What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-12-27 06:23:56 | Critical RCE Flaw Patched in PHPMailer (lien direct) | The developers of PHPMailer have patched a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution, a researcher said on Sunday. | |||
|
2016-12-27 04:43:59 | Sony Deletes Tweets on Britney Spears\'s Death, Blames Hackers (lien direct) | No, Britney Spears is not dead. Yet her fans' hearts may have skipped a beat today when tweets purportedly from Sony Music Entertainment said "RIP @britneyspears #RIPBritney 1981-2016" and "Britney spears is dead by accident! We will tell you more soon #RIPBritney." | |||
|
2016-12-26 16:52:48 | Four Cybersecurity Resolutions for 2017 (lien direct) | 2016 was a big year for cybersecurity news, most of it not terribly encouraging. Still, the year did present the cybersecurity industry with several teachable moments that I believe all security professionals should heed as we move into a new year. Accordingly, I've made four New Year's resolutions for the cybersecurity industry in 2017. If any of these items are not on your “to do†list for 2017, I would challenge you to add them. | |||
|
2016-12-26 16:42:11 | Thailand Detains Nine for Hacks Protesting Cyber Law (lien direct) | Thai authorities have detained at least nine people on suspicion of hacking, a senior junta official said Monday, following days of disruption to government websites sparked by the passing of a controversial cyber censorship law. | |||
|
2016-12-25 13:15:02 | Turkey Probing 10,000 Over Online \'Terror\' Activity (lien direct) | Turkey is investigating 10,000 people suspected of terror-related activity on the internet or posting comments on social media insulting government officials, the interior ministry said on Saturday. | |||
|
2016-12-23 16:39:11 | Switzerland\'s GovCERT Cracks DGA and Blocks 500 Domains Used by Tofsee Botnet (lien direct) | Following a successful analysis of the domain generation algorithm used by the Tofsee botnet, the Swiss domain registry (SWITCH) has temporarily suspended around 520 possible .ch domain names -- seriously weakening if not neutralizing the botnet. | |||
|
2016-12-23 16:31:51 | Holiday-Themed Spam Campaigns Ramp Up (lien direct) | This time of the year, spam campaigns are increasingly adopting holiday themes to improve their malware distribution rate and steal users' banking information or to trick victims into accessing fake online stores, security researchers warn. | |||
|
2016-12-23 14:14:38 | Phishers Adopt Malware Distribution-Like Tactics (lien direct) | A recently detected phishing campaign designed to steal credit card information employed a series of attack tactics previously associated with malware distribution, Proofpoint security researchers reveal. | |||
|
2016-12-23 12:54:34 | Healthcare Industry Can Go Beyond Compliance to Achieve Better Security (lien direct) | The Healthcare Industry Has a complex Relationship with Security, Compliance, and Legislation | |||
|
2016-12-23 08:33:12 | "Signal" Uses Domain Fronting to Bypass Censorship (lien direct) | Open Whisper Systems informed users on Wednesday that the latest Android version of its secure messaging app Signal includes a feature designed to bypass censorship in some countries. | |||
|
2016-12-23 06:32:09 | Apple Extends HTTPS Deadline for iOS Apps (lien direct) | Apple informed iOS developers this week that it has decided to give them more time to ensure that their applications communicate over a secure HTTPS connection. | |||
|
2016-12-22 17:40:05 | Defending Against The Rising Threat of "Non-malware" Attacks (lien direct) | Severe non-malware attacks and ransomware are the two stand-out malicious behaviors of 2016. When combined, as they have been with the PowerWare extortion, the attack can be both dangerous and difficult to detect. | |||
|
2016-12-22 15:47:22 | Remotely Exploitable 0-Day Impacts NETGEAR WNR2000 Routers (lien direct) | Vulnerabilities in NETGEAR WNR2000 routers allow an attacker to retrieve the administrator password and take full control of the affected networking device, a security researcher has discovered. | |||
|
2016-12-22 15:20:38 | Boosting Your Threat IQ with Context (lien direct) | Computing pioneer Alan Kay once said, “Context is worth 80 IQ points.†On the IQ scale, where average is about 100 and Einstein is 160+, context could propel you into the genius category pretty handily. For cybersecurity professionals who know that the industry has no shortage of threat data, context is the lever that turns threat data into threat intelligence. | |||
|
2016-12-22 15:01:25 | Tales and Trends for the New Year (lien direct) | As 2016 comes to a close, the time is right to look back at the year to reflect on those security lessons we learned and to identify emerging trends. | |||
|
