What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-10-31 15:35:31 | Firefox to Block Canvas-based Browser Fingerprinting (lien direct) | Firefox will soon provide users with increased privacy by blocking browser fingerprinting performed through the HTML5 canvas element. | |||
|
2017-10-31 14:39:41 | Threat Intelligence Firm Recorded Future Raises $25 Million (lien direct) | Threat intelligence provider Recorded Future today announced that it has raised $25 million in a Series E round of funding Led by Insight Venture Partners. | |||
|
2017-10-31 14:32:53 | Mozilla Raises Concerns Over DigiCert Acquiring Symantec CA (lien direct) | Mozilla has raised some concerns regarding DigiCert acquiring Symantec's website security and related public key infrastructure (PKI) solutions after major web browser vendors announced that certificates issued by the security firm would no longer be trusted. | |||
|
2017-10-31 12:21:58 | Backdoor Attacks From Windigo Operation Still Active (lien direct) | Windigo, a malicious operation uncovered over three years ago, continues to be active despite a takedown attempt in 2014 and the sentencing of one conspirator in August 2017. | |||
|
2017-10-31 11:32:00 | North Korea Denies Involvement in WannaCry Cyberattack (lien direct) | North Korea has slammed Britain for accusing it of being behind a global ransomware attack that hit the National Health Service, calling the allegation a "wicked attempt" to further tighten international sanctions against Pyongyang. | Wannacry | ||
|
2017-10-31 10:56:35 | IBM Helps Banks Prevent New Account Fraud (lien direct) | IBM Security announced on Tuesday the launch of a product designed to help banks and other service providers protect their customers against new account fraud (NAF). | |||
|
2017-10-31 10:37:53 | Life Between Absolutes - The Challenge of a Security Professional (lien direct) | Security has never been about being 'secure' or 'insecure'; I think we as an industry of professionals can broadly agree on this. What we don't seem to agree on, pretty much ever, is how to strike the balance of good enough security. | |||
|
2017-10-31 08:55:54 | Google Bug Tracker Exposed Details of Unpatched Vulnerabilities (lien direct) | A bug bounty hunter has earned more than $15,000 from Google after finding several potentially serious vulnerabilities related to the company's Issue Tracker, including one that exposed the details of unpatched flaws. | |||
|
2017-10-31 02:23:54 | FireEye Releases Managed Password Cracking Tool (lien direct) | FireEye on Monday released a tool designed to help red teams manage password cracking tasks across multiple GPU servers. Called GoCrack, the open source tool provides an easy-to-use, web-based real-time UI to create, view, and manage password cracking tasks. | |||
|
2017-10-30 19:30:20 | Sage Ransomware Gets Anti-Analysis Capabilities (lien direct) | The Sage ransomware, which emerged toward the beginning of this year, has added new functionality that allows it to escalate privileges and evade analysis, Fortinet warns. | |||
|
2017-10-30 18:07:38 | New iPhone Brings Face Recognition (and Fears) to the Masses (lien direct) | Apple will let you unlock the iPhone X with your face -- a move likely to bring facial recognition to the masses, along with concerns over how the technology may be used for nefarious purposes. | |||
|
2017-10-30 16:49:36 | Heathrow Probes How Security Data Found on London Street (lien direct) | Heathrow Airport said Sunday it has launched an internal investigation after a memory stick containing extensive security information was found on a London street by a member of the public. | |||
|
2017-10-30 16:28:44 | Hamas-Linked \'Gaza Cybergang\' Has New Tools, Targets (lien direct) | A threat actor believed to be linked to the Palestinian terrorist organization Hamas continues to target organizations in the Middle East and North Africa (MENA) region, and their operations now include some new tools and techniques, Kaspersky Lab reported on Monday. | |||
|
2017-10-30 14:29:33 | Oracle Patches Critical Flaw in Identity Manager (lien direct) | Oracle informed customers on Friday that its Identity Manager product is affected by a critical vulnerability that can be easily exploited by malicious actors. | |||
|
2017-10-30 13:23:24 | What More Does It Take to Make Cyber Security a Top Priority? (lien direct) | It has been yet another busy month in the world of cyber security news. What does it mean when breaches reach private sector and public institutions that are supposed to be experts in risk oversight? It means that security is hard even when it is treated as a priority, let alone when it is an afterthought, as it is in most institutions. | |||
|
2017-10-30 12:55:31 | Researchers Downplay Size of Reaper IoT Botnet (lien direct) | The Mirai-like "Reaper" botnet that began infecting Internet of Things (IoT) devices in late September has only ensnared up to 20,000 bots so far, according to estimates from Arbor Networks. | Cloud | APT 37 | |
|
2017-10-30 12:13:17 | Police Probe Hack of London Plastic Surgery Clinic (lien direct) | British police said Tuesday they were investigating the theft of data from a London plastic surgery clinic, with reports that sensitive images of celebrities have been stolen. London Bridge Plastic Surgery said it was still establishing the extent of the hack, adding that it believed those responsible have previously targeted US medical providers. | |||
