What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-07-03 10:21:35 | Linux Systemd Gives Root Privileges to Invalid Usernames (lien direct) | A bug in Linux's systemd init system causes root permissions to be given to services associated with invalid usernames, and while this could pose a security risk, exploitation is not an easy task. | |||
|
2017-07-03 08:19:48 | Google Employees Hit by Sabre Breach (lien direct) | Google has notified some employees that their personal information may have been compromised as a result of the data breach suffered by travel technology firm Sabre. | |||
|
2017-06-30 19:43:37 | Microsoft Tackles Ransomware with Controlled Folder Access (lien direct) | In the wake of global malicious attacks such as WannaCry and NotPetya, Microsoft this week announced a new feature meant to keep users' data safe from ransomware and other type of malware. | NotPetya Wannacry | ||
|
2017-06-30 16:59:12 | Free EternalBlue Vulnerability Scanner Released (lien direct) | A free tool that can scan networks to discover computers that are vulnerable to the NSA-linked EternalBlue exploit is now available. | |||
|
2017-06-30 16:53:20 | Unpatched Flaws in Schneider Electric U.motion Builder Disclosed (lien direct) | The details of several vulnerabilities affecting Schneider Electric's U.motion Builder software have been disclosed before the vendor released any patches. | |||
|
2017-06-30 16:50:00 | 8tracks Prompts Password Reset After Hack (lien direct) | Internet radio service 8tracks this week informed users of a database hack, prompting them to reset their passwords to prevent account compromise. | |||
|
2017-06-30 16:39:19 | UK Snoopers\' Charter to be Challenged in High Court (lien direct) | Human rights group Liberty was today granted permission by the UK High Court to challenge part of the UK government's mass surveillance Investigatory Powers Act (IPA). The IPA, nicknamed the Snoopers' Charter, became UK law in November 2016 and came into force at the end of December. | |||
|
2017-06-30 14:30:46 | Industry Reactions to Destructive NotPetya Attacks: Feedback Friday (lien direct) | A wiper malware disguised as ransomware wreaked havoc this week, infecting the systems of numerous organizations across more than 60 countries. | NotPetya | ||
|
2017-06-30 11:25:22 | Cisco Warns of Serious Flaws in IOS Software (lien direct) | Cisco has warned users that devices running the company's IOS or IOS XE software are affected by several high severity vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS) attacks. | |||
|
2017-06-30 09:39:42 | Authentication Bypass Flaw Patched in BIND, Knot DNS (lien direct) | The developers of the BIND and Knot DNS software have released updates to patch a potentially serious vulnerability that can be exploited to bypass authentication mechanisms. | |||
|
2017-06-29 19:29:53 | Pro-ISIS Hacking Group Continues Defacement Campaign (lien direct) | Pro-ISIS hacking group Team System DZ is continuing its website defacement campaign. Over last weekend several websites in Ohio and Maryland were forced to shut down after messages threatening President Trump and supporting Islamic State were posted on the sites. | |||
|
2017-06-29 19:25:44 | Group Pushes For Industrial Control Systems (ICS) Security Testing Standards (lien direct) | There is a pressing need for technical assurance standards for industrial control systems (ICS). This is the conclusion and recommendation of a new paper from CREST (a leading UK accreditation body), and is supported by the UK National Cyber Security Centre (NCSC). | Guideline | ||
|
2017-06-29 16:12:35 | Websites Increasingly Using Security Technologies: Mozilla (lien direct) | An analysis conducted using Mozilla's Observatory tool has showed that modern security technologies are increasingly used by Alexa top 1 million websites. | |||
|
2017-06-29 16:04:29 | Enabling a "Secure Summer Mindset" for Employees (lien direct) | As employees spend more time outside the office in the summer months, risk increases. Most of us bring our work, and the devices that we use to access it, with us wherever we go, including on our vacations. Keeping up with work so that we're not buried when we return is a real temptation, although not the healthiest way to decompress. | |||
|
2017-06-29 13:37:50 | Microsoft Fixes Privilege Escalation Flaw in Azure AD Connect (lien direct) | Microsoft has released an update for Azure Active Directory (AD) Connect to address an “important†vulnerability that can be exploited to hijack the accounts of privileged users. | |||
|
2017-06-29 13:17:05 | Share and Share Alike - Thwarting Attackers With a Technique they Rely On (lien direct) | In my last article I discussed how defenders need to borrow a page from bad actors with regard to embracing automation. There's another lesson we can learn from how cyber criminals operate – sharing information to boost success. | |||
|
