What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-05-21 12:55:02 | Researcher Earns $36,000 for Google App Engine Flaws (lien direct) | An 18-year-old researcher has earned more than $36,000 from Google after finding a critical remote code execution vulnerability related to the Google App Engine. Part of the Google Cloud offering, the App Engine is a framework that allows users to develop and host web applications on a fully managed serverless platform. | |||
|
2018-05-21 10:47:01 | Utimaco to Acquire Atalla Hardware Security Module Business From Micro Focus (lien direct) | Aachen, Germany-based firm Utimaco will acquire the Atalla hardware security module (HSM) and enterprise secure key manager (ESKM) lines from UK-based Micro Focus. | |||
|
2018-05-21 05:55:03 | Hacked Drupal Sites Deliver Miners, RATs, Scams (lien direct) | The Drupal websites hacked by cybercriminals using the vulnerabilities known as Drupalgeddon2 and Drupalgeddon3 deliver cryptocurrency miners, remote administration tools (RATs) and tech support scams. | |||
|
2018-05-21 04:40:03 | (Déjà vu) Two Vulnerabilities Patched in BIND DNS Software (lien direct) | Updates announced on Friday by the Internet Systems Consortium (ISC) for BIND, the most widely used Domain Name System (DNS) software, patch a couple of vulnerabilities. While attackers may be able to exploit both of the flaws remotely for denial-of-service (DoS) attacks, the security holes have been assigned only a “medium” severity rating. | |||
|
2018-05-18 16:40:02 | 200 Million Sets of Japanese PII Emerge on Underground Forums (lien direct) | A dataset allegedly containing 200 million unique sets of personally identifiable information (PII) exfiltrated from several popular Japanese website databases emerged on underground forums, FireEye reports. | |||
|
2018-05-18 16:03:00 | F-Secure Unveils New Endpoint Detection & Response Solution (lien direct) | Finland-based cybersecurity firm F-Secure on Thursday announced the launch of a new endpoint detection and response (EDR) solution that combines human expertise and artificial intelligence. | |||
|
2018-05-18 13:07:00 | Misconfigured CalAmp Server Enabled Vehicle Takeover (lien direct) | A misconfigured server operated by CalAmp, a company offering the backend for a broad range of well-known car alarm systems, provided anyone with access to data and even allowed for account and vehicle takeover. | |||
|
2018-05-18 11:20:03 | Chrome to Issue Red "Not Secure" Warning for HTTP (lien direct) | Google is putting yet another nail in the HTTP coffin: starting with Chrome 70, pages that are not served over a secure connection will be marked with a red warning. | |||
|
2018-05-18 08:39:03 | Man Sentenced to 15 Years in Prison for DDoS Attacks, Firearm Charges (lien direct) | A New Mexico man has been sentenced to 15 years in prison for launching distributed denial-of-service (DDoS) attacks on dozens of organizations and for firearms-related charges. | ★★★★★ | ||
|
2018-05-18 07:26:05 | More Charges Against \'Syrian Electronic Army\' Hackers (lien direct) | The U.S. Justice Department on Thursday announced more charges against two Syrian nationals believed to be members of the “Syrian Electronic Army” hacker group. | |||
|
2018-05-17 18:21:05 | "Wicked" Variant of Mirai Botnet Emerges (lien direct) | A new variant of the Mirai Internet of Things (IoT) botnet has emerged, which features new exploits in its arsenal and distributing a new bot, Fortinet researchers warn. | |||
|
2018-05-17 18:06:02 | Will Your Enterprise Survive the IoT Explosion? (lien direct) | How Can Businesses Minimize the Risk Created by IoT While Ensuring Networks Are Secure? | |||
|
2018-05-17 17:10:03 | DHS Publishes New Cybersecurity Strategy (lien direct) | The U.S. Department of Homeland Security (DHS) this week published its long-delayed Cybersecurity Strategy. It had been mandated by Congress to deliver a strategy by March 2017, and did so on May 15, 2018. | |||
|
2018-05-17 16:36:01 | \'Chrysene\' Group Targets ICS Networks in Middle East, UK (lien direct) | A threat actor with ties to hacker groups believed to be operating out of Iran has been targeting the industrial networks of organizations in the Middle East and the United Kingdom. | |||
|
2018-05-17 15:38:03 | Critical Flaws in Cisco DNA Center Allow Unauthorized Access (lien direct) | Cisco has found and patched three critical unauthorized access vulnerabilities in its Digital Network Architecture (DNA) platform. Cisco DNA is a solution that helps enterprises automate network operations, making it easy to design, provision and apply policies across their environments. | |||
|
2018-05-17 13:40:04 | U.S. Energy Department Unveils Multiyear Cybersecurity Plan (lien direct) | The U.S. Department of Energy this week announced its strategy to reduce cyber risks in the energy sector and outlined its goals, objectives and activities for the next five years. | |||
|
