What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-30 15:46:46 | \'Masad Stealer\' Uses Telegram to Exfiltrate Data (lien direct) | A recently identified data stealer is using Telegram to exfiltrate information harvested from infected machines, Juniper Networks security researchers say. | |||
|
2019-09-30 15:39:03 | Vulnerability Management Firm Kenna Security Raises $48 Million (lien direct) | San Francisco-based vulnerability management solutions provider Kenna Security on Monday announced that it has raised $48 million in a Series D funding round, which brings the total raised by the company to $98 million. | Vulnerability | ||
|
2019-09-30 15:12:29 | Tridium Niagara Affected by BlackBerry QNX Vulnerabilities (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) informed organizations last week that Tridium's Niagara product is affected by two vulnerabilities in BlackBerry's QNX operating system for embedded devices. | |||
|
2019-09-30 15:05:45 | \'WhiteShadow\' Downloader Employs Microsoft SQL for Malware Delivery (lien direct) | Microsoft Office macros that collectively act as a stage downloader are utilizing Microsoft SQL queries to fetch malicious payloads, Proofpoint's security researchers report. | Malware | ||
|
2019-09-30 13:25:07 | New Anomali Tool Finds Threat Data in News, Blogs, Social Networks (lien direct) | Threat intelligence firm Anomali on Monday announced the launch of Lens, a new tool designed to make it easier for organizations to find and use threat data from a wide range of sources. | Tool Threat | ||
|
2019-09-30 12:38:15 | Spain Security Firm Probed \'for Spying on Assange for CIA\' (lien direct) | A Spanish private security firm, which is under investigation in Madrid, spied on Wikileaks founder Julian Assange on behalf of the CIA while he was inside the Ecudoran embassy in London, El Pais daily reported Friday. | |||
|
2019-09-30 12:10:18 | New \'Gucci\' IoT Botnet Targets Europe (lien direct) | Security researchers with SecNiche Security Labs have discovered a new piece of malware that attempts to ensnare Internet of Things (IoT) devices in Europe into a distributed denial-of-service (DDoS)-capable botnet. | Malware | ||
|
2019-09-30 06:36:48 | Iran\'s Oil Sector on \'Full Alert\' Against Attacks (lien direct) | Iran's oil minister on Sunday ordered his country's energy sector to be on high alert to the threat of "physical and cyber" attacks. Bijan Namdar Zanganeh said "it is necessary for all companies and installations of the oil industry to be on full alert against physical and cyber threats," in a statement published on the oil ministry's Shana website. | Threat | ||
|
2019-09-28 18:27:50 | Driver\'s License Thefts Spur ADOT to Boost Online Safeguards (lien direct) | Arizona transportation officials announced enhanced security measures Thursday for a state website that identity thieves exploited to get dozens of duplicate driver's licenses. The Arizona Department of Transportation announced new safeguards after acknowledging to Azfamily.com this week that at least 164 drivers have been the victims of theft. | |||
|
2019-09-28 12:26:10 | Germany Cracks \'Cyber Bunker\' Hosting Darknet Sites (lien direct) | German police said Friday they had busted a network hosting so-called Darknet platforms illegally trading drugs, stolen data and child pornography online on servers hidden in a former NATO bunker. | |||
|
2019-09-28 12:17:26 | Microsoft Expands List of Blocked File Types in Outlook on the Web (lien direct) | Microsoft this week announced plans to add some new file extensions to the list of file types that are blocked in Outlook on the web. When the change will be operated, it will immediately result in Outlook on the web users no longer being allowed to download attachments that have those file extensions, the tech giant explains. | |||
|
2019-09-28 11:46:19 | Apple Patches iOS 13 Bug Allowing Third-Party Keyboards "Full Access" (lien direct) | Apple on Friday released security updates for iOS 13 and iPadOS to address a vulnerability that allowed third-party keyboard extensions to gain “full access” without being granted permission. | Vulnerability | ||