2017-06-29 12:58:35 | The Truth About Micro-Segmentation: It\'s Not About the Network (Part 1) (lien direct) | Never confuse a marketecture from an architecture. Marketecture is how to simplify a company's technology to represent what a product can do. | |||
|
2017-06-29 12:42:39 | NotPetya - Destructive Wiper Disguised as Ransomware (lien direct) | NotPetya/GoldenEye Malware Overwrites Master Boot Record | NotPetya | ||
|
2017-06-29 09:04:47 | Kaspersky Patches Flaws in Anti-Virus for Linux File Server (lien direct) | An update released earlier this month by Kaspersky Lab for its Anti-Virus for Linux File Server product addresses several potentially serious vulnerabilities discovered by researchers at Core Security. | |||
|
2017-06-29 06:48:03 | Microsoft to Make EMET Native to Windows 10 (lien direct) | Microsoft is no longer interested in retiring its Enhanced Mitigation Experience Toolkit (EMET) but will instead make it native to Windows 10, the tech giant announced this week. | |||
|
2017-06-29 06:31:35 | Barracuda Launches AI-based Spear Phishing Detection (lien direct) | Barracuda Networks this week announced its new Sentinel product: an artificial intelligence (AI) powered spear-phishing and business email compromise (BEC) realtime detection and prevention solution. | |||
|
2017-06-28 17:32:02 | \'Elsa\' Tool Allows CIA to Locate Users via Wi-Fi (lien direct) | WikiLeaks has published a document detailing “Elsa,†a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to track people's locations via their laptop's Wi-Fi. | |||
|
2017-06-28 14:56:16 | UK\'s Metropolitan Police Still Using 10,000 Windows XP Computers (lien direct) | Legacy Windows XP systems used by public authorities in the UK remains a concern. The WannaCry outbreak last month followed by the current 'NotPetya' outbreak -- both using a vulnerability patched in newer versions of Windows, but initially unpatched in XP -- highlights the problem. | NotPetya Wannacry | ||
|
2017-06-28 13:38:55 | \'Shadow Brokers\' Threaten to Dox Former NSA Hacker (lien direct) | The Shadow Brokers has sent out its first round of exploits and data as part of a recently announced monthly subscription service, and the group claims it has a significant number of subscribers. | |||
|
2017-06-28 12:59:55 | Petya/NotPetya: What We Know in the First 24 Hours (lien direct) | Petya/NotPetya Ransomware May Not be a Financially Motivated Attack, Researchers Say | NotPetya | ||
|
2017-06-28 12:00:43 | Video Game Firms Targeted With "Paranoid" PlugX Malware (lien direct) | Companies in the video game industry and possibly other sectors have been targeted in attacks involving improved variants of the notorious PlugX remote access trojan (RAT). | |||
|
2017-06-28 07:37:32 | Akamai Launches New DNS Security Product (lien direct) | Content delivery network and cloud services provider Akamai announced on Tuesday the launch of a new product designed to protect enterprises against malware, phishing and data exfiltration attempts through the analysis of DNS requests. | |||
|
2017-06-27 20:59:43 | Israeli Spy Agency Creates Fund to Invest in Tech Firms (lien direct) | Israel's Mossad spy agency is starting a fund to invest in technology firms creating products that could assist its work, including those involving robotics and encryption, the prime minister's office said Tuesday. | ★★★★ | ||
|
2017-06-27 15:59:13 | Google\'s $2.73 Billion Fine Demonstrates Importance of GDPR Compliance (lien direct) | The European Commission (EC) has levied a €2.42 billion ($2.73 billion) fine against Google because it "has abused its market dominance as a search engine by giving an illegal advantage to another Google product, its comparison shopping service." | |||
|
2017-06-27 15:14:15 | NotPetya Ransomware Outbreak Hits Organizations Globally (lien direct) | Organizations worldwide are currently under a cyber-attack involving what was originally believed to be the year-old Petya ransomware, but now is being called "NotPetya" and seems to be a never before seen ransomware family. | NotPetya | ||
|
2017-06-27 14:30:02 | Apple, Cisco Partner to Improve Cyber Insurance Policies (lien direct) | Cisco is getting ready for a new journey in cyber insurance, and Apple will be part of it, the company announced this week. | |||
|
2017-06-27 13:39:57 | Ukraine Central Bank Says Cyberattack Hits Lenders (lien direct) | Ukraine's central bank on Tuesday said a cyberattack hit several lenders in the country, hindering operations and leading the regulator to warn other financial institutions to tighten security measures. | Guideline | ||
|
2017-06-27 13:31:34 | Cloudflare Launches New App Store for Websites, $100 Million Development Fund (lien direct) | Cloudflare Launches New Website App Store and Partners With Venture Firms to Launch $100 Million Development Fund | |||
|
2017-06-27 12:52:57 | China Agrees to Fight Corporate Hacking in Canada (lien direct) | China has pledged not to carry out state-sponsored cyberattacks against the intellectual property of Canadian firms, the two sides said Monday. The agreement was reached as part of ongoing bilateral security and trade talks. | |||