2018-05-17 13:38:01 | Net Neutrality: Party Politics and Consumer Concerns (lien direct) | Net neutrality in the U.S. is a bi-partisan issue being fought in a very partisan manner. It was introduced in the Democrat Obama-years, and abandoned by the Republican Trump-installed FCC chairman Ajit Pau. Sen. Edward Markey, D-Mass. filed a procedural petition that would allow a debate on overturning the FCC ruling via the Congressional Review Act. | |||
|
2018-05-17 10:16:05 | Google Offers Free DDoS Protection for U.S. Political Organizations (lien direct) | Jigsaw, an incubator run by Google parent Alphabet, this week announced the availability of Project Shield – which offers free distributed denial of service (DDoS) protections – for the U.S. political community. | |||
|
2018-05-17 09:59:02 | Hackers Steal \'$15.3 Million\' From Mexico Financial System (lien direct) | Hackers who targeted Mexico's interbank payment system made off with more than $15 million in the past several weeks, the Bank of Mexico said Wednesday. The amount of funds involved in the irregular activity totaled "approximately 300 million pesos ($15.3 million)," central bank governor Alejandro Diaz de Leon told reporters. | |||
|
2018-05-17 09:54:05 | Deleted WHOIS Data: An Unintended Consequence of GDPR (lien direct) | GDPR Will Impact the Availability of WHOIS Data to Security Researchers and Investigators | |||
|
2018-05-17 06:14:01 | U.S. Jury Convicts Operator of Counter AV Service Scan4You (lien direct) | A 37-year-old Latvian resident was convicted by a U.S. jury on Wednesday for his role in the operation of a counter antivirus service named Scan4You. Sentencing is scheduled for September 21. | |||
|
2018-05-16 20:15:03 | U.S. Senate Votes to Restore \'Net Neutrality\' Rules (lien direct) | The US Senate voted Wednesday to restore so-called "net neutrality" rules aimed at requiring all online data to be treated equally, the latest step in a years-long battle on internet regulation. | |||
|
2018-05-16 17:09:01 | 10 Security Behaviors That Anger Us (lien direct) | Why Do We Get Angry With People for Doing What We Incentivize Them to Do? | |||
|
2018-05-16 16:32:03 | (Déjà vu) Critical Code Execution Flaws Patched in Advantech WebAccess (lien direct) | Taiwan-based industrial automation company Advantech has released an update for its WebAccess product to address nearly a dozen vulnerabilities, including critical flaws that allow arbitrary code execution. | ★★★ | ||
|
2018-05-16 15:37:01 | Auth0 Secures $55 Million in New Funding Round (lien direct) | Identity-as-a-Service (IDaaS) company Auth0 | |||
|
2018-05-16 15:22:03 | Cambridge Analytica Shared Data With Russia: Whistleblower (lien direct) | Political consulting group Cambridge Analytica used Russian researchers and shared data with companies linked to Russian intelligence, a whistleblower told a congressional hearing on interference in the 2016 US election Wednesday. | |||
|
2018-05-16 14:41:02 | Firefox Saves Screenshots to Publicly Accessible Cloud Servers (lien direct) | Mozilla's Firefox browser allows users to take screenshots of entire pages or sections of pages and save them to the cloud, but is making them publicly accessible by default, an ethical hacker has discovered. | |||
|
2018-05-16 13:38:04 | Serbia Arrests FBI-sought Cybercrime Suspect (lien direct) | Serbian police said Wednesday they had arrested a man sought by the FBI under suspicion of being part of a group of cybercriminals who called themselves "The Dark Overlord". | |||
|
2018-05-16 13:31:02 | Critical Command Injection Flaw Patched in Red Hat Linux (lien direct) | A critical vulnerability in the DHCP client in Red Hat Enterprise Linux could allow an attacker to execute arbitrary commands on impacted systems. | |||
|
2018-05-16 12:32:04 | Malicious PDF Leads to Discovery of Adobe Reader, Windows Zero-Days (lien direct) | Researchers at ESET recently came across a malicious PDF file set up to exploit two zero-day vulnerabilities affecting Adobe Reader and Microsoft Windows. | |||
|
2018-05-16 10:51:04 | Ecuador Spied on Assange at London Embassy: Report (lien direct) | Ecuador spied on WikiLeaks founder Julian Assange at its London embassy where he has been living since 2012, initially to support him but things changed after he hacked the mission's computers, the Guardian reported Wednesday. | |||
|
2018-05-16 09:59:04 | Ex-CIA Employee Suspected in WikiLeaks \'Vault7\' Leak (lien direct) | A former employee of the U.S. Central Intelligence Agency (CIA) is believed to have provided WikiLeaks the files made public by the whistleblower organization as part of its 'Vault 7' leak, which focuses on hacking tools used by the CIA. | |||
|
2018-05-16 05:03:03 | White House Cuts Cybersecurity Coordinator Role (lien direct) | 
|
|||
|
