What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-18 11:47:02 | StrongPity Targets Victims with Malicious WinBox Installer (lien direct) | A recently discovered ongoing campaign attributed to the StrongPity threat actor abuses malicious WinBox installers to infect victims, AT&T's Alien Labs security researchers reveal. | Threat | ||
|
2019-07-18 05:59:05 | Microsoft Reports Hundreds of Election-Related Cyber Probes (lien direct) | Microsoft says it has detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits. | |||
|
2019-07-18 05:52:03 | Vulnerability Allows Hackers to Take Control of Drupal 8 Websites (lien direct) | Drupal developers on Wednesday informed users that version 8.7.4 is affected by a potentially serious vulnerability, and advised them to update to version 8.7.5, which addresses the issue. | Vulnerability | ||
|
2019-07-18 05:01:04 | Ukrainian Hacker Sought by US Arrested (lien direct) | Ukraine has arrested an alleged major computer hacker who has been sought by the United States for years. The head of Ukraine's national security service Ivan Bakanov said Tuesday that Mykhailo Rytikov was arrested in the city of Odessa, in an operation conducted in coordination with Britain and the U.S. | |||
|
2019-07-17 16:10:00 | AMCA Breach Impacts 2.2 Million Patients of Clinical Pathology Laboratories (lien direct) | Clinical Pathology Laboratories (CPL) is the latest organization to inform customers that their personal information may have been compromised as a result of a data breach suffered by healthcare billing services provider American Medical Collection Agency (AMCA). | Data Breach | ||
|
2019-07-17 15:12:03 | EvilGnome Malware Helps Hackers Spy on Linux Users (lien direct) | Intezer security researchers have discovered a new backdoor targeting Linux systems with the purpose of spying on users. | Malware | ||
|
2019-07-17 14:40:02 | SLUB Backdoor Spreads via Newly Patched Vulnerability (lien direct) | The threat actor behind the SLUB backdoor has started abusing a recently patched Internet Explorer vulnerability for distribution purposes, Trend Micro's security researchers reveal. | Vulnerability Threat | ||
|
2019-07-17 13:35:00 | BMC Firmware Vulnerabilities Affect Lenovo, Gigabyte Servers (lien direct) | Researchers at firmware security company Eclypsium discovered that the baseboard management controller (BMC) shipped with some servers from Lenovo, Gigabyte and other vendors contains some potentially serious vulnerabilities. | |||
|
2019-07-17 12:07:02 | Endpoint Security Evolving Against Airport Searches, GDPR (lien direct) | Travel pressure around privacy and compliance is forcing mobile endpoint software to evolve. Media coverage of recent airport phone searches has privacy enthusiasts worried, and Europe's General Data Protection Regulation (GDPR) has IT security and compliance teams thinking about data-loss policies. | |||
|
2019-07-17 12:01:01 | Bulgarian IT Specialist Held Over Taxpayer Data Hack (lien direct) | A 20-year-old Bulgarian cybercrime specialist has been arrested over a hack and leak of a trove of taxpayer data, which authorities had initially suspected was a Russia-linked cyberattack, an official said Wednesday. | Hack | ||
|
2019-07-17 11:47:02 | Oracle\'s July 2019 CPU Includes 319 Fixes (lien direct) | Oracle this week published its July 2019 Critical Patch Update (CPU), which brings a total of 319 security fixes across numerous product families. While fewer than 200 of these vulnerabilities can be exploited remotely without authentication, over 50 of them are rated Critical severity, almost all of them featuring a CVSS score of 9.8. | ★★★★ | ||
|
2019-07-17 05:52:00 | Hackers Access Sprint Accounts via Samsung Website (lien direct) | US telecoms company Sprint has informed some customers that their Sprint accounts have been accessed by hackers via a Samsung website. | ★★★ | ||
|