|
2017-10-30 09:21:55 | Code Execution Flaws Patched in Apache OpenOffice (lien direct) | Researchers at Cisco Talos have discovered three vulnerabilities in Apache OpenOffice that can be exploited by malicious actors for remote code execution using specially crafted document files. | |||
|
2017-10-30 08:33:54 | NotPetya Attack Had Significant Impact on Merck Revenue (lien direct) | American pharmaceutical giant Merck reported last week that the recent NotPetya malware attack caused losses of hundreds of millions of dollars in revenue. | NotPetya | ||
|
2017-10-29 14:18:25 | VPN Law Latest Step in Kremlin Online Crackdown: Experts (lien direct) | A law coming into force on Wednesday will give the Kremlin greater control over what Russians can access online ahead of a presidential election next March. | |||
|
2017-10-27 18:44:24 | Files Encrypted by Bad Rabbit Recoverable Without Paying Ransom (lien direct) | Some users may be able to recover the files encrypted by the Bad Rabbit ransomware without paying the ransom, Kaspersky researchers discovered after analyzing the malware's encryption functionality. | |||
|
2017-10-27 15:36:38 | Vulnerabilities Found in Ship Communication System (lien direct) | IOActive has long been interested in the security of satellite communications. In 2014, it published a report on “multiple high risk vulnerabilities†in all the satellite systems it studied. | |||
|
2017-10-27 12:38:26 | UK Blames North Korea for Cyberattack That Crippled Hospitals (lien direct) | Britain on Friday blamed North Korea for a ransomware attack this year that a new report revealed affected a third of English hospitals and could have been prevented with "basic" IT security. | |||
|
2017-10-27 12:38:23 | Industrial Products Also Vulnerable to KRACK Wi-Fi Attack (lien direct) | Some industrial networking devices are also vulnerable to the recently disclosed KRACK Wi-Fi attack, including products from Cisco, Rockwell Automation and Sierra Wireless. | |||
|
2017-10-27 08:00:45 | Profiling Tool Suggests \'Bad Rabbit\' Not Financially Motivated (lien direct) | Researchers at FireEye noticed that some of the websites redirecting users to the Bad Rabbit ransomware hosted a profiling framework, which could suggest that the attack was not financially motivated. | |||
|
2017-10-26 17:01:33 | \'Bad Rabbit\' Ransomware Uses NSA Exploit to Spread (lien direct) | Contrary to initial reports, the Bad Rabbit ransomware that hit Russia and Ukraine this week does in fact leverage an exploit linked to the U.S. National Security Agency (NSA). | |||
|
2017-10-26 16:27:22 | Security Flaw Could Have Let Hackers Turn on Smart Ovens (lien direct) | A security flaw in LG's smart home devices gave hackers a way to control the household appliances of millions of customers, including the ability to turn on ovens, a computer security firm revealed on Thursday. | |||
|
2017-10-26 15:21:39 | Microsoft Open Sources Website Scanning Tool \'Sonar\' (lien direct) | Microsoft announced this week the availability of Sonar, an open source linting and website scanning tool designed to help developers identify and fix performance and security issues. | |||
|
2017-10-26 13:16:24 | Moving Target Defense Startup Cryptonite Emerges From Stealth (lien direct) | Cryptonite, a Rockville, Maryland-based startup that aims to prevent reconnaissance and lateral movement in the network using moving target defense and micro-segmentation technologies, has emerged from stealth mode. | |||
|
2017-10-26 12:46:19 | Skybox Raises $150 Million to Advance its Security Management Product (lien direct) | Security analytics firm Skybox announced Wednesday that it has secured $150 million growth equity comprising $100 million from CVC Capital Partners' Growth Fund (CVC Growth), and $50 million from Pantheon. This more than doubles existing investment in the firm, which now stands at around $280 million. | |||
|
2017-10-26 11:40:39 | Symantec Claims It Is Leapfrogging the Competition (lien direct) | The latest version of Symantec Endpoint Protection, SEP 14.1, adds new capabilities to the signatureless machine learning malware detection SEP product it introduced last year, and integrates with other Symantec security solutions. The stated purpose is to provide end-to-end protection for endpoints in a single agent. | |||
|
2017-10-26 09:36:43 | \'Bad Rabbit\' Attack Infrastructure Set Up Months Ago (lien direct) | The infrastructure used by the Bad Rabbit ransomware was set up months ago and an increasing amount of evidence links the malware to the NotPetya attack launched in late June, which some experts believe was the work of a Russian threat actor. | NotPetya | ||
|
2017-10-25 16:21:08 | Firms Increasingly Turn to Machine Learning for Security Solutions (lien direct) | Forty-seven percent of organizations have already deployed machine learning (ML) solutions, with another 23% engaged in pilot projects, to help detect increasingly sophisticated incursions and lower the cost of response. | ★★★★★ | ||
|