2016-12-22 14:52:04 | EU Court Slaps Down UK\'s Investigatory Powers Act (lien direct) | The Court of Justice of the European Union (CJEU), the highest constitutional court of the EU, has effectively slapped down the UK's new Investigatory Powers Act. The court passed judgement on Wednesday in a case brought by Labour MP Tom Watson and others against the UK government's ability to require ISPs to retain all customer metadata for 12 months. | |||
|
2016-12-22 14:38:02 | Inflight Internet Provider Gogo Launches Bug Bounty Program (lien direct) | Inflight Internet and entertainment provider Gogo has announced the launch of a Bugcrowd-based public bug bounty program covering the company's main websites. | |||
|
2016-12-22 12:35:40 | Russia Used Android Malware to Track Ukrainian Troops: Report (lien direct) | The Russia-linked cyberespionage group known as Fancy Bear has tracked Ukrainian artillery forces by planting a piece of Android malware in a legitimate military application, threat intelligence firm CrowdStrike reported on Thursday. | APT 28 | ||
|
2016-12-22 08:25:28 | Cisco CloudCenter Orchestrator Flaw Exploited in Attacks (lien direct) | Cisco has warned customers about a critical privilege escalation vulnerability that has been exploited against Cisco CloudCenter Orchestrator (CCO) systems. | |||
|
2016-12-21 17:50:18 | Cyber Risk Reduction is All About the Business (lien direct) | During the past year, you may have noticed a shift in the way IT and security professionals talk about cyber security. Historically, firewalls, DLP, antivirus, SIEM and other technical point solutions have been the centerpiece of security conversations, but the mindset is slowly shifting from technology to risk. | |||
|
2016-12-21 15:45:08 | Rakos Malware Takes Over Embedded Linux Devices (lien direct) | A recently observed piece of malware targeting embedded Linux systems can provide attackers with full control over the infected devices, ESET security researchers warn. | |||
|
2016-12-21 15:25:46 | Cybersecurity Industry Remains Concerned Over Wassenaar Arrangement (lien direct) | The Wassenaar Arrangement is a multilateral export control regime designed to prevent the trans-national proliferation of weapons. There are 41 participating states, including 26 independent members of the European Union (plus the UK). The EU, per se, does not participate. | |||
|
2016-12-21 14:08:22 | New "Alice" Malware Drains All Cash from ATMs (lien direct) | A newly discovered family of malware targeting ATMs (automated teller machines) has been designed with the sole purpose of emptying cash from the safes of the self-serve machines, Trend Micro security researchers warn. | |||
|
2016-12-21 13:53:53 | Spam "Hailstorms" Deliver Variety of Threats (lien direct) | Spam campaigns have evolved from sending a low number of messages for long periods of time to sending a high volume of emails over a short time span, which improves delivery rates before protection mechanisms can be triggered, Cisco Talos researchers warn. | |||
|
2016-12-21 13:27:40 | Vulnerabilities Found in Siemens Desigo PX, SIMATIC Products (lien direct) | Siemens has made available workarounds and patches that address medium and high severity vulnerabilities found in the company's Desigo PX and SIMATIC automation products. | |||
|
2016-12-21 12:57:12 | Thinking Beyond the Network Layer: Why the Entire Attack Surface Counts (lien direct) | As New Technologies Infiltrate the Enterprise, Security Practitioners Must Apply a More Holistic Approach to Enterprise Risk Management | |||
|
2016-12-21 11:05:26 | VMware Patches VDP, ESXi Vulnerabilities (lien direct) | VMware has released patches that address important and critical vulnerabilities affecting the company's vSphere Data Protection (VDP) and ESXi products. The critical flaw was discovered by Marc Ströbel (phroxvs) of HvS-Consulting in VDP, a piece of software designed for creating image-level backups of virtual machines, virtual servers and databases. | |||
|
2016-12-21 09:43:31 | Google Releases Crypto Library Testing Tool (lien direct) | Google this week announced the availability of Project Wycheproof, an open source tool designed for finding known vulnerabilities in popular cryptographic software libraries. | |||
|
2016-12-21 06:59:48 | Rapid7 Appointed CVE Numbering Authority (lien direct) | Rapid7 has been designated as a Common Vulnerability and Exposures (CVE) Numbering Authority (CNA), which enables the security firm to assign CVE identifiers to flaws acknowledged by affected vendors. | |||
|
2016-12-20 17:31:35 | Cybercriminals Make Millions With Ad Fraud Bot Farm (lien direct) | Russian cybercriminals can earn up to $5 million per day through a massive ad fraud operation powered by a bot farm that uses hundreds of servers and more than 500,000 IP addresses, online fraud detection firm White Ops reported on Tuesday. | |||
|
2016-12-20 16:05:09 | Cybereason Unveils Free Ransomware Protection Tool (lien direct) | Cybereason Makes Free Behavioral-Based Ransomware Protection Tool Available for Windows | |||
|
2016-12-20 14:30:51 | Organizations in the Dark as Most Networks Actively Breached: Analysis (lien direct) | Twenty Organizations Were Analyzed in a Recent Study; All 20 Were Already Unknowingly Compromised | |||
