What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-06-22 22:52:20 | Configuration Error Embarrasses UK\'s Cyber Essentials (lien direct) | The UK government's Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. A configuration error in the underlying software platform exposed the email addresses of consultancies registered with the scheme -- nothing more. | |||
|
2017-06-22 16:45:27 | Microsoft Extends Edge Bounty Program Indefinitely (lien direct) | Microsoft this week announced that the Edge Web Platform bounty program launched for Windows Insider Preview (WIP) last year has been extended indefinitely. The program was launched on August 4, 2016, and Microsoft says that it has already paid over $200,000 in bounties over the ten-month period. | |||
|
2017-06-22 15:38:35 | OpenVPN Patches Remotely Exploitable Vulnerabilities (lien direct) | OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely. | |||
|
2017-06-22 13:19:19 | Testing in an Agile and DevOps World (lien direct) | We live in a software-defined world. Software touches just about everything we do. Any business trying to maintain their competitive advantages, or gain market momentum, has had to reintegrate their software somehow. This has resulted in fast-paced development methods, like Agile and DevOps, which facilitate continuous product improvements. On the downside, these new methods of development can minimize testing and, in turn, potentially compromise performance and security. | |||
|
2017-06-22 12:14:24 | Necurs Botnet Distributing Locky Ransomware via Fake Invoices (lien direct) | The Necurs spam botnet has switched back to distributing the Locky ransomware in a campaign featuring messages disguised as fake invoices, Cisco Talos security researchers reveal. | |||
|
2017-06-22 11:24:55 | Consortium Promotes Principles for Fair and Accurate Security Ratings (lien direct) | Under the aegis of the U.S. Chamber of Commerce, more than 40 companies -- including some of America's largest banks and tech companies -- have signed up to a set of new guiding principles for fair and accurate security ratings. | |||
|
2017-06-22 11:09:40 | Social Media \'Bots\' From Russia Distorting Global Politics: Study (lien direct) | A wave of "computational propaganda," largely driven by Russia, is impacting politics around the world by spreading misinformation designed to manipulate public opinion, researchers said Tuesday. | |||
|
2017-06-22 10:54:16 | Honda Halts Production at Japan Plant After Cyber Attacks (lien direct) | Honda said Wednesday it had temporarily halted production at a plant in Japan after it suffered a cyberattack from the same ransomware that struck hundreds of thousands of computers worldwide last month. | |||
|
2017-06-22 08:53:01 | Drupal Patches Flaw Exploited in Spam Campaigns (lien direct) | Drupal security updates released on Wednesday address several vulnerabilities, including one that has been exploited in spam campaigns. The flaw exploited in the wild, patched with the release of Drupal versions 7.56 and 8.3.4, is a moderately critical access bypass vulnerability tracked as CVE-2017-6922. | |||
|
2017-06-22 07:33:44 | Russia Targeted Election-Related Networks in 21 States: DHS (lien direct) | Hackers believed to be working for the Russian government targeted election-related networks in 21 U.S. states, representatives of the Department of Homeland Security (DHS) told the Senate Intelligence Committee on Wednesday in a hearing on threats to election infrastructure. | |||
|
2017-06-21 16:09:43 | SecurityWeek\'s 2017 CISO Forum to Take Place June 28-29 at Ritz-Carlton, Half Moon Bay (lien direct) | 
|
|||
|
2017-06-21 15:55:08 | Average Cost of Data Breach Drops Globally, Rises to $7.35 Million in U.S. (lien direct) | Cost of Data Breach Drops Globally, But Rises 5% in U.S. | |||
|
2017-06-21 15:49:13 | Mozilla Brings Privacy-Focused Browser to Android (lien direct) | After making it available for iOS devices in November 2016, Mozilla this week brought its privacy-focused mobile browser to Android. | |||
|
2017-06-21 12:39:39 | Elastic Beam Emerges From Stealth With API Security Solution (lien direct) | Redwood City, Calif.-based Elastic Beam emerged from stealth mode on Wednesday with the launch of a security solution designed to detect and block cyberattacks targeting application programming interfaces (APIs). | |||
|
2017-06-21 12:18:15 | What Are Your Cyber Team Dynamics? (lien direct) | We have a major shortage of qualified cybersecurity professionals. This is not a new realization and it is one in which the community general agrees. What isn't talked about as much – but should be – is a cyber team's dynamics and its impact on performance. | |||
|
2017-06-21 12:00:16 | Cybereason Raises $100 Million to Hunt Attackers (lien direct) | Boston, MA-based Cybereason today announced that it has raised $100 million in Series D funding from SoftBank Corp. This increases the total investment in the cyber attack detection firm to $189 million since its inception in 2012. | |||
|
2017-06-21 02:31:45 | Time to Detect Compromise Improves, While Detection to Containment Worsens: Report (lien direct) | Cost of Malvertising is Minimal; Price of Zero-days is Rising, Researchers Say | |||
