What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-01-25 17:54:06 | "Hide \'N Seek" IoT Botnet Ensnares 20,000 Devices in Days (lien direct) | An Internet of Things (IoT) botnet featuring a worm-like spreading mechanism managed to ensnare over 20,000 devices over the course of several days, Bitdefender reports. | |||
|
2018-01-25 17:40:46 | Malware in 2017 Was Full of Twists and Turns (lien direct) | Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering, and ups and downs in ransomware. | |||
|
2018-01-25 17:31:29 | 30 Million Possibly Impacted in Crypto-Currency Mining Operation (lien direct) | A large-scale crypto-currency mining operation active for over 4 months is believed to have impacted around 30 million systems worldwide, Palo Alto Networks security researchers say. | |||
|
2018-01-25 17:02:51 | Cutting Through the Confusion on Threat Intelligence Feeds and Platforms (lien direct) | Over the next five years, the threat intelligence market is predicted to grow more than 18% a year and reach nearly $9 billion by 2022. This growth is largely fueled by a fact we've all come to live with: we can't block every attack. | |||
|
2018-01-25 15:32:47 | New Targets, $2 Million in Prizes Announced for Pwn2Own 2018 (lien direct) | Trend Micro's Zero Day Initiative (ZDI) announced on Thursday that this year's Pwn2Own hacking competition offers $2 million in cash and prizes, with several new pieces of software added to the list of targets. | |||
|
2018-01-25 15:01:52 | North Korea-linked Lazarus Hackers Update Arsenal of Hacking Tools (lien direct) | Recent cyberattacks associated with the North Korea-linked Lazarus group have used an evolved backdoor, along with a Remote Controller tool, Trend Micro reports. | Medical | APT 38 | |
|
2018-01-25 14:07:08 | Railway Cybersecurity Firm Cylus Emerges From Stealth (lien direct) | Cylus Obtains $4.7 Million in Funding to Help Protect Rail Industry Against Cyberattacks Cylus, an Israel-based startup that specializes in cybersecurity solutions for the rail industry, emerged from stealth mode on Thursday with $4.7 million in seed funding. | |||
|
2018-01-25 13:08:35 | Embracing the Cultural Shift that Comes with Secure DevOps (lien direct) | Previously, I've written about bridging the cybersecurity knowledge gap in the boardroom. There's another area where we need to bridge a cybersecurity gap and that's in the software development lifecycle. | |||
|
2018-01-25 12:31:17 | Chrome 64 Brings Additional Mitigations for CPU Flaw (lien direct) | Google this week released Chrome 64 in the stable channel with fixes for 53 security flaws and with additional mitigations against the web-exploitable “Spectre†CPU vulnerability. | |||
|
2018-01-25 06:10:26 | Lawmakers Raise Questions About Disclosure of CPU Flaws (lien direct) | The U.S. House Energy and Commerce Committee on Wednesday sent letters to several tech giants, raising questions about how the disclosure of the CPU vulnerabilities known as Spectre and Meltdown was handled. | |||
|
2018-01-24 23:44:03 | Lebanon Must Investigate Claims of Mass Spying: Rights Groups (lien direct) | Eight rights groups including Human Rights Watch called on Lebanese authorities Wednesday to investigate reports of a massive espionage campaign traced back to a government security agency. | |||
|
2018-01-24 23:27:46 | Mirai-Based Masuta Botnet Weaponizes Old Router Vulnerability (lien direct) | A new Internet of Things-targeting piece of malware based on Mirai's publicly released source code has been observed at large, ensnaring devices into a botnet. | |||
|
2018-01-24 23:00:20 | Google Parent Alphabet Launches Cybersecurity Firm Chronicle (lien direct) | 
|
★★★★★ | ||
|
2018-01-24 18:02:40 | Facebook Acquires ID Verification Startup Confirm (lien direct) | Facebook has acquired Confirm, a Boston-based startup that specializes in identity verification solutions. Financial terms of the deal have not been disclosed. | |||
|
2018-01-24 17:47:49 | Code Execution Flaw Impacts Popular Desktop Apps (lien direct) | A remote code execution vulnerability was addressed in the Electron framework, which powers highly popular desktop applications, including Slack, Skype, Signal, GitHub Desktop, Twitch, Wordpress.com, and others. | |||
|
2018-01-24 17:38:25 | Compromised Credentials: The Primary Point of Attack for Data Breaches (lien direct) | Organizations Should Move to an Identity-centric Approach Based on a Zero Trust Model | |||
|
2018-01-24 17:04:32 | World Economic Forum Announces Global Centre for Cybersecurity (lien direct) | The World Economic Forum (WEF) is establishing a new Global Centre for Cybersecurity "to help build a safe and secure global cyberspace." | |||
|
2018-01-24 15:44:25 | Security and DevOps - What We Learned at DOES17 (lien direct) | The adoption of DevOps has implications for security teams, regardless of whether the name evolves to become “DevSecOps†or some other inclusive term. Digital transformation in the business – using software services to compete – requires faster code releases, which DevOps can deliver. | |||