2018-05-15 18:20:01 | Driving the Convergence of Networking and Security (lien direct) | “Oh, East is East, and West is West, and never the twain shall meet …” When Rudyard Kipling wrote that opening line to “The Ballad of East and West,” little could he have known it might one day serve as a metaphor for the relationship between modern-day security operations (SecOps) and network operations (NetOps) teams. | |||
|
2018-05-15 16:42:01 | Severe DoS Flaw Discovered in Siemens SIMATIC PLCs (lien direct) | Siemens informed customers on Tuesday that some of its SIMATIC S7-400 CPUs are affected by a high severity denial-of-service (DoS) vulnerability. | ★★★ | ||
|
2018-05-15 15:57:01 | Deleted Signal Messages Linger on macOS (lien direct) | Messages from the Signal desktop application for Mac are not deleted from the machine, but instead copied to the notifications bar, where they persist, a security researcher warns. | |||
|
2018-05-15 15:29:01 | Flaws in Open Source Components Pose Increasing Risk to Apps: Study (lien direct) | Open source components have been increasingly used by developers, but failure to patch vulnerabilities in this type of software can pose serious risks. | |||
|
2018-05-15 15:05:01 | EU Data Protection May Trigger Global Ripple Effect (lien direct) | The EU's new data protection rules that enter into force later this month are having an impact around the world as firms, including in the United States and China, move to comply. | |||
|
2018-05-15 14:41:04 | Dutch Govt Dropping Kaspersky Software Over Spying Fears (lien direct) | The Dutch government is phasing out the use of anti-virus software made by Russian firm Kaspersky Lab amid fears of possible spying, despite vehement denials by the Moscow-based cyber security company. | |||
|
2018-05-15 14:26:02 | Signal Flaw Allowed Code Execution With No User Interaction (lien direct) | An update released over the weekend for the desktop version of the privacy-focused communications app Signal patches a critical vulnerability that could have been exploited for remote code execution with no user interaction required. | |||
|
2018-05-15 12:11:02 | New DDoS Attack Method Obfuscates Source Port Data (lien direct) | Recent distributed denial of service (DDoS) attacks showed evidence of a new method being used to bypass existing defenses by obfuscating source port data, Imperva says. | |||
|
2018-05-15 11:44:00 | Exploiting People Instead of Software: Report Shows Attacker Love for Human Interaction (lien direct) | Cybercriminals Continue to Rely on Human Interaction to Conduct Wide Range of Attacks | |||
|
2018-05-15 10:42:02 | Kaspersky Lab to Move Core Infrastructure to Switzerland (lien direct) | 
Company Will Open Transparency Center in Zurich by 2019; Data From Customers in North America Will be Stored and Processed in Switzerland
|
|||
|
2018-05-15 04:43:04 | Symantec Shares More Information on Internal Investigation (lien direct) | Symantec shares gained nearly 10 percent on Monday in anticipation of a conference call that promised to provide more information regarding the internal investigation announced by the company last week. | |||
|
2018-05-14 17:08:02 | Adobe Patches Two Dozen Critical Flaws in Acrobat, Reader (lien direct) | Updates released on Monday by Adobe for its Acrobat, Reader and Photoshop products patch nearly 50 vulnerabilities, including critical flaws that allow arbitrary code execution. | |||
|
2018-05-14 16:58:02 | Hackers Divert Funds From Mexico Banks, Amount Unclear: Official (lien direct) | Hackers have stolen an unknown amount of money from banks in Mexico in a series of cyber attacks on the country's interbank payments system, an official said Monday. | |||
|
2018-05-14 16:43:01 | Security Gaps Remain as OT, IT Converge (lien direct) | The accelerating digitization of business, driven by compelling commercial arguments, is driving the integration of new information technology (IT) networks with older operational technology (OT) networks. This is introducing new security risks to old technology and old technology practices -- and where the OT is driving a critical manufacturing plant, the new risk is from nation-state actors as well as traditional cyber criminals. | |||
|
2018-05-14 16:04:01 | Behind the Scenes in the Deceptive App Wars (lien direct) | All is not well in the app ecosphere. That ecosphere comprises a large number of useful apps that benefit users, and an unknown number of apps that deceive users. The latter are sometimes described potentially unwanted programs, or PUPs. Both categories need to make money: good apps are upfront with how this is achieved; deceptive apps hide the process. | |||
|
2018-05-14 14:39:04 | Facebook Suspends 200 Apps Over Data Misuse (lien direct) | Facebook said Monday it has suspended "around 200" apps on its platform as part of an investigation into misuse of private user data. | |||
|
2018-05-14 14:34:05 | Cyber War and the Compromise of Reliable Full Disclosure (lien direct) | We Can't Rely on Our Own Governments to Practice Responsible Full Disclosure. Full Disclosure is Compromised. |
To see everything:
Our RSS (filtrered)