|
2016-12-20 14:06:30 | Facebook Ready to Retire SHA-1 (lien direct) | One year after saying that certificates using the SHA-1 hash algorithm should be kept alive in older browsers, Facebook is finally ready to retire the insecure cryptographic hash function and move to strong | |||
|
2016-12-20 13:30:27 | Panasonic In-Flight Entertainment Systems Can Be Hacked: Researcher (lien direct) | 
|
|||
|
2016-12-20 10:35:53 | "Shadow Brokers" Data Obtained From Insider: Flashpoint (lien direct) | New evidence uncovered by researchers after the group calling itself “Shadow Brokers†made available some new files reinforces the theory that the exploits and tools were obtained from a rogue insider and not by hacking NSA systems. | |||
|
2016-12-20 08:09:50 | Ukraine Power Outage Possibly Caused by Cyberattack (lien direct) | A cyberattack may have caused the power outage that occurred in Ukraine late on Saturday, according to the country's national energy company Ukrenergo. | |||
|
2016-12-20 07:54:43 | Akamai Acquires Bot Detection Startup Cyberfend (lien direct) | Internet infrastructure giant Akamai Technologies announced on Monday that it has acquired bo | |||
|
2016-12-19 17:43:55 | Bayrob Malware Operators Indicted in U.S. (lien direct) | Three Romanian men have been indicted in the United States for their involvement in a longstanding online fraud operation that resulted in estimated losses of up to $35 million. | |||
|
2016-12-19 17:16:18 | FireEye Grows New Partnerships with Vodafone Deal (lien direct) | After seeing its stock price decline signigicantly over the past year, along with a major executive leadership change, FireEye has unveiled a series of new products and global partnerships that should help improve its position in the cybersecurity solutions market. | Guideline | ||
|
2016-12-19 15:36:19 | Brute Force Attacks on WordPress Websites Soar (lien direct) | WordPress security firm Wordfence has warned that the number of brute force attacks aimed at WordPress websites has increased significantly in December compared to the previous period. | |||
|
2016-12-19 14:30:31 | Network Infrastructure, Visibility and Security in 2017 (lien direct) | Given the security events of 2016, coupled with the rapid advancements and adoption of cloud computing, 2017 will be the year in which many finally accept that network infrastructure and security will have to be rethought from the ground up. | |||
|
2016-12-19 14:07:45 | Spear Phishing Attacks Target Industrial Firms (lien direct) | Kaspersky Lab on Friday shared details of a targeted attack campaign against industrial organizations that began in late summer and is still ongoing. | |||
|
2016-12-19 12:58:28 | Los Angeles County Notifies 756,000 of Data Breach (lien direct) | A 'mere' 10.8% phishing success rate has forced Los Angeles County to notify approximately 756,000 individuals that their personal information may have been compromised. The attack occurred on May 13, 2016 when 1,000 County employees received phishing emails. 108 employees were successfully phished. | |||
|
2016-12-19 12:58:24 | MacBooks Leak Disk Encryption Password (lien direct) | Apple recently addressed a vulnerability in its macOS operating system that can be exploited by an attacker to obtain a MacBook's FileVault password using a $300 device. | |||
|
2016-12-19 10:06:08 | Privilege Escalation, RCE Flaws Patched in Nagios Core (lien direct) | Attackers can chain a couple of serious flaws affecting Nagios Core to gain complete control of systems running vulnerable versions of the product, a researcher has warned. | |||
|
2016-12-19 06:26:59 | LinkedIn\'s Lynda.com Notifies Users of Data Breach (lien direct) | Lynda.com, the online learning platform acquired last year by LinkedIn for $1.5 billion, started notifying customers over the weekend that a database containing user information had been accessed by an unauthorized third party. | |||
|
2016-12-17 17:10:55 | Dyre Gang Takes TrickBot Trojan to Asia (lien direct) | TrickBot, the Dyre-linked Trojan that emerged in October 2016, is now targeting users in Singapore, India and Malaysia, IBM X-Force security researchers warn. | |||
|
2016-12-17 15:23:37 | 0-Day Exploits Could Wreak Havoc on Linux Desktops (lien direct) | Researcher Reveals 0-Day Linux Exploit Leveraging SNES | |||
|
2016-12-16 18:18:10 | "Shadow Brokers" Put NSA Exploits Up for Direct Sale (lien direct) | After a failed attempt to sell stolen exploits from the National Security Agency at an auction just months ago, the hacker group calling itself Shadow Brokers has decided to sell them directly via a new website. | |||
|
2016-12-16 17:57:07 | No More Ransom Alliance Gains Momentum (lien direct) | In July 2016 the Dutch National Police, Europol, Kaspersky Lab and Intel Security launched the No More Ransom project and website. A primary purpose is to help victims of ransomware recover encrypted files without having to pay the criminals. |
To see everything:
Our RSS (filtrered)
