect computers and steal their information for financial gain, the United States Department of Justice (DoJ) says. | |||
|
2019-02-26 21:59:01 | Russia\'s Ex-Cybersecurity Chief Gets 22-Year Sentence in Jail (lien direct) | A Russian military court convicted a former senior counterintelligence officer and a cybersecurity firm executive of treason Tuesday, concluding a case that initially aroused speculation of a manufactured effort to punish the source of leaks about Russian campaign hacking. | |||
|
2019-02-26 18:48:05 | New Attacks Show Signed PDF Documents Cannot Be Trusted (lien direct) | Many popular PDF viewers and online validation services contain vulnerabilities that can be exploited to make unauthorized changes to signed PDF documents without invalidating their signature, researchers have warned. | |||
|
2019-02-26 17:42:05 | NVIDIA Patches High Risk Vulnerabilities in GPU Display Drivers (lien direct) | NVIDIA has released a security update for the NVIDIA GPU display driver, to address several High severity vulnerabilities impacting GeForce, Quadro, NVS, and Tesla products. | Tesla | ||
|
2019-02-26 17:37:02 | New Attack Runs Code After Closing Browser Tab (lien direct) | A group of researchers has discovered that websites can abuse modern browser APIs to persistently abuse browser resources for nefarious operations even after their tabs or windows have been closed. | |||
|
2019-02-26 15:31:00 | Hackers Exploit WinRAR Vulnerability to Deliver Malware (lien direct) | Malicious hackers have started exploiting a critical WinRAR vulnerability disclosed less than one week ago, just as RARLab has released the final version of the update that should patch the flaw. | Malware Vulnerability | ||
|
2019-02-26 14:42:04 | Why Not Always Multi-Factor Authentication? (lien direct) | According to a survey of 2,600 IT professionals conducted by security awareness training firm KnowBe4, only 38 percent of large companies use multi-factor authentication (MFA) while a whopping 62 percent of small to midsize companies don't. MFA, which requires more than one method of authentication to verify identity, may not be the sexiest thing around, but with it in place, organizations can make it that much harder for attackers to accomplish their goals. | |||
|
2019-02-26 13:13:02 | Huawei Says US Has \'No Evidence\' of 5G Spying Allegations (lien direct) | Huawei's chairman said Tuesday that the United States has "no evidence" that its equipment to build next-generation 5G wireless networks could be used as a vehicle for Chinese spy operations. | |||
|
2019-02-26 11:17:03 | Backdoor Targets U.S. Companies via LinkedIn (lien direct) | A malicious campaign attempting to infect business users in the United States with a backdoor has been ongoing for over half a year, Proofpoint reports. | |||
|
2019-02-26 08:00:00 | Drupal RCE Flaw Exploited in Attacks Days After Patch (lien direct) | A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three days after a fix was released. | Vulnerability | ||
|
2019-02-26 06:53:05 | Hackers Can Plant Backdoors on Bare Metal Cloud Servers: Researchers (lien direct) | Malicious actors could plant firmware backdoors on bare metal cloud servers and use them to disrupt applications, steal data, and launch ransomware attacks, firmware security company Eclypsium warned on Tuesday. | Ransomware | ||
|
2019-02-25 21:44:02 | Mozilla May Reject UAE Firm\'s Root Inclusion Request (lien direct) | Mozilla is considering rejecting a request by United Arab Emirates-based DarkMatter to be accepted as a top-level certificate authority in Mozilla's root certificate program. | |||
|
2019-02-25 17:07:01 | Serious Flaws in WibuKey DRM Impact Siemens Products (lien direct) | Siemens has informed customers that some of its products are affected by recently disclosed vulnerabilities affecting the WibuKey digital rights management (DRM) solution from Wibu Systems. | |||
|
2019-02-25 17:03:04 | The Truth about Business Risk Intelligence (lien direct) | Starting a business risk intelligence (BRI) program often requires overcoming challenges that involve resource allocation, operational bandwidth, or stakeholder support, to name a few. And occasionally, these challenges can be exacerbated by myths and misconceptions about what BRI is and can accomplish. | |||