|
2019-09-27 18:45:52 | Malware Delivery Campaign Employs Advanced Fileless Techniques (lien direct) | A recently observed malware delivery campaign employs advanced fileless techniques and an elusive network infrastructure that allows it to remain largely undetected. | Malware | ||
|
2019-09-27 18:35:25 | Dunkin\' Donuts Sued by New York\'s State Attorney General Over Data Breaches (lien direct) | New York Attorney General Letitia James filed a lawsuit against Dunkin' Donuts in the Supreme Court of the State of New York on Thursday, September 26, 2019. The complaint alleges fraudulent, deceptive and illegal conduct, and focuses on Dunkin' Donuts breaches in 2015 and 2018. It claims an alleged failure to respond to these breaches in violation of state laws. | |||
|
2019-09-27 15:47:34 | \'Unpatchable\' iOS Bootrom Exploit Allows Jailbreaking of Many iPhones (lien direct) | A researcher specializing in iOS security claims to have created a bootrom exploit that can be leveraged to jailbreak hundreds of millions of iOS devices, including all iPhones between iPhone 4S and iPhone X. | |||
|
2019-09-27 14:01:34 | China Rejects \'Smear\' After Airbus Hacking Report (lien direct) | Beijing on Friday rejected an AFP report that Chinese hackers were suspected of being behind a series of cyber attacks on European aerospace giant Airbus. | |||
|
2019-09-27 13:40:25 | Airbus Says Taking \'Appropriate Measures\' Against Hackers (lien direct) | Airbus played down the risk of cyberattacks on Friday and said it had "appropriate measures" to mitigate any danger after an AFP investigation revealed a series of hacking incidents targeting the European aerospace giant. | |||
|
2019-09-27 13:35:30 | GAO Says Electric Grid Cybersecurity Risks Only Partially Assessed (lien direct) | A new report from the United States Government Accountability Office (GAO) shows that the Department of Energy (DOE) has yet to fully analyze the electric grid cybersecurity risks. | |||
|
2019-09-27 13:08:04 | German Auto and Defense Firm Rheinmetall Says Malware Hit Several Plants (lien direct) | Germany-based car parts and defense solutions provider Rheinmetall announced on Thursday that production at its automotive plants in the United States, Brazil and Mexico was disrupted as a result of a malware attack. | Malware | ||
|
2019-09-27 11:33:27 | Researchers Disclose Another SIM Card Attack Possibly Impacting Millions (lien direct) | A new variant of a recently disclosed SIM card attack method could expose millions of mobile phones to remote hacking, researchers have warned. | |||
|
2019-09-27 07:31:42 | FBI Reviewed Cybersecurity Firm\'s Evidence in 2016 DNC Election Hack (lien direct) | CLAIM: The FBI only relied on the word of a cybersecurity firm, CrowdStrike, to determine that Russia hacked the emails of the Democratic National Committee. AP'S ASSESSMENT: False. CrowdStrike provided forensic evidence and analysis for the FBI to review during its investigation into a 2016 hack of DNC emails. | Hack | ||
|
2019-09-27 07:11:59 | Magecart Hackers Target L7 Routers (lien direct) | One of the financially motivated threat actors operating under the Magecart umbrella appears to be testing malicious code to inject into commercial-grade layer 7 (L7) routers, IBM reports. | Threat | ||
|
2019-09-27 06:57:06 | DoorDash Breach Exposes Data of Nearly 5 Mn Users (lien direct) | On-demand restaurant meal delivery service DoorDash on Thursday said a breach of its system exposed nearly five million customers, eateries and "Dashers" to a data breach. | |||
|
2019-09-26 18:23:05 | Chinese Hackers Hit Technology Firms in Southeast Asia With PcShare Backdoor (lien direct) | Attacks conducted by a suspected Chinese threat actor on technology companies in Southeast Asia employ a version of the open-source PcShare backdoor, BlackBerry Cylance security researchers warn. | Threat | ||
|