|
2018-01-24 14:50:09 | Clothing Retailer Fallas Hit by Payment Card Breach (lien direct) | Clothing retailer National Stores, which operates 340 stores across the United States, informed customers this week that their payment card information may have been stolen by hackers. | |||
|
2018-01-24 13:25:44 | Amazon Acquires Threat Hunting Firm Sqrrl (lien direct) | Sqrrl, a Cambridge, Mass.-based big data analytics startup that is commercializing NSA technology to help organizations detect threats lurking in their infrastructure, has been acquired by Amazon. The company announced Tuesday that it has been acquired by Amazon and would be joining the Amazon Web Services (AWS) family. | |||
|
2018-01-24 13:09:03 | Apple Patches Meltdown Flaw in Older Versions of macOS (lien direct) | Apple on Tuesday released security updates for a majority of its products, and it patched the vulnerability that allows Meltdown attacks in earlier versions of its Mac operating system. | |||
|
2018-01-24 06:43:20 | Bell Canada Hit by Data Breach (lien direct) | Bell Canada has started informing customers that their personal data has been compromised in a breach that reportedly affects up to 100,000 individuals. | |||
|
2018-01-23 18:59:39 | SamSam Operators Make $325,000 in 4 Weeks (lien direct) | Numerous SamSam attacks over the past month or so have paid off to the ransomware's operators, as they made over $325,000 in a short period of time, security researchers with Cisco Talos say. | |||
|
2018-01-23 18:38:55 | HP, Dell Halt BIOS Updates Over Buggy CPU Patches (lien direct) | Dell, HP and other system manufacturers have advised customers not to install the recent BIOS updates designed to address the Spectre and Meltdown CPU vulnerabilities due to unstable code delivered by Intel. | ★★★★ | ||
|
2018-01-12 07:11:47 | AMD Working on Microcode Updates to Mitigate Spectre Attack (lien direct) | AMD has informed customers that it will soon release processor microcode updates that should mitigate one of the recently disclosed Spectre vulnerabilities, and Microsoft has resumed delivering security updates to devices with AMD CPUs. | |||
|
2018-01-11 18:16:04 | Bogus Passwords Can Unlock AppStore Preferences in macOS (lien direct) | A security vulnerability impacting macOS High Sierra allows admins to unlock the AppStore Preferences in System Preferences by providing any password. | |||
|
2018-01-11 18:05:46 | Proposed Legislation Would Create Office of Cybersecurity at FTC (lien direct) | Punitive Data Breach Legislation Proposed Post-Equifax | Equifax | ||
|
2018-01-11 17:11:27 | Security Operations Firm Arctic Wolf Raises $16 Million (lien direct) | Arctic Wolf Networks, a Sunnyvale, Calif.-based company that offers outsourced security operations center (SOC) services, announced on Wednesday that it has raised $16 million in new funding. | |||
|
2018-01-11 16:16:17 | Mac Malware Creator Indicted in U.S. (lien direct) | “FruitFly†Mac Malware Creator Allegedly Spied On Victims for 13 Years | |||
|
2018-01-11 16:03:11 | Meltdown Patch Broke Some Ubuntu Systems (lien direct) | Canonical was forced to release a second round of Ubuntu updates that address the recently disclosed CPU vulnerabilities after some users complained that their systems no longer booted after installing the initial patches. | |||
|
2018-01-11 16:01:16 | Highly Targeted Attacks Hit North Korean Defectors (lien direct) | A recent set of attacks aimed at North Korean defectors and journalists were associated with a highly targeted campaign conducted by an actor that does not appear to be related to any known cybercrime groups, McAfee says. | |||
|
2018-01-11 14:31:34 | Risky Business (Part 2): Why You Need a Risk Treatment Plan (lien direct) | Performing a Risk Analysis and Taking Due Care Are No Longer Optional Now hear this: You will always have exposure. | |||
|
2018-01-11 14:21:42 | Security Flaws Found in Majority of SCADA Mobile Apps (lien direct) | Researchers from IOActive and Embedi have conducted an analysis of SCADA mobile applications from 34 vendors and found vulnerabilities in a vast majority of them, including flaws that can be exploited to influence industrial processes. | |||
|
2018-01-11 14:19:06 | Don\'t Rely on One Star to Manage Digital Risk, The Key is Total Coverage (lien direct) | Vince Lombardi, one of the greatest coaches of all time said, “The achievements of an organization are the results of the combined effort of each individual.†Think about the most successful coaches and you'll see a common thread – the ability to bring players and staff together and use their talents effectively and intelligently to defeat opponents. Phil Jackson accomplished this with different NBA franchises and Joe Gibbs with different quarterbacks. | |||
|
