Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-30 13:41:03 |
Cyberattack Hits US Newspaper Deliveries: Report (lien direct) |
A malware attack that appears to have originated outside the US delayed the hardcopy distribution of several major newspapers, according to a report.
|
Malware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-28 17:09:00 |
National Guard From 4 States Will Help With Cyber Operations (lien direct) |
National Guard soldiers from Colorado, North Dakota, South Dakota and Utah are deploying to Fort Meade, Maryland, as part of a cyber protection team supporting U.S. military operations in Afghanistan.
The Colorado guard said Thursday Cyber Protection Team 174 will help the Defense Department with network security and cyber defensive operations.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-28 15:38:05 |
Evasive Malware, Meet Evasive Phishing (lien direct) |
In a previous column, I wrote about how evasive malware has become commoditized and described how the techniques being used in any given piece of malware had grown in number and sophistication-the layering of multiple techniques being its own form of sophistication.
|
Malware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-28 15:21:02 |
North Korea Defectors\' Details Leaked in Hacking (lien direct) |
Personal details of nearly 1,000 North Korean defectors living in the South have been leaked in a hacking case, officials said Friday, exposing them to potential threats from the North.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-28 07:14:02 |
Ex-MtGox Bitcoin Chief Maintains Innocence in Trial Closing Arguments (lien direct) |
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-28 07:06:03 |
Huawei Expects 21% Revenue Rise Despite \'Unfair\' Treatment (lien direct) |
Chinese telecoms giant Huawei expects to see a 21 percent rise in revenue for 2018, its chairman said Thursday despite a year of "unfair treatment" which saw its products banned in several countries over security concerns.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-27 15:31:02 |
What Family Harmony and Reducing Time to Containment Have in Common (lien direct) |
Most Organizations Have More Intelligence Than They Know What to do With..
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-27 15:16:05 |
FBI Steps Up Efforts Against \'Money Mules\' Online Fraud (lien direct) |
The email caught the executive at a small company by surprise one morning in 2016. The company's owner, or so he thought, was requesting a money transfer to pay for supplies from a new vendor.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-27 15:10:01 |
Can You Mitigate Against Mission Impossible? (lien direct) |
Focus on the Countless Manageable Vulnerabilities That You Can Control and Protect Against
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-27 06:20:01 |
BevMo Warns of Customer Credit Card Data Breach (lien direct) |
BevMo is warning that a data breach may have allowed a hacker to steal credit card numbers and other information from more than 14,000 customers who used the alcohol-seller's website.
The Concord, Calif.-based company has notified the California attorney general's office that someone was able to plant malicious computer code on its checkout page.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-26 15:18:05 |
Idaho Lab Protects US Infrastructure From Cyber Attacks (lien direct) |
It's called the "Dark Side" because the 50 workers there prefer to keep the lights low so they can dim the brightness on their computer screens.
Or maybe it's because of what they do in cyber research and development.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-26 14:07:05 |
China\'s Huawei Faces New Setbacks in Europe\'s Telecom Market (lien direct) |
The U.S. dispute with China over a ban on tech giant Huawei is spilling over to Europe, the company's biggest foreign market, where some countries are also starting to shun its network systems over data security concerns.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-24 13:21:00 |
Vulnerabilities in WibuKey Could Lead to Code Execution (lien direct) |
Vulnerabilities in the WibuKey Digital Rights Management (DRM) solution could be leveraged to disclose information, elevate privileges, or even execute code on affected systems.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 17:26:03 |
Android 9 Brings Significant Security Advancements, Google Says (lien direct) |
The latest Android iteration brings along a great deal of security improvements, including better encryption and authentication, Google says.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 17:16:00 |
(Déjà vu) U.S. Authorities Take Down 15 DDoS-for-Hire Websites (lien direct) |
The Federal Bureau of Investigation (FBI) this week seized 15 domains associated with DDoS-for-hire services, the Department of Justice announced.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 17:09:00 |
Singapore Government Announces Second Bug Bounty Program (lien direct) |
The government of Singapore this week announced plans to launch a second bug bounty program in collaboration with hacker-powered security platform HackerOne.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 16:07:02 |
Alexa May Be Recording More Than You Realize (lien direct) |
Executives may need to reconsider whether Amazon's Alexa personal assistant is listening to more than just their commands. Or perhaps the telephone conference attendee who pauses to gather details from Alexa is giving the device more than just his or her own comments.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 15:51:02 |
Industry Reactions to U.S. Charging APT10 Hackers: Feedback Friday (lien direct) |
The United States, United Kingdom, Canada, Australia, New Zealand and Japan have pointed the finger at China for sophisticated cyberattacks launched by a threat group known as APT10 against organizations around the world. The U.S.