2019-07-17 04:16:02 | Boost Infrastructure Immunity Against the Ransomware Epidemic (lien direct) | Despite the recent incidents at the City of Baltimore, aluminum giant Norsk Hydro, and ASCO Industries, ransomware attacks have declined in both 2018 and 2019. | Ransomware | ★★ | |
|
2019-07-16 17:23:01 | Enterprises Showing Increasing Backing of Zero Trust Authentication (lien direct) | Businesses Are Increasingly Adopting Zero-Trust Principles for Authentication in a Mobile World | ★★★ | ||
|
2019-07-16 17:11:02 | Cyberattacks Inflict Deep Harm at Technology-Rich Schools (lien direct) | Over six weeks, the vandals kept coming, knocking the school system's network offline several times a day. There was no breach of sensitive data files, but the attacks in which somebody deliberately overwhelmed the Avon Public Schools system in Connecticut still proved costly. Classroom lesson plans built around access to the internet had come to a halt. | ★★ | ||
|
2019-07-16 15:53:02 | Extenbro DNS-Changer Used in Adware Campaign (lien direct) | A recently observed DNS-changer Trojan is being used in an adware campaign to prevent users from accessing security-related websites, Malwarebytes reveals. | ★★★★★ | ||
|
2019-07-16 15:19:05 | Bulgaria Probes Russia-Linked Leak of Taxpayer Data (lien direct) | Bulgaria ordered Tuesday a probe into the leak of a trove of taxpayer data in a Russia-linked cyberattack that was disclosed on the same day the former Soviet satellite nation moved to buy US-made F-16 jet fighters. | ★★★ | ||
|
2019-07-16 14:47:02 | Thousands of Legacy Lenovo Storage Devices Exposed Millions of Files (lien direct) | Cybersecurity firms Vertical Structure and WhiteHat Security on Tuesday reported that their researchers discovered a serious vulnerability that gave remote attackers access to millions of files stored on thousands of exposed Lenovo network-attached storage (NAS) devices. | Vulnerability | ★★★★★ | |
|
2019-07-16 13:52:01 | Russia-linked Hackers Use New Trojans in Recent Attacks (lien direct) | Russia-linked threat group Turla has released new variants of the KopiLuwak Trojan in attacks detected since the beginning of this year, Kaspersky's security researchers reveal. | Threat | ★★★★★ | |
|
2019-07-16 12:10:01 | Security Teams Often Struggle to Get Developers on Board: GitLab Study (lien direct) | A GitLab study based on responses from over 4,000 software professionals shows a disconnect between developer and security teams, and suggests that good DevOps can be the solution to security problems. | ★★★ | ||
|
2019-07-16 10:48:03 | Why We Shouldn\'t Ignore The Male Majority When Pursuing an Inclusive Workplace (lien direct) | Cultural Change is Key to Making Hard-Earned Gains Persist Over Time | ★★★ | ||
|
2019-07-16 05:15:01 | (Déjà vu) Symantec Shares Plunge After Reports of Broadcom Deal Stall (lien direct) | Shares of cybersecurity giant Symantec plunged on Monday following reports that the company's acquisition talks with Broadcom have stalled due to a disagreement over price. Several major news outlets reported in early July that chipmaker Broadcom had been in advanced talks to acquire Symantec in a deal that could exceed $15 billion. | |||
|
2019-07-16 04:19:04 | (Déjà vu) Old Software Makes New Electoral Systems Ripe for Hacking (lien direct) | Pennsylvania's message was clear: The state was taking a big step to keep its elections from being hacked in 2020. Last April, its top election official told counties they had to update their systems. So far, nearly 60% have taken action, with $14.15 million of mostly federal funds helping counties buy brand-new electoral systems. | |||
|
2019-07-15 12:42:03 | Instagram Account Takeover Vulnerability Earns Hacker $30,000 (lien direct) | A researcher claims to have received $30,000 from Facebook after discovering a critical vulnerability that could have been exploited to easily hack Instagram accounts. India-based bug bounty hunter Laxman Muthiyah discovered the security hole while analyzing Instagram's password recovery system for mobile devices. | Hack Vulnerability | ||
|