|
2017-06-27 12:49:18 | Russian Oil Giant Rosneft Says Hit by \'Powerful\' Cyberattack (lien direct) | Russian oil giant Rosneft said Tuesday that its servers had suffered a "powerful" cyberattack, as the company is locked in a bitter court fight with the Russian conglomerate Sistema. | |||
|
2017-06-26 19:19:38 | FBI: $1.45 Billion in Losses to Internet Crime Reported in 2016 (lien direct) | The FBI has published its Internet Crime Report 2016 based on information received by the Internet Crime Complaint Center (IC3). It shows that 298,728 complaints were received by the IC3 during 2016 (up from 288,012 in 2015); and that reported losses to internet crime totaled more than $1.45 billion (up from $1.07 billion in 2015). | |||
|
2017-06-26 18:17:31 | Google Stops Scanning Gmail Content for Ad Targeting (lien direct) | Google on Friday announced plans to stop scanning the content of consumer Gmail addresses for personalizing the ads it serves to users. | |||
|
2017-06-26 13:51:42 | Windows 10 Source Code Leaked Online (lien direct) | A portion of Microsoft's Windows 10 source code was leaked online this week on an enthusiast website that tracks Windows releases. | |||
|
2017-06-26 12:59:09 | Using Cyber War Games to Improve Incident Response (lien direct) | 
|
|||
|
2017-06-26 12:48:03 | Corvil Integrates its Security Analytics Into Cisco\'s Tetration Platform (lien direct) | At Cisco Live, Las Vegas Monday, IT analytics firm Corvil announced the integration of its Security Analytics with the Cisco Tetration Analytics platform. The intention is to combine Corvil's realtime packet-level analysis with Tetration's vast big data repository of downstream application-level data flows to provide an early, rich, granular and consistent detection of anomalous communications indicative of compromise. | |||
|
2017-06-26 11:20:06 | Govt Websites in Ohio, Maryland Hacked With Pro-IS Messages (lien direct) | Several government websites in the US states of Ohio and Maryland had to be shut down Sunday after being hacked to display messages supporting the Islamic State group. Among the affected websites was one belonging to Ohio Governor John Kasich. | |||
|
2017-06-24 23:58:03 | UK Parliament Cuts Email Access After Cyberattack (lien direct) | Britain's parliament shut down external access to e-mail accounts on Saturday following a cyberattack. Parliamentary authorities described the attack as "sustained and determined", in an email sent to lawmakers and published by the Daily Telegraph. | |||
|
2017-06-24 11:20:32 | SamSam Increases Ransom Demand to $33,000 (lien direct) | In newly observed attacks, the SamSam ransomware that has been active for more than a year is demanding a whopping $33,000 to decrypt all affected machines in a network. | |||
|
2017-06-24 01:50:59 | CIA Knew in August that Putin Sought to Boost Trump: Report (lien direct) | The CIA had top-level intelligence last August that Russian President Vladimir Putin personally ordered an operation to help Donald Trump win the US presidential race, the Washington Post reported Friday. The intelligence shocked the White House and put US security chiefs on a top-secret crisis footing to figure out how to react. | |||
|
2017-06-23 17:39:51 | GreatHorn Secures $6.3 Million to Combat Spear-Phishing Attacks (lien direct) | Belmont, Mass-based start-up GreatHorn announced Wednesday completion of a $6.3 million Series A funding round led by Techstars Venture Capital Fund and .406 Ventures. | |||
|
2017-06-23 16:36:14 | Microsoft Downplays Impact of "Fireball" Malware (lien direct) | The Fireball malware detailed early this month might not have had as much impact as originally reported, Microsoft claims. | |||
|
2017-06-23 14:57:23 | Kantara Initiative Releases Consent Receipt Form for GDPR (lien direct) | With less than one year before GDPR kicks in, the newswaves have been flooded in recent months with new surveys showing how ill-prepared business still remains. But while there is much news, there has been little in the way of practical technology solutions. | |||
|
2017-06-23 14:37:34 | GhostHook Attack Can Bypass Windows 10\'s PatchGuard (lien direct) | A newly discovered attack targeting Windows 10's PatchGuard can bypass the protection and hook a malicious kernel code (rootkit) at the kernel level, CyberArk Labs security researchers warn. | |||
|
2017-06-23 11:46:33 | Siemens Patches Flaws in SIMATIC, XHQ Products (lien direct) | Siemens and ICS-CERT published advisories this week to alert users of improper authentication and privilege escalation vulnerabilities affecting some SIMATIC and XHQ products. | |||
|
2017-06-23 07:20:00 | WikiLeaks Details CIA\'s Air-Gapped Network Hacking Tool (lien direct) | WikiLeaks published several documents on Thursday detailing a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack air-gapped networks through USB drives. |
To see everything:
Our RSS (filtrered)