|
Threat
|
APT 10
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 14:55:02 |
UK\'s NCSC Adopts HackerOne for Vulnerability Coordination Disclosure (lien direct) |
Almost since its inception in October 2016, the UK's National Cyber Security Centre (NCSC) has been considering how to formalize its vulnerability disclosure process. While the agency has a wider role in strengthening the overall cyber security of UK business, it has a more specific responsibility towards government systems.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 14:51:01 |
France Fines Uber 400,000 Euros Over Huge Data Breach (lien direct) |
France's data protection agency said Thursday that it had fined the US ride-hailing group Uber 400,000 euros ($460,000) over a 2016 data breach that exposed the personal data of some 57 million clients and drivers worldwide.
|
Data Breach
|
Uber
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 14:38:05 |
Payment Card Breach Hits Over 260 Caribou Coffee Stores (lien direct) |
Caribou Coffee informed customers this week that more than 260 of its stores in the United States were hit by a data breach that resulted in the exposure of payment card information.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 13:06:04 |
Office 365, Outlook Credentials Most Targeted by Phishing Kits (lien direct) |
Phishing attacks have become more targeted and sophisticated and also show a focus on enterprises, cloud-based Internet security services provider Cyren says.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 07:24:01 |
\'Five Eyes\' Nations Blame China for APT10 Attacks (lien direct) |
The United States, United Kingdom, Canada, Australia and New Zealand officially blamed China on Thursday for the cyberattacks launched by a threat group known as APT10 against organizations around the world.
|
Threat
|
APT 10
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-21 05:59:01 |
Cisco Patches Privilege Escalation Vulnerability in Adaptive Security Appliance (lien direct) |
A vulnerability in Cisco Adaptive Security Appliance (ASA) Software could allow an attacker to retrieve files or replace software images on a device.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-20 18:39:02 |
Hack the Air Force 3.0 Earns Researchers $130,000 (lien direct) |
The U.S. Defense Department and bug bounty platform HackerOne on Thursday announced the results of Hack the Air Force 3.0.
|
Hack
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-20 17:46:05 |
US Indicts Chinese Govt Hackers Over Attacks in 12 Countries (lien direct) |
The US Justice Department on Thursday indicted two Chinese hackers tied to Beijing's security services who allegedly targeted companies and agencies in a dozen countries, which US officials said showed President Xi Jinping had not fulfilled his pledge to stop cybercrime.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-20 16:41:02 |
Shamoon 3 Wiper Code Includes Verse From Quran (lien direct) |
Researchers continue to analyze the recent Shamoon 3 attacks and they have discovered more links to Iran and additional components of the malware.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-20 07:35:04 |
U.S. Sanctions Russians for Hacking, Election Interference (lien direct) |
The U.S. Treasury Department on Wednesday announced sanctions against nearly two dozen Russia-related individuals and entities over their roles in election interference, hacking the World Anti-Doping Agency (WADA), and other malicious activities.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-20 05:53:03 |
Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks (lien direct) |
An out-of-band update released by Microsoft on Wednesday for its Internet Explorer web browser patches a zero-day vulnerability exploited by malicious actors in targeted attacks.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 18:27:00 |
Cybercriminals Host Malicious Payloads on Google Cloud Storage (lien direct) |
A malicious email campaign targeting employees of banks and financial services companies in the United States and the United Kingdom has been abusing Google Cloud Storage for payload delivery, Menlo Labs security researchers say.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 17:17:01 |
Russian Cyberspies Build \'Go\' Version of Their Trojan (lien direct) |
The Russian-linked cyber-espionage group Sofacy has developed a new version of their Zebrocy tool using the Go programming language, Palo Alto Networks security researchers warn.
|
Tool
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 16:54:03 |
Quarter of Healthcare Organizations Hit by Ransomware in Past Year: Study (lien direct) |
One in four (27%) employees of healthcare organizations in North America admit to being aware of a ransomware attack targeting their employer over the past year, a new Kaspersky Lab survey reveals.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 16:11:04 |
DoD Lacks Visibility into Software Inventories, Audit Finds (lien direct) |
The U.S. Department of Defense lacks visibility into software inventories, a review of Marine Corps, Navy, and Air Force commands and divisions reveals.
