What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-07-24 12:56:02 | Over 600 Malware Samples Linked to Chinese Cyberspy Group (lien direct) | A China-linked cyber espionage group tracked by security firms as Lotus Blossom, Elise, Esile and Spring Dragon has used more than 600 malware samples in its attacks over the past years, according to Kaspersky Lab. | |||
|
2017-07-24 12:34:51 | Threat Hunters Analyze Trends in Destructive Cyber-Attacks (lien direct) | The three primary trends in the incidence of destructive cyber-attacks are that they are increasing; they are usually state-sponsored; and they do not, apart from a few rare occurrences, involve anything more than basic tools. Potentially more concerning for private industry, however, is a lack of concern over what, in kinetic warfare, would be termed 'collateral damage'. | |||
|
2017-07-24 09:48:49 | Internet Bug Bounty Project Receives $300,000 Donation (lien direct) | The Internet Bug Bounty (IBB), a project whose goal is to make the Web safer by rewarding white hat hackers who find vulnerabilities in core Internet infrastructure and open source software, announced on Friday that it has secured a $300,000 donation. | |||
|
2017-07-24 08:37:39 | Briton Pleads Guilty to Mirai Attacks in German Court (lien direct) | A British man pleaded guilty last week in a German court to launching a cyberattack that resulted in more than one million customers of telecommunications provider Deutsche Telekom experiencing Internet disruptions. | Guideline | ||
|
2017-07-22 01:48:24 | Russia Moves to Ban Tools Used to Surf Outlawed Websites (lien direct) | Russia's parliament on Friday voted to outlaw web tools that allow internet users to sidestep official bans of certain websites, the nation's latest effort to tighten controls of online services. Members of the lower house, the Duma, passed the bill to prohibit the services from Russian territory if they were used to access blacklisted sites. | |||
|
2017-07-21 16:42:54 | Hundreds of Java Flaws Patched by Schneider in Trio TView Software (lien direct) | Energy management and automation solutions giant Schneider Electric was informed by a researcher that its Trio TView software uses a version of Java that was released in 2011 and is affected by hundreds of vulnerabilities. | |||
|
2017-07-21 14:01:12 | Network Spreading Capabilities Added to Emotet Trojan (lien direct) | Researchers at Fidelis Cybersecurity have spotted a variant of the Emotet Trojan that has what appears to be a feature designed to help the malware spread on internal networks. | |||
|
2017-07-21 12:12:27 | Security Automation is About Trust, Not Technology (lien direct) | We Can Automate the Action, Without Automating the Decision... | |||
|
2017-07-21 11:23:31 | Undetected For Years, Stantinko Malware Infected Half a Million Systems (lien direct) | A massive botnet that remained under the radar for the past five years managed to infect around half a million computers and allows operators to “execute anything on the infected host,†ESET researchers warn. | |||
|
2017-07-21 10:48:37 | Symantec Tricked Into Revoking Certificates Using Fake Keys (lien direct) | Researcher Hanno Böck has tricked Symantec into revoking TLS certificates by falsely claiming that their private keys had been compromised. Comodo was also targeted, but the company did not fall for the same ruse. | |||
|
2017-07-21 10:13:38 | Citadel Author Sentenced to Five Years in Prison (lien direct) | A Russian man this week was sentenced to five years in prison for his involvement in the development and maintenance of the Citadel banking malware. | |||
|
2017-07-20 18:12:30 | Defenders Gaining on Attackers, But Attacks Becoming More Destructive: Cisco (lien direct) | Cisco Publishes 2017 Midyear Cybersecurity Report | |||
|
2017-07-20 16:32:02 | Hacker Steals $30 Million in Ethereum from Parity Wallets (lien direct) | A hacker was allegedly able to exploit a vulnerability in Ethereum wallet client Parity and steal over $30 million worth of crypto-currency. | |||
|
2017-07-20 15:50:26 | U.S., European Police Say \'Dark Web\' Markets Shut Down (lien direct) | Washington - US and European police on Thursday announced the shutdown of two huge "dark web" marketplaces that allowed the anonymous online trade of drugs, hacking software and guns. | |||
|
2017-07-20 15:45:57 | New CyberX Technology Predicts ICS Attack Vectors (lien direct) | Industrial cybersecurity and threat intelligence firm CyberX announced on Thursday the availability of a new simulation technology that allows organizations to predict breach and attack vectors on their networks. | |||
|
2017-07-20 14:38:35 | Avast Acquires CCleaner Developer Piriform (lien direct) | Antivirus firm Avast announced on Wednesday the acquisition of Piriform, a London, UK-based company that develops the popular cleaning and optimization tool CCleaner. | CCleaner | ||
|