|
2017-06-21 00:36:37 | Spear Phishing Campaign Targets Palestinian Law Enforcement (lien direct) | Palestinian law enforcement agencies and other targets within Palestine were targeted in a spear phishing campaign delivering malware to remotely control infected systems, Talos researchers reveal. | |||
|
2017-06-20 15:28:47 | Why WannaCry Was a Wake Up Call for Critical Infrastructure Security (lien direct) | Many OT Networks are Susceptible to Threats Like WannaCry | Wannacry | ||
|
2017-06-20 14:48:12 | Cisco Releases Open Source Malware Signature Generator (lien direct) | Cisco's Talos intelligence and research group announced on Monday the availability of a new open source framework designed for automatically generating antivirus signatures from malware. | |||
|
2017-06-20 14:21:42 | Understanding Looming Threats and the Need to Hunt With Anonymity (lien direct) | Situational awareness is critical in every kind of engagement. The internet is no exception. Effectively all modern conflicts take place, at least in part, online. To understand the threats you will inevitably face, you need to go hunting outside your perimeter. Only by surreptitiously monitoring and engaging with potential attackers and malware developers will you successfully gain information about emerging attack methods, patterns, and practices in the cyber underground. | |||
|
2017-06-20 13:08:25 | TrickBot Targets Payment Processors, CRM Providers (lien direct) | Banking Trojan TrickBot is no longer hitting only banks and financial institutions, but also added payment processing and Customer Relationship Management (CRM) providers to its list of targets, F5 warns. | |||
|
2017-06-20 13:05:17 | Botnets Can Exploit More Vulnerabilities in DVRs (lien direct) | Newly discovered vulnerabilities affecting DVR systems could open the door to new, more potent Internet of Things (IoT) botnets, Pen Test Partners security researchers warn. | |||
|
2017-06-20 11:38:48 | Cloud Security Firm ShieldX Emerges From Stealth (lien direct) | ShieldX Networks Emerges From Stealth Mode With New Product to Protect Cloud Infrastructure | |||
|
2017-06-20 10:57:25 | North Korea\'s DDoS Attacks Analyzed Based on IPs (lien direct) | Arbor Networks has used the IP addresses shared recently by United States authorities to analyze distributed denial-of-service (DDoS) attacks attributed to the North Korean government. The security firm believes the data may not be as useful for organizations as the U.S. hopes. | |||
|
2017-06-20 08:41:54 | \'Stack Clash\' Flaws Allow Privilege Escalation on Unix Systems (lien direct) | Linux and other Unix-like operating systems are affected by a type of vulnerability that can be exploited by an attacker for root privilege escalation, Qualys warned on Monday. | |||
|
2017-06-20 03:51:15 | Mexican Journalists, Activists Accuse Govt of Spying on Them (lien direct) | A group of prominent journalists and activists in Mexico accused the government Monday of spying on them, saying their phones had been hacked with Israeli spyware sold exclusively to the state. | |||
|
2017-06-19 17:34:59 | Republican Party Contractor Exposes Details of 198 Million American Voters (lien direct) | More than 1 terabytes of data compiled by three contractors of the U.S. Republican Party, including the details of 198 million American voters, were stored in a misconfigured database that could have been accessed by anyone, according to cyber resilience startup UpGuard. | |||
|
2017-06-19 16:22:09 | Google Steps Up Efforts to Block Extremism, Following Facebook (lien direct) | Google is stepping up its efforts to block "extremist and terrorism-related videos" over its platforms, using a combination of technology and human monitors. | |||
|
2017-06-19 16:15:31 | (Déjà vu) Web Hosting Provider Pays $1 Million to Ransomware Attackers (lien direct) | South Korean web hosting company Nayana agreed to pay $1 million in Bitcoin after a ransomware attack hit 153 Linux servers. | |||
|
2017-06-19 16:06:40 | Geopolitical Context a Prerequisite for Finished Intelligence (lien direct) | Finished intelligence, at its core, requires both data and context. While I've written previously about how different data sources -- specifically the Deep & Dark Web versus the open web -- can dictate the value and relevance of the resulting intelligence, establishing the proper context is just as crucial. | |||
|
2017-06-19 15:56:01 | Quantum Computing\'s Threat to Public-key Cryptosystems (lien direct) | 
The Quantum Cryptography Problem
|
|||
|
2017-06-19 13:46:46 | Fileless, Code-Injecting Ransomware SOREBRECT Emerges (lien direct) | A newly discovered ransomware family incorporates a combination of fileless attack and code-injection, Trend Micro security researchers warn. | |||
|
2017-06-19 12:27:07 | Europol Calls for Action Against Sextortion (lien direct) | Online sextortion against children is extensive, under-reported, poorly understood, and growing. In response, Europol has simultaneously published a report with recommendations on how to tackle the problem, and launched a 'Say No' awareness campaign. | |||