2019-09-26 18:21:28 | Incident Pruning, Cutting a Path to More Effective Investigations (lien direct) | Make Sure You do Some Incident Pruning to Maintain Security Operations Efficiency and Focus | |||
|
2019-09-26 16:27:05 | Adopt Insertion Point Security for a Microservices World (lien direct) | In the old world, applications generally consisted of a web server, an app server and a database. Traffic went from router to switch to firewall. There was a network perimeter, which was our ingress. | |||
|
2019-09-26 15:03:06 | \'Chameleon\' Spam Campaign Employs Randomized Email Headers (lien direct) | A large number of spam messages recently sent from the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing, Trustwave reports. | Spam | ||
|
2019-09-26 14:25:42 | There Is Life for the CISO After a Breach (lien direct) | A new survey of CISO attitudes conducted by Symantec and Dr Chris Brauer of Goldsmiths, University of London will surprise few CISOs, but should be required reading for other business leaders. It describes adrenaline junkies that fear burnout and worry about being scapegoats in an impossible position, but remain dedicated to their job. | Guideline | ||
|
2019-09-26 13:48:56 | (Déjà vu) Hackers Target Airbus Suppliers in Quest for Commercial Secrets (lien direct) | European aerospace giant Airbus has been hit by a series of attacks by hackers targeting its suppliers in search of commercial secrets, sources told AFP, adding they suspected a Chinese link. | |||
|
2019-09-26 12:36:59 | Cylance Founder Stuart McClure Leaves BlackBerry (lien direct) | Stuart McClure, the co-founder and CEO of Cylance, has decided to leave following BlackBerry's recent acquisition of his company. | |||
|
2019-09-26 11:38:46 | VMware Patches Critical Harbor Vulnerability (lien direct) | VMware this week released patches to address a critical vulnerability in Harbor, which was found to impact VMware Cloud Foundation and VMware Harbor Container Registry for PCF. | Vulnerability | ||
|
2019-09-26 11:13:01 | Airbus Hit by Series of Cyber Attacks on Suppliers: Security Sources (lien direct) | European aerospace giant Airbus has been hit by a series of attacks by hackers who have targeted its suppliers in their search for technical secrets, security sources told AFP, adding they suspected a China link. There have been four major attacks on Airbus in the last 12 months, according to two security sources involved in investigating the hacking. | |||
|
2019-09-26 08:46:48 | iOS 13 Bug Gives Third-Party Keyboards "Full Access" Permissions (lien direct) | An update that Apple will soon release for iOS 13 and iPadOS should resolve an issue that leads to third-party keyboard apps getting elevated permissions without the user's approval. | Guideline | ||
|
2019-09-26 07:14:27 | vBulletin Patches Vulnerability Exploited in the Wild (lien direct) | Developers of the vBulletin forum software have rushed to release a patch for a recently disclosed remote command execution vulnerability, but the flaw has already been exploited in the wild, with some claiming that its existence has been known for years. | Vulnerability | ||
|
2019-09-25 18:37:40 | Czech Intelligence Blames China for Major Cyber Attack (lien direct) | China was behind a major cyber attack at a key government institution in the Czech Republic last year, the EU member's intelligence agency said in a report Wednesday. | |||
|
2019-09-25 18:32:12 | POISON CARP Threat Actor Targets Tibetan Groups (lien direct) | A threat actor referred to as POISON CARP has targeted senior members of Tibetan groups via WhatsApp for around six months, Citizen Lab reveals. The attacks, carried out between November 2018 and May 2019, employed individually tailored WhatsApp text exchanges, where the attackers were posing as NGO workers, journalists, and other fake personas. | Threat | ||
|
2019-09-25 15:39:34 | Honeywell Launches \'Forge\' Industrial Cybersecurity Platform (lien direct) | Honeywell on Wednesday announced the launch of a new industrial cybersecurity platform designed to help organizations protect their operational technology (OT) and industrial internet of things (IIoT) assets from cyber threats. | |||