|
|
|
★★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 15:59:00 |
Greece: France Wins New Round on Russian Cybercrime Suspect (lien direct) |
ATHENS, Greece (AP) - Greece's supreme court has accepted a French extradition request for a Russian bitcoin fraud suspect, whom the same court has, confusingly, already agreed to extradite to the U.S. and Russia.
|
|
|
★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 15:19:00 |
Servers Can Be Bricked Remotely via BMC Attack (lien direct) |
Hackers could remotely brick servers by launching firmware attacks that involve the Baseboard Management Controller (BMC), researchers at firmware security company Eclypsium have demonstrated.
|
|
|
★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 12:59:01 |
Artificial Intelligence in Cybersecurity is Not Delivering on its Promise (lien direct) |
The Cybersecurity Industry Doesn't Have Artificial Intelligence Right Yet, But it is Promising Technology
|
|
|
★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 11:44:00 |
\'Thousands\' of EU Diplomatic Cables Hacked: Report (lien direct) |
Hackers apparently connected to China accessed thousands of sensitive EU diplomatic cables, the New York Times reported Wednesday, in the latest embarrassing data breach to hit a major international organization.
|
Data Breach
|
|
★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 08:23:02 |
Popular Banking Trojans Share Loaders (lien direct) |
Several well-known banking Trojans that have been around for several years have shared loaders, Trend Micro security researchers have discovered.
|
|
|
★★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-19 05:34:02 |
Huawei Rejects Western Security Fears, Says \'No Evidence\' (lien direct) |
Huawei defended its global ambitions and network security on Tuesday in the face of Western fears that the Chinese telecom giant could serve as a Trojan horse for Beijing's security apparatus.
|
|
|
★★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 17:34:00 |
Backdoor Targeting Malaysian Government a "Mash-up" of Malware (lien direct) |
A recently observed cyber-espionage toolkit that was used in targeted attacks against the Malaysian government in mid-2018 is made up of publicly available tools and leaked source code of backdoors, ESET says.
|
Malware
|
|
★★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 17:15:00 |
Serious Flaws Found in ABB Safety PLC Gateways (lien direct) |
Researchers discovered that some gateways made by Swiss industrial tech company ABB are affected by potentially serious vulnerabilities, but firmware updates will not be made available by the vendor as the impacted products have reached end of life.
|
|
|
★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 16:20:01 |
Untangle Partners With Malwarebytes to Bring Layered Security to SMBs (lien direct) |
Untangle and Malwarebytes Partner to Extend Visibility Across Managed Networks and Endpoints for SMBs
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 16:12:03 |
(Déjà vu) Oath Paid Out $5 Million in Bug Bounties in 2018 (lien direct) |
Media giant Oath reported on Tuesday that it has paid out $5 million through its HackerOne-powered bug bounty program in 2018.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 14:59:01 |
Data Protection Firm Egress Raises $40 Million (lien direct) |
Data security solutions provider Egress on Tuesday announced that it has raised $40 million in a Series C funding round led by FTV Capital, with participation from existing investor AlbionVC.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 14:51:00 |
WordPress Patches Privilege Escalation Vulnerabilities (lien direct) |
Privilege escalation vulnerabilities in WordPress allow attackers to access features that were intended for administrators only, RIPS Tech security researchers say.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 14:27:01 |
OT Incident Response: Is it Mission Impossible? (lien direct) |
What Should You do in the Event of a Cybersecurity Incident in an Industrial Environment?
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 10:13:03 |
Testing Security Products: Third-Party Standards vs. In-House Testing (lien direct) |
For the last decade, the Anti-Malware Testing Standards Organization (AMTSO) has owned the endpoint security testing standards space. It has done much good, bringing order and consistency to a complex arena.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 06:55:04 |
Czech Warning Over Huawei, ZTE Security \'Threat\' (lien direct) |
A Czech cyber-security agency on Monday warned against using the software and hardware of China's Huawei and ZTE companies, saying they posed a threat to state security.
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-18 06:50:00 |
Twitter Warns of Possible State-Sponsored Attack (lien direct) |
While investigating an information disclosure flaw affecting one of its support forms, Twitter discovered a possible attack coming from IP addresses that may be linked to state-sponsored actors.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2018-12-17 18:58:02 |
New Cyber Readiness Program Launched for SMBs (lien direct) |
The Cyber Readiness Institute (CRI) has launched a Cyber Readiness Program designed to provide practical and meaningful assistance to small and medium businesses who perhaps don't have the resources to give security the priority it needs and deserves.
|
|
|
|