2017-07-20 13:54:09 | FedEx May Have Permanently Lost Data Encrypted by NotPetya (lien direct) | FedEx-owned international delivery services company TNT Express is still working on restoring systems hit last month by the destructive NotPetya malware attack, but some business data may never be recovered, FedEx said in a Securities and Exchange Commission (SEC) filing this week. | FedEx NotPetya | ||
|
2017-07-20 13:32:00 | Firms Unite to Hunt Threats From Network to Endpoint (lien direct) | Network and Endpoint Threat Hunters Corvil and Endgame Combine to Provide Pan-Infrastructure Detection and Response | |||
|
2017-07-20 13:22:28 | (Déjà vu) Tor Offers $4,000 Per Flaw in Public Bug Bounty Program (lien direct) | 
|
|||
|
2017-07-20 13:15:30 | The Art of Measuring Security Success (lien direct) | It's Time to Stop Measuring Security Success by Only Internal, Readily-available Metrics | |||
|
2017-07-20 12:25:56 | Apple Patches Vulnerabilities Across All Platforms (lien direct) | Apple this week released security patches for all four of its operating systems to resolve tens of security bugs in each of them. | |||
|
2017-07-20 08:50:46 | Segway miniPRO Flaws Put Riders at Risk of Injury (lien direct) | The Ninebot by Segway miniPRO hoverboard-style electric scooter is affected by several vulnerabilities that can be exploited to take control of the device and possibly injure the rider, security consulting firm IOActive warned. | |||
|
2017-07-19 19:33:06 | CrowdStrike, Dragos Partner to Deliver Comprehensive ICS Security Services (lien direct) | 
|
|||
|
2017-07-19 16:59:18 | Overcoming Appeasement: Think About Risk From the Business Out (lien direct) | For a couple of decades now, the career path of a cybersecurity professional has been evolving just like the rest of the tech industry. Years ago the top title was the dedicated “security officer,†who was generally also the CIO, the CFO, or some other officer of the company. | |||
|
2017-07-19 16:06:12 | \'DarkHotel\' APT Uses New Methods to Target Politicians (lien direct) | The DarkHotel threat group has been using some new methods in attacks aimed at government employees with an interest in North Korea, according to a report published this week by security firm Bitdefender. | |||
|
2017-07-19 14:45:50 | Google Warns Users of Potentially Risky Web Apps (lien direct) | Google is taking another step to better protect users from malicious third-party web applications: it is now warning users of newly created web apps and Apps Scripts that are pending verification. | |||
|
2017-07-19 14:27:15 | Prioritization and Automation – Using Threat Intelligence to Scale Security Operations (lien direct) | In my last article I shared five steps you can take to turn threat intelligence into a threat operations program, putting yourself in a better position to reduce risk – now and in the future. | |||
|
2017-07-19 13:43:52 | (Déjà vu) 2017 ICS Cyber Security Conference Call for Speakers Open Through August 15 (lien direct) | Longest Running ICS/SCADA Cybersecurity Conference to take Place Oct. 23-26, 2017 at InterContinental Hotel Atlanta | |||
|
2017-07-19 13:09:24 | Mozilla Conducts Security Audit of Firefox Accounts (lien direct) | Mozilla has asked Germany-based security firm Cure53 to conduct an audit of the Firefox Accounts system and researchers identified a total of 15 issues, including vulnerabilities rated critical and high severity. | ★★★★ | ||
|
2017-07-19 11:11:21 | An Outside-In Look at Digital Transformation (lien direct) | Digital Transformation is a Massive Undertaking and Must be Entered into With Equal Thought to Security and Business Strategy | ★★★★★ | ||
|
2017-07-19 10:25:17 | Oracle Patches Record-Breaking 308 Vulnerabilities in July Update (lien direct) | Oracle on Tuesday released its July 2017 Critical Patch Update (CPU) to address a total of 308 vulnerabilities, the highest number of security fixes ever released in a quarter by the enterprise software giant. | |||
|
2017-07-19 08:57:39 | Millions of IoT Devices Possibly Affected by \'Devil\'s Ivy\' Flaw (lien direct) | A vulnerability dubbed by researchers “Devil's Ivy,†which exists in an open source library present in the products of many companies, could affect millions of security cameras and other Internet of Things (IoT) devices. | |||
|
2017-07-19 02:26:56 | Rapid7 Acquires Security Orchestration and Automation Firm Komand (lien direct) | Boston-based IT security and operations software maker Rapid7 (NASDAQ: RPD) on Tuesday announced that it has acquired security orchestration and automation firm Komand. | |||
|
2017-07-18 21:04:35 | UK Spy Agency Warns of State-sponsored Hackers Targeting Critical Infrastructure (lien direct) | The U.K. | |||
|
2017-07-18 17:14:35 | Court Upholds Gag Orders in National Security Letters (lien direct) | The Ninth U.S. Circuit Court of Appeals in San Francisco confirmed a lower court decision Monday that gag orders included in FBI National Security Letters (NSLs) do not violate the First Amendment of the U.S. Constitution's free speech protections. | |||
|