|
2019-09-25 14:22:23 | Organizations Warned of Dual Threat Posed by RDP and Disruptive Ransomware (lien direct) | In a paper warning about the evolution of what it calls 'disruptionware', the Institute for Critical Infrastructure Technology (ICIT) highlights ransomware and RDP access as the current focus of a new development that "sees adversaries disrupting business continuity" posing "an existential threat to critical infrastructure operators." | Ransomware Threat | ||
|
2019-09-25 13:49:48 | 60% of Major US Firms Have Been Hacked in Cloud: Study (lien direct) | Hackers have penetrated cloud computing networks of some 60 percent of top US companies, with virtually all industry sectors hit, security researchers said Tuesday. | |||
|
2019-09-25 12:27:59 | Tortoiseshell Targets U.S. Military Veterans in New Campaign (lien direct) | A recently discovered attack group referred to as Tortoiseshell has been targeting job seekers in the United States, especially military veterans, Cisco Talos' security researchers have discovered. | |||
|
2019-09-25 11:58:06 | Microsoft Makes Azure Sentinel Generally Available (lien direct) | Microsoft this week announced the general availability of Azure Sentinel, a cloud-based security information and event management (SIEM) platform aimed at identifying and blocking threats. | |||
|
2019-09-25 11:18:27 | Dell Unveils New Data Protection Appliances (lien direct) | Dell on Tuesday unveiled new EMC PowerProtect appliances and announced improvements to existing data protection and recovery products. | |||
|
2019-09-25 08:30:45 | Hacker Releases Exploit for vBulletin Zero-Day Vulnerability (lien direct) | A hacker has released an exploit for an unpatched remote command execution vulnerability affecting the vBulletin forum software. | Vulnerability | ||
|
2019-09-25 07:25:52 | \'xHunt\' Campaign Targets Kuwait Transportation and Shipping Sector (lien direct) | A campaign targeting transportation and shipping organizations based in Kuwait was observed employing previously undocumented tools, Palo Alto Networks reports. | |||
|
2019-09-24 18:56:47 | North Korean-Linked Dtrack RAT Discovered (lien direct) | An investigation into banking malware targeting India has led to the discovery of a new remote access Trojan (RAT) employed by the North Korean-linked Lazarus group, Kaspersky reports. | Malware Medical | APT 38 | |
|
2019-09-24 18:32:14 | Adobe Patches Critical Command Injection, Path Traversal Flaws in ColdFusion (lien direct) | Updates released by Adobe on Tuesday for its ColdFusion web application development platform address three vulnerabilities, including two that have been classified “critical.” | |||
|
2019-09-24 15:42:37 | Russian Pleads Guilty to Hacking U.S. Financial Firms (lien direct) | A Russian man this week pleaded guilty in a Manhattan federal court to the hacking of various financial institutions in the United States, including JPMorgan Chase and Dow Jones. | Guideline | ||
|
2019-09-24 14:19:40 | Additional U.S. Utilities Targeted With LookBack Malware (lien direct) | Proofpoint security researchers have observed a new series of phishing attacks targeting entities in the United States utilities sector in an attempt to deliver the LookBack remote access Trojan (RAT). | Malware | ||
|
2019-09-24 13:20:33 | Source Code Security Firm Cycode Launches With $4.6 Million in Funding (lien direct) | Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding. | |||
|
2019-09-24 13:03:50 | Cyber Insurance Firm Cowbell Emerges From Stealth With $3.3 Million Seed Funding (lien direct) | Pleasanton, California-based cyber insurance firm Cowbell Cyber has emerged from stealth, announcing its Cowbell Factor product with $3.3 million seed funding from leading insurance, cybersecurity and artificial intelligence venture funds, including ManchesterStory Group, Holmes Murphy & Associates, Tri-Valley Ventures and the Global Insurance Accelerator. | Guideline |
To see everything:
Our RSS (filtrered)