|
2017-06-19 10:39:57 | Workarounds Provided for HPE SiteScope Vulnerabilities (lien direct) | Several potentially serious vulnerabilities have been found in HPE SiteScope, and while patches are not available, users can apply workarounds to prevent attacks. HPE SiteScope is an agentless performance and availability monitoring software for distributed IT infrastructures, including servers, network services, applications, and operating systems. | |||
|
2017-06-19 08:58:12 | Fashion Retailer Buckle Finds Malware on PoS Systems (lien direct) | The Buckle, Inc., a fashion retailer that operates more than 450 stores across the United States, informed customers on Friday that malware had been found on some of its point-of-sale (PoS) systems. | |||
|
2017-06-18 12:59:40 | Canada: Hackers Targeted Country\'s 2015 Election, May Try Again (lien direct) | Canada's electronic eavesdropping agency warned Friday that hackers and foreign states may try to sway its elections in 2019, after so-called hacktivists tried but failed to influence the 2015 ballot that brought Justin Trudeau's Liberals to power. | |||
|
2017-06-16 17:03:38 | Hacker Admits Stealing Satellite Data from DoD (lien direct) | A British man from Sutton Coldfield on Thursday pleaded guilty to stealing user accounts from a U.S. military communications system, the UK's National Crime Agency (NCA) announced. | Guideline | ||
|
2017-06-16 15:58:22 | CISO Perspective: How Operational Cyber Threat Intelligence Fits Into Security Programs (lien direct) | So far on our journey through the threat intelligence mind map, we've gone through an overview of the many intel levels and components and we've drilled down into strategic cyber threat intell | |||
|
2017-06-16 14:52:35 | Industry Reactions to \'CrashOverride\' Malware: Feedback Friday (lien direct) | ESET and Dragos this week published reports detailing a sophisticated piece of malware believed to have been used in the December 2016 attack aimed at Ukraine's power grid. | |||
|
2017-06-16 14:43:18 | Senators Say Cybersecurity Should be Top Priority for Autonomous Vehicles (lien direct) | Self-Driving Cars Need Regulations, But Commercial Priorities May Prevail Over Consumer Privacy | |||
|
2017-06-16 13:00:03 | Industrial Companies Targeted by Nigerian Cybercriminals (lien direct) | Industrial companies from around the world have been targeted in phishing attacks believed to have been launched by cybercriminals located in Nigeria, Kaspersky Lab reported on Thursday. | |||
|
2017-06-16 12:07:10 | "FIN10" Cybercrime Group Extorts Canadian Firms (lien direct) | A profit-driven cybercrime group tracked as FIN10 has been running an extortion operation mainly targeting organizations in North America, security firm FireEye reported on Friday. | |||
|
2017-06-16 08:02:49 | CIA Router Hacking Tool Exposed by WikiLeaks (lien direct) | Documents published by WikiLeaks on Thursday provide details on a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack routers and access points. | |||
|
2017-06-15 17:21:10 | Millions of Devices Remain Exposed via SMB, Telnet Ports: Rapid7 (lien direct) | Despite being exploited in wide-spread malicious attacks, SMB, telnet, RDP, and other types of improperly exposed ports continue to put both enterprises and consumers at risk, a new Rapid7 report reveals. | |||
|
2017-06-15 16:54:22 | U.K. Center of Security Excellence Hit by Ransomware (lien direct) | One of the world's top ten universities, awarded the status of "centre of excellence in cyber-security research" by the UK's GCHQ, has been hit by a so-far unrecognized strain of ransomware. This comes just one month after many UK health trusts were struck by the global WannaCry ransomware. | Wannacry | ||
|
2017-06-15 15:17:37 | High Severity Flaws Patched in Trihedral SCADA Software (lien direct) | An update released by Trihedral for its VTScada product patches several vulnerabilities, including high severity weaknesses that can be exploited even by less skilled hackers. | |||
|
2017-06-15 13:58:55 | Threat Hunting Sqrrl Raises $12.3 Million for Global Expansion (lien direct) | Cambridge, Mass-based Sqrrl -- one of the new breed of threat hunters -- has raised $12.3 million in Series C funding. This follows $7 million Series B funding in February 2015, and raises the total investment in the firm to $28.5 million. | |||
|
2017-06-15 13:24:40 | Fake News: Methods, Motivations and Countermeasures (lien direct) | Fake news is not new -- it is probably as old as humanity. It has long been rife in politics (manifestos announced but never kept), and commerce ("marketing is no longer about the stuff you make, but the stories you tell" -- Seth Godin, marketer). But most of all, it is rife and active on the internet following the US presidential campaign last year and the new administration this year. | |||
|
2017-06-15 13:20:01 | \'Kasperagent\' Spyware Delivered via Palestine-Themed Documents (lien direct) | Researchers spotted a new cyber espionage campaign involving Kasperagent, and while it's unclear who the target was, the decoy documents used to deliver the malware focused on Palestine. |
To see everything:
Our RSS (filtrered)