2019-07-15 10:37:04 | Hackers Can Manipulate Media Files Transferred via WhatsApp, Telegram (lien direct) | Hackers can manipulate media files transferred by users through the WhatsApp and Telegram messaging applications due to the way the Android operating system allows apps to access files in external storage, Symantec warned on Monday. | |||
|
2019-07-15 10:20:03 | As Ransomware Rages, Debate Heats Up on Response (lien direct) | 
|
Ransomware | ||
|
2019-07-15 01:15:05 | Huawei Planning Major Job Cuts in US: WSJ (lien direct) | Chinese telecoms giant Huawei, which is subject to US sanctions over concerns about its ties to the government in Beijing, is planning to make major job cuts at its US operations, The Wall Street Journal reported Sunday. | ★★ | ||
|
2019-07-14 01:23:01 | $5 Billion US Fine Set for Facebook on Privacy Probe: Report (lien direct) | US regulators have approved a $5 billion penalty to be levied on Facebook to settle a probe into the social network's privacy and data protection lapses, the Wall Street Journal reported Friday. | |||
|
2019-07-12 17:55:02 | Magecart Hackers Infect 17,000 Domains via Insecure S3 Buckets (lien direct) | The Magecart hackers have managed to infect over 17,000 domains by targeting improperly secured Amazon S3 buckets, RiskIQ reports. | |||
|
2019-07-12 16:15:04 | Adoption of AI-enhanced Cybersecurity is Growing Rapidly: Report (lien direct) | The pace of machine learning adoption for cybersecurity is increasing. This may appear to be obvious (virtually no new security product or version is released without claim to artificial intelligence), but a new report confirms this with hard figures. While around 20% of firms used ML prior to 2019, closer to 60% will be using it by the end of the year. | |||
|
2019-07-12 15:36:01 | Bipartisan Legislation to Require DHS Alerts on Election Hacking (lien direct) | Bipartisan legislation formally unveiled this week would require the Department of Homeland Security to send notifications on breaches affecting the election systems. | |||
|
2019-07-12 15:28:05 | Mac Zoom Web Server Allows for Remote Code Execution (lien direct) | The web server that the Zoom Client installs on Macs can be abused to execute code remotely, security researchers have discovered. | |||
|
2019-07-12 13:39:05 | FIRST Announces CVSS Version 3.1 (lien direct) | The Forum of Incident Response and Security Teams (FIRST) on Friday announced version 3.1 of the Common Vulnerability Scoring System (CVSS). CVSS is a widely adopted standard for rating the severity of software vulnerabilities, and it provides a framework for communicating the characteristics and impact of security flaws. | Vulnerability | ||
|
2019-07-12 12:20:03 | U.S. Mayors Pledge Not to Give in to Ransomware Demands (lien direct) | The United States Conference of Mayors has promised that its members will “stand united” against paying ransoms in case their systems are hit by ransomware. | Ransomware | ||
|
2019-07-12 09:12:05 | Incident Response is Changing, Here\'s Why and How (lien direct) | Organizations can no longer simply dust off their incident response (IR) plan when a breach happens. If you haven't gone through the rigors of various exercises to know what to expect and what to do, pulling out your IR plan during a cyber attack or after a breach has occurred has little impact. Zero-dollar IR retainers aren't the best path forward either. They're cost effective if you aren't breached, but breaches happen. | |||
|
2019-07-12 09:02:04 | Japan Firm Says $32 Million Missing in Cryptocurrency Hack (lien direct) | Tokyo-based cryptocurrency exchange said Friday it had halted all services after losing cryptocurrency worth more than $32 million in the latest apparent hack involving virtual money. | Hack | ||
|
2019-07-12 07:43:02 | Flaw in Walkie-Talkie App on Apple Watch Allows Spying (lien direct) | Apple has disabled the Walkie-Talkie app on the Apple Watch after learning of a serious vulnerability that can be exploited to spy on users. | Vulnerability | ||
|