2017-10-25 14:34:07 | Removal Attempt Turns Android Banking Trojan Into Ransomware (lien direct) | Researchers at SfyLabs have detailed the capabilities of an Android banking Trojan named LokiBot that is designed to turn into a piece of ransomware when users attempt to remove it from their devices. LokiBot has been around since at least June and its authors have been rolling out new features nearly every week. | |||
|
2017-10-25 12:32:40 | Thirty Percent of CEO Email Accounts Exposed in Breaches: Study (lien direct) | Thirty percent of CEOs from the world's largest organizations have had their company email address and password stolen from a breached service. | |||
|
2017-10-25 09:03:01 | Bad Rabbit Linked to NotPetya, but Not as Widespread (lien direct) | The Bad Rabbit ransomware attack that hit Russia and Ukraine on Tuesday has been linked to the recent NotPetya outbreak, but the number of infections appears to be far smaller. | NotPetya | ||
|
2017-10-25 02:33:08 | Survival of the Fittest: Why Locky Ransomware is Back (lien direct) | In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware. | |||
|
2017-10-25 01:38:08 | Offshore Legal Firm Hacked, Braces for Media Leaks (lien direct) | Financial details of some of the world's richest people are set to be published after a Bermuda-based offshore firm suffered a data breach, a British newspaper reported Wednesday. | |||
|
2017-10-24 16:33:57 | \'Bad Rabbit\' Ransomware Attack Hits Russia, Ukraine (lien direct) | Several major organizations in Russia and Ukraine were hit in the past few hours by a ransomware named “Bad Rabbit.†The incident reminds of the massive attack involving NotPetya malware, which ended up costing companies millions of dollars. | NotPetya | ||
|
2017-10-24 15:13:40 | VPN, Web Sessions Exposed to DUHK Crypto Attack (lien direct) | A vulnerability in the outdated ANSI X9.31 random number generator (RNG) can allow attackers to recover encryption keys and read data passing through VPN connections and encrypted web browser sessions, researchers warned. | |||
|
2017-10-24 14:05:39 | Microsoft Drops Lawsuit as U.S. Govt Limits Use of Gag Orders (lien direct) | Microsoft is dropping a lawsuit against the US government after the Department of Justice issued new rules limiting the use of secrecy orders that prevent firms from telling customers law enforcement has accessed their data. | ★★ | ||
|
2017-10-24 13:55:15 | UK Probes Equifax Hacking (lien direct) | Britain's financial watchdog on Tuesday said it was investigating a massive hack of the US consumer credit rating service Equifax that affected potentially almost 700,000 British customers. | Equifax | ||
|
2017-10-24 12:16:32 | One-Third of Industrial Networks Connected to Internet: Study (lien direct) | Many industrial and critical infrastructure systems are connected to the Internet, and the operational technology (OT) networks of some organizations have already been compromised, according to a new study from industrial security firm CyberX. | |||
|
2017-10-24 11:39:31 | Simulated Phishing Firm KnowBe4 Raises $30 Million (lien direct) | Security awareness training and simulated phishing firm KnowBe4 has secured $30 million in Series B financing led by Goldman Sachs Growth Equity (GS Growth), with existing investor Elephant participating. It brings the total financing raised by KnowBe4 to $44 million. | |||
|
2017-10-24 05:38:13 | APNIC Whois Error Led to Exposure of Passwords (lien direct) | The Asia-Pacific Network Information Centre (APNIC), the non-profit organization that provides Internet addressing services in the Asia-Pacific region, informed the community on Monday of a Whois-related security incident that led to the exposure of authentication data. | ★★★ | ||
|
2017-10-23 18:56:23 | EU ePrivacy Regulation Edges Closer to Fruition (lien direct) | The proposed European Union ePrivacy Regulation is on the verge of entering Trilogue. Trilogue is the series of informal discussions involving the European Parliament, the Council of Europe (that is, representatives from each member state), and the European Commission. It is Trilogue that defines the final shape of the legislation. | ★★★★ | ||
|
2017-10-23 18:27:11 | Russian Spies Lure Targets With NATO Cybersecurity Conference (lien direct) | A cyber espionage group linked to Russia has been trying to deliver malware to targeted individuals using documents referencing a NATO cybersecurity conference, Cisco's Talos research team reported on Monday. | |||
|
2017-10-23 16:36:32 | Kaspersky Aims to Clear Its Name With New Transparency Initiative (lien direct) | Kaspersky Lab announced on Monday the launch of a new Global Transparency Initiative whose goal is to help the company clear its name following recent reports about its inappropriate ties to the Russian government. | |||
|
2017-10-23 16:10:36 | Five People Who Can Benefit from Thinking about Intelligence Differently (lien direct) | Business Risk Intelligence (BRI) Expands the Scope of Intelligence Beyond Technical Indicators | |||
|
2017-10-23 13:58:06 | DHS, FBI Warn of Ongoing APT Attack Against Critical Infrastructure (lien direct) | The Department of Homeland Security and Federal Bureau of Investigation have issued a joint technical alert warning that government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors are subject to an ongoing attack campaign from an advanced actor, most probably Dragonfly (aka Crouching Yeti and Energetic Bear). |
To see everything:
Our RSS (filtrered)