|
2019-02-25 16:27:01 | European Telecommunications Standards Institute Publishes New IoT Security Standard (lien direct) | On February 19, the European Telecommunications Standards Institute (ETSI) published the ETSI TS 103 645 V1.1.1 -- or more simply, a high-level outcome-focused standard (PDF) for cybersecurity in the consumer-oriented Internet of Things (IoT). | |||
|
2019-02-25 15:29:02 | Support for FIDO2 Passwordless Authentication Added to Android (lien direct) | 
|
|||
|
2019-02-25 13:27:04 | Consumer Groups Protest Being Left Out of Senate Privacy Hearing (lien direct) | Consumer groups voiced dismay Friday after a US Senate panel considering privacy legislation scheduled a largely industry-packed witness list for an upcoming hearing. | |||
|
2019-02-25 13:22:05 | California Introduces New Data Breach Notification Law (lien direct) | California Attorney General Xavier Becerra and Assemblymember Marc Levine last week introduced a new piece of legislation that would require organizations to notify consumers if their passport or biometric information has been compromised in a data breach. | Data Breach | ||
|
2019-02-25 07:00:02 | Prosecutors Seek 3-Year Sentence in \'Celebgate\' Hacking Case (lien direct) | Federal prosecutors have recommended a sentence of nearly three years in prison for a former Virginia high school teacher convicted of hacking into private digital accounts of celebrities and others. | |||
|
2019-02-23 19:39:04 | New Service From Cisco\'s Duo Labs Analyzes Chrome Extensions (lien direct) | Duo Labs, part of Cisco-owned Duo Security, has launched a new service designed to analyze Chrome extensions and deliver security reports on them. | |||
|
2019-02-23 18:43:02 | Report: Apps Give Facebook Sensitive Health and Other Data (lien direct) | Several phone apps are sending sensitive user data, including health information, to Facebook without users' consent, according to a report by The Wall Street Journal. An analytics tool called "App Events" allows app developers to record user activity and report it back to Facebook, even if the user isn't on Facebook, according to the report . | Tool | ||
|
2019-02-23 02:29:01 | Warning Issued Over Attacks on Internet Infrastructure (lien direct) | Key parts of the internet infrastructure face large-scale attacks that threaten the global system of web traffic, the internet's address keeper warned Friday. | |||
|
2019-02-22 18:06:03 | Bug Allows Bypass of WhatsApp Face ID, Touch ID Protection (lien direct) | The Face ID and Touch ID authentication feature introduced recently to WhatsApp for iOS can be easily bypassed, but a patch has been released. | ★★★★★ | ||
|
2019-02-22 16:09:02 | Cybercriminals Promise Millions to Skilled Black Hats: Report (lien direct) | Cybercriminals say they are willing to pay over a million dollars per year to individuals with network management, penetration testing, and programming skills willing to put on a black hat, a new Digital Shadows report reveals. | ★★★★ | ||
|
2019-02-22 07:14:00 | Researcher Earns $10,000 for Another XSS Flaw in Yahoo Mail (lien direct) | A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user's emails and attach malicious code to their outgoing messages. | Vulnerability | Yahoo | |
|
2019-02-22 05:57:02 | Mexican Privacy Watchdog Criticizes Government Over Spyware (lien direct) | Mexico's privacy watchdog said Wednesday that the federal Attorney General's Office stonewalled it for more than a year as it tried to investigate the government's use of powerful Israeli spyware against journalists, lawyers and activists. | |||
|
2019-02-21 17:46:03 | Google\'s Nest Hub Has a Microphone It Forgot to Mention (lien direct) | Google said Wednesday it forgot to mention that it included a microphone in its Nest Secure home alarm system, the latest privacy flub by one of the tech industry's leading collectors of personal information. | Guideline | ★★★★★ | |
|
2019-02-21 17:19:04 | Cisco Patches High Severity Flaws in HyperFlex, Prime Infrastructure (lien direct) | Cisco this week released patches for more than a dozen vulnerabilities across its product portfolio, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. |
To see everything:
Our RSS (filtrered)