2019-07-12 06:51:00 | Premera Blue Cross Pays States $10 Million Over Data Breach (lien direct) | Premera Blue Cross, the largest health insurer in the Pacific Northwest, has agreed to pay $10 million to 30 states following an investigation into a data breach that exposed confidential information on more than 10 million people across the country. | Data Breach | ||
|
2019-07-12 04:36:05 | Human Workers Can Listen to Google Assistant Recordings (lien direct) | Google contractors regularly listen to and review some recordings of what people say to artificial-intelligence system Google Assistant, via their phone or through smart speakers such as the Google Home. | |||
|
2019-07-11 19:31:00 | Mozilla Introduces Grizzly Browser Fuzzing Framework (lien direct) | Mozilla this week made public a new browser fuzzing framework designed to enable the fast deployment of fuzzers at scale. | |||
|
2019-07-11 17:25:03 | (Déjà vu) Mozilla Moves to Deny UAE Firm\'s Root Inclusion Request (lien direct) | Mozilla is taking the first step toward denying a request by United Arab Emirates-based DarkMatter to be included as a top-level certificate authority in Mozilla's root certificate program. | |||
|
2019-07-11 17:05:02 | State of the Industry: Interoperability and Putting Security First (lien direct) | Cybersecurity spending has outpaced general IT spend for the last few years, and in 2019 with budgets growing up to 5 percent according to some analysts, this trend is clearly continuing. | ★★★★★ | ||
|
2019-07-11 16:53:05 | Apple Steps in: Removes Zoom Web Server From All Macs (lien direct) | Apple on Wednesday released an update to remove the Zoom web server from all Macs, following controversy that it puts users' security at risk. | |||
|
2019-07-11 16:47:03 | In an Interconnected World, Data Security is a Shared Responsibility (lien direct) | Taking active steps to safeguard your organization's digital presence on and offline is not a new recommendation; if anything, elaborate security measures are emblematic of our times. Passwords, multi-factor access protocols, biometrics and other forms of user authentication have become standard, and for good reason: the incidence of data loss, theft and misuse is huge. | |||
|
2019-07-11 16:00:00 | Users Unable to Log on to Windows Due to McAfee Update (lien direct) | An update released recently by McAfee for one of its products is preventing Windows users from logging on to their systems, and some major organizations appear to have been affected. | |||
|
2019-07-11 14:15:01 | Archive Server of Pale Moon Open Source Browser Hacked (lien direct) | Developers of the open source web browser Pale Moon revealed on Wednesday that the project's archive server was compromised and all executable files were infected with malware. | |||
|
2019-07-11 13:30:02 | Widely Used Kiosks Compromised by Hardcoded Credentials (lien direct) | Hardcoded Credentials in Kiosk Software Allowed Remote Attackers to Compromise API | |||
|
2019-07-11 12:21:04 | enSilo Raises $23 Million in Series B Funding (lien direct) | Endpoint security firm enSilo on Thursday announced new capabilities for its platform, a $23 million Series B funding round, and significant revenue growth. | |||
|
2019-07-11 12:10:02 | SAP Patches Critical Flaw in Diagnostics Agent (lien direct) | SAP this week released 11 Security Notes as part of the Patch Day – July 2019, one of which was a Hot News Note addressing a Critical vulnerability in Diagnostics Agent. Tracked as CVE-2019-0330 and featuring a CVSS score of 9.1, the bug is an OS command injection that could lead to the compromise of the entire SAP system. | Vulnerability Guideline | ||
|
2019-07-11 09:47:02 | Buhtrap Group Used Windows Zero-Day in Government Attack (lien direct) | One of the two Windows zero-day vulnerabilities fixed by Microsoft with its July 2019 Patch Tuesday updates was used by a threat group known as Buhtrap to target a government organization in Eastern Europe, according to cybersecurity firm ESET. | Threat |
To see everything:
Our RSS (filtrered)