2018-01-11 14:00:28 | Endgame Lands $1 Million Contract From U.S. Navy (lien direct) | Endgame, an Arlington, VA-based supplier of advanced endpoint protection software, has been awarded a $1 million contract by the U.S. Fleet Cyber Command/U.S. Tenth Fleet. The purpose of the contract is to protect more than 500,000 computers and ships' hull, mechanical and electrical systems, weapons and navigation systems, aviation systems, and the technology controlling physical devices on bases and facilities. | |||
|
2018-01-11 12:31:52 | Hackers Leak Olympic Committee Emails in Response to Russia Ban (lien direct) | A group of hackers linked to Russia has leaked several emails apparently exchanged between officials of the International Olympic Committee (IOC) and other individuals involved with the Olympics. The leak comes in response to Russia being banned from the upcoming Pyeongchang 2018 Winter Games in South Korea. | |||
|
2018-01-10 21:22:30 | Let\'s Encrypt Disables TLS-SNI-01 Validation (lien direct) | Free and open Certificate Authority (CA) Let's Encrypt on Tuesday disabled TLS-SNI-01 validation after learning that users could abuse it to obtain certificates for domains they do not own. | |||
|
2018-01-10 20:50:21 | NVIDIA Updates GPU Drivers to Mitigate CPU Flaws (lien direct) | NVIDIA has released updates for its GPU display drivers and other products in an effort to mitigate the recently disclosed attack methods dubbed Meltdown and Spectre. | |||
|
2018-01-10 15:57:07 | IBM Starts Patching Spectre, Meltdown Vulnerabilities (lien direct) | IBM has started releasing firmware patches for its POWER processors to address the recently disclosed Meltdown and Spectre vulnerabilities. The company is also working on updates for its operating systems, but those are expected to become available only next month. | |||
|
2018-01-10 15:32:15 | Android Malware Developed in Kotlin Programming Language Found in Google Play (lien direct) | Security researchers at Trend Micro have discovered a malicious application in Google Play that was developed using the Kotlin programming language. | |||
|
2018-01-10 13:53:13 | Rockwell Automation Patches Serious Flaw in MicroLogix 1400 PLC (lien direct) | A firmware update released a few weeks ago by Rockwell Automation for its MicroLogix 1400 programmable logic controllers (PLCs) patches a potentially serious vulnerability. The MicroLogix PLC family is used worldwide by organizations in the critical infrastructure, food and agriculture, and water and wastewater sectors for controlling processes. | |||
|
2018-01-10 13:49:20 | Industrial Cybersecurity Firm Nozomi Networks Raises $15 Million (lien direct) | Industrial cybersecurity firm Nozomi Networks has raised $15 million in a Series B funding round, the company announced Wednesday. The new funding brings the total amount raised by the company to date to $23.8 million. | |||
|
2018-01-10 13:14:05 | How Antivirus Software Can be the Perfect Spying Tool (lien direct) | Your antivirus product could be spying on you without you having a clue. It might be intentional but legitimate behavior, yet (malicious) intent is the one step separating antivirus software from a cyber-espionage tool. A perfect one, experts argue. | |||
|
2018-01-10 09:13:54 | Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (lien direct) | Microsoft and Intel have shared more information on the performance impact of the patches released for the recently disclosed attack methods known as Spectre and Meltdown. | |||
|
2018-01-09 20:33:14 | Microsoft Patches Zero-Day Vulnerability in Office (lien direct) | Microsoft's January 2018 Patch Tuesday updates address more than 50 vulnerabilities, including a zero-day vulnerability in Office related to an Equation Editor flaw that has been exploited by several threat groups in the past few months. | |||
|
2018-01-09 17:59:42 | WPA3 to Bring Improved Wireless Security in 2018 (lien direct) | Wi-Fi Alliance Announces WPA3, the Successor to Wi-Fi's WPA2 Security Protocol | |||
|
2018-01-09 17:25:56 | VirusTotal Launches Visualization Tool (lien direct) | VirusTotal this week announced the availability of a visualization tool designed to help with malware investigations. | |||
|
2018-01-09 16:45:14 | Adobe Patch Tuesday Updates Fix Only One Flash Player Flaw (lien direct) | Adobe's Patch Tuesday updates for January 2018 resolve only an information disclosure vulnerability affecting Flash Player. | |||
|
2018-01-09 15:22:32 | Working Smarter, Not Harder: Bridging the Cyber Security Skills Gap (lien direct) | The Most Effective Security Teams Aren't Necessarily the Largest or the Most Experienced | |||
|
2018-01-09 06:09:56 | Apple Adds Spectre Protections to Safari, WebKit (lien direct) | Updates released by Apple on Monday for iOS, macOS and Safari should mitigate the effects of the vulnerabilities exploited by the recently disclosed attack method named Spectre. |
To see everything:
Our RSS (filtrered)