2017-07-18 16:24:31 | Malware Targets NAS Devices Via SambaCry Exploit (lien direct) | A piece of malware dubbed by researchers SHELLBIND leverages a recently patched Samba vulnerability in attacks aimed at Internet of Things (IoT) devices, particularly network-attached storage (NAS) appliances. | |||
|
2017-07-18 16:18:24 | EternalSynergy-Based Exploit Targets Recent Windows Versions (lien direct) | A security researcher has devised an EternalSynergy-based exploit that can compromise versions of Windows newer than Windows 8. | |||
|
2017-07-18 14:51:58 | How to Overcome Cyber "Insecurities" (lien direct) | Being a CISO is not an easy job. It takes a certain type of person who has the right mix of passion, discipline, technical knowledge and business acumen to be able to lead their organization in the right direction. Whether they come from a technical, business or even military background, all CISOs experience a number of personal and professional roadblocks on a daily basis that challenge the ultimate success of their company's security. | Guideline | ||
|
2017-07-18 14:15:29 | Millions of Dow Jones Customer Records Exposed Online (lien direct) | American news and financial information firm Dow Jones & Company inadvertently exposed the details of millions of its customers. The data was found online by researchers in an Amazon Web Services (AWS) S3 bucket that had not been configured correctly. | |||
|
2017-07-18 11:56:10 | Organizations Slow to Patch Critical Memcached Flaws (lien direct) | Tens of Thousands of Internet-Exposed Memcached Servers Are Vulnerable to Attacks Tens of thousands of servers running Memcached are exposed to the Internet and affected by several critical vulnerabilities disclosed last year by Cisco's Talos intelligence and research group. | |||
|
2017-07-18 11:35:39 | (Déjà vu) Hacker Steals $7 Million in Ethereum From CoinDash (lien direct) | An actor managed to hack the CoinDash official website during the company's ICO (Initial Coin Offering) and diverted over $7 million worth of Ethereum by replacing the official wallet address with their own. | |||
|
2017-07-18 10:35:18 | Two Iranians Charged in U.S. Over Hacking Defense Materials (lien direct) | Two Iranians were indicted Monday in the United States with hacking a defense contractor and stealing sensitive software used to design bullets and warheads, according to the Justice Department. | |||
|
2017-07-18 09:29:11 | Code Execution, DoS Vulnerabilities Found in FreeRADIUS (lien direct) | Security testing of FreeRADIUS using a technique known as fuzzing revealed more than a dozen issues, including vulnerabilities that can be exploited for denial-of-service (DoS) attacks and remote code execution. | |||
|
2017-07-17 19:37:13 | Lithuania to Extradite $100 Million Email Fraud Suspect to U.S. (lien direct) | A Lithuanian man who allegedly swindled $100 million (87 million euros) from tech giants Google and Facebook must be extradited to the United States, a court ruled on Monday. "The court has ruled in favour of extraditing Lithuanian citizen Evaldas Rimasauskas to the United States for criminal prosecution," Judge Aiva Surviliene said. | |||
|
2017-07-17 19:02:46 | Critical WebEx Flaws Allow Remote Code Execution (lien direct) | Cisco has updated the WebEx extensions for Chrome and Firefox to address critical remote code execution vulnerabilities identified by researchers working for Google and Divergent Security. | |||
|
2017-07-17 17:41:43 | Google Inviting 2-Step Verification SMS Users to Google Prompt (lien direct) | Google this week will start inviting 2-Step Verification (2-SV) SMS users to try Google Prompt, its year-old method of approving sign-in requests on smartphones. | |||
|
2017-07-17 16:51:10 | (Déjà vu) New IBM Z Mainframe Designed to "Pervasively Encrypt" Enterprise Data (lien direct) | New IBM Z14 Mainframe Introduces Encryption Engine Capable of Running More Than 12 Billion Encrypted Transactions Per Day | |||
|
2017-07-17 15:28:54 | OmniRAT-Based Android Backdoor Emerges (lien direct) | A newly discovered Android backdoor appears to be based on the OmniRAT remote administration tool (RAT) that targets Android, Windows, Linux and MacOS devices, Trend Micro security researchers warn. | |||
|
2017-07-17 15:11:30 | Intel, Defense Bills Amended to Include Russian Hacking (lien direct) | Intelligence and defense policy legislation passed last week shows that the United States government is increasingly concerned about cyberattacks, particularly attacks coming from Russia. | |||
|
2017-07-17 12:58:29 | Industry Massively Underinsured Against Global Cyber Attacks: Study (lien direct) | Industry is massively underinsured against a major global cyberattack -- which could trigger losses on a par with natural disasters such as Hurricane (Superstorm) Sandy. This is one of the main conclusions of a study conducted by Lloyds of London (the world's oldest insurance organization with more than 20% of the global cyber insurance market), and Cyence (a risk modeling firm). |
To see everything:
Our RSS (filtrered)